瑞星卡卡电脑诊断日志 v1.30 (2009-1-5 18:40:29) 北京瑞星信息技术有限公司 注释: [A]表示该文件存在自启动关联; [M]表示该文件在内存中; + 注册表自运行项目 + 系统服务 + HKLM\System\CurrentControlSet\Services acssrv [A ] 1. c:\program files\agnitum\outpost firewall pro\acs.exe Agnitum Ltd. Agnitum Outpost Service .text,.rdata,.data,.rsrc, ATI Smart [A ] 2. c:\windows\system32\ati2sgag.exe ATI Smart .text,.rdata,.data,.rsrc, ccosm [A ] 3. d:\stormii\stormliv.exe 北京暴风网际科技有限公司 暴风影音媒体控制中心 .text,.rdata,.data,.rsrc, EhttpSrv [A ] 4. c:\program files\eset\eset nod32 antivirus\ehttpsrv.exe ESET Eset HTTP Server Service .text,.rdata,.data,.rsrc, ekrn [AM] 5. c:\program files\eset\eset nod32 antivirus\ekrn.exe ESET Eset Service .text,.rdata,.data,.rsrc, FLEXnet Licensing Service [A ] 6. c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe Macrovision Europe Ltd. Activation Licensing Service .text,.rdata,.data,.rsrc, spupdsvc [A ] 7. c:\windows\system32\spupdsvc.exe Microsoft Corporation Update RunOnce Service .text,.data,.rsrc, UMWdf [A ] 8. c:\windows\system32\wdfmgr.exe Microsoft Corporation Windows User Mode Driver Manager .text,.data,.rsrc, + 内核驱动 + HKLM\System\CurrentControlSet\Services afw [A ] 9. c:\windows\system32\drivers\afw.sys Agnitum Ltd. Agnitum Firewall NDIS Driver .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, afwcore [A ] 10. c:\windows\system32\drivers\afwcore.sys Agnitum Ltd. Agnitum Firewall Core Driver .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, ALCXWDM [A ] 11. c:\windows\system32\drivers\alcxwdm.sys Realtek Semiconductor Corp. Realtek AC'97 Audio Driver (WDM) .text,_LTEXT,_PTEXT,.rdata,.data,.CRT,_LDATA,_PDATA,.data1,PAGE,INIT,.rsrc,.reloc, ASWFilt [A ] 12. c:\windows\system32\filt\aswfilt.dll Agnitum Ltd. Kernel Mode Anti-Spyware SandBox plug-in .text,.data,.edata,INIT,.rsrc,.reloc, bootdrv [A ] 13. c:\windows\system32\drivers\bootdrv.sys eamon [A ] 14. c:\windows\system32\drivers\eamon.sys ESET Amon monitor .text,.rdata,.data,.edata,INIT,.rsrc,.reloc, easdrv [A ] 15. c:\windows\system32\drivers\easdrv.sys ESET Eset AntiStealth driver .text,.rdata,.data,INIT,.rsrc,.reloc, epfwtdir [A ] 16. c:\windows\system32\drivers\epfwtdir.sys .text,.rdata,.data,.edata,INIT,.rsrc,.reloc, FETNDISB [A ] 17. c:\windows\system32\drivers\fetnd5b.sys VIA Technologies, Inc. NDIS 5.0 miniport driver .text,.rdata,.data,INIT,.rsrc,.reloc, FTCkillfile [A ] 18. c:\windows\system32\drivers\ftckillfile.sys FTCProtect [A ] 19. c:\windows\system32\drivers\ftcprotect.sys FTCProTime [A ] 20. c:\windows\system32\drivers\ftcprotime.sys GMSIPCI [A ] 21. h:\install\gmsipci.sys NTACCESS [A ] 22. h:\ntaccess.sys PxHelp20 [A ] 23. c:\windows\system32\drivers\pxhelp20.sys Sonic Solutions Px Engine Device Driver for Windows 2000/XP .text,.rdata,.data,INIT,.rsrc,.reloc, SandBox [A ] 24. c:\windows\system32\drivers\sandbox.sys Agnitum Ltd. Host Protection Component .text,.data,INIT,.rsrc,.reloc, Secdrv [A ] 25. c:\windows\system32\drivers\secdrv.sys Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. Macrovision SECURITY Driver .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, SetupNTGLM7X [A ] 26. h:\ntglm7x.sys TSKSP [A ] 27. d:\tencent\qqdoctor\tsksp.sys Tencent TSKSP .text,.rdata,.data,INIT,.rsrc,.reloc, viaagp1 [A ] 28. c:\windows\system32\drivers\viaagp1.sys VIA Technologies, Inc. VIA NT AGP Filter .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, vulfnths [A ] 29. c:\windows\system32\drivers\vulfnth.sys VIA Technologies, Inc. VIA USB Host Controller Lower Filter Driver .text,.rdata,PAGE,INIT,.rsrc,.reloc, vulfntrs [A ] 30. c:\windows\system32\drivers\vulfntr.sys VIA Technologies, Inc. VIA USB Roothub Lower Filter Driver .