瑞星卡卡电脑诊断日志 v1.30 (2010-2-17 18:17:27) 北京瑞星信息技术有限公司 注释: [A]表示该文件存在自启动关联; [M]表示该文件在内存中; + 注册表自运行项目 + 系统服务 + HKLM\System\CurrentControlSet\Services MDM [AM] 1. c:\program files\common files\microsoft shared\vs7debug\mdm.exe ose [A ] 2. c:\program files\common files\microsoft shared\source engine\ose.exe RsRisMon [AM] 3. f:\program files\rising\ris\ravmond.exe + 内核驱动 + HKLM\System\CurrentControlSet\Services HDAudBus [A ] 4. c:\windows\system32\drivers\hdaudbus.sys hookcont [A ] 5. c:\windows\system32\drivers\hookcont.sys hooksys [A ] 6. c:\windows\system32\drivers\hooksys.sys ialm [A ] 7. c:\windows\system32\drivers\igxpmp32.sys IntcAzAudAddService [A ] 8. c:\windows\system32\drivers\rtkhdaud.sys RFWARP [A ] 9. c:\windows\system32\drivers\rfwarp.sys RfwBase9 [A ] 10. c:\windows\system32\drivers\rfwbase.sys rfwtdi [A ] 11. f:\program files\rising\ris\rfwtdi.sys rsassist [A ] 12. c:\windows\system32\drivers\rsassist.sys rsfwdrv [A ] 13. f:\program files\rising\ris\rsfwdrv.sys RsNTGDI [A ] 14. c:\windows\system32\drivers\rsntgdi.sys RsProtect [A ] 15. c:\windows\system32\drivers\rsptect.sys RTLE8023xp [A ] 16. c:\windows\system32\drivers\rtenicxp.sys Secdrv [A ] 17. c:\windows\system32\drivers\secdrv.sys + 文件系统驱动 + HKLM\System\CurrentControlSet\Services exFat [A ] 18. c:\windows\system32\drivers\exfat.sys + 系统登陆自运行 + HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify igfxcui [AM] 19. c:\windows\system32\igfxdev.dll + IE浏览器加载模块 + HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} [A ] 20. c:\windows\system32\kakatool.dll + HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks {CFBFAE00-17A6-11D0-99CB-00C04FD64497} [AM] 21. c:\windows\system32\ieframe.dll + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [A ] 22. c:\windows\system32\urlfilter.dll + HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions Exec [AM] 23. c:\program files\messenger\msmsgs.exe + 资源管理器加载模块 + HKLM\SOFTWARE\Classes\PROTOCOLS\Filter text/xml [AM] 24. c:\program files\common files\microsoft shared\office11\msoxmlmf.dll + HKLM\SOFTWARE\Classes\PROTOCOLS\Handler ms-itss [A ] 25. c:\program files\common files\microsoft shared\information retrieval\msitss.dll mso-offdap11 [A ] 26. c:\program files\common files\microsoft shared\web components\11\owc11.dll + HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} [A ] 27. c:\windows\system32\ieudinit.exe + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved HyperTerminal Icon Ext [A ] 28. c:\windows\system32\hticons.dll IE Search Band [AM] 21. c:\windows\system32\ieframe.dll Shell DocObject Viewer [AM] 21. c:\windows\system32\ieframe.dll InternetShortcut [AM] 21. c:\windows\system32\ieframe.dll Microsoft Url History Service [AM] 21. c:\windows\system32\ieframe.dll History [AM] 21. c:\windows\system32\ieframe.dll Temporary Internet Files [AM] 21. c:\windows\system32\ieframe.dll Temporary Internet Files [AM] 21. c:\windows\system32\ieframe.dll Microsoft Url Search Hook [AM] 21. c:\windows\system32\ieframe.dll The Internet [AM] 21. c:\windows\system32\ieframe.dll Internet Name Space [AM] 21. c:\windows\system32\ieframe.dll