[CODE]

2008-05-24,15:17:28

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows XP Home Edition  (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe>  [(Verified)Microsoft Windows XP Publisher]
    <MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background>  [Microsoft Corporation]
    <MsnMsgr><"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows XP Publisher]
    <PHIME2002ASync><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows XP Publisher]
    <PHIME2002A><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows XP Publisher]
    <SoundMan><SOUNDMAN.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <ATIModeChange><Ati2mdxx.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <ATIPTA><C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe>  [ATI Technologies, Inc.]
    <QuickTime Task><"F:\qt\qttask.exe" -atboottime>  [Apple Computer, Inc.]
    <runeip><"C:\Program Files\Rising\AntiSpyware\runiep.exe" /startup>  [Beijing Rising Technology Co., Ltd.]
    <WebThunder><C:\Program Files\Thunder Network\WebThunder\WebThunder.exe>  [N/A]
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  [N/A]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [(Verified)Beijing Rising Science and Technology Corporation Limited]
    <RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [(Verified)BEIJING RISING SCIENCE AND TECHNOLOGY CORPORATION LIMITED]
    <fmsiocps><C:\WINDOWS\fmsiocps.exe>  []
    <anistio><C:\WINDOWS\anistio.exE>  []
    <dionpis><C:\WINDOWS\dionpis.exe>  []
    <hefcndy><C:\WINDOWS\hefcndy.exe>  []
    <dbhlp32><C:\WINDOWS\dbhlp32.exe>  []
    <fmsjhif><C:\WINDOWS\fmsjhif.exe>  [N/A]
    <jbzwqeoo><C:\WINDOWS\bweoqbdz.exe>  [N/A]
    <ptshell><C:\WINDOWS\ptshell.exe>  [N/A]
    <ticisms><C:\WINDOWS\ticisms.exe>  [N/A]
    <bincdwsa><C:\WINDOWS\bincdwsa.exe>  []
    <isndntio><C:\WINDOWS\isndntio.exe>  []
    <WINSvr64><C:\WINDOWS\WINSvr64.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <KKDelay><C:\Program Files\Rising\AntiSpyware\RunOnce.exe>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows XP Publisher]
    <Userinit><C:\WINDOWS\System32\UserInit.exe,>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><fnhwe.dll,fyrgtr.dll,ghrst.dll,ethyg.dll,yuker.dll,gtujerg.dll,fydfgk.dll,ukrth.dll,fghdghu.dll,reger.dll,tynjder.dll,wefgh.dll,gfcfg.dll,frntrn.dll,qrhhb.dll,drghszd.dll,fngn.dll,gnfctt.dll,xgnfn.dll,xfgnhcgfm.dll,serger.dll,bnxnb.dll,fxgnfx.dll,jzijj.dll,xfgnfx.dll,serghjm.dll,thsddh.dll,xbcvxb.dll,zfdzb.dll,xdndn.dll,xdfntt.dll,hgfhk.dll,dnteh.dll,xfng.dll,njritc.dll,chmfcmh.dll,jwlah.dll,gmnait.dll,hfjg.dll,thurh.dll,mgmgmm.dll,oqrthc.dll,rhdhj.dll,jyjlt.dll,ijatnaw.dll,sehhter.dll,fhjfg.dll,zdbdb.dll,ydgn.dll,dbfb.dll,fjnbv.dll,thrtgth.dll,setrhes.dll,cdxbfxdb.dll,xfgnxfn.dll,gjkhj.dll,xdhdg.dll,rhs.dll,mrjhtjd.dll,zdbfbd.dll,fjyjy.dll,fxnfnh.dll,bjrvm.dll,ektvm.dll,rdthr.dll,yjrfe.dll,dscef.dll,crugd.dll,lariytrz.dll,hjaiq.dll,kduy.dll,hkfgh.dll,awef.dll,dfhsh.dll,ethsh.dll,stehs.dll,sthth.dll,wfhyt.dll,rgghjj.dll,ghjkdr.dll,hfther.dll,,msosdohs01.dll,fgpsee.dll,msosping00.dll,fmsiocps.dll,kdbkjt.dll>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Science and Technology Corporation Limited]
    <{45AADFAA-DD36-42AB-83AD-0521BBF58C24}><C:\WINDOWS\System32\zjydcx.dll>  []
    <{17DFD111-BF3A-4CB4-ADB0-88FCBFE69821}><C:\WINDOWS\System32\hhrdxd.dll>  []
    <{40AF1289-F140-A140-D012-C1458759FC04}><C:\WINDOWS\System32\ypcqchlp.dll>  [N/A]
    <{B29583D8-033A-4B9F-8553-7C5458F3FB8E}><C:\WINDOWS\System32\jdsaex.dll>  []
    <{40940F85-F015-14F1-A05F-F69858AC6D04}><C:\WINDOWS\System32\zptlbsys.dll>  [N/A]
    <{3629FF4F-ACDB-5C90-A098-FACB3456A263}><C:\WINDOWS\System32\mpmycapi.dll>  [N/A]
    <{37FD640A-158F-48AC-FD14-1597F14A9773}><C:\WINDOWS\System32\mndscsrv.dll>  [N/A]
    <{25671234-7890-ABCD-CDEF-567801237652}><C:\WINDOWS\System32\yxcsbhlp.dll>  [N/A]
    <{398C9B84-4EF7-47B5-9862-DE29543B3C42}><C:\Program Files\Internet Explorer\PLUGINS\Nt_Sys32.Sys>  [N/A]
    <{C5E87A05-F463-4841-B19E-DD3EC3862368}><C:\Program Files\Internet Explorer\IEXPLORE32.Sys>  []
    <{EE12D60D-AD9A-4095-B839-3BE6862679FD}><C:\Program Files\Internet Explorer\IEXPLORE32.Dat>  []
    <{A45B2C37-01D0-4D3E-BE5E-CC119B17BE9E}><C:\Program Files\Internet Explorer\IEXPLORE32.win>  []
    <{3C648541-1025-9650-9057-6541258720C3}><C:\WINDOWS\System32\mndhcdwd.dll>  [N/A]
    <{50940F85-F015-14F1-A05F-F69858AC6D05}><C:\WINDOWS\System32\zptlcsys.dll>  [N/A]
    <{4629FF4F-ACDB-5C90-A098-FACB3456A264}><C:\WINDOWS\System32\mpmydapi.dll>  [N/A]
    <{35694105-5108-9405-3695-954187462153}><C:\WINDOWS\System32\mpwdcapi.dll>  [N/A]
    <{4319A1F1-9410-9654-3201-345FFA349134}><C:\WINDOWS\System32\zywmdime.dll>  [N/A]
    <{7490415F-65F8-B5C5-D8BA-9405FB120547}><C:\WINDOWS\System32\yzztgmsn.dll>  [N/A]
    <{2D698451-2015-6358-9871-2015987452D2}><C:\WINDOWS\System32\apzhbtde.dll>  [N/A]
    <{1FD45A54-9875-698F-E56E-65102358FDF1}><C:\WINDOWS\System32\apsgajba.dll>  [N/A]
    <{4B1AEF69-DDAE-FDAD-DCAB-698F026ABDB4}><C:\WINDOWS\System32\oohxcbyt.dll>  [N/A]
    <{3C8D1401-A58D-A81C-CD24-A5915C4517C3}><C:\WINDOWS\System32\mnmhcsrv.dll>  [N/A]
    <{81954FAC-1023-154F-895A-1458258AD818}><C:\WINDOWS\System32\ypdjfbmp.dll>  [N/A]
    <{328DF602-9541-A985-210A-984A698C6F23}><C:\WINDOWS\System32\ptjhchlp.dll>  [N/A]
    <{60AF1289-F140-A140-D012-C1458759FC06}><C:\WINDOWS\System32\ypcqehlp.dll>  [N/A]
    <{35671234-7890-ABCD-CDEF-567801237653}><C:\WINDOWS\System32\yxcschlp.dll>  [N/A]
    <{1DB3C525-5271-46F7-887A-D4E1ADAA7632}><C:\WINDOWS\System32\hfrdzx.dll>  []
    <{2C954872-1230-6541-9548-6541025884C2}><C:\WINDOWS\System32\lijzblit.dll>  [N/A]
    <{2A095412-A568-B258-C587-D148E148F0A2}><C:\WINDOWS\System32\cdwsbkop.dll>  [N/A]
    <{22023698-6984-8541-9654-698745012522}><C:\WINDOWS\System32\skqnbbib.dll>  [N/A]
    <{34FAE856-AD58-20CB-A025-CD4895FA6E43}><C:\WINDOWS\System32\pjjxcdwd.dll>  [N/A]
    <{13512378-9874-5641-1025-985420368731}><C:\WINDOWS\System32\oswxattb.dll>  [N/A]
    <{EB71E0B3-E97D-4D30-8733-E28266467617}><C:\WINDOWS\System32\wyhesm.dll>  []
    <{28EB3777-3E23-4E72-8449-A992D09D24C3}><C:\WINDOWS\System32\zgfdet.dll>  []
    <{6E6CA8A1-81BC-4707-A54C-F4903DD70BAD}><C:\WINDOWS\System32\zgxfdx.dll>  []
    <{8C41B7F7-3168-400D-A702-0E7EFE0BA304}><C:\WINDOWS\System32\sgrefg.dll>  []
    <{28766E1C-74B0-4417-8C75-F12AE309EF35}><C:\WINDOWS\System32\wzcfsw.dll>  []
