瑞星卡卡电脑诊断日志 v1.30 (2008-11-25 17:51:8) 北京瑞星信息技术有限公司 注释: [A]表示该文件存在自启动关联; [M]表示该文件在内存中; + 注册表自运行项目 + 系统服务 + HKLM\System\CurrentControlSet\Services Ati HotKey Poller [AM] 1. c:\windows\system32\ati2evxx.exe RfwProxySrv [AM] 2. d:\program files\rising\rfw\rfwproxy.exe RfwService [AM] 3. d:\program files\rising\rfw\rfwsrv.exe RsCCenter [AM] 4. d:\program files\rising\rav\ccenter.exe RsRavMon [AM] 5. d:\program files\rising\rav\ravmond.exe + 内核驱动 + HKLM\System\CurrentControlSet\Services ALCXWDM [A ] 6. c:\windows\system32\drivers\alcxwdm.sys Alidevice [A ] 7. c:\windows\system32\drivers\alidevice.sys FETNDIS [A ] 8. c:\windows\system32\drivers\dlkfet5b.sys GMSIPCI [A ] 9. g:\install\gmsipci.sys HookCont [A ] 10. c:\windows\system32\drivers\hookcont.sys HookNtos [A ] 11. c:\windows\system32\drivers\hookntos.sys HookReg [A ] 12. c:\windows\system32\drivers\hookreg.sys HookSys [A ] 13. c:\windows\system32\drivers\hooksys.sys HookUrl [A ] 14. d:\program files\rising\rfw\hookurl.sys nvatabus [A ] 15. c:\windows\system32\drivers\nvatabus.sys nv_agp [A ] 16. c:\windows\system32\drivers\nv_agp.sys QKeyService [A ] 17. c:\windows\system32\keycrypt.sys RfwBase [A ] 18. c:\windows\system32\drivers\rfwbase.sys RsFwDrv [A ] 19. d:\program files\rising\rfw\rsfwdrv.sys RsNTGDI [A ] 20. c:\windows\system32\drivers\rsntgdi.sys Secdrv [A ] 21. c:\windows\system32\drivers\secdrv.sys Tcpip [A ] 22. c:\windows\system32\drivers\tcpip.sys TSKSP [A ] 23. d:\program files\tencent\qqdoctor\tsksp.sys ZSMC301b [A ] 24. c:\windows\system32\drivers\usbvm31b.sys + 系统登陆自运行 + HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify AtiExtEvent [AM] 25. c:\windows\system32\ati2evxx.dll WgaLogon [AM] 26. c:\windows\system32\wgalogon.dll + IE浏览器加载模块 + HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar {29CF293A-1E7D-4069-9E11-E39698D0AF95} [A ] 27. c:\program files\tencent\qqtoolbar\iebar.dll + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects {00000000-12C9-4305-82F9-43058F20E8D2} [A ] 28. d:\program files\tencent\qqdownload\qqiehelper01.dll {01443AEC-0FD1-40fd-9C87-E93D1494C233} [AM] 29. d:\program files\thunder network\thunder\comdlls\tdatonce_now.dll {29CF293A-1E7D-4069-9E11-E39698D0AF95} [A ] 27. c:\program files\tencent\qqtoolbar\iebar.dll {6A49F431-2A2E-41a5-9080-0F41D1A3AEC2} [A ] 30. c:\program files\iefxz\iefxz.dll {889D2FEB-5411-4565-8998-1DD2C5261283} [AM] 31. d:\program files\thunder network\thunder\comdlls\xunleibho_now.dll {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [A ] 32. c:\windows\system32\urlfilter.dll + HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions Exec [A ] 33. d:\program files\thunder network\thunder\thunder.exe Exec [A ] 34. c:\windows\network diagnostic\xpnetdiag.exe Exec [A ] 35. c:\program files\messenger\msmsgs.exe + 资源管理器加载模块 + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved HyperTerminal Icon Ext [A ] 36. c:\windows\system32\hticons.dll WinRAR shell extension [AM] 37. c:\program files\winrar\rarext.dll RISING [AM] 38. c:\windows\system32\ravext.dll + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks {32CD708B-60A7-4C00-9377-D73EAA495F0F} [AM] 38. c:\windows\system32\ravext.dll + 用户登陆自运行项目 + HKLM\Software\Microsoft\Windows\CurrentVersion\Run runeip [AM] 39. d:\program files\rising\antispyware\rstray.exe RavTask [AM] 40. d:\program files\rising\rav\ravtask.exe RfwMain [AM] 41. d:\program files\rising\rfw\rfwmain.exe + 开机执行 + HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order