WinRAR shell extension [A ] 29. c:\program files\winrar\rarext.dll Microsoft Office HTML Icon Handler [A ] 30. c:\program files\microsoft office\office11\msohev.dll Web Folders [A ] 31. c:\program files\common files\microsoft shared\web folders\msonsext.dll IE Microsoft BrowserBand [AM] 21. c:\windows\system32\ieframe.dll IE Fade Task [AM] 21. c:\windows\system32\ieframe.dll IE Menu Desk Bar [AM] 21. c:\windows\system32\ieframe.dll IE AutoComplete [AM] 21. c:\windows\system32\ieframe.dll IE Navigation Bar [AM] 21. c:\windows\system32\ieframe.dll IE Menu Site [AM] 21. c:\windows\system32\ieframe.dll IE Menu Band [AM] 21. c:\windows\system32\ieframe.dll IE Microsoft History AutoComplete List [AM] 21. c:\windows\system32\ieframe.dll IE Tracking Shell Menu [AM] 21. c:\windows\system32\ieframe.dll IE IShellFolderBand [AM] 21. c:\windows\system32\ieframe.dll IE BandProxy [AM] 21. c:\windows\system32\ieframe.dll IE MRU AutoComplete List [AM] 21. c:\windows\system32\ieframe.dll IE RSS Feeder Folder [AM] 21. c:\windows\system32\ieframe.dll IE Microsoft Shell Folder AutoComplete List [AM] 21. c:\windows\system32\ieframe.dll IE Microsoft Multiple AutoComplete List Container [AM] 21. c:\windows\system32\ieframe.dll IE Shell Rebar BandSite [AM] 21. c:\windows\system32\ieframe.dll IE Shell Band Site Menu [AM] 21. c:\windows\system32\ieframe.dll &Links [AM] 21. c:\windows\system32\ieframe.dll IE Registry Tree Options Utility [AM] 21. c:\windows\system32\ieframe.dll IE Custom MRU AutoCompleted List [AM] 21. c:\windows\system32\ieframe.dll RISING [A ] 32. c:\windows\system32\ravext.dll Microsoft.XPS.Shell.Metadata.1 [A ] 33. c:\windows\system32\xpsshhdr.dll Microsoft.XPS.Shell.Thumbnail.1 [A ] 33. c:\windows\system32\xpsshhdr.dll IE History and Feeds Shell Data Source for Windows Search [AM] 21. c:\windows\system32\ieframe.dll Microsoft Web Browser [AM] 21. c:\windows\system32\ieframe.dll + 用户登陆自运行项目 + HKCU\Software\Microsoft\Windows\CurrentVersion\Run MSMSGS [AM] 23. c:\program files\messenger\msmsgs.exe + HKLM\Software\Microsoft\Windows\CurrentVersion\Run IgfxTray [AM] 34. c:\windows\system32\igfxtray.exe HotKeysCmds [AM] 35. c:\windows\system32\hkcmd.exe Persistence [AM] 36. c:\windows\system32\igfxpers.exe RTHDCPL [AM] 37. c:\windows\rthdcpl.exe Alcmtr [A ] 38. c:\windows\alcmtr.exe IMSCMig [A ] 39. c:\program files\common files\microsoft shared\ime\imsc40a\imscmig.exe RisTray [AM] 40. f:\program files\rising\ris\rstray.exe runeip [AM] 41. f:\新建文件夹3\rstray.exe + 开机执行 + HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order BootExecute [A ] 42. c:\windows\system32\bsmain.exe + 映像劫持 + HKCR\.html htmlfile\Edit\Command [A ] 43. c:\program files\microsoft office\office11\msohtmed.exe htmlfile\Print\Command [A ] 43. c:\program files\microsoft office\office11\msohtmed.exe + HKCR\.htm htmlfile\Edit\Command [A ] 43. c:\program files\microsoft office\office11\msohtmed.exe htmlfile\Print\Command [A ] 43. c:\program files\microsoft office\office11\msohtmed.exe + HKCR\.mp3 kwfile_mp3\open\Command [AM] 44. f:\kwmusic\kwmusic.exe kwfile_mp3\openkw\Command [AM] 