[CODE] 2008-11-29,15:22:56 System Repair Engineer 2.6.11.992 Smallfrogs (http://www.KZTechs.com) Windows XP Professional Service Pack 3 (Build 2600) - 管理权限用户 - 完整功能以下内容被选中：所有的启动项目（包括注册表、启动文件夹、服务等）浏览器加载项正在运行的进程（包括进程模块信息）文件关联 Winsock 提供者 Autorun.inf HOSTS 文件进程特权扫描启动项目注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] [(Verified)Microsoft Windows Component Publisher] [(Verified)Google Inc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Windows Component Publisher] [(Verified)Microsoft Windows Component Publisher] [(Verified)Microsoft Windows Component Publisher] <"C:\Program Files\Atheros\ACU.exe" -nogui> [Atheros Communications, Inc.] <%systemroot%\system32\dumprep 0 -k> [File is missing] <"D:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"> [Adobe Systems Inc.] <"D:\Program Files\Rising\Rav\RavTask.exe" -system> [(Verified)Beijing Rising Information Technology Corporation Limited] <"C:\Program Files\Rising\AntiSpyware\rstray.exe" /startup> [(Verified)Beijing Rising Information Technology Corporation Limited] <"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [(Verified)"RealNetworks, Inc."] <"d:\Program Files\Rising\Rfw\rfwmain.exe" -Startup> [(Verified)Beijing Rising Information Technology Corporation Limited] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] [(Verified)Beijing Rising Information Technology Corporation Limited] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [(Verified)Microsoft Windows Component Publisher] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] [(Verified)Beijing Rising Information Technology Corporation Limited] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{AEB6717E-7E19-11d0-97EE-00C04FD91972}> [(Verified)Microsoft Windows Component Publisher] <{32CD708B-60A7-4C00-9377-D73EAA495F0F}> [(Verified)Beijing Rising Information Technology Corporation Limited] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] <%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher] <%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher] <%SystemRoot%\system32\webcheck.dll> [(Verified)Microsoft Windows Component Publisher] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy] <%SystemRoot%\System32\dimsntfy.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher] <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] <%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] <浏览器自定义组件> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] <%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] <%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] <"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] <%SystemRoot%\system32\ie4uinit.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] [Microsoft Corporation] [HKEY_CURRENT_USER\Control Panel\Desktop] [北京首都在线网络技术有限公司] ================================== 启动文件夹 [服务管理器] C:\PROGRA~1\MICROS~4\80\Tools\Binn\sqlmangr.exe [Microsoft Corporation]> [Adobe Acrobat Speed Launcher] C:\WINDOWS\Installer\{AC76BA86-2052-0000-7760-100000000002}\SC_Acrobat.exe [N/A]> [AutoCAD 启动加速器] C:\PROGRA~1\COMMON~1\AUTODE~1\ACSTAR~1.EXE [Autodesk, Inc]> [Coopen播放器] C:\PROGRA~1\Coopen\Coopen.exe [北京首都在线网络技术有限公司]> [启动飞速土豆] C:\PROGRA~1\Tudou\飞速TU~1\TudouVa.exe [土豆网]> ================================== 服务 [Atheros 配置服务 / ACS][Running/Auto Start] [Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start] [Autodesk Licensing Service / Autodesk Licensing Service][Stopped/Manual Start] <"C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"> [Google Updater Service / gusvc][Stopped/Manual Start] <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"> [Human Interface Device Access / HidServ][Stopped/Disabled] %SystemRoot%\System32\hidserv.dll> [MSSQLSERVER / MSSQLSERVER][Running/Auto Start] [MSSQLServerADHelper / MSSQLServerADHelper][Stopped/Manual Start] [Network Location Awareness (NLA) / Nla][Running/Manual Start] %SystemRoot%\System32\mswsock.dll> [Rising Proxy Service / RfwProxySrv][Running/Auto Start] [Rising Personal Firewall Service / RfwService][Running/Auto Start] [Rising Process Communication Center / RsCCenter][Running/Auto Start] <"D:\Program Files\Rising\Rav\CCenter.exe"> [Rising RealTime Monitor / RsRavMon][Stopped/Auto Start] <"D:\PROGRAM FILES\RISING\RAV\Ravmond.exe"> [SQLSERVERAGENT / SQLSERVERAGENT][Stopped/Manual Start] ================================== 驱动程序 [Atheros Wireless Network Adapter Service / AR5211][Running/Manual Start] [ati2mtag / ati2mtag][Running/Manual Start] [Creative AudioPCI (ES1371,ES1373) (WDM) / es1371][Stopped/Manual Start] [Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start] [HookCont / HookCont][Running/System Start] <\SystemRoot\system32\drivers\HookCont.sys> [HookNtos / HookNtos][Running/System Start] <\SystemRoot\system32\drivers\HookNtos.sys> [HookReg / HookReg][Running/System Start] <\SystemRoot\system32\drivers\HookReg.sys> [HookSys / HookSys][Running/System Start] <\SystemRoot\system32\drivers\HookSys.sys> [HookUrl / HookUrl][Running/Auto Start] <\??\d:\Program Files\Rising\Rfw\HookUrl.sys> [Intel AHCI Controller / iaStor][Running/Boot Start] <\SystemRoot\system32\DRIVERS\iaStor.sys> [Intel AHCI Controller 7 / iaStor7][Running/Boot Start] <\SystemRoot\system32\drivers\iastor7.sys> [Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start] [ATK0100 ACPI UTILITY / MTsensor][Running/Manual Start] [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start] <\SystemRoot\system32\DRIVERS\nvrd32.sys> [AMD PCNET Compatable Adapter Driver / PCnet][Stopped/Manual Start] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [Rising Rfwbase Driver / RfwBase][Running/Auto Start] [RsFwDrv / RsFwDrv][Running/System Start] <\??\d:\Program Files\Rising\Rfw\RsFwDrv.sys> [RsNTGDI / RsNTGDI][Running/Boot Start] <\SystemRoot\system32\Drivers\RsNTGdi.sys> [Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver / RTLE8023xp][Running/Manual Start] [Secdrv / Secdrv][Stopped/Manual Start] [SATALink driver accelerator / SiFilter][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\SiWinAcc.sys> [SMC IrCC Miniport Device Driver / SMCIRDA][Running/Manual Start] [TCP/IP Protocol Driver / Tcpip][Running/System Start] [viamraid / viamraid][Stopped/Boot Start] <\SystemRoot\system32\DRIVERS\viamraid.sys> [wsimd Service / WSIMD][Running/Manual Start] ================================== 浏览器加载项 [ThunderAtOnce Class] {01443AEC-0FD1-40fd-9C87-E93D1494C233} [AcroIEHlprObj Class] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [卡卡上网安全助手] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [Google Toolbar Helper] {AA58ED58-01DD-4d91-8333-CF10577473F7} [AcroIEToolbarHelper Class] {AE7CD045-E861-484f-8273-0445EE161910} [PPLive] {95B3F550-91C4-4627-BCC4-521288C52977} [] {e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, N/A> [Adobe PDF] {47833539-D0C5-4125-9FA8-0819E2EAAC93} [&Google] {2318C2B1-4965-11d4-9B18-009027A5CD4F} [EditCtrl Class] {488A4255-3236-44B3-8F27-FA1AECAA8844} [ThunderAtOnce Class] {01443AEC-0FD1-40FD-9C87-E93D1494C233} [AcroIEHlprObj Class] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [&Google] {2318C2B1-4965-11D4-9B18-009027A5CD4F} [Adobe PDF] {47833539-D0C5-4125-9FA8-0819E2EAAC93} [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [卡卡上网安全助手] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [Google Toolbar Helper] {AA58ED58-01DD-4D91-8333-CF10577473F7} [AcroIEToolbarHelper Class] {AE7CD045-E861-484F-8273-0445EE161910} [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [使用迅雷下载] [使用迅雷下载全部链接] [导出到 Microsoft Office Excel(&X)] [添加到QQ表情] [转换为 Adobe PDF] [转换为现有 PDF] [转换选定的链接为 Adobe PDF] [转换选定的链接为现有 PDF] [转换选项为 Adobe PDF] [转换选项为现有 PDF] [转换链接目标为 Adobe PDF] [转换链接目标为现有 PDF] ================================== 正在运行的进程 [PID: 888 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 964 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\CSRSRV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\basesrv.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\winsrv.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\KERNEL32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\sxs.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [d:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [C:\WINDOWS\system32\imm32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [d:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\WINDOWS\system32\Apphelp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [PID: 1000 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\AUTHZ.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\NDdeApi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\PROFMAP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_gdr.081015-1312)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\PSAPI.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\REGAPI.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\SETUPAPI.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WINSTA.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MSGINA.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\COMCTL32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [C:\WINDOWS\system32\ODBC32.dll] [Microsoft Corporation, 3.525.1132.0 (xpsp.080413-0852)] [C:\WINDOWS\system32\comdlg32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\odbcint.dll] [Microsoft Corporation, 3.525.1117.0 built by: (_sqlbld)] [C:\WINDOWS\system32\SHSVCS.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\sfc.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Apphelp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WINSCARD.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\WTSAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\Ati2evxx.dll] [ATI Technologies Inc., 6.14.10.4163] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\rsaenh.dll] [Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711)] [C:\WINDOWS\system32\cscdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\System32\dimsntfy.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\WlNotify.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MPR.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WINSPOOL.DRV] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\msv1_0.dll] [Microsoft Corporation, 5.1.2600.5594 (xpsp_sp3_qfe.080503-1404)] [C:\WINDOWS\system32\iphlpapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [d:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [d:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\WINDOWS\system32\wldap32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.5.0.0] [C:\WINDOWS\system32\MSIMG32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\RASAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\rasman.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\TAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\rtutils.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\cscui.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\NTMARTA.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\MSACM32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\midimap.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\wbem\wbemprox.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\wbem\wbemcomn.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\wbem\wbemsvc.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\wbem\fastprox.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\MSVCP60.dll] [Microsoft Corporation, 6.02.3104.0] [C:\WINDOWS\system32\NTDSAPI.dll] [Microsoft Corporation, 5.1.2600.5582 (xpsp_sp3_qfe.080416-1432)] [C:\WINDOWS\system32\DNSAPI.dll] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] [PID: 1044 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\NCObjAPI.