[CODE] 2008-02-21,16:04:25 System Repair Engineer 2..4 Smallfrogs (http://www.KZTechs.com) Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能以下内容被选中：所有的启动项目（包括注册表、启动文件夹、服务等）浏览器加载项正在运行的进程（包括进程模块信息）文件关联 Winsock 提供者 Autorun.inf HOSTS 文件启动项目注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] [(Verified)Microsoft Windows Publisher] <"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background> [(Verified)Microsoft Corporation] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] [(Verified)Microsoft Windows Publisher] [(Verified)Microsoft Windows Publisher] [(Verified)Microsoft Windows Publisher] [ATI Technologies, Inc.] <"C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime> [N/A] <"C:\Program Files\Google\Google Pinyin\GooglePinyinDaemon.exe"> [(Verified)Google Inc] <"C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti> [] [(Verified)Microsoft Corporation] <"C:\Program Files\Rising\AntiSpyware\rstray.exe" /startup> [N/A] <"C:\Program Files\Rising\Rav\RavTask.exe" -system> [(Verified)Beijing Rising Information Technology Corporation Limited] <"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup> [(Verified)Beijing Rising Information Technology Corporation Limited] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] [(Verified)Beijing Rising Information Technology Corporation Limited] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [(Verified)Microsoft Windows Component Publisher] [(Verified)Microsoft Windows Publisher] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{32CD708B-60A7-4C00-9377-D73EAA495F0F}> [(Verified)Beijing Rising Information Technology Corporation Limited] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] [N/A] <> [N/A] <> [N/A] <> [N/A] <> [N/A] <> [N/A] <> [N/A] <> [N/A] <> [N/A] <> [N/A] <> [N/A] <> [N/A] <> [N/A] <> [N/A] <> [N/A] <> [N/A] <> [N/A] <> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] [(Verified)Microsoft Corporation] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] [(Verified)Microsoft Windows Component Publisher] ================================== 启动文件夹 [ATI CATALYST System Tray] C:\PROGRA~1\ATITEC~1\ATI.ACE\CLI.exe [ATI Technologies Inc.]> [彩虹QQ显IP] C:\PROGRA~1\彩虹QQ\CaiHong.exe [N/A]> ================================== 服务 [Adobe LM Service / Adobe LM Service][Stopped/Manual Start] <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"> [Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start] [ATI Smart / ATI Smart][Stopped/Auto Start] <> [Google Updater Service / gusvc][Stopped/Manual Start] <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"> [Human Interface Device Access / HidServ][Stopped/Disabled] %SystemRoot%\System32\hidserv.dll> [Logitech Process Monitor / LVPrcSrv][Running/Auto Start] [Machine Debug Manager / MDM][Running/Auto Start] <"C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe"> [OpcEnum / OpcEnum][Stopped/Manual Start] [Rdppsrocr_go / Rdppsrocr_go][Stopped/Disabled] <> [Rising Proxy Service / RfwProxySrv][Running/Auto Start] [Rising Personal Firewall Service / RfwService][Running/Auto Start] [Rising Process Communication Center / RsCCenter][Running/Auto Start] <"C:\Program Files\Rising\Rav\CCenter.exe"> [Rising RealTime Monitor / RsRavMon][Stopped/Auto Start] <"C:\PROGRAM FILES\RISING\RAV\Ravmond.exe"> [Windows Live Setup Service / WLSetupSvc][Stopped/Manual Start] <"C:\Program Files\Windows Live\installer\WLSetupSvc.exe"> ================================== 驱动程序 [ati2mtag / ati2mtag][Running/Manual Start] [d347bus / d347bus][Running/Boot Start] <\SystemRoot\system32\DRIVERS\d347bus.sys><> [d347prt / d347prt][Running/Boot Start] <\SystemRoot\System32\Drivers\d347prt.sys><> [Meteor II Camera Link PCI frame grabber / Genesis][Running/Auto Start] [grande48 / grande48][Stopped/Disabled] <\??\C:\WINDOWS\system32\drivers\grande48.sys> [Microsoft UAA 匯流排驅動程式 (適用於 High Definition Audio) / HDAudBus][Running/Manual Start] [HookCont / HookCont][Running/System Start] <\SystemRoot\system32\drivers\HookCont.sys> [HookNtos / HookNtos][Running/System Start] <\SystemRoot\system32\drivers\HookNtos.sys> [HookReg / HookReg][Running/System Start] <\SystemRoot\system32\drivers\HookReg.sys> [HookSys / HookSys][Running/System Start] <\SystemRoot\system32\drivers\HookSys.sys> [HookUrl / HookUrl][Running/Auto Start] <\??\C:\Program Files\Rising\Rfw\HookUrl.sys> [Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start] [ITEATAPI_Service_Install / iteatapi][Running/Boot Start] <\SystemRoot\system32\DRIVERS\iteatapi.sys> [Logitech Kernel Audio Processing Filter Driver / Lvckap][Stopped/Manual Start] <\??\C:\WINDOWS\system32\drivers\Lvckap.sys><> [Logitech Machine Vision Engine Loader / lvmvdrv][Stopped/Manual Start] <\??\C:\WINDOWS\system32\drivers\lvmvdrv.sys><> [Logitech LVPrcMon Driver / LVPrcMon][Running/Manual Start] <\??