瑞星卡卡安全论坛
liliok - 2012-3-20 12:43:00
开机时瑞星提示:“已阻止NOTEPAD。EXE。。。恶意操作。。。”
请帮我看看日志是否有病毒木马???谢谢!
[CODE]
2012-03-19,18:47:04
System Repair Engineer 2.8.4.1331 Emergency Scan Mode
Smallfrogs (
http://www.KZTechs.com)
Windows XP Professional Service Pack 3 (Build 2600)
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描
计划任务
Windows 安全更新检查
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Component Publisher]
<rulestarter><%systemroot%\system32\RTRsca.exe> [C-Eagle[冷鹰安全防御团队]]
<rulestarter2><%systemroot%\system32\rulestarter.exe> [C-Eagle]
<aliim><F:\旺旺\AliIM.exe /run:auto> [(Verified)TaoBao(china) Software Co., Ltd]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<wdcertm_ccb><C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDCertM_CCB.exe> [ Beijing WatchData System Co., Ltd.]
<CCBCertificate><C:\Program Files\CCBComponents\DMWZ\CCBCertificate.exe> []
<StartCCC><"C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun> [File is missing]
<RavTRAY><"D:\Rising\RAV\RSTRAY.EXE" -system> [(Verified)Beijing Rising Information Technology Corporation Limited]
<RFWTRAY><"E:\Rising\RFW\RSTRAY.EXE" -system> [(Verified)Beijing Rising Information Technology Corporation Limited]
<HDAudDeck><C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1> [File is missing]
<ACPW05EN><; "F:\工具软件\ACDSee Pro\ACDSeeProInTouch2.exe" /pid ACPW05EN> [File is missing]
<EOL Local Server><; "C:\OnlineExam\LocalServer.exe"> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<ineax><C:\seup.exe> [(Verified)Sogou.com]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<PostBootReminder><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher]
<CDBurn><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher]
<WebCheck><C:\WINDOWS\system32\webcheck.dll> [(Verified)Microsoft Windows]
<SysTray><C:\WINDOWS\system32\stobject.dll> [(Verified)Microsoft Windows Component Publisher]
<WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
<WinlogonNotify: crypt32chain><crypt32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
<WinlogonNotify: cryptnet><cryptnet.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
<WinlogonNotify: cscdll><cscdll.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
<WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
<WinlogonNotify: ScCertProp><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
<WinlogonNotify: Schedule><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
<WinlogonNotify: sclgntfy><sclgntfy.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
<WinlogonNotify: SensLogn><WlNotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
<WinlogonNotify: termsrv><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
<WinlogonNotify: wlballoon><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
<{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
<Internet Explorer 版本更新><C:\WINDOWS\system32\ieudinit.exe> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
<Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
<Browser Customizations><"C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
<浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
<Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
<Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -BaseSettings> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<BaofengPlatform><; "F:\工具软件\Baofeng\StormPlayer\BaofengPlatform.exe" /autorun> [(Verified)北京暴风网际]
<DriverGenius><; D:\DriverGenius2011\DriverGenius.exe -static> [(Verified)Mydrivers Information Technology Co., Ltd (ZhengZhou)]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<Grid Service><; "C:\Program Files\GridService\peer.exe" -n Grid> [FS2YOU]
<kugou><; "F:\工具软件\kugoo\KuGoo.exe" min> [File is missing]
<KuGou7><; "C:\Program Files\KuGou7\KuGou7.exe" -Mini> [(Verified)Guangzhou Kugou Computer Technology Co., Ltd.]
<PPS Accelerator><; F:\工具软件\PPStream\ppsap.exe> [(Verified)SHANGHAI ZHONGYUAN NETWORKS LIMITED]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<QvodTerminal><; "H:\QvodPlayer\QvodTerminal.exe" -autorun> [(Verified)Shenzhen QVOD Technology Co.,Ltd]
<RSATRAY><; "C:\Program Files\Rising\RSA\tray.exe" -system> [File is missing]
<Stormtray><; F:\工具软件\STORM2~1.06\Stormtray.exe /Start> [File is missing]
<ultra_videoconverter><; C:\Program Files\Aabaf\Ouyd.exe /ultra_videoconverter> [File is missing]
<USBKeyTools.exe><; C:\Program Files\CCBComponents\HDZB\USBKeyTools.exe> [北京华大智宝电子系统有限公司]
<Xdict><; F:\工具软件\PowerWord2011.50000.5000\PowerWordPE\Xdict.exe auto_run> [File is missing]
==================================
启动文件夹
[宽带连接]
<C:\Documents and Settings\lenovo\「开始」菜单\程序\启动\宽带连接.lnk --> [File is missing]><N>
==================================
服务
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
<C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[Help and Support / helpsvc][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
[HDZB Comm Service For V2.0 / HZ_CommSrv][Running/Auto Start]
<C:\WINDOWS\system32\HZ_CommSrv.exe><华大智宝电子系统有限公司>
[VIA Karaoke digital mixer Service / KaraokeService][Running/Auto Start]
<C:\WINDOWS\system32\KaraokeSer.exe><VIA Technologies, Inc.>
[PIPIStartSvr / PIPIStartSvr][Stopped/Disabled]
<C:\Program Files\pipi\PIPIStartSvr.exe><(File is missing)>
[Rsd Service / RsMgrSvc][Running/Auto Start]
<"C:\Program Files\Rising\RSD\RsMgrSvc.exe"><Beijing Rising Information Technology Co., Ltd.>
[Rav Service / RsRavMon][Running/Auto Start]
<"D:\Rising\RAV\RavMonD.exe"><Beijing Rising Information Technology Co., Ltd.>
[RFW Service / RsRFWMon][Running/Auto Start]
<"E:\Rising\RFW\RavMonD.exe"><Beijing Rising Information Technology Co., Ltd.>
[ServiceLayer / ServiceLayer][Stopped/Disabled]
<"C:\Program Files\PC Connectivity Solution\ServiceLayer.exe"><Nokia>
[System Restore Service / srservice][Stopped/Disabled]
<C:\WINDOWS\system32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\srsvc.dll><N/A>
[WatchData ccb V3.2 / WDMonitorCCB][Running/Auto Start]
<C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDKeyMonitorCCB.exe><Beijing WatchData System Co., Ltd.>
[webboost / webboost][Running/Auto Start]
<"C:\Program Files\Rising\RSE\webboost.exe"><Beijing Rising Information Technology Co., Ltd.>
==================================
驱动程序
[amdide / amdide][Running/Boot Start]
<\SystemRoot\system32\drivers\amdide.sys><Advanced Micro Devices>
[AMD HwPState Processor Driver / AmdPPM][Running/System Start]
<system32\DRIVERS\AmdPPM.sys><Advanced Micro Devices>
[Apaidi / Apaidi][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\Apaidi.sys><N/A>
[ati2mtag / ati2mtag][Running/Manual Start]
<system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[ATI Function Driver for HD Audio Service / AtiHDAudioService][Stopped/Manual Start]
<system32\drivers\AtihdXP3.sys><ATI Technologies, Inc.>
[ComputerZ / ComputerZ][Stopped/Manual Start]
<\??\F:\工具软件\Ludashi\ComputerZ.sys><360.cn>
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start]
<system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[hooksys / hooksys][Running/System Start]
<\??\C:\WINDOWS\system32\drivers\Hooksys.sys><Beijing Rising Information Technology Co., Ltd.>
[HookTdi / HookTdi][Running/System Start]
<\??\C:\WINDOWS\system32\drivers\HookTdi.sys><Beijing Rising Information Technology Co., Ltd.>
[HpqKbFilter Driver / HpqKbFiltr][Running/Manual Start]
<system32\DRIVERS\HpqKbFiltr.sys><Hewlett-Packard Development Company, L.P.>
[HyperVM / HyperVM][Running/System Start]
<\??\C:\WINDOWS\system32\drivers\hvm.sys><Beijing Rising Information Technology Co., Ltd.>
[NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller / L1c][Running/Manual Start]
<system32\DRIVERS\l1c51x86.sys><Atheros Communications, Inc.>
[Nokia USB Phone Parent Driver / nmwcd][Stopped/Manual Start]
<system32\drivers\ccdcmb.sys><Nokia>
[Nokia USB Communication Driver / nmwcdc][Stopped/Manual Start]
<system32\drivers\ccdcmbo.sys><Nokia>
[PCCS Mode Change Filter Driver / pccsmcfd][Stopped/Manual Start]
<system32\DRIVERS\pccsmcfd.sys><Nokia>