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\MSVCP60.dll] [Microsoft Corporation, 6.02.3104.0] [C:\WINDOWS\system32\SCESRV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\AUTHZ.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\umpnpmgr.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\WINSTA.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_gdr.081015-1312)] [C:\WINDOWS\system32\ShimEng.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\AppPatch\AcAdProc.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\Apphelp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\eventlog.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\PSAPI.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\wtsapi32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [d:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [d:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [PID: 1056 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\LSASRV.dll] [Microsoft Corporation, 5.1.2600.5582 (xpsp_sp3_qfe.080416-1432)] [C:\WINDOWS\system32\MPR.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_gdr.081015-1312)] [C:\WINDOWS\system32\NTDSAPI.dll] [Microsoft Corporation, 5.1.2600.5582 (xpsp_sp3_qfe.080416-1432)] [C:\WINDOWS\system32\DNSAPI.dll] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] [C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\SAMSRV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\cryptdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\ShimEng.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\AppPatch\AcGenral.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\MSACM32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [C:\WINDOWS\system32\msprivs.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\kerberos.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\msv1_0.dll] [Microsoft Corporation, 5.1.2600.5594 (xpsp_sp3_qfe.080503-1404)] [C:\WINDOWS\system32\iphlpapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\netlogon.dll] [Microsoft Corporation, 5.1.2600.5582 (xpsp_sp3_qfe.080416-1432)] [C:\WINDOWS\system32\w32time.dll] [Microsoft Corporation, 5.1.2600.5582 (xpsp_sp3_qfe.080416-1432)] [C:\WINDOWS\system32\MSVCP60.dll] [Microsoft Corporation, 6.02.3104.0] [C:\WINDOWS\system32\schannel.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\wdigest.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\rsaenh.dll] [Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711)] [C:\WINDOWS\system32\setupapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\scecli.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [d:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [d:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\WINDOWS\system32\ipsecsvc.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\AUTHZ.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\oakley.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WINIPSEC.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\pstorsvc.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\mswsock.dll] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] [C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\psbase.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\dssenh.dll] [Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711)] [PID: 1208 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc., 6.14.10.4173] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\PSAPI.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SETUPAPI.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\wtsapi32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\WINSTA.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_gdr.081015-1312)] [C:\WINDOWS\system32\powrprof.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\cfgMgr32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msv1_0.dll] [Microsoft Corporation, 5.1.2600.5594 (xpsp_sp3_qfe.080503-1404)] [C:\WINDOWS\system32\iphlpapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\Ati2edxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2512] [C:\WINDOWS\system32\atipdlxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2521] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [d:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [d:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [PID: 1224 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\ShimEng.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\AppPatch\AcGenral.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\MSACM32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [C:\WINDOWS\system32\NTMARTA.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [c:\windows\system32\rpcss.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [c:\windows\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [c:\windows\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [c:\windows\system32\termsrv.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [c:\windows\system32\ICAAPI.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [c:\windows\system32\SETUPAPI.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [c:\windows\system32\AUTHZ.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [c:\windows\system32\mstlsapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [c:\windows\system32\ACTIVEDS.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [c:\windows\system32\adsldpc.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_gdr.081015-1312)] [c:\windows\system32\ATL.DLL] [Microsoft Corporation, 3.05.2284] [C:\WINDOWS\system32\REGAPI.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\rsaenh.dll] [Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711)] [C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.700] [d:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [d:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\WINDOWS\system32\Apphelp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WTSAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\WINSTA.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\msv1_0.dll] [Microsoft Corporation, 5.1.2600.5594 (xpsp_sp3_qfe.080503-1404)] [C:\WINDOWS\system32\iphlpapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\msi.dll] [Microsoft Corporation, 3.1.4001.5512] [PID: 1288 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\ShimEng.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\AppPatch\AcGenral.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\MSACM32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [c:\windows\system32\rpcss.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [c:\windows\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [c:\windows\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\rsaenh.dll] [Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711)] [C:\WINDOWS\system32\mswsock.dll] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] [C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\DNSAPI.dll] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] [C:\WINDOWS\system32\iphlpapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\winrnr.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\rasadhlp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.700] [d:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [d:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\WINDOWS\system32\msi.dll] [Microsoft Corporation, 3.1.4001.5512] [PID: 1328 / SYSTEM][D:\Program Files\Rising\Rav\CCenter.exe] [Beijing Rising Information Technology Co., Ltd., 20.0.0.33] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [d:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [d:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 1344 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\System32\ShimEng.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\AppPatch\AcGenral.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\System32\WINMM.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\System32\MSACM32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\System32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\System32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [C:\WINDOWS\System32\NTMARTA.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\System32\SAMLIB.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\System32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [c:\windows\system32\shsvcs.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\System32\WINSTA.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_gdr.081015-1312)] [c:\windows\system32\dhcpcsvc.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [c:\windows\system32\DNSAPI.dll] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] [c:\windows\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [c:\windows\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [c:\windows\system32\iphlpapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [c:\windows\system32\wzcsvc.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [c:\windows\system32\rtutils.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [c:\windows\system32\WMI.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [c:\windows\system32\EapolQec.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [c:\windows\system32\ATL.DLL] [Microsoft Corporation, 3.05.2284] [c:\windows\system32\QUtil.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [c:\windows\system32\MSVCP60.dll] [Microsoft Corporation, 6.02.3104.0] [c:\windows\system32\dot3api.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [c:\windows\system32\WTSAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [c:\windows\system32\ESENT.dll] [Microsoft Corporation, 5.1.2468.0 (Lab03_N(jliem).010306-1456)] [c:\windows\system32\irmon.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\msv1_0.dll] [Microsoft Corporation, 5.1.2600.5594 (xpsp_sp3_qfe.080503-1404)] [C:\WINDOWS\system32\mswsock.dll] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] [C:\WINDOWS\System32\hnetcfg.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\wshirda.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\System32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\System32\rsaenh.dll] [Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711)] [C:\WINDOWS\System32\rastls.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\CRYPTUI.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] [C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\System32\MPRAPI.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\ACTIVEDS.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\System32\adsldpc.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\System32\SETUPAPI.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\System32\RASAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\rasman.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\TAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\SCHANNEL.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\System32\WinSCard.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\System32\PSAPI.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\System32\WZCSAPI.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [d:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [d:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\WINDOWS\System32\raschap.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [c:\windows\system32\schedsvc.