44. f:\kwmusic\kwmusic.exe kwfile_mp3\playlist\Command [AM] 44. f:\kwmusic\kwmusic.exe + 打印机监控 + HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors Microsoft Document Imaging Writer Monitor [AM] 45. c:\windows\system32\mdimon.dll + 其他自启动项目 + C:\WINDOWS\Tasks User_Feed_Synchronization-{D43BE6F8-2665-4566-9DAF-316E7A588255}.job [A ] 46. c:\windows\system32\msfeedssync.exe + 正在运行的进程 + 00000088(136) AgentSvr.exe + 00000154(340) iexplore.exe 3DFD0000[001E8000] [ M] 47. c:\windows\system32\iertutil.dll 3E1C0000[00A93000] [AM] 21. c:\windows\system32\ieframe.dll 451F0000[00006000] [ M] 48. c:\program files\internet explorer\xpshims.dll 00B50000[00009000] [ M] 49. c:\windows\system32\normaliz.dll 439B0000[00040000] [ M] 50. c:\program files\internet explorer\ieproxy.dll 72EA0000[0006F000] [ M] 51. c:\windows\system32\ieapfltr.dll 10000000[00019000] [ M] 52. f:\program files\rising\ris\ravscrch.dll 7C3A0000[0007B000] [ M] 53. c:\windows\system32\msvcp71.dll 7C340000[00056000] [ M] 54. c:\windows\system32\msvcr71.dll 72C80000[00008000] [ M] 55. c:\windows\system32\msacm32.drv + 00000220(544) igfxtray.exe 00400000[00022000] [AM] 34. c:\windows\system32\igfxtray.exe 10000000[0001A000] [ M] 56. c:\windows\system32\hccutils.dll 00AB0000[00010000] [ M] 57. c:\windows\system32\igfxsrvc.dll 00DE0000[0001B000] [ M] 58. c:\windows\system32\igfxres.dll 00E00000[00324000] [ M] 59. c:\windows\system32\igfxress.dll + 00000228(552) hkcmd.exe 00400000[0002A000] [AM] 35. c:\windows\system32\hkcmd.exe 10000000[0001A000] [ M] 56. c:\windows\system32\hccutils.dll 00AA0000[00010000] [ M] 57. c:\windows\system32\igfxsrvc.dll 00DE0000[0001B000] [ M] 58. c:\windows\system32\igfxres.dll + 00000254(596) igfxpers.exe 00400000[00023000] [AM] 36. c:\windows\system32\igfxpers.exe 10000000[00010000] [ M] 57. c:\windows\system32\igfxsrvc.dll + 0000027c(636) RTHDCPL.EXE 00400000[010ED000] [AM] 37. c:\windows\rthdcpl.exe 72C80000[00008000] [ M] 55. c:\windows\system32\msacm32.drv + 000002e0(736) RsTray.exe 00400000[0002C000] [AM] 40. f:\program files\rising\ris\rstray.exe 10000000[00031000] [ M] 60. f:\program files\rising\ris\comserv.dll 23700000[00023000] [ M] 61. f:\program files\rising\ris\rslang.dll 00A80000[0002D000] [ M] 62. f:\program files\rising\ris\comx3.dll 00AB0000[00019000] [ M] 63. f:\program files\rising\ris\syslay.dll 00DB0000[00019000] [ M] 64. f:\program files\rising\ris\proccomm.dll 23800000[00039000] [ M] 65. f:\program files\rising\ris\rsxml.dll 00FF0000[00013000] [ M] 66. f:\program files\rising\ris\monstate.dll 01020000[00016000] [ M] 67. f:\program files\rising\ris\scanevnt.dll 26600000[00078000] [ M] 68. f:\program files\rising\ris\rsguilib.dll 01060000[00017000] [ M] 69. f:\program files\rising\ris\rsconf.dll 01090000[0000C000] [ M] 70. f:\program files\rising\ris\rfwrule.dll 7C3A0000[0007B000] [ M] 53. c:\windows\system32\msvcp71.dll 7C340000[00056000] [ M] 54. c:\windows\system32\msvcr71.dll 010B0000[00022000] [ M] 71. f:\program files\rising\ris\rspalvd.dll 010F0000[0007E000] [ M] 72. f:\program files\rising\ris\rsnetsvr.dll 33000000[00026000] [ M] 