[CODE]

2008-12-27,15:14:31

System Repair Engineer 2.7.0.1210
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描
    计划任务
    API HOOK
    隐藏进程


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <ATICCC><"C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay>  [File is missing]
    <YLive.exe><C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe>  [Yahoo! China]
    <RfwMain><"D:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <yassistse><c:\progra~1\yahoo!\assistant\yassistse.exe>  [Yahoo! China]
    <runeip><"D:\Program Files\Rising\AntiSpyware\rstray.exe" /startup>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <RavTray><"D:\Program Files\Rising\Rav\RsTray.exe" -system>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <renewup><C:\Program Files\CNNIC\Cdn\cdnrenew.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <KKDelay><D:\Program Files\Rising\AntiSpyware\RunOnce.exe>  [(Verified)Beijing Rising Information Technology Corporation Limited]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><kmon.dll>  [(Verified)Beijing Rising Information Technology Corporation Limited]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Corporation Limited]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <WebCheck><C:\WINDOWS\system32\webcheck.dll>  [(Verified)Microsoft Windows Component Publisher]
    <SysTray><C:\WINDOWS\system32\stobject.dll>  [(Verified)Microsoft Windows Publisher]
    <WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    <WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    <WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    <WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    <WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
    <IE7 Uninstall Stub><C:\WINDOWS\system32\ieudinit.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
    <Browser Customizations><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
    <浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -BaseSettings>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [Microsoft Corporation]

==================================
启动文件夹
[Adobe Gamma Loader]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Gamma Loader.lnk --> C:\PROGRA~1\COMMON~1\adobe\CALIBR~1\ADOBEG~1.EXE [Adobe Systems, Inc.]><N>

==================================
服务
[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
  <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
  <C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[ATI Smart / ATI Smart][Stopped/Auto Start]
  <C:\WINDOWS\system32\ati2sgag.exe><>
[Contrl Center of Storm Media / ccosm][Running/Auto Start]
  <D:\Program Files\StormII\stormliv.exe /asservice><北京暴风网际科技有限公司>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Windows Installer / MSIServer][Stopped/Manual Start]
  <C:\WINDOWS\system32\msiexec.exe /V><Microsoft Corporation>
[Navoct / Navoct][Stopped/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\PROGRA~1\Iesnap\navoct.dll><N/A>
[Rav Process Communication Center / RavCCenter][Stopped/Auto Start]
  <D:\Program Files\Rising\Rav\CCENTER.EXE><Beijing Rising Information Technology Co., Ltd.>
[Rising RavTask Manager / RavTask][Running/Auto Start]
  <"D:\Program Files\Rising\Rav\RavTask.exe" RavTask><Beijing Rising Information Technology Co., Ltd.>
[Rising Proxy  Service / RfwProxySrv][Running/Auto Start]
  <D:\Program Files\Rising\Rfw\rfwProxy.exe><Beijing Rising Information Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
  <D:\Program Files\Rising\Rfw\rfwsrv.exe><Beijing Rising Information Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
  <D:\Program Files\Rising\Rav\RavMonD.exe><Beijing Rising Information Technology Co., Ltd.>
[Rising Scan Service / RsScanSrv][Stopped/Auto Start]
  <D:\Program Files\Rising\Rav\ScanFrm.exe><Beijing Rising Information Technology Co., Ltd.>

==================================
驱动程序
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[ati2mtag / ati2mtag][Running/Manual Start]
  <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[cdnprot / cdnprot][Running/Boot Start]
  <\SystemRoot\system32\drivers\cdnprot.sys><CNNIC>
[djtufpxj / djtufpxj][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\djtufpxj.sys><Yahoo! China Corporation>
[hookcont / hookcont][Running/System Start]
  <system32\drivers\HookCont.sys><Beijing Rising Information Technology Co., Ltd.>
[hooksys / hooksys][Running/System Start]
  <system32\drivers\HookSys.sys><Beijing Rising Information Technology Co., Ltd.>
[HookUrl / HookUrl][Running/Auto Start]
  <\??\D:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Information Technology Co., Ltd.>
[ATK0110 ACPI UTILITY / MTsensor][Running/Manual Start]
  <system32\DRIVERS\ASACPI.sys><>
[nvata / nvata][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\nvata.sys><NVIDIA Corporation>
[NVIDIA nForce Networking Controller Driver / NVENETFD][Running/Manual Start]
  <system32\DRIVERS\NVENETFD.sys><NVIDIA Corporation>
[NVIDIA Network Bus Enumerator / nvnetbus][Running/Manual Start]
  <system32\DRIVERS\nvnetbus.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Rising  Rfwbase Driver / RfwBase][Running/Auto Start]
  <System32\DRIVERS\rfwbase.SYS><Beijing Rising Information Technology Co., Ltd.>
[RsFwDrv / RsFwDrv][Running/System Start]
  <\??\D:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Information Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Information Technology Co., Ltd.>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[WMDrive / WMDrive][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\WMDrive.sys><WinMount>
[yaskp / yaskp][Running/Boot Start]
  <\SystemRoot\system32\drivers\yaskp.sys><Copyright (C) yahoo Corporation.>

==================================
浏览器加载项
[WebThunder Browser Helper]
  {00000AAA-A363-466E-BEF5-9BB68697AA7F} <D:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[Promote Class]
  {0FA24E3E-422C-4D94-A125-104F32352C90} <C:\WINDOWS\system32\promote.dll, N/A>
[IESuper]
  {1A49F431-2A2E-41a5-9080-0F41D1A3AEC2} <C:\PROGRA~1\IESuper\iesuper.dll, (Signed) IESuper.com>
[Yahoo!Photo]
  {33BBE430-0E42-4f12-B075-8D21ACB10DCB} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll, Yahoo! China>
[AntiFish Class]
  {38928D50-8A48-44C2-945F-D2F23F771410} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll, yahoo! china>
[XgaRbvav Class]
  {44118AA3-7108-3FBB-58F0-619CB40FE156} <C:\WINDOWS\DOWNLO~1\kxzu.dll, N/A>
[ZpdKiifw Class]
  {56DB0025-4054-E80E-5F2D-012966F3BB48} <C:\WINDOWS\DOWNLO~1\urmflyk.dll, N/A>
[CdnForIE Class]
  {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[DragSearch BHO]
  {62EED7C6-9F02-42f9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, yahoo! china>
[卡卡上网安全助手]
  {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} <C:\WINDOWS\system32\urlFilter.dll, (Signed) Beijing Rising Information Technology Co., Ltd.>
[FlashGetBHO]
  {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} <C:\Documents and Settings\All Users\Application Data\FlashGetBHO\FlashGetBHO.dll, (Signed) FlashGet>
[yFlashDl Class]
  {F166BC04-3C84-44cc-A6E9-2315EC4844B9} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yflashdl.dll, Yahoo! China>
[assist]
  {FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yassist.dll, Yahoo! China>
[CdnForIE Class]
  {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[雅虎助手]
  {5D73EE86-05F1-49ed-B850-E423120EC338} <http://cn.zs.yahoo.com/start.htm?source=yzs_icon&btn=yassistnew, N/A>
[启动WEB迅雷]
  {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} <http://my.xunlei.com, N/A>
[雅虎助手]
  {406F94F0-504F-4A40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, yahoo! china>
[SSReaderPlug]
  {1DE88635-1C72-401E-B23B-93FA86D30F3B} <C:\WINDOWS\system32\ssreaderplug.dll, (Signed) 北京超星>
[]
  {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} <, >
[]
  {A4639D2F-774E-11D3-A490-00C04F6843FB} <, >
[ScreenCapture Class]
  {BFB79EE1-04AE-4D4A-B85E-27EE5F30C095} <C:\WINDOWS\system32\TXGYMailActiveX.dll, (Signed) Tencent Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx, (Signed) Adobe Systems, Inc.>
[PasswordEditCtrl Class]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, (Signed) 腾讯科技（深圳）有限公司>
[WebThunder Browser Helper]
  {00000AAA-A363-466E-BEF5-9BB68697AA7F} <D:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[WebThunder Class]
  {03507A1A-E0C5-4404-AA26-205385C0892D} <, >
[Promote Class]
  {0FA24E3E-422C-4D94-A125-104F32352C90} <C:\WINDOWS\system32\promote.dll, N/A>
[IESuperHelper]
  {1A49F431-2A2E-41A5-9080-0F41D1A3AEC1} <C:\PROGRA~1\IESuper\iesuper.dll, (Signed) IESuper.com>
[IESuper]