BootExecute [A ] 42. c:\windows\system32\bsmain.exe + 映像劫持 + HKCR\.html htmlfile\open\Command [AM] 43. d:\program files\tencent\tt\bin\ttraveler.exe htmlfile\TencentTraveler\Command [AM] 43. d:\program files\tencent\tt\bin\ttraveler.exe + HKCR\.htm htmlfile\open\Command [AM] 43. d:\program files\tencent\tt\bin\ttraveler.exe htmlfile\TencentTraveler\Command [AM] 43. d:\program files\tencent\tt\bin\ttraveler.exe + 程序初始化和已知动态连接库 + HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows AppInit_DLLs [AM] 44. c:\windows\system32\kmon.dll + 正在运行的进程 + 000000a4(164) RavStub.exe 00400000[00021000] [ M] 45. d:\program files\rising\rav\ravstub.exe 10000000[0001F000] [ M] 46. d:\program files\rising\rav\proccom.dll 00620000[00024000] [ M] 47. d:\program files\rising\rav\rscommx2.dll 23700000[00028000] [ M] 48. d:\program files\rising\rav\rscommon.dll 70000000[00019000] [ M] 49. d:\program files\rising\rfw\ijt_base.dll 75000000[0000F000] [ M] 50. d:\program files\rising\rfw\olemon.dll + 000000d0(208) 你妖11.exe 00400000[00067000] [ M] 51. f:\mggg\你妖11.exe 60000000[00074000] [AM] 44. c:\windows\system32\kmon.dll 10000000[0002E000] [ M] 52. d:\program files\rising\antispyware\comx3.dll 003E0000[00019000] [ M] 53. d:\program files\rising\antispyware\syslay.dll 70000000[00019000] [ M] 49. d:\program files\rising\rfw\ijt_base.dll 75000000[0000F000] [ M] 50. d:\program files\rising\rfw\olemon.dll 00A70000[0011C000] [ M] 54. f:\mggg\krnln.fnr 01110000[00038000] [ M] 55. f:\mggg\htmlview.fne 71800000[0007C000] [ M] 56. c:\windows\system32\shdoclc.dll 01370000[00010400] [ M] 57. f:\mggg\xplib.fne 01410000[00028000] [ M] 58. d:\program files\rising\rav\ravscrch.dll 5ADC0000[00037000] [ M] 59. c:\windows\system32\uxtheme.dll + 000000ec(236) spoolsv.exe 5ADC0000[00037000] [ M] 59. c:\windows\system32\uxtheme.dll 70000000[00019000] [ M] 49. d:\program files\rising\rfw\ijt_base.dll 75000000[0000F000] [ M] 50. d:\program files\rising\rfw\olemon.dll + 0000012c(300) RfwMain.exe 00400000[00092000] [AM] 41. d:\program files\rising\rfw\rfwmain.exe 7C140000[00103000] [ M] 60. c:\windows\system32\mfc71.dll 7C340000[00056000] [ M] 61. c:\windows\system32\msvcr71.dll 7C3A0000[0007B000] [ M] 62. c:\windows\system32\msvcp71.dll 26600000[000A8000] [ M] 63. d:\program files\rising\rfw\rsguilib.dll 10000000[0001F000] [ M] 64. d:\program files\rising\rfw\proccom.dll 00A60000[00024000] [ M] 65. d:\program files\rising\rfw\rscommx2.dll 00BA0000[0000E000] [ M] 66. d:\program files\rising\rfw\rsappmgr.dll 00BC0000[00030000] [ M] 67. d:\program files\rising\rfw\cfgdll.dll 23700000[00028000] [ M] 68. d:\program files\rising\rfw\rscommon.dll 00E10000[00014000] [ M] 69. d:\program files\rising\rfw\rfwctrl.dll 23800000[00022000] [ M] 70. d:\program files\rising\rfw\rsxml.dll 23900000[00040000] [ M] 71. d:\program files\rising\rfw\pngdll.dll 70000000[00019000] [ M] 49. d:\program files\rising\rfw\ijt_base.dll 75000000[0000F000] [ M] 50. d:\program files\rising\rfw\olemon.dll 012B0000[0000F000] [ M] 72. d:\program files\rising\rfw\rfwrule.dll 731B0000[0000A000] [ M] 73. d:\program files\rising\rfw\psapi.dll + 00000178(376) ElementClient.exe 00400000[0057B000] [ M] 74. f:\game\完美世界\element\elementclient.exe 10000000[00016000] [ M] 75. f:\game\完美世界\element\zlibwapi.dll 00980000[000BC000] [ M] 76. f:\game\完美世界\element\elementskill.dll 00380000[0006F000] [ M] 77. f:\game\完美世界\element\speedtreert.dll 00A40000[00021000] [ M] 78. f:\game\完美世界\element\ftdriver.dll 