[AMD PCNET Compatable Adapter Driver / PCnet][Stopped/Manual Start]
<system32\DRIVERS\pcntpci5.sys><AMD Inc.>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[rfwaf / rfwaf][Running/Auto Start]
<\??\E:\Rising\RFW\rfwaf.sys><Beijing Rising Information Technology Co., Ltd.>
[Rising RfwARP Driver / RFWARP][Running/Auto Start]
<system32\DRIVERS\rfwarp.sys><Beijing Rising Information Technology Co., Ltd.>
[Rising RfwNdis Driver / RFWNDIS][Running/Manual Start]
<system32\DRIVERS\rfwndis.sys><Beijing Rising Information Technology Co., Ltd.>
[rfwtdi / rfwtdi][Running/Auto Start]
<\??\E:\Rising\RFW\rfwtdi.sys><Beijing Rising Information Technology Co., Ltd.>
[rsd protect / rsdsys][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\protreg.sys><Beijing Rising Information Technology Co., Ltd.>
[rsfwdrv / rsfwdrv][Running/Auto Start]
<\??\E:\Rising\RFW\rsfwdrv.sys><Beijing Rising Information Technology Co., Ltd.>
[Service for HDMI / RTHDMIAzAudService][Running/Manual Start]
<system32\drivers\RtKHDMI.sys><Realtek Semiconductor Corp.>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[SMBALI / SMBALI][Stopped/System Start]
<system32\DRIVERS\SMBALI.sys><N/A>
[SMBHC / SMBHC][Stopped/System Start]
<system32\DRIVERS\SMBHC.sys><N/A>
[System Restore Filter Driver / SR][Stopped/Disabled]
<system32\DRIVERS\sr.sys><N/A>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
<system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[upperdev / upperdev][Stopped/Manual Start]
<system32\DRIVERS\usbser_lowerflt.sys><Nokia>
[UsbserFilt / UsbserFilt][Stopped/Manual Start]
<system32\DRIVERS\usbser_lowerfltj.sys><Nokia>
[VIA High Definition Audio Driver Service / VIAHdAudAddService][Running/Manual Start]
<system32\drivers\viahduaa.sys><VIA Technologies, Inc.>
[YLMF Virtual Diskette V1 / YLMFVDISK][Running/Auto Start]
<system32\drivers\VirtDisk.sys><N/A>
用户系统信息:Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; InfoPath.1)
liliok - 2012-3-20 12:44:00
==================================
浏览器加载项
[Tencent Browser Helper]
{43A497FF-2B6A-5F99-6514-EA9C6B592B6A} <C:\Program Files\TENCENT\SSPlus\SAddr.dll, (Signed) 腾讯>
[Netease MailAssist Helper]
{6bc7458e-b80e-4b79-8aa8-04d56fb51067} <C:\Program Files\Netease\Netease MailAssist\Internet Explorer\MailAssist.dll, (Signed) NetEase.com,Inc>
[QvodExtend]
{A8502600-B272-4F68-A67B-A0305D46D297} <H:\QvodPlayer\QvodExtend.dll, (Signed) Shenzhen QVOD Technology Co.,Ltd>
[信息检索(&R)]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <D:\office\OFFICE11\REFIEBAR.DLL, (Signed) Microsoft Corporation>
[赛飞OA-OFFICE文档控件]
{01DFB4B4-0E07-4E3F-8B7A-98FD6BFF153F} <C:\WINDOWS\Downloaded Program Files\OfficeControl.ocx, N/A>
[QQCertificateCtrl Class]
{BAEA0695-03A4-43BB-8495-C7025E1A8F42} <C:\Program Files\Common Files\tencent\paycenter\qqcert.dll, (Signed) Tencent>
[]
{E1849EE3-AC12-42E8-BC2C-D15D0F7CCD4A} <, >
[ADODB.Recordset]
{00000535-0000-0010-8000-00AA006D2EA4} <C:\Program Files\Common Files\System\ado\msado15.dll, (Signed) Microsoft Corporation>
[赛飞OA-OFFICE文档控件]
{01DFB4B4-0E07-4E3F-8B7A-98FD6BFF153F} <C:\WINDOWS\Downloaded Program Files\OfficeControl.ocx, N/A>
[PlayCtrl Class]
{02E2D748-67F8-48B4-8AB4-0A085374BB99} <H:\BaiduPlayer\1.0.28.52\Xbdyy.dll, N/A>
[FoxitReaderOCX Control]
{05563215-225C-45EB-BB34-AFA47217B1DE} <C:\PROGRA~1\FOXITS~1\FOXITR~1\plugins\FOXITR~1.OCX, (Signed) Foxit Corporation>
[]
{08D512D2-7D97-4E22-B7DB-82791106C086} <, >
[Player Class]
{11F2A418-94B2-4e16-9B0C-B00C0435F903} <F:\QQ直播\LiveMedia.dll, (Signed) Tencent>
[KuGoo3Down Control]
{162AF25B-5A2A-448E-A842-194653EF3E05} <C:\PROGRA~1\KuGou7\KUGOO3~1.OCX, (Signed) 广州酷狗计算机科技有限公司>
[Fade]
{16B280C5-EE70-11D1-9066-00C04FD9189D} <C:\WINDOWS\system32\Dxtmsft.dll, (Signed) Microsoft Corporation>
[Windows Genuine Advantage Validation Tool]
{17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\LegitCheckControl.dll, (Signed) Microsoft Corporation>
[]
{1A3440C6-F123-4CAB-84EE-C814E1AE0D8F} <, >
[WWPicUploadCtrl Class]
{1D63232D-4F15-4A42-890D-EE617AA1537D} <F:\旺旺\modules\1685\WWPictureUpload.dll, (Signed) Alibaba software (Shanghai) Corporation>
[InstallHelper Class]
{1DABF8D5-8430-4985-9B7F-A30E53D709B3} <C:\WINDOWS\system32\MMInstaller.dll, (Signed) Tencent>
[iTrusPTA Class]
{1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\aliedit\2.4.0.5\pta.dll, (Signed) iTruschina Co., Ltd.>
[InfoScan Control]
{1F14548F-6975-40F1-AE24-6E2D1D449B2F} <C:\PROGRA~1\CCBCOM~1\Detector\InfoScan.dll, CCB>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, (Signed) Microsoft Corporation>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <C:\WINDOWS\system32\mshtml.dll, (Signed) Microsoft Corporation>
[SSOLoginCtrl Class]
{26C3F8B0-0217-46A1-AB2D-A1B494E71402} <F:\旺旺\AliIMSSOLogin.dll, (Signed) 阿里巴巴(中国)有限公司>
[XML DOM Document]
{2933BF90-7B36-11D2-B20E-00C04F983E60} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation>
[IETag Factory]
{38481807-CA0E-42D2-BF39-B33AF135CC4D} <C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, (Signed) Microsoft Corporation>
[]
{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <, >
[XML Document]
{48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[EditCtrl Class]
{488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\2.4.0.5\aliedit.dll, (Signed) >
[]
{528D9365-F531-4A73-82B1-DC54B7DD692D} <, >
[Shell Name Space]
{55136805-B2DE-11D1-B9F2-00A0C98BC547} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>
[UDiskAgentObj Control]
{58C094A4-645C-4CB3-B4AB-FEAEF6C84D7A} <C:\PROGRA~1\115\UDown\UDOWNA~2.DLL, (Signed) >
[SetupCtrl Class]
{5C4500A9-0BE9-434E-B807-118E6E5EA3B6} <C:\WINDOWS\Downloaded Program Files\655368\SetupAx.dll, N/A>
[WangWangX Class]
{5D09DD40-CDC4-4C56-B615-0D1E3B357C2B} <F:\旺旺\AliIMX.dll, (Signed) >
[QQLiveOcx Class]
{5EF7B131-C278-4034-BC88-2CE28B128681} <F:\QQ直播\LiveOcx\LiveOcx.dll, (Signed) Tencent>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, (Signed) Microsoft Corporation>
[QQLiveFile Class]
{6B232760-90F1-41c3-9902-C8552C1D8A72} <F:\QQ直播\LiveOcx\FileVersion.dll, (Signed) Tencent>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[MUWebControl Class]
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, (Signed) Microsoft Corporation>
[CertEnroll Class]
{7978461C-CC22-48F2-BC69-02220D3E101D} <C:\WINDOWS\system32\aliedit\2.4.0.5\itrusenroll.dll, (Signed) iTruschina Co., Ltd.>
[QvodShare Class]
{7C6D5EE5-C859-4B49-8F7B-DE0927D1C3E9} <H:\QvodPlayer\ShareModule.dll, (Signed) TODO: <公司名>>
[Peer Adapter]
{80E18282-3716-48CA-B50C-F7B7F6A32791} <, >
[]
{87515F61-A66C-4319-A0E0-D416CB8059E3} <, >
[Microsoft Web Browser]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>
[XML DOM Document 5.0]
{88D969E5-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll, (Signed) Microsoft Corporation>
[XML DOM Document 6.0]
{88D96A05-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[XML HTTP 6.0]
{88D96A0A-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[CEBViewer Control]
{898BAE86-7986-4177-B17F-B9D23C53649C} <C:\Program Files\协同办公客户端组件\apabi client\CEBViewer.ocx, founder>
[]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <, >
[]
{95B3F550-91C4-4627-BCC4-521288C52977} <, >
[]
{A8DC7D60-AD8F-491E-9A84-8FF901E7556E} <, >
[Netease MailAssist Factory]
{A8E975F8-E5E3-4D78-AA9A-381CF4F038F7} <C:\Program Files\Netease\Netease MailAssist\Internet Explorer\MailAssist.dll, (Signed) NetEase.com,Inc>
[]
{AC414988-E5BB-4C2C-873B-EA53D2F3D23A} <, >
[]
{AE460AD7-D678-43BB-B4DF-394B2D0C4E52} <, >
[QQCertificateCtrl Class]
{BAEA0695-03A4-43BB-8495-C7025E1A8F42} <C:\Program Files\Common Files\tencent\paycenter\qqcert.dll, (Signed) Tencent>
[InfosecCCBNetSign Class]
{BC96F5A4-C930-4226-ADAB-59349AE585E9} <C:\Program Files\CCBComponents\Detector\CCBNetSignCom.dll, (Signed) Infosec Technologies Co., Ltd.>
[FTNUpload Class]
{BDEACC50-F56D-4D60-860F-CF6ED1766D65} <C:\Program Files\Common Files\Tencent\TXFTN\TXFTNActiveX1.13.dll, (Signed) Tencent>
[CheckReader Class]
{C9E75CAD-ACA5-4074-81CC-5448FCCFE987} <C:\Program Files\Founder\Apabi Reader 3.0\Check.dll, >