73. f:\program files\rising\ris\ravbintl.dll 01180000[00009000] [ M] 49. c:\windows\system32\normaliz.dll 3DFD0000[001E8000] [ M] 47. c:\windows\system32\iertutil.dll 01460000[0007D000] [ M] 74. f:\program files\rising\ris\mruleui.dll 014E0000[0007D000] [ M] 75. f:\program files\rising\ris\montray.dll 34500000[00020000] [ M] 76. f:\program files\rising\ris\ravitray.dll 01560000[00052000] [ M] 77. f:\program files\rising\ris\rfwtray.dll 015E0000[0004C000] [ M] 78. f:\program files\rising\ris\rsmginfo.dll 01640000[00013000] [ M] 79. f:\program files\rising\ris\scanleak.dll 32000000[00088000] [ M] 80. f:\program files\rising\ris\ravppops.dll 019D0000[0000E000] [ M] 81. f:\program files\rising\ris\rsappmgr.dll 019F0000[00044000] [ M] 82. f:\program files\rising\ris\cfgdll.dll 23900000[00040000] [ M] 83. f:\program files\rising\ris\pngdll.dll 02130000[00080000] [ M] 84. f:\program files\rising\ris\scanprxy.dll 022F0000[00082000] [ M] 85. f:\program files\rising\ris\rfwlog.dll + 00000304(772) rstray.exe 00400000[00034000] [AM] 41. f:\新建文件夹3\rstray.exe 00380000[00009000] [ M] 49. c:\windows\system32\normaliz.dll 3DFD0000[001E8000] [ M] 47. c:\windows\system32\iertutil.dll 10000000[0004C000] [ M] 86. f:\新建文件夹3\rsmginfo.dll 23800000[00022000] [ M] 87. f:\新建文件夹3\rsxml.dll 7C3A0000[0007B000] [ M] 88. f:\新建文件夹3\msvcp71.dll 7C340000[00056000] [ M] 89. f:\新建文件夹3\msvcr71.dll 00F60000[00024000] [ M] 90. f:\新建文件夹3\comserv.dll 00E40000[00019000] [ M] 91. f:\新建文件夹3\syslay.dll 23700000[00026000] [ M] 92. f:\新建文件夹3\rscommon.dll 00FB0000[0002D000] [ M] 93. f:\新建文件夹3\comx3.dll 23900000[00040000] [ M] 94. f:\新建文件夹3\pngdll.dll 012C0000[00067000] [ M] 95. f:\新建文件夹3\runiep.dll 01330000[00034000] [ M] 96. f:\新建文件夹3\ncomm.dll 01390000[0001F000] [ M] 97. f:\新建文件夹3\proccom.dll 013B0000[00024000] [ M] 98. f:\新建文件夹3\rscommx2.dll + 0000031c(796) ctfmon.exe + 00000338(824) msmsgs.exe 01000000[001A3000] [AM] 23. c:\program files\messenger\msmsgs.exe 00400000[00009000] [ M] 49. c:\windows\system32\normaliz.dll 3DFD0000[001E8000] [ M] 47. c:\windows\system32\iertutil.dll + 00000398(920) smss.exe + 000003d0(976) csrss.exe + 000003e8(1000) winlogon.exe 72C80000[00008000] [ M] 55. c:\windows\system32\msacm32.drv 10000000[00035000] [AM] 19. c:\windows\system32\igfxdev.dll + 00000414(1044) services.exe + 00000420(1056) lsass.exe + 0000044c(1100) MDM.EXE 00400000[0004D000] [AM] 1. c:\program files\common files\microsoft shared\vs7debug\mdm.exe 51810000[00006000] [ M] 99. c:\program files\common files\microsoft shared\vs7debug\2052\mdmui.dll + 00000464(1124) svchost.exe 007B0000[00009000] [ M] 49. c:\windows\system32\normaliz.dll 3DFD0000[001E8000] [ M] 47. c:\windows\system32\iertutil.dll + 000004cc(1228) svchost.exe + 00000510(1296) svchost.exe + 0000058c(1420) RavMonD.exe 00400000[0002F000] [AM] 3. f:\program files\rising\ris\ravmond.exe 10000000[00032000] [ M] 100. f:\program files\rising\ris\combase.dll 011C0000[00086000] [ M] 101. f:\program files\rising\ris\cnt09.dll 01130000[00019000] [ M] 102. f:\program files\rising\ris\moncomm.dll 01250000[0001D000] [ M] 103. f:\program files\rising\ris\monbase.dll 