ǿ־ v1.30 (2008-9-26 15:32:7)  Ϣ޹˾

ע:	[A]ʾļ;
	[M]ʾļڴ;

+ עĿ 
  + ϵͳ
    + HKLM\System\CurrentControlSet\Services
      Adobe LM Service
        [A ] 1. c:\program files\common files\adobe systems shared\service\adobelmsvc.exe
          Adobe Systems
          System Level Service Utility
          .text,.rdata,.data,.rsrc,


      kaccore
        [AM] 2. c:\program files\kingsoft\kac\service\kaccore.exe
          Kingsoft Corporation
          Kingsoft Basic Service Module
          .text,.orpc,.rdata,.data,.rsrc,


      MDM
        [AM] 3. c:\program files\common files\microsoft shared\vs7debug\mdm.exe
          Microsoft Corporation
          Machine Debug Manager
          .text,.data,.rsrc,


      NVSvc
        [AM] 4. c:\windows\system32\nvsvc32.exe
          NVIDIA Corporation
          NVIDIA Driver Helper Service, Version 177.92
          .text,.rdata,.data,.rsrc,


      ose
        [A ] 5. c:\program files\common files\microsoft shared\source engine\ose.exe
          Microsoft Corporation
          Office Source Engine
          .text,.data,.rsrc,


      WMPNetworkSvc
        [A ] 6. c:\program files\windows media player\wmpnetwk.exe
          Microsoft Corporation
          Windows Media Player 繲
          .text,.data,.rsrc,.reloc,


      WudfSvc
        [A ] 7. c:\windows\system32\wudfsvc.dll
          Microsoft Corporation
          Windows Driver Foundation - User-mode Driver Framework Service
          .text,.data,.rsrc,.reloc,




  + ں
    + HKLM\System\CurrentControlSet\Services
      ALCXWDM
        [A ] 8. c:\windows\system32\drivers\alcxwdm.sys
          Realtek Semiconductor Corp.
          Realtek AC'97 Audio Driver (WDM)
          .text,CODE,.rdata,.data,.data1,PAGE,INIT,.rsrc,.reloc,


      AmdK8
        [A ] 9. c:\windows\system32\drivers\amdk8.sys
          Advanced Micro Devices
          AMD Processor Driver
          .text,.rdata,.data,PAGE,PAGELK,INIT,.rsrc,.reloc,


      AmdLLD
        [A ] 10. c:\windows\system32\drivers\amdlld.sys
          AMD, Inc.
          AMD Low Level Device Driver
          .text,.rdata,.data,INIT,.rsrc,.reloc,


      ENTECH
        [A ] 11. c:\windows\system32\drivers\entech.sys
          EnTech Taiwan
          .text,.data,.CRT,.STL,PAGE,INIT,.rsrc,.reloc,


      KAVBootC
        [A ] 12. c:\windows\system32\drivers\kavbootc.sys
          Kingsoft Corporation
          Kingsoft Boot Clean
          .text,.data,.CRT,INIT,.rsrc,.reloc,


      KAVSafe
        [A ] 13. c:\windows\system32\drivers\kavsafe.sys
          Kingsoft Corporation
          KAVSafe Application
          .text,.data,.CRT,INIT,.rsrc,.reloc,


      NPF
        [A ] 14. c:\windows\system32\drivers\npf.sys
          CACE Technologies
          npf
          .text,.rdata,.data,INIT,.rsrc,.reloc,


      rfwtdi
        [A ] 15. e:\ɱ\rising\ris\rfwtdi.sys


      rsfwdrv
        [A ] 16. e:\ɱ\rising\ris\rsfwdrv.sys


      RTL8023xp
        [A ] 17. c:\windows\system32\drivers\rtnicxp.sys
          Realtek Semiconductor Corporation                           
          Realtek 10/100/1000 NDIS 5.1 Driver                         
          .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,


      Secdrv
        [A ] 18. c:\windows\system32\drivers\secdrv.sys
          Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.
          Macrovision SECURITY Driver
          .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,


      SiFilter
        [A ] 19. c:\windows\system32\drivers\siwinacc.sys
          Silicon Image, Inc.
          Windows Accelerator Driver
          .text,.rdata,.data,INIT,.rsrc,.reloc,


      SNPSTD3
        [A ] 20. c:\windows\system32\drivers\snpstd3.sys
          PC Camera driver
          .text,.rdata,.data,INIT,.rsrc,.reloc,


      Tcpip
        [A ] 21. c:\windows\system32\drivers\tcpip.sys
          Microsoft Corporation
          TCP/IP Protocol Driver
          .text,.rdata,.data,PAGE,PAGELK,PAGEIPMc,.edata,INIT,.rsrc,.reloc,


      TesSafe
        [A ] 22. c:\windows\system32\tessafe.sys
          TENCENT
          TesSafe NT Driver
          .text,.rdata,.data,INIT,.rsrc,.reloc,


      viaagp1
        [A ] 23. c:\windows\system32\drivers\viaagp1.sys
          VIA Technologies, Inc.
          VIA NT AGP Filter
          .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,


      ViBus
        [A ] 24. c:\windows\system32\drivers\vibus.sys
          VIA Technologies, Inc.
          VIA SATA IDE Driver
          .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,


      videX32
        [A ] 25. c:\windows\system32\drivers\videx32.sys
          VIA Technologies, Inc.
          VIA Generic PCI IDE Bus Driver
          .text,.rdata,.data,INIT,.rsrc,.reloc,