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [c:\windows\system32\NTDSAPI.dll] [Microsoft Corporation, 5.1.2600.5582 (xpsp_sp3_qfe.080416-1432)] [C:\WINDOWS\System32\MSIDLE.DLL] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [c:\windows\system32\audiosrv.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [c:\windows\system32\wkssvc.dll] [Microsoft Corporation, 5.1.2600.5582 (xpsp_sp3_qfe.080416-1432)] [c:\windows\system32\qmgr.dll] [Microsoft Corporation, 6.7.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\MPR.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [c:\windows\system32\SHFOLDER.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [c:\windows\system32\WINHTTP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [c:\windows\system32\cryptsvc.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [c:\windows\system32\certcli.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [c:\windows\system32\dmserver.dll] [Microsoft Corp., 2600.5512.503.0] [c:\windows\system32\es.dll] [Microsoft Corporation, 2001.12.4414.706] [c:\windows\system32\srvsvc.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\netman.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\netshell.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\credui.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\System32\dot3dlg.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\OneX.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\eappcfg.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\eappprxy.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [c:\windows\system32\seclogon.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [c:\windows\system32\sens.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [c:\windows\system32\srsvc.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [c:\windows\system32\POWRPROF.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [c:\windows\system32\trkwks.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [c:\windows\system32\w32time.dll] [Microsoft Corporation, 5.1.2600.5582 (xpsp_sp3_qfe.080416-1432)] [c:\windows\system32\wbem\wmisvc.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\VSSAPI.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [c:\windows\system32\wuauserv.dll] [Microsoft Corporation, 5.4.3790.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\wuaueng.dll] [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)] [C:\WINDOWS\System32\WINSPOOL.DRV] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\Cabinet.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\System32\mspatcha.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [c:\windows\system32\browser.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [c:\windows\system32\ipnathlp.dll] [Microsoft Corporation, 5.1.2600.5584 (xpsp_sp3_qfe.080421-1413)] [c:\windows\system32\AUTHZ.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\System32\SXS.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\System32\sfc.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\System32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\comsvcs.dll] [Microsoft Corporation, 2001.12.4414.702] [C:\WINDOWS\system32\colbact.DLL] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\MTXCLU.DLL] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\WSOCK32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\CLUSAPI.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\System32\RESUTILS.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\System32\Wbem\wbemcore.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\System32\Wbem\esscli.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\System32\Wbem\wbemcomn.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\System32\Wbem\FastProx.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\wbem\wmiutils.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\wbem\repdrvfs.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\System32\rasadhlp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\wbem\wmiprvsd.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\NCObjAPI.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\wbem\wbemess.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\netcfgx.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\rasmans.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\WINIPSEC.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [c:\windows\system32\tapisrv.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\rastapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\unimdm.tsp] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\uniplat.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\kmddsp.tsp] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\ndptsp.tsp] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\h323.tsp] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\hidphone.tsp] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\HID.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\System32\rasppp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\ntlsapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\kerberos.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\System32\cryptdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\System32\RASQEC.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\Apphelp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\wups2.dll] [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)] [C:\WINDOWS\system32\wbem\ncprov.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\upnp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\SSDPAPI.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\msi.dll] [Microsoft Corporation, 3.1.4001.5512] [C:\WINDOWS\System32\RASDLG.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\mlang.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\System32\xmlprovi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\wbem\wbemsvc.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\wups.dll] [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)] [PID: 1432 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\ShimEng.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\AppPatch\AcGenral.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\MSACM32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [c:\windows\system32\dnsrslvr.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [c:\windows\system32\DNSAPI.dll] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] [c:\windows\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [c:\windows\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [c:\windows\system32\iphlpapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [d:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [d:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\WINDOWS\system32\rsaenh.dll] [Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711)] [C:\WINDOWS\system32\mswsock.dll] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] [C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [PID: 1456 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc., 6.14.10.4173] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\PSAPI.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SETUPAPI.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\wtsapi32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\WINSTA.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_gdr.081015-1312)] [C:\WINDOWS\system32\powrprof.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\cfgMgr32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\msv1_0.dll] [Microsoft Corporation, 5.1.2600.5594 (xpsp_sp3_qfe.080503-1404)] [C:\WINDOWS\system32\iphlpapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\Ati2edxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2512] [C:\WINDOWS\system32\atipdlxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2521] [C:\WINDOWS\system32\ati2evxx.dll] [ATI Technologies Inc., 6.14.10.4163] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [d:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [d:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\WINDOWS\system32\rsaenh.dll] [Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711)] [PID: 1560 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\ShimEng.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\AppPatch\AcGenral.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\MSACM32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [C:\WINDOWS\system32\NTMARTA.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [c:\windows\system32\lmhsvc.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [c:\windows\system32\iphlpapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [c:\windows\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [c:\windows\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [d:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [d:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [c:\windows\system32\ssdpsrv.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\mswsock.dll] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] [C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [PID: 1636 / SYSTEM][D:\PROGRAM FILES\RISING\RAV\ravmond.exe] [Beijing Rising Information Technology Co., Ltd., 20.0.0.80] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [D:\PROGRAM FILES\RISING\RAV\BWList.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.5] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\WSOCK32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MFC71CHS.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [D:\PROGRAM FILES\RISING\RAV\RSAPPMGR.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.1] [D:\PROGRAM FILES\RISING\RAV\CfgDll.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.19] [D:\PROGRAM FILES\RISING\RAV\RsLog.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.36] [D:\PROGRAM FILES\RISING\RAV\ProcCom.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [D:\PROGRAM FILES\RISING\RAV\RsCommX2.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [D:\PROGRAM FILES\RISING\RAV\MonRule.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.29] [D:\PROGRAM FILES\RISING\RAV\Hooksys.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 12] [D:\PROGRAM FILES\RISING\RAV\HookReg.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] [D:\PROGRAM FILES\RISING\RAV\HookNtos.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] [D:\PROGRAM FILES\RISING\RAV\rswalmon.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 24] [D:\PROGRAM FILES\RISING\RAV\recomp.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 41] [D:\PROGRAM FILES\RISING\RAV\refs.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18] [D:\PROGRAM FILES\RISING\RAV\ffr.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17] [C:\WINDOWS\system32\sfc.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [D:\Program Files\Rising\Rav\RsStore.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.9] [D:\PROGRAM FILES\RISING\RAV\HookCont.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] [D:\Program Files\Rising\Rav\fakescan.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.14] [D:\Program Files\Rising\Rav\Scanner.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.39] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [D:\PROGRAM FILES\RISING\RAV\viruslib.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27] [D:\PROGRAM FILES\RISING\RAV\relibldr.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17] [C:\WINDOWS\system32\mswsock.dll] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] [C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [D:\PROGRAM FILES\RISING\RAV\HookWeb.