01470000[00084000] [ M] 104. f:\program files\rising\ris\rslog.dll 01620000[00018000] [ M] 105. f:\program files\rising\ris\mondrv.dll 01650000[0002E000] [ M] 106. f:\program files\rising\ris\defmon.dll 01690000[00010000] [ M] 107. f:\program files\rising\ris\moncom08.dll 016B0000[0007E000] [ M] 108. f:\program files\rising\ris\monrule.dll 01760000[00027000] [ M] 109. f:\program files\rising\ris\filemon.dll 017A0000[0002F000] [ M] 110. f:\program files\rising\ris\mailmon.dll 017E0000[00015000] [ M] 111. f:\program files\rising\ris\hookweb.dll 01820000[00082000] [ M] 85. f:\program files\rising\ris\rfwlog.dll 018D0000[0000C000] [ M] 70. f:\program files\rising\ris\rfwrule.dll 7C3A0000[0007B000] [ M] 53. c:\windows\system32\msvcp71.dll 7C340000[00056000] [ M] 54. c:\windows\system32\msvcr71.dll 018F0000[0004A000] [ M] 112. f:\program files\rising\ris\rfwsrv.dll 01940000[00019000] [ M] 63. f:\program files\rising\ris\syslay.dll 01980000[0001B000] [ M] 113. f:\program files\rising\ris\mports.dll 019B0000[00011000] [ M] 114. f:\program files\rising\ris\rfwdrvc.dll 019E0000[00011000] [ M] 115. f:\program files\rising\ris\rfwdrv.dll 01D10000[0007E000] [ M] 72. f:\program files\rising\ris\rsnetsvr.dll 01EA0000[00011000] [ M] 116. f:\program files\rising\ris\rfwarp.dll 01ED0000[0002D000] [ M] 62. f:\program files\rising\ris\comx3.dll 02340000[00014000] [ M] 117. f:\program files\rising\ris\urlrule.dll 02360000[0003B000] [ M] 118. f:\program files\rising\ris\recomp.dll 023B0000[00038000] [ M] 119. f:\program files\rising\ris\refs.dll 02750000[00030000] [ M] 120. f:\program files\rising\ris\viruslib.dll 02780000[00029000] [ M] 121. f:\program files\rising\ris\relibldr.dll 02800000[0003F000] [ M] 122. f:\program files\rising\ris\rfwproxy.dll 02840000[00009000] [ M] 49. c:\windows\system32\normaliz.dll 3DFD0000[001E8000] [ M] 47. c:\windows\system32\iertutil.dll 23700000[00023000] [ M] 61. f:\program files\rising\ris\rslang.dll 03270000[0008C000] [ M] 123. f:\program files\rising\ris\rsindent.dll 03310000[00018000] [ M] 124. f:\program files\rising\ris\taskplug.dll 03340000[00012000] [ M] 125. f:\program files\rising\ris\scansrvp.dll 03770000[0001D000] [ M] 126. f:\program files\rising\ris\cnt08.dll 039F0000[00019000] [ M] 64. f:\program files\rising\ris\proccomm.dll 03D20000[0000E000] [ M] 81. f:\program files\rising\ris\rsappmgr.dll 03D40000[00044000] [ M] 82. f:\program files\rising\ris\cfgdll.dll 03FC0000[00020000] [ M] 127. f:\program files\rising\ris\hooksys.dll 04070000[0001F000] [ M] 128. f:\program files\rising\ris\proccom.dll 04090000[00024000] [ M] 129. f:\program files\rising\ris\rscommx2.dll 042E0000[00013000] [ M] 130. f:\program files\rising\ris\hookcont.dll 04420000[00077000] [ M] 131. f:\program files\rising\ris\bacore.dll 04A10000[00016000] [ M] 132. f:\program files\rising\ris\bawhite.dll 04C60000[0002B000] [ M] 133. f:\program files\rising\ris\rsstore.dll 04D10000[00043000] [ M] 134. f:\program files\rising\ris\scanner.dll 04A90000[0001B000] [ M] 135. f:\program files\rising\ris\scanadd.dll 058E0000[0001C000] [ M] 136. f:\program