\C:\WINDOWS\system32\drivers\LVPrcMon.sys><> [ATK0110 ACPI UTILITY / MTsensor][Running/Manual Start] <> [Matrox Dma Manager (0) / MtxDma0][Running/Boot Start] <\SystemRoot\system32\drivers\MtxDma0.sys> [npkcrypt / npkcrypt][Stopped/Auto Start] <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys> [直接平行連接埠連結驅動程式 / Ptilink][Running/Manual Start] [PxHelp20 / PxHelp20][Running/Boot Start] <\SystemRoot\System32\Drivers\PxHelp20.sys> [Rising Rfwbase Driver / RfwBase][Running/Auto Start] [RsFwDrv / RsFwDrv][Running/System Start] <\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys> [RsNTGDI / RsNTGDI][Running/Boot Start] <\SystemRoot\system32\Drivers\RsNTGdi.sys> [Secdrv / Secdrv][Running/Auto Start] [VIA USB Host Controller Lower Filter / vulfnths][Stopped/Manual Start] <\SystemRoot\System32\Drivers\vulfnth.sys> [VIA USB Roothub Lower Filter / vulfntrs][Stopped/Manual Start] <\SystemRoot\System32\Drivers\vulfntr.sys> [NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller / yukonwxp][Stopped/Manual Start] ================================== 浏览器加载项 [ThunderAtOnce Class] {01443AEC-0FD1-40fd-9C87-E93D1494C233} [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [Windows Live 登录帮助程序] {9030D464-4C02-4ABF-8ECC-5164760863C6} [卡卡上网安全助手] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [笲︽ǔ筽5] {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} [Create Mobile Favorite] {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} [Create Mobile Favorite] {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} [信息检索(&R)] {92780B25-18CC-41C8-B9BE-3C9C571A8263} [] {e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, N/A> [Messenger] {FB5F1910-F110-11d2-BB9E-00C04F795683} [Adobe PDF] {47833539-D0C5-4125-9FA8-0819E2EAAC93} [MMCPlayer Class] {05C1004E-2596-48E5-8E26-39362985EEB9} [Shockwave ActiveX Control] {166B1BCA-3F9C-11CF-8075-444553540000} <, N/A> [Windows Genuine Advantage Validation Tool] {17492023-C23A-453E-A040-C7C580BBF700} [InstallHelper Class] {1DABF8D5-8430-4985-9B7F-A30E53D709B3} [DataStorage Class] {3AC7F64E-6154-47B0-82B5-764ED4077F77} [WUWebControl Class] {6414512B-B978-451D-A0D8-FCFDF33E833C} [MUWebControl Class] {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [DLoader Class] {78ABDC59-D8E7-44D3-9A76-9A0918C52B4A} [CCTVUpdateInstall] {AC414988-E5BB-4C2C-873B-EA53D2F3D23A} [ScreenCapture Class] {BFB79EE1-04AE-4D4A-B85E-27EE5F30C095} [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [ThunderAtOnce Class] {01443AEC-0FD1-40FD-9C87-E93D1494C233} [GerneralPeerID Class] {0A47E819-F82E-4D5D-B806-6A9EA94D68CD} [InstallHelper Class] {1DABF8D5-8430-4985-9B7F-A30E53D709B3} [Windows Media Player] {22D6F312-B0F6-11D0-94AB-0080C74C7E95} [HTML Document] {25336920-03F9-11CF-8FD0-00AA00686F13} [XML DOM Document] {2933BF90-7B36-11D2-B20E-00C04F983E60} [IETag Factory] {38481807-CA0E-42D2-BF39-B33AF135CC4D} [Adobe PDF] {47833539-D0C5-4125-9FA8-0819E2EAAC93} [XML Document] {48123BC4-99D9-11D1-A6B3-00C04FD91555} [Thunder Agent Class] {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} [IE2EMUrlTaker Class] {48618374-565F-4CA0-B8CD-6F496C997FAF} [HHCtrl Object] {52A2AAAE-085D-4187-97EA-8C30DB990436} [XMP Class] {6483F145-A768-4C41-AACC-52D4D7845851} [XDRM] {693571CB-54A3-4E90-9D52-EEAE1334E2D3} [Windows Media Player] {6BF52A52-394A-11D3-B153-00C04F79FAA6} [AxInputControl Class] {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} [MediaComm Class] {7670648D-461B-42AF-BDFE-46D26AF5EFF2} [DLoader Class] {78ABDC59-D8E7-44D3-9A76-9A0918C52B4A} [Microsoft Web Browser] {8856F961-340A-11D0-A96B-00C04FD705A2} [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [XML DOM Document 4.0] {88D969C0-F192-11D4-A65F-0040963251E5} <%SystemRoot%\system32\msxml4.dll, N/A> [XML DOM 文档 5.0] {88D969E5-F192-11D4-A65F-0040963251E5} [XML DOM Document 6.0] {88D96A05-F192-11D4-A65F-0040963251E5} [Free Threaded XML DOM Document 6.0] {88D96A06-F192-11D4-A65F-0040963251E5} [XSL Template 6.0] {88D96A08-F192-11D4-A65F-0040963251E5} [Uploader Class] {8B054DFE-79A3-4A6A-9F46-CD2A2F601129} [AxSubmitControl Class] {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} [Windows Live 登录帮助程序] {9030D464-4C02-4ABF-8ECC-5164760863C6} [卡卡上网安全助手] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [UploadFilePartition Class] {A877BA28-1F7E-4876-B299-50B3199A1A5D} [RMGetLicense Class] {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} [CCTVUpdateInstall] {AC414988-E5BB-4C2C-873B-EA53D2F3D23A} [DapCtrl Class] {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} [RDS.DataSpace] {BD96C556-65A3-11D0-983A-00C04FC29E36} [ScreenCapture Class] {BFB79EE1-04AE-4D4A-B85E-27EE5F30C095} [KooPlayer Control] {C728DAB8-FDF5-4CD7-89DD-879D25794C77} [QQPlayerSvr Proxy Control] {CD108273-D434-43E6-AA90-1469F97EB398} [AUDIO__MP3 Moniker Class] {CD3AFA76-B84F-48F0-9393-7EDC34128127} [VIDEO__X_MS_WMV Moniker Class] {CD3AFA94-B84F-48F0-9393-7EDC34128127} [RealPlayer G2 Control] {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [WizCombo Class] {D4D285DD-2447-11D7-8BF6-00B0D03DAA06} [AgControl Class] {DFEAF541-F3E1-4C24-ACAC-99C30715084A} [] {E1771B7F-98BE-407F-BA67-AA16ADA5D0C5} [PasswordEditCtrl