      ViPrt
        [A ] 26. c:\windows\system32\drivers\viprt.sys
          VIA Technologies, Inc.
          VIA SATA IDE Driver
          .text,.rdata,.data,INIT,.rsrc,.reloc,


      vmmouse
        [A ] 27. c:\windows\system32\drivers\vmmouse.sys
          VMware, Inc.
          VMware Pointing Device Driver
          .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,


      WudfPf
        [A ] 28. c:\windows\system32\drivers\wudfpf.sys
          Microsoft Corporation
          Windows Driver Foundation - User-mode Driver Framework Platform Driver
          .text,.rdata,.data,PAGE,.edata,INIT,.rsrc,.reloc,


      WudfRd
        [A ] 29. c:\windows\system32\drivers\wudfrd.sys
          Microsoft Corporation
          Windows Driver Foundation - User-mode Driver Framework Reflector
          .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc,


      XLPPoEPC
        [A ] 30. c:\windows\system32\drivers\xlppoepc.sys
          ϵͳ˾
          Sample NDIS 4.0 Intermediate Miniport Driver
          .text,.rdata,.data,INIT,.rsrc,.reloc,




  + ϵͳ½
    + HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
      WgaLogon
        [AM] 31. c:\windows\system32\wgalogon.dll
          .text,.rsrc,




  + IEģ
    + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
      {01443AEC-0FD1-40fd-9C87-E93D1494C233}
        [AM] 32. d:\Ѹ\thunder\comdlls\tdatonce_now.dll
          Thunder Networking Technologies,LTD
          Ѹ߼֧ģ
          .text,.rdata,.data,.rsrc,.reloc,


      {889D2FEB-5411-4565-8998-1DD2C5261283}
        [AM] 33. d:\Ѹ\thunder\comdlls\xunleibho_now.dll
          Thunder Networking Technologies,LTD
          XunLeiBHO
          .text,.rdata,.data,.rsrc,.reloc,




  + Դģ
    + HKLM\SOFTWARE\Classes\PROTOCOLS\Filter
      text/xml
        [AM] 34. c:\program files\common files\microsoft shared\office11\msoxmlmf.dll
          Microsoft Corporation
          Microsoft Office XML MIME Filter
          .text,.data,.cdata,.rsrc,.reloc,



    + HKLM\SOFTWARE\Classes\PROTOCOLS\Handler
      KuGoo
        [A ] 35. c:\windows\system32\kugoo3downxcontrol.ocx
          ṷ
          ṷֿؼ
          .text,.itext,.data,.bss,.idata,.edata,.reloc,.rsrc,


      KuGoo3
        [A ] 35. c:\windows\system32\kugoo3downxcontrol.ocx
          ṷ
          ṷֿؼ
          .text,.itext,.data,.bss,.idata,.edata,.reloc,.rsrc,



    + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
      HyperTerminal Icon Ext
        [A ] 36. c:\windows\system32\hticons.dll
          Hilgraeve, Inc.
          HyperTerminal Applet Library
          .text,.data,.rsrc,.reloc,


      Microsoft Office HTML Icon Handler
        [A ] 37. c:\program files\microsoft office\office11\msohev.dll
          Microsoft Corporation
          Microsoft Office 2003 component
          .text,.data,.rsrc,.reloc,


      Web Folders
        [A ] 38. c:\program files\common files\microsoft shared\web folders\msonsext.dll
          Microsoft Corporation
          Microsoft Web Folders
          .text,.data,.rsrc,.reloc,


      WinRAR shell extension
        [AM] 39. c:\program files\winrar\rarext.dll
          .text,.data,.tls,.idata,.edata,.rsrc,.reloc,


      Microsoft Office Metadata Handler
        [A ] 40. c:\program files\common files\microsoft shared\office12\msoshext.dll
          Microsoft Corporation
          Microsoft Office Shell Extension Handlers
          .text,.data,.rsrc,.reloc,


      Microsoft Office Thumbnail Handler
        [A ] 40. c:\program files\common files\microsoft shared\office12\msoshext.dll
          Microsoft Corporation
          Microsoft Office Shell Extension Handlers
          .text,.data,.rsrc,.reloc,


      NvCpl DesktopContext Class
        [A ] 41. c:\windows\system32\nvcpl.dll
          NVIDIA Corporation
          NVIDIA Display Properties Extension
          .text,.orpc,.rdata,.data,CONST,.rsrc,.reloc,


      Play on my TV helper
        [A ] 41. c:\windows\system32\nvcpl.dll
          NVIDIA Corporation
          NVIDIA Display Properties Extension
          .text,.orpc,.rdata,.data,CONST,.rsrc,.reloc,


      Portable Media Devices
        [A ] 42. c:\windows\system32\audiodev.dll
          Microsoft Corporation
          Portable Media Devices Shell Extension
          .text,.data,.rsrc,.reloc,


      Portable Devices
        [A ] 43. c:\windows\system32\wpdshext.dll
          Microsoft Corporation
          Portable Devices Shell Extension
          .text,.data,.rsrc,.reloc,


      Portable Devices Menu
        [A ] 43. c:\windows\system32\wpdshext.dll
          Microsoft Corporation
          Portable Devices Shell Extension
          .text,.data,.rsrc,.reloc,


      Desktop Explorer
        [AM] 44. c:\windows\system32\nvshell.dll
          .text,.rdata,.data,.idata,.shared,.rsrc,.reloc,