    <{841529CB-7F77-4B99-A895-B5441E0D302F}><C:\WINDOWS\System32\jfrwdh.dll>  []
    <{84143967-B645-4BFF-B873-DA1DC886E9A7}><C:\WINDOWS\System32\cedafb.dll>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger><rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\msmsgs.inf,BLC.Install.PerUser>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\WINDOWS\System32\Rundll32.exe C:\WINDOWS\System32\mscories.dll,Install>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9EF0045A-CDD9-438e-95E6-02B9AFEC8E11}]
    <CRLUpdate><%SystemRoot%\System32\updcrl.exe -e -u %SystemRoot%\System32\verisignpub1.crl>  [N/A]

==================================
启动文件夹
[QQ游戏启动加速程序]
  <C:\Documents and Settings\s\「开始」菜单\程序\启动\QQ游戏启动加速程序.lnk --> F:\QQGame\Accel.exe [深圳市腾讯计算机系统有限公司]><N>
[腾讯QQ]
  <C:\Documents and Settings\s\「开始」菜单\程序\启动\腾讯QQ.lnk --> F:\QQ\QQ.exe [TENCENT]><N>

==================================
服务
[Application Management / AppMgmt][Stopped/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
  <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[IMAPI CD-Burning COM Service / ImapiService][Stopped/Manual Start]
  <C:\WINDOWS\System32\imapi.exe><Microsoft Corporation>
[Macromedia Licensing Service / Macromedia Licensing Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe"><>
[Rising Proxy  Service / RfwProxySrv][Running/Auto Start]
  <c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
  <c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter][Stopped/Auto Start]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
  <"C:\PROGRAM FILES\RISING\RAV\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[Ulead Burning Helper / UleadBurningHelper][Running/Auto Start]
  <C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe><Ulead Systems, Inc.>

==================================
驱动程序
[Service for WDM 3D Audio Driver / ALCXSENS][Running/Manual Start]
  <system32\drivers\ALCXSENS.SYS><Sensaura Ltd>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[ati2mtag / ati2mtag][Running/Manual Start]
  <System32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[cqit / cqit][Stopped/Auto Start]
  <\??\C:\DOCUME~1\s\LOCALS~1\Temp\tmp12.tmp><N/A>
[dohs / dohs][Stopped/Auto Start]
  <\??\C:\DOCUME~1\s\LOCALS~1\Temp\tmp6.tmp><N/A>
[fmsq / fmsq][Stopped/Auto Start]
  <\??\C:\DOCUME~1\s\LOCALS~1\Temp\tmpA.tmp><N/A>
[usb Card Device / ft2kEnum][Running/Manual Start]
  <System32\DRIVERS\ic2kenum.sys><OEM Corporation>
[HookCont / HookCont][Running/System Start]
  <\SystemRoot\system32\drivers\HookCont.sys><Beijing Rising Technology Co., Ltd>
[HookNtos / HookNtos][Running/System Start]
  <\SystemRoot\system32\drivers\HookNtos.sys><Beijing Rising Technology Co., Ltd>
[HookReg / HookReg][Running/System Start]
  <\SystemRoot\system32\drivers\HookReg.sys><Beijing Rising Technology Co., Ltd>
[HookSys / HookSys][Running/System Start]
  <\SystemRoot\system32\drivers\HookSys.sys><Beijing Rising Technology Co., Ltd>
[HookUrl / HookUrl][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[kmsinput / kmsinput][Stopped/Manual Start]
  <\??\C:\WINDOWS\System32\drivers\kmsinput.sys><N/A>
[mhfp / mhfp][Stopped/Auto Start]
  <\??\C:\DOCUME~1\s\LOCALS~1\Temp\tmp4.tmp><N/A>
[mnsf / mnsf][Stopped/Auto Start]
  <\??\C:\DOCUME~1\s\LOCALS~1\Temp\tmp18.tmp><N/A>
[msfpfis64 / msfpfis64][Running/Auto Start]
  <\??\C:\WINDOWS\System32\drivers\msosmsfpfis64.sys><N/A>
[msp2p32 / msp2p32][Running/Auto Start]
  <\??\C:\WINDOWS\System32\drivers\msosmsp2p32.sys><N/A>
[npkcrypt / npkcrypt][Stopped/Manual Start]
  <\??\C:\WINDOWS\System32\npkcrypt.sys><N/A>
[npkycryp / npkycryp][Stopped/Manual Start]
  <\??\C:\WINDOWS\System32\npkycryp.sys><N/A>
[ping / ping][Stopped/Auto Start]
  <\??\C:\DOCUME~1\s\LOCALS~1\Temp\tmp4.tmp><N/A>
[ptfs / ptfs][Stopped/Auto Start]
  <\??\C:\DOCUME~1\s\LOCALS~1\Temp\tmp1A.tmp><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[SmartCard Reader Device  / Reader_Device][Running/Manual Start]
  <System32\DRIVERS\usbic2k.sys><OEM>
[Rising  Rfwbase Driver / RfwBase][Running/Auto Start]
  <System32\DRIVERS\rfwbase.SYS><Beijing Rising Technology Co., Ltd.>
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
  <\SystemRoot\System32\drivers\RsBoot.sys><Beijing Rising Technology Co., Ltd.>
[RsFwDrv / RsFwDrv][Running/System Start]
  <\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\System32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
  <System32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[USB SDVC05 / SDVC05][Stopped/Manual Start]
  <System32\Drivers\SDVC05.sys><HaSoInTech>
[Secdrv / Secdrv][Stopped/Manual Start]
  <System32\DRIVERS\secdrv.sys><N/A>
[SiS AGP Filter / SISAGP][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\SISAGPX.sys><Silicon Integrated Systems Corporation>
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1][Stopped/Manual Start]
  <System32\DRIVERS\SONYPVU1.SYS><Sony Corporation>
[usb token Device Driver / token][Stopped/Manual Start]
  <System32\DRIVERS\eps2kt1.sys><>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  <System32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[zftp / zftp][Stopped/Auto Start]
  <\??\C:\DOCUME~1\s\LOCALS~1\Temp\tmpE.tmp><N/A>

==================================
浏览器加载项
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\System32\xunleibho_v14.dll, Thunder Networking Technologies,LTD>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <F:\迅雷\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[]
  {13512378-9874-5641-1025-985420368731} <C:\WINDOWS\System32\oswxattb.dll, N/A>
[]
  {1FD45A54-9875-698F-E56E-65102358FDF1} <C:\WINDOWS\System32\apsgajba.dll, N/A>
[]
  {22023698-6984-8541-9654-698745012522} <C:\WINDOWS\System32\skqnbbib.dll, N/A>
[]
  {25671234-7890-ABCD-CDEF-567801237652} <C:\WINDOWS\System32\yxcsbhlp.dll, N/A>
[]
  {2A095412-A568-B258-C587-D148E148F0A2} <C:\WINDOWS\System32\cdwsbkop.dll, N/A>
[]
  {2C954872-1230-6541-9548-6541025884C2} <C:\WINDOWS\System32\lijzblit.dll, N/A>
[]
  {2D698451-2015-6358-9871-2015987452D2} <C:\WINDOWS\System32\apzhbtde.dll, N/A>
[]
  {328DF602-9541-A985-210A-984A698C6F23} <C:\WINDOWS\System32\ptjhchlp.dll, N/A>
[]
  {34FAE856-AD58-20CB-A025-CD4895FA6E43} <C:\WINDOWS\System32\pjjxcdwd.dll, N/A>
[]
  {35671234-7890-ABCD-CDEF-567801237653} <C:\WINDOWS\System32\yxcschlp.dll, N/A>
[]
  {35694105-5108-9405-3695-954187462153} <C:\WINDOWS\System32\mpwdcapi.dll, N/A>