[AUDIO__MP3 Moniker Class]
{CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[AUDIO__WAV Moniker Class]
{CD3AFA7B-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
{CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
{CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
{CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[WDCCBCtrl Class]
{CE0460F5-48BD-4DC1-A046-0BDCB5A06CEB} <C:\WINDOWS\system32\wdccb.dll, (Signed) >
[iTudouAgent.CompCls]
{CF223950-14DC-4A1D-AEDB-47C356A8B993} <F:\工具软件\iTudou\ITUDOU~1.DLL, (Signed) 土豆网>
[Microsoft Url Search Hook]
{CFBFAE00-17A6-11D0-99CB-00C04FD64497} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>
[]
{D18A0B52-D63C-4ED0-AFC6-C1E3DC1AF43A} <, >
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10i.ocx, (Signed) Adobe Systems, Inc.>
[QQLive Class]
{D9EBCF5D-3F8F-4b6a-89BA-70577BE73C62} <F:\QQ直播\LiveAPI.dll, (Signed) Tencent>
[Tencent SearchHook]
{DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} <C:\Program Files\TENCENT\SSPlus\SAddr.dll, (Signed) 腾讯>
[]
{DD5BF6D1-6663-47E0-9DFA-5C343CAF178E} <, >
[Microsoft Silverlight]
{DFEAF541-F3E1-4C24-ACAC-99C30715084A} <C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll, (Signed) Microsoft Corporation>
[PlayerCtrl Class]
{E05BC2A3-9A46-4A32-80C9-023A473F5B23} <C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQMusic\bin\QQMusic\QzoneMusic.dll, (Signed) Tencent>
[]
{E1849EE3-AC12-42E8-BC2C-D15D0F7CCD4A} <, >
[]
{E2E2DD38-D088-4134-82B7-F2BA38496583} <, >
[QQPasswordCtrl Class]
{E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\Program Files\Common Files\tencent\paycenter\qqedit.dll, (Signed) Tencent>
[GetPcSn Class]
{E9535769-DE27-4E6B-8648-3E65AAAB31DA} <E:\游戏\iGame\CgActiveXOcx.ocx, SZWY>
[SSOForPTLogin2 Class]
{EAAED308-7322-4B9B-965E-171933ADD473} <C:\Program Files\Common Files\Tencent\TXSSO\1.2.1.20\Bin\SSOAxCtrlForPTLogin.dll, (Signed) >
[TimwpDll.TimwpCheck]
{ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4} <C:\PROGRA~1\Tencent\QQ\Bin\Timwp.dll, (Signed) Tencent>
[XML HTTP Request]
{ED8C108E-4349-11D2-91A4-00C04F7969E8} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[]
{EEA17418-02F2-4278-B6B4-E9ED642CE26A} <, >
[PPLive Lite Class]
{EF0D1A14-1033-41A2-A589-240C01EDC078} <C:\Program Files\Internet Explorer\PPLite\plugin\pplugin2.dll, (Signed) >
[QvodCtrl Class]
{F3D0D36F-23F8-4682-A195-74C92B03D4AF} <H:\QvodPlayer\npQvodInsert.dll, (Signed) Shenzhen QVOD Technology Co.,Ltd>
[XML DOM Document 3.0]
{F5078F32-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[XML HTTP 3.0]
{F5078F35-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[AxPlayer Class]
{F587310D-5306-494D-87E2-88334B46E781} <F:\工具软件\Baofeng\StormPlayer\webplayer\PlayerShell.dll, (Signed) 北京暴风科技股份有限公司>
[XML DOM Document]
{F6D90F11-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[XML HTTP]
{F6D90F16-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[QQLiveOcxShell Class]
{F7E55BDF-9528-46ba-B550-777859627591} <F:\QQ直播\LiveOcx\LiveOcx.dll, (Signed) Tencent>
[webmod Class]
{FEE3C8C5-9BEA-4079-AB36-63ECABFC7392} <C:\WINDOWS\system32\aliedit\2.4.0.5\alidcp.dll, (Signed) Alipay.com Co.,Ltd>
[&D&ownload &with BitComet]
<res://F:\工具软件\BitComet_1.27\BitComet.exe/AddLink.htm, N/A>
[&D&ownload all with BitComet]
<res://F:\工具软件\BitComet_1.27\BitComet.exe/AddAllLink.htm, N/A>
[&使用115优蛋下载]
<C:\Program Files\115\UDown\getUrl.htm, N/A>
[&使用115优蛋下载全部链接]
<C:\Program Files\115\UDown\getAllUrl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
<res://D:\office\OFFICE11\EXCEL.EXE/3000, N/A>
==================================
正在运行的进程
[PID: 920 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 984 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1024 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\Ati2evxx.dll] [ATI Technologies Inc., 6.14.10.4179]
[C:\WINDOWS\system32\atiadlxx.dll] [Advanced Micro Devices, Inc., 6.14.10.1061]
[PID: 1068 / SYSTEM][C:\WINDOWS\system32\services.exe] [(Verified) Microsoft Corporation, 5.1.2600.5922 (xpsp_sp3_qfe.091223-1723)]
[PID: 1080 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1260 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc., 6.14.10.4254]
[C:\WINDOWS\system32\Ati2edxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2514]
[C:\WINDOWS\system32\atipdlxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2563]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1280 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1356 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1532 / SYSTEM][C:\Program Files\Rising\RSD\RsMgrSvc.exe] [Beijing Rising Information Technology Co., Ltd., 1.0.0.38]
[C:\Program Files\Rising\RSD\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.4]
[C:\Program Files\Rising\RSD\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1552 / SYSTEM][D:\Rising\RAV\RavMonD.exe] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 14]
[D:\Rising\RAV\combase.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 23]
[D:\Rising\RAV\rsconf.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.8]
[D:\Rising\RAV\scansrvp.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.12]
[D:\Rising\RAV\cnt09.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1]
[D:\Rising\RAV\moncomm.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.3]
[D:\Rising\RAV\MonBase.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1]
[D:\Rising\RAV\Rslog.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.26]
[D:\Rising\RAV\RsStore.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.12]
[D:\Rising\RAV\mondrvd.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 11]
[D:\Rising\RAV\defmon.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 62]
[D:\Rising\RAV\moncom08.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.2]
[D:\Rising\RAV\taskplug.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.2]
[D:\Rising\RAV\mondrvm.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 8]
[D:\Rising\RAV\MonRule.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 33]
[D:\Rising\RAV\FileMon.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 34]
[D:\Rising\RAV\MailMon.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 56]
[D:\Rising\RAV\rsindent.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.1.0]
[D:\Rising\RAV\cnt08.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[D:\Rising\RAV\proccomm.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.2]
[D:\Rising\RAV\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.4]
[D:\Rising\RAV\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1]
[D:\Rising\RAV\Hooksys.dll] [Beijing Rising Information Technology Co., Ltd., 25, 0, 0, 8]
[D:\Rising\RAV\ProcCom.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
[D:\Rising\RAV\RsCommX2.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
[D:\Rising\RAV\rstask.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 8]
[D:\Rising\RAV\rsstub.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1]
[D:\Rising\RAV\rslang.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1]
[D:\Rising\RAV\hookTdi.dll] [Beijing Rising Information Technology Co., Ltd., 25, 0, 0, 9]
[D:\Rising\RAV\BACore.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 99]
[D:\Rising\RAV\rsnetsvr.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.12]
[D:\Rising\RAV\bawhite.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 5]
[D:\Rising\RAV\ScanAdd.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.31]
[D:\Rising\RAV\Scanner.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 70]
[D:\Rising\RAV\recomp.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 12]
[D:\Rising\RAV\refs.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3]
[D:\Rising\RAV\viruslib.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 8]
[D:\Rising\RAV\relibldr.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1]
[D:\Rising\RAV\ScanSrv.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 17]