      Desktop Explorer Menu
        [AM] 44. c:\windows\system32\nvshell.dll
          .text,.rdata,.data,.idata,.shared,.rsrc,.reloc,


      nView Desktop Context Menu
        [AM] 44. c:\windows\system32\nvshell.dll
          .text,.rdata,.data,.idata,.shared,.rsrc,.reloc,



    + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
      WPDShServiceObj
        [AM] 45. c:\windows\system32\wpdshserviceobj.dll
          Microsoft Corporation
          Windows Portable Device Shell Service Object
          .text,.data,.rsrc,.reloc,




  + û½Ŀ
    + HKLM\Software\Microsoft\Windows\CurrentVersion\Run
      Ѷ1.0
        [AM] 46. d:\chinanetsn\bin\netkeeper.exe
          XI AN XINLI SOFTWARE TECHNOLOGY CO.,LTD
          DialTerminal Microsoft Ӧó
          .text,.rdata,.data,.rsrc,


      runeip
        [AM] 47. e:\ǿ\rstray.exe
          Beijing Rising Information Technology Co., Ltd.
          RSTray
          .text,.rdata,.data,.rsrc,


      CameraFixer
        [A ] 48. c:\windows\camerafixer.exe
          CameraFixer MFC Application
          .text,.rdata,.data,.rsrc,


      tsnpstd3
        [AM] 49. c:\windows\tsnpstd3.exe
          tsnpstd3 Microsoft 
          .text,.rdata,.data,.rsrc,


      snpstd3
        [A ] 50. c:\windows\vsnpstd3.exe
          CameraMonitor Application
          .text,.rdata,.data,.data1,.rsrc,




  + ӳٳ
    + HKCR\Folder\shell
      Super Rabbit CDROM Eject
        [A ] 51. e:\\magicset\srcd2.exe
          Super Rabbit Software
          UPX0,UPX1,.rsrc,



    + HKCR\.html
      htmlfile\Edit\Command
        [A ] 52. c:\program files\microsoft office\office11\msohtmed.exe
          Microsoft Corporation
          Microsoft Office 2003 component
          .text,.data,.cdata,.rsrc,


      htmlfile\open\Command
        [AM] 53. d:\\maxthon.exe
          Maxthon International ltd.
          Maxthon Browser
          .text,.rdata,.data,.rsrc,.reloc,


      htmlfile\Print\Command
        [A ] 52. c:\program files\microsoft office\office11\msohtmed.exe
          Microsoft Corporation
          Microsoft Office 2003 component
          .text,.data,.cdata,.rsrc,


      htmlfile\(Maxthon)\Command
        [AM] 53. d:\\maxthon.exe
          Maxthon International ltd.
          Maxthon Browser
          .text,.rdata,.data,.rsrc,.reloc,



    + HKCR\.htm
      htmlfile\Edit\Command
        [A ] 52. c:\program files\microsoft office\office11\msohtmed.exe
          Microsoft Corporation
          Microsoft Office 2003 component
          .text,.data,.cdata,.rsrc,


      htmlfile\open\Command
        [AM] 53. d:\\maxthon.exe
          Maxthon International ltd.
          Maxthon Browser
          .text,.rdata,.data,.rsrc,.reloc,


      htmlfile\Print\Command
        [A ] 52. c:\program files\microsoft office\office11\msohtmed.exe
          Microsoft Corporation
          Microsoft Office 2003 component
          .text,.data,.cdata,.rsrc,


      htmlfile\(Maxthon)\Command
        [AM] 53. d:\\maxthon.exe
          Maxthon International ltd.
          Maxthon Browser
          .text,.rdata,.data,.rsrc,.reloc,



    + HKCR\.mp3
      KuGoo.MP3\Open\Command
        [A ] 54. d:\ֲ\kugou2008\kugoo.exe
          ṷ
          ṷ2008
          .text,.itext,.data,.bss,.idata,.tls,.rdata,.reloc,.rsrc,


      KuGoo.MP3\PlayList\Command
        [A ] 54. d:\ֲ\kugou2008\kugoo.exe
          ṷ
          ṷ2008
          .text,.itext,.data,.bss,.idata,.tls,.rdata,.reloc,.rsrc,




  + ʼ֪̬ӿ
    + HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
      AppInit_DLLs
        [AM] 55. c:\windows\system32\kmon.dll
          Beijing Rising Information Technology Co., Ltd.
          KaKa Monitors
          .text,.rdata,.data,.rsrc,.reloc,





+ Ŀ
  + C:\WINDOWS\Tasks
    SogouImeMgr.job
      [A ] 56. d:\ѹ\sogouinput\3.6.0.1653\pinyinrepair.exe
        Sogou.com Inc.
        ѹƴ뷨 뷨޸
        .text,.rdata,.data,.rsrc,




+ еĽ
  + 000001b0(432) alg.exe
    5ADC0000[00037000]
      [ M] 57. c:\windows\system32\uxtheme.dll
        Microsoft Corporation
        Microsoft UxTheme Library
        .text,.data,.rsrc,.reloc,


    60000000[00074000]
      [AM] 55. c:\windows\system32\kmon.dll
        Beijing Rising Information Technology Co., Ltd.
        KaKa Monitors
        .text,.rdata,.data,.rsrc,.reloc,



  + 000001d0(464) kaccore.exe
    00400000[00059000]
      [AM] 2. c:\program files\kingsoft\kac\service\kaccore.exe
        Kingsoft Corporation
        Kingsoft Basic Service Module
        .text,.orpc,.rdata,.data,.rsrc,