  {1A49F431-2A2E-41A5-9080-0F41D1A3AEC2} <C:\PROGRA~1\IESuper\iesuper.dll, (Signed) IESuper.com>
[]
  {20C2C286-BDE8-441B-B73D-AFA22D914DA5} <, >
[NetPlayer Class]
  {227BE258-BF0E-4ED9-96FD-55BFF469F08C} <D:\PROGRA~1\NETPLA~1\xnethlpr.dll, >
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, (Signed) Microsoft Corporation>
[XML DOM Document]
  {2933BF90-7B36-11D2-B20E-00C04F983E60} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation>
[WebThunder DapPlayer]
  {2EEDA47E-8D5C-4d7e-B4B6-E16E19218555} <D:\Program Files\Thunder Network\WebThunder\DownAndPlay\DapPlayer3.0.5712.71.120.dll, ShenZhen Thunder Networking Technologies Ltd.>
[Yahoo!Photo]
  {33BBE430-0E42-4F12-B075-8D21ACB10DCB} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll, Yahoo! China>
[AntiFish Class]
  {38928D50-8A48-44C2-945F-D2F23F771410} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll, yahoo! china>
[雅虎助手]
  {406F94F0-504F-4A40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, yahoo! china>
[XgaRbvav Class]
  {44118AA3-7108-3FBB-58F0-619CB40FE156} <C:\WINDOWS\DOWNLO~1\kxzu.dll, N/A>
[Microsoft Licensed Class Manager 1.0]
  {5220CB21-C88D-11CF-B347-00AA00A28331} <C:\WINDOWS\system32\licmgr10.dll, (Signed) Microsoft Corporation>
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, (Signed) Microsoft Corporation>
[ZpdKiifw Class]
  {56DB0025-4054-E80E-5F2D-012966F3BB48} <C:\WINDOWS\DOWNLO~1\urmflyk.dll, N/A>
[Yahoo!Live]
  {57421194-58FB-49AE-9B4F-FD48869B9AD4} <C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll, yahoo! china>
[CdnForIE Class]
  {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[]
  {5D73EE86-05F1-49ED-B850-E423120EC338} <, >
[PowerPlayer Control]
  {5EC7C511-CD0F-42E6-830C-1BD9882F3458} <D:\PROGRA~1\PPS\POWERP~1.DLL, N/A>
[]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <, >
[DragSearch BHO]
  {62EED7C6-9F02-42F9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, yahoo! china>
[]
  {6451F285-9E41-4D8C-813D-794CA7BFEAB4} <, >
[XMP Class]
  {6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, >
[BanaX 流媒体直播系统客户端控件]
  {67004315-CF72-4E45-A739-6DB3959A7010} <D:\PROGRA~1\Banacast\BanaX.ocx, 华南理工大学>
[XDRM]
  {693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, >
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[Microsoft Web Browser]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>
[XML DOM Document 4.0]
  {88D969C0-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml4.dll, N/A>
[XML HTTP 4.0]
  {88D969C5-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml4.dll, N/A>
[TTPlayer ActiveX Control]
  {89AE5F82-410A-4040-9387-68D1144EFD03} <D:\Program Files\TTPlayer\ttpctrl.dll, Alen Soft>
[Uploader Class]
  {8B054DFE-79A3-4A6A-9F46-CD2A2F601129} <C:\WINDOWS\system32\TXGYMailActiveX.dll, (Signed) Tencent Inc.>
[]
  {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} <, >
[]
  {95B3F550-91C4-4627-BCC4-521288C52977} <, >
[]
  {962EFB8E-2683-42D4-AC74-AAA4C759B9C6} <, >
[卡卡上网安全助手]
  {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} <C:\WINDOWS\system32\urlFilter.dll, (Signed) Beijing Rising Information Technology Co., Ltd.>
[]
  {A4639D2F-774E-11D3-A490-00C04F6843FB} <, >
[UploadFilePartition Class]
  {A877BA28-1F7E-4876-B299-50B3199A1A5D} <C:\WINDOWS\system32\TXGYMailActiveX.dll, (Signed) Tencent Inc.>
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, (Signed) Microsoft Corporation>
[DapCtrl Class]
  {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <C:\Program Files\Common Files\Thunder Network\KanKan\dapctrl.2.1.5801.53.(120).dll, ShenZhen Thunder Networking Technologies Ltd.>
[Alpha]
  {ADC6CB82-424C-11D2-952A-00C04FA34F05} <C:\WINDOWS\system32\Dxtmsft.dll, (Signed) Microsoft Corporation>
[Wipe]
  {AF279B30-86EB-11D1-81BF-0000F87557DB} <C:\WINDOWS\system32\Dxtmsft.dll, (Signed) Microsoft Corporation>
[FlashGetBHO]
  {B070D3E3-FEC0-47D9-8E8A-99D4EEB3D3B0} <C:\Documents and Settings\All Users\Application Data\FlashGetBHO\FlashGetBHO.dll, (Signed) FlashGet>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, (Signed) Microsoft Corporation>
[ScreenCapture Class]
  {BFB79EE1-04AE-4D4A-B85E-27EE5F30C095} <C:\WINDOWS\system32\TXGYMailActiveX.dll, (Signed) Tencent Inc.>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
  {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, (Signed) RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx, (Signed) Adobe Systems, Inc.>
[CLoader Object]
  {E2BE6D72-4952-4110-BBEC-694D8CAC409A} <D:\Program Files\Banacast\BanaCom.dll, Banacast>
[PasswordEditCtrl Class]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, (Signed) 腾讯科技（深圳）有限公司>
[XML HTTP Request]
  {ED8C108E-4349-11D2-91A4-00C04F7969E8} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[]
  {F08555B0-9CC3-11D2-AA8E-000000000000} <, >
[yFlashDl Class]
  {F166BC04-3C84-44CC-A6E9-2315EC4844B9} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yflashdl.dll, Yahoo! China>
[QvodCtrl Class]
  {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <D:\Program Files\QvodPlayer\QvodInsert.dll, N/A>
[XPPlayer Class]
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Program Files\Common Files\Thunder Network\KanKan\PPlayer.2.0.0.164.(120).dll, Thunder>
[XML DOM Document 3.0]
  {F5078F32-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[XML HTTP 3.0]
  {F5078F35-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[]
  {F5824EFB-728A-4726-A5A5-85A68B20EDC3} <, >
[XML DOM Document]
  {F6D90F11-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[XML HTTP]
  {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[assist]
  {FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yassist.dll, Yahoo! China>
[使用WEB迅雷下载]
  <D:\Program Files\Thunder Network\WebThunder\GetUrl.htm, N/A>
[使用WEB迅雷下载全部链接]
  <D:\Program Files\Thunder Network\WebThunder\GetAllUrl.htm, N/A>
[使用快车(Flas&hGet)下载]
  <J:\FlashGet\GetUrl.htm, N/A>
[使用快车(Flash&Get)下载全部链接]
  <J:\FlashGet\GetAllUrl.htm, N/A>
[导出当前页到超星阅览器(&A)]
  <D:\SSREADER36\ss_all.htm, N/A>
[导出选中部分到超星阅览器(&S)]
  <D:\SSREADER36\ss_select.htm, N/A>
[查看当前站点排名]
  <http://alexa.chinaz.com/alexa.htm, N/A>
[添加到雅虎订阅(&Y)]
  <res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrss.dll/YRSSMENUEXT, N/A>
[雅虎搜索]
  <res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll/203, N/A>

==================================
正在运行的进程
[PID: 556 / SYSTEM][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 640 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [D:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 676 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Ati2evxx.dll]  [ATI Technologies Inc., 6.14.10.4123]
    [C:\WINDOWS\system32\JPWB.IME]  [常诚研制, 4.00.950]
    [D:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [D:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 720 / SYSTEM][C:\WINDOWS\system32\services.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [D:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 732 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [D:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 900 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4123]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2499]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [D:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 920 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [D:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 1004 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [D:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 1124 / SYSTEM][D:\Program Files\Rising\Rav\CCENTER.EXE]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [D:\Program Files\Rising\Rav\combase.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [D:\Program Files\Rising\Rav\cnt09.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37]
    [D:\Program Files\Rising\Rav\cnt08.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [D:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 1132 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [D:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 1244 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [D:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 1376 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [D:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 1424 / SYSTEM][D:\Program Files\Rising\Rav\RavMonD.exe]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
    [D:\Program Files\Rising\Rav\combase.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [D:\Program Files\Rising\Rav\moncomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