files\rising\ris\ncomm2.dll 05910000[00028000] [ M] 137. f:\program files\rising\ris\rstask.dll 05950000[00018000] [ M] 138. f:\program files\rising\ris\rsstub.dll 059A0000[0001A000] [ M] 139. f:\program files\rising\ris\scansrv.dll 07040000[0002B000] [ M] 140. f:\program files\rising\ris\scanpe.dll 07080000[00029000] [ M] 141. f:\program files\rising\ris\pearc.dll 07F70000[0001B000] [ M] 142. f:\program files\rising\ris\ur000.dat 09CB0000[00035000] [ M] 143. f:\program files\rising\ris\urutils.dll 09F20000[00032000] [ M] 144. f:\program files\rising\ris\ffr.dll 09F60000[00022000] [ M] 145. f:\program files\rising\ris\nvfile.dll 13AB0000[00045000] [ M] 146. f:\program files\rising\ris\scanexec.dll 0A4C0000[002DD000] [ M] 147. f:\program files\rising\ris\unexe.dll 0A7A0000[000E0000] [ M] 148. f:\program files\rising\ris\scanex.dll 0A9A0000[00011000] [ M] 149. f:\program files\rising\ris\scantj.dll 0BA20000[00085000] [ M] 150. f:\program files\rising\ris\methodex.dll 0EEB0000[000B9000] [ M] 151. f:\program files\rising\ris\revm.dll 0EB20000[0003E000] [ M] 152. f:\program files\rising\ris\heurex.dll 0EB70000[00022000] [ M] 153. f:\program files\rising\ris\pecompd.dll 0EBB0000[0001D000] [ M] 154. f:\program files\rising\ris\extsfx.dll 0F500000[0001C000] [ M] 155. f:\program files\rising\ris\scanravt.dll 10E60000[0009B000] [ M] 156. f:\program files\rising\ris\scanbt.dll 0F530000[00019000] [ M] 157. f:\program files\rising\ris\scanstub.dll 115D0000[0000E000] [ M] 158. f:\program files\rising\ris\urllib.dll 11260000[00099000] [ M] 159. f:\program files\rising\ris\extarch.dll 11300000[0005A000] [ M] 160. f:\program files\rising\ris\extcomp.dll 01370000[00023000] [ M] 161. f:\program files\rising\ris\scansct.dll 02980000[00045000] [ M] 162. f:\program files\rising\ris\extole.dll 14210000[0003A000] [ M] 163. f:\program files\rising\ris\extmail.dll 0B7E0000[00011000] [ M] 164. f:\program files\rising\ris\ur001.dat 0B810000[00015000] [ M] 165. f:\program files\rising\ris\ur023.dat + 0000059c(1436) svchost.exe 00F30000[00009000] [ M] 49. c:\windows\system32\normaliz.dll 3DFD0000[001E8000] [ M] 47. c:\windows\system32\iertutil.dll + 0000062c(1580) svchost.exe + 000006b0(1712) knownsvr.exe 00400000[00072000] [ M] 166. f:\新建文件夹3\knownsvr.exe 10000000[00034000] [ M] 96. f:\新建文件夹3\ncomm.dll 00380000[00009000] [ M] 49. c:\windows\system32\normaliz.dll 3DFD0000[001E8000] [ M] 47. c:\windows\system32\iertutil.dll 00CB0000[0002D000] [ M] 93. f:\新建文件夹3\comx3.dll 00CE0000[00019000] [ M] 91. f:\新建文件夹3\syslay.dll + 000006b4(1716) svchost.exe + 00000700(1792) Explorer.EXE 00400000[00009000] [ M] 49. c:\windows\system32\normaliz.dll 3DFD0000[001E8000] [ M] 47. c:\windows\system32\iertutil.dll 3E1C0000[00A93000] [AM] 21. c:\windows\system32\ieframe.dll 72C80000[00008000] [ M] 55. c:\windows\system32\msacm32.drv 10000000[00033000] [ M] 167. c:\windows\system32\igfxpph.dll 01DF0000[0001A000] [ M] 56. c:\windows\system32\hccutils.dll 01E10000[0001B000] [ M] 58. c:\windows\system32\igfxres.dll 03F50000[00324000] [ M] 59. c:\windows\system32\igfxress.dll 01EF0000[00010000] [ M] 