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.3] [C:\WINDOWS\system32\Wtsapi32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\WINSTA.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_gdr.081015-1312)] [D:\PROGRAM FILES\RISING\RAV\extfile.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 32] [D:\PROGRAM FILES\RISING\RAV\pearc.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 8] [C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [D:\PROGRAM FILES\RISING\RAV\nvfile.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7] [D:\PROGRAM FILES\RISING\RAV\scanexec.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 22] [D:\PROGRAM FILES\RISING\RAV\unexe.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 6] [D:\PROGRAM FILES\RISING\RAV\scanex.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 99] [d:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [d:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [D:\PROGRAM FILES\RISING\RAV\extmail.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10] [D:\PROGRAM FILES\RISING\RAV\scansct.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11] [D:\PROGRAM FILES\RISING\RAV\scanpack.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10] [D:\PROGRAM FILES\RISING\RAV\revm.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11] [D:\PROGRAM FILES\RISING\RAV\urutils.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7] [D:\PROGRAM FILES\RISING\RAV\ur000.dat] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 22] [D:\PROGRAM FILES\RISING\RAV\scriptci.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 4] [D:\PROGRAM FILES\RISING\RAV\ur001.dat] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5] [D:\PROGRAM FILES\RISING\RAV\extole.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 13] [D:\PROGRAM FILES\RISING\RAV\ur023.dat] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 3] [D:\PROGRAM FILES\RISING\RAV\uroutine.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27] [PID: 1668 / SYSTEM][d:\Program Files\Rising\Rfw\rfwsrv.exe] [Beijing Rising Information Technology Co., Ltd., 7.0.0.77] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\WINDOWS\system32\MFC71CHS.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] [d:\Program Files\Rising\Rfw\ProcCom.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [d:\Program Files\Rising\Rfw\RsCommX2.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [d:\Program Files\Rising\Rfw\RSAPPMGR.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.1] [d:\Program Files\Rising\Rfw\CfgDll.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.19] [d:\Program Files\Rising\Rfw\RfwRule.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.17] [d:\Program Files\Rising\Rfw\rfwlog.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.16] [d:\Program Files\Rising\Rfw\Rfwdrv.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.50] [C:\WINDOWS\system32\psapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [d:\Program Files\Rising\Rfw\ijt_ctrl.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.0] [d:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [d:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [d:\Program Files\Rising\Rfw\unvdet.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.8] [C:\WINDOWS\system32\sfc.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\netapi32.dll] [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_gdr.081015-1312)] [C:\WINDOWS\system32\Iphlpapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [d:\Program Files\Rising\Rfw\mPorts.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.6] [C:\WINDOWS\system32\perfproc.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [PID: 1860 / SYSTEM][d:\Program Files\Rising\Rfw\rfwProxy.exe] [Beijing Rising Information Technology Co., Ltd., 7.0.0.37] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MFC71CHS.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\psapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [d:\Program Files\Rising\Rfw\ProcCom.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [d:\Program Files\Rising\Rfw\RsCommX2.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [d:\Program Files\Rising\Rfw\RfwRule.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.17] [d:\Program Files\Rising\Rfw\urlrule.dll] [Beijing Rising Information Technology Co., Ltd., 1.0.0.15] [C:\WINDOWS\system32\mswsock.dll] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] [C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [d:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [d:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\WINDOWS\system32\version.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [d:\Program Files\Rising\Rfw\MonMid.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.6] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\perfproc.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 2012 / SYSTEM][D:\PROGRAM FILES\RISING\RAV\RavStub.exe] [Beijing Rising Information Technology Co., Ltd., 20.0.0.10] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_gdr.081015-1312)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\COMCTL32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [D:\PROGRAM FILES\RISING\RAV\ProcCom.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [D:\PROGRAM FILES\RISING\RAV\RsCommX2.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [D:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [d:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [d:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [PID: 452 / SYSTEM][d:\Program Files\Rising\Rfw\rfwstub.exe] [Beijing Rising Information Technology Co., Ltd., 7.0.0.12] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [d:\Program Files\Rising\Rfw\RSCOMMON.DLL] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [d:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [d:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [PID: 680 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ShimEng.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\AppPatch\AcGenral.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\MSACM32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [d:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [d:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\WINDOWS\system32\SPOOLSS.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\DNSAPI.dll] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] [C:\WINDOWS\system32\rasadhlp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\localspl.dll] [Microsoft Corporation, 5.1.2600.5582 (xpsp_sp3_qfe.080416-1432)] [C:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\winspool.drv] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\netapi32.dll] [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_gdr.081015-1312)] [C:\WINDOWS\system32\AdobePDF.dll] [Adobe Systems Incorporated., 7.0.0.00] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [D:\Program Files\Adobe\Acrobat 7.0\Distillr\AdistRes.CHS] [, ] [C:\WINDOWS\system32\cnbjmon.dll] [Microsoft Corporation, 5.1.2600.2082 (xpsp(skatari).040213-0952)] [C:\WINDOWS\system32\mswsock.dll] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2] [C:\WINDOWS\system32\msi.dll] [Microsoft Corporation, 3.1.4001.5512] [C:\WINDOWS\system32\pjlmon.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\tcpmon.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\usbmon.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\virport.dll] [N/A, ] [C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\wshirda.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2] [C:\WINDOWS\System32\winrnr.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\win32spl.dll] [Microsoft Corporation, 5.1.2600.5664 (xpsp_sp3_gdr.080827-1248)] [C:\WINDOWS\system32\NETRAP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\NTDSAPI.dll] [Microsoft Corporation, 5.1.2600.5582 (xpsp_sp3_qfe.080416-1432)] [C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\inetpp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\comdlg32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 716 / SYSTEM][C:\WINDOWS\system32\acs.exe] [Atheros, 5.2.0.134] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\athcfg20U.dll] [Atheros, 5.2.0.134] [C:\WINDOWS\system32\CFGMGR32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\setupapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\iphlpapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_gdr.081015-1312)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MFC42u.DLL] [Microsoft Corporation, 6.02.8071.0] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\athcfg20ResU.dll] [Atheros Communications, Inc., 5.2.0.134] [C:\WINDOWS\system32\PSAPI.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\pdh.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\comdlg32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ODBC32.dll] [Microsoft Corporation, 3.525.1132.0 (xpsp.080413-0852)] [C:\WINDOWS\system32\odbcbcp.dll] [Microsoft Corporation, 2000.085.3006.00 (xpsp_sp3_gdr.080821-1454)] [C:\WINDOWS\system32\MSVCP60.dll] [Microsoft Corporation, 6.02.3104.0] [C:\WINDOWS\system32\MSVCIRT.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\WINDOWS\system32\MFC42LOC.DLL] [Microsoft Corporation, 6.00.8665.0] [C:\WINDOWS\system32\odbcint.dll] [Microsoft Corporation, 3.525.1117.0 built by: (_sqlbld)] [C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\athcfg11resloc.dll] [Atheros Communications, Inc., 5.2.0.134] [C:\WINDOWS\system32\wsfwDS.dll] [Atheros Communications, Inc., 5.2.0.134] [C:\WINDOWS\system32\wsimd.dll] [Atheros Communications, Inc., 5.2.0.134] [C:\WINDOWS\system32\WINSPOOL.DRV] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\DSA.dll] [Devicescape, 1, 634, 9, 11] [C:\WINDOWS\system32\WinSCard.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\WTSAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\WINSTA.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\rsaenh.dll] [Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711)] [C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\mswsock.dll] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] [C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [d:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [d:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [PID: 784 / SYSTEM][f:\PROGRA~1\MICROS~1\MSSQL\binn\sqlservr.exe] [Microsoft Corporation, 2000.080.2039.00] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [f:\PROGRA~1\MICROS~1\MSSQL\binn\opends60.dll] [Microsoft Corporation, 2000.080.2039.00] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [f:\PROGRA~1\MICROS~1\MSSQL\binn\sqlsort.dll] [Microsoft Corporation, 2000.080.2039.00] [f:\PROGRA~1\MICROS~1\MSSQL\binn\ums.dll] [Microsoft Corporation, 2000.080.2039.00] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [f:\PROGRA~1\MICROS~1\MSSQL\binn\Resources\2052\sqlevn70.RLL] [Microsoft Corporation, 2000.080.2039.00] [C:\WINDOWS\system32\NETAPI32.DLL] [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_gdr.081015-1312)] [C:\WINDOWS\system32\AUTHZ.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [f:\Program Files\Microsoft SQL Server\MSSQL\binn\SSNETLIB.dll] [Microsoft Corporation, 2000.080.2039.00] [C:\WINDOWS\system32\WSOCK32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\NTMARTA.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\security.