    [D:\Program Files\Rising\Rav\MonBase.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5]
    [D:\Program Files\Rising\Rav\Rslog.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.32]
    [D:\Program Files\Rising\Rav\mondrv.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7]
    [D:\Program Files\Rising\Rav\defmon.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 29]
    [D:\Program Files\Rising\Rav\moncom08.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
    [D:\Program Files\Rising\Rav\MonRule.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9]
    [D:\Program Files\Rising\Rav\FileMon.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 21]
    [D:\Program Files\Rising\Rav\MailMon.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 21]
    [D:\Program Files\Rising\Rav\HookWeb.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [D:\Program Files\Rising\Rav\proccomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [D:\Program Files\Rising\Rav\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
    [D:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.13]
    [D:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [D:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
    [D:\Program Files\Rising\Rav\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [D:\Program Files\Rising\Rav\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [D:\Program Files\Rising\Rav\Hooksys.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 18]
    [D:\Program Files\Rising\Rav\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [D:\Program Files\Rising\Rav\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [D:\Program Files\Rising\Rav\HookCont.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 11]
    [D:\Program Files\Rising\Rav\rsnetsvr.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13]
    [D:\Program Files\Rising\Rav\BACore.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 17]
    [D:\Program Files\Rising\Rav\recomp.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [D:\Program Files\Rising\Rav\refs.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [D:\Program Files\Rising\Rav\RSStore.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 8]
    [D:\Program Files\Rising\Rav\ScanAdd.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.14]
    [D:\Program Files\Rising\Rav\Scanner.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.32]
    [D:\Program Files\Rising\Rav\viruslib.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [D:\Program Files\Rising\Rav\relibldr.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\JPWB.IME]  [常诚研制, 4.00.950]
    [D:\Program Files\Rising\Rav\ffr.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [D:\Program Files\Rising\Rav\nvfile.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [D:\Program Files\Rising\Rav\extfile.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
    [D:\Program Files\Rising\Rav\pearc.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [D:\Program Files\Rising\Rav\scanexec.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [D:\Program Files\Rising\Rav\unexe.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
    [D:\Program Files\Rising\Rav\scanex.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 15]
    [D:\Program Files\Rising\Rav\scanpe.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7]
    [D:\Program Files\Rising\Rav\ur000.dat]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5]
    [D:\Program Files\Rising\Rav\revm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [D:\Program Files\Rising\Rav\urutils.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [D:\Program Files\Rising\Rav\ur025.dat]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
    [D:\Program Files\Rising\Rav\scansct.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [D:\Program Files\Rising\Rav\extmail.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
[PID: 1464 / SYSTEM][D:\Program Files\Rising\Rfw\rfwsrv.exe]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.77]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [D:\Program Files\Rising\Rfw\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [D:\Program Files\Rising\Rfw\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [D:\Program Files\Rising\Rfw\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.1]
    [D:\Program Files\Rising\Rfw\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.19]
    [D:\Program Files\Rising\Rfw\RfwRule.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.17]
    [D:\Program Files\Rising\Rfw\rfwlog.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.16]
    [D:\Program Files\Rising\Rfw\Rfwdrv.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.50]
    [D:\Program Files\Rising\Rfw\ijt_ctrl.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.0]
    [D:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [D:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
    [D:\Program Files\Rising\Rfw\unvdet.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.8]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\Program Files\Rising\Rfw\mPorts.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.6]
[PID: 1524 / SYSTEM][D:\Program Files\Rising\Rfw\rfwProxy.exe]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.38]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [D:\Program Files\Rising\Rfw\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [D:\Program Files\Rising\Rfw\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [D:\Program Files\Rising\Rfw\RfwRule.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.17]
    [D:\Program Files\Rising\Rfw\urlrule.dll]  [Beijing Rising Information Technology Co., Ltd., 1.0.0.15]
    [D:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [D:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
    [D:\Program Files\Rising\Rfw\MonMid.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.6]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1824 / SYSTEM][D:\Program Files\Rising\Rfw\rfwstub.exe]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.12]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [D:\Program Files\Rising\Rfw\RSCOMMON.DLL]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [D:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 1876 / Administrator][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4123]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [D:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [D:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\JPWB.IME]  [常诚研制, 4.00.950]
    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2499]
[PID: 1984 / Administrator][C:\WINDOWS\Explorer.EXE]  [(Verified) Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [C:\WINDOWS\system32\JPWB.IME]  [常诚研制, 4.00.950]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
    [D:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [D:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 1, 5, 1033]
    [C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll]  [, 1, 0, 0, 1]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll]  [yahoo! china, 3, 8, 0, 1140]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll]  [Yahoo! China, 3, 0, 3, 1012]
    [D:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 75]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll]  [Yahoo! China, 3, 1, 2, 1013]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL]  [yahoo! china, 3, 1, 1, 1013]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yassist.dll]  [Yahoo! China, 3, 2, 3, 1029]
    [D:\PROGRA~1\中华压缩\CHINAZ~1.DLL]  [N/A, ]
    [D:\Program Files\WinMount3\WinMTExt3.dll]  [WinMount International Inc., 3.0.0.1]
    [D:\Program Files\WinMount3\ShlExt\MountExt.dll]  [N/A, ]
    [D:\Program Files\WinMount3\ShlExt\BrowserExt.dll]  [N/A, ]
    [D:\Program Files\WinMount3\WMCommon.dll]  [N/A, ]
[PID: 2020 / SYSTEM][D:\Program Files\Rising\Rav\rsnetsvr.exe]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [D:\Program Files\Rising\Rav\NComm.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.9]
    [D:\Program Files\Rising\Rav\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [D:\Program Files\Rising\Rav\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [D:\Program Files\Rising\Rav\ProcComm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\JPWB.IME]  [常诚研制, 4.00.950]
