瑞星卡卡电脑诊断日志 v1.30 (2008-7-17 18:4:38) 北京瑞星科技股份有限公司 注释: [A]表示该文件存在自启动关联; [M]表示该文件在内存中; + 注册表自运行项目 + 系统服务 + HKLM\System\CurrentControlSet\Services ccosm [AM] 1. d:\stormii\stormliv.exe 北京暴风网际科技有限公司 暴风影音媒体控制中心 .text,.rdata,.data,.rsrc, RfwProxySrv [A ] 2. d:\rising\rfw\rfwproxy.exe Beijing Rising Technology Co., Ltd. Rising Personal Proxy Service .text,.rdata,.data,.rsrc, RfwService [AM] 3. d:\rising\rfw\rfwsrv.exe Beijing Rising Technology Co., Ltd. Rising Personal FireWall Service .text,.rdata,.data,.rsrc, RsCCenter [AM] 4. d:\rising\rav\ccenter.exe Beijing Rising Technology Co., Ltd. CCenter .text,.rdata,.data,.rsrc, RsRavMon [AM] 5. d:\rising\rav\ravmond.exe Beijing Rising Technology Co., Ltd. Rising Realtime Moniter .text,.rdata,.data,.rsrc, UMWdf [AM] 6. c:\windows\system32\wdfmgr.exe Microsoft Corporation Windows User Mode Driver Manager .text,.data,.rsrc, + 内核驱动 + HKLM\System\CurrentControlSet\Services adsrsvc [A ] 7. c:\windows\system32\drivers\adsrsvc.sys Dynamic Link Library .text,.rdata,.data,INIT,.rsrc,.reloc, ALCXWDM [A ] 8. c:\windows\system32\drivers\alcxwdm.sys Realtek Semiconductor Corp. Realtek AC'97 Audio Driver (WDM) .text,CODE,.rdata,.data,.data1,PAGE,INIT,.rsrc,.reloc, HBKernel [A ] 9. c:\windows\system32\drivers\hbkernel.sys HookCont [A ] 10. c:\windows\system32\drivers\hookcont.sys Beijing Rising Technology Co., Ltd HookCont .text,.rdata,.data,INIT,.rsrc,.reloc, HookNtos [A ] 11. c:\windows\system32\drivers\hookntos.sys Beijing Rising Technology Co., Ltd HookNtos .text,.rdata,.data,INIT,.rsrc,.reloc, HookReg [A ] 12. c:\windows\system32\drivers\hookreg.sys Beijing Rising Technology Co., Ltd HookReg .text,.rdata,.data,INIT,.rsrc,.reloc, HookSys [A ] 13. c:\windows\system32\drivers\hooksys.sys Beijing Rising Technology Co., Ltd Hooksys .text,.rdata,.data,INIT,.rsrc,.reloc, HookUrl [A ] 14. d:\rising\rfw\hookurl.sys Beijing Rising Technology Co., Ltd. URL Filter Driver .text,.rdata,.data,INIT,.rsrc,.reloc, oljjf [A ] 15. c:\docume~1\admini~1\locals~1\temp\_tmp.bat RfwBase [A ] 16. c:\windows\system32\drivers\rfwbase.sys Beijing Rising Technology Co., Ltd. net base driver .text,.rdata,.data,INIT,.rsrc,.reloc, RsFwDrv [A ] 17. d:\rising\rfw\rsfwdrv.sys Beijing Rising Technology Co., Ltd. Rules Driver .text,.rdata,.data,INIT,.rsrc,.reloc, RsNTGDI [A ] 18. c:\windows\system32\drivers\rsntgdi.sys Beijing Rising Technology Co., Ltd. RsNTGDI .text,.rdata,INIT,.rsrc,.reloc, Secdrv [A ] 19. c:\windows\system32\drivers\secdrv.sys Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. Macrovision SECURITY Driver .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, + 文件系统驱动 + HKLM\System\CurrentControlSet\Services BdGuard [A ] 20. c:\windows\system32\drivers\bdguard.sys BDGUARD Dynamic Link Library .text,.rdata,.data,INIT,.rsrc,.reloc, hcgemmeo [A ] 21. c:\windows\system32\drivers\hcgemmeo.sys Yahoo! China Corporation .text,.rdata,.data,INIT,.rsrc,.reloc, yaskp [A ] 22. c:\windows\system32\drivers\yaskp.sys Copyright (C) yahoo Corporation. KMD .text,.rdata,.data,INIT,.rsrc,.reloc, + IE浏览器加载模块 + HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar {B580CF65-E151-49C3-B73F-70B13FCA8E86} [A ] 23. c:\program files\baidu\bar\baidubar.dll Baidu.com, Inc. BaiduBar Module .text,.rdata,.data,.idata,.Shared,.rsrc,.reloc, {406F94F0-504F-4A40-8DFD-58B0666ABEBD} [AM] 24. c:\program files\yahoo!\assistant\assist\yasbar.dll yahoo! china IE ToolBand .text,.rdata,.data,.yAsbarS,.rsrc,.reloc, + HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks {02496EBD-8455-48db-B3C7-5DAC97D9F5A7} [AM] 25. c:\program files\baidu\iexp\bdsrhook.dll Baidu Search Companion .text,.rdata,.data,.idata,.SHARE_D,.rsrc,.reloc, {406F94F0-504F-4a40-8DFD-58B0666ABEBD} [AM] 24. c:\program files\yahoo!\assistant\assist\yasbar.dll yahoo! china IE ToolBand .text,.rdata,.data,.yAsbarS,.rsrc,.reloc, + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects {01443AEC-0FD1-40fd-9C87-E93D1494C233} [AM] 26. d:\thunder network\thunder\comdlls\tdatonce_now.dll Thunder Networking Technologies,LTD 迅雷浏览器高级特性支持模块 .text,.rdata,.data,.rsrc,.reloc, {02496EBD-8455-48db-B3C7-5DAC97D9F5A7} [AM] 25. c:\program files\baidu\iexp\bdsrhook.dll Baidu Search Companion .text,.rdata,.data,.idata,.SHARE_D,.rsrc,.reloc, {33BBE430-0E42-4f12-B075-8D21ACB10DCB} [AM] 27. c:\program files\yahoo!\assistant\assist\yphtb.dll Yahoo! China yPhtb .text,.rdata,.data,.yPhtbSe,.rsrc,.reloc, {38928D50-8A48-44C2-945F-D2F23F771410} [A ] 28. c:\program files\yahoo!\assistant\assist\yangling.dll yahoo! china yangling.dll .text,.rdata,.data,.SHARED,.rsrc,.reloc, {62EED7C6-9F02-42f9-B634-98E2899E147B} [AM] 29. c:\program files\yahoo!\assistant\assist\ydragsearch.dll yahoo! china DragSearch .text,.rdata,.data,.BhoObjS,.rsrc,.reloc, {77FEF28E-EB96-44FF-B511-3185DEA48697} [A ] 23. c:\program files\baidu\bar\baidubar.dll Baidu.com, Inc. BaiduBar Module .text,.rdata,.data,.idata,.Shared,.rsrc,.reloc, {889D2FEB-5411-4565-8998-1DD2C5261283} [AM] 30. d:\thunder network\thunder\comdlls\xunleibho_now.dll Thunder Networking Technologies,LTD XunLeiBHO .text,.rdata,.data,.rsrc,.reloc, {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [A ] 31. c:\windows\system32\urlfilter.dll Beijing Rising Technology Co., Ltd. Rising AntiSpyware UrlFilter Module .text,.rdata,.data,.rsrc,.reloc, + HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars {19CE93DE-8334-42C6-B2CA-BFE3DF5196A3} [A ] 32. c:\program files\yahoo!