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, + 系统登陆自运行 + HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify AtiExtEvent [AM] 31. c:\windows\system32\ati2evxx.dll ATI Technologies Inc. ATI External Event Utility DLL Module .text,.rdata,.data,.rsrc,.reloc, + IE浏览器加载模块 + HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} [A ] 32. c:\windows\system32\kakatool.dll Beijing Rising Information Technology Co., Ltd. ToolBar .text,.rdata,.data,.rsrc,.reloc, + HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks {CFBFAE00-17A6-11D0-99CB-00C04FD64497} [AM] 33. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects {01443AEC-0FD1-40fd-9C87-E93D1494C233} [A ] 34. d:\thunder network\thunder\comdlls\tdatonce_now.dll Thunder Networking Technologies,LTD 迅雷浏览器高级特性支持模块 .text,.rdata,.data,.rsrc,.reloc, {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} [A ] 35. d:\bitcomet\tools\bitcometbho_1.2.8.7.dll BitComet BitCometBHO .text,.rdata,.data,.rsrc,.reloc, {889D2FEB-5411-4565-8998-1DD2C5261283} [AM] 36. d:\thunder network\thunder\comdlls\xunleibho_now.dll Thunder Networking Technologies,LTD XunLeiBHO .text,.rdata,.data,.rsrc,.reloc, {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [A ] 37. c:\windows\system32\urlfilter.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware UrlFilter Module .text,.rdata,.data,.rsrc,.reloc, {A986E409-30CC-4185-89BB-AB212C104524} [A ] 38. d:\ppliveva\downloadermanager.dll Synacast PP加速器感知下载特性支持模块 .text,.orpc,.rdata,.data,Shared1,.rsrc,.reloc, + HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions Exec [A ] 39. d:\thunder network\thunder\thunder.exe Thunder Networking Technologies,LTD .text,.rdata,.data,.rsrc, Exec [A ] 40. d:\pplive\pplive.exe .text,.rdata,.data,.rsrc, Exec [A ] 41. c:\program files\messenger\msmsgs.exe Microsoft Corporation Windows Messenger .text,.data,.rsrc, + 资源管理器加载模块 + HKLM\SOFTWARE\Classes\PROTOCOLS\Handler KuGoo [A ] 42. c:\windows\system32\kugoo3downxcontrol.ocx 酷狗 酷狗音乐控件 .text,.itext,.data,.bss,.idata,.edata,.reloc,.rsrc, KuGoo3 [A ] 42. c:\windows\system32\kugoo3downxcontrol.ocx 酷狗 酷狗音乐控件 .text,.itext,.data,.bss,.idata,.edata,.reloc,.rsrc, + HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} [A ] 43. c:\windows\system32\ieudinit.exe Microsoft Corporation IE Per User Active Setup Uninstall Utility .text,.data,.rsrc,.reloc, + HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers {F9DB5320-233E-11D1-9F84-707F02C10627} [AM] 44. c:\program files\common files\adobe\acrobat\activex\pdfshell.dll Adobe Systems, Inc. PDF Shell Extension .text,.orpc,.rdata,.data,.rsrc,.reloc, + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved HyperTerminal Icon Ext [A ] 45. c:\windows\system32\hticons.dll Hilgraeve, Inc. HyperTerminal Applet Library .text,.data,.rsrc,.reloc, IE Search Band [AM] 33. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, Shell DocObject Viewer [AM] 33. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, InternetShortcut [AM] 33. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, Microsoft Url History Service [AM] 33. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, History [AM] 33. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, Temporary Internet Files [AM] 33. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, Temporary Internet Files [AM] 33. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, Microsoft Url Search Hook [AM] 33. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, The Internet [AM] 33. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, Internet Name Space [AM] 33. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, WinRAR shell extension [A ] 46. d:\winrar\rarext.dll .text,.data,.tls,.idata,.edata,.rsrc,.reloc, IE Microsoft BrowserBand [AM] 33. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE Fade Task [AM] 33. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE Menu Desk Bar [AM] 33. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE AutoComplete [AM] 33. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE Navigation Bar [AM] 33. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE Menu Site [AM] 33. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE Menu Band [AM] 33. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE Microsoft History AutoComplete List [AM] 33. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE Tracking Shell Menu [AM] 33. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE IShellFolderBand [AM] 33. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE BandProxy [AM] 33. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE MRU AutoComplete List [AM] 33. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE RSS Feeder Folder [AM] 33. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE Microsoft Shell Folder AutoComplete List [AM] 33. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE Microsoft Multiple AutoComplete List Container [AM] 33. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, Microsoft Browser Architecture [AM] 33. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE Shell Rebar BandSite [AM] 33. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE Shell Band Site Menu [AM] 33. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, &Links [AM] 33. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE Registry Tree Options Utility [AM] 33. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE User Assist [AM] 33. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, IE Custom MRU AutoCompleted List [AM] 33. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, Eset Smart Security - Context Menu Shell Extension [A ] 47. c:\program files\eset\eset nod32 antivirus\shellext.dll ESET Shell Extension .text,.rdata,.data,.rsrc,.reloc, + 用户登陆自运行项目 + HKLM\Software\Microsoft\Windows\CurrentVersion\Run SoundMan [AM] 48. c:\windows\soundman.exe Realtek Semiconductor Corp. Realtek Sound Manager .text,.rdata,.data,.rsrc, egui [AM] 49. c:\program files\eset\eset nod32 antivirus\egui.exe ESET Eset GUI .text,.rdata,.data,.rsrc, OutpostMonitor [A ] 50. c:\program files\agnitum\outpost firewall pro\op_mon.exe Agnitum Ltd. Outpost User Interface ,,,.rsrc,,.data,.adata, OutpostFeedBack [A ] 51. c:\program files\agnitum\outpost firewall pro\feedback.exe Agnitum Ltd. FeedBack Utility .text,.rdata,.data,.rsrc, runeip [AM] 52. c:\program files\rising\antispyware\rstray.exe Beijing Rising Information Technology Co., Ltd. RSTray .text,.rdata,.data,.rsrc, + 映像劫持 + HKCR\Folder\shell Super Rabbit CDROM Eject [A ] 53. d:\super rabbit\magicset\srcd2.exe Super Rabbit Software UPX0,UPX1,.rsrc, + HKCR\.html htmlfile\Maxthon\Command [A ] 54. d:\maxthon\maxthon.exe Maxthon International Ltd. Maxthon Web Browser .text,.rdata,.data,.rsrc, htmlfile\open\Command [A ] 54. d:\maxthon\maxthon.exe Maxthon International Ltd. Maxthon Web Browser .text,.rdata,.data,.rsrc, + HKCR\.htm htmlfile\Maxthon\Command [A ] 54. d:\maxthon\maxthon.exe Maxthon International Ltd. Maxthon Web Browser .text,.rdata,.data,.rsrc, htmlfile\open\Command [A ] 54. d:\maxthon\maxthon.exe Maxthon International Ltd. Maxthon Web Browser .text,.rdata,.data,.rsrc, + HKCR\.mp3 Winamp.File.MP3\Enqueue\Command [A ] 55. d:\winamp\winamp.exe Nullsoft Winamp .text,.rdata,.data,.tls,.rsrc,.reloc, Winamp.File.MP3\ListBookmark\Command [A ] 55. d:\winamp\winamp.exe Nullsoft Winamp .text,.rdata,.data,.tls,.rsrc,.reloc, Winamp.File.MP3\open\Command [A ] 55. d:\winamp\winamp.exe Nullsoft Winamp .text,.rdata,.data,.tls,.rsrc,.reloc, Winamp.File.MP3\Play\Command [A ] 55. d:\winamp\winamp.exe Nullsoft Winamp .text,.rdata,.data,.tls,.rsrc,.reloc, + 程序初始化和已知动态连接库 + HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows AppInit_DLLs [AM] 56. c:\program files\agnitum\outpost firewall pro\wl_hook.dll Agnitum Ltd. Outpost Hooking Module .text,.rdata,.data,.rsrc,.reloc, [AM] 57. c:\windows\system32\kmon.dll Beijing Rising Information Technology Co., Ltd. KaKa Monitors .text,.rdata,.data,.rsrc,.reloc, + 正在运行的进程 + 000000dc(220) Explorer.EXE 00400000[00009000] [ M] 58. c:\windows\system32\normaliz.dll Microsoft Corporation Unicode Normalization DLL .text,.data,.rsrc,.reloc, 41D50000[00045000] [ M] 59. c:\windows\system32\iertutil.dll Microsoft Corporation Run time utility for Internet Explorer .text,.data,.rsrc,.reloc, 10000000[000B4000] [AM] 56. c:\program files\agnitum\outpost firewall pro\wl_hook.dll Agnitum Ltd. Outpost Hooking Module .text,.rdata,.data,.rsrc,.reloc, 60000000[00074000] [AM] 57. c:\windows\system32\kmon.dll Beijing Rising Information Technology Co., Ltd. KaKa Monitors .text,.rdata,.data,.rsrc,.reloc, 422B0000[005CD000] [AM] 33. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, 012A0000[0005B000] [AM] 44. c:\program files\common files\adobe\acrobat\activex\pdfshell.dll Adobe Systems, Inc. PDF Shell Extension .text,.orpc,.rdata,.data,.rsrc,.reloc, 013B0000[0004C000] [ M] 60. c:\program files\common files\adobe\acrobat\activex\pdfshell.chs Adobe Systems, Inc. PDF Shell Extension .rsrc,.reloc, 72C80000[00008000] [ M] 61. c:\windows\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, 02170000[00020000] [AM] 36. d:\thunder network\thunder\comdlls\xunleibho_now.dll Thunder Networking Technologies,LTD XunLeiBHO .text,.rdata,.data,.rsrc,.reloc, 24410000[0000E000] [ M] 62. d:\thunder network\thunder\components\resworker\dsbho_00.dll Thunder Networking Technologies,LTD DsBho .text,.rdata,.data,.rsrc,.reloc, 243C0000[0001E000] [ M] 63. d:\thunder network\thunder\components\resworker\dataprocessor_00.dll Thunder Networking Technologies,LTD DataProcessor .text,.rdata,.data,.rsrc,.reloc, + 00000234(564) ekrn.exe 00400000[00072000] [AM] 5. c:\program files\eset\eset nod32 antivirus\ekrn.exe ESET Eset Service .text,.rdata,.data,.rsrc, 60000000[00074000] [AM] 57. c:\windows\system32\kmon.dll Beijing Rising Information Technology Co., Ltd. KaKa Monitors .text,.rdata,.data,.rsrc,.reloc, 41D50000[00045000] [ M] 59. c:\windows\system32\iertutil.dll Microsoft Corporation Run time utility for Internet Explorer .text,.data,.rsrc,.reloc, 21E00000[0002F000] [ M] 64. c:\program files\eset\eset nod32 antivirus\ekrnscan.dll ESET Eset On-demmand Scanner Kernel .text,.rdata,.data,.rsrc,.reloc, 21300000[00461000] [ M] 65. c:\program files\eset\eset nod32 antivirus\ekrnamon.dll ESET Eset Amon Service .text,.rdata,.data,.rsrc,.reloc, 027B0000[00018000] [ M] 66. c:\program files\eset\eset nod32 