003F0000[00006000] [ M] 79. f:\game\完美世界\element\immwrapper.dll 00A70000[00032000] [ M] 80. f:\game\完美世界\element\ifc22.dll 60000000[00074000] [AM] 44. c:\windows\system32\kmon.dll 012D0000[0002E000] [ M] 52. d:\program files\rising\antispyware\comx3.dll 01300000[00019000] [ M] 53. d:\program files\rising\antispyware\syslay.dll 72C80000[00008000] [ M] 81. c:\windows\system32\msacm32.drv + 00000224(548) pwprotector.exe 00400000[00009000] [ M] 82. f:\game\完美世界\element\reportbugs\pwprotector.exe 60000000[00074000] [AM] 44. c:\windows\system32\kmon.dll 10000000[0002E000] [ M] 52. d:\program files\rising\antispyware\comx3.dll 003D0000[00019000] [ M] 53. d:\program files\rising\antispyware\syslay.dll + 0000022c(556) smss.exe + 00000254(596) ras.exe 00400000[0000B000] [ M] 83. d:\program files\rising\antispyware\ras.exe 7C140000[00103000] [ M] 84. d:\program files\rising\antispyware\mfc71.dll 7C340000[00056000] [ M] 85. d:\program files\rising\antispyware\msvcr71.dll 10000000[00047000] [ M] 86. d:\program files\rising\antispyware\kakamgr.dll 7C3A0000[0007B000] [ M] 87. d:\program files\rising\antispyware\msvcp71.dll 00A00000[00019000] [ M] 53. d:\program files\rising\antispyware\syslay.dll 00A30000[0001F000] [ M] 46. d:\program files\rising\rav\proccom.dll 00A50000[00024000] [ M] 88. d:\program files\rising\antispyware\rscommx2.dll 00BA0000[0002E000] [ M] 52. d:\program files\rising\antispyware\comx3.dll 00E10000[00058000] [ M] 89. d:\program files\rising\antispyware\dbmgr.dll 23800000[00022000] [ M] 90. d:\program files\rising\antispyware\rsxml.dll 00F70000[0002D000] [ M] 91. d:\program files\rising\antispyware\pweb.dll 00FA0000[000C3000] [ M] 92. d:\program files\rising\antispyware\pscan.dll 01070000[0002F000] [ M] 93. d:\program files\rising\antispyware\ncomm.dll 010C0000[00070000] [ M] 94. d:\program files\rising\antispyware\pset.dll 01150000[0002A000] [ M] 95. d:\program files\rising\antispyware\pdefend.dll 01220000[000B6000] [ M] 96. d:\program files\rising\antispyware\ptools.dll 01180000[0008C000] [ M] 97. d:\program files\rising\antispyware\psysinfo.dll 01400000[0001C000] [AM] 38. c:\windows\system32\ravext.dll 23900000[00040000] [ M] 98. d:\program files\rising\antispyware\pngdll.dll 5ADC0000[00037000] [ M] 59. c:\windows\system32\uxtheme.dll 71800000[0007C000] [ M] 56. c:\windows\system32\shdoclc.dll 03150000[00028000] [ M] 58. d:\program files\rising\rav\ravscrch.dll 30000000[003AF000] [ M] 99. c:\windows\system32\macromed\flash\flash9f.ocx 72C80000[00008000] [ M] 81. c:\windows\system32\msacm32.drv 04B50000[0002F000] [ M] 100. d:\program files\rising\antispyware\engine.dll 04A00000[0000F000] [ M] 101. d:\program files\rising\antispyware\zip.dll + 0000026c(620) csrss.exe 70000000[00019000] [ M] 49. d:\program files\rising\rfw\ijt_base.dll 75000000[0000F000] [ M] 50. d:\program files\rising\rfw\olemon.dll + 0000028c(652) winlogon.exe 5ADC0000[00037000] [ M] 59. c:\windows\system32\uxtheme.dll 10000000[00021000] [AM] 25. c:\windows\system32\ati2evxx.dll 73D50000[00003000] [AM] 26. c:\windows\system32\wgalogon.dll 70000000[00019000] [ M] 49. d:\program files\rising\rfw\ijt_base.dll 75000000[0000F000] [ M] 50. d:\program files\rising\rfw\olemon.dll 72C80000[00008000] [ M] 81. c:\windows\system32\msacm32.drv + 000002b8(696) services.exe 46040000[0000F000] [ M] 102. c:\windows\apppatch\acadproc.dll 70000000[00019000] [ M] 49. d:\program files\rising\rfw\ijt_base.dll 75000000[0000F000] [ M] 50. d:\program