\assistant\assist\yrss.dll Yahoo! China yRss Module .text,.rdata,.data,.rsrc,.reloc, + 资源管理器加载模块 + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved HyperTerminal Icon Ext [A ] 33. c:\windows\system32\hticons.dll Hilgraeve, Inc. HyperTerminal Applet Library .text,.data,.rsrc,.reloc, Portable Media Devices [A ] 34. c:\windows\system32\audiodev.dll Microsoft Corporation 便携媒体设备命令行解释器扩展 .text,.data,.rsrc,.reloc, Portable Media Devices Menu [A ] 34. c:\windows\system32\audiodev.dll Microsoft Corporation 便携媒体设备命令行解释器扩展 .text,.data,.rsrc,.reloc, WinRAR shell extension [AM] 35. c:\program files\winrar\rarext.dll .text,.data,.tls,.idata,.edata,.rsrc,.reloc, RISING [AM] 36. c:\windows\system32\ravext.dll Beijing Rising Technology Co., Ltd. Rising Shell Ext Module .text,.rdata,.data,.rsrc,.reloc, Yahoo!Photo [AM] 27. c:\program files\yahoo!\assistant\assist\yphtb.dll Yahoo! China yPhtb .text,.rdata,.data,.yPhtbSe,.rsrc,.reloc, 粉碎文件 [AM] 37. c:\program files\yahoo!\assistant\assist\ywiper.dll Yahoo! China Wiper 动态链接库 .text,.rdata,.data,.rsrc,.reloc, + 用户登陆自运行项目 + HKLM\Software\Microsoft\Windows\CurrentVersion\Run SoundMan [AM] 38. c:\windows\soundman.exe Realtek Semiconductor Corp. Realtek Sound Manager .text,.rdata,.data,.sxdata,.rsrc, RavTask [AM] 39. d:\rising\rav\ravtask.exe Beijing Rising Technology Co., Ltd. RavTimer .text,.rdata,.data,.rsrc, YLive.exe [AM] 40. c:\program files\yahoo!\assistant\ylive.exe Yahoo! China YLive .text,.rdata,.data,.rsrc, yassistse [AM] 41. c:\program files\yahoo!\assistant\yassistse.exe Yahoo! China AssistSetting .text,.rdata,.data,.rsrc, runeip [AM] 42. d:\rising\antispyware\rstray.exe Beijing Rising Technology Co., Ltd. RSTray .text,.rdata,.data,.rsrc, + 开机执行 + HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order BootExecute [A ] 43. c:\windows\system32\bsmain.exe Beijing Rising Technology Co., Ltd. Rising Antivirus 2008 .text,.rdata,.data,.rsrc,.reloc, + 映像劫持 + HKCR\Folder\shell Super Rabbit CDROM Eject [A ] 44. d:\super rabbit\magicset\srcd2.exe Super Rabbit Software UPX0,UPX1,.rsrc, + HKCR\.html htmlfile\傲游(Maxthon)\Command [AM] 45. d:\maxthon2\maxthon.exe Maxthon International ltd. Maxthon Browser .text,.rdata,.data,.rsrc,.reloc, + HKCR\.htm htmlfile\傲游(Maxthon)\Command [AM] 45. d:\maxthon2\maxthon.exe Maxthon International ltd. Maxthon Browser .text,.rdata,.data,.rsrc,.reloc, + 程序初始化和已知动态连接库 + HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows AppInit_DLLs [AM] 46. c:\windows\system32\kmon.dll Beijing Rising Technology Co., Ltd. KaKa Monitors .text,.rdata,.data,.rsrc,.reloc, + 正在运行的进程 + 0000008c(140) Ravmon.exe 00400000[00067000] [ M] 47. d:\rising\rav\ravmon.exe Beijing Rising Technology Co., Ltd. Rising realtime monitor shell .text,.rdata,.data,.rsrc, 7C140000[00103000] [ M] 48. c:\windows\system32\mfc71.dll Microsoft Corporation MFCDLL Shared Library - Retail Version .text,.data,.rsrc,.reloc, 7C340000[00056000] [ M] 49. c:\windows\system32\msvcr71.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 7C3A0000[0007B000] [ M] 50. c:\windows\system32\msvcp71.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 10000000[0001F000] [ M] 51. d:\rising\rav\proccom.dll Beijing Rising Technology Co., Ltd. ProcessC Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00B20000[00024000] [ M] 52. d:\rising\rav\rscommx2.dll Beijing Rising Technology Co., Ltd. RsCommX2 .text,.rdata,.data,.rsrc,.reloc, 23700000[00028000] [ M] 53. d:\rising\rav\rscommon.dll Beijing Rising Technology Co., Ltd. Rising Common Function Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00D70000[00035000] [ M] 54. d:\rising\rav\recomp.dll Beijing Rising Technology Co., Ltd. component manager Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00DC0000[00036000] [ M] 55. d:\rising\rav\refs.dll Beijing Rising Technology Co., Ltd. filesystem Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01020000[0002F000] [ M] 56. d:\rising\rav\viruslib.dll Beijing Rising Technology Co., Ltd. VirusLib Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01160000[00028000] [ M] 57. d:\rising\rav\relibldr.dll Beijing Rising Technology Co., Ltd. libloader Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 011E0000[0000E000] [ M] 58. d:\rising\rav\rsappmgr.dll Beijing Rising Technology Co., Ltd. Rising Application Manager .text,.rdata,.data,.rsrc,.reloc, 01200000[00030000] [ M] 59. d:\rising\rav\cfgdll.dll Beijing Rising Technology Co., Ltd. CfgDll .text,.rdata,.data,.rsrc,.reloc, 01360000[00075000] [ M] 60. d:\rising\rav\monrule.dll Beijing Rising Technology Co., Ltd. MonRule .text,.rdata,.data,.rsrc,.reloc, 23900000[00040000] [ M] 61. d:\rising\rav\pngdll.dll Beijing Rising Technology Co., Ltd. Rising .Png File Loader Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 26600000[000B8000] [ M] 62. d:\rising\rav\rsguilib.dll Beijing Rising Technology Co., Ltd. Rising GUI Library Loader .text,.rdata,.data,.rsrc,.reloc, 23800000[00018000] [ M] 63. d:\rising\rav\rsxml.dll Beijing Rising Technology Co., Ltd. RsXML .text,.rdata,.data,.rsrc,.reloc, 70000000[00019000] [ M] 64. d:\rising\rfw\ijt_base.dll Beijing Rising Technology Co., Ltd. Inject Base .text,.rdata,.data,.rsrc,.reloc, 60000000[0000F000] [ M] 65. d:\rising\rfw\olemon.dll Beijing Rising Technology Co., Ltd. Ole Mon Dll .text,.rdata,.data,.rsrc,.reloc, + 00000168(360) knownsvr.exe 00400000[00072000] [ M] 66. d:\rising\antispyware\knownsvr.exe Beijing Rising Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc, 10000000[0002D000] [ M] 67. d:\rising\antispyware\ncomm.dll Beijing Rising Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 60000000[00074000] [AM] 46. c:\windows\system32\kmon.dll Beijing Rising Technology Co., Ltd. KaKa Monitors .text,.rdata,.data,.rsrc,.reloc, 00A90000[0002D000] [ M] 68. d:\rising\antispyware\comx3.dll Beijing Rising Technology Co., Ltd. comx3 Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00AC0000[00019000] [ M] 69. d:\rising\antispyware\syslay.dll Beijing Rising Technology Co., Ltd. Syslay .text,.rdata,.data,.rsrc,.reloc, 01050000[0003F000] [AM] 25. c:\program files\baidu\iexp\bdsrhook.dll Baidu Search Companion .text,.rdata,.data,.idata,.SHARE_D,.rsrc,.reloc, 64000000[00018000] [ M] 70. c:\program files\yahoo!