[]
  {3629FF4F-ACDB-5C90-A098-FACB3456A263} <C:\WINDOWS\System32\mpmycapi.dll, N/A>
[]
  {37FD640A-158F-48AC-FD14-1597F14A9773} <C:\WINDOWS\System32\mndscsrv.dll, N/A>
[]
  {398C9B84-4EF7-47B5-9862-DE29543B3C42} <C:\Program Files\Internet Explorer\PLUGINS\Nt_Sys32.Sys, N/A>
[]
  {3C648541-1025-9650-9057-6541258720C3} <C:\WINDOWS\System32\mndhcdwd.dll, N/A>
[]
  {3C8D1401-A58D-A81C-CD24-A5915C4517C3} <C:\WINDOWS\System32\mnmhcsrv.dll, N/A>
[]
  {40940F85-F015-14F1-A05F-F69858AC6D04} <C:\WINDOWS\System32\zptlbsys.dll, N/A>
[]
  {40AF1289-F140-A140-D012-C1458759FC04} <C:\WINDOWS\System32\ypcqchlp.dll, N/A>
[]
  {4319A1F1-9410-9654-3201-345FFA349134} <C:\WINDOWS\System32\zywmdime.dll, N/A>
[]
  {4629FF4F-ACDB-5C90-A098-FACB3456A264} <C:\WINDOWS\System32\mpmydapi.dll, N/A>
[]
  {4B1AEF69-DDAE-FDAD-DCAB-698F026ABDB4} <C:\WINDOWS\System32\oohxcbyt.dll, N/A>
[]
  {50940F85-F015-14F1-A05F-F69858AC6D05} <C:\WINDOWS\System32\zptlcsys.dll, N/A>
[]
  {60AF1289-F140-A140-D012-C1458759FC06} <C:\WINDOWS\System32\ypcqehlp.dll, N/A>
[]
  {7490415F-65F8-B5C5-D8BA-9405FB120547} <C:\WINDOWS\System32\yzztgmsn.dll, N/A>
[]
  {81954FAC-1023-154F-895A-1458258AD818} <C:\WINDOWS\System32\ypdjfbmp.dll, N/A>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <F:\迅雷\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[]
  {A45B2C37-01D0-4D3E-BE5E-CC119B17BE9E} <C:\Program Files\Internet Explorer\IEXPLORE32.win, N/A>
[]
  {C5E87A05-F463-4841-B19E-DD3EC3862368} <C:\Program Files\Internet Explorer\IEXPLORE32.Sys, N/A>
[]
  {EE12D60D-AD9A-4095-B839-3BE6862679FD} <C:\Program Files\Internet Explorer\IEXPLORE32.Dat, N/A>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <F:\迅雷\Thunder.exe, Thunder Networking Technologies,LTD>
[PlugInIE_DFDD_Sunv]
  {d7489fa7-4f38-da83-e876-ad56f2e8d761} <F:\东方大典2004\PlugInIE.dll, >
[电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\System32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[CEnroll Class]
  {127698E4-E730-4E5C-A2B1-21490A70C8A1} <C:\WINDOWS\system32\xenroll.dll, Microsoft Corporation>
[InstallHelper Class]
  {1DABF8D5-8430-4985-9B7F-A30E53D709B3} <C:\WINDOWS\System32\QQLiveInstaller.dll, >
[GDGetTokenInfo Class]
  {3AA9CF07-DF20-48FF-98BE-DED276E40146} <C:\WINDOWS\System32\GDREAD~1.DLL, >
[EditCtrl Class]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\System32\aliedit\aliedit.dll, >
[ICBC Security Ctrl]
  {5AB9367B-DD7F-411D-A030-DF7DE5E17AAE} <C:\WINDOWS\DOWNLO~1\NETBAN~1.OCX, Industrial and Commercial Bank of China>
[InfoSecNetSign Class]
  {5CB840B5-A94E-4AD9-B785-4866E3B04476} <C:\WINDOWS\DOWNLO~1\ICBCNE~1.DLL, Infosec Technologies Co., Ltd.>
[UImageUploader Class]
  {5F099AD3-0EC8-4ED9-B9E1-E443DF429A94} <C:\WINDOWS\Downloaded Program Files\UImageUploader.dll, Universal soft of ShangHai China>
[InfoSecNetSign Class]
  {62B938C4-4190-4F37-8CF0-A92B0A91CC77} <C:\WINDOWS\DOWNLO~1\NetSign.dll, Infosec Technologies Co., Ltd.>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\System32\wuweb.dll, Microsoft Corporation>
[AxInputControl Class]
  {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\DOWNLO~1\INPUTC~1.DLL, >
[Filetran Control]
  {88734439-46D0-42C0-A13F-7E881EE550CF} <F:\BLUESK~1\filetran.ocx, Bluesky Studio(http://www.bluesky.cn)>
[AxSubmitControl Class]
  {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\DOWNLO~1\SUBMIT~1.DLL, >
[VqqSpeedDlProxy Class]
  {9ADACAA6-533E-4383-AFA7-F0A66650B6D8} <C:\WINDOWS\vqqsdl10.dll, Tencent Technology (Shenzhen) Company Limited>
[MsnMessengerSetupDownloadControl Class]
  {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} <C:\WINDOWS\Downloaded Program Files\MsnMessengerSetupDownloader.ocx, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[AxUSBKey Class]
  {DA215190-98B2-47DE-AE24-DA95481DFFBA} <C:\WINDOWS\DOWNLO~1\USBKey.dll, >
[PasswordEditCtrl Class]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\System32\qqedit\qqedit.dll, 腾讯科技（深圳）有限公司>
[pcVerify.ucVerify]
  {EBD84F58-8D2B-4C66-85F1-73BC8125709D} <C:\WINDOWS\Downloaded Program Files\pcVerify.ocx, Junnet>
[Recorder Control]
  {2423AB16-9F42-457B-A337-FE3B11964DB0} <F:\BLUESK~1\recorder.ocx, Bluesky Studio (http://www.bluesky.cn)>
[BlueskyVideo Control]
  {2EA6D939-4445-43F1-A12B-8CB3DDA8B855} <F:\BLUESK~1\v2.ocx, 蓝天工作室(http://www.bluesky.cn)>
[Ppd Control]
  {2F2BA87D-385E-4922-B41C-06E190B06AA9} <F:\BLUESK~1\ppd.ocx, Bluesky Studio(http://www.bluesky.cn)>
[Share Control]
  {3072B1F1-0C4D-4E76-A7C6-FBAF129DBCC9} <F:\BLUESK~1\share.ocx, Bluesky Studio(http://www.bluesky.cn)>
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <F:\迅雷\ComDlls\ThunderAgent_Now.dll, Thunder Networking Technologies,LTD>
[Traceppd Control]
  {5910C66C-F9BA-4306-8175-C098B7F0ED62} <F:\BLUESK~1\traceppd.ocx, BlueskyStudio(http://www.bluesky.cn)>
[PP Control]
  {616DACC1-C5E6-4646-B36A-3FA4FC726BAD} <F:\BLUESK~1\ppc.ocx, Bluesky Studio (http://www.bluesky.cn)>
[XMP Class]
  {6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, >
[XDRM]
  {693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, >
[WangWangObj Class]
  {6E213FC7-DD5A-4115-B7E6-D4C7838C361E} <F:\淘宝网\淘宝旺旺\WangWangX4.dll, 阿里软件（中国）有限公司>
[Videohelp Control]
  {75B75D86-D88B-4BEA-BC59-BFD9D7300518} <F:\BLUESK~1\VIDEOH~1.OCX, Bluesky Studio(http://www.bluesky.cn)>
[Filetran Control]
  {88734439-46D0-42C0-A13F-7E881EE550CF} <F:\BLUESK~1\filetran.ocx, Bluesky Studio(http://www.bluesky.cn)>
[Chat Control]
  {94EFE58C-E678-4808-AD65-24CE4B94C1FE} <F:\BLUESK~1\chat.ocx, Bluesky Studio(http://www.bluesky.cn)>
[Blueskyvoice Control]
  {991481A7-4669-4e15-8C24-100404E1F5CB} <F:\BLUESK~1\BLUESK~2.OCX, 蓝天工作室(http://www.bluesky.cn)>
[Display Control]
  {A1D97DB3-E564-4743-B2E7-6F5182CBF406} <F:\BLUESK~1\display.ocx, Bluesky Studio (http://www.bluesky.cn)>
[Tracechat Control]
  {A40335C4-D3D1-4E7B-9130-039CDA5B603C} <F:\BLUESK~1\TRACEC~1.OCX, Bluesky Studio(http://www.bluesky.cn)>
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\System32\msnetobj.dll, Microsoft Corporation>
[PPChat Control]
  {AFB97F16-B7E8-4EB1-8133-FBD5AA2EBB3B} <F:\BLUESK~1\ppchat.ocx, Bluesky Studio(http://www.bluesky.cn)>
[Blueskyvoice Control]
  {BA0F088C-72C1-475a-92F8-42391DEF6961} <F:\BLUESK~1\BLUESK~1.OCX, 蓝天工作室(http://www.bluesky.cn)>
[Client Control]
  {C7B0C764-5D4E-433E-A854-591F28520577} <F:\BLUESK~1\client.ocx, >
[Play Control]