57. c:\windows\system32\igfxsrvc.dll + 0000079c(1948) KwMusic.exe 00400000[003C7000] [AM] 44. f:\kwmusic\kwmusic.exe 10000000[00010000] [ M] 168. f:\kwmusic\http.dll 00380000[00015000] [ M] 169. f:\kwmusic\kwlogsvr.dll 003A0000[0000E000] [ M] 170. f:\kwmusic\zlib.dll 7C340000[00056000] [ M] 171. f:\kwmusic\msvcr71.dll 7C3A0000[0007B000] [ M] 172. f:\kwmusic\msvcp71.dll 003B0000[00009000] [ M] 49. c:\windows\system32\normaliz.dll 3DFD0000[001E8000] [ M] 47. c:\windows\system32\iertutil.dll 003C0000[00005000] [ M] 173. f:\kwmusic\cm.dll 007D0000[00066000] [ M] 174. f:\kwmusic\tag.dll 00840000[0005B000] [ M] 175. f:\kwmusic\player.dll 003D0000[0000A000] [ M] 176. f:\kwmusic\mplayer.dll 7C140000[00103000] [ M] 177. f:\kwmusic\mfc71.dll 003E0000[00015000] [ M] 178. f:\kwmusic\pd.dll 008A0000[00013000] [ M] 179. f:\kwmusic\fzip.dll 008C0000[0000A000] [ M] 180. f:\kwmusic\reco.dll 008D0000[00005000] [ M] 181. f:\kwmusic\ex_dll.dll 008E0000[00008000] [ M] 182. f:\kwmusic\localserver.dll 01350000[0011A000] [ M] 183. f:\kwmusic\mediainfo.dll 3E1C0000[00A93000] [AM] 21. c:\windows\system32\ieframe.dll 037D0000[004A4000] [ M] 184. c:\windows\system32\macromed\flash\flash10e.ocx 72C80000[00008000] [ M] 55. c:\windows\system32\msacm32.drv 065A0000[0000D000] [ M] 185. f:\kwmusic\plugin\eq_kweq.dll 065B0000[00089000] [ M] 186. f:\kwmusic\plugin\in_ac3.dll 06B50000[0005E000] [ M] 187. f:\kwmusic\plugin\in_ape.dll 06BC0000[0001C000] [ M] 188. f:\kwmusic\plugin\in_cdreader.dll 06CE0000[00011000] [ M] 189. f:\kwmusic\plugin\in_dshow.dll 06D00000[00143000] [ M] 190. f:\kwmusic\plugin\in_flac.dll 06E50000[000A0000] [ M] 191. f:\kwmusic\plugin\in_mp4.dll 06EF0000[000AB000] [ M] 192. f:\kwmusic\plugin\in_mpg123.dll 06FB0000[001A8000] [ M] 193. f:\kwmusic\plugin\in_tta.dll 07160000[0003C000] [ M] 194. f:\kwmusic\plugin\in_vorbis.dll 071A0000[0000B000] [ M] 195. f:\kwmusic\plugin\in_wave.dll 071B0000[0000F000] [ M] 196. f:\kwmusic\plugin\in_wma.dll 07630000[00010000] [ M] 197. f:\kwmusic\plugin\out_kw_ds.dll 07640000[0000E000] [ M] 198. f:\kwmusic\plugin\vis_classic.dll 07650000[0002A000] [ M] 199. f:\kwmusic\plugin\dsp_defx.dll 07680000[001DB000] [ M] 200. f:\kwmusic\plugin\dsp_izozone.dll 07870000[0015D000] [ M] 201. f:\kwmusic\plugin\dsp_omxe.dll 07D20000[00019000] [ M] 52. f:\program files\rising\ris\ravscrch.dll + 000007d0(2000) spoolsv.exe 00AF0000[00008000] [AM] 45. c:\windows\system32\mdimon.dll 00B00000[00008000] [ M] 202. c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll 3F420000[0001B000] [ M] 203. c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll + 0000080c(2060) RsAgent.exe 00400000[00036000] [ M] 204. f:\program files\rising\ris\rsagent.exe 10000000[00019000] [ M] 64. f:\program files\rising\ris\proccomm.dll 00DD0000[0002D000] [ M] 62. f:\program files\rising\ris\comx3.dll 00E00000[00019000] [ M] 63. f:\program files\rising\ris\syslay.dll 00F70000[00080000] [ M] 84. f:\program files\rising\ris\scanprxy.dll + 00000850(2128) iexplore.exe 3DFD0000[001E8000] [ M] 47. c:\windows\system32\iertutil.dll 3E1C0000[00A93000] [AM] 21. c:\windows\system32\ieframe.dll 