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\System32\mswsock.dll] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] [C:\WINDOWS\system32\DNSAPI.dll] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] [C:\WINDOWS\System32\winrnr.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\rasadhlp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [f:\PROGRA~1\MICROS~1\MSSQL\binn\SSmsLPCn.dll] [Microsoft Corporation, 2000.080.2039.00] [f:\PROGRA~1\MICROS~1\MSSQL\binn\SSnmPN70.dll] [Microsoft Corporation, 2000.080.2039.00] [C:\WINDOWS\system32\ntdsapi.dll] [Microsoft Corporation, 5.1.2600.5582 (xpsp_sp3_qfe.080416-1432)] [d:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [d:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [PID: 880 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\ShimEng.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\AppPatch\AcGenral.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\MSACM32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [c:\windows\system32\wiaservc.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [c:\windows\system32\CFGMGR32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [c:\windows\system32\setupapi.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [c:\windows\system32\mscms.dll] [Microsoft Corporation, 5.1.2600.5627 (xpsp_sp3_gdr.080624-1245)] [c:\windows\system32\WINSPOOL.DRV] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [c:\windows\system32\WINSTA.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_gdr.081015-1312)] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\wiavusd.dll] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)] [C:\WINDOWS\system32\SHFOLDER.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\actxprxy.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2113)] [d:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [d:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\WINDOWS\system32\sti.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [PID: 2256 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\System32\ATL.DLL] [Microsoft Corporation, 3.05.2284] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\System32\WSOCK32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\MSWSOCK.DLL] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] [C:\WINDOWS\System32\ShimEng.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\AppPatch\AcGenral.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\System32\WINMM.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\System32\MSACM32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\System32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\System32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\System32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] [C:\WINDOWS\System32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\System32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\System32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [d:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [d:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [PID: 3308 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\BROWSEUI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\SHDOCVW.dll] [Microsoft Corporation, 6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\CRYPTUI.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_gdr.081015-1312)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] [C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ShimEng.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\AppPatch\AcGenral.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\MSACM32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.5.0.0] [C:\WINDOWS\system32\MSIMG32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\NTMARTA.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\Program Files\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.5.0.0] [C:\WINDOWS\system32\appHelp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\AcSignIcon.dll] [Autodesk, 17.0.54.0] [C:\WINDOWS\system32\WINSPOOL.DRV] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\cscui.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\System32\CSCDLL.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\themeui.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.18] [C:\Program Files\FreeLaunchBar\flb.dll] [TrueSoft, 1.0.0.0] [C:\WINDOWS\system32\msxml3.dll] [Microsoft Corporation, 8.90.1101.0] [C:\WINDOWS\system32\msutb.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MSCTF.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LINKINFO.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ntshrui.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ATL.DLL] [Microsoft Corporation, 3.05.2284] [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll] [Autodesk, 17.0.54.110] [C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [D:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 7.0.0.0] [D:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.CHS] [Adobe Systems, Inc., 7.0.0.0] [C:\WINDOWS\system32\msi.dll] [Microsoft Corporation, 3.1.4001.5512] [C:\WINDOWS\system32\SETUPAPI.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [d:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [d:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\WINDOWS\system32\WINSTA.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\webcheck.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WSOCK32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\stobject.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\BatMeter.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\POWRPROF.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WTSAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\midimap.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\NETSHELL.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\credui.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\dot3api.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\rtutils.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\dot3dlg.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\OneX.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\eappcfg.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\MSVCP60.dll] [Microsoft Corporation, 6.02.3104.0] [C:\WINDOWS\system32\eappprxy.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\iphlpapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\rsaenh.dll] [Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711)] [C:\WINDOWS\system32\WZCSAPI.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\printui.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\ACTIVEDS.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\adsldpc.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\CFGMGR32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\MPR.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\Program Files\WinRAR\rarext.dll] [N/A, ] [D:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17] [C:\Program Files\Common Files\Autodesk shared\dwf common\DWFShellExtension.dll] [Autodesk, Inc., 1.1.0.278] [C:\Program Files\Common Files\Autodesk shared\dwf common\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Common Files\Autodesk shared\dwf common\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [D:\Program Files\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll] [Adobe Systems Inc., 7.0.0.2004121400\0] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MFC71CHS.DLL] [Microsoft Corporation, 7.10.3077.0] [D:\Program Files\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.chs] [Adobe Systems Inc., 7.0.0.2004121400\0] [C:\WINDOWS\system32\browselc.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.5.29] [D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 7.0.0.2004121400] [C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 96] [C:\WINDOWS\system32\OLEACC.dll] [Microsoft Corporation, 4.2.5406.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\SXS.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\System32\drprov.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\System32\ntlanman.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\System32\NETUI0.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\System32\NETUI1.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\System32\NETRAP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\System32\davclnt.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\DUSER.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MSGINA.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\ODBC32.dll] [Microsoft Corporation, 3.525.1132.0 (xpsp.080413-0852)] [C:\WINDOWS\system32\comdlg32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\odbcint.dll] [Microsoft Corporation, 3.525.1117.0 built by: (_sqlbld)] [C:\WINDOWS\system32\sti.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\MLANG.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\mydocs.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\sendmail.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\shgina.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\Audiodev.dll] [Microsoft Corporation, 5.2.3802.3802 built by: dnsrv(bld4act)] [C:\WINDOWS\system32\WMVCore.DLL] [Microsoft Corporation, 10.00.00.4054 built by: dnsrv(bld4act)] [C:\WINDOWS\system32\WMASF.DLL] [Microsoft Corporation, 10.00.00.4060 built by: Microsoft] [C:\WINDOWS\system32\wiashext.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\actxprxy.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2113)] [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510] [C:\WINDOWS\system32\shimgvw.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\xpsp1res.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950] [C:\WINDOWS\system32\winabc.ime] [Microsoft Corporation, 5.1.2600.5512] [PID: 3504 / Administrator][d:\Program Files\Rising\Rfw\RfwMain.exe] [Beijing Rising Information Technology Co., Ltd., 7.0.1.70] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [d:\Program Files\Rising\Rfw\RsGuiLib.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MFC71CHS.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [d:\Program Files\Rising\Rfw\ProcCom.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [d:\Program Files\Rising\Rfw\RsCommX2.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [d:\Program Files\Rising\Rfw\RSAPPMGR.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.1] [d:\Program Files\Rising\Rfw\CfgDll.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.19] [d:\Program Files\Rising\Rfw\RSCOMMON.DLL] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17] [d:\Program Files\Rising\Rfw\RfwCtrl.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [d:\Program Files\Rising\Rfw\RsXML.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2] [d:\Program Files\Rising\Rfw\PngDll.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [d:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [d:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [d:\Program Files\Rising\Rfw\RfwRule.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.17] [C:\WINDOWS\system32\wintrust.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\rsaenh.dll] [Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711)] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\perfproc.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\MSCTF.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\netapi32.dll] [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_gdr.081015-1312)] [C:\WINDOWS\system32\cryptnet.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\PSAPI.