    60000000[00074000]
      [AM] 55. c:\windows\system32\kmon.dll
        Beijing Rising Information Technology Co., Ltd.
        KaKa Monitors
        .text,.rdata,.data,.rsrc,.reloc,


    5ADC0000[00037000]
      [ M] 57. c:\windows\system32\uxtheme.dll
        Microsoft Corporation
        Microsoft UxTheme Library
        .text,.data,.rsrc,.reloc,


    10000000[00034000]
      [ M] 58. c:\program files\kingsoft\kac\service\corehelper.dll
        Kingsoft Corporation
        Kingsoft Basic Service Module
        .text,.rdata,.data,.rsrc,.reloc,



  + 000001e4(484) MDM.EXE
    00400000[0004D000]
      [AM] 3. c:\program files\common files\microsoft shared\vs7debug\mdm.exe
        Microsoft Corporation
        Machine Debug Manager
        .text,.data,.rsrc,


    60000000[00074000]
      [AM] 55. c:\windows\system32\kmon.dll
        Beijing Rising Information Technology Co., Ltd.
        KaKa Monitors
        .text,.rdata,.data,.rsrc,.reloc,


    51810000[00006000]
      [ M] 59. c:\program files\common files\microsoft shared\vs7debug\2052\mdmui.dll
        Microsoft Corporation
        MDM Դ
        .rsrc,.reloc,



  + 00000248(584) nvsvc32.exe
    00400000[0002E000]
      [AM] 4. c:\windows\system32\nvsvc32.exe
        NVIDIA Corporation
        NVIDIA Driver Helper Service, Version 177.92
        .text,.rdata,.data,.rsrc,


    60000000[00074000]
      [AM] 55. c:\windows\system32\kmon.dll
        Beijing Rising Information Technology Co., Ltd.
        KaKa Monitors
        .text,.rdata,.data,.rsrc,.reloc,


    00A30000[00076000]
      [ M] 60. c:\windows\system32\nvapi.dll
        NVIDIA Corporation
        NVIDIA NVAPI Library, Version 177.92 
        .text,.rdata,.data,.idata,.rsrc,.reloc,


    5ADC0000[00037000]
      [ M] 57. c:\windows\system32\uxtheme.dll
        Microsoft Corporation
        Microsoft UxTheme Library
        .text,.data,.rsrc,.reloc,



  + 00000270(624) svchost.exe
    5ADC0000[00037000]
      [ M] 57. c:\windows\system32\uxtheme.dll
        Microsoft Corporation
        Microsoft UxTheme Library
        .text,.data,.rsrc,.reloc,



  + 00000334(820) Maxthon.exe
    00400000[0034F000]
      [AM] 53. d:\\maxthon.exe
        Maxthon International ltd.
        Maxthon Browser
        .text,.rdata,.data,.rsrc,.reloc,


    10000000[00017000]
      [ M] 61. d:\\mxpp.dll
        Maxthon International ltd.
        .text,.rdata,.data,.rsrc,.reloc,


    007F0000[00022000]
      [ M] 62. d:\\mxsk.dll
        Maxthon
        .text,.rdata,.data,.rsrc,.reloc,


    00820000[0009E000]
      [ M] 63. d:\\mxproxy2.dll
        Maxthon International ltd.
        .text,.text1,.rdata,.data,.data1,.rsrc,.reloc,


    003E0000[0000D000]
      [ M] 64. d:\\mxext.dll
        .text,.rdata,.data,.reloc,


    008C0000[001D6000]
      [ M] 65. d:\\mxui.dll
        Maxthon International
        MxUI library
        UPX0,UPX1,.rsrc,


    60000000[00074000]
      [AM] 55. c:\windows\system32\kmon.dll
        Beijing Rising Information Technology Co., Ltd.
        KaKa Monitors
        .text,.rdata,.data,.rsrc,.reloc,


    01130000[0002E000]
      [ M] 66. e:\ǿ\comx3.dll
        Beijing Rising Information Technology Co., Ltd.
        comx3 Dynamic Link Library
        .text,.rdata,.data,.rsrc,.reloc,


    01160000[00019000]
      [ M] 67. e:\ǿ\syslay.dll
        Beijing Rising Information Technology Co., Ltd.
        Syslay
        .text,.rdata,.data,.rsrc,.reloc,


    5ADC0000[00037000]
      [ M] 57. c:\windows\system32\uxtheme.dll
        Microsoft Corporation
        Microsoft UxTheme Library
        .text,.data,.rsrc,.reloc,


    01740000[0014F000]
      [ M] 68. c:\windows\system32\sogoupy.ime
        Sogou.com Inc.
        ѹƴ뷨
        UPX0,UPX1,.rsrc,


    032A0000[00015000]
      [ M] 69. d:\\mxtool.dll
        mxtool Module
        .text,.rdata,.data,.rsrc,.reloc,


    032C0000[00012000]
      [ M] 70. d:\\maxzlib.dll
        zlib data compression library
        .text,.rdata,.data,.rsrc,.reloc,


    05020000[0000D000]
      [AM] 34. c:\program files\common files\microsoft shared\office11\msoxmlmf.dll
        Microsoft Corporation
        Microsoft Office XML MIME Filter
        .text,.data,.cdata,.rsrc,.reloc,