451F0000[00006000] [ M] 48. c:\program files\internet explorer\xpshims.dll 01280000[00009000] [ M] 49. c:\windows\system32\normaliz.dll 439B0000[00040000] [ M] 50. c:\program files\internet explorer\ieproxy.dll 72EA0000[0006F000] [ M] 51. c:\windows\system32\ieapfltr.dll 10000000[00019000] [ M] 52. f:\program files\rising\ris\ravscrch.dll 7C3A0000[0007B000] [ M] 53. c:\windows\system32\msvcp71.dll 7C340000[00056000] [ M] 54. c:\windows\system32\msvcr71.dll 72C80000[00008000] [ M] 55. c:\windows\system32\msacm32.drv 0D6A0000[004A4000] [ M] 184. c:\windows\system32\macromed\flash\flash10e.ocx 0F1B0000[0000D000] [AM] 24. c:\program files\common files\microsoft shared\office11\msoxmlmf.dll + 000008a4(2212) logonui.exe + 000009e8(2536) kwmv.exe 00400000[0004F000] [ M] 205. f:\kwmusic\kwmv.exe 10000000[00015000] [ M] 169. f:\kwmusic\kwlogsvr.dll 00370000[00010000] [ M] 168. f:\kwmusic\http.dll 7C3A0000[0007B000] [ M] 172. f:\kwmusic\msvcp71.dll 7C340000[00056000] [ M] 171. f:\kwmusic\msvcr71.dll 00380000[00009000] [ M] 49. c:\windows\system32\normaliz.dll 3DFD0000[001E8000] [ M] 47. c:\windows\system32\iertutil.dll 00390000[0000E000] [ M] 170. f:\kwmusic\zlib.dll 00DF0000[00012000] [ M] 206. f:\kwmusic\lidx.dll + 00000b28(2856) alg.exe + 00000bb0(2992) iexplore.exe 3DFD0000[001E8000] [ M] 47. c:\windows\system32\iertutil.dll 3E1C0000[00A93000] [AM] 21. c:\windows\system32\ieframe.dll 00B10000[00009000] [ M] 49. c:\windows\system32\normaliz.dll 022F0000[0002A000] [ M] 207. c:\windows\system32\ieui.dll 439B0000[00040000] [ M] 50. c:\program files\internet explorer\ieproxy.dll 47060000[00021000] [ M] 208. c:\windows\system32\xmllite.dll 435A0000[00094000] [ M] 209. c:\windows\system32\msfeeds.dll + 00000be0(3040) conime.exe + 00000c10(3088) ras.exe 00400000[0000B000] [ M] 210. f:\新建文件夹3\ras.exe 7C140000[00103000] [ M] 211. f:\新建文件夹3\mfc71.dll 7C340000[00056000] [ M] 89. f:\新建文件夹3\msvcr71.dll 10000000[00047000] [ M] 212. f:\新建文件夹3\kakamgr.dll 7C3A0000[0007B000] [ M] 88. f:\新建文件夹3\msvcp71.dll 00B40000[00019000] [ M] 91. f:\新建文件夹3\syslay.dll 00B70000[0001F000] [ M] 97. f:\新建文件夹3\proccom.dll 00B90000[00024000] [ M] 98. f:\新建文件夹3\rscommx2.dll 00CE0000[0002D000] [ M] 93. f:\新建文件夹3\comx3.dll 00E50000[00058000] [ M] 213. f:\新建文件夹3\dbmgr.dll 23800000[00022000] [ M] 87. f:\新建文件夹3\rsxml.dll 00FB0000[0002E000] [ M] 214. f:\新建文件夹3\pweb.dll 01020000[0010D000] [ M] 215. f:\新建文件夹3\pscan.dll 01130000[00009000] [ M] 49. c:\windows\system32\normaliz.dll 3DFD0000[001E8000] [ M] 47. c:\windows\system32\iertutil.dll 01140000[00034000] [ M] 96. f:\新建文件夹3\ncomm.dll 012E0000[00070000] [ M] 216. f:\新建文件夹3\pset.dll 01460000[00027000] [ M] 217. f:\新建文件夹3\pdefend.dll 01490000[000B7000] [ M] 218. f:\新建文件夹3\ptools.dll 01650000[00075000] [ M] 219. f:\新建文件夹3\psysinfo.dll 3E1C0000[00A93000] [AM] 21. c:\windows\system32\ieframe.dll 23900000[00040000] [ M] 94. f:\新建文件夹3\pngdll.dll 033E0000[00019000] [ M] 52. f:\program files\rising\ris\ravscrch.dll 03F00000[004A4000] [ M] 184. c:\windows\system32\macromed\flash\flash10e.ocx 72C80000[00008000] [ M] 55. c:\windows\system32\msacm32.drv