\assistant\yhelper.dll Yahoo! China Helper Module .text,.rdata,.data,.cnshelp,.rsrc,.reloc, + 000001a4(420) smss.exe + 000001dc(476) csrss.exe 70000000[00019000] [ M] 64. d:\rising\rfw\ijt_base.dll Beijing Rising Technology Co., Ltd. Inject Base .text,.rdata,.data,.rsrc,.reloc, 60000000[0000F000] [ M] 65. d:\rising\rfw\olemon.dll Beijing Rising Technology Co., Ltd. Ole Mon Dll .text,.rdata,.data,.rsrc,.reloc, + 000001f4(500) winlogon.exe 70000000[00019000] [ M] 64. d:\rising\rfw\ijt_base.dll Beijing Rising Technology Co., Ltd. Inject Base .text,.rdata,.data,.rsrc,.reloc, 60000000[0000F000] [ M] 65. d:\rising\rfw\olemon.dll Beijing Rising Technology Co., Ltd. Ole Mon Dll .text,.rdata,.data,.rsrc,.reloc, 72C80000[00008000] [ M] 71. c:\windows\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, + 00000220(544) services.exe 70000000[00019000] [ M] 64. d:\rising\rfw\ijt_base.dll Beijing Rising Technology Co., Ltd. Inject Base .text,.rdata,.data,.rsrc,.reloc, 60000000[0000F000] [ M] 65. d:\rising\rfw\olemon.dll Beijing Rising Technology Co., Ltd. Ole Mon Dll .text,.rdata,.data,.rsrc,.reloc, + 0000022c(556) lsass.exe 70000000[00019000] [ M] 64. d:\rising\rfw\ijt_base.dll Beijing Rising Technology Co., Ltd. Inject Base .text,.rdata,.data,.rsrc,.reloc, 60000000[0000F000] [ M] 65. d:\rising\rfw\olemon.dll Beijing Rising Technology Co., Ltd. Ole Mon Dll .text,.rdata,.data,.rsrc,.reloc, + 000002c4(708) svchost.exe 70000000[00019000] [ M] 64. d:\rising\rfw\ijt_base.dll Beijing Rising Technology Co., Ltd. Inject Base .text,.rdata,.data,.rsrc,.reloc, 60000000[0000F000] [ M] 65. d:\rising\rfw\olemon.dll Beijing Rising Technology Co., Ltd. Ole Mon Dll .text,.rdata,.data,.rsrc,.reloc, + 000002f0(752) svchost.exe 70000000[00019000] [ M] 64. d:\rising\rfw\ijt_base.dll Beijing Rising Technology Co., Ltd. Inject Base .text,.rdata,.data,.rsrc,.reloc, 60000000[0000F000] [ M] 65. d:\rising\rfw\olemon.dll Beijing Rising Technology Co., Ltd. Ole Mon Dll .text,.rdata,.data,.rsrc,.reloc, + 00000340(832) CCenter.exe 00400000[00029000] [AM] 4. d:\rising\rav\ccenter.exe Beijing Rising Technology Co., Ltd. CCenter .text,.rdata,.data,.rsrc, 70000000[00019000] [ M] 64. d:\rising\rfw\ijt_base.dll Beijing Rising Technology Co., Ltd. Inject Base .text,.rdata,.data,.rsrc,.reloc, 60000000[0000F000] [ M] 65. d:\rising\rfw\olemon.dll Beijing Rising Technology Co., Ltd. Ole Mon Dll .text,.rdata,.data,.rsrc,.reloc, + 00000350(848) svchost.exe 70000000[00019000] [ M] 64. d:\rising\rfw\ijt_base.dll Beijing Rising Technology Co., Ltd. Inject Base .text,.rdata,.data,.rsrc,.reloc, 60000000[0000F000] [ M] 65. d:\rising\rfw\olemon.dll Beijing Rising Technology Co., Ltd. Ole Mon Dll .text,.rdata,.data,.rsrc,.reloc, + 000003b4(948) svchost.exe 70000000[00019000] [ M] 64. d:\rising\rfw\ijt_base.dll Beijing Rising Technology Co., Ltd. Inject Base .text,.rdata,.data,.rsrc,.reloc, 60000000[0000F000] [ M] 65. d:\rising\rfw\olemon.dll Beijing Rising Technology Co., Ltd. Ole Mon Dll .text,.rdata,.data,.rsrc,.reloc, + 00000404(1028) svchost.exe 70000000[00019000] [ M] 64. d:\rising\rfw\ijt_base.dll Beijing Rising Technology Co., Ltd. Inject Base .text,.rdata,.data,.rsrc,.reloc, 60000000[0000F000] [ M] 65. d:\rising\rfw\olemon.dll Beijing Rising Technology Co., Ltd. Ole Mon Dll .text,.rdata,.data,.rsrc,.reloc, + 00000454(1108) ravmond.exe 00400000[00069000] [AM] 5. d:\rising\rav\ravmond.exe Beijing Rising Technology Co., Ltd. Rising Realtime Moniter .text,.rdata,.data,.rsrc, 10000000[00042000] [ M] 72. d:\rising\rav\bwlist.dll Beijing Rising Technology Co., Ltd. BWList DLL .text,.rdata,.data,.rsrc,.reloc, 7C140000[00103000] [ M] 48. c:\windows\system32\mfc71.dll Microsoft Corporation MFCDLL Shared Library - Retail Version .text,.data,.rsrc,.reloc, 7C340000[00056000] [ M] 49. c:\windows\system32\msvcr71.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 7C3A0000[0007B000] [ M] 50. c:\windows\system32\msvcp71.