    053F0000[00016000]
      [ M] 71. d:\\modules\mxpagesearch\mxpagesearch.dll
        Maxthon International ltd.
        MxPageSearch
        .text,.text1,.rdata,.data,.data1,.rsrc,.reloc,


    05600000[0003B000]
      [ M] 72. d:\\modules\mxwebboost\mxwebboost.dll
        Maxthon
        MxWebBoost
        .text,.rdata,.data,.rsrc,.reloc,


    05640000[00062000]
      [ M] 73. d:\\mxdb.dll
        Max
        mxdb
        .text,.text1,.rdata,.data,.data1,.rsrc,.reloc,


    05BA0000[0002F000]
      [ M] 74. d:\\modules\mxhistory\mxhistory.dll
        Maxthon International ltd.
        MxHistory
        .text,.rdata,.data,.rsrc,.reloc,


    71800000[0007C000]
      [ M] 75. c:\windows\system32\shdoclc.dll
        Microsoft Corporation
        Shell Doc Object and Control Library
        .rsrc,.reloc,


    30000000[003AF000]
      [ M] 76. c:\windows\system32\macromed\flash\flash9f.ocx
        Adobe Systems, Inc.
        Adobe Flash Player 9.0  r124
        .text,.rdata,.data,.rodata,.rsrc,.reloc,


    72C80000[00008000]
      [ M] 77. c:\windows\system32\msacm32.drv
        Microsoft Corporation
        Microsoft Sound Mapper
        .text,.data,.rsrc,.reloc,



  + 00000354(852) smss.exe

  + 0000038c(908) csrss.exe

  + 000003b0(944) winlogon.exe
    01000000[0007D000]
      [ M] 78. c:\windows\system32\winlogon.exe
        Microsoft Corporation
        Windows NT Logon Application
        .text,.data,.rsrc,


    5ADC0000[00037000]
      [ M] 57. c:\windows\system32\uxtheme.dll
        Microsoft Corporation
        Microsoft UxTheme Library
        .text,.data,.rsrc,.reloc,


    73D50000[00003000]
      [AM] 31. c:\windows\system32\wgalogon.dll
        .text,.rsrc,


    10000000[0014F000]
      [ M] 68. c:\windows\system32\sogoupy.ime
        Sogou.com Inc.
        ѹƴ뷨
        UPX0,UPX1,.rsrc,


    72C80000[00008000]
      [ M] 77. c:\windows\system32\msacm32.drv
        Microsoft Corporation
        Microsoft Sound Mapper
        .text,.data,.rsrc,.reloc,



  + 000003dc(988) services.exe
    46040000[0000F000]
      [ M] 79. c:\windows\apppatch\acadproc.dll
        Microsoft Corporation
        Windows Compatibility DLL
        .text,.data,.rsrc,.reloc,



  + 000003e8(1000) lsass.exe
    5ADC0000[00037000]
      [ M] 57. c:\windows\system32\uxtheme.dll
        Microsoft Corporation
        Microsoft UxTheme Library
        .text,.data,.rsrc,.reloc,



  + 00000428(1064) tsnpstd3.exe
    00400000[00016000]
      [AM] 49. c:\windows\tsnpstd3.exe
        tsnpstd3 Microsoft 
        .text,.rdata,.data,.rsrc,


    60000000[00074000]
      [AM] 55. c:\windows\system32\kmon.dll
        Beijing Rising Information Technology Co., Ltd.
        KaKa Monitors
        .text,.rdata,.data,.rsrc,.reloc,


    5ADC0000[00037000]
      [ M] 57. c:\windows\system32\uxtheme.dll
        Microsoft Corporation
        Microsoft UxTheme Library
        .text,.data,.rsrc,.reloc,


    10000000[0014F000]
      [ M] 68. c:\windows\system32\sogoupy.ime
        Sogou.com Inc.
        ѹƴ뷨
        UPX0,UPX1,.rsrc,


    01D60000[0000E000]
      [ M] 80. c:\windows\vsnpstd3.dll
         
        .text,.rdata,.data,.rsrc,.reloc,



  + 00000470(1136) rstray.exe
    00400000[00023000]
      [AM] 47. e:\ǿ\rstray.exe
        Beijing Rising Information Technology Co., Ltd.
        RSTray
        .text,.rdata,.data,.rsrc,


    60000000[00074000]
      [AM] 55. c:\windows\system32\kmon.dll
        Beijing Rising Information Technology Co., Ltd.
        KaKa Monitors
        .text,.rdata,.data,.rsrc,.reloc,


    10000000[0003C000]
      [ M] 81. e:\ǿ\rsmginfo.dll
        Beijing Rising Information Technology Co., Ltd.
        rsmginfo
        .text,.rdata,.data,.rsrc,.reloc,


    5ADC0000[00037000]
      [ M] 57. c:\windows\system32\uxtheme.dll
        Microsoft Corporation
        Microsoft UxTheme Library
        .text,.data,.rsrc,.reloc,


    23800000[00022000]
      [ M] 82. e:\ǿ\rsxml.dll
        Beijing Rising Information Technology Co., Ltd.
        RsXML
        .text,.rdata,.data,.rsrc,.reloc,


    7C3A0000[0007B000]
      [ M] 83. e:\ǿ\msvcp71.dll
        Microsoft Corporation
        Microsoft? C++ Runtime Library
        .text,.rdata,.data,.rsrc,.reloc,


    7C340000[00056000]
      [ M] 84. e:\ǿ\msvcr71.dll
        Microsoft Corporation
        Microsoft? C Runtime Library
        .text,.rdata,.data,.rsrc,.reloc,