  {CC20DDA1-9A21-4DEC-B5BE-E61E0351FCA9} <F:\BLUESK~1\play.ocx, Bluesky Studio (http://www.bluesky.cn)>
[Vod Class]
  {EEDD6FF9-13DE-496B-9A1C-D78B3215E266} <F:\迅雷\Components\DownAndPlay\DapPlayer_Now.dll, XunLei>
[XPPlayer Class]
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\pplayer.dll_1_work, Thunder>
[使用迅雷下载]
  <F:\迅雷\Program\GetUrl.htm, N/A>
[使用迅雷下载全部链接]
  <F:\迅雷\Program\GetAllUrl.htm, N/A>
[添加到QQ表情]
  <F:\QQ\AddEmotion.htm, N/A>

==================================
正在运行的进程
[PID: 424 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 488 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit01.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\System32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosping00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosfmsq00.dll]  [N/A, ]
[PID: 512 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\fmsiocps.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit01.dll]  [N/A, ]
    [C:\WINDOWS\system32\fgpsee.dll]  [N/A, ]
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\WINDOWS\system32\wdmaud.drv]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\System32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosping00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosfmsq00.dll]  [N/A, ]
[PID: 580 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\WINDOWS\System32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\System32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosping00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosfmsq00.dll]  [N/A, ]
[PID: 592 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\WINDOWS\System32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\System32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosping00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosfmsq00.dll]  [N/A, ]
[PID: 768 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\WINDOWS\System32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\System32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosping00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosfmsq00.dll]  [N/A, ]
[PID: 832 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\WINDOWS\System32\WINHTTP.dll]  [Microsoft Corporation, 5.1.2600.1557 (xpsp2_gdr.040517-1325)]
    [C:\WINDOWS\System32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\System32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosping00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosfmsq00.dll]  [N/A, ]
[PID: 896 / NETWORK SERVICE][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\WINDOWS\System32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\System32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosping00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosfmsq00.dll]  [N/A, ]
[PID: 976 / LOCAL SERVICE][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\WINDOWS\System32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\System32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosping00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosfmsq00.dll]  [N/A, ]
[PID: 1060 / SYSTEM][c:\program files\rising\rfw\rfwsrv.exe]  [Beijing Rising Technology Co., Ltd., 7.0.0.68]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\fmsiocps.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit01.dll]  [N/A, ]
    [C:\WINDOWS\system32\fgpsee.dll]  [N/A, ]
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [C:\Program Files\Rising\Rfw\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [c:\program files\rising\rfw\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [c:\program files\rising\rfw\RSAPPMGR.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [c:\program files\rising\rfw\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.16]
    [c:\program files\rising\rfw\RfwRule.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.13]
    [c:\program files\rising\rfw\rfwlog.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.12]
    [c:\program files\rising\rfw\Rfwdrv.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.41]
    [c:\program files\rising\rfw\psapi.dll]  [Microsoft Corporation, 4.00]
    [c:\program files\rising\rfw\ijt_ctrl.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.0]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [c:\program files\rising\rfw\unvdet.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.5]
    [c:\program files\rising\rfw\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.3]
    [C:\WINDOWS\System32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\System32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosping00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosfmsq00.dll]  [N/A, ]
[PID: 1152 / SYSTEM][c:\program files\rising\rfw\rfwproxy.exe]  [Beijing Rising Technology Co., Ltd., 7.0.0.29]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [c:\program files\rising\rfw\psapi.dll]  [Microsoft Corporation, 4.00]
    [C:\Program Files\Rising\Rfw\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [c:\program files\rising\rfw\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [c:\program files\rising\rfw\RfwRule.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.13]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [c:\program files\rising\rfw\MonMid.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.4]
    [C:\WINDOWS\System32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\System32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosping00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosfmsq00.dll]  [N/A, ]
[PID: 1272 / SYSTEM][c:\program files\rising\rfw\rfwstub.exe]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [c:\program files\rising\rfw\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\WINDOWS\System32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\System32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosping00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosfmsq00.dll]  [N/A, ]
[PID: 1412 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
    [C:\WINDOWS\system32\fmsiocps.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\system32\msoscqit01.dll]  [N/A, ]
    [C:\WINDOWS\system32\fgpsee.dll]  [N/A, ]
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\WINDOWS\System32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\System32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\System32\fyrgtr.dll]  [N/A, ]