antivirus\ekrnemon.dll ESET Eset Emon Service .text,.rdata,.data,.rsrc,.reloc, 20300000[0003F000] [ M] 67. c:\program files\eset\eset nod32 antivirus\ekrnepfw.dll ESET Eset Personal Firewall service .text,.rdata,.data,.rsrc,.reloc, 21100000[00021000] [ M] 68. c:\program files\eset\eset nod32 antivirus\ekrnupdate.dll ESET Eset Update Service .text,.rdata,.data,.rsrc,.reloc, 21000000[0002A000] [ M] 69. c:\program files\eset\eset nod32 antivirus\updater.dll ESET Eset Update Engine .text,.rdata,.data,.rsrc,.reloc, 22900000[00018000] [ M] 70. c:\program files\eset\eset nod32 antivirus\ekrnmailplugins.dll ESET Eset MailPlugins Service .text,.rdata,.data,.rsrc,.reloc, + 000002a8(680) SOUNDMAN.EXE 00400000[00010000] [AM] 48. c:\windows\soundman.exe Realtek Semiconductor Corp. Realtek Sound Manager .text,.rdata,.data,.rsrc, 10000000[000B4000] [AM] 56. c:\program files\agnitum\outpost firewall pro\wl_hook.dll Agnitum Ltd. Outpost Hooking Module .text,.rdata,.data,.rsrc,.reloc, 60000000[00074000] [AM] 57. c:\windows\system32\kmon.dll Beijing Rising Information Technology Co., Ltd. KaKa Monitors .text,.rdata,.data,.rsrc,.reloc, 41D50000[00045000] [ M] 59. c:\windows\system32\iertutil.dll Microsoft Corporation Run time utility for Internet Explorer .text,.data,.rsrc,.reloc, + 000002b4(692) egui.exe 00400000[00166000] [AM] 49. c:\program files\eset\eset nod32 antivirus\egui.exe ESET Eset GUI .text,.rdata,.data,.rsrc, 782E0000[0010F000] [ M] 71. c:\program files\eset\eset nod32 antivirus\mfc80u.dll Microsoft Corporation MFCDLL Shared Library - Retail Version .text,.data,.rsrc,.reloc, 60000000[00074000] [AM] 57. c:\windows\system32\kmon.dll Beijing Rising Information Technology Co., Ltd. KaKa Monitors .text,.rdata,.data,.rsrc,.reloc, 41D50000[00045000] [ M] 59. c:\windows\system32\iertutil.dll Microsoft Corporation Run time utility for Internet Explorer .text,.data,.rsrc,.reloc, 21C00000[00042000] [ M] 72. c:\program files\eset\eset nod32 antivirus\eguiscan.dll ESET Eset On-demmand Scanner GUI .text,.rdata,.data,.rsrc,.reloc, 21400000[00018000] [ M] 73. c:\program files\eset\eset nod32 antivirus\eguiamon.dll ESET Eset Amon GUI .text,.rdata,.data,.rsrc,.reloc, 21600000[00019000] [ M] 74. c:\program files\eset\eset nod32 antivirus\eguiemon.dll ESET Eset Emon GUI .text,.rdata,.data,.rsrc,.reloc, 20400000[000BB000] [ M] 75. c:\program files\eset\eset nod32 antivirus\eguiepfw.dll ESET Eset Personal Firewall UI .text,.rdata,.data,.rsrc,.reloc, 21200000[00036000] [ M] 76. c:\program files\eset\eset nod32 antivirus\eguiupdate.dll ESET Eset Update GUI .text,.rdata,.data,.rsrc,.reloc, 22B00000[00015000] [ M] 77. c:\program files\eset\eset nod32 antivirus\eguimailplugins.dll ESET Eset MailPlugins GUI .text,.rdata,.data,.rsrc,.reloc, + 00000308(776) rstray.exe 00400000[00023000] [AM] 52. c:\program files\rising\antispyware\rstray.exe Beijing Rising Information Technology Co., Ltd. RSTray .text,.rdata,.data,.rsrc, 10000000[000B4000] [AM] 56. c:\program files\agnitum\outpost firewall pro\wl_hook.dll Agnitum Ltd. Outpost Hooking Module .text,.rdata,.data,.rsrc,.reloc, 60000000[00074000] [AM] 57. c:\windows\system32\kmon.dll Beijing Rising Information Technology Co., Ltd. KaKa Monitors .text,.rdata,.data,.rsrc,.reloc, 41D50000[00045000] [ M] 59. c:\windows\system32\iertutil.dll Microsoft Corporation Run time utility for Internet Explorer .text,.data,.rsrc,.reloc, 00B70000[0003C000] [ M] 78. c:\program files\rising\antispyware\rsmginfo.dll Beijing Rising Information Technology Co., Ltd. rsmginfo .text,.rdata,.data,.rsrc,.reloc, 00BB0000[00009000] [ M] 58. c:\windows\system32\normaliz.dll Microsoft Corporation Unicode Normalization DLL .text,.data,.rsrc,.reloc, 23800000[00022000] [ M] 79. c:\program files\rising\antispyware\rsxml.dll Beijing Rising Information Technology Co., Ltd. RsXML .text,.rdata,.data,.rsrc,.reloc, 7C3A0000[0007B000] [ M] 80. c:\program files\rising\antispyware\msvcp71.