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 00B20000[0000E000] [ M] 58. d:\rising\rav\rsappmgr.dll Beijing Rising Technology Co., Ltd. Rising Application Manager .text,.rdata,.data,.rsrc,.reloc, 00B40000[00030000] [ M] 59. d:\rising\rav\cfgdll.dll Beijing Rising Technology Co., Ltd. CfgDll .text,.rdata,.data,.rsrc,.reloc, 00DE0000[00067000] [ M] 73. d:\rising\rav\rslog.dll Beijing Rising Technology Co., Ltd. RsLog DLL .text,.rdata,.data,.rsrc,.reloc, 00B90000[0001F000] [ M] 51. d:\rising\rav\proccom.dll Beijing Rising Technology Co., Ltd. ProcessC Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00F50000[00024000] [ M] 52. d:\rising\rav\rscommx2.dll Beijing Rising Technology Co., Ltd. RsCommX2 .text,.rdata,.data,.rsrc,.reloc, 70000000[00019000] [ M] 64. d:\rising\rfw\ijt_base.dll Beijing Rising Technology Co., Ltd. Inject Base .text,.rdata,.data,.rsrc,.reloc, 60000000[0000F000] [ M] 65. d:\rising\rfw\olemon.dll Beijing Rising Technology Co., Ltd. Ole Mon Dll .text,.rdata,.data,.rsrc,.reloc, 00E50000[00075000] [ M] 60. d:\rising\rav\monrule.dll Beijing Rising Technology Co., Ltd. MonRule .text,.rdata,.data,.rsrc,.reloc, 00EE0000[00013000] [ M] 74. d:\rising\rav\hooksys.dll Beijing Rising Technology Co., Ltd Hooksys Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 010C0000[00013000] [ M] 75. d:\rising\rav\hookreg.dll Beijing Rising Technology Co., Ltd HookReg Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01110000[00013000] [ M] 76. d:\rising\rav\hookntos.dll Beijing Rising Technology Co., Ltd SysMon Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01170000[0001C000] [ M] 77. d:\rising\rav\rswalmon.dll Beijing Rising Technology Co., Ltd. Rising WAL Monitor DLL .text,.rdata,.data,.rsrc,.reloc, 01FA0000[00035000] [ M] 54. d:\rising\rav\recomp.dll Beijing Rising Technology Co., Ltd. component manager Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01FF0000[00036000] [ M] 55. d:\rising\rav\refs.dll Beijing Rising Technology Co., Ltd. filesystem Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 02040000[00023000] [ M] 78. d:\rising\rav\ffr.dll Beijing Rising Technology Co., Ltd. ffr Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 02080000[00020000] [ M] 79. d:\rising\rav\rsstore.dll Beijing Rising Technology Co., Ltd. RSStore .text,.rdata,.data,.rsrc,.reloc, 020B0000[00013000] [ M] 80. d:\rising\rav\hookcont.dll Beijing Rising Technology Co., Ltd HookCont Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 020E0000[00027000] [ M] 81. d:\rising\rav\fakescan.dll Beijing Rising Technology Co., Ltd. FakeScan Module .text,.rdata,.data,.rsrc,.reloc, 02120000[00022000] [ M] 82. d:\rising\rav\scanner.dll Beijing Rising Technology Co., Ltd. RsScanner Module .text,.rdata,.data,.rsrc,.reloc, 02760000[0002F000] [ M] 56. d:\rising\rav\viruslib.dll Beijing Rising Technology Co., Ltd. VirusLib Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 028A0000[00028000] [ M] 57. d:\rising\rav\relibldr.dll Beijing Rising Technology Co., Ltd. libloader Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 02D40000[0000D000] [ M] 83. d:\rising\rav\hookweb.dll Beijing Rising Technology Co., Ltd. Rising HookWeb Dll .text,.rdata,.data,.rsrc,.reloc, 03EE0000[00021000] [ M] 84. d:\rising\rav\nvfile.dll Beijing Rising Technology Co., Ltd. NVFile .text,.rdata,.data,.rsrc,.reloc, 049B0000[000DC000] [ M] 85. d:\rising\rav\extfile.dll Beijing Rising Technology Co., Ltd. extFile Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 04AA0000[00027000] [ M] 86. d:\rising\rav\pearc.dll Beijing Rising Technology Co., Ltd. pearchive Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 13AB0000[0004A000] [ M] 87. d:\rising\rav\scanexec.dll Beijing Rising Technology Co., Ltd. ScanExec .text,.rdata,.data,.rsrc,.reloc, 05BF0000[002DC000] [ M] 88. d:\rising\rav\unexe.dll Beijing Rising Technology Co., Ltd. UnExe .text,.rdata,.data,.rsrc,.reloc, 04AF0000[000D3000] [ M] 89. d:\rising\rav\scanex.dll Beijing Rising Technology Co., Ltd. ScanEx .text,.rdata,.data,.rsrc,.reloc, 04EE0000[00036000] [ M] 90. d:\rising\rav\scanpack.dll Beijing Rising Technology Co., Ltd. Unpack Engine .text,.rdata,.data,.rsrc,.reloc, 04F20000[000B4000] [ M] 91. d:\rising\rav\revm.dll Beijing Rising Technology Co., Ltd. REVM Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 050F0000[00020000] [ M] 92. d:\rising\rav\urutils.dll urutils Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 05120000[00018000] [ M] 93. d:\rising\rav\ur000.dat Beijing Rising Technology Co., Ltd. Unpack Routine .text,.rdata,.data,.rsrc,.reloc, 05A70000[00036000] [ M] 94. d:\rising\rav\scriptci.dll Beijing Rising Technology Co., Ltd. scriptci Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 05AB0000[0001D000] [ M] 95. d:\rising\rav\ur001.dat Beijing Rising Technology Co., Ltd. Unpack Routine .text,.rdata,.data,.rsrc,.reloc, 09330000[00023000] [ M] 96. d:\rising\rav\scansct.dll Beijing Rising Technology Co., Ltd. ScanSct Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 09FC0000[00046000] [ M] 97. d:\rising\rav\extole.dll Beijing Rising Technology Co., Ltd. ExtOLE .text,.rdata,.data,.rsrc,.reloc, 14210000[00037000] [ M] 98. d:\rising\rav\extmail.dll Beijing Rising Technology Co., Ltd. ExtMail .text,.rdata,.data,.rsrc,.reloc, + 00000464(1124) rfwsrv.exe 00400000[00037000] [AM] 3. d:\rising\rfw\rfwsrv.exe Beijing Rising Technology Co., Ltd. Rising Personal FireWall Service .text,.rdata,.data,.rsrc, 7C140000[00103000] [ M] 48. c:\windows\system32\mfc71.dll Microsoft Corporation MFCDLL Shared Library - Retail Version .text,.data,.rsrc,.reloc, 7C340000[00056000] [ M] 49. c:\windows\system32\msvcr71.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 7C3A0000[0007B000] [ M] 50. c:\windows\system32\msvcp71.