    [C:\WINDOWS\System32\fnhwe.dll]  [N/A, ]
    [C:\WINDOWS\System32\xgnfn.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosping00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosfmsq00.dll]  [N/A, ]
[PID: 1584 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\fmsiocps.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msoscqit01.dll]  [N/A, ]
    [C:\WINDOWS\System32\fgpsee.dll]  [N/A, ]
    [C:\WINDOWS\System32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\WINDOWS\System32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\System32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosping00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosfmsq00.dll]  [N/A, ]
[PID: 1660 / LOCAL SERVICE][C:\WINDOWS\System32\SCardSvr.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\fmsiocps.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msoscqit01.dll]  [N/A, ]
    [C:\WINDOWS\System32\fgpsee.dll]  [N/A, ]
    [C:\WINDOWS\System32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\WINDOWS\System32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\System32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosping00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosfmsq00.dll]  [N/A, ]
[PID: 1688 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\WINDOWS\System32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\System32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosping00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosfmsq00.dll]  [N/A, ]
[PID: 1716 / SYSTEM][C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe]  [Ulead Systems, Inc., 1, 0, 0, 3]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\WINDOWS\System32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\System32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosping00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosfmsq00.dll]  [N/A, ]
[PID: 1748 / LOCAL SERVICE][C:\WINDOWS\System32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: DNSRV(bld4act)]
    [C:\WINDOWS\System32\fmsiocps.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msoscqit01.dll]  [N/A, ]
    [C:\WINDOWS\System32\fgpsee.dll]  [N/A, ]
    [C:\WINDOWS\System32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\WINDOWS\System32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\System32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosping00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosfmsq00.dll]  [N/A, ]
[PID: 2024 / s][C:\WINDOWS\System32\Explorer.exe]  [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\fmsiocps.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msoscqit01.dll]  [N/A, ]
    [C:\WINDOWS\System32\fgpsee.dll]  [N/A, ]
    [C:\WINDOWS\System32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.17]
    [C:\WINDOWS\System32\zjydcx.dll]  [N/A, ]
    [C:\WINDOWS\System32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\System32\jdsaex.dll]  [N/A, ]
    [C:\Program Files\Internet Explorer\IEXPLORE32.Sys]  [N/A, ]
    [C:\Program Files\Internet Explorer\IEXPLORE32.Dat]  [N/A, ]
    [C:\Program Files\Internet Explorer\IEXPLORE32.win]  [N/A, ]
    [C:\WINDOWS\System32\hfrdzx.dll]  [N/A, ]
    [C:\WINDOWS\System32\wyhesm.dll]  [N/A, ]
    [C:\WINDOWS\System32\zgfdet.dll]  [N/A, ]
    [C:\WINDOWS\System32\zgxfdx.dll]  [N/A, ]
    [C:\WINDOWS\System32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\System32\hefcndy.dll]  [N/A, ]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\WINDOWS\System32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\System32\dionpis.dll]  [N/A, ]
    [C:\WINDOWS\System32\kdbkjt.dll]  [N/A, ]
    [C:\WINDOWS\System32\wzcfsw.dll]  [N/A, ]
    [C:\WINDOWS\System32\anistio.dll]  [N/A, ]
    [C:\WINDOWS\System32\SysZxaC.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\System32\SysDaJHv.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\System32\dbhlp32.dlL]  [N/A, ]
    [C:\WINDOWS\System32\jfrwdh.dll]  [N/A, ]
    [C:\WINDOWS\System32\bincdwsa.dll]  [N/A, ]
    [C:\WINDOWS\System32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\System32\fnhwe.dll]  [N/A, ]
    [C:\WINDOWS\System32\isndntio.dll]  [N/A, ]
    [C:\WINDOWS\System32\xgnfn.dll]  [N/A, ]
    [C:\WINDOWS\System32\fyrgtr.dll]  [N/A, ]
    [C:\WINDOWS\System32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\System32\WINSvr64.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosping00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosfmsq00.dll]  [N/A, ]
    [C:\WINDOWS\System32\xunleibho_v14.dll]  [Thunder Networking Technologies,LTD, 4, 6, 0, 62]
    [C:\WINDOWS\System32\wdmaud.drv]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
    [C:\WINDOWS\System32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [F:\迅雷\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.2.9]
    [F:\迅雷\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 3, 11]
    [F:\迅雷\Components\ResWorker\DsBho_00.dll]  [, 1, 0, 0, 4]
    [F:\迅雷\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 6]
    [C:\WINDOWS\System32\Audiodev.dll]  [Microsoft Corporation, 5.2.3790.3646 built by: DNSRV(bld4act)]
[PID: 1872 / s][C:\WINDOWS\SOUNDMAN.EXE]  [Realtek Semiconductor Corp., 5.1.0.22]
    [C:\WINDOWS\System32\fmsiocps.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msoscqit01.dll]  [N/A, ]
    [C:\WINDOWS\System32\fgpsee.dll]  [N/A, ]
    [C:\WINDOWS\System32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [C:\WINDOWS\System32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\System32\zgxfdx.dll]  [N/A, ]
    [C:\WINDOWS\System32\zgfdet.dll]  [N/A, ]
    [C:\WINDOWS\System32\wyhesm.dll]  [N/A, ]
    [C:\WINDOWS\System32\hfrdzx.dll]  [N/A, ]
    [C:\WINDOWS\System32\jdsaex.dll]  [N/A, ]
    [C:\WINDOWS\System32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\System32\zjydcx.dll]  [N/A, ]
    [C:\Program Files\Internet Explorer\IEXPLORE32.Sys]  [N/A, ]
    [C:\Program Files\Internet Explorer\IEXPLORE32.Dat]  [N/A, ]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\WINDOWS\System32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\System32\wzcfsw.dll]  [N/A, ]
    [C:\WINDOWS\System32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\System32\jfrwdh.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosping00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosfmsq00.dll]  [N/A, ]