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 7C340000[00056000] [ M] 81. c:\program files\rising\antispyware\msvcr71.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 00FA0000[00024000] [ M] 82. c:\program files\rising\antispyware\comserv.dll Beijing Rising Information Technology Co., Ltd. .text,.rdata,.data,.rsrc,.reloc, 00FD0000[00019000] [ M] 83. c:\program files\rising\antispyware\syslay.dll Beijing Rising Information Technology Co., Ltd. Syslay .text,.rdata,.data,.rsrc,.reloc, 23700000[00026000] [ M] 84. c:\program files\rising\antispyware\rscommon.dll Beijing Rising Information Technology Co., Ltd. Rising Common Function Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01010000[0002E000] [ M] 85. c:\program files\rising\antispyware\comx3.dll Beijing Rising Information Technology Co., Ltd. comx3 Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 23900000[00040000] [ M] 86. c:\program files\rising\antispyware\pngdll.dll Beijing Rising Information Technology Co., Ltd. Rising .Png File Loader Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01320000[00068000] [ M] 87. c:\program files\rising\antispyware\runiep.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware tray .text,.rdata,.data,.rsrc,.reloc, 014C0000[00034000] [ M] 88. c:\program files\rising\antispyware\ncomm.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 01500000[0001F000] [ M] 89. c:\program files\rising\antispyware\proccom.dll Beijing Rising Information Technology Co., Ltd. ProcessC Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01520000[00024000] [ M] 90. c:\program files\rising\antispyware\rscommx2.dll Beijing Rising Information Technology Co., Ltd. RsCommX2 .text,.rdata,.data,.rsrc,.reloc, + 00000344(836) ctfmon.exe 10000000[000B4000] [AM] 56. c:\program files\agnitum\outpost firewall pro\wl_hook.dll Agnitum Ltd. Outpost Hooking Module .text,.rdata,.data,.rsrc,.reloc, 60000000[00074000] [AM] 57. c:\windows\system32\kmon.dll Beijing Rising Information Technology Co., Ltd. KaKa Monitors .text,.rdata,.data,.rsrc,.reloc, 41D50000[00045000] [ M] 59. c:\windows\system32\iertutil.dll Microsoft Corporation Run time utility for Internet Explorer .text,.data,.rsrc,.reloc, + 00000370(880) smss.exe + 000003b8(952) csrss.exe + 000003e8(1000) winlogon.exe 10000000[000B4000] [AM] 56. c:\program files\agnitum\outpost firewall pro\wl_hook.dll Agnitum Ltd. Outpost Hooking Module .text,.rdata,.data,.rsrc,.reloc, 00E80000[00010000] [AM] 31. c:\windows\system32\ati2evxx.dll ATI Technologies Inc. ATI External Event Utility DLL Module .text,.rdata,.data,.rsrc,.reloc, 72C80000[00008000] [ M] 61. c:\windows\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, + 00000420(1056) services.exe 10000000[000B4000] [AM] 56. c:\program files\agnitum\outpost firewall pro\wl_hook.dll Agnitum Ltd. Outpost Hooking Module .text,.rdata,.data,.rsrc,.reloc, + 0000042c(1068) lsass.exe + 000004c8(1224) knownsvr.exe 00400000[00072000] [ M] 91. c:\program files\rising\antispyware\knownsvr.exe Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc, 10000000[00034000] [ M] 88. c:\program files\rising\antispyware\ncomm.