Class] {E787FD25-8D7C-4693-AE67-9406BC6E22DF} [XML HTTP Request] {ED8C108E-4349-11D2-91A4-00C04F7969E8} [Thunder DapPlayer] {EEDD6FF9-13DE-496B-9A1C-D78B3215E266} [Snapshot Viewer Control 11.0] {F0E42D40-368C-11D0-AD81-00A0C90DC8D9} <, N/A> [XPPlayer Class] {F3E70CEA-956E-49CC-B444-73AFE593AD7F} [XML DOM Document 3.0] {F5078F32-C551-11D3-89B9-0000F81FE221} [Free Threaded XML DOM Document 3.0] {F5078F33-C551-11D3-89B9-0000F81FE221} [XML HTTP 3.0] {F5078F35-C551-11D3-89B9-0000F81FE221} [XSL Template 3.0] {F5078F36-C551-11D3-89B9-0000F81FE221} [XML DOM Document] {F6D90F11-9C73-11D3-B32E-00C04F990BB4} [Free Threaded XML DOM Document] {F6D90F12-9C73-11D3-B32E-00C04F990BB4} [XML HTTP] {F6D90F16-9C73-11D3-B32E-00C04F990BB4} [IERPCtl Class] {FDC7A535-4070-4B92-A0EA-D9994BCC0DC5} [&妏蚚閉撰唅瑞狟婥] <, N/A> [&妏蚚閉撰唅瑞狟婥?窒蟈諉] <, N/A> [Convert link target to Adobe PDF] [Convert link target to existing PDF] [Convert selected links to Adobe PDF] [Convert selected links to existing PDF] [Convert selection to Adobe PDF] [Convert selection to existing PDF] [Convert to Adobe PDF] [Convert to existing PDF] [ノQQ眒獺祇癳赣瓜] <, N/A> [上傳到QQ網路硬碟] <, N/A> [使用迅雷下载] [使用迅雷下载全部链接] [匯出至 Microsoft Excel(&X)] [妏蚚捃濘狟婥] [妏蚚捃濘狟婥?窒蟈諉] <, N/A> [导出到 Microsoft Office Excel(&X)] [新增到QQ自定義面板] <, N/A> [新增到QQ表情] <, N/A> [氝樓善QQ桶?] <, N/A> [用QQ MMS傳送該圖片] <, N/A> [睰QQ薄] <, N/A> [睰QQ︑﹚竡狾] <, N/A> ================================== 正在运行的进程 [PID: 424][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 488][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [PID: 512][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\WINDOWS\system32\Ati2evxx.dll] [ATI Technologies Inc., 6.14.10.4109] [C:\WINDOWS\system32\WgaLogon.dll] [Microsoft Corporation, 1.7.0018.7] [C:\WINDOWS\system32\GOOGLEPINYIN.IME] [Google Inc., ] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [PID: 1316][C:\Program Files\Rising\Rfw\rfwstub.exe] [Beijing Rising Information Technology Co., Ltd., 7.0.0.12] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Rising\Rfw\RSCOMMON.DLL] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [PID: 2704][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)] [C:\WINDOWS\system32\GOOGLEPINYIN.IME] [Google Inc., ] [C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.18] [C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.5.29] [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 96] [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_01.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 20] [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_01.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 16] [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 8.1.0.0] [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510] [PID: 2840][C:\PROGRAM FILES\RISING\RAV\RavMon.exe] [Beijing Rising Information Technology Co., Ltd., 20.0.01.24] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MFC71CHT.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\PROGRAM FILES\RISING\RAV\ProcCom.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\PROGRAM FILES\RISING\RAV\RsCommX2.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17] [C:\PROGRAM FILES\RISING\RAV\recomp.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 40] [C:\PROGRAM FILES\RISING\RAV\refs.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18] [C:\PROGRAM FILES\RISING\RAV\viruslib.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27] [C:\PROGRAM FILES\RISING\RAV\relibldr.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17] [C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.1] [C:\PROGRAM FILES\RISING\RAV\CfgDll.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.19] [C:\PROGRAM FILES\RISING\RAV\MonRule.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.29] [C:\PROGRAM FILES\RISING\RAV\PngDll.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5] [C:\WINDOWS\system32\GOOGLEPINYIN.IME] [Google Inc., ] [C:\PROGRAM FILES\RISING\RAV\Rsguilib.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90] [C:\PROGRAM FILES\RISING\RAV\RsXML.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [PID: 2892][C:\Program Files\Rising\Rfw\RfwMain.exe] [Beijing Rising Information Technology Co., Ltd., 7.0.1.70] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Rising\Rfw\RsGuiLib.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90] [C:\WINDOWS\system32\MFC71CHT.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Rising\Rfw\ProcCom.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\Program Files\Rising\Rfw\RsCommX2.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\Program Files\Rising\Rfw\RSAPPMGR.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.1] [C:\Program Files\Rising\Rfw\CfgDll.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.19] [C:\Program Files\Rising\Rfw\RSCOMMON.DLL] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17] [C:\Program Files\Rising\Rfw\RfwCtrl.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\Program Files\Rising\Rfw\RsXML.