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SensApi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\WINHTTP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\Apphelp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [PID: 3516 / Administrator][D:\PROGRAM FILES\RISING\RAV\RavMon.exe] [Beijing Rising Information Technology Co., Ltd., 20.0.01.27] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MFC71CHS.DLL] [Microsoft Corporation, 7.10.3077.0] [D:\PROGRAM FILES\RISING\RAV\ProcCom.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [D:\PROGRAM FILES\RISING\RAV\RsCommX2.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [D:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17] [D:\PROGRAM FILES\RISING\RAV\recomp.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 41] [D:\PROGRAM FILES\RISING\RAV\refs.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18] [D:\PROGRAM FILES\RISING\RAV\viruslib.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27] [D:\PROGRAM FILES\RISING\RAV\relibldr.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17] [D:\PROGRAM FILES\RISING\RAV\RSAPPMGR.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.1] [D:\PROGRAM FILES\RISING\RAV\CfgDll.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.19] [D:\PROGRAM FILES\RISING\RAV\MonRule.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.29] [D:\PROGRAM FILES\RISING\RAV\PngDll.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5] [C:\WINDOWS\system32\wtsapi32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\WINSTA.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_gdr.081015-1312)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.5.0.0] [C:\WINDOWS\system32\MSIMG32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\NTMARTA.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\Program Files\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.5.0.0] [D:\PROGRAM FILES\RISING\RAV\Rsguilib.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90] [D:\PROGRAM FILES\RISING\RAV\RsXML.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2] [C:\WINDOWS\system32\perfproc.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [d:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [d:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\WINDOWS\system32\MSCTF.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [PID: 3764 / Administrator][C:\program files\microsoft office\media\dllhost.exe] [Microsoft, 7.02.0003] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\MSVBVM60.DLL] [Microsoft Corporation, 6.00.9802] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\vb6chs.dll] [Microsoft Corporation, 6.00.8169] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SXS.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.5.0.0] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MSIMG32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\COMCTL32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [C:\WINDOWS\system32\NTMARTA.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\Program Files\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.5.0.0] [C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\shdocvw.dll] [Microsoft Corporation, 6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\CRYPTUI.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_gdr.081015-1312)] [C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] [C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\appHelp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MSCTF.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\mlang.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\wsock32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\mswsock.dll] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] [C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\mshtml.dll] [Microsoft Corporation, 6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] [C:\WINDOWS\system32\msls31.dll] [Microsoft Corporation, 3.10.349.0] [C:\WINDOWS\system32\PSAPI.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\RASAPI32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\rasman.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\TAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\rtutils.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\msv1_0.dll] [Microsoft Corporation, 5.1.2600.5594 (xpsp_sp3_qfe.080503-1404)] [C:\WINDOWS\system32\iphlpapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\sensapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\DNSAPI.dll] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] [C:\WINDOWS\System32\winrnr.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\rasadhlp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [D:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5] [C:\WINDOWS\system32\vbscript.dll] [Microsoft Corporation, 5.7.0.18066] [C:\WINDOWS\system32\jscript.dll] [Microsoft Corporation, 5.7.0.18066] [C:\WINDOWS\system32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\MSACM32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\midimap.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\SETUPAPI.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\schannel.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\ImgUtil.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\pngfilt.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\dxtrans.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ATL.DLL] [Microsoft Corporation, 3.05.2284] [C:\WINDOWS\system32\ddrawex.dll] [Microsoft Corporation, 5.03.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\DDRAW.dll] [Microsoft Corporation, 5.03.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\DCIMAN32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\dxtmsft.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\comdlg32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msxml3.dll] [Microsoft Corporation, 8.90.1101.0] [C:\Program Files\Common Files\System\Ole DB\oledb32.dll] [Microsoft Corporation, 2.81.1132.0 (xpsp.080413-0852)] [C:\WINDOWS\system32\MSDART.DLL] [Microsoft Corporation, 2.81.1132.0 (xpsp.080413-0852)] [C:\Program Files\Common Files\System\Ole DB\OLEDB32R.DLL] [Microsoft Corporation, 2.81.1117.0 built by: (_sqlbld)] [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx] [Adobe Systems, Inc., 9,0,124,0] [C:\WINDOWS\system32\xpsp3res.dll] [Microsoft Corporation, 5.1.2600.5512 (WinXP.080413-2113)] [C:\WINDOWS\system32\mscoree.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\WINDOWS\system32\wmploc.dll] [Microsoft Corporation, 10.00.00.3802] [C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL] [Microsoft Corporation, 5.20.1081.0] [C:\WINDOWS\system32\rsaenh.dll] [Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711)] [C:\WINDOWS\system32\dssenh.dll] [Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711)] [C:\Program Files\Common Files\System\msadc\msadcor.dll] [Microsoft Corporation, 2.81.1117.0 built by: (_sqlbld)] [C:\WINDOWS\system32\mshtmled.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\iepeers.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WINSPOOL.DRV] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [PID: 3904 / Administrator][D:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe] [Adobe Systems Inc., 6.0.1.2004121400] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WINSPOOL.DRV] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\COMCTL32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [C:\WINDOWS\system32\OLEACC.dll] [Microsoft Corporation, 4.2.5406.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\MSVCP60.dll] [Microsoft Corporation, 6.02.3104.0] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\comdlg32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [d:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [d:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [D:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.chs] [Adobe Systems Inc., 6.0.0.0] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.5.0.0] [C:\WINDOWS\system32\MSIMG32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\NTMARTA.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\Program Files\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.5.0.0] [C:\WINDOWS\system32\MSCTF.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\Apphelp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [PID: 3912 / Administrator][D:\Program Files\Rising\Rav\RavTask.exe] [Beijing Rising Information Technology Co., Ltd., 20.0.0.24] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\COMCTL32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [D:\Program Files\Rising\Rav\ProcCom.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [D:\Program Files\Rising\Rav\RsCommX2.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [D:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [D:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Information Technology Co., Ltd., 20.0.0.1] [D:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.19] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.5.0.0] [C:\WINDOWS\system32\MSIMG32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\NTMARTA.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\Program Files\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.5.0.0] [C:\WINDOWS\system32\MSCTF.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [PID: 3948 / Administrator][C:\Program Files\Rising\AntiSpyware\rstray.exe] [Beijing Rising Information Technology Co., Ltd., 21.0.0.16] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\Program Files\Rising\AntiSpyware\rsmginfo.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 8] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\Program Files\Rising\AntiSpyware\RsXML.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2] [C:\Program Files\Rising\AntiSpyware\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Rising\AntiSpyware\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.5.0.0] [C:\WINDOWS\system32\MSIMG32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\NTMARTA.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\Program Files\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.5.0.0] [C:\Program Files\Rising\AntiSpyware\ComServ.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.31] [C:\Program Files\Rising\AntiSpyware\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [C:\Program Files\Rising\AntiSpyware\rscommon.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.1.1] [C:\Program Files\Rising\AntiSpyware\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [C:\WINDOWS\system32\Wtsapi32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\WINSTA.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_gdr.081015-1312)] [C:\WINDOWS\system32\MSCTF.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\Program Files\Rising\AntiSpyware\pngdll.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5] [C:\Program Files\Rising\AntiSpyware\runiep.dll] [Beijing Rising Information Technology Co., Ltd., 6.0.0.41] [C:\Program Files\Rising\AntiSpyware\NComm.dll] [Beijing Rising Information Technology Co., Ltd., 6.0.0.6] [D:\Program Files\Rising\Rav\ProcCom.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\Program Files\Rising\AntiSpyware\RsCommX2.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\WINDOWS\system32\wsock32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\RASAPI32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\rasman.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\TAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\rtutils.