    [D:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [D:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 432 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2696 (xpsp.050610-1527)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [D:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 600 / Administrator][D:\Program Files\Rising\Rfw\RfwMain.exe]  [Beijing Rising Information Technology Co., Ltd., 7.0.1.70]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [D:\Program Files\Rising\Rfw\RsGuiLib.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [D:\Program Files\Rising\Rfw\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [D:\Program Files\Rising\Rfw\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [D:\Program Files\Rising\Rfw\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.1]
    [D:\Program Files\Rising\Rfw\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.19]
    [D:\Program Files\Rising\Rfw\RSCOMMON.DLL]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17]
    [D:\Program Files\Rising\Rfw\RfwCtrl.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
    [D:\Program Files\Rising\Rfw\RsXML.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2]
    [D:\Program Files\Rising\Rfw\PngDll.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [D:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
    [D:\Program Files\Rising\Rfw\RfwRule.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.17]
[PID: 1768 / SYSTEM][D:\Program Files\StormII\stormliv.exe]  [北京暴风网际科技有限公司, 3, 8, 6, 20]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 616 / SYSTEM][D:\Program Files\Rising\Rav\RavTask.exe]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 22]
    [D:\Program Files\Rising\Rav\rsconf.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [D:\Program Files\Rising\Rav\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
    [D:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.13]
    [D:\Program Files\Rising\Rav\proccomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [D:\Program Files\Rising\Rav\rsstub.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\Program Files\Rising\Rav\rstask.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 33]
[PID: 1120 / SYSTEM][D:\Program Files\Rising\Rav\ScanFrm.exe]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.11]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [D:\Program Files\Rising\Rav\combase.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [D:\Program Files\Rising\Rav\moncomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
    [D:\Program Files\Rising\Rav\scansrvp.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.11]
    [D:\Program Files\Rising\Rav\proccomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [D:\Program Files\Rising\Rav\ScanSrv.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.9]
    [D:\Program Files\Rising\Rav\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [D:\Program Files\Rising\Rav\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\JPWB.IME]  [常诚研制, 4.00.950]
    [D:\Program Files\Rising\Rav\ScanRavT.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.23]
    [D:\Program Files\Rising\Rav\ScanBT.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.36]
    [D:\Program Files\Rising\Rav\ScanStub.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.8]
    [D:\Program Files\Rising\Rav\RsLog.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.32]
    [D:\Program Files\Rising\Rav\ScanAdd.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.14]
    [D:\Program Files\Rising\Rav\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
    [D:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.13]
    [D:\Program Files\Rising\Rav\Scanner.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.32]
    [D:\Program Files\Rising\Rav\recomp.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [D:\Program Files\Rising\Rav\refs.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [D:\Program Files\Rising\Rav\viruslib.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [D:\Program Files\Rising\Rav\relibldr.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [D:\Program Files\Rising\Rav\ffr.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [D:\Program Files\Rising\Rav\nvfile.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [D:\Program Files\Rising\Rav\scanexec.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [D:\Program Files\Rising\Rav\unexe.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
    [D:\Program Files\Rising\Rav\scanex.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 15]
    [D:\Program Files\Rising\Rav\pearc.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [D:\Program Files\Rising\Rav\scanpe.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7]
    [D:\Program Files\Rising\Rav\ur000.dat]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5]
    [D:\Program Files\Rising\Rav\revm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [D:\Program Files\Rising\Rav\urutils.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [D:\Program Files\Rising\Rav\ur025.dat]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
    [D:\Program Files\Rising\Rav\extfile.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
    [D:\Program Files\Rising\Rav\extole.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
    [D:\Program Files\Rising\Rav\rsstore.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 8]
    [D:\Program Files\Rising\Rav\posttrt.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [D:\Program Files\Rising\Rav\scansct.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [D:\Program Files\Rising\Rav\extmail.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
[PID: 1496 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2400 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
[PID: 2408 / SYSTEM][C:\WINDOWS\system32\wbem\wmiprvse.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [D:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [D:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 2568 / Administrator][C:\Program Files\ATI Technologies\ATI.ACE\cli.exe]  [ATI Technologies Inc., 1.11.0.0]
    [C:\WINDOWS\system32\mscoree.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [c:\windows\microsoft.net\framework\v1.1.4322\mscorlib.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_8b110dd4\mscorlib.dll]  [N/A, ]
    [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll]  [Microsoft Corporation, 1.1.4322.573]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSCORJIT.DLL]  [Microsoft Corporation, 1.1.4322.2032]
    [c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_74c1d5e4\system.windows.forms.dll]  [N/A, ]
    [c:\program files\ati technologies\ati.ace\cli.implementation.dll]  [ATI Technologies Inc., 1.2.2128.454]
    [c:\program files\ati technologies\ati.ace\log.foundation.dll]  [ATI Technologies Inc., 1.2.2091.28002]
    [c:\program files\ati technologies\ati.ace\cli.foundation.dll]  [ATI Technologies Inc., 1.2.2091.28002]
    [c:\program files\ati technologies\ati.ace\log.foundation.service.dll]  [ATI Technologies Inc., 1.2.2128.635]
    [c:\program files\ati technologies\ati.ace\log.foundation.shared.dll]  [ATI Technologies Inc., 1.2.2091.28024]
    [c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_1f003bd0\system.dll]  [N/A, ]
    [c:\program files\ati technologies\ati.ace\cli.foundation.xmanifestation.dll]  [ATI Technologies Inc., 1.2.2128.635]
    [c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_31d4e7eb\system.xml.dll]  [N/A, ]
    [c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [c:\program files\ati technologies\ati.ace\cli.component.runtime.dll]  [ATI Technologies Inc., 1.2.2128.636]
    [c:\program files\ati technologies\ati.ace\aem.foundation.dll]  [ATI Technologies Inc., 1.2.2091.28002]
    [c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_bbd1377d\system.drawing.dll]  [N/A, ]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 1, 5, 1033]
    [C:\WINDOWS\system32\JPWB.IME]  [常诚研制, 4.00.950]
    [c:\program files\ati technologies\ati.ace\cli.caste.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.2128.628]
    [c:\program files\ati technologies\ati.ace\cli.component.runtime.shared.dll]  [ATI Technologies Inc., 1.2.2091.28004]
    [c:\program files\ati technologies\ati.ace\cli.caste.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28003]
    [c:\program files\ati technologies\ati.ace\dem.foundation.dll]  [ATI Technologies Inc., 1.2.2091.28002]
    [c:\program files\ati technologies\ati.ace\dem.graphics.displaysmanager.shared.dll]  [ATI Technologies Inc., 1.2.2091.28003]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demosinfo.dll]  [ATI Technologies Inc., 1.2.2091.28006]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demosadapterinfo.dll]  [ATI Technologies Inc., 1.2.2091.28017]