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2] [C:\Program Files\Rising\Rfw\PngDll.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\Program Files\Rising\Rfw\RfwRule.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.17] [PID: 3856][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll] [Logitech Inc., 9.0.2.1076] [C:\WINDOWS\system32\GOOGLEPINYIN.IME] [Google Inc., ] [PID: 3948][C:\Program Files\ATI Technologies\ATI.ACE\cli.exe] [ATI Technologies Inc., 1.0.1768.40243] [C:\WINDOWS\system32\mscoree.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)] [C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll] [Logitech Inc., 9.0.2.1076] [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)] [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\32e6f703c114f3a971cbe706586e3655\mscorlib.ni.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Foundation.dll] [ATI Technologies Inc., 1.0.1768.40139] [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)] [C:\Program Files\ATI Technologies\ATI.ACE\LOG.Foundation.dll] [ATI Technologies Inc., 1.0.1768.40138] [C:\Program Files\ATI Technologies\ATI.ACE\LOG.Foundation.Service.dll] [ , 1.0.1768.40242] [C:\Program Files\ATI Technologies\ATI.ACE\LOG.Foundation.Shared.dll] [ , 1.0.1768.40150] [C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)] [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\ba0e3a22211ba7343e0116b051f2965a\System.ni.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)] [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e83aac37b2623f1a24c70979f31dd56\System.Drawing.ni.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)] [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3d8c79c45aa674e43f075e2e66b8caf5\System.Windows.Forms.ni.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)] [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\eee9b48577689e92db5a7b5c5de98d9b\System.Configuration.ni.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)] [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\c98cb65a79cfccb44ea727ebe4593ede\System.Xml.ni.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Foundation.XManifestation.dll] [ , 1.0.1768.40208] [C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)] [C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)] [C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Component.Runtime.dll] [ATI Technologies Inc., 1.0.1768.40243] [C:\Program Files\ATI Technologies\ATI.ACE\AEM.Foundation.dll] [ATI Technologies Inc., 1.0.1768.40138] [C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)] [C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)] [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\c6772fd12a581ad3be49e3f2a80b5622\Accessibility.ni.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)] [C:\WINDOWS\system32\GOOGLEPINYIN.IME] [Google Inc., ] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Caste.Graphics.Runtime.dll] [ , 1.0.1768.40147] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Component.Runtime.Shared.dll] [ATI Technologies Inc., 1.0.1768.40144] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Caste.Graphics.Runtime.Shared.dll] [ , 1.0.1768.40143] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Caste.Graphics.Shared.dll] [ , 1.0.1768.40143] [C:\Program Files\ATI Technologies\ATI.ACE\DEM.Foundation.dll] [ , 1.0.1768.40138] [C:\Program Files\ATI Technologies\ATI.ACE\DEM.Graphics.DisplaysManager.Shared.dll] [ , 1.0.1768.40139] [C:\Program Files\ATI Technologies\ATI.ACE\DEM.Graphics.DEMOSInfo.dll] [ , 1.0.1768.40143] [C:\Program Files\ATI Technologies\ATI.ACE\DEM.Graphics.DEMOSAdapterInfo.dll] [ , 1.0.1768.40143] [C:\Program Files\ATI Technologies\ATI.ACE\DEM.Graphics.DEMATIAdapterInfo.dll] [ , 1.0.1768.40144] [C:\Program Files\ATI Technologies\ATI.ACE\DEM.Graphics.DEMDriverSettings.dll] [ , 1.0.1768.40144] [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\67cfb70213562afe2ca9b9066764af3a\System.Web.ni.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)] [C:\Program Files\ATI Technologies\ATI.ACE\ATIDEMGR.dll] [ , 1.0.1768.40213] [C:\Program Files\ATI Technologies\ATI.ACE\DEM.Graphics.DEMOSModeInfo.dll] [ , 1.0.1768.40144] [C:\Program Files\ATI Technologies\ATI.ACE\DEM.Graphics.DEMATIDisplaysManagerSettings.dll] [ , 1.0.1768.40144] [C:\Program Files\ATI Technologies\ATI.ACE\DEM.Graphics.DEMDisplaysColourSettings.dll] [ , 1.0.1768.40143] [C:\Program Files\ATI Technologies\ATI.ACE\DEM.Graphics.DEMVideoOverlaySettings.dll] [ , 1.0.1768.40148] [C:\Program Files\ATI Technologies\ATI.ACE\DEM.Graphics.DEMSmartgartSettings.dll] [ , 1.0.1768.40149] [C:\Program Files\ATI Technologies\ATI.ACE\DEM.Graphics.DEMUMAFrameBufferSettings.dll] [ , 1.0.1768.40149] [C:\Program Files\ATI Technologies\ATI.ACE\DEM.Graphics.DEMPowerPlaySettings.dll] [ , 1.0.1768.40145] [C:\Program Files\ATI Technologies\ATI.ACE\DEM.Graphics.DEMOverdriveSettings.dll] [ , 1.0.1768.40145] [C:\Program Files\ATI Technologies\ATI.ACE\DEM.Graphics.DEMOverdrive3Settings.dll] [ , 1.0.1768.40147] [C:\Program Files\ATI Technologies\ATI.ACE\DEM.Graphics.DEMDisplaysManagerOptionsSettings.dll] [ , 1.0.1768.40150] [C:\Program Files\ATI Technologies\ATI.ACE\DEM.Graphics.WorkstationSettings.dll] [ , 1.0.1768.40149] [C:\Program Files\ATI Technologies\ATI.ACE\DEM.Graphics.DEMDeviceCommonSettings.dll] [ , 1.0.1768.40150] [C:\Program Files\ATI Technologies\ATI.ACE\DEM.Graphics.DEMDeviceCRTSettings.dll] [ , 1.0.1768.40145] [C:\Program Files\ATI Technologies\ATI.ACE\DEM.Graphics.DEMDeviceComponentvideoSettings.dll] [ , 1.0.1768.40144] [C:\Program Files\ATI Technologies\ATI.ACE\DEM.Graphics.DEMDeviceTVSettings.dll] [ , 1.0.1768.40151] [C:\Program Files\ATI Technologies\ATI.ACE\DEM.Graphics.DEMDeviceDFPSettings.dll] [ , 1.0.1768.40145] [C:\Program Files\ATI Technologies\ATI.ACE\DEM.Graphics.DEMDeviceLCDSettings.dll] [ , 1.0.1768.40145] [C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)] [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.Radeon3D.Graphics.Runtime.dll] [ , 1.0.1768.40233] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DisplaysColour.Graphics.Runtime.dll] [ , 1.0.1768.40147] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DisplaysColour.Graphics.Shared.dll] [ , 1.0.1768.40143] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.VideoOverlay.Graphics.Runtime.dll] [ , 1.0.1768.40172] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.VideoOverlay.Graphics.Runtime.Shared.dll] [ , 1.0.1768.40151] [C:\Program Files\ATI Technologies\ATI.ACE\DEM.Graphics.VideoOverlay.Shared.dll] [ , 1.0.1768.40139] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.SmartGart.Graphics.Runtime.dll] [ , 1.0.1768.40187] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.VPURecover.Graphics.Runtime.dll] [ , 1.0.1768.40187] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.VPURecover.Graphics.Runtime.Shared.dll] [ , 1.0.1768.40142] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll] [ , 1.0.1768.40186] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll] [ , 1.0.1768.40242] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCV.Graphics.Runtime.dll] [ , 1.0.1768.40225] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCV.Graphics.Runtime.Shared.dll] [ , 1.0.1768.40146] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceTV.Graphics.Runtime.dll] [ , 1.0.1768.40237] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll] [ , 1.0.1768.40237] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.OverDrive3.Graphics.Runtime.dll] [ , 1.0.1768.40213] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.OverDrive3.Graphics.Shared.dll] [ , 1.0.1768.40144] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.OverDrive2.Graphics.Runtime.dll] [ , 1.0.1768.40154] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll] [ , 1.0.1768.40208] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Runtime.dll] [ , 1.0.1768.40172] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.InfoCentre.Graphics.Runtime.dll] [ , 1.0.1768.40159] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.InfoCentre.Graphics.Shared.dll] [ , 1.0.1768.40150] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.Radeon3D.Graphics.Shared.dll] [ , 1.0.1768.40146] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.VideoOverlay.Graphics.Shared.dll] [ , 1.0.1768.40149] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.SmartGart.Graphics.Shared.dll] [ , 1.0.1768.40148] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.VPURecover.Graphics.Shared.dll] [ , 1.0.1768.40148] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceProperty.Graphics.Shared.dll] [ , 1.0.1768.40142] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCRT.Graphics.Shared.dll] [ , 1.0.1768.40148] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCV.Graphics.Shared.dll] [ , 1.0.1768.40145] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceTV.Graphics.Shared.dll] [ , 1.0.1768.40147] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceDFP.Graphics.Shared.dll] [ , 1.0.1768.40148] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll] [ , 1.0.1768.40146] [C:\Program Files\ATI Technologies\ATI.ACE\APM.Foundation.dll] [ATI Technologies Inc., 1.0.1768.40149] [C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)] [PID: 3968][C:\Program Files\Google\Google Pinyin\GooglePinyinDaemon.exe] [Google Inc., 1, 0, 0, 1] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll] [Logitech Inc., 9.0.2.1076] [C:\WINDOWS\system32\GOOGLEPINYIN.IME] [Google Inc., ] [PID: 4036][C:\Program Files\Rising\Rav\RavTask.exe] [Beijing Rising Information Technology Co., Ltd., 20.0.0.24] [C:\Program Files\Rising\Rav\ProcCom.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\Program Files\Rising\Rav\RsCommX2.