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 10000000[0001F000] [ M] 99. d:\rising\rfw\proccom.dll Beijing Rising Technology Co., Ltd. ProcessC Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00770000[00024000] [ M] 100. d:\rising\rfw\rscommx2.dll Beijing Rising Technology Co., Ltd. RsCommX2 .text,.rdata,.data,.rsrc,.reloc, 009B0000[0000E000] [ M] 101. d:\rising\rfw\rsappmgr.dll Beijing Rising Technology Co., Ltd. Rising Application Manager .text,.rdata,.data,.rsrc,.reloc, 009D0000[00030000] [ M] 102. d:\rising\rfw\cfgdll.dll Beijing Rising Technology Co., Ltd. CfgDll .text,.rdata,.data,.rsrc,.reloc, 00AE0000[0000F000] [ M] 103. d:\rising\rfw\rfwrule.dll Beijing Rising Technology Co., Ltd. rule DLL .text,.rdata,.data,.rsrc,.reloc, 00AF0000[0000C000] [ M] 104. d:\rising\rfw\rfwlog.dll Beijing Rising Technology Co., Ltd. Rising Personal FireWall Logfile DLL .text,.rdata,.data,.rsrc,.reloc, 00B00000[00018000] [ M] 105. d:\rising\rfw\rfwdrv.dll Beijing Rising Technology Co., Ltd. Rising Personal FireWall Driver DLL .text,.rdata,.data,.rsrc,.reloc, 00B20000[0000E000] [ M] 106. d:\rising\rfw\ijt_ctrl.dll Beijing Rising Technology Co., Ltd. Injector Controller .text,.rdata,.data,.rsrc,.reloc, 70000000[00019000] [ M] 64. d:\rising\rfw\ijt_base.dll Beijing Rising Technology Co., Ltd. Inject Base .text,.rdata,.data,.rsrc,.reloc, 60000000[0000F000] [ M] 65. d:\rising\rfw\olemon.dll Beijing Rising Technology Co., Ltd. Ole Mon Dll .text,.rdata,.data,.rsrc,.reloc, 00B50000[00016000] [ M] 107. d:\rising\rfw\unvdet.dll Beijing Rising Technology Co., Ltd. ScanUnv .text,.rdata,.data,.rsrc,.reloc, 00BA0000[00013000] [ M] 108. d:\rising\rfw\mports.dll Beijing Rising Technology Co., Ltd. get ports list .text,.rdata,.data,.rsrc,.reloc, + 000005f0(1520) stormliv.exe 00400000[00075000] [AM] 1. d:\stormii\stormliv.exe 北京暴风网际科技有限公司 暴风影音媒体控制中心 .text,.rdata,.data,.rsrc, 75FF0000[00065000] [ M] 109. d:\stormii\msvcp60.dll Microsoft Corporation Microsoft (R) C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 70000000[00019000] [ M] 64. d:\rising\rfw\ijt_base.dll Beijing Rising Technology Co., Ltd. Inject Base .text,.rdata,.data,.rsrc,.reloc, 60000000[0000F000] [ M] 65. d:\rising\rfw\olemon.dll Beijing Rising Technology Co., Ltd. Ole Mon Dll .text,.rdata,.data,.rsrc,.reloc, + 00000624(1572) Explorer.EXE 64000000[00018000] [ M] 70. c:\program files\yahoo!\assistant\yhelper.dll Yahoo! China Helper Module .text,.rdata,.data,.cnshelp,.rsrc,.reloc, 72C80000[00008000] [ M] 71. c:\windows\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, 70000000[00019000] [ M] 64. d:\rising\rfw\ijt_base.dll Beijing Rising Technology Co., Ltd. Inject Base .text,.rdata,.data,.rsrc,.reloc, 60000000[0000F000] [ M] 65. d:\rising\rfw\olemon.dll Beijing Rising Technology Co., Ltd. Ole Mon Dll .text,.rdata,.data,.rsrc,.reloc, 01D20000[0002C000] [AM] 35. c:\program files\winrar\rarext.dll .text,.data,.tls,.idata,.edata,.rsrc,.reloc, 10000000[0001C000] [AM] 36. c:\windows\system32\ravext.dll Beijing Rising Technology Co., Ltd. Rising Shell Ext Module .text,.rdata,.data,.rsrc,.reloc, 01DF0000[0003F000] [AM] 25. c:\program files\baidu\iexp\bdsrhook.dll Baidu Search Companion .text,.rdata,.data,.idata,.SHARE_D,.rsrc,.reloc, 3C400000[0003A000] [ M] 110. c:\program files\yahoo!\assistant\yalive.dll yahoo! china AutoLive Module .text,.rdata,.data,.ylive_d,.rsrc,.reloc, 40000000[0002A000] [ M] 111. c:\program files\yahoo!\assistant\yalliveex.dll Yahoo! China LiveEx .text,.rdata,.data,.rsrc,.reloc, 02800000[0002C000] [AM] 26. d:\thunder network\thunder\comdlls\tdatonce_now.dll Thunder Networking Technologies,LTD 迅雷浏览器高级特性支持模块 .text,.rdata,.data,.rsrc,.reloc, 02830000[00031000] [AM] 30. d:\thunder network\thunder\comdlls\xunleibho_now.dll Thunder Networking Technologies,LTD XunLeiBHO .text,.rdata,.data,.rsrc,.reloc, 24030000[0000E000] [ M] 112. d:\thunder network\thunder\components\resworker\dsbho_01.dll Thunder Networking Technologies,LTD DsBho .text,.rdata,.data,.rsrc,.reloc, 23FE0000[0001E000] [ M] 113. d:\thunder network\thunder\components\resworker\dataprocessor_01.dll Thunder Networking Technologies,LTD DataProcessor .text,.rdata,.data,.rsrc,.reloc, 23700000[00028000] [ M] 53. d:\rising\rav\rscommon.dll Beijing Rising Technology Co., Ltd. Rising Common Function Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 44800000[00020000] [AM] 27. c:\program files\yahoo!\assistant\assist\yphtb.dll Yahoo! China yPhtb .text,.rdata,.data,.yPhtbSe,.rsrc,.reloc, 44000000[0000E000] [AM] 29. c:\program files\yahoo!\assistant\assist\ydragsearch.dll yahoo! china DragSearch .text,.rdata,.data,.BhoObjS,.rsrc,.reloc, 02500000[0004F000] [AM] 37. c:\program files\yahoo!\assistant\assist\ywiper.dll Yahoo! China Wiper 动态链接库 .text,.rdata,.data,.rsrc,.reloc, + 000006ac(1708) spoolsv.exe 70000000[00019000] [ M] 64. d:\rising\rfw\ijt_base.dll Beijing Rising Technology Co., Ltd. Inject Base .text,.rdata,.data,.rsrc,.reloc, 60000000[0000F000] [ M] 65. d:\rising\rfw\olemon.dll Beijing Rising Technology Co., Ltd. Ole Mon Dll .text,.rdata,.data,.rsrc,.reloc, + 00000704(1796) wdfmgr.exe 01000000[0000C000] [AM] 6. c:\windows\system32\wdfmgr.exe Microsoft Corporation Windows User Mode Driver Manager .text,.data,.rsrc, 70000000[00019000] [ M] 64. d:\rising\rfw\ijt_base.dll Beijing Rising Technology Co., Ltd. Inject Base .text,.rdata,.data,.rsrc,.reloc, 60000000[0000F000] [ M] 65. d:\rising\rfw\olemon.dll Beijing Rising Technology Co., Ltd. Ole Mon Dll .text,.rdata,.data,.rsrc,.reloc, + 0000078c(1932) RavStub.exe 00400000[00021000] [ M] 114. d:\rising\rav\ravstub.exe Beijing Rising Technology Co., Ltd. Rising RavStub .text,.rdata,.data,.rsrc, 10000000[0001F000] [ M] 51. d:\rising\rav\proccom.dll Beijing Rising Technology Co., Ltd. ProcessC Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00620000[00024000] [ M] 52. d:\rising\rav\rscommx2.dll Beijing Rising Technology Co., Ltd. RsCommX2 .text,.rdata,.data,.rsrc,.reloc, 23700000[00028000] [ M] 53. d:\rising\rav\rscommon.dll Beijing Rising Technology Co., Ltd. Rising Common Function Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 70000000[00019000] [ M] 64. d:\rising\rfw\ijt_base.dll Beijing Rising Technology Co., Ltd. Inject Base .text,.rdata,.data,.rsrc,.reloc, 60000000[0000F000] [ M] 65. d:\rising\rfw\olemon.dll Beijing Rising Technology Co., Ltd. Ole Mon Dll .text,.rdata,.data,.rsrc,.reloc, + 000007bc(1980) SOUNDMAN.EXE 00400000[0008F000] [AM] 38. c:\windows\soundman.exe Realtek Semiconductor Corp. Realtek Sound Manager .text,.rdata,.data,.sxdata,.rsrc, 70000000[00019000] [ M] 64. d:\rising\rfw\ijt_base.dll Beijing Rising Technology Co., Ltd. Inject Base .text,.rdata,.data,.rsrc,.reloc, 60000000[0000F000] [ M] 65. d:\rising\rfw\olemon.dll Beijing Rising Technology Co., Ltd. Ole Mon Dll .text,.rdata,.data,.rsrc,.reloc, 10000000[0003F000] [AM] 25. c:\program files\baidu\iexp\bdsrhook.dll Baidu Search Companion .text,.rdata,.data,.idata,.SHARE_D,.rsrc,.reloc, + 000007c4(1988) RavTask.exe 00400000[00034000] [AM] 39. d:\rising\rav\ravtask.exe Beijing Rising Technology Co., Ltd. RavTimer .text,.rdata,.data,.rsrc, 10000000[0001F000] [ M] 51. d:\rising\rav\proccom.dll Beijing Rising Technology Co., Ltd. ProcessC Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00A30000[00024000] [ M] 52. d:\rising\rav\rscommx2.dll Beijing Rising Technology Co., Ltd. RsCommX2 .text,.rdata,.data,.rsrc,.reloc, 23700000[00028000] [ M] 53. d:\rising\rav\rscommon.dll Beijing Rising Technology Co., Ltd. Rising Common Function Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00C90000[0000E000] [ M] 58. d:\rising\rav\rsappmgr.dll Beijing Rising Technology Co., Ltd. Rising Application Manager .text,.rdata,.data,.rsrc,.reloc, 08CB0000[00030000] [ M] 59. d:\rising\rav\cfgdll.dll Beijing Rising Technology Co., Ltd. CfgDll .text,.rdata,.data,.rsrc,.reloc, 70000000[00019000] [ M] 64. d:\rising\rfw\ijt_base.dll Beijing Rising Technology Co., Ltd. Inject Base .text,.rdata,.data,.rsrc,.reloc, 60000000[0000F000] [ M] 65. d:\rising\rfw\olemon.dll Beijing Rising Technology Co., Ltd. Ole Mon Dll .text,.rdata,.data,.rsrc,.reloc, + 000007cc(1996) YLive.exe 00400000[00017000] [AM] 40. c:\program files\yahoo!\assistant\ylive.exe Yahoo! China YLive .text,.rdata,.data,.rsrc, 64000000[00018000] [ M] 70. c:\program files\yahoo!\assistant\yhelper.dll Yahoo! China Helper Module .text,.rdata,.data,.cnshelp,.rsrc,.reloc, 3C400000[0003A000] [ M] 110. c:\program files\yahoo!\assistant\yalive.dll yahoo! china AutoLive Module .text,.rdata,.data,.ylive_d,.rsrc,.reloc, 40000000[0002A000] [ M] 111. c:\program files\yahoo!\assistant\yalliveex.dll Yahoo! China LiveEx .text,.rdata,.data,.rsrc,.reloc, 70000000[00019000] [ M] 64. d:\rising\rfw\ijt_base.dll Beijing Rising Technology Co., Ltd. Inject Base .text,.rdata,.data,.rsrc,.reloc, 60000000[0000F000] [ M] 65. d:\rising\rfw\olemon.dll Beijing Rising Technology Co., Ltd. Ole Mon Dll .text,.rdata,.data,.rsrc,.reloc, 40800000[0001A000] [ M] 115. c:\program files\yahoo!\assistant\ynotifier.dll yahoo! china Notifier Module .text,.rdata,.data,.YahooNT,.rsrc,.reloc, 10000000[0003F000] [AM] 25. c:\program files\baidu\iexp\bdsrhook.dll Baidu Search Companion .text,.rdata,.data,.idata,.SHARE_D,.rsrc,.reloc, + 000007d0(2000) RfwMain.exe 00400000[00092000] [ M] 116. d:\rising\rfw\rfwmain.exe Beijing Rising Technology Co., Ltd. Rising Personal FireWall Main Program .text,.rdata,.data,.rsrc, 7C140000[00103000] [ M] 48. c:\windows\system32\mfc71.dll Microsoft Corporation MFCDLL Shared Library - Retail Version .text,.data,.rsrc,.reloc, 7C340000[00056000] [ M] 49. c:\windows\system32\msvcr71.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 7C3A0000[0007B000] [ M] 50. c:\windows\system32\msvcp71.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 26600000[000B8000] [ M] 117. d:\rising\rfw\rsguilib.dll Beijing Rising Technology Co., Ltd. Rising GUI Library Loader .text,.rdata,.data,.rsrc,.reloc, 10000000[0001F000] [ M] 99. d:\rising\rfw\proccom.dll Beijing Rising Technology Co., Ltd. ProcessC Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00B50000[00024000] [ M] 100. d:\rising\rfw\rscommx2.dll Beijing Rising Technology Co., Ltd. RsCommX2 .text,.rdata,.data,.rsrc,.reloc, 00C90000[0000E000] [ M] 101. d:\rising\rfw\rsappmgr.dll Beijing Rising Technology Co., Ltd. Rising Application Manager .text,.rdata,.data,.rsrc,.reloc, 00CB0000[00030000] [ M] 102. d:\rising\rfw\cfgdll.dll Beijing Rising Technology Co., Ltd. CfgDll .text,.rdata,.data,.rsrc,.reloc, 23700000[00028000] [ M] 118. d:\rising\rfw\rscommon.dll Beijing Rising Technology Co., Ltd. Rising Common Function Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00EF0000[00014000] [ M] 119. d:\rising\rfw\rfwctrl.dll Beijing Rising Technology Co., Ltd. RfwCtrl DLL .text,.rdata,.data,.rsrc,.reloc, 23800000[00018000] [ M] 120. d:\rising\rfw\rsxml.dll Beijing Rising Technology Co., Ltd. RsXML .text,.rdata,.data,.rsrc,.reloc, 23900000[00040000] [ M] 121. d:\rising\rfw\pngdll.dll Beijing Rising Technology Co., Ltd. Rising .Png File Loader Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 70000000[00019000] [ M] 64. d:\rising\rfw\ijt_base.dll Beijing Rising Technology Co., Ltd. Inject Base .text,.rdata,.data,.rsrc,.reloc, 60000000[0000F000] [ M] 65. d:\rising\rfw\olemon.dll Beijing Rising Technology Co., Ltd. Ole Mon Dll .text,.rdata,.data,.rsrc,.reloc, 013E0000[0000F000] [ M] 103. d:\rising\rfw\rfwrule.dll Beijing Rising Technology Co., Ltd. rule DLL .text,.rdata,.data,.rsrc,.reloc, + 000007dc(2012) yAssistSe.exe 00400000[00017000] [AM] 41. c:\program files\yahoo!