    [c:\program files\ati technologies\ati.ace\dem.graphics.dematiadapterinfo.dll]  [ATI Technologies Inc., 1.2.2091.28016]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demdriversettings.dll]  [ATI Technologies Inc., 1.2.2091.28004]
    [c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [c:\program files\ati technologies\ati.ace\atidemgr.dll]  [ATI Technologies Inc., 1.2.2128.409]
    [c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\WMINet_Utils.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demosmodeinfo.dll]  [ATI Technologies Inc., 1.2.2091.28009]
    [c:\program files\ati technologies\ati.ace\dem.graphics.dematidisplaysmanagersettings.dll]  [ATI Technologies Inc., 1.2.2091.28010]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demverylargedesktopsettings.dll]  [ATI Technologies Inc., 1.2.2091.28006]
    [c:\program files\ati technologies\ati.ace\cli.aspect.multivpu2.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.2128.635]
    [c:\program files\ati technologies\ati.ace\cli.aspect.multivpu2.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28018]
    [c:\program files\ati technologies\ati.ace\cli.aspect.multivpu.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.2128.509]
    [c:\program files\ati technologies\ati.ace\cli.aspect.multivpu.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28024]
    [c:\program files\ati technologies\ati.ace\cli.aspect.verylargedesktop.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.2128.470]
    [c:\program files\ati technologies\ati.ace\cli.aspect.verylargedesktop.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28007]
    [c:\program files\ati technologies\ati.ace\cli.aspect.radeon3d.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.2128.532]
    [c:\program files\ati technologies\ati.ace\cli.aspect.radeon3dlegacy.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.2128.528]
    [c:\program files\ati technologies\ati.ace\cli.aspect.radeon3dlegacy.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28026]
    [c:\program files\ati technologies\ati.ace\cli.aspect.displayscolour2.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.2128.485]
    [c:\program files\ati technologies\ati.ace\cli.aspect.displayscolour2.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28018]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demdisplayscoloursettings.dll]  [ATI Technologies Inc., 1.2.2091.28005]
    [c:\program files\ati technologies\ati.ace\cli.aspect.displayscolour.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.2128.571]
    [c:\program files\ati technologies\ati.ace\cli.aspect.displayscolour.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28005]
    [c:\program files\ati technologies\ati.ace\cli.aspect.mmvideo.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.2128.551]
    [c:\program files\ati technologies\ati.ace\cli.aspect.mmvideo.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28025]
    [c:\program files\ati technologies\ati.ace\dem.graphics.mmdeintlacingsettings.dll]  [ATI Technologies Inc., 1.2.2091.28027]
    [c:\program files\ati technologies\ati.ace\cli.aspect.videooverlay.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.2128.519]
    [c:\program files\ati technologies\ati.ace\cli.aspect.videooverlay.graphics.runtime.shared.dll]  [ATI Technologies Inc., 1.2.2091.28015]
    [c:\program files\ati technologies\ati.ace\dem.graphics.videooverlay.shared.dll]  [ATI Technologies Inc., 1.2.2091.28003]
    [c:\program files\ati technologies\ati.ace\cli.aspect.smartgart.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.2128.524]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demsmartgartsettings.dll]  [ATI Technologies Inc., 1.2.2091.28008]
    [c:\program files\ati technologies\ati.ace\cli.aspect.vpurecover.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.2128.516]
    [c:\program files\ati technologies\ati.ace\cli.aspect.vpurecover.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28006]
    [c:\program files\ati technologies\ati.ace\cli.aspect.workstationconfig.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.2128.513]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicecrt.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.2128.597]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicecrt2.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.2128.493]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicelcd.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.2128.584]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicelcd.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28028]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicelcd2.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.2128.485]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicelcd2.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28008]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicecv.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.2128.592]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicecv.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28028]
    [c:\program files\ati technologies\ati.ace\cli.aspect.customformats.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28004]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicecv2.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.2128.497]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicecv2.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28009]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicetv2.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.2128.580]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicetv.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.2128.575]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicedfp.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.2128.588]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicedfp.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28029]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicedfp2.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.2128.488]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicedfp2.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28024]
    [c:\program files\ati technologies\ati.ace\cli.aspect.overdrive3.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.2128.540]
    [c:\program files\ati technologies\ati.ace\cli.aspect.overdrive3.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28028]
    [c:\program files\ati technologies\ati.ace\cli.aspect.overdrive2.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.2128.547]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demoverdrivesettings.dll]  [ATI Technologies Inc., 1.2.2091.28026]
    [c:\program files\ati technologies\ati.ace\cli.aspect.powerplay3.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.2128.536]
    [c:\program files\ati technologies\ati.ace\cli.aspect.powerplay3.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28010]
    [c:\program files\ati technologies\ati.ace\dem.graphics.dempowerplaysettings.dll]  [ATI Technologies Inc., 1.2.2091.28026]
    [c:\program files\ati technologies\ati.ace\cli.aspect.displaysoptions.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.2128.563]
    [c:\program files\ati technologies\ati.ace\cli.aspect.integratedumaframebuffer.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.2128.556]
    [c:\program files\ati technologies\ati.ace\cli.aspect.infocentre.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.2128.559]
    [c:\program files\ati technologies\ati.ace\cli.aspect.infocentre.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28016]
    [c:\program files\ati technologies\ati.ace\cli.aspect.hotkeyshandling.graphics.runtime.dll]  [ATI Technologies Inc., 1.2.2128.501]
    [c:\program files\ati technologies\ati.ace\cli.aspect.hotkeyshandling.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28016]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demmultivpusettings.dll]  [ATI Technologies Inc., 1.2.2091.28024]
    [c:\program files\ati technologies\ati.ace\cli.aspect.radeon3d.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28017]
    [c:\program files\ati technologies\ati.ace\dem.graphics.mmoverlaysettings.dll]  [ATI Technologies Inc., 1.2.2091.28027]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demvideotheatermodesettings.dll]  [ATI Technologies Inc., 1.2.2091.28026]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demvideooverlaysettings.dll]  [ATI Technologies Inc., 1.2.2091.28007]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demvpurecoverinfo.dll]  [ATI Technologies Inc., 1.2.2091.28027]