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17] [C:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Information Technology Co., Ltd., 20.0.0.1] [C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.19] [C:\WINDOWS\system32\GOOGLEPINYIN.IME] [Google Inc., ] [PID: 1768][C:\Program Files\Windows Live\Messenger\msnmsgr.exe] [Microsoft Corporation, 8.5.1302.1018] [C:\Program Files\Windows Live\Messenger\MSNCore.dll] [Microsoft Corporation, 8.5.1302.1018] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\Program Files\Windows Live\Messenger\msidcrl40.dll] [Microsoft Corporation, 4.100.313.1] [C:\Program Files\Windows Live\Messenger\ContactsUX.dll] [Microsoft Corporation, 8.5.1302.1018] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll] [Logitech Inc., 9.0.2.1076] [C:\Program Files\Windows Live\Messenger\msgslang.8.5.1302.1018.dll] [Microsoft Corporation, 8.5.1302.1018] [C:\Program Files\Windows Live\Messenger\msgsres.dll] [Microsoft Corporation, 8.5.1302.1018] [C:\Program Files\Windows Live\Messenger\custsat.dll] [Microsoft Corporation, 9.0.3790.2428 (srv03_sp1_qfe.050422-1043)] [C:\WINDOWS\system32\GOOGLEPINYIN.IME] [Google Inc., ] [C:\Program Files\Windows Live\Messenger\MSGSWCAM.dll] [Microsoft Corporation, 8.5.1302.1018] [C:\WINDOWS\system32\sirenacm.dll] [Microsoft Corporation, 8.5.1302.1018] [C:\WINDOWS\system32\msdmo.dll] [, ] [PID: 1524][C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe] [ATI Technologies Inc., 1.0.1768.40243] [C:\WINDOWS\system32\mscoree.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)] [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)] [C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll] [Logitech Inc., 9.0.2.1076] [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\32e6f703c114f3a971cbe706586e3655\mscorlib.ni.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Foundation.dll] [ATI Technologies Inc., 1.0.1768.40139] [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)] [C:\Program Files\ATI Technologies\ATI.ACE\LOG.Foundation.dll] [ATI Technologies Inc., 1.0.1768.40138] [C:\Program Files\ATI Technologies\ATI.ACE\LOG.Foundation.Service.dll] [ , 1.0.1768.40242] [C:\Program Files\ATI Technologies\ATI.ACE\LOG.Foundation.Shared.dll] [ , 1.0.1768.40150] [C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)] [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\ba0e3a22211ba7343e0116b051f2965a\System.ni.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)] [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e83aac37b2623f1a24c70979f31dd56\System.Drawing.ni.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)] [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3d8c79c45aa674e43f075e2e66b8caf5\System.Windows.Forms.ni.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)] [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\eee9b48577689e92db5a7b5c5de98d9b\System.Configuration.ni.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)] [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\c98cb65a79cfccb44ea727ebe4593ede\System.Xml.ni.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Foundation.XManifestation.dll] [ , 1.0.1768.40208] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Component.Systemtray.dll] [ , 1.0.1768.40157] [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll] [Microsoft Corporation, 8.0.50727.1433 (REDBITS.050727-1400)] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Caste.Graphics.Shared.dll] [ , 1.0.1768.40143] [C:\Program Files\ATI Technologies\ATI.ACE\DEM.Graphics.DisplaysManager.Shared.dll] [ , 1.0.1768.40139] [C:\Program Files\ATI Technologies\ATI.ACE\CLI.Caste.Graphics.Runtime.Shared.dll] [ , 1.0.1768.40143] [C:\WINDOWS\system32\GOOGLEPINYIN.IME] [Google Inc., ] [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\67cfb70213562afe2ca9b9066764af3a\System.Web.ni.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)] [PID: 2164][C:\Program Files\彩虹QQ\CaiHong.exe] [N/A, ] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\WINDOWS\system32\GOOGLEPINYIN.IME] [Google Inc., ] [C:\Program Files\彩虹QQ\AutoUpdate.dll] [N/A, ] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)] [C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll] [Logitech Inc., 9.0.2.1076] [C:\Program Files\彩虹QQ\CaiHong.dll] [N/A, ] [C:\Program Files\彩虹QQ\MSIMG32.dll] [N/A, ] [PID: 2156][C:\WINDOWS\system32\wuauclt.exe] [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll] [Logitech Inc., 9.0.2.1076] [C:\WINDOWS\system32\wups2.dll] [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)] [C:\WINDOWS\system32\mucltui.dll] [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)] [PID: 3252][C:\Documents and Settings\jiangwei\桌面\SRE9d2c65c3\修改的2.4版SREng.EXE] [1111, 2..4] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll] [Logitech Inc., 9.0.2.1076] [C:\WINDOWS\system32\GOOGLEPINYIN.IME] [Google Inc., ] ================================== 文件关联 .TXT Error. [C:\WINDOWS\notepad.exe %1] .EXE OK. ["%1" %*] .COM OK. ["%1" %*] .PIF OK. ["%1" %*] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %*] .SCR OK. ["%1" /S] .CHM Error. ["hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] .INI Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .JS