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 00380000[00009000] [ M] 58. c:\windows\system32\normaliz.dll Microsoft Corporation Unicode Normalization DLL .text,.data,.rsrc,.reloc, 41D50000[00045000] [ M] 59. c:\windows\system32\iertutil.dll Microsoft Corporation Run time utility for Internet Explorer .text,.data,.rsrc,.reloc, 00A60000[000B4000] [AM] 56. c:\program files\agnitum\outpost firewall pro\wl_hook.dll Agnitum Ltd. Outpost Hooking Module .text,.rdata,.data,.rsrc,.reloc, 60000000[00074000] [AM] 57. c:\windows\system32\kmon.dll Beijing Rising Information Technology Co., Ltd. KaKa Monitors .text,.rdata,.data,.rsrc,.reloc, 00EB0000[0002E000] [ M] 85. c:\program files\rising\antispyware\comx3.dll Beijing Rising Information Technology Co., Ltd. comx3 Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00EE0000[00019000] [ M] 83. c:\program files\rising\antispyware\syslay.dll Beijing Rising Information Technology Co., Ltd. Syslay .text,.rdata,.data,.rsrc,.reloc, + 000004e4(1252) svchost.exe + 00000570(1392) svchost.exe + 0000060c(1548) svchost.exe 00D80000[00009000] [ M] 58. c:\windows\system32\normaliz.dll Microsoft Corporation Unicode Normalization DLL .text,.data,.rsrc,.reloc, 41D50000[00045000] [ M] 59. c:\windows\system32\iertutil.dll Microsoft Corporation Run time utility for Internet Explorer .text,.data,.rsrc,.reloc, + 00000640(1600) svchost.exe + 0000064c(1612) conime.exe 10000000[000B4000] [AM] 56. c:\program files\agnitum\outpost firewall pro\wl_hook.dll Agnitum Ltd. Outpost Hooking Module .text,.rdata,.data,.rsrc,.reloc, 60000000[00074000] [AM] 57. c:\windows\system32\kmon.dll Beijing Rising Information Technology Co., Ltd. KaKa Monitors .text,.rdata,.data,.rsrc,.reloc, 00B30000[0002E000] [ M] 85. c:\program files\rising\antispyware\comx3.dll Beijing Rising Information Technology Co., Ltd. comx3 Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00B60000[00019000] [ M] 83. c:\program files\rising\antispyware\syslay.dll Beijing Rising Information Technology Co., Ltd. Syslay .text,.rdata,.data,.rsrc,.reloc, 41D50000[00045000] [ M] 59. c:\windows\system32\iertutil.dll Microsoft Corporation Run time utility for Internet Explorer .text,.data,.rsrc,.reloc, + 0000071c(1820) spoolsv.exe 10000000[000B4000] [AM] 56. c:\program files\agnitum\outpost firewall pro\wl_hook.dll Agnitum Ltd. Outpost Hooking Module .text,.rdata,.data,.rsrc,.reloc, + 000007a8(1960) ras.exe 00400000[0000B000] [ M] 92. c:\program files\rising\antispyware\ras.exe Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc, 7C140000[00103000] [ M] 93. c:\program files\rising\antispyware\mfc71.dll Microsoft Corporation MFCDLL Shared Library - Retail Version .text,.data,.rsrc,.reloc, 7C340000[00056000] [ M] 81. c:\program files\rising\antispyware\msvcr71.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 10000000[000B4000] [AM] 56. c:\program files\agnitum\outpost firewall pro\wl_hook.dll Agnitum Ltd. Outpost Hooking Module .text,.rdata,.data,.rsrc,.reloc, 60000000[00074000] [AM] 57. c:\windows\system32\kmon.dll Beijing Rising Information Technology Co., Ltd. KaKa Monitors .text,.rdata,.data,.rsrc,.reloc, 41D50000[00045000] [ M] 59. c:\windows\system32\iertutil.dll Microsoft Corporation Run time utility for Internet Explorer .text,.data,.rsrc,.reloc, 00CB0000[00047000] [ M] 94. c:\program files\rising\antispyware\kakamgr.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 7C3A0000[0007B000] [ M] 80. c:\program files\rising\antispyware\msvcp71.