    00AE0000[0014F000]
      [ M] 68. c:\windows\system32\sogoupy.ime
        Sogou.com Inc.
        ѹƴ뷨
        UPX0,UPX1,.rsrc,


    02070000[00024000]
      [ M] 85. e:\ǿ\comserv.dll
        Beijing Rising Information Technology Co., Ltd.
        .text,.rdata,.data,.rsrc,.reloc,


    020A0000[00019000]
      [ M] 67. e:\ǿ\syslay.dll
        Beijing Rising Information Technology Co., Ltd.
        Syslay
        .text,.rdata,.data,.rsrc,.reloc,


    23700000[00026000]
      [ M] 86. e:\ǿ\rscommon.dll
        Beijing Rising Information Technology Co., Ltd.
        Rising Common Function Dynamic Link Library
        .text,.rdata,.data,.rsrc,.reloc,


    020E0000[0002E000]
      [ M] 66. e:\ǿ\comx3.dll
        Beijing Rising Information Technology Co., Ltd.
        comx3 Dynamic Link Library
        .text,.rdata,.data,.rsrc,.reloc,


    23900000[00040000]
      [ M] 87. e:\ǿ\pngdll.dll
        Beijing Rising Information Technology Co., Ltd.
        Rising .Png File Loader Dynamic Link Library
        .text,.rdata,.data,.rsrc,.reloc,


    02770000[00061000]
      [ M] 88. e:\ǿ\runiep.dll
        Beijing Rising Information Technology Co., Ltd.
        Rising AntiSpyware tray
        .text,.rdata,.data,.rsrc,.reloc,


    027E0000[0002F000]
      [ M] 89. e:\ǿ\ncomm.dll
        Beijing Rising Information Technology Co., Ltd.
        Rising AntiSpyware
        .text,.rdata,.data,.rsrc,.reloc,



  + 000004a4(1188) svchost.exe
    5ADC0000[00037000]
      [ M] 57. c:\windows\system32\uxtheme.dll
        Microsoft Corporation
        Microsoft UxTheme Library
        .text,.data,.rsrc,.reloc,



  + 000004e4(1252) svchost.exe
    5ADC0000[00037000]
      [ M] 57. c:\windows\system32\uxtheme.dll
        Microsoft Corporation
        Microsoft UxTheme Library
        .text,.data,.rsrc,.reloc,



  + 00000560(1376) svchost.exe
    5ADC0000[00037000]
      [ M] 57. c:\windows\system32\uxtheme.dll
        Microsoft Corporation
        Microsoft UxTheme Library
        .text,.data,.rsrc,.reloc,



  + 000005c4(1476) svchost.exe
    5ADC0000[00037000]
      [ M] 57. c:\windows\system32\uxtheme.dll
        Microsoft Corporation
        Microsoft UxTheme Library
        .text,.data,.rsrc,.reloc,



  + 00000658(1624) svchost.exe
    5ADC0000[00037000]
      [ M] 57. c:\windows\system32\uxtheme.dll
        Microsoft Corporation
        Microsoft UxTheme Library
        .text,.data,.rsrc,.reloc,



  + 000006d0(1744) spoolsv.exe
    5ADC0000[00037000]
      [ M] 57. c:\windows\system32\uxtheme.dll
        Microsoft Corporation
        Microsoft UxTheme Library
        .text,.data,.rsrc,.reloc,



  + 000007bc(1980) Explorer.EXE
    5ADC0000[00037000]
      [ M] 57. c:\windows\system32\uxtheme.dll
        Microsoft Corporation
        Microsoft UxTheme Library
        .text,.data,.rsrc,.reloc,


    60000000[00074000]
      [AM] 55. c:\windows\system32\kmon.dll
        Beijing Rising Information Technology Co., Ltd.
        KaKa Monitors
        .text,.rdata,.data,.rsrc,.reloc,


    10000000[0014F000]
      [ M] 68. c:\windows\system32\sogoupy.ime
        Sogou.com Inc.
        ѹƴ뷨
        UPX0,UPX1,.rsrc,


    164A0000[00023000]
      [AM] 45. c:\windows\system32\wpdshserviceobj.dll
        Microsoft Corporation
        Windows Portable Device Shell Service Object
        .text,.data,.rsrc,.reloc,


    109C0000[0002C000]
      [ M] 90. c:\windows\system32\portabledevicetypes.dll
        Microsoft Corporation
        Windows Portable Device (Parameter) Types Component
        .text,.orpc,.data,.rsrc,.reloc,


    10930000[00049000]
      [ M] 91. c:\windows\system32\portabledeviceapi.dll
        Microsoft Corporation
        Windows Portable Device API Components
        .text,.orpc,.data,.rsrc,.reloc,


    72C80000[00008000]
      [ M] 77. c:\windows\system32\msacm32.drv
        Microsoft Corporation
        Microsoft Sound Mapper
        .text,.data,.rsrc,.reloc,


    042D0000[00073000]
      [AM] 44. c:\windows\system32\nvshell.dll
        .text,.rdata,.data,.idata,.shared,.rsrc,.reloc,


    04650000[00040000]
      [AM] 32. d:\Ѹ\thunder\comdlls\tdatonce_now.dll
        Thunder Networking Technologies,LTD
        Ѹ߼֧ģ
        .text,.rdata,.data,.rsrc,.reloc,