Error. [] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock 提供者 N/A ================================== Autorun.inf N/A ================================== HOSTS 文件 127.0.0.1 localhost 219.235.3.16 search.114.vnet.cn 219.235.3.16 keyword.vnet.cn 219.235.3.16 auto.search.msn.com 219.235.3.16 search.msn.com 219.235.3.16 cnweb.search.live.com 219.235.3.16 www.360safe.com 219.235.3.16 www.k369.com 219.235.3.16 www.5566.net 219.235.3.16 360safe.com 202.165.102.243 update.360safe.com 219.235.3.16 dl.360safe.com 219.235.3.16 down.360safe.com 219.235.3.16 bbs.360safe.com 219.235.3.16 kaba.360safe.com 219.235.3.16 baike.360safe.com 219.235.3.16 www.360.cn 219.235.3.16 360.cn 219.235.3.16 wopti.360.cn 202.165.102.243 update.360.cn 219.235.3.16 dl.360.cn 219.235.3.16 down.360.cn 219.235.3.16 bbs.360.cn 219.235.3.16 kaba.360.cn 219.235.3.16 baike.360.cn 219.235.3.16 360.qihoo.com 219.235.3.16 360safe.qihoo.com 219.235.3.16 forum.ikaka.com 219.235.3.16 www.ikaka.com 202.165.102.243 update.ikaka.com 219.235.3.16 forum.jiangmin.com 202.165.102.243 update.jiangmin.com 219.235.3.16 tieba.baidu.com 219.235.3.16 post.baidu.com 219.235.3.16 zhidao.baidu.com 219.235.3.16 www.baidu.com 202.165.102.243 update.rising.com.cn 219.235.3.16 online.rising.com.cn 202.165.102.243 center.rising.com.cn 219.235.3.16 up.duba.net 219.235.3.16 vi.duba.net 219.235.3.16 shadu.baidu.com 219.235.3.16 du.baidu.com 219.235.3.16 security.symantec.com 219.235.3.16 shadu.duba.net 219.235.3.16 bbs.duba.net 219.235.3.16 www.duba.net 219.235.3.16 online.jiangmin.com 219.235.3.16 cn.mcafee.com 219.235.3.16 www.ahn.com.cn 219.235.3.16 www.kaspersky.com.cn 219.235.3.16 www.pcav.cn 219.235.3.16 www.luosoft.com 219.235.3.16 www.im286.com 219.235.3.16 an.baidu.com 219.235.3.16 ma.baidu.com 219.235.3.16 bbs.htmlman.net 202.165.102.243 download.rising.com.cn 202.165.102.243 rsup08.rising.com.cn 219.235.3.16 10000.286er.com 219.235.3.16 im286.net 219.235.3.16 ju.qihoo.com 219.235.3.16 bbs.chinaz.com 219.235.3.16 www.qihoo.com 202.165.102.243 dnl-cn1.kaspersky-labs.com 202.165.102.243 dnl-cn2.kaspersky-labs.com 202.165.102.243 dnl-cn3.kaspersky-labs.com 202.165.102.243 dnl-cn4.kaspersky-labs.com 202.165.102.243 dnl-cn5.kaspersky-labs.com 202.165.102.243 dnl-cn6.kaspersky-labs.com 202.165.102.243 dnl-cn7.kaspersky-labs.com 202.165.102.243 dnl-cn8.kaspersky-labs.com 202.165.102.243 dnl-cn9.kaspersky-labs.com 202.165.102.243 dnl-cn10.kaspersky-labs.com 202.165.102.243 dnl-cn11.kaspersky-labs.com 202.165.102.243 dnl-cn12.kaspersky-labs.com 202.165.102.243 dnl-cn13.kaspersky-labs.com 202.165.102.243 dnl-cn14.kaspersky-labs.com 202.165.102.243 dnl-cn15.kaspersky-labs.com 202.165.102.243 dnl-eu1.kaspersky-labs.com 202.165.102.243 dnl-eu2.kaspersky-labs.com 202.165.102.243 dnl-eu3.kaspersky-labs.com 202.165.102.243 dnl-eu4.kaspersky-labs.com 202.165.102.243 dnl-eu5.kaspersky-labs.com 202.165.102.243 dnl-eu6.kaspersky-labs.com 202.165.102.243 dnl-eu7.kaspersky-labs.com 202.165.102.243 dnl-eu8.kaspersky-labs.com 202.165.102.243 dnl-eu9.kaspersky-labs.com 202.165.102.243 dnl-eu10.kaspersky-labs.com 202.165.102.243 dnl-eu11.kaspersky-labs.com 202.165.102.243 dnl-eu12.kaspersky-labs.com 202.165.102.243 dnl-eu13.kaspersky-labs.com 202.165.102.243 dnl-eu14.kaspersky-labs.com 202.165.102.243 dnl-eu15.kaspersky-labs.com 202.165.102.243 dnl-us1.kaspersky-labs.com 202.165.102.243 dnl-us2.kaspersky-labs.com 202.165.102.243 dnl-us3.kaspersky-labs.com 202.165.102.243 dnl-us4.kaspersky-labs.com 202.165.102.243 dnl-us5.kaspersky-labs.com 202.165.102.243 dnl-us6.kaspersky-labs.com 202.165.102.243 dnl-us7.kaspersky-labs.com 202.165.102.243 dnl-us8.kaspersky-labs.com 202.165.102.243 dnl-us9.kaspersky-labs.com 202.165.102.243 dnl-us10.kaspersky-labs.com 202.165.102.243 dnl-us11.kaspersky-labs.com 202.165.102.243 dnl-us12.kaspersky-labs.com 202.165.102.243 dnl-us13.kaspersky-labs.com 202.165.102.243 dnl-us14.kaspersky-labs.com 202.165.102.243 dnl-us15.kaspersky-labs.com 202.165.102.243 dnl-ru1.kaspersky-labs.com 202.165.102.243 dnl-ru2.kaspersky-labs.com 202.165.102.243 dnl-ru3.kaspersky-labs.com 202.165.102.243 dnl-ru4.kaspersky-labs.com 202.165.102.243 dnl-ru5.kaspersky-labs.com 202.165.102.243 dnl-ru6.kaspersky-labs.com 202.165.102.243 dnl-ru7.kaspersky-labs.com 202.165.102.243 dnl-ru8.kaspersky-labs.com 202.165.102.243 dnl-ru9.kaspersky-labs.com 202.165.102.243 dnl-ru10.kaspersky-labs.com 202.165.102.243 dnl-ru11.kaspersky-labs.com 202.165.102.243 dnl-ru12.kaspersky-labs.com 202.165.102.243 dnl-ru13.kaspersky-labs.com 202.165.102.243 dnl-ru14.kaspersky-labs.com 202.165.102.243 dnl-ru15.kaspersky-labs.com 202.165.102.243 dnl-jp1.kaspersky-labs.com 202.165.102.243 dnl-jp2.kaspersky-labs.com 202.165.102.243 dnl-jp3.kaspersky-labs.com 202.165.102.243 dnl-jp4.kaspersky-labs.com 202.165.102.243 dnl-jp5.kaspersky-labs.com 202.165.102.243 dnl-jp6.kaspersky-labs.com 202.165.102.243 dnl-jp7.kaspersky-labs.com 202.165.102.243 dnl-jp8.kaspersky-labs.com 202.165.102.243 dnl-jp9.kaspersky-labs.com 