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\msv1_0.dll] [Microsoft Corporation, 5.1.2600.5594 (xpsp_sp3_qfe.080503-1404)] [C:\WINDOWS\system32\iphlpapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\sensapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\System32\mswsock.dll] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] [C:\WINDOWS\system32\DNSAPI.dll] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] [C:\WINDOWS\system32\rasadhlp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\SETUPAPI.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\appHelp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.18] [PID: 312 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MSCTF.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MSUTB.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ShimEng.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\AppPatch\AcGenral.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\MSACM32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] [d:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [d:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.5.0.0] [C:\WINDOWS\system32\MSIMG32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\NTMARTA.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\Program Files\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.5.0.0] [PID: 416 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [d:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [d:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\gtn.dll] [Google Inc., 3, 1, 807, 1746] [C:\WINDOWS\system32\iphlpapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\PSAPI.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\RASAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\rasman.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_gdr.081015-1312)] [C:\WINDOWS\system32\TAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\rtutils.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MSCTF.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\msv1_0.dll] [Microsoft Corporation, 5.1.2600.5594 (xpsp_sp3_qfe.080503-1404)] [C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll] [Google Inc., 3, 1, 807, 1746] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.5.0.0] [C:\WINDOWS\system32\MSIMG32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\NTMARTA.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\Program Files\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.5.0.0] [C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\rsaenh.dll] [Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711)] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\msi.dll] [Microsoft Corporation, 3.1.4001.5512] [C:\WINDOWS\system32\SXS.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\MPRAPI.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\ACTIVEDS.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\adsldpc.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\ATL.DLL] [Microsoft Corporation, 3.05.2284] [C:\WINDOWS\system32\SETUPAPI.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\wsock32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\sensapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] [C:\WINDOWS\System32\mswsock.dll] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] [C:\WINDOWS\system32\DNSAPI.dll] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] [C:\WINDOWS\system32\rasadhlp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [PID: 1956 / Administrator][C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe] [Microsoft Corporation, 2000.080.2039.00] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\SQLUNIRL.dll] [Microsoft Corporation, 2000.080.0728.00] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WINSPOOL.DRV] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\comdlg32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\COMCTL32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\W95SCM.dll] [Microsoft Corporation, 2000.080.2039.00] [C:\WINDOWS\system32\ODBC32.dll] [Microsoft Corporation, 3.525.1132.0 (xpsp.080413-0852)] [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\SQLSVC.dll] [Microsoft Corporation, 2000.080.2039.00] [C:\WINDOWS\system32\odbcbcp.dll] [Microsoft Corporation, 2000.085.3006.00 (xpsp_sp3_gdr.080821-1454)] [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\SQLRESLD.dll] [Microsoft Corporation, 2000.080.2039.00] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\WINDOWS\system32\NDDEAPI.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\odbcint.dll] [Microsoft Corporation, 3.525.1117.0 built by: (_sqlbld)] [C:\WINDOWS\system32\clusapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\resutils.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\Resources\2052\SQLSVC.RLL] [Microsoft Corporation, 2000.080.0194.00] [C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] [d:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [d:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\Resources\2052\sqlmangr.RLL] [Microsoft Corporation, 2000.080.0194.00] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MSCTF.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SETUPAPI.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.5.0.0] [C:\WINDOWS\system32\MSIMG32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\NTMARTA.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\Program Files\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.5.0.0] [C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\mswsock.dll] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] [C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [PID: 2220 / Administrator][C:\WINDOWS\system32\WISPTIS.EXE] [Microsoft Corporation, 1.0.2201.0 (xpsp1.020820-1800)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ATL.DLL] [Microsoft Corporation, 3.05.2284] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSVCP60.dll] [Microsoft Corporation, 6.02.3104.0] [C:\WINDOWS\system32\HID.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\SETUPAPI.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\Program Files\Rising\AntiSpyware\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [C:\Program Files\Rising\AntiSpyware\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [C:\WINDOWS\system32\Wtsapi32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\WINSTA.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_gdr.081015-1312)] [C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [d:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [d:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSCTF.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.5.0.0] [C:\WINDOWS\system32\MSIMG32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\NTMARTA.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\Program Files\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.5.0.0] [C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\msi.dll] [Microsoft Corporation, 3.1.4001.5512] [C:\Program Files\Common Files\Microsoft Shared\INK\TPCPS.DLL] [Microsoft Corporation, 1.0.2201.0 (xpsp1.020820-1800)] [PID: 3952 / Administrator][D:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 5, 225, 0] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\PSAPI.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\Program Files\Rising\AntiSpyware\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [C:\Program Files\Rising\AntiSpyware\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [C:\WINDOWS\system32\Wtsapi32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\WINSTA.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_gdr.081015-1312)] [C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [d:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [d:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MSCTF.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [D:\Program Files\Tencent\QQ\TXPFProxy.dll] [N/A, ] [C:\WINDOWS\system32\msi.dll] [Microsoft Corporation, 3.1.4001.5512] [C:\WINDOWS\system32\SXS.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 3560 / Administrator][F:\PROGRA~1\weepal\Pallas\Pallas.exe] [weepal soft., 2.6.0.1370] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\adortl90.bpl] [Borland Software Corporation, 9.0.1761.24408] [C:\WINDOWS\system32\rtl90.bpl] [Borland Software Corporation, 9.0.1761.24408] [C:\WINDOWS\system32\user32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\advapi32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\oleaut32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\mpr.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\version.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\wsock32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\dbrtl90.bpl] [Borland Software Corporation, 9.0.1761.24408] [C:\WINDOWS\system32\dsnap90.bpl] [Borland Software Corporation, 9.0.1761.24408] [C:\WINDOWS\system32\dsnapcon90.bpl] [Borland Software Corporation, 9.0.1761.24408] [C:\WINDOWS\system32\wininet.dll] [Microsoft Corporation, 6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\indy90.bpl] [weepal Co.,Ltd., 9.0.0.690] [C:\WINDOWS\system32\iphlpapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\shell32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\vcl90.bpl] [Borland Software Corporation, 9.0.1761.24408] [C:\WINDOWS\system32\msimg32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [C:\WINDOWS\system32\winspool.drv] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\comdlg32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\oledlg.dll] [Microsoft Corporation, 1.0 (xpsp.080413-2108)] [C:\WINDOWS\system32\vcldb90.bpl] [Borland Software Corporation, 9.0.1761.24408] [C:\WINDOWS\system32\vcljpg90.bpl] [Borland Software Corporation, 9.0.1761.24408] [C:\WINDOWS\system32\wpBase90.bpl] [weepal soft., 6.0.0.14] [C:\WINDOWS\system32\wpControl90.bpl] [weepal soft., 5.5.2.0] [C:\WINDOWS\system32\winmm.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\wpEditors90.bpl] [weepal soft., 5.3.0.0] [C:\WINDOWS\system32\wpEditorsEx90.bpl] [weepal soft., 5.3.0.0] [C:\WINDOWS\system32\vclx90.bpl] [Borland Software Corporation, 9.0.1761.24408] [C:\WINDOWS\system32\wpGraphic90.bpl] [weepal Co.,Ltd., 9.9.0.24] [C:\WINDOWS\system32\wpTreeList90.bpl] [weepal soft., 4.1.2.142] [C:\WINDOWS\system32\wputil90.bpl] [weepal Co.,Ltd., 2.23.0.250] [C:\WINDOWS\system32\VclSmp90.bpl] [Borland Software Corporation, 9.0.1761.24408] [C:\WINDOWS\system32\wpGrid90.bpl] [weepal soft., 6.0.0.2] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\Program Files\Rising\AntiSpyware\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [C:\Program Files\Rising\AntiSpyware\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [C:\WINDOWS\system32\Wtsapi32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\WINSTA.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_gdr.081015-1312)] [C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] [d:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [d:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MSCTF.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.5.0.0] [C:\WINDOWS\system32\NTMARTA.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\Program Files\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.5.0.0] [C:\WINDOWS\system32\olepro32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\System32\mswsock.dll] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] [C:\WINDOWS\system32\DNSAPI.dll] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] [C:\WINDOWS\System32\winrnr.