[D:\Rising\RAV\scanpe.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 30]
[D:\Rising\RAV\pearc.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 8]
[D:\Rising\RAV\engext.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 33]
[D:\Rising\RAV\vmicore.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 19]
[D:\Rising\RAV\ffr.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3]
[D:\Rising\RAV\nvfile.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 7]
[D:\Rising\RAV\scantj.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 9]
[D:\Rising\RAV\extsfx.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 9]
[D:\Rising\RAV\scanexec.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 8]
[D:\Rising\RAV\unexe.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 0]
[D:\Rising\RAV\scanex.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 13]
[D:\Rising\RAV\scansct.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1]
[D:\Rising\RAV\ur029.dat] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 2]
[D:\Rising\RAV\extarch.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 15]
[D:\Rising\RAV\extcomp.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 6]
[D:\Rising\RAV\extole.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 2]
liliok - 2012-3-20 12:46:00
[PID: 1588 / SYSTEM][E:\Rising\RFW\RavMonD.exe] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 14]
[E:\Rising\RFW\combase.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 23]
[E:\Rising\RFW\cnt09.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1]
[E:\Rising\RFW\MonBase.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1]
[E:\Rising\RFW\MonComm.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.3]
[E:\Rising\RFW\rsconf.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.8]
[E:\Rising\RFW\rfwlog.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.7]
[E:\Rising\RFW\rfwrule.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.1]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[E:\Rising\RFW\rfwsrv.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.99]
[E:\Rising\RFW\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1]
[E:\Rising\RFW\mPorts.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.7]
[E:\Rising\RFW\rfwdrvc.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.37]
[E:\Rising\RFW\fishweb.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 26]
[E:\Rising\RFW\rsindent.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.1.0]
[E:\Rising\RFW\taskplug.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.2]
[E:\Rising\RFW\rfwPgDef.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.4]
[E:\Rising\RFW\proccomm.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.2]
[E:\Rising\RFW\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.4]
[E:\Rising\RFW\Rfwdrv.dll] [Beijing Rising Information Technology Co., Ltd., 25.0.0.8]
[E:\Rising\RFW\RfwArp.dll] [Beijing Rising Information Technology Co., Ltd., 25.0.0.1]
[E:\Rising\RFW\urlrule.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.2]
[E:\Rising\RFW\recomp.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 12]
[E:\Rising\RFW\refs.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3]
[E:\Rising\RFW\viruslib.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 8]
[E:\Rising\RFW\relibldr.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1]
[E:\Rising\RFW\rfwproxy.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 80]
[E:\Rising\RFW\rslang.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1]
[E:\Rising\RFW\fwfish.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 5]
[E:\Rising\RFW\fwcomp.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 11]
[E:\Rising\RFW\fwfs.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 5]
[E:\Rising\RFW\fwvirlib.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 5]
[E:\Rising\RFW\fwlibldr.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3]
[E:\Rising\RFW\rstask.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 7]
[E:\Rising\RFW\rsstub.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[E:\Rising\RFW\urllib.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1]
[PID: 1620 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1668 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1912 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1976 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc., 6.14.10.4254]
[C:\WINDOWS\system32\Ati2edxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2514]
[C:\WINDOWS\system32\atipdlxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2563]
[C:\WINDOWS\system32\ati2evxx.dll] [ATI Technologies Inc., 6.14.10.4179]
[C:\WINDOWS\system32\atiadlxx.dll] [Advanced Micro Devices, Inc., 6.14.10.1061]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 248 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [(Verified) Microsoft Corporation, 5.1.2600.6024 (xpsp_sp3_gdr.100817-1626)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1304 / lenovo][C:\WINDOWS\Explorer.EXE] [(Verified) Microsoft Corporation, 6.00.2900.5634 (xpsp_sp3_qfe.080703-1303)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Documents and Settings\lenovo\Application Data\115\Box\Sync115Ext.dll] [广东雨林木风计算机科技有限公司, 1.0.0.2]
[F:\工具软件\Baofeng\StormPlayer\ShellMenu.dll] [北京暴风科技股份有限公司, 5.9.118.0]
[PID: 1684 / SYSTEM][C:\WINDOWS\system32\HZ_CommSrv.exe] [华大智宝电子系统有限公司, 1, 2, 0, 1]
[PID: 1744 / SYSTEM][C:\WINDOWS\system32\KaraokeSer.exe] [VIA Technologies, Inc., 0, 1, 0, 0]
[PID: 1808 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1840 / SYSTEM][C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDKeyMonitorCCB.exe] [ Beijing WatchData System Co., Ltd., 3, 2, 0, 0]
[C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\wdkmgr.dll] [Watchdata, 2, 1, 1, 40]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1856 / SYSTEM][C:\Program Files\Rising\RSE\webboost.exe] [Beijing Rising Information Technology Co., Ltd., 1.0.0.14]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1240 / lenovo][C:\Program Files\Rising\RSD\popwndexe.exe] [Beijing Rising Information Technology Co., Ltd., 1.0.0.5]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\Rising\RSD\rsdk.dll] [Beijing Rising Information Technology Co., Ltd., 1.0.0.2]
[C:\Program Files\Rising\RSD\rsmginfo.dll] [Beijing Rising Information Technology Co., Ltd., 1.0.0.30]
[PID: 1288 / lenovo][C:\seup.exe] [Sogou.com, 1, 0, 0, 1]
[C:\HWSig.dll] [360.cn, 4, 0, 0, 1150]
[PID: 696 / lenovo][C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDCertM_CCB.exe] [ Beijing WatchData System Co., Ltd., 3, 2, 0, 0]
[C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\TokenMgr.dll] [ Beijing WatchData System Co., Ltd., 3, 6, 3, 2]
[C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDAlg.DLL] [ Beijing WatchData System C0., Ltd., 3, 5, 12, 20]
[C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\wdkmgr.dll] [Watchdata, 2, 1, 1, 40]
[C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDPKCS.dll] [ Beijing WatchData System Co., Ltd., 3, 6, 2, 15]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDEvent.dll] [ Beijing WatchData System Co., Ltd., 3, 2, 5, 0]
[PID: 812 / lenovo][C:\Program Files\CCBComponents\DMWZ\CCBCertificate.exe] [, 1, 0, 0, 27]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\CCBKCSP.dll] [, 1, 0, 0, 1]
[PID: 2056 / lenovo][D:\Rising\RAV\RSTRAY.EXE] [Beijing Rising Information Technology Co., Ltd., 23.0.0.12]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[D:\Rising\RAV\comserv.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.15]
[D:\Rising\RAV\rslang.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1]
[D:\Rising\RAV\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.4]
[D:\Rising\RAV\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1]
[D:\Rising\RAV\ProcComm.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.2]
[D:\Rising\RAV\rsxml.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.2]
[D:\Rising\RAV\MonState.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2]
[D:\Rising\RAV\ScanEvnt.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.10]
[D:\Rising\RAV\rsguilib.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.12]
[D:\Rising\RAV\rsconf.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.8]
[D:\Rising\RAV\rspalvd.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.7]
[D:\Rising\RAV\mruleui.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 10]
[D:\Rising\RAV\MonTray.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.1.15]
[D:\Rising\RAV\rsmginfo.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.14]
[D:\Rising\RAV\UsbServ.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3]
[D:\Rising\RAV\ScanTray.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.55]
[D:\Rising\RAV\PngDll.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3]
[D:\Rising\RAV\dfw.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.67]
[D:\Rising\RAV\ScanPrxy.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.32]
[D:\Rising\RAV\GCompt.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.55]
[D:\Rising\RAV\Isol.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.14]
[D:\Rising\RAV\rsstore.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.12]
[C:\Program Files\TENCENT\SSPlus\SAddr.dll] [腾讯, 6.1.0.3]
[C:\Program Files\TENCENT\SSPlus\sqlite3.dll] [N/A, ]
[PID: 2088 / lenovo][E:\Rising\RFW\RSTRAY.EXE] [Beijing Rising Information Technology Co., Ltd., 23.0.0.12]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[E:\Rising\RFW\comserv.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.15]
[E:\Rising\RFW\rslang.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1]
[E:\Rising\RFW\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.4]
[E:\Rising\RFW\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1]
[E:\Rising\RFW\ProcComm.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.2]
[E:\Rising\RFW\rsxml.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.2]
[E:\Rising\RFW\MonState.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2]
[E:\Rising\RFW\rfwrule.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.1]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[E:\Rising\RFW\rsconf.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.8]
[E:\Rising\RFW\rspalvd.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.7]
[E:\Rising\RFW\rsguilib.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.12]
[E:\Rising\RFW\rsnetsvr.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.12]
[E:\Rising\RFW\rsmginfo.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.14]
[E:\Rising\RFW\rfwtray.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 78]
[E:\Rising\RFW\rfwlog.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.7]
[E:\Rising\RFW\PngDll.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3]
[C:\Program Files\TENCENT\SSPlus\SAddr.dll] [腾讯, 6.1.0.3]
[C:\Program Files\TENCENT\SSPlus\sqlite3.dll] [N/A, ]
[PID: 2112 / lenovo][C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe] [VIA Technologies, Inc., 10.1.00.21]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
liliok - 2012-3-20 12:49:00
[PID: 2116 / lenovo][C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe] [Advanced Micro Devices Inc., 2.0.0.0]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll] [Microsoft Corporation, 2.0.50727.3625 (GDR.050727-3600)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\9e3803cd2a11f056291862e306a8e2b2\System.ni.dll] [Microsoft Corporation, 2.0.50727.3631 (GDR.050727-3600)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\9351cf29bb1ba951e45a9b3b0edab937\System.Drawing.ni.dll] [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ad99ac6b5666edb8ee742dd64f9578af\System.Windows.Forms.ni.dll] [Microsoft Corporation, 2.0.50727.3623 (GDR.050727-3600)]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.Implementation.dll] [Advanced Micro Devices Inc., 2.0.4205.39967]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.dll] [Advanced Micro Devices Inc., 2.0.4205.39815]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Private.dll] [Advanced Micro Devices Inc., 2.0.4205.39819]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.dll] [Advanced Micro Devices Inc., 2.0.4205.39963]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.Foundation.dll] [Advanced Micro Devices Inc., 2.0.4205.39820]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.Private.dll] [Advanced Micro Devices Inc., 2.0.4205.39820]
[C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll] [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\29bdc8352d3c26e3c572ea60639dec3b\System.Web.ni.dll] [Microsoft Corporation, 2.0.50727.3634 (GDR.050727-3600)]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.Implementation.dll] [Advanced Micro Devices Inc., 2.0.4205.39966]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\NEWAEM.Foundation.dll] [Advanced Micro Devices Inc., 2.0.4205.39816]
[PID: 2140 / lenovo][C:\WINDOWS\system32\ctfmon.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 2296 / lenovo][F:\旺旺\AliIM.exe] [Alibaba software (Shanghai) Corporation., 1, 0, 0, 1]
[F:\旺旺\GUIBase.dll] [Alisoft (Shanghai) Co., Ltd., 1, 0, 0,261]
[F:\旺旺\RvCore.DLL] [Alisoft (Shanghai) Co., Ltd., 1.0.0.261]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.DLL] [Microsoft Corporation, 8.00.50727.6195]
[F:\旺旺\UpdateAssist.dll] [Alibaba software (Shanghai) Corporation., 1, 0, 0, 6]
[F:\旺旺\alilog.dll] [Copyright 2009 阿里软件(上海)有限公司., 1, 0, 0,232]
[F:\旺旺\log4cpp.dll] [Bastiaan Bakker, LifeLine Networks bv. 阿里软件(上海)有限公司., 0, 3, 2,229]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[F:\旺旺\UiBrowser.dll] [Alibaba software (Shanghai) Corporation., 1.0.0.1]
[F:\旺旺\wwutils.DLL] [Alibaba software (Shanghai) Corporation., 1.0.0.1]
[F:\旺旺\pcre.dll] [N/A, ]
[F:\旺旺\LIBEAY32.dll] [N/A, ]
[F:\旺旺\protocol.dll] [N/A, ]
[F:\旺旺\wwparams.dll] [N/A, ]
[F:\旺旺\WWUIUnits.dll] [N/A, ]
[F:\旺旺\rvnw.dll] [Alisoft (Shanghai) Co., Ltd., 1, 0, 0,261]
[F:\旺旺\rvwindow.dll] [Alisoft (Shanghai) Co., Ltd., 1, 0, 0,259]
[F:\旺旺\xparam.dll] [Alisoft (Shanghai) Co., Ltd., 1, 0, 0,261]
[F:\旺旺\imbiz.dll] [Alibaba software (Shanghai) Corporation., 1.0.0.1]
[F:\旺旺\P2PEnv.dll] [N/A, ]
[F:\旺旺\imnet.dll] [, 1.0.0.1]
[F:\旺旺\Recovery.dll] [Alibaba software (Shanghai) Corporation., 1.0.0.1]
[F:\旺旺\GUICore.dll] [Alisoft (Shanghai) Co., Ltd., 1.0.0.260]
[F:\旺旺\uacclient.dll] [Alibaba software (Shanghai) Corporation., 1.0.0.1]
[F:\旺旺\WWApplication.dll] [Alibaba software (Shanghai) Corporation., 1.0.0.1]
[F:\旺旺\zlib1.dll] [, 1.2.3]
[F:\旺旺\wwsdk.dll] [Alibaba software (Shanghai) Corporation., 3.1.0.0]
[F:\旺旺\imdb.dll] [Alibaba software (Shanghai) Corporation., 1.0.0.1]
[F:\旺旺\rvcomlib.dll] [Alisoft (Shanghai) Co., Ltd., 1.0.0.261]
[F:\旺旺\uac.dll] [, 1, 0, 0,1]
[F:\旺旺\wwsdkcom.dll] [Alibaba software (Shanghai) Corporation., 3.1.0.0]
[F:\旺旺\SDKDB.dll] [Alibaba software (Shanghai) Corporation., 1.0.0.1]
[F:\旺旺\zlibwapi.dll] [, 1.2.1.0]
[F:\旺旺\alinet.dll] [Alisoft (Shanghai) Co., Ltd., 1, 0, 0,261]
[F:\旺旺\Peripheral.dll] [Alibaba software (Shanghai) Corporation., 1.0.0.1]
[F:\旺旺\filetransbiz.dll] [Alibaba software (Shanghai) Corporation., 1.0.0.4]
[F:\旺旺\ww_network2.dll] [Alibaba software (Shanghai) Corporation., 2, 1, 0, 8]
[F:\旺旺\P2PBiz.dll] [, 1, 0, 0, 1]
[F:\旺旺\AVTransBiz.dll] [Alibaba software (Shanghai) Corporation., 1.0.0.1]
[F:\旺旺\ContactInfoAdapter.dll] [Alibaba software (Shanghai) Corporation., 1.0.0.1]
[F:\旺旺\GraffitiGUI.dll] [Alibaba software (Shanghai) Corporation., 1.0.0.0]
[F:\旺旺\SysNotify.dll] [Alibaba software (Shanghai) Corporation., 1.0.0.1]
[F:\旺旺\PopupEmotionMgr.dll] [Alibaba software (Shanghai) Corporation., 1.0.0.1]
[F:\旺旺\AliIMX.dll] [, 1.0.0.1]
[PID: 2312 / lenovo][C:\windows\system32\notepad.exe] [(Verified) Microsoft Corporation, 5.1.2600.5877 (xpsp_sp3_qfe.090916-1338)]
[C:\windows\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 2432 / lenovo][C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe] [ATI Technologies Inc., 2.0.0.0]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll] [Microsoft Corporation, 2.0.50727.3625 (GDR.050727-3600)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\9e3803cd2a11f056291862e306a8e2b2\System.ni.dll] [Microsoft Corporation, 2.0.50727.3631 (GDR.050727-3600)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\9351cf29bb1ba951e45a9b3b0edab937\System.Drawing.ni.dll] [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ad99ac6b5666edb8ee742dd64f9578af\System.Windows.Forms.ni.dll] [Microsoft Corporation, 2.0.50727.3623 (GDR.050727-3600)]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.Implementation.dll] [Advanced Micro Devices Inc., 2.0.4205.39966]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.dll] [Advanced Micro Devices Inc., 2.0.4205.39815]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.Foundation.dll] [Advanced Micro Devices Inc., 2.0.4205.39820]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.dll] [Advanced Micro Devices Inc., 2.0.4205.39816]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.Private.dll] [Advanced Micro Devices Inc., 2.0.4205.39820]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.dll] [Advanced Micro Devices Inc., 2.0.4205.39963]
[C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll] [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Private.dll] [Advanced Micro Devices Inc., 2.0.4205.39819]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.Implementation.dll] [Advanced Micro Devices Inc., 2.0.4205.39967]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.SkinFactory.dll] [Advanced Micro Devices Inc., 2.0.4205.39829]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.XManifest.dll] [Advanced Micro Devices Inc., 2.0.4205.39966]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\77e1279cbf4eecfb0284b63316fe43fe\System.Xml.ni.dll] [Microsoft Corporation, 2.0.50727.3082 (QFE.050727-3000)]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.dll] [Advanced Micro Devices, Inc., 2.0.4205.39827]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dll] [, 1.0.0.0]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.Private.dll] [Advanced Micro Devices Inc., 2.0.4205.39822]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Private.dll] [Advanced Micro Devices Inc., 2.0.4205.39822]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.dll] [Advanced Micro Devices Inc., 2.0.4205.39821]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ATICCCom.dll] [Advanced Micro Devices Inc., 2.0.0.0]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ADL.Foundation.dll] [Advanced Micro Devices, Inc., 2.0.3299.28586]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.dll] [Advanced Micro Devices Inc., 2.0.4205.39824]
[C:\PROGRA~1\ATITEC~1\ATI.ACE\CORE-S~1\32\wbocx.ocx] [Stardock Corporation, 5.0.5.1]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\NEWAEM.Foundation.dll] [Advanced Micro Devices Inc., 2.0.4205.39816]
[C:\WINDOWS\system32\atiadlxx.dll] [Advanced Micro Devices, Inc., 6.14.10.1061]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\Interop.WBOCXLib.dll] [ , 1.0.0.0]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.Shared.dll] [Advanced Micro Devices Inc., 2.0.4205.39824]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll] [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Source.Kit.Server.dll] [Advanced Micro Devices Inc., 2.0.4205.39990]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.DPPE.Shared.dll] [Advanced Micro Devices Inc., 2.0.4205.39974]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Hotkeys.Shared.dll] [Advanced Micro Devices Inc., 2.0.4205.39817]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.WinMessages.Shared.dll] [Advanced Micro Devices Inc., 2.0.4205.39823]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\32\wbhelp2.dll] [Stardock.Net, Inc, 1.5]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0601.dll] [ATI Technologies Inc., 2.0.2573.17685]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Foundation.dll] [ATI Technologies Inc., 2.0.2573.17684]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.dll] [Advanced Micro Devices Inc., 2.0.4205.39830]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ATIDEMGX.dll] [Advanced Micro Devices, Inc., 2.0.3974.34820]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\94a40f415bfa947e251888bbe88bb973\System.Configuration.ni.dll] [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.dll] [Advanced Mirco Devices, Inc., 2.0.4205.39831]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Shared.dll] [Advanced Mirco Devices, Inc., 2.0.4205.39820]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll] [Advanced Micro Devices, Inc., 2.0.2743.23304]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.GD.Shared.dll] [Advanced Micro Devices Inc., 2.0.4205.39830]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Actions.CCAA.Shared.dll] [Advanced Micro Devices Inc., 2.0.4205.39822]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Private.dll] [Advanced Micro Devices, Inc., 2.0.4205.39827]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll] [Advanced Micro Devices, Inc., 2.0.3015.27871]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1010.dll] [Advanced Micro Devices, Inc., 2.0.3932.21814]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll] [Advanced Micro Devices Inc., 2.0.4205.39870]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll] [Advanced Micro Devices Inc., 2.0.4205.39904]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll] [Advanced Micro Devices Inc., 2.0.4205.39901]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.Shared.Private.dll] [Advanced Micro Devices Inc., 2.0.4205.39861]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll] [Advanced Micro Devices Inc., 2.0.4205.39845]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll] [Advanced Micro Devices, Inc., 2.0.4205.39906]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll] [Advanced Micro Devices, Inc., 2.0.4205.39898]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.VPURecover.Graphics.Runtime.dll] [Advanced Micro Devices Inc., 2.0.4205.39862]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.D
liliok - 2012-3-20 12:49:00
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll] [Advanced Micro Devices Inc., 2.0.4205.39904]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Shared.dll] [Advanced Micro Devices Inc., 2.0.4205.39859]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.VPURecover.Graphics.Shared.dll] [Advanced Micro Devices Inc., 2.0.4205.39861]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Runtime.dll] [Advanced Micro Devices Inc., 2.0.4205.40046]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CustomFormats.Graphics.Shared.dll] [Advanced Micro Devices Inc., 2.0.4205.39858]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCV.Graphics.Runtime.dll] [Advanced Micro Devices Inc., 2.0.4205.39909]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll] [Advanced Micro Devices Inc., 2.0.4205.39846]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.shared.dll] [Advanced Micro Devices Inc., 2.0.4205.39899]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCV.Graphics.Shared.dll] [Advanced Micro Devices Inc., 2.0.4205.39909]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll] [Advanced Micro Devices Inc., 2.0.4205.39830]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.shared.dll] [Advanced Micro Devices Inc., 2.0.4205.39976]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0912.dll] [Advanced Micro Devices, Inc., 2.0.2743.23304]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceTV.Graphics.Runtime.dll] [Advanced Micro Devices Inc., 2.0.4205.39941]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Runtime.dll] [Advanced Micro Devices Inc., 2.0.4205.39917]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Welcome.Graphics.Runtime.dll] [Advanced Micro Devices Inc., 2.0.4205.40042]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Runtime.dll] [Advanced Micro Devices Inc., 2.0.4205.39901]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0706.dll] [Advanced Micro Devices, Inc., 2.0.2743.23304]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceTV.Graphics.shared.dll] [Advanced Micro Devices Inc., 2.0.4205.39941]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Welcome.Graphics.shared.dll] [Advanced Micro Devices Inc., 2.0.4205.39977]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Shared.dll] [Advanced Micro Devices Inc., 2.0.4205.39917]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Shared.dll] [Advanced Micro Devices Inc., 2.0.4205.39887]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll] [Advanced Micro Devices, Inc., 2.0.3455.26939]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0906.dll] [Advanced Micro Devices, Inc., 2.0.2743.23304]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Shared.dll] [Advanced Micro Devices Inc., 2.0.4205.39845]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll] [Advanced Micro Devices, Inc., 2.0.4205.39898]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0812.dll] [Advanced Micro Devices, Inc., 2.0.3286.19924]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll] [Advanced Micro Devices, Inc., 2.0.3057.24943]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atixclib.dll] [ , 1.0.0.0]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Runtime.dll] [Advanced Micro Devices Inc., 2.0.4205.40004]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Shared.dll] [Advanced Micro Devices Inc., 2.0.4205.40004]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\APM.Server.dll] [Advanced Micro Devices, Inc., 2.0.4205.39826]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\APM.Foundation.dll] [Advanced Micro Devices Inc., 2.0.4205.39817]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\29bdc8352d3c26e3c572ea60639dec3b\System.Web.ni.dll] [Microsoft Corporation, 2.0.50727.3634 (GDR.050727-3600)]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Extension.EEU.dll] [Advanced Micro Devices Inc., 2.0.4205.39823]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.REG.Shared.dll] [Advanced Micro Devices Inc., 2.0.4205.39990]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.EEU.Shared.dll] [Advanced Micro Devices Inc., 2.0.4205.39823]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Systemtray.dll] [Advanced Micro Devices Inc., 2.0.4205.39956]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.Private.dll] [Advanced Micro Devices, Inc., 2.0.4205.39837]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Wizard.dll] [Advanced Micro Devices, Inc., 2.0.4205.39853]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.dll] [Advanced Micro Devices Inc., 2.0.4205.39817]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Wizard.Shared.dll] [Advanced Micro Devices Inc., 2.0.4205.39818]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Wizard.Shared.Private.dll] [Advanced Micro Devices Inc., 2.0.4205.39852]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Wizard.dll] [Advanced Micro Devices Inc., 2.0.4205.39853]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Implementation.dll] [Advanced Micro Devices, Inc., 2.0.4205.40031]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Wizard.Shared.dll] [Advanced Micro Devices Inc., 2.0.4205.39853]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Wizard.dll] [Advanced Micro Devices Inc., 2.0.4205.39919]
[C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll] [Advanced Micro Devices, Inc., 2.0.3961.17586]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Wizard.dll] [Advanced Micro Devices Inc., 2.0.4205.39931]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll] [Advanced Micro Devices Inc., 2.0.4205.39860]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.InfoCentre.Graphics.Wizard.dll] [Advanced Micro Devices Inc., 2.0.4205.39863]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Wizard.dll] [Advanced Micro Devices Inc., 2.0.4205.40010]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.dll] [Advanced Micro Devices, Inc., 2.0.4205.39839]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.dll] [Advanced Micro Devices Inc., 2.0.4205.39818]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.Private.dll] [Advanced Micro Devices Inc., 2.0.4205.39837]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.dll] [Advanced Micro Devices Inc., 2.0.4205.39844]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.Shared.dll] [Advanced Micro Devices Inc., 2.0.4205.39844]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Welcome.Graphics.Dashboard.dll] [Advanced Mirco Devices, Inc., 2.0.4205.39979]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll] [Advanced Micro Devices Inc., 2.0.4205.39864]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll] [Advanced Micro Devices Inc., 2.0.4205.39847]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll] [, 1.0.0.0]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll] [Advanced Micro Devices Inc., 2.0.4205.39905]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll] [Advanced Micro Devices Inc., 2.0.4205.39900]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll] [Advanced Micro Devices, Inc., 2.0.4205.39893]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll] [Advanced Micro Devices Inc., 2.0.4205.39918]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll] [Advanced Micro Devices Inc., 2.0.4205.39864]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Dashboard.dll] [Advanced Micro Devices Inc., 2.0.4205.39902]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Dashboard.dll] [Advanced Micro Devices Inc., 2.0.4205.40046]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.VPURecover.Graphics.Dashboard.dll] [Advanced Micro Devices Inc., 2.0.4205.39862]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Dashboard.dll] [Advanced Micro Devices Inc., 2.0.4205.40005]
[PID: 2612 / SYSTEM][C:\WINDOWS\system32\wbem\wmiprvse.exe] [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 3984 / lenovo][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Documents and Settings\lenovo\Application Data\115\Box\Sync115Ext.dll] [广东雨林木风计算机科技有限公司, 1.0.0.2]
[C:\WINDOWS\system32\SOGOUWB.IME] [Sogou.com Inc., 2.0.1.1189]
[PID: 1232 / lenovo][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\Macromed\Flash\Flash10i.ocx] [Adobe Systems, Inc., 10,1,82,76]
[PID: 2832 / lenovo][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\Macromed\Flash\Flash10i.ocx] [Adobe Systems, Inc., 10,1,82,76]
[PID: 3140 / lenovo][C:\Program Files\Tencent\QQ\Bin\QQ.exe] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Bin\Common.dll] [Tencent, 1,61,2040,0]
[C:\Program Files\Tencent\QQ\Bin\zlib.dll] [, 1, 2, 5, 0]
[C:\Program Files\Tencent\QQ\Bin\libexpat.dll] [, 2, 0, 1, 0]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.DLL] [Microsoft Corporation, 8.00.50727.6195]
[C:\Program Files\Tencent\QQ\Bin\KernelUtil.dll] [Tencent, 1,61,2040,0]
[C:\Program Files\Tencent\QQ\Bin\xImage.dll] [Tencent, 1,61,2040,0]
[C:\Program Files\Tencent\QQ\Bin\libpng.dll] [, 1, 2, 2, 3]
[C:\Program Files\Tencent\QQ\Bin\libjpeg6.dll] [, 6, 2, 0, 0]
[C:\Program Files\Tencent\QQ\Bin\GF.dll] [Tencent, 1,61,2040,0]
[C:\Program Files\Tencent\QQ\Bin\xGraphic32.dll] [Tencent, 1,61,2040,0]
[C:\Program Files\Tencent\QQ\Bin\jgImage.dll] [Tencent, 1, 60, 2010, 0]
[C:\Program Files\Tencent\QQ\Bin\jgIOStub.dll] [Tencent, 1, 60, 2010, 0]
[C:\Program Files\Tencent\QQ\Bin\AFUtil.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Bin\IPC.dll] [Tencent, 1,61,2040,0]
[C:\Program Files\Tencent\QQ\Bin\FlashService.dll] [Tencent, 1, 61, 2103, 0]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\Tencent\QQ\Bin\LoginPanel.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Bin\TXPFProxy.dll] [Tencent, 1,61,2040,0]
[C:\Program Files\Tencent\QQ\Bin\IM.dll] [Tencent, 1,61,2040,0]
[C:\Program Files\Tencent\QQ\Bin\MainFrame.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Bin\AppUtil.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Bin\AppFramework.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Common Files\Tencent\TXSSO\1.2.1.20\Bin\SSOPlatform.dll] [Tencent, 1.2.1.20]
[C:\Program Files\Common Files\Tencent\TXSSO\1.2.1.20\Bin\SSOCommon.DLL] [Tencent, 1.2.1.10]
[C:\Program Files\Tencent\QQ\Bin\TaskTray.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Bin\SkinMgr.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Bin\AppMisc.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Bin\AFCtrl.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Bin\ProcessSession.DLL] [Tencent, 1,61,2040,0]
[C:\Program Files\Tencent\QQ\Bin\SystemMsg.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Bin\ConfigCenter.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Bin\ChatFrameApp.dll] [Tencent, 1, 61, 2103, 0]
[C:\WINDOWS\system32\msdmo.dll] [, ]
[C:\Program Files\Tencent\QQ\Bin\GroupApp.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Bin\Contacts.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Bin\InformationBox.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.SNSApp\Bin\SNSApp.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.PayCenter\Bin\PayCenter.dll] [Tencent, 1, 65, 2173, 0]
[C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQVipMisc\Bin\QQVipMisc.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.VAS\Bin\VAS.dll] [Tencent, 1, 65, 2173, 0]
[C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.WenWen\Bin\WenWen.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.NetBar\Bin\NetBar.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.PaiPai\Bin\PaiPai.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.Wireless\Bin\Wireless.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.CRM\Bin\CRM.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.PaiPaiGift\Bin\PaiPaiGift.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQShow\Bin\QQShow.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.Qzone\Bin\Qzone.dll] [Tencent, 1, 65, 2168, 0]
[C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.AudioVideo\Bin\AudioVideo.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.Soso\Bin\Soso.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.Weather\Bin\Weather.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.Memo\Bin\Memo.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQPet\Bin\QQPet.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQVip\Bin\QQVip.dll] [Tencent, 1, 61, 2103, 1]
[C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.Mail\Bin\Mail.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.FileTransfer\Bin\FileTransfer.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQRing\Bin\QQRing.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.WBlog\Bin\WBlog.dll] [Tencent, 1, 61, 2104, 0]
[C:\Program Files\Tencent\QQ\Bin\PluginCommon.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Bin\QInterLive.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.GameLife\Bin\GameLife.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Plugin\com.tencent.netdisk\Bin\NetDisk.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Plugin\com.tencent.netdisk\Bin\DiskIPC.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Plugin\com.tencent.netdisk\Bin\DiskCommon.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Plugin\com.tencent.netdisk\Bin\FileBase.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Bin\ContactInfoFrame.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Bin\MsgMgr.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Plugin\com.tencent.qqmusic\Bin\QQMusic.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Plugin\com.tencent.qqgame\Bin\QQGame.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Plugin\com.tencent.today\Bin\Today.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Bin\OPIEModule.dll] [Tencent, 1, 61, 2103, 0]
[C:\Program Files\Tencent\QQ\Plugin\com.tencent.advertisement\Bin\Advertisement.dll] [Tencent, 1, 61, 2107, 0]
liliok - 2012-3-20 12:50:00
[PID: 2576 / lenovo][C:\Program Files\Tencent\QQ\Bin\TXPlatform.exe] [Tencent, 1,61,2040,0]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\Tencent\QQ\Bin\TXPFProxy.dll] [Tencent, 1,61,2040,0]
[PID: 3640 / lenovo][F:\工具软件\sreng2\SRE9e7c6ae7.EXE] [Smallfrogs Studio, 2.8.4.1331]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1
www.youku.com------ 屏蔽迅雷看看广告 ------
0.0.0.0 pubstat.sandai.net
0.0.0.0 mcfg.sandai.net
0.0.0.0 biz5.sandai.net
0.0.0.0 float.sandai.net
0.0.0.0 cl.kankan.xunlei.com
0.0.0.0 211.94.190.80
0.0.0.0 mtips.xunlei.com
0.0.0.0 211.94.190.80
0.0.0.0 mtips.xunlei.com
0.0.0.0 adsresult.joywell.com.cn
0.0.0.0 advstat.xunlei.com
0.0.0.0 wy.xunlei.com
0.0.0.0 kkpgv.xunlei.com
0.0.0.0 statis.kankan.xunlei.com
0.0.0.0 server1.adpolestar.net
0.0.0.0 mpv.sandai.net
==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 1840, C:\WINDOWS\SYSTEM32\WATCHDATA\WATCHDATA CCB CSP V3.2\WDKEYMONITORCCB.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 696, C:\WINDOWS\SYSTEM32\WATCHDATA\WATCHDATA CCB CSP V3.2\WDCERTM_CCB.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 812, C:\PROGRAM FILES\CCBCOMPONENTS\DMWZ\CCBCERTIFICATE.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 2116, C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\MOM.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2116, C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\MOM.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 2432, C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\CCC.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2432, C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\CCC.EXE]
==================================
计划任务
==================================
Windows 安全更新检查
Microsoft .NET Framework 版本 1.1,简体中文版
KB829019, Microsoft .NET Framework 2.0 语言包:x86 (KB829019)
KB940157, 用于 Windows XP 的 Windows 搜索 4.0 (KB940157)
KB928416, Microsoft .NET Framework 3.0: x86 语言包 (KB928416)
KB951847, Microsoft .NET Framework 3.5 Service Pack 1 (KB951847) x86 语言包
KB968930, 用于 Windows XP 和 Windows Embedded 的 Windows PowerShell 2.0 和 WinRM 2.0 (KB968930)
KB968930, Windows Live 软件包
KB2509553, Windows XP 安全更新程序 (KB2509553) MS11-030
KB982670, 用于 Windows XP x86 的 Microsoft .NET Framework 4 Client Profile (KB982670)
KB2526297, Microsoft Office 兼容包 Service Pack 3 (SP3)
KB2632503, Windows XP 更新程序 (KB2632503)
KB931125, Windows XP 的根证书更新 [2012 年 2 月] (KB931125)
==================================
API HOOK
N/A
==================================
隐藏进程
N/A
[/CODE]
networkedition - 2012-3-20 13:05:00
日志已附件形式发来啊。
参考此帖:
关于如何截图和以附件形式发图到论坛:
http://bbs.ikaka.com/showtopic-8616820.aspx 发图和发附件是一样的。
liliok - 2012-3-20 13:07:00
networkedition - 2012-3-20 13:16:00
C:\seup.exe找到压缩发来。
liliok - 2012-3-20 13:23:00
原帖由 networkedition 于 2012-3-20 13:16:00 发表
C:\seup.exe找到压缩发来。
附件:
seup.zip
networkedition - 2012-3-20 13:25:00
搜狗音乐盒升级程序:kaka6: 日志未见异常。
liliok - 2012-3-20 13:33:00
原帖由 networkedition 于 2012-3-20 13:25:00 发表
搜狗音乐盒升级程序:kaka6: 日志未见异常。
开机时瑞星提示:“已阻止NOTEPAD。EXE。。。恶意操作。。。”
昨天淘宝有人发了个文件给我,我用瑞星查没问题,双击无反应,重启电脑就出现,
瑞星提示:“已阻止NOTEPAD。EXE。。。恶意操作。。。”
networkedition - 2012-3-20 13:39:00
“淘宝有人发了个文件给我”,文件还在么?压缩跟帖上传。
另将瑞星日志一并发来。鼠标右键点击绿伞——查看日志——备份日志,将日志db文件导出压缩跟帖上传。
liliok - 2012-3-20 13:46:00
原帖由 networkedition 于 2012-3-20 13:39:00 发表
“淘宝有人发了个文件给我”,文件还在么?压缩跟帖上传。
另将瑞星日志一并发来。鼠标右键点击绿伞——查看日志——备份日志,将日志db文件导出压缩跟帖上传。
文件删除了。
劳烦您给我仔细看看,谢谢!
附件:
111.zip
networkedition - 2012-3-20 14:05:00
日志显示拦截的就是seup.exe,但seup.exe 不是病毒,应该还有个dll。估计在那个被删除的文件里面。
liliok - 2012-3-20 14:09:00
原帖由 networkedition 于 2012-3-20 14:05:00 发表
日志显示拦截的就是seup.exe,但seup.exe 不是病毒,应该还有个dll。估计在那个被删除的文件里面。
是的,发过来的是3个文件,有一个是DLL,一个是屏保类文件,我双击屏保类文件之后没反应。请问我现在应该怎么做?似乎账号什么的没有失窃。
networkedition - 2012-3-20 14:15:00
将QQ号通过站内短消息发送给我,远程看一下。
liliok - 2012-3-20 14:23:00
原帖由 networkedition 于 2012-3-20 14:15:00 发表
将QQ号通过站内短消息发送给我,远程看一下。
请看信箱。
networkedition - 2012-3-20 15:13:00
已加QQ远程,提取的dll文件,瑞星杀毒软件可以查杀。
1
© 2000 - 2024 Rising Corp. Ltd.