    [c:\program files\ati technologies\ati.ace\dem.graphics.workstationsettings.dll]  [ATI Technologies Inc., 1.2.2091.28017]
    [c:\program files\ati technologies\ati.ace\cli.aspect.deviceproperty.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28004]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demdevicecrtsettings.dll]  [ATI Technologies Inc., 1.2.2091.28025]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demdevicecommonsettings.dll]  [ATI Technologies Inc., 1.2.2091.28027]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicecrt.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28023]
    [c:\program files\ati technologies\ati.ace\cli.aspect.deviceproperty2.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28004]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demdevicecommon2settings.dll]  [ATI Technologies Inc., 1.2.2091.28005]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demdevicelcdsettings.dll]  [ATI Technologies Inc., 1.2.2091.28025]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demdevicecomponentvideosettings.dll]  [ATI Technologies Inc., 1.2.2091.28004]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demdevicetv2settings.dll]  [ATI Technologies Inc., 1.2.2091.28025]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demdevicetvsettings.dll]  [ATI Technologies Inc., 1.2.2091.28024]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicetv.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28028]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demdevicedfpsettings.dll]  [ATI Technologies Inc., 1.2.2091.28025]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demdevicedfp2settings.dll]  [ATI Technologies Inc., 1.2.2091.28007]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demoverdrive3settings.dll]  [ATI Technologies Inc., 1.2.2091.28028]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demdisplaysmanageroptionssettings.dll]  [ATI Technologies Inc., 1.2.2091.28015]
    [c:\program files\ati technologies\ati.ace\cli.aspect.displaysoptions.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28023]
    [c:\program files\ati technologies\ati.ace\dem.graphics.demumaframebuffersettings.dll]  [ATI Technologies Inc., 1.2.2091.28009]
    [c:\program files\ati technologies\ati.ace\apm.foundation.dll]  [ATI Technologies Inc., 1.2.2091.28017]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
    [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\perfcounter.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll]  [Microsoft Corporation, 1.1.4322.2032]
[PID: 2808 / Administrator][C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe]  [Yahoo! China, 3, 2, 6, 1032]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [D:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [D:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 1, 5, 1033]
    [C:\WINDOWS\system32\JPWB.IME]  [常诚研制, 4.00.950]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\yalive.dll]  [yahoo! china, 3, 8, 0, 1140]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll]  [Yahoo! China, 3, 0, 3, 1012]
[PID: 2816 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2932 / Administrator][C:\progra~1\yahoo!\assistant\yassistse.exe]  [Yahoo! China, 3, 1, 0, 1013]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [D:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [D:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 1, 5, 1033]
    [C:\WINDOWS\system32\JPWB.IME]  [常诚研制, 4.00.950]
    [C:\progra~1\yahoo!\assistant\shell\yAssecblk.dll]  [Yahoo! China, 3, 2, 1, 1029]
    [C:\progra~1\yahoo!\assistant\shell\yMenuInfo.dll]  [Yahoo! China, 3, 0, 1, 1001]
    [C:\progra~1\yahoo!\assistant\shell\yIEAngel.dll]  [Yahoo! China, 3, 0, 4, 1005]
    [C:\progra~1\yahoo!\assistant\shell\yAsMenu.dll]  [Yahoo! China, 3, 0, 5, 1007]
[PID: 3012 / Administrator][D:\Program Files\Rising\AntiSpyware\rstray.exe]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.16]
    [D:\Program Files\Rising\AntiSpyware\rsmginfo.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 8]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\Program Files\Rising\AntiSpyware\RsXML.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2]
    [D:\Program Files\Rising\AntiSpyware\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [D:\Program Files\Rising\AntiSpyware\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\JPWB.IME]  [常诚研制, 4.00.950]
    [D:\Program Files\Rising\AntiSpyware\ComServ.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.31]
    [D:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [D:\Program Files\Rising\AntiSpyware\rscommon.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.1.1]
    [D:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [D:\Program Files\Rising\AntiSpyware\pngdll.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5]
    [D:\Program Files\Rising\AntiSpyware\runiep.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.42]
    [D:\Program Files\Rising\AntiSpyware\NComm.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.11]
    [D:\Program Files\Rising\Rav\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [D:\Program Files\Rising\AntiSpyware\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
[PID: 3020 / Administrator][D:\Program Files\Rising\Rav\RsTray.exe]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.21]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\JPWB.IME]  [常诚研制, 4.00.950]
    [D:\Program Files\Rising\Rav\ComServ.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.49]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [D:\Program Files\Rising\Rav\rslang.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 26]
    [D:\Program Files\Rising\Rav\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [D:\Program Files\Rising\Rav\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [D:\Program Files\Rising\Rav\rsxml.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [D:\Program Files\Rising\Rav\ProcComm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [D:\Program Files\Rising\Rav\MonState.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7]
    [D:\Program Files\Rising\Rav\ScanEvnt.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.12]
    [D:\Program Files\Rising\Rav\rsvrinfo.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5]
    [D:\Program Files\Rising\Rav\recomp.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [D:\Program Files\Rising\Rav\refs.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [D:\Program Files\Rising\Rav\viruslib.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [D:\Program Files\Rising\Rav\relibldr.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [D:\Program Files\Rising\Rav\rsguilib.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 69]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [D:\Program Files\Rising\Rav\rsconf.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [D:\Program Files\Rising\Rav\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
    [D:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.13]
    [D:\Program Files\Rising\Rav\rspalvd.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.19]
    [D:\Program Files\Rising\Rav\ravbintl.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24]
    [D:\Program Files\Rising\Rav\mruleui.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10]
    [D:\Program Files\Rising\Rav\MonTray.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.85]
    [D:\Program Files\Rising\Rav\PngDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [D:\Program Files\Rising\Rav\RavITray.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 19]
    [D:\Program Files\Rising\Rav\ScanPrxy.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.13]
    [D:\Program Files\Rising\Rav\rsmginfo.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10]
[PID: 3120 / Administrator][C:\WINDOWS\system32\ctfmon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [D:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [D:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 1, 5, 1033]
    [C:\WINDOWS\system32\JPWB.IME]  [常诚研制, 4.00.950]
[PID: 3728 / Administrator][C:\Program Files\ATI Technologies\ATI.ACE\cli.exe]  [ATI Technologies Inc., 1.11.0.0]
    [C:\WINDOWS\system32\mscoree.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [c:\windows\microsoft.net\framework\v1.1.4322\mscorlib.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_8b110dd4\mscorlib.dll]  [N/A, ]