files\rising\rfw\olemon.dll + 000002cc(716) lsass.exe 5ADC0000[00037000] [ M] 59. c:\windows\system32\uxtheme.dll 70000000[00019000] [ M] 49. d:\program files\rising\rfw\ijt_base.dll 75000000[0000F000] [ M] 50. d:\program files\rising\rfw\olemon.dll + 0000036c(876) Ati2evxx.exe 00400000[00085000] [AM] 1. c:\windows\system32\ati2evxx.exe 60000000[00074000] [AM] 44. c:\windows\system32\kmon.dll 00CD0000[00010000] [ M] 103. c:\windows\system32\ati2edxx.dll 10000000[0002C000] [ M] 104. c:\windows\system32\atipdlxx.dll 70000000[00019000] [ M] 49. d:\program files\rising\rfw\ijt_base.dll 75000000[0000F000] [ M] 50. d:\program files\rising\rfw\olemon.dll + 00000380(896) svchost.exe 5ADC0000[00037000] [ M] 59. c:\windows\system32\uxtheme.dll 70000000[00019000] [ M] 49. d:\program files\rising\rfw\ijt_base.dll 75000000[0000F000] [ M] 50. d:\program files\rising\rfw\olemon.dll + 00000394(916) RavTask.exe 00400000[00034000] [AM] 40. d:\program files\rising\rav\ravtask.exe 10000000[0001F000] [ M] 46. d:\program files\rising\rav\proccom.dll 00940000[00024000] [ M] 47. d:\program files\rising\rav\rscommx2.dll 23700000[00028000] [ M] 48. d:\program files\rising\rav\rscommon.dll 00BA0000[0000E000] [ M] 105. d:\program files\rising\rav\rsappmgr.dll 08BC0000[00030000] [ M] 106. d:\program files\rising\rav\cfgdll.dll + 000003ac(940) rstray.exe 00400000[00023000] [AM] 39. d:\program files\rising\antispyware\rstray.exe 60000000[00074000] [AM] 44. c:\windows\system32\kmon.dll 10000000[0003C000] [ M] 107. d:\program files\rising\antispyware\rsmginfo.dll 23800000[00022000] [ M] 90. d:\program files\rising\antispyware\rsxml.dll 7C3A0000[0007B000] [ M] 87. d:\program files\rising\antispyware\msvcp71.dll 7C340000[00056000] [ M] 85. d:\program files\rising\antispyware\msvcr71.dll 00980000[00024000] [ M] 108. d:\program files\rising\antispyware\comserv.dll 00AD0000[00019000] [ M] 53. d:\program files\rising\antispyware\syslay.dll 23700000[00026000] [ M] 109. d:\program files\rising\antispyware\rscommon.dll 00B00000[0002E000] [ M] 52. d:\program files\rising\antispyware\comx3.dll 23900000[00040000] [ M] 98. d:\program files\rising\antispyware\pngdll.dll 5ADC0000[00037000] [ M] 59. c:\windows\system32\uxtheme.dll 00E60000[00060000] [ M] 110. d:\program files\rising\antispyware\runiep.dll 00EC0000[0002F000] [ M] 93. d:\program files\rising\antispyware\ncomm.dll 00F10000[0001F000] [ M] 46. d:\program files\rising\rav\proccom.dll 00F30000[00024000] [ M] 88. d:\program files\rising\antispyware\rscommx2.dll 01D90000[0001C000] [AM] 38. c:\windows\system32\ravext.dll + 000003f0(1008) svchost.exe 5ADC0000[00037000] [ M] 59. c:\windows\system32\uxtheme.dll 70000000[00019000] [ M] 49. d:\program files\rising\rfw\ijt_base.dll 75000000[0000F000] [ M] 50. d:\program files\rising\rfw\olemon.dll + 00000420(1056) Ravmon.exe 00400000[00067000] [ M] 111. d:\program files\rising\rav\ravmon.exe 7C140000[00103000] [ M] 60. c:\windows\system32\mfc71.dll 7C340000[00056000] [ M] 61. c:\windows\system32\msvcr71.dll 7C3A0000[0007B000] [ M] 62. c:\windows\system32\msvcp71.dll 10000000[0001F000] [ M] 46. d:\program files\rising\rav\proccom.dll 00A30000[00024000] [ M] 47. d:\program files\rising\rav\rscommx2.dll 23700000[00028000] [ M] 48. d:\program files\rising\rav\rscommon.dll 00C80000[00035000] [ M] 112. d:\program files\rising\rav\recomp.dll 00CD0000[00036000] [ M] 113. d:\program files\rising\rav\refs.dll 00F30000[0002F000] [ M] 114. d:\program