    04690000[00031000]
      [AM] 33. d:\Ѹ\thunder\comdlls\xunleibho_now.dll
        Thunder Networking Technologies,LTD
        XunLeiBHO
        .text,.rdata,.data,.rsrc,.reloc,


    03280000[0002E000]
      [AM] 39. c:\program files\winrar\rarext.dll
        .text,.data,.tls,.idata,.edata,.rsrc,.reloc,



  + 000007d8(2008) NetKeeper.exe
    00400000[0006D000]
      [AM] 46. d:\chinanetsn\bin\netkeeper.exe
        XI AN XINLI SOFTWARE TECHNOLOGY CO.,LTD
        DialTerminal Microsoft Ӧó
        .text,.rdata,.data,.rsrc,


    60000000[00074000]
      [AM] 55. c:\windows\system32\kmon.dll
        Beijing Rising Information Technology Co., Ltd.
        KaKa Monitors
        .text,.rdata,.data,.rsrc,.reloc,


    5ADC0000[00037000]
      [ M] 57. c:\windows\system32\uxtheme.dll
        Microsoft Corporation
        Microsoft UxTheme Library
        .text,.data,.rsrc,.reloc,


    10000000[0014F000]
      [ M] 68. c:\windows\system32\sogoupy.ime
        Sogou.com Inc.
        ѹƴ뷨
        UPX0,UPX1,.rsrc,


    01E20000[0000D000]
      [ M] 92. d:\chinanetsn\bin\auth.dll
        auth DLL
        .text,.rdata,.data,.rsrc,.reloc,


    023F0000[00008000]
      [ M] 93. c:\windows\system32\pproxyctl.dll
        ޹˾
        PProxyCTL
        .text,.rdata,.data,.rsrc,.reloc,


    02410000[00008000]
      [ M] 94. d:\chinanetsn\plugin\ephone\netkeepertoecp.dll
        㽭ʡϢҵ޹˾
        NetKeeperToEcp DLL
        .text,.rdata,.data,.rsrc,.reloc,


    71800000[0007C000]
      [ M] 75. c:\windows\system32\shdoclc.dll
        Microsoft Corporation
        Shell Doc Object and Control Library
        .rsrc,.reloc,


    72C80000[00008000]
      [ M] 77. c:\windows\system32\msacm32.drv
        Microsoft Corporation
        Microsoft Sound Mapper
        .text,.data,.rsrc,.reloc,


    30000000[003AF000]
      [ M] 76. c:\windows\system32\macromed\flash\flash9f.ocx
        Adobe Systems, Inc.
        Adobe Flash Player 9.0  r124
        .text,.rdata,.data,.rodata,.rsrc,.reloc,


    05B10000[0000D000]
      [AM] 34. c:\program files\common files\microsoft shared\office11\msoxmlmf.dll
        Microsoft Corporation
        Microsoft Office XML MIME Filter
        .text,.data,.cdata,.rsrc,.reloc,



  + 000009a0(2464) FSCapture.exe
    00400000[00347000]
      [ M] 95. e:\沶׽\fscapture\fscapture.exe
        FastStone Soft
        FastStone Capture
        CODE,DATA,BSS,.idata,.tls,.rdata,.reloc,.rsrc,


    60000000[00074000]
      [AM] 55. c:\windows\system32\kmon.dll
        Beijing Rising Information Technology Co., Ltd.
        KaKa Monitors
        .text,.rdata,.data,.rsrc,.reloc,


    10000000[0002E000]
      [ M] 66. e:\ǿ\comx3.dll
        Beijing Rising Information Technology Co., Ltd.
        comx3 Dynamic Link Library
        .text,.rdata,.data,.rsrc,.reloc,


    00CD0000[00019000]
      [ M] 67. e:\ǿ\syslay.dll
        Beijing Rising Information Technology Co., Ltd.
        Syslay
        .text,.rdata,.data,.rsrc,.reloc,


    5ADC0000[00037000]
      [ M] 57. c:\windows\system32\uxtheme.dll
        Microsoft Corporation
        Microsoft UxTheme Library
        .text,.data,.rsrc,.reloc,


    00F00000[0014F000]
      [ M] 68. c:\windows\system32\sogoupy.ime
        Sogou.com Inc.
        ѹƴ뷨
        UPX0,UPX1,.rsrc,



  + 00000adc(2780) ras.exe
    00400000[0000B000]
      [ M] 96. e:\ǿ\ras.exe
        Beijing Rising Information Technology Co., Ltd.
        Rising AntiSpyware
        .text,.rdata,.data,.rsrc,


    7C140000[00103000]
      [ M] 97. e:\ǿ\mfc71.dll
        Microsoft Corporation
        MFCDLL Shared Library - Retail Version
        .text,.data,.rsrc,.reloc,


    7C340000[00056000]
      [ M] 84. e:\ǿ\msvcr71.dll
        Microsoft Corporation
        Microsoft? C Runtime Library
        .text,.rdata,.data,.rsrc,.reloc,


    60000000[00074000]
      [AM] 55. c:\windows\system32\kmon.dll
        Beijing Rising Information Technology Co., Ltd.
        KaKa Monitors
        .text,.rdata,.data,.rsrc,.reloc,


    5ADC0000[00037000]
      [ M] 57. c:\windows\system32\uxtheme.dll
        Microsoft Corporation
        Microsoft UxTheme Library
        .text,.data,.rsrc,.reloc,