    [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll]  [Microsoft Corporation, 1.1.4322.573]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 1, 5, 1033]
    [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSCORJIT.DLL]  [Microsoft Corporation, 1.1.4322.2032]
    [c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_74c1d5e4\system.windows.forms.dll]  [N/A, ]
    [c:\program files\ati technologies\ati.ace\cli.implementation.dll]  [ATI Technologies Inc., 1.2.2128.454]
    [c:\program files\ati technologies\ati.ace\log.foundation.dll]  [ATI Technologies Inc., 1.2.2091.28002]
    [c:\program files\ati technologies\ati.ace\cli.foundation.dll]  [ATI Technologies Inc., 1.2.2091.28002]
    [c:\program files\ati technologies\ati.ace\log.foundation.service.dll]  [ATI Technologies Inc., 1.2.2128.635]
    [c:\program files\ati technologies\ati.ace\log.foundation.shared.dll]  [ATI Technologies Inc., 1.2.2091.28024]
    [c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_1f003bd0\system.dll]  [N/A, ]
    [c:\program files\ati technologies\ati.ace\cli.foundation.xmanifestation.dll]  [ATI Technologies Inc., 1.2.2128.635]
    [c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_31d4e7eb\system.xml.dll]  [N/A, ]
    [c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [c:\program files\ati technologies\ati.ace\cli.component.dashboard.dll]  [ATI Technologies Inc., 1.2.2128.637]
    [c:\program files\ati technologies\ati.ace\cli.foundation.clients.dll]  [ATI Technologies Inc., 1.2.2091.28003]
    [c:\program files\ati technologies\ati.ace\cli.component.dashboard.shared.dll]  [ATI Technologies Inc., 1.2.2091.28005]
    [c:\program files\ati technologies\ati.ace\cli.component.runtime.dll]  [ATI Technologies Inc., 1.2.2128.636]
    [c:\program files\ati technologies\ati.ace\cli.caste.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28003]
    [c:\program files\ati technologies\ati.ace\dem.graphics.displaysmanager.shared.dll]  [ATI Technologies Inc., 1.2.2091.28003]
    [c:\program files\ati technologies\ati.ace\aem.foundation.dll]  [ATI Technologies Inc., 1.2.2091.28002]
    [c:\program files\ati technologies\ati.ace\cli.caste.local.dashboard.dll]  [ATI Technologies Inc., 1.2.2128.641]
    [c:\program files\ati technologies\ati.ace\cli.caste.graphics.dashboard.dll]  [ATI Technologies Inc., 1.2.2128.631]
    [c:\program files\ati technologies\ati.ace\cli.caste.graphics.dashboard.shared.dll]  [ATI Technologies Inc., 1.2.2091.28007]
    [c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_bbd1377d\system.drawing.dll]  [N/A, ]
    [c:\program files\ati technologies\ati.ace\cli.aspect.welcome.local.dashboard.dll]  [ATI Technologies Inc., 1.2.2128.509]
    [c:\program files\ati technologies\ati.ace\cli.aspect.infocentre.graphics.dashboard.dll]  [ATI Technologies Inc., 1.2.2128.560]
    [c:\program files\ati technologies\ati.ace\cli.aspect.displaysmanager.graphics.dashboard.dll]  [ATI Technologies Inc., 1.2.2128.568]
    [c:\program files\ati technologies\ati.ace\cli.aspect.verylargedesktop.graphics.dashboard.dll]  [ATI Technologies Inc., 1.2.2128.467]
    [c:\program files\ati technologies\ati.ace\cli.aspect.displaysoptions.graphics.dashboard.dll]  [ATI Technologies Inc., 1.2.2128.563]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicecrt.graphics.dashboard.dll]  [ATI Technologies Inc., 1.2.2128.598]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicecrt2.graphics.dashboard.dll]  [ATI Technologies Inc., 1.2.2128.493]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicelcd.graphics.dashboard.dll]  [ATI Technologies Inc., 1.2.2128.585]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicelcd2.graphics.dashboard.dll]  [ATI Technologies Inc., 1.2.2128.485]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicecv.graphics.dashboard.dll]  [ATI Technologies Inc., 1.2.2128.594]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicecv2.graphics.dashboard.dll]  [ATI Technologies Inc., 1.2.2128.498]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicetv2.graphics.dashboard.dll]  [ATI Technologies Inc., 1.2.2128.581]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicetv.graphics.dashboard.dll]  [ATI Technologies Inc., 1.2.2128.576]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicedfp.graphics.dashboard.dll]  [ATI Technologies Inc., 1.2.2128.589]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicedfp2.graphics.dashboard.dll]  [ATI Technologies Inc., 1.2.2128.489]
    [c:\program files\ati technologies\ati.ace\cli.aspect.radeon3d.graphics.dashboard.dll]  [ATI Technologies Inc., 1.2.2128.533]
    [c:\program files\ati technologies\ati.ace\cli.aspect.radeon3dlegacy.graphics.dashboard.dll]  [ATI Technologies Inc., 1.2.2128.528]
    [c:\program files\ati technologies\ati.ace\cli.aspect.displayscolour2.graphics.dashboard.dll]  [ATI Technologies Inc., 1.2.2128.481]
    [c:\program files\ati technologies\ati.ace\cli.aspect.displayscolour.graphics.dashboard.dll]  [ATI Technologies Inc., 1.2.2128.572]
    [c:\program files\ati technologies\ati.ace\cli.aspect.mmvideo.graphics.dashboard.dll]  [ATI Technologies Inc., 1.2.2128.552]
    [c:\program files\ati technologies\ati.ace\cli.aspect.videooverlay.graphics.dashboard.dll]  [ATI Technologies Inc., 1.2.2128.520]
    [c:\program files\ati technologies\ati.ace\cli.aspect.powerplay3.graphics.dashboard.dll]  [ATI Technologies Inc., 1.2.2128.537]
    [c:\program files\ati technologies\ati.ace\cli.aspect.smartgart.graphics.dashboard.dll]  [ATI Technologies Inc., 1.2.2128.525]
    [c:\program files\ati technologies\ati.ace\cli.aspect.vpurecover.graphics.dashboard.dll]  [ATI Technologies Inc., 1.2.2128.516]
    [c:\program files\ati technologies\ati.ace\cli.aspect.workstationconfig.graphics.dashboard.dll]  [ATI Technologies Inc., 1.2.2128.513]
    [c:\program files\ati technologies\ati.ace\cli.aspect.overdrive3.graphics.dashboard.dll]  [ATI Technologies Inc., 1.2.2128.544]
    [c:\program files\ati technologies\ati.ace\cli.aspect.overdrive2.graphics.dashboard.dll]  [ATI Technologies Inc., 1.2.2128.548]
    [c:\program files\ati technologies\ati.ace\cli.aspect.integratedumaframebuffer.graphics.dashboard.dll]  [ATI Technologies Inc., 1.2.2128.556]
    [c:\program files\ati technologies\ati.ace\cli.aspect.multivpu2.graphics.dashboard.dll]  [ATI Technologies Inc., 1.2.2128.472]
    [c:\program files\ati technologies\ati.ace\cli.aspect.multivpu.graphics.dashboard.dll]  [ATI Technologies Inc., 1.2.2128.502]
    [c:\program files\ati technologies\ati.ace\cli.aspect.infocentre.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28016]
    [c:\program files\ati technologies\ati.ace\cli.aspect.verylargedesktop.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28007]
    [c:\program files\ati technologies\ati.ace\cli.aspect.displaysoptions.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28023]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicecrt.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28023]
    [c:\program files\ati technologies\ati.ace\cli.aspect.deviceproperty.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28004]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicecrt2.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28010]
    [c:\program files\ati technologies\ati.ace\cli.aspect.deviceproperty2.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28004]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicelcd.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28028]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicelcd2.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28008]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicecv.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28028]
    [c:\program files\ati technologies\ati.ace\cli.aspect.customformats.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28004]
    [C:\WINDOWS\system32\JPWB.IME]  [常诚研制, 4.00.950]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicecv2.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28009]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicetv2.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28025]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicetv.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28028]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicedfp.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28029]
    [c:\program files\ati technologies\ati.ace\cli.aspect.devicedfp2.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28024]
    [c:\program files\ati technologies\ati.ace\cli.aspect.radeon3d.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28017]