\assistant\yassistse.exe Yahoo! China AssistSetting .text,.rdata,.data,.rsrc, 42000000[00010000] [ M] 122. c:\program files\yahoo!\assistant\shell\yassecblk.dll Yahoo! China yassecblk .text,.rdata,.data,.rsrc,.reloc, 3B800000[00010000] [ M] 123. c:\program files\yahoo!\assistant\shell\yasmenu.dll Yahoo! China yAsMenu .text,.rdata,.data,.rsrc,.reloc, 40400000[00009000] [ M] 124. c:\program files\yahoo!\assistant\shell\ymenuinfo.dll Yahoo! China MenuInfo .text,.rdata,.data,.rsrc,.reloc, 3EC00000[00006000] [ M] 125. c:\program files\yahoo!\assistant\shell\yieangel.dll Yahoo! China IEAngel .text,.rdata,.data,.rsrc,.reloc, 70000000[00019000] [ M] 64. d:\rising\rfw\ijt_base.dll Beijing Rising Technology Co., Ltd. Inject Base .text,.rdata,.data,.rsrc,.reloc, 60000000[0000F000] [ M] 65. d:\rising\rfw\olemon.dll Beijing Rising Technology Co., Ltd. Ole Mon Dll .text,.rdata,.data,.rsrc,.reloc, 10000000[0003F000] [AM] 25. c:\program files\baidu\iexp\bdsrhook.dll Baidu Search Companion .text,.rdata,.data,.idata,.SHARE_D,.rsrc,.reloc, + 000007e8(2024) ctfmon.exe 64000000[00018000] [ M] 70. c:\program files\yahoo!\assistant\yhelper.dll Yahoo! China Helper Module .text,.rdata,.data,.cnshelp,.rsrc,.reloc, 70000000[00019000] [ M] 64. d:\rising\rfw\ijt_base.dll Beijing Rising Technology Co., Ltd. Inject Base .text,.rdata,.data,.rsrc,.reloc, 60000000[0000F000] [ M] 65. d:\rising\rfw\olemon.dll Beijing Rising Technology Co., Ltd. Ole Mon Dll .text,.rdata,.data,.rsrc,.reloc, 10000000[0003F000] [AM] 25. c:\program files\baidu\iexp\bdsrhook.dll Baidu Search Companion .text,.rdata,.data,.idata,.SHARE_D,.rsrc,.reloc, + 000008a0(2208) alg.exe 70000000[00019000] [ M] 64. d:\rising\rfw\ijt_base.dll Beijing Rising Technology Co., Ltd. Inject Base .text,.rdata,.data,.rsrc,.reloc, 60000000[0000F000] [ M] 65. d:\rising\rfw\olemon.dll Beijing Rising Technology Co., Ltd. Ole Mon Dll .text,.rdata,.data,.rsrc,.reloc, + 000008c0(2240) Maxthon.exe 00400000[00346000] [AM] 45. d:\maxthon2\maxthon.exe Maxthon International ltd. Maxthon Browser .text,.rdata,.data,.rsrc,.reloc, 10000000[00017000] [ M] 126. d:\maxthon2\mxpp.dll Maxthon International ltd. .text,.rdata,.data,.rsrc,.reloc, 007F0000[00022000] [ M] 127. d:\maxthon2\mxsk.dll Maxthon .text,.rdata,.data,.rsrc,.reloc, 00820000[0009E000] [ M] 128. d:\maxthon2\mxproxy2.dll Maxthon International ltd. .text,.text1,.rdata,.data,.data1,.rsrc,.reloc, 003E0000[0000D000] [ M] 129. d:\maxthon2\mxext.dll .text,.rdata,.data,.reloc, 008C0000[001C3000] [ M] 130. d:\maxthon2\mxui.dll Maxthon International MxUI library UPX0,UPX1,.rsrc, 70000000[00019000] [ M] 64. d:\rising\rfw\ijt_base.dll Beijing Rising Technology Co., Ltd. Inject Base .text,.rdata,.data,.rsrc,.reloc, 60000000[0000F000] [ M] 65. d:\rising\rfw\olemon.dll Beijing Rising Technology Co., Ltd. Ole Mon Dll .text,.rdata,.data,.rsrc,.reloc, 01420000[0003F000] [AM] 25. c:\program files\baidu\iexp\bdsrhook.dll Baidu Search Companion .text,.rdata,.data,.idata,.SHARE_D,.rsrc,.reloc, 64000000[00018000] [ M] 70. c:\program files\yahoo!\assistant\yhelper.dll Yahoo! China Helper Module .text,.rdata,.data,.cnshelp,.rsrc,.reloc, 01A90000[00015000] [ M] 131. d:\maxthon2\mxtool.dll mxtool Module .text,.rdata,.data,.rsrc,.reloc, 01AB0000[00012000] [ M] 132. d:\maxthon2\maxzlib.dll zlib data compression library .text,.rdata,.data,.rsrc,.reloc, 03610000[0000D000] [ M] 133. d:\maxthon2\modules\mxpagesearch\mxpagesearch.dll Maxthon International ltd. MxPageSearch .text,.rdata,.data,.rsrc,.reloc, 03620000[0003B000] [ M] 134. d:\maxthon2\modules\mxwebboost\mxwebboost.dll Maxthon MxWebBoost .text,.rdata,.data,.rsrc,.reloc, 03A90000[00062000] [ M] 135. d:\maxthon2\mxdb.dll Max mxdb .text,.text1,.rdata,.data,.data1,.rsrc,.reloc, 046E0000[0002D000] [ M] 136. d:\maxthon2\modules\mxhistory\mxhistory.dll Maxthon International ltd. MxHistory .text,.rdata,.data,.rsrc,.reloc, 72C80000[00008000] [ M] 71. c:\windows\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, 30000000[003AE000] [ M] 137. c:\windows\system32\macromed\flash\flash9e.ocx Adobe Systems, Inc. Adobe Flash Player 9.0 r115 .text,.rdata,.data,.rodata,.rsrc,.reloc, 0A1A0000[00138000] [ M] 138. c:\windows\system32\sogoupy.ime Sogou.com Inc. 搜狗拼音输入法 .text,.rdata,.data,.rsrc,.reloc, 0A4E0000[00042000] [ M] 139. c:\program files\sogouinput\plugin\sgimeword.dll Sogou.com Inc. 搜狗拼音输入法 酷字 .text,.rdata,.data,.rsrc,.reloc, + 000009b8(2488) Ras.exe 00400000[0000B000] [ M] 140. d:\rising\antispyware\ras.exe Beijing Rising Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc, 7C140000[00103000] [ M] 141. d:\rising\antispyware\mfc71.dll Microsoft Corporation MFCDLL Shared Library - Retail Version .text,.data,.rsrc,.reloc, 7C340000[00056000] [ M] 142. d:\rising\antispyware\msvcr71.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 60000000[00074000] [AM] 46. c:\windows\system32\kmon.dll Beijing Rising Technology Co., Ltd. KaKa Monitors .text,.rdata,.data,.rsrc,.reloc, 10000000[0003F000] [AM] 25. c:\program files\baidu\iexp\bdsrhook.dll Baidu Search Companion .text,.rdata,.data,.idata,.SHARE_D,.rsrc,.reloc, 64000000[00018000] [ M] 70. c:\program files\yahoo!