files\rising\rav\viruslib.dll 01070000[00028000] [ M] 115. d:\program files\rising\rav\relibldr.dll 010F0000[0000E000] [ M] 105. d:\program files\rising\rav\rsappmgr.dll 01110000[00030000] [ M] 106. d:\program files\rising\rav\cfgdll.dll 01270000[00075000] [ M] 116. d:\program files\rising\rav\monrule.dll 23900000[00040000] [ M] 117. d:\program files\rising\rav\pngdll.dll 26600000[000A8000] [ M] 118. d:\program files\rising\rav\rsguilib.dll 5ADC0000[00037000] [ M] 59. c:\windows\system32\uxtheme.dll 23800000[00022000] [ M] 119. d:\program files\rising\rav\rsxml.dll + 00000454(1108) CCenter.exe 00400000[0002A000] [AM] 4. d:\program files\rising\rav\ccenter.exe 70000000[00019000] [ M] 49. d:\program files\rising\rfw\ijt_base.dll 75000000[0000F000] [ M] 50. d:\program files\rising\rfw\olemon.dll + 00000474(1140) svchost.exe 5ADC0000[00037000] [ M] 59. c:\windows\system32\uxtheme.dll 70000000[00019000] [ M] 49. d:\program files\rising\rfw\ijt_base.dll 75000000[0000F000] [ M] 50. d:\program files\rising\rfw\olemon.dll + 000004b8(1208) svchost.exe 5ADC0000[00037000] [ M] 59. c:\windows\system32\uxtheme.dll 70000000[00019000] [ M] 49. d:\program files\rising\rfw\ijt_base.dll 75000000[0000F000] [ M] 50. d:\program files\rising\rfw\olemon.dll + 000004c0(1216) ctfmon.exe 5ADC0000[00037000] [ M] 59. c:\windows\system32\uxtheme.dll 60000000[00074000] [AM] 44. c:\windows\system32\kmon.dll 70000000[00019000] [ M] 49. d:\program files\rising\rfw\ijt_base.dll 75000000[0000F000] [ M] 50. d:\program files\rising\rfw\olemon.dll + 00000500(1280) Ati2evxx.exe 00400000[00085000] [AM] 1. c:\windows\system32\ati2evxx.exe 60000000[00074000] [AM] 44. c:\windows\system32\kmon.dll 00CD0000[00010000] [ M] 103. c:\windows\system32\ati2edxx.dll 10000000[0002C000] [ M] 104. c:\windows\system32\atipdlxx.dll 00D00000[00021000] [AM] 25. c:\windows\system32\ati2evxx.dll 70000000[00019000] [ M] 49. d:\program files\rising\rfw\ijt_base.dll 75000000[0000F000] [ M] 50. d:\program files\rising\rfw\olemon.dll + 000005a4(1444) ravmond.exe 00400000[00069000] [AM] 5. d:\program files\rising\rav\ravmond.exe 10000000[00042000] [ M] 120. d:\program files\rising\rav\bwlist.dll 7C140000[00103000] [ M] 60. c:\windows\system32\mfc71.dll 7C340000[00056000] [ M] 61. c:\windows\system32\msvcr71.dll 7C3A0000[0007B000] [ M] 62. c:\windows\system32\msvcp71.dll 00A30000[0000E000] [ M] 105. d:\program files\rising\rav\rsappmgr.dll 00A50000[00030000] [ M] 106. d:\program files\rising\rav\cfgdll.dll 00CF0000[00067000] [ M] 121. d:\program files\rising\rav\rslog.dll 00A90000[0001F000] [ M] 46. d:\program files\rising\rav\proccom.dll 00D60000[00024000] [ M] 47. d:\program files\rising\rav\rscommx2.dll 00DA0000[00075000] [ M] 116. d:\program files\rising\rav\monrule.dll 00E30000[00013000] [ M] 122. d:\program files\rising\rav\hooksys.dll 00F90000[00013000] [ M] 123. d:\program files\rising\rav\hookreg.dll 70000000[00019000] [ M] 49. d:\program files\rising\rfw\ijt_base.dll 75000000[0000F000] [ M] 50. d:\program files\rising\rfw\olemon.dll 00FF0000[00013000] [ M] 124. d:\program files\rising\rav\hookntos.dll 01050000[0001D000] [ M] 125. d:\program files\rising\rav\rswalmon.dll 01080000[00035000] [ M] 112. d:\program files\rising\rav\recomp.dll 01F00000[00036000] [ M] 113. d:\program files\rising\rav\refs.dll 01F50000[00022000] [ M] 126. d:\program files\rising\rav\ffr.dll 01F90000[00020000] [ M] 127. d:\program files\rising\rav\rsstore.dll 01FC0000[00013000] [ M] 128. d:\program