    10000000[00047000]
      [ M] 98. e:\ǿ\kakamgr.dll
        Beijing Rising Information Technology Co., Ltd.
        Rising AntiSpyware
        .text,.rdata,.data,.rsrc,.reloc,


    7C3A0000[0007B000]
      [ M] 83. e:\ǿ\msvcp71.dll
        Microsoft Corporation
        Microsoft? C++ Runtime Library
        .text,.rdata,.data,.rsrc,.reloc,


    00A20000[00019000]
      [ M] 67. e:\ǿ\syslay.dll
        Beijing Rising Information Technology Co., Ltd.
        Syslay
        .text,.rdata,.data,.rsrc,.reloc,


    00A80000[0002E000]
      [ M] 66. e:\ǿ\comx3.dll
        Beijing Rising Information Technology Co., Ltd.
        comx3 Dynamic Link Library
        .text,.rdata,.data,.rsrc,.reloc,


    00CE0000[00058000]
      [ M] 99. e:\ǿ\dbmgr.dll
        Beijing Rising Information Technology Co., Ltd.
        Rising AntiSpyware
        .text,.rdata,.data,.rsrc,.reloc,


    23800000[00022000]
      [ M] 82. e:\ǿ\rsxml.dll
        Beijing Rising Information Technology Co., Ltd.
        RsXML
        .text,.rdata,.data,.rsrc,.reloc,


    00E40000[0002D000]
      [ M] 100. e:\ǿ\pweb.dll
        Beijing Rising Information Technology Co., Ltd.
        Rising AntiSpyware
        .text,.rdata,.data,.rsrc,.reloc,


    00EB0000[000C1000]
      [ M] 101. e:\ǿ\pscan.dll
        Beijing Rising Information Technology Co., Ltd.
        Rising AntiSpyware
        .text,.rdata,.data,.rsrc,.reloc,


    00F80000[0002F000]
      [ M] 89. e:\ǿ\ncomm.dll
        Beijing Rising Information Technology Co., Ltd.
        Rising AntiSpyware
        .text,.rdata,.data,.rsrc,.reloc,


    00FD0000[00070000]
      [ M] 102. e:\ǿ\pset.dll
        Beijing Rising Information Technology Co., Ltd.
        Rising AntiSpyware
        .text,.rdata,.data,.rsrc,.reloc,


    01060000[0002A000]
      [ M] 103. e:\ǿ\pdefend.dll
        Beijing Rising Information Technology Co., Ltd.
        Rising AntiSpyware
        .text,.rdata,.data,.rsrc,.reloc,


    01090000[000B6000]
      [ M] 104. e:\ǿ\ptools.dll
        Beijing Rising Information Technology Co., Ltd.
        Rising AntiSpyware
        .text,.rdata,.data,.rsrc,.reloc,


    01250000[0008C000]
      [ M] 105. e:\ǿ\psysinfo.dll
        Beijing Rising Information Technology Co., Ltd.
        Rising AntiSpyware
        .text,.rdata,.data,.rsrc,.reloc,


    23900000[00040000]
      [ M] 87. e:\ǿ\pngdll.dll
        Beijing Rising Information Technology Co., Ltd.
        Rising .Png File Loader Dynamic Link Library
        .text,.rdata,.data,.rsrc,.reloc,


    01530000[0014F000]
      [ M] 68. c:\windows\system32\sogoupy.ime
        Sogou.com Inc.
        ѹƴ뷨
        UPX0,UPX1,.rsrc,


    71800000[0007C000]
      [ M] 75. c:\windows\system32\shdoclc.dll
        Microsoft Corporation
        Shell Doc Object and Control Library
        .rsrc,.reloc,


    30000000[003AF000]
      [ M] 76. c:\windows\system32\macromed\flash\flash9f.ocx
        Adobe Systems, Inc.
        Adobe Flash Player 9.0  r124
        .text,.rdata,.data,.rodata,.rsrc,.reloc,


    72C80000[00008000]
      [ M] 77. c:\windows\system32\msacm32.drv
        Microsoft Corporation
        Microsoft Sound Mapper
        .text,.data,.rsrc,.reloc,



  + 00000af8(2808) knownsvr.exe
    00400000[00072000]
      [ M] 106. e:\ǿ\knownsvr.exe
        Beijing Rising Information Technology Co., Ltd.
        Rising AntiSpyware
        .text,.rdata,.data,.rsrc,


    10000000[0002F000]
      [ M] 89. e:\ǿ\ncomm.dll
        Beijing Rising Information Technology Co., Ltd.
        Rising AntiSpyware
        .text,.rdata,.data,.rsrc,.reloc,


    60000000[00074000]
      [AM] 55. c:\windows\system32\kmon.dll
        Beijing Rising Information Technology Co., Ltd.
        KaKa Monitors
        .text,.rdata,.data,.rsrc,.reloc,


    009A0000[0002E000]
      [ M] 66. e:\ǿ\comx3.dll
        Beijing Rising Information Technology Co., Ltd.
        comx3 Dynamic Link Library
        .text,.rdata,.data,.rsrc,.reloc,


    009D0000[00019000]
      [ M] 67. e:\ǿ\syslay.dll
        Beijing Rising Information Technology Co., Ltd.
        Syslay
        .text,.rdata,.data,.rsrc,.reloc,


    5ADC0000[00037000]
      [ M] 57. c:\windows\system32\uxtheme.dll
        Microsoft Corporation
        Microsoft UxTheme Library
        .text,.data,.rsrc,.reloc,