    [c:\program files\ati technologies\ati.ace\cli.aspect.radeon3dlegacy.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28026]
    [c:\program files\ati technologies\ati.ace\cli.aspect.displayscolour2.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28018]
    [c:\program files\ati technologies\ati.ace\cli.aspect.displayscolour.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28005]
    [c:\program files\ati technologies\ati.ace\cli.aspect.mmvideo.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28025]
    [c:\program files\ati technologies\ati.ace\cli.aspect.videooverlay.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28009]
    [c:\program files\ati technologies\ati.ace\cli.aspect.powerplay3.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28010]
    [c:\program files\ati technologies\ati.ace\cli.aspect.smartgart.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28006]
    [c:\program files\ati technologies\ati.ace\cli.aspect.vpurecover.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28006]
    [c:\program files\ati technologies\ati.ace\cli.aspect.workstationconfig.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28007]
    [c:\program files\ati technologies\ati.ace\cli.aspect.overdrive3.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28028]
    [c:\program files\ati technologies\ati.ace\cli.aspect.overdrive2.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28015]
    [c:\program files\ati technologies\ati.ace\cli.aspect.integratedumaframebuffer.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28008]
    [c:\program files\ati technologies\ati.ace\cli.aspect.multivpu2.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28018]
    [c:\program files\ati technologies\ati.ace\cli.aspect.multivpu.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28024]
    [c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\perfcounter.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll]  [Microsoft Corporation, 1.1.4322.2032]
[PID: 3740 / Administrator][C:\Program Files\ATI Technologies\ATI.ACE\cli.exe]  [ATI Technologies Inc., 1.11.0.0]
    [C:\WINDOWS\system32\mscoree.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [c:\windows\microsoft.net\framework\v1.1.4322\mscorlib.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_8b110dd4\mscorlib.dll]  [N/A, ]
    [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll]  [Microsoft Corporation, 1.1.4322.573]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 1, 5, 1033]
    [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSCORJIT.DLL]  [Microsoft Corporation, 1.1.4322.2032]
    [c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_74c1d5e4\system.windows.forms.dll]  [N/A, ]
    [c:\program files\ati technologies\ati.ace\cli.implementation.dll]  [ATI Technologies Inc., 1.2.2128.454]
    [c:\program files\ati technologies\ati.ace\log.foundation.dll]  [ATI Technologies Inc., 1.2.2091.28002]
    [c:\program files\ati technologies\ati.ace\cli.foundation.dll]  [ATI Technologies Inc., 1.2.2091.28002]
    [c:\program files\ati technologies\ati.ace\log.foundation.service.dll]  [ATI Technologies Inc., 1.2.2128.635]
    [c:\program files\ati technologies\ati.ace\log.foundation.shared.dll]  [ATI Technologies Inc., 1.2.2091.28024]
    [c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_1f003bd0\system.dll]  [N/A, ]
    [c:\program files\ati technologies\ati.ace\cli.foundation.xmanifestation.dll]  [ATI Technologies Inc., 1.2.2128.635]
    [c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_31d4e7eb\system.xml.dll]  [N/A, ]
    [c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [c:\program files\ati technologies\ati.ace\cli.component.systemtray.dll]  [ATI Technologies Inc., 1.2.2128.609]
    [c:\program files\ati technologies\ati.ace\cli.caste.graphics.shared.dll]  [ATI Technologies Inc., 1.2.2091.28003]
    [c:\program files\ati technologies\ati.ace\dem.graphics.displaysmanager.shared.dll]  [ATI Technologies Inc., 1.2.2091.28003]
    [c:\program files\ati technologies\ati.ace\cli.component.runtime.dll]  [ATI Technologies Inc., 1.2.2128.636]
    [c:\program files\ati technologies\ati.ace\apm.foundation.dll]  [ATI Technologies Inc., 1.2.2091.28017]
    [c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_bbd1377d\system.drawing.dll]  [N/A, ]
    [C:\WINDOWS\system32\JPWB.IME]  [常诚研制, 4.00.950]
    [c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\perfcounter.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll]  [Microsoft Corporation, 1.1.4322.2032]
[PID: 3808 / Administrator][D:\Program Files\Rising\AntiSpyware\knownsvr.exe]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.14]
    [D:\Program Files\Rising\AntiSpyware\NComm.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.11]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [D:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [D:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
[PID: 3972 / SYSTEM][C:\WINDOWS\system32\wuauclt.exe]  [(Verified) Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [D:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [D:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [D:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [D:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 2376 / Administrator][D:\Program Files\WinMount3\WinMount3.exe]  [WinMount International Inc., 3.0.0.1]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [D:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [D:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [D:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [D:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 1, 5, 1033]
    [D:\Program Files\WinMount3\WMCommon.dll]  [N/A, ]
    [C:\WINDOWS\system32\JPWB.IME]  [常诚研制, 4.00.950]
    [D:\Program Files\WinMount3\Office2007.cjstyles]  [Codejock Software, 11, 1, 2, 0]
    [D:\Program Files\WinMount3\FrameExt\MountPlug.dll]  [, 3, 0, 0, 1]
    [D:\Program Files\WinMount3\WMCore.dll]  [N/A, ]
    [D:\Program Files\WinMount3\FrameExt\Browser.dll]  [, 3, 0, 0, 1]
    [D:\Program Files\WinMount3\FrameExt\MouMaker.dll]  [, 3, 0, 0, 1]
    [D:\Program Files\WinMount3\MouCore.dll]  [, 3, 0, 0, 1]
    [D:\Program Files\WinMount3\WMModule.dll]  [N/A, ]
[PID: 2116 / Administrator][I:\SREngLdr.EXE]  [Smallfrogs Studio, 2.7.0.1210]
    [D:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33]
    [D:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
[PID: 2504 / Administrator][I:\SRE85eb4316.EXE]  [Smallfrogs Studio, 2.7.0.1210]
    [D:\Program Files\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [D:\Program Files\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 1, 5, 1033]
    [C:\WINDOWS\system32\JPWB.IME]  [常诚研制, 4.00.950]
    [I:\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1       localhost

==================================
进程特权扫描
特殊特权被允许： SeDebugPrivilege [PID = 2568, C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CLI.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2568, C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CLI.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 2808, C:\PROGRA~1\YAHOO!\ASSIST~1\YLIVE.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2808, C:\PROGRA~1\YAHOO!\ASSIST~1\YLIVE.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 2932, C:\PROGRA~1\YAHOO!\ASSISTANT\YASSISTSE.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2932, C:\PROGRA~1\YAHOO!\ASSISTANT\YASSISTSE.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 3728, C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CLI.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 3728, C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CLI.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 3740, C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CLI.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 3740, C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CLI.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 2376, D:\PROGRAM FILES\WINMOUNT3\WINMOUNT3.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2376, D:\PROGRAM FILES\WINMOUNT3\WINMOUNT3.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 2116, I:\SRENGLDR.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2116, I:\SRENGLDR.EXE]

==================================
计划任务
N/A

==================================
API HOOK
入口点错误：CreateProcessA (危险等级: 高,  被下面模块所HOOK: 0x010C1FFD)
入口点错误：CreateProcessW (危险等级: 高,  被下面模块所HOOK: 0x010C20E5)

==================================
隐藏进程
N/A

==================================


[/CODE]