    [C:\WINDOWS\System32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\System32\SysDaJHv.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\System32\SysZxaC.dll]  [Microsoft Corporation, 5.1.2600.3099]
[PID: 2108 / s][F:\qt\qttask.exe]  [Apple Computer, Inc., 6.5]
    [C:\WINDOWS\System32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [C:\WINDOWS\System32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\System32\zgxfdx.dll]  [N/A, ]
    [C:\WINDOWS\System32\zgfdet.dll]  [N/A, ]
    [C:\WINDOWS\System32\wyhesm.dll]  [N/A, ]
    [C:\WINDOWS\System32\hfrdzx.dll]  [N/A, ]
    [C:\WINDOWS\System32\jdsaex.dll]  [N/A, ]
    [C:\WINDOWS\System32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\System32\zjydcx.dll]  [N/A, ]
    [C:\Program Files\Internet Explorer\IEXPLORE32.Sys]  [N/A, ]
    [C:\Program Files\Internet Explorer\IEXPLORE32.Dat]  [N/A, ]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\WINDOWS\System32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\System32\wzcfsw.dll]  [N/A, ]
    [C:\WINDOWS\System32\jfrwdh.dll]  [N/A, ]
    [C:\WINDOWS\System32\SysDaJHv.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\System32\SysZxaC.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\System32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\System32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosping00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosfmsq00.dll]  [N/A, ]
[PID: 2156 / s][C:\Program Files\Rising\Rav\RavTask.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.23]
    [C:\WINDOWS\System32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [C:\Program Files\Rising\Rav\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [C:\Program Files\Rising\Rav\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.16]
    [C:\WINDOWS\System32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\System32\zgxfdx.dll]  [N/A, ]
    [C:\WINDOWS\System32\zgfdet.dll]  [N/A, ]
    [C:\WINDOWS\System32\wyhesm.dll]  [N/A, ]
    [C:\WINDOWS\System32\hfrdzx.dll]  [N/A, ]
    [C:\Program Files\Internet Explorer\IEXPLORE32.Sys]  [N/A, ]
    [C:\Program Files\Internet Explorer\IEXPLORE32.Dat]  [N/A, ]
    [C:\WINDOWS\System32\jdsaex.dll]  [N/A, ]
    [C:\WINDOWS\System32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\System32\zjydcx.dll]  [N/A, ]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\WINDOWS\System32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\System32\wzcfsw.dll]  [N/A, ]
    [C:\WINDOWS\System32\jfrwdh.dll]  [N/A, ]
    [C:\WINDOWS\System32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\System32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosping00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosfmsq00.dll]  [N/A, ]
    [C:\WINDOWS\System32\SysDaJHv.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\System32\SysZxaC.dll]  [Microsoft Corporation, 5.1.2600.3099]
[PID: 2164 / s][C:\Program Files\Rising\Rfw\rfwmain.exe]  [Beijing Rising Technology Co., Ltd., 7.0.1.65]
    [C:\WINDOWS\System32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\System32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\System32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Rising\Rfw\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 88]
    [C:\WINDOWS\System32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [C:\Program Files\Rising\Rfw\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [C:\Program Files\Rising\Rfw\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [C:\Program Files\Rising\Rfw\RSAPPMGR.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [C:\Program Files\Rising\Rfw\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.16]
    [C:\Program Files\Rising\Rfw\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [C:\Program Files\Rising\Rfw\RfwCtrl.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.7]
    [C:\Program Files\Rising\Rfw\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 0]
    [C:\Program Files\Rising\Rfw\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\Program Files\Rising\Rfw\RfwRule.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.13]
    [C:\WINDOWS\System32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\System32\zgxfdx.dll]  [N/A, ]
    [C:\WINDOWS\System32\zgfdet.dll]  [N/A, ]
    [C:\WINDOWS\System32\wyhesm.dll]  [N/A, ]
    [C:\WINDOWS\System32\hfrdzx.dll]  [N/A, ]
    [C:\WINDOWS\System32\jdsaex.dll]  [N/A, ]
    [C:\WINDOWS\System32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\System32\zjydcx.dll]  [N/A, ]
    [C:\Program Files\Internet Explorer\IEXPLORE32.Sys]  [N/A, ]
    [C:\Program Files\Internet Explorer\IEXPLORE32.Dat]  [N/A, ]
    [C:\WINDOWS\System32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\System32\wzcfsw.dll]  [N/A, ]
    [C:\WINDOWS\System32\jfrwdh.dll]  [N/A, ]
    [C:\WINDOWS\System32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\System32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosping00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosfmsq00.dll]  [N/A, ]
    [C:\WINDOWS\System32\SysDaJHv.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\System32\SysZxaC.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\System32\fyrgtr.dll]  [N/A, ]
    [C:\WINDOWS\System32\fnhwe.dll]  [N/A, ]
    [C:\WINDOWS\System32\xgnfn.dll]  [N/A, ]
    [C:\Program Files\Rising\Rfw\psapi.dll]  [Microsoft Corporation, 4.00]
    [C:\WINDOWS\System32\WINSvr64.dll]  [N/A, ]
    [C:\WINDOWS\System32\isndntio.dll]  [N/A, ]
    [C:\WINDOWS\System32\bincdwsa.dll]  [N/A, ]
    [C:\WINDOWS\System32\dbhlp32.dlL]  [N/A, ]
    [C:\WINDOWS\System32\anistio.dll]  [N/A, ]
    [C:\WINDOWS\System32\kdbkjt.dll]  [N/A, ]
    [C:\WINDOWS\System32\dionpis.dll]  [N/A, ]
    [C:\WINDOWS\System32\hefcndy.dll]  [N/A, ]
[PID: 2280 / s][C:\WINDOWS\System32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\fmsiocps.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosdohs00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msoscqit01.dll]  [N/A, ]
    [C:\WINDOWS\System32\fgpsee.dll]  [N/A, ]
    [C:\WINDOWS\System32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [C:\WINDOWS\System32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\System32\zgxfdx.dll]  [N/A, ]
    [C:\WINDOWS\System32\zgfdet.dll]  [N/A, ]
    [C:\WINDOWS\System32\wyhesm.dll]  [N/A, ]
    [C:\WINDOWS\System32\hfrdzx.dll]  [N/A, ]
    [C:\WINDOWS\System32\jdsaex.dll]  [N/A, ]