\assistant\yhelper.dll Yahoo! China Helper Module .text,.rdata,.data,.cnshelp,.rsrc,.reloc, 00B70000[00047000] [ M] 143. d:\rising\antispyware\kakamgr.dll Beijing Rising Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 7C3A0000[0007B000] [ M] 144. d:\rising\antispyware\msvcp71.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 00B40000[00019000] [ M] 69. d:\rising\antispyware\syslay.dll Beijing Rising Technology Co., Ltd. Syslay .text,.rdata,.data,.rsrc,.reloc, 00BD0000[0001F000] [ M] 51. d:\rising\rav\proccom.dll Beijing Rising Technology Co., Ltd. ProcessC Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00BF0000[00024000] [ M] 52. d:\rising\rav\rscommx2.dll Beijing Rising Technology Co., Ltd. RsCommX2 .text,.rdata,.data,.rsrc,.reloc, 00D40000[0002D000] [ M] 68. d:\rising\antispyware\comx3.dll Beijing Rising Technology Co., Ltd. comx3 Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00FB0000[00058000] [ M] 145. d:\rising\antispyware\dbmgr.dll Beijing Rising Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 23800000[00018000] [ M] 146. d:\rising\antispyware\rsxml.dll Beijing Rising Technology Co., Ltd. RsXML .text,.rdata,.data,.rsrc,.reloc, 01110000[0002D000] [ M] 147. d:\rising\antispyware\pweb.dll Beijing Rising Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 01140000[000C0000] [ M] 148. d:\rising\antispyware\pscan.dll Beijing Rising Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 01200000[0002D000] [ M] 67. d:\rising\antispyware\ncomm.dll Beijing Rising Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 01240000[0006F000] [ M] 149. d:\rising\antispyware\pset.dll Beijing Rising Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 012B0000[0002A000] [ M] 150. d:\rising\antispyware\pdefend.dll Beijing Rising Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 012E0000[000AD000] [ M] 151. d:\rising\antispyware\ptools.dll Beijing Rising Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 01490000[0008C000] [ M] 152. d:\rising\antispyware\psysinfo.dll Beijing Rising Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 23900000[00040000] [ M] 153. d:\rising\antispyware\pngdll.dll Beijing Rising Technology Co., Ltd. Rising .Png File Loader Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 30000000[003AE000] [ M] 137. c:\windows\system32\macromed\flash\flash9e.ocx Adobe Systems, Inc. Adobe Flash Player 9.0 r115 .text,.rdata,.data,.rodata,.rsrc,.reloc, 72C80000[00008000] [ M] 71. c:\windows\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, 42800000[00063000] [AM] 24. c:\program files\yahoo!\assistant\assist\yasbar.dll yahoo! china IE ToolBand .text,.rdata,.data,.yAsbarS,.rsrc,.reloc, + 00000cec(3308) rstray.exe 00400000[00023000] [AM] 42. d:\rising\antispyware\rstray.exe Beijing Rising Technology Co., Ltd. RSTray .text,.rdata,.data,.rsrc, 60000000[00074000] [AM] 46. c:\windows\system32\kmon.dll Beijing Rising Technology Co., Ltd. KaKa Monitors .text,.rdata,.data,.rsrc,.reloc, 10000000[0003C000] [ M] 154. d:\rising\antispyware\rsmginfo.dll Beijing Rising Technology Co., Ltd. rsmginfo .text,.rdata,.data,.rsrc,.reloc, 00A50000[0003F000] [AM] 25. c:\program files\baidu\iexp\bdsrhook.dll Baidu Search Companion .text,.rdata,.data,.idata,.SHARE_D,.rsrc,.reloc, 64000000[00018000] [ M] 70. c:\program files\yahoo!\assistant\yhelper.dll Yahoo! China Helper Module .text,.rdata,.data,.cnshelp,.rsrc,.reloc, 23800000[00018000] [ M] 146. d:\rising\antispyware\rsxml.dll Beijing Rising Technology Co., Ltd. RsXML .text,.rdata,.data,.rsrc,.reloc, 7C3A0000[0007B000] [ M] 144. d:\rising\antispyware\msvcp71.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 7C340000[00056000] [ M] 142. d:\rising\antispyware\msvcr71.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 00C20000[00024000] [ M] 155. d:\rising\antispyware\comserv.dll Beijing Rising Technology Co., Ltd. .text,.rdata,.data,.rsrc,.reloc, 00C50000[00019000] [ M] 69. d:\rising\antispyware\syslay.dll Beijing Rising Technology Co., Ltd. Syslay .text,.rdata,.data,.rsrc,.reloc, 23700000[00026000] [ M] 156. d:\rising\antispyware\rscommon.dll Beijing Rising Technology Co., Ltd. Rising Common Function Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00C90000[0002D000] [ M] 68. d:\rising\antispyware\comx3.dll Beijing Rising Technology Co., Ltd. comx3 Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 23900000[00040000] [ M] 153. d:\rising\antispyware\pngdll.dll Beijing Rising Technology Co., Ltd. Rising .Png File Loader Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00FA0000[0005C000] [ M] 157. d:\rising\antispyware\runiep.dll Beijing Rising Technology Co., Ltd. Rising AntiSpyware tray .text,.rdata,.data,.rsrc,.reloc, 01010000[0001F000] [ M] 51. d:\rising\rav\proccom.dll Beijing Rising Technology Co., Ltd. ProcessC Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01030000[00024000] [ M] 52. d:\rising\rav\rscommx2.dll Beijing Rising Technology Co., Ltd. RsCommX2 .text,.rdata,.data,.rsrc,.reloc, + 00000f2c(3884) RUNDLL32.EXE 70000000[00019000] [ M] 64. d:\rising\rfw\ijt_base.dll Beijing Rising Technology Co., Ltd. Inject Base .text,.rdata,.data,.rsrc,.reloc, 60000000[0000F000] [ M] 65. d:\rising\rfw\olemon.dll Beijing Rising Technology Co., Ltd. Ole Mon Dll .text,.rdata,.data,.rsrc,.reloc, 10000000[0003F000] [AM] 25. c:\program files\baidu\iexp\bdsrhook.dll Baidu Search Companion .text,.rdata,.data,.idata,.SHARE_D,.rsrc,.reloc, 64000000[00018000] [ M] 70. c:\program files\yahoo!\assistant\yhelper.dll Yahoo! China Helper Module .text,.rdata,.data,.cnshelp,.rsrc,.reloc,