202.165.102.243 dnl-jp10.kaspersky-labs.com 202.165.102.243 dnl-jp11.kaspersky-labs.com 202.165.102.243 dnl-jp12.kaspersky-labs.com 202.165.102.243 dnl-jp13.kaspersky-labs.com 202.165.102.243 dnl-jp14.kaspersky-labs.com 202.165.102.243 dnl-jp15.kaspersky-labs.com 202.165.102.243 dnl-kr1.kaspersky-labs.com 202.165.102.243 dnl-kr2.kaspersky-labs.com 202.165.102.243 dnl-kr3.kaspersky-labs.com 202.165.102.243 dnl-kr4.kaspersky-labs.com 202.165.102.243 dnl-kr5.kaspersky-labs.com 202.165.102.243 dnl-kr6.kaspersky-labs.com 202.165.102.243 dnl-kr7.kaspersky-labs.com 202.165.102.243 dnl-kr8.kaspersky-labs.com 202.165.102.243 dnl-kr9.kaspersky-labs.com 202.165.102.243 dnl-kr10.kaspersky-labs.com 202.165.102.243 dnl-kr11.kaspersky-labs.com 202.165.102.243 dnl-kr12.kaspersky-labs.com 202.165.102.243 dnl-kr13.kaspersky-labs.com 202.165.102.243 dnl-kr14.kaspersky-labs.com 202.165.102.243 dnl-kr15.kaspersky-labs.com 202.165.102.243 dnl-cd1.kaspersky-labs.com 202.165.102.243 dnl-cd2.kaspersky-labs.com 202.165.102.243 dnl-cd3.kaspersky-labs.com 202.165.102.243 dnl-cd4.kaspersky-labs.com 202.165.102.243 dnl-cd5.kaspersky-labs.com 202.165.102.243 dnl-cd6.kaspersky-labs.com 202.165.102.243 dnl-cd7.kaspersky-labs.com 202.165.102.243 dnl-cd8.kaspersky-labs.com 202.165.102.243 dnl-cd9.kaspersky-labs.com 202.165.102.243 dnl-cd10.kaspersky-labs.com 202.165.102.243 dnl-cd11.kaspersky-labs.com 202.165.102.243 dnl-cd12.kaspersky-labs.com 202.165.102.243 dnl-cd13.kaspersky-labs.com 202.165.102.243 dnl-cd14.kaspersky-labs.com 202.165.102.243 dnl-cd15.kaspersky-labs.com 202.165.102.243 downloads1.kaspersky-labs.com 202.165.102.243 downloads2.kaspersky-labs.com 202.165.102.243 downloads3.kaspersky-labs.com 202.165.102.243 downloads4.kaspersky-labs.com 202.165.102.243 downloads5.kaspersky-labs.com 219.235.3.16 rss.360safe.com 219.235.3.16 x.360safe.com 219.235.3.16 d.360safe.com 219.235.3.16 updatem.360safe.com 219.235.3.16 softm.360safe.com 219.235.3.16 ishare.sina.com.cn 219.235.3.16 search.cn.yahoo.com 219.235.3.16 www.google.com 219.235.3.16 google.com 219.235.3.16 www.google.cn 219.235.3.16 www.yahoo.com.cn 219.235.3.16 cn.yahoo.com 219.235.3.16 search.tom.com 219.235.3.16 zhuansha.duba.net 219.235.3.16 buy.duba.net 219.235.3.16 kad.www.duba.net 219.235.3.16 cu001.www.duba.net 219.235.3.16 cu002.www.duba.net 219.235.3.16 cu003.www.duba.net 219.235.3.16 cu004.www.duba.net 219.235.3.16 cu005.www.duba.net 219.235.3.16 cu010.www.duba.net 219.235.3.16 client.download.duba.net 219.235.3.16 page.so.163.com 219.235.3.16 www.soso.com 219.235.3.16 sou.china.com 219.235.3.16 test.591jx.com 219.235.3.16 a.topxxxx.cn 219.235.3.16 picon.chinaren.com 219.235.3.16 www.5566.net 127.0.0.1 p.qqkx.com 127.0.0.1 news.netandtv.com 127.0.0.1 z.neter888.cn 127.0.0.1 b.myblank.cn 127.0.0.1 wvw.wokutu.com 127.0.0.1 unionch.qyule.com 127.0.0.1 www.qyule.com 127.0.0.1 it.itjc.cn 127.0.0.1 www.linkwww.com 127.0.0.1 vod.kaicn.com 127.0.0.1 www.tx8688.com 127.0.0.1 b.neter888.cn 127.0.0.1 promote.huanqiu.com 127.0.0.1 www.huanqiu.com 127.0.0.1 www.haokanla.com 127.0.0.1 play.unionsky.cn 127.0.0.1 www.52v.com 127.0.0.1 www.gghka.cn 127.0.0.1 icon.ajiang.net 127.0.0.1 new.ete.cn 127.0.0.1 www.stiae.cn 127.0.0.1 o.neter888.cn 127.0.0.1 comm.jinti.com 127.0.0.1 www.google-analytics.com 127.0.0.1 hz.mmstat.com 127.0.0.1 www.game175.cn 127.0.0.1 x.neter888.cn 127.0.0.1 z.neter888.cn 127.0.0.1 p.etimes888.com 127.0.0.1 hx.etimes888.com 127.0.0.1 abc.qqkx.com 127.0.0.1 dm.popdm.cn 127.0.0.1 www.yl9999.com 127.0.0.1 www.dajiadoushe.cn 127.0.0.1 down.nihao29.cn 127.0.0.1 v.onondown.com.cn 127.0.0.1 www.interoo.net 127.0.0.1 bally1.bally-bally.net 127.0.0.1 www.bao5605509.cn 127.0.0.1 down.nihao29.cn 127.0.0.1 www.mzd020.cn 127.0.0.1 jzm015.cn 127.0.0.1 down.hs7yue.cn 127.0.0.1 new.doups.cn 127.0.0.1 w.qq-uc.cn 127.0.0.1 down.nihao69.cn 127.0.0.1 www.rty456.cn 127.0.0.1 www.werqwer.cn 127.0.0.1 www.jjyyzmj.cn 127.0.0.1 1.360-1.cn 127.0.0.1 5.360-5.cn 127.0.0.1 user1.23-16.net 127.0.0.1 user1.23-18.net 127.0.0.1 www.guccia.net 127.0.0.1 www.interoo.net 127.0.0.1 upa.netsool.net 127.0.0.1 pua.lianxiac.net 127.0.0.1 js.users.51.la 127.0.0.1 vip2.51.la 127.0.0.1 web.51.la 127.0.0.1 qq.gong2008.com 127.0.0.1 2008tl.copyip.com 127.0.0.1 tla.laozihuolaile.cn 127.0.0.1 www.tx6868.cn 127.0.0.1 p001.tiloaiai.com 127.0.0.1 s1.tl8tl.com 127.0.0.1 s1.gong2008.com 127.0.0.1 mm1.laozihuolaile.cn 127.0.0.1 mm2.laozihuolaile.cn 127.0.0.1 tlbm2.laozihuolaile.cn 127.0.0.1 tlbm3.laozihuolaile.cn 127.0.0.1 www.6161q1.cn 127.0.0.1 www.6161q2.cn 127.0.0.1 www.6161h1.cn 127.0.0.1 www.6161h2.cn 127.0.0.1 user1.23-21.net 127.0.0.1 www.skpoot.net 127.0.0.1 user1.kao-360.net 127.0.0.1 user1.23-22.net 127.0.0.1 www.keysooa.net ================================== API HOOK 入口点错误：CreateProcessA (危险等级: 一般, 被下面模块所HOOK: Dest Addr: 0x010D1FCD) 入口点错误：CreateProcessW (危险等级: 一般, 被下面模块所HOOK: Dest Addr: 0x010D20B5) ================================== 隐藏进程 N/A ================================== [/CODE]