    [C:\WINDOWS\System32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\System32\zjydcx.dll]  [N/A, ]
    [C:\Program Files\Internet Explorer\IEXPLORE32.Sys]  [N/A, ]
    [C:\Program Files\Internet Explorer\IEXPLORE32.Dat]  [N/A, ]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\WINDOWS\System32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\System32\wzcfsw.dll]  [N/A, ]
    [C:\WINDOWS\System32\jfrwdh.dll]  [N/A, ]
    [C:\WINDOWS\System32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\System32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosping00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosfmsq00.dll]  [N/A, ]
    [C:\WINDOWS\System32\SysDaJHv.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\System32\SysZxaC.dll]  [Microsoft Corporation, 5.1.2600.3099]
[PID: 2304 / s][C:\Program Files\Messenger\msmsgs.exe]  [Microsoft Corporation, 4.6.0078]
    [C:\WINDOWS\System32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [C:\Program Files\Messenger\MSGSLANG.DLL]  [Microsoft Corporation, 4.6.0078]
    [C:\PROGRA~1\MESSEN~1\rtcimsp.dll]  [Microsoft Corporation, 4.0.3599.0 (Lab02_N(ntvbl02).020107-1351)]
    [C:\WINDOWS\System32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\System32\zgxfdx.dll]  [N/A, ]
    [C:\WINDOWS\System32\zgfdet.dll]  [N/A, ]
    [C:\WINDOWS\System32\wyhesm.dll]  [N/A, ]
    [C:\WINDOWS\System32\hfrdzx.dll]  [N/A, ]
    [C:\WINDOWS\System32\jdsaex.dll]  [N/A, ]
    [C:\WINDOWS\System32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\System32\zjydcx.dll]  [N/A, ]
    [C:\Program Files\Internet Explorer\IEXPLORE32.Sys]  [N/A, ]
    [C:\Program Files\Internet Explorer\IEXPLORE32.Dat]  [N/A, ]
    [C:\WINDOWS\System32\wdmaud.drv]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\WINDOWS\System32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\msdmo.dll]  [, ]
    [C:\WINDOWS\System32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\System32\wzcfsw.dll]  [N/A, ]
    [C:\WINDOWS\System32\jfrwdh.dll]  [N/A, ]
    [C:\WINDOWS\System32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\System32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosping00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosfmsq00.dll]  [N/A, ]
    [C:\WINDOWS\System32\SysDaJHv.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\System32\SysZxaC.dll]  [Microsoft Corporation, 5.1.2600.3099]
[PID: 3760 / s][C:\WINDOWS\System32\conime.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [C:\WINDOWS\System32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\System32\zgxfdx.dll]  [N/A, ]
    [C:\WINDOWS\System32\zgfdet.dll]  [N/A, ]
    [C:\WINDOWS\System32\jdsaex.dll]  [N/A, ]
    [C:\WINDOWS\System32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\System32\zjydcx.dll]  [N/A, ]
    [C:\WINDOWS\System32\wyhesm.dll]  [N/A, ]
    [C:\WINDOWS\System32\hfrdzx.dll]  [N/A, ]
    [C:\Program Files\Internet Explorer\IEXPLORE32.Sys]  [N/A, ]
    [C:\Program Files\Internet Explorer\IEXPLORE32.Dat]  [N/A, ]
    [C:\WINDOWS\System32\wzcfsw.dll]  [N/A, ]
    [C:\WINDOWS\System32\SysZxaC.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\System32\SysDaJHv.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\System32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\System32\jfrwdh.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosping00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosfmsq00.dll]  [N/A, ]
    [C:\WINDOWS\System32\cedafb.dll]  [N/A, ]
[PID: 3628 / s][C:\WINDOWS\System32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\fnhwe.dll]  [N/A, ]
    [C:\WINDOWS\System32\fyrgtr.dll]  [N/A, ]
    [C:\WINDOWS\System32\xgnfn.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosdohs01.dll]  [N/A, ]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
[PID: 1212 / s][C:\Program Files\Rising\Rav\RsAgent.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.9]
    [C:\WINDOWS\System32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\System32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\System32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\System32\fyrgtr.dll]  [N/A, ]
    [C:\WINDOWS\System32\fnhwe.dll]  [N/A, ]
    [C:\WINDOWS\System32\xgnfn.dll]  [N/A, ]
    [C:\WINDOWS\System32\SysDaJHv.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\System32\SysZxaC.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\Program Files\Rising\Rav\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [C:\Program Files\Rising\Rav\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [C:\WINDOWS\System32\wzcfsw.dll]  [N/A, ]
    [C:\WINDOWS\System32\jdsaex.dll]  [N/A, ]
    [C:\WINDOWS\System32\hfrdzx.dll]  [N/A, ]
    [C:\WINDOWS\System32\zjydcx.dll]  [N/A, ]
    [C:\WINDOWS\System32\zgxfdx.dll]  [N/A, ]
    [C:\WINDOWS\System32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\System32\wyhesm.dll]  [N/A, ]
    [C:\WINDOWS\System32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\System32\jfrwdh.dll]  [N/A, ]
    [C:\WINDOWS\System32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\System32\WINSvr64.dll]  [N/A, ]
    [C:\WINDOWS\System32\isndntio.dll]  [N/A, ]
    [C:\WINDOWS\System32\bincdwsa.dll]  [N/A, ]
    [C:\WINDOWS\System32\dbhlp32.dlL]  [N/A, ]
    [C:\WINDOWS\System32\anistio.dll]  [N/A, ]
    [C:\WINDOWS\System32\kdbkjt.dll]  [N/A, ]
    [C:\WINDOWS\System32\dionpis.dll]  [N/A, ]
    [C:\WINDOWS\System32\hefcndy.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosping00.dll]  [N/A, ]
    [C:\WINDOWS\System32\zgfdet.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\System32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosfmsq00.dll]  [N/A, ]
[PID: 948 / s][C:\WINDOWS\msagent\AgentSvr.exe]  [Microsoft Corporation, 2.00.0.3422]
    [C:\WINDOWS\system32\fnhwe.dll]  [N/A, ]
    [C:\WINDOWS\system32\fyrgtr.dll]  [N/A, ]
    [C:\WINDOWS\system32\xgnfn.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosping00.dll]  [N/A, ]
    [C:\WINDOWS\system32\fgpsee.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmsiocps.dll]  [N/A, ]
    [c:\program files\rising\rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [c:\program files\rising\rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\WINDOWS\System32\SysDaJHv.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\System32\SysZxaC.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\System32\wzcfsw.dll]  [N/A, ]