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 00D00000[00019000] [ M] 83. c:\program files\rising\antispyware\syslay.dll Beijing Rising Information Technology Co., Ltd. Syslay .text,.rdata,.data,.rsrc,.reloc, 00D30000[0001F000] [ M] 89. c:\program files\rising\antispyware\proccom.dll Beijing Rising Information Technology Co., Ltd. ProcessC Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00D50000[00024000] [ M] 90. c:\program files\rising\antispyware\rscommx2.dll Beijing Rising Information Technology Co., Ltd. RsCommX2 .text,.rdata,.data,.rsrc,.reloc, 00EA0000[0002E000] [ M] 85. c:\program files\rising\antispyware\comx3.dll Beijing Rising Information Technology Co., Ltd. comx3 Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01110000[00058000] [ M] 95. c:\program files\rising\antispyware\dbmgr.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 23800000[00022000] [ M] 79. c:\program files\rising\antispyware\rsxml.dll Beijing Rising Information Technology Co., Ltd. RsXML .text,.rdata,.data,.rsrc,.reloc, 01270000[0002D000] [ M] 96. c:\program files\rising\antispyware\pweb.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 012A0000[000C1000] [ M] 97. c:\program files\rising\antispyware\pscan.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 01370000[00009000] [ M] 58. c:\windows\system32\normaliz.dll Microsoft Corporation Unicode Normalization DLL .text,.data,.rsrc,.reloc, 01380000[00034000] [ M] 88. c:\program files\rising\antispyware\ncomm.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 01620000[00070000] [ M] 98. c:\program files\rising\antispyware\pset.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 01690000[0002A000] [ M] 99. c:\program files\rising\antispyware\pdefend.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 016C0000[000B6000] [ M] 100. c:\program files\rising\antispyware\ptools.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 01880000[0008D000] [ M] 101. c:\program files\rising\antispyware\psysinfo.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 422B0000[005CD000] [AM] 33. c:\windows\system32\ieframe.dll Microsoft Corporation Internet Explorer .text,.data,.rsrc,.reloc, 23900000[00040000] [ M] 86. c:\program files\rising\antispyware\pngdll.dll Beijing Rising Information Technology Co., Ltd. Rising .Png File Loader Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 038E0000[00475000] [ M] 102. c:\windows\system32\macromed\flash\flash10a.ocx Adobe Systems, Inc. Adobe Flash Player 10.0 r12 .text,.rdata,.data,.rodata,.rsrc,.reloc, 72C80000[00008000] [ M] 61. c:\windows\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, 04FB0000[00024000] [ M] 103. c:\program files\rising\antispyware\secscan.dll Beijing Rising Information Technology Co., Ltd. SecScan Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 050D0000[00018000] [ M] 104. c:\program files\rising\antispyware\secex.dll Beijing Rising Information Technology Co., Ltd. SecScanE Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 053C0000[0002F000] [ M] 105. c:\program files\rising\antispyware\engine.dll Beijing Rising Information Technology Co., Ltd. kaka engine .text,.rdata,.data,.rsrc,.reloc, 053A0000[0000F000] [ M] 106. c:\program files\rising\antispyware\zip.dll Beijing Rising Information Technology Co., Ltd. zip .text,.rdata,.data,.rsrc,.reloc, 61930000[0004A000] [ M] 107. c:\program files\internet explorer\ieproxy.dll Microsoft Corporation IE ActiveX Interface Marshaling Library .text,.orpc,.data,.rsrc,.reloc,