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\rasadhlp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.700] [F:\PROGRA~1\weepal\Pallas\wpLive.dll] [weepal soft., 3.0.0.1] [C:\WINDOWS\system32\SXS.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [F:\PROGRA~1\weepal\Pallas\Bin\wpimage.dll] [weepal soft., 2.0.0.91] [F:\PROGRA~1\weepal\Pallas\Bin\wpfunc.dll] [weepal Co.,Ltd., 3.0.2.12] [C:\WINDOWS\system32\vdraw90.bpl] [weepal Corp., 3.0.0.55] [C:\WINDOWS\system32\wpchart90.bpl] [weepal Corp., 7.0.0.94] [F:\PROGRA~1\weepal\Pallas\Bin\wpbasic.dll] [weepal soft., 2.0.0.588] [C:\WINDOWS\system32\wputilEx90.bpl] [weepal Co.,Ltd., 2.0.0.615] [F:\PROGRA~1\weepal\Pallas\Bin\wpengine.dll] [weepal Co.,Ltd., 3.0.6.461] [C:\WINDOWS\system32\bdertl90.bpl] [Borland Software Corporation, 9.0.1761.24408] [C:\WINDOWS\system32\frx9.bpl] [weepal Co.,Ltd., 4.33.0.26] [C:\WINDOWS\system32\qrpt90.bpl] [weepal Co.,Ltd., 4.0.5.400] [C:\WINDOWS\system32\wpSpread90.bpl] [weepal soft., 1.0.0.0] [C:\WINDOWS\system32\wpVGrid90.bpl] [weepal soft., 3.0.2.66] [C:\WINDOWS\system32\DDraw.dll] [Microsoft Corporation, 5.03.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\DCIMAN32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\HHCtrl.OCX] [Microsoft Corporation, 5.2.3790.4110 (srv03_sp2_qfe.070702-2345)] [C:\WINDOWS\system32\mui\0804\HHCtrlui.dll] [Microsoft Corporation, 4.74.9273] [C:\WINDOWS\system32\MIDAS.DLL] [Borland Software Corporation, 9.0.1761.24408] [C:\Program Files\Common Files\System\ado\msado15.dll] [Microsoft Corporation, 2.81.1132.0 (xpsp.080413-0852)] [C:\WINDOWS\system32\MSDART.DLL] [Microsoft Corporation, 2.81.1132.0 (xpsp.080413-0852)] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSWSTR10.DLL] [Microsoft Corporation, 4.00.9502.0] [C:\WINDOWS\system32\SETUPAPI.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\Program Files\Common Files\System\Ole DB\oledb32.dll] [Microsoft Corporation, 2.81.1132.0 (xpsp.080413-0852)] [C:\Program Files\Common Files\System\Ole DB\OLEDB32R.DLL] [Microsoft Corporation, 2.81.1117.0 built by: (_sqlbld)] [C:\WINDOWS\system32\msjetoledb40.dll] [, ] [C:\WINDOWS\system32\msjet40.dll] [Microsoft Corporation, 4.00.9511.0] [C:\WINDOWS\system32\msjter40.dll] [Microsoft Corporation, 4.00.9502.0] [C:\WINDOWS\system32\MSJINT40.DLL] [Microsoft Corporation, 4.00.9502.0] [C:\WINDOWS\system32\comsvcs.dll] [Microsoft Corporation, 2001.12.4414.702] [C:\WINDOWS\system32\colbact.DLL] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\MTXCLU.DLL] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\CLUSAPI.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\RESUTILS.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\Program Files\Common Files\System\ado\msadrh15.dll] [Microsoft Corporation, 2.81.1132.0 (xpsp.080413-0852)] [C:\WINDOWS\system32\msjtes40.dll] [Microsoft Corporation, 4.00.9502.0] [C:\WINDOWS\system32\VBAJET32.DLL] [Microsoft Corporation, 6.1.9431] [C:\WINDOWS\system32\expsrv.dll] [Microsoft Corporation, 6.0.9589] [C:\WINDOWS\system32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\MSACM32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\midimap.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [F:\PROGRA~1\weepal\Pallas\Bin\table.DLL] [, 3.0.0.618] [C:\WINDOWS\system32\vclie90.bpl] [Borland Software Corporation, 9.0.1761.24408] [C:\WINDOWS\system32\wpPSCommon90.bpl] [weepal soft., 3.5.11.1] [C:\WINDOWS\system32\wpPSCore90.bpl] [weepal soft., 3.5.11.1] [C:\WINDOWS\system32\wpPSLnks90.bpl] [weepal soft., 3.5.11.1] [C:\WINDOWS\system32\vclshlctrls90.bpl] [Borland Software Corporation, 9.0.1761.24408] [C:\WINDOWS\system32\wpPSGridLnk90.bpl] [weepal soft., 3.5.11.1] [C:\WINDOWS\system32\shdocvw.dll] [Microsoft Corporation, 6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] [C:\WINDOWS\system32\CRYPTUI.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [PID: 1100 / Administrator][C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE] [Microsoft Corporation, 11.0.8211] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\Program Files\Rising\AntiSpyware\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [C:\Program Files\Rising\AntiSpyware\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [C:\WINDOWS\system32\Wtsapi32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\WINSTA.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_gdr.081015-1312)] [C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [d:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [d:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\Program Files\Common Files\Microsoft Shared\office11\mso.dll] [Microsoft Corporation, 11.0.8202] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MSCTF.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.5.0.0] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\MSIMG32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\NTMARTA.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\Program Files\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.5.0.0] [C:\WINDOWS\system32\msi.dll] [Microsoft Corporation, 3.1.4001.5512] [C:\Program Files\Microsoft Office\OFFICE11\GdiPlus.DLL] [Microsoft Corporation, 11.0.8165] [C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\PROGRA~1\MICROS~1\OFFICE11\ADDINS\SYMINPUT.DLL] [Microsoft Corporation, 1.02] [C:\WINDOWS\system32\MSVBVM60.DLL] [Microsoft Corporation, 6.00.9802] [C:\WINDOWS\system32\VB6CHS.DLL] [Microsoft Corporation, 6.00.8169] [C:\WINDOWS\system32\SXS.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\Program Files\Common Files\Microsoft Shared\office11\riched20.dll] [Microsoft Corporation, 5.50.99.2050] [D:\Program Files\Adobe\Acrobat 7.0\PDFMaker\Office\PDFMOfficeAddin.dll] [Adobe Systems Incorporated, 7, 0, 0, 0] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MFC71CHS.DLL] [Microsoft Corporation, 7.10.3077.0] [D:\Program Files\Adobe\Acrobat 7.0\PDFMaker\Office\PDFMOfficeAddin.CHS] [Adobe Systems Incorporated, 7, 0, 0, 0] [D:\Program Files\Adobe\Acrobat 7.0\PDFMaker\Common\AdobePDFMakerX.dll] [, ] [C:\WINDOWS\system32\comdlg32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WINSPOOL.DRV] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [D:\Program Files\Adobe\Acrobat 7.0\PDFMaker\Common\AdobePDFMakerX.CHS] [, ] [C:\WINDOWS\system32\SETUPAPI.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [D:\Program Files\Rising\Rav\RsPlugIn.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.20] [C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\LINKINFO.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ntshrui.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ATL.DLL] [Microsoft Corporation, 3.05.2284] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\MSACM32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\midimap.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\msimtf.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [PID: 2148 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\SHDOCVW.dll] [Microsoft Corporation, 6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\CRYPTUI.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_gdr.081015-1312)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] [C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\Program Files\Rising\AntiSpyware\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [C:\Program Files\Rising\AntiSpyware\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [C:\WINDOWS\system32\Wtsapi32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\WINSTA.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [d:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [d:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MSCTF.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\BROWSEUI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\browselc.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\appHelp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.5.0.0] [C:\WINDOWS\system32\MSIMG32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\NTMARTA.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\Program Files\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.5.0.0] [C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] [C:\WINDOWS\system32\AcSignIcon.dll] [Autodesk, 17.0.54.0] [C:\WINDOWS\system32\WINSPOOL.DRV] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\SETUPAPI.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\msi.dll] [Microsoft Corporation, 3.1.4001.5512] [D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll] [Adobe Systems Incorporated, 7.0.0.0] [C:\WINDOWS\system32\ATL71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.CHS] [Adobe Systems Incorporated, 7.0.0.0] [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\WSOCK32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\msxml3.dll] [Microsoft Corporation, 8.90.1101.0] [C:\WINDOWS\system32\DBGHELP.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ntshrui.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ATL.DLL] [Microsoft Corporation, 3.05.2284] [C:\WINDOWS\system32\MPR.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\drprov.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\System32\ntlanman.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\System32\NETUI0.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\System32\NETUI1.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\System32\NETRAP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\System32\davclnt.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\MSGINA.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\ODBC32.dll] [Microsoft Corporation, 3.525.1132.0 (xpsp.080413-0852)] [C:\WINDOWS\system32\comdlg32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\odbcint.dll] [Microsoft Corporation, 3.525.1117.0 built by: (_sqlbld)] [C:\WINDOWS\system32\RASAPI32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\rasman.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\TAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\rtutils.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\mlang.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\mswsock.dll] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] [C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\msv1_0.dll] [Microsoft Corporation, 5.1.2600.5594 (xpsp_sp3_qfe.080503-1404)] [C:\WINDOWS\system32\iphlpapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\sensapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\DNSAPI.dll] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] [C:\WINDOWS\system32\rasadhlp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.5.29] [D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 7.0.0.2004121400] [C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 96] [C:\WINDOWS\system32\OLEACC.dll] [Microsoft Corporation, 4.2.5406.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\MSVCP60.dll] [Microsoft Corporation, 6.02.3104.0] [C:\WINDOWS\system32\UrlFilter.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15] [C:\Program Files\Rising\AntiSpyware\UrlRule.dll] [Beijing Rising Information Technology Co., Ltd., 1.0.0.15] [C:\WINDOWS\system32\SXS.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\mshtml.dll] [Microsoft Corporation, 6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] [C:\WINDOWS\system32\msls31.dll] [Microsoft Corporation, 3.10.349.0] [C:\WINDOWS\system32\PSAPI.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [D:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5] [C:\WINDOWS\system32