    [C:\WINDOWS\System32\jdsaex.dll]  [N/A, ]
    [C:\WINDOWS\System32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\System32\hfrdzx.dll]  [N/A, ]
    [C:\WINDOWS\System32\zjydcx.dll]  [N/A, ]
    [C:\WINDOWS\System32\zgxfdx.dll]  [N/A, ]
    [C:\WINDOWS\System32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\System32\zgfdet.dll]  [N/A, ]
    [C:\WINDOWS\System32\wyhesm.dll]  [N/A, ]
    [C:\WINDOWS\System32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\System32\jfrwdh.dll]  [N/A, ]
    [C:\WINDOWS\system32\wdmaud.drv]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\WINSvr64.dll]  [N/A, ]
    [C:\WINDOWS\System32\isndntio.dll]  [N/A, ]
    [C:\WINDOWS\System32\bincdwsa.dll]  [N/A, ]
    [C:\WINDOWS\System32\dbhlp32.dlL]  [N/A, ]
    [C:\WINDOWS\System32\anistio.dll]  [N/A, ]
    [C:\WINDOWS\System32\kdbkjt.dll]  [N/A, ]
    [C:\WINDOWS\System32\dionpis.dll]  [N/A, ]
    [C:\WINDOWS\System32\hefcndy.dll]  [N/A, ]
[PID: 3492 / s][C:\WINDOWS\System32\taskmgr.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\fyrgtr.dll]  [N/A, ]
    [C:\WINDOWS\System32\fnhwe.dll]  [N/A, ]
    [C:\WINDOWS\System32\SysDaJHv.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\System32\SysZxaC.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\System32\xgnfn.dll]  [N/A, ]
    [C:\WINDOWS\System32\jdsaex.dll]  [N/A, ]
    [C:\WINDOWS\System32\hfrdzx.dll]  [N/A, ]
    [C:\WINDOWS\System32\zjydcx.dll]  [N/A, ]
    [C:\WINDOWS\System32\zgxfdx.dll]  [N/A, ]
    [C:\WINDOWS\System32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\System32\wyhesm.dll]  [N/A, ]
    [C:\WINDOWS\System32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\System32\jfrwdh.dll]  [N/A, ]
    [C:\WINDOWS\System32\wzcfsw.dll]  [N/A, ]
    [C:\WINDOWS\System32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosfmsq00.dll]  [N/A, ]
    [C:\WINDOWS\System32\WINSvr64.dll]  [N/A, ]
    [C:\WINDOWS\System32\isndntio.dll]  [N/A, ]
    [C:\WINDOWS\System32\bincdwsa.dll]  [N/A, ]
    [C:\WINDOWS\System32\dbhlp32.dlL]  [N/A, ]
    [C:\WINDOWS\System32\anistio.dll]  [N/A, ]
    [C:\WINDOWS\System32\kdbkjt.dll]  [N/A, ]
    [C:\WINDOWS\System32\dionpis.dll]  [N/A, ]
    [C:\WINDOWS\System32\hefcndy.dll]  [N/A, ]
    [C:\WINDOWS\System32\zgfdet.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosping00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\System32\msoscqit00.dll]  [N/A, ]
[PID: 2812 / s][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, ]
    [C:\WINDOWS\System32\fnhwe.dll]  [N/A, ]
    [C:\WINDOWS\System32\fyrgtr.dll]  [N/A, ]
    [C:\WINDOWS\System32\xgnfn.dll]  [N/A, ]
    [C:\WINDOWS\System32\kdbkjt.dll]  [N/A, ]
    [C:\WINDOWS\System32\fmsiocps.dll]  [N/A, ]
    [C:\WINDOWS\System32\fgpsee.dll]  [N/A, ]
    [C:\WINDOWS\System32\SysDaJHv.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\System32\SysZxaC.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\System32\Audiodev.dll]  [Microsoft Corporation, 5.2.3790.3646 built by: DNSRV(bld4act)]
    [C:\WINDOWS\System32\wyhesm.dll]  [N/A, ]
    [C:\WINDOWS\System32\jdsaex.dll]  [N/A, ]
    [C:\WINDOWS\System32\hfrdzx.dll]  [N/A, ]
    [C:\WINDOWS\System32\zjydcx.dll]  [N/A, ]
    [C:\WINDOWS\System32\zgxfdx.dll]  [N/A, ]
    [C:\WINDOWS\System32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\System32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\System32\jfrwdh.dll]  [N/A, ]
    [C:\WINDOWS\System32\wzcfsw.dll]  [N/A, ]
    [C:\WINDOWS\System32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\System32\zgfdet.dll]  [N/A, ]
    [C:\WINDOWS\System32\WINSvr64.dll]  [N/A, ]
    [C:\WINDOWS\System32\isndntio.dll]  [N/A, ]
    [C:\WINDOWS\System32\bincdwsa.dll]  [N/A, ]
    [C:\WINDOWS\System32\dbhlp32.dlL]  [N/A, ]
    [C:\WINDOWS\System32\anistio.dll]  [N/A, ]
    [C:\WINDOWS\System32\dionpis.dll]  [N/A, ]
    [C:\WINDOWS\System32\hefcndy.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosping00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosfmsq00.dll]  [N/A, ]
[PID: 1320 / s][C:\DOCUME~1\s\LOCALS~1\Temp\Rar$EX60.594\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [C:\WINDOWS\System32\fyrgtr.dll]  [N/A, ]
    [C:\WINDOWS\System32\fnhwe.dll]  [N/A, ]
    [C:\WINDOWS\System32\SysDaJHv.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\System32\xgnfn.dll]  [N/A, ]
    [C:\WINDOWS\System32\SysZxaC.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\System32\wyhesm.dll]  [N/A, ]
    [C:\WINDOWS\System32\jdsaex.dll]  [N/A, ]
    [C:\WINDOWS\System32\hfrdzx.dll]  [N/A, ]
    [C:\WINDOWS\System32\zjydcx.dll]  [N/A, ]
    [C:\WINDOWS\System32\zgxfdx.dll]  [N/A, ]
    [C:\WINDOWS\System32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\System32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\System32\jfrwdh.dll]  [N/A, ]
    [C:\WINDOWS\System32\wzcfsw.dll]  [N/A, ]
    [C:\WINDOWS\System32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\System32\WINSvr64.dll]  [N/A, ]
    [C:\WINDOWS\System32\isndntio.dll]  [N/A, ]
    [C:\WINDOWS\System32\bincdwsa.dll]  [N/A, ]
    [C:\WINDOWS\System32\dbhlp32.dlL]  [N/A, ]
    [C:\WINDOWS\System32\anistio.dll]  [N/A, ]
    [C:\WINDOWS\System32\kdbkjt.dll]  [N/A, ]
    [C:\WINDOWS\System32\dionpis.dll]  [N/A, ]
    [C:\WINDOWS\System32\hefcndy.dll]  [N/A, ]
    [C:\WINDOWS\System32\zgfdet.dll]  [N/A, ]
    [C:\DOCUME~1\s\LOCALS~1\Temp\Rar$EX60.594\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
    [C:\WINDOWS\System32\msosfmsq00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosdohs01.dll]  [N/A, ]
    [C:\WINDOWS\System32\msoscqit00.dll]  [N/A, ]
    [C:\WINDOWS\System32\msosping00.dll]  [N/A, ]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
N/A

==================================
进程特权扫描
特殊特权被允许： SeLoadDriverPrivilege [PID = 512, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 2108, F:\QT\QTTASK.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2108, F:\QT\QTTASK.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 2304, C:\PROGRAM FILES\MESSENGER\MSMSGS.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2304, C:\PROGRAM FILES\MESSENGER\MSMSGS.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 2812, C:\PROGRAM FILES\WINRAR\WINRAR.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2812, C:\PROGRAM FILES\WINRAR\WINRAR.EXE]

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]