files\rising\rav\hookcont.dll 01FF0000[00028000] [ M] 129. d:\program files\rising\rav\fakescan.dll 02030000[00022000] [ M] 130. d:\program files\rising\rav\scanner.dll 02670000[0002F000] [ M] 114. d:\program files\rising\rav\viruslib.dll 027B0000[00028000] [ M] 115. d:\program files\rising\rav\relibldr.dll 02E50000[00012000] [ M] 131. d:\program files\rising\rav\hookweb.dll 04560000[00021000] [ M] 132. d:\program files\rising\rav\nvfile.dll 13AB0000[0004A000] [ M] 133. d:\program files\rising\rav\scanexec.dll 05E50000[002DC000] [ M] 134. d:\program files\rising\rav\unexe.dll 06140000[000D4000] [ M] 135. d:\program files\rising\rav\scanex.dll 065B0000[00027000] [ M] 136. d:\program files\rising\rav\pearc.dll 04E30000[000DC000] [ M] 137. d:\program files\rising\rav\extfile.dll 04F40000[00036000] [ M] 138. d:\program files\rising\rav\scanpack.dll 04F90000[000B7000] [ M] 139. d:\program files\rising\rav\revm.dll 05180000[00020000] [ M] 140. d:\program files\rising\rav\urutils.dll 051B0000[00018000] [ M] 141. d:\program files\rising\rav\ur000.dat 02B40000[00038000] [ M] 142. d:\program files\rising\rav\scriptci.dll 02B90000[00017000] [ M] 143. d:\program files\rising\rav\ur023.dat 066F0000[000F3000] [ M] 144. d:\program files\rising\rav\uroutine.dll 02BD0000[0001D000] [ M] 145. d:\program files\rising\rav\ur001.dat 05970000[00023000] [ M] 146. d:\program files\rising\rav\scansct.dll + 000005b0(1456) rfwsrv.exe 00400000[00037000] [AM] 3. d:\program files\rising\rfw\rfwsrv.exe 7C140000[00103000] [ M] 60. c:\windows\system32\mfc71.dll 7C340000[00056000] [ M] 61. c:\windows\system32\msvcr71.dll 7C3A0000[0007B000] [ M] 62. c:\windows\system32\msvcp71.dll 60000000[00074000] [AM] 44. c:\windows\system32\kmon.dll 10000000[0001F000] [ M] 64. d:\program files\rising\rfw\proccom.dll 00780000[00024000] [ M] 65. d:\program files\rising\rfw\rscommx2.dll 007D0000[0000E000] [ M] 66. d:\program files\rising\rfw\rsappmgr.dll 007F0000[00030000] [ M] 67. d:\program files\rising\rfw\cfgdll.dll 00B10000[0000F000] [ M] 72. d:\program files\rising\rfw\rfwrule.dll 00B20000[0000C000] [ M] 147. d:\program files\rising\rfw\rfwlog.dll 00B30000[00018000] [ M] 148. d:\program files\rising\rfw\rfwdrv.dll 731B0000[0000A000] [ M] 73. d:\program files\rising\rfw\psapi.dll 00C50000[0000E000] [ M] 149. d:\program files\rising\rfw\ijt_ctrl.dll 70000000[00019000] [ M] 49. d:\program files\rising\rfw\ijt_base.dll 75000000[0000F000] [ M] 50. d:\program files\rising\rfw\olemon.dll 00C80000[00016000] [ M] 150. d:\program files\rising\rfw\unvdet.dll 00CD0000[0001B000] [ M] 151. d:\program files\rising\rfw\mports.dll + 000005cc(1484) rfwproxy.exe 00400000[00236000] [AM] 2. d:\program files\rising\rfw\rfwproxy.exe 7C140000[00103000] [ M] 60. c:\windows\system32\mfc71.dll 7C340000[00056000] [ M] 61. c:\windows\system32\msvcr71.dll 60000000[00074000] [AM] 44. c:\windows\system32\kmon.dll 731B0000[0000A000] [ M] 73. d:\program files\rising\rfw\psapi.dll 10000000[0001F000] [ M] 64. d:\program files\rising\rfw\proccom.dll 00990000[00024000] [ M] 65. d:\program files\rising\rfw\rscommx2.dll 009D0000[0000F000] [ M] 72. d:\program files\rising\rfw\rfwrule.dll 009E0000[00011000] [ M] 152. d:\program files\rising\rfw\urlrule.dll 70000000[00019000] [ M] 49. d:\program files\rising\rfw\ijt_base.dll 75000000[0000F000] [ M] 50. d:\program files\rising\rfw\olemon.dll 01240000[00016000] [ M] 153. d:\program files\rising\rfw\monmid.dll + 000006d4(1748) Explorer.EXE 5ADC0000[00037000] [ M] 59. c:\windows\system32\uxtheme.dll 60000000[00074000] [AM] 44. c:\windows\system32\kmon.dll 70000000[00019000] [ M] 49. d:\program files\rising\rfw\ijt_base.dll 75000000[0000F000] [ M] 50. d:\program files\rising\rfw\olemon.dll 72C80000[00008000] [ M] 81. c:\windows\system32\msacm32.drv 024D0000[0002E000] [AM] 37. c:\program files\winrar\rarext.dll 10000000[0001C000] [AM] 38. c:\windows\system32\ravext.dll 02AD0000[0002C000] [AM] 29. d:\program files\thunder network\thunder\comdlls\tdatonce_now.dll 02B00000[00031000] [AM] 31. d:\program files\thunder network\thunder\comdlls\xunleibho_now.dll 240A0000[0000E000] [ M] 154. d:\program files\thunder network\thunder\components\resworker\dsbho_00.dll 24050000[0001E000] [ M] 155. d:\program files\thunder network\thunder\components\resworker\dataprocessor_00.dll 71800000[0007C000] [ M] 56. c:\windows\system32\shdoclc.dll + 00000720(1824) rfwstub.exe 00400000[00017000] [ M] 156. d:\program files\rising\rfw\rfwstub.exe 7C3A0000[0007B000] [ M] 62. c:\windows\system32\msvcp71.dll 7C340000[00056000] [ M] 61. c:\windows\system32\msvcr71.dll 60000000[00074000] [AM] 44. c:\windows\system32\kmon.dll 23700000[00028000] [ M] 68. d:\program files\rising\rfw\rscommon.dll 5ADC0000[00037000] [ M] 59. c:\windows\system32\uxtheme.dll 70000000[00019000] [ M] 49. d:\program files\rising\rfw\ijt_base.dll 75000000[0000F000] [ M] 50. d:\program files\rising\rfw\olemon.dll + 00000874(2164) 2345.exe 00400000[00067000] [ M] 157. f:\复件 (2) mggg\2345.exe 60000000[00074000] [AM] 44. c:\windows\system32\kmon.dll 10000000[0002E000] [ M] 52. d:\program files\rising\antispyware\comx3.dll 003E0000[00019000] [ M] 53. d:\program files\rising\antispyware\syslay.dll 70000000[00019000] [ M] 49. d:\program files\rising\rfw\ijt_base.dll 75000000[0000F000] [ M] 50. d:\program files\rising\rfw\olemon.dll 00A70000[0011C000] [ M] 158. f:\复件 (2) mggg\krnln.fnr 01110000[00038000] [ M] 159. f:\复件 (2) mggg\htmlview.fne 71800000[0007C000] [ M] 56. c:\windows\system32\shdoclc.dll 01360000[00010400] [ M] 160. f:\复件 (2) mggg\xplib.fne 01400000[00028000] [ M] 58. d:\program files\rising\rav\ravscrch.dll 5ADC0000[00037000] [ M] 59. c:\windows\system32\uxtheme.dll 021C0000[0001C000] [AM] 38. c:\windows\system32\ravext.dll 72C80000[00008000] [ M] 81. c:\windows\system32\msacm32.drv + 000009e8(2536) stormliv.exe 00400000[0008A000] [ M] 161. d:\program files\stormii\stormliv.exe 75FF0000[00065000] [ M] 162. d:\program files\stormii\msvcp60.dll 60000000[00074000] [AM] 44. c:\windows\system32\kmon.dll 10000000[0002E000] [ M] 52. d:\program files\rising\antispyware\comx3.dll 00780000[00019000] [ M] 53. d:\program files\rising\antispyware\syslay.dll 022A0000[00015000] [ M] 163. d:\program files\stormii\bfoptdll.dll + 00000a18(2584) svchost.exe 5ADC0000[00037000] [ M] 59. c:\windows\system32\uxtheme.dll + 00000aa0(2720) ElementClient.exe 00400000[0057B000] [ M] 74. f:\game\完美世界\element\elementclient.exe 10000000[00016000] [ M] 75. f:\game\完美世界\element\zlibwapi.dll 00980000[000BC000] [ M] 76. f:\game\完美世界\element\elementskill.dll 00380000[0006F000] [ M] 77. f:\game\完美世界\element\speedtreert.dll 00A40000[00021000] [ M] 78. f:\game\完美世界\element\ftdriver.dll 003F0000[00006000] [ M] 79. f:\game\完美世界\element\immwrapper.dll 00A70000[00032000] [ M] 80. f:\game\完美世界\element\ifc22.dll 60000000[00074000] [AM] 44. c:\windows\system32\kmon.dll 012D0000[0002E000] [ M] 52. d:\program files\rising\antispyware\comx3.dll 01300000[00019000] [ M] 53. d:\program files\rising\antispyware\syslay.dll 72C80000[00008000] [ M] 81. c:\windows\system32\msacm32.drv + 00000c34(3124) svchost.exe 5ADC0000[00037000] [ M] 59. c:\windows\system32\uxtheme.dll + 00000d30(3376) alg.exe 5ADC0000[00037000] [ M] 59. c:\windows\system32\uxtheme.dll 60000000[00074000] [AM] 44. c:\windows\system32\kmon.dll 10000000[0002E000] [ M] 52. d:\program files\rising\antispyware\comx3.dll 00690000[00019000] [ M] 53. d:\program files\rising\antispyware\syslay.dll + 00000e5c(3676) knownsvr.exe 00400000[00072000] [ M] 164. d:\program files\rising\antispyware\knownsvr.exe 10000000[0002F000] [ M] 93. d:\program files\rising\antispyware\ncomm.dll 60000000[00074000] [AM] 44. c:\windows\system32\kmon.dll 009A0000[0002E000] [ M] 52. d:\program files\rising\antispyware\comx3.dll 009D0000[00019000] [ M] 53. d:\program files\rising\antispyware\syslay.dll + 00000ea4(3748) TTraveler.exe 00400000[00086000] [AM] 43. d:\program files\tencent\tt\bin\ttraveler.exe 10000000[00074000] [ M] 165. d:\program files\tencent\tt\bin\ttutilwidget.dll 7C630000[0001B000] [ M] 166. d:\program files\tencent\tt\bin\atl80.dll 7C420000[00087000] [ M] 167. d:\program files\tencent\tt\bin\msvcp80.dll 78130000[0009B000] [ M] 168. d:\program files\tencent\tt\bin\msvcr80.dll 0F000000[00006000] [ M] 169. d:\program files\tencent\tt\bin\detoured.dll 60000000[00074000] [AM] 44. c:\windows\system32\kmon.dll 009B0000[0002E000] [ M] 52. d:\program files\rising\antispyware\comx3.dll 009E0000[00019000] [ M] 53. d:\program files\rising\antispyware\syslay.dll 70000000[00019000] [ M] 49. d:\program files\rising\rfw\ijt_base.dll 75000000[0000F000] [ M] 50. d:\program files\rising\rfw\olemon.dll 00BD0000[00027000] [ M] 170. d:\program files\tencent\tt\bin\ttstore.dll 60900000[00048000] [ M] 171. d:\program files\tencent\tt\bin\sqlite3.dll 00D00000[00028000] [ M] 172. d:\program files\tencent\tt\bin\platformwidget.dll 00D30000[000D0000] [ M] 173. d:\program files\tencent\tt\bin\ttmainframe.dll 00E00000[00014000] [ M] 174. d:\program files\tencent\tt\bin\updateutil.dll 5ADC0000[00037000] [ M] 59. c:\windows\system32\uxtheme.dll 01600000[00048000] [ M] 175. d:\program files\tencent\tt\bin\ttmbrowser.dll 01760000[00037000] [ M] 176. d:\program files\tencent\tt\bin\ttabmgr.dll 01BD0000[0004A000] [ M] 177. d:\program files\tencent\tt\bin\ttskin.dll 6F2B0000[00065000] [ M] 178. d:\program files\tencent\tt\bin\vbscript.dll 02860000[00015000] [ M] 179. d:\program files\tencent\tt\bin\ttpluginmng.dll 02CB0000[0009A000] [ M] 180. d:\program files\tencent\tt\plugins\3ttweather\ttweather.dll 02E50000[00014000] [ M] 181. d:\program files\tencent\tt\plugins\webinfo\webtoolbar.dll 02E80000[00043000] [ M] 182. d:\program files\tencent\tt\bin\favoritelogical.dll 02FE0000[0005A000] [ M] 183. d:\program files\tencent\tt\bin\tthtmlapp.dll 03040000[00016000] [ M] 184. d:\program files\tencent\tt\bin\tsupport.dll 71800000[0007C000] [ M] 56. c:\windows\system32\shdoclc.dll 03DD0000[0001A000] [ M] 185. d:\program files\tencent\tt\bin\ttfilter.dll 03DF0000[0003B000] [ M] 186. d:\program files\tencent\tt\bin\ttnetwork.dll 040C0000[00028000] [ M] 58. d:\program files\rising\rav\ravscrch.dll 03EB0000[0001C000] [AM] 38. c:\windows\system32\ravext.dll 72C80000[00008000] [ M] 81. c:\windows\system32\msacm32.drv 03CD0000[0003C000] [ M] 187. d:\program files\tencent\tt\bin\ttsidebar.dll 30000000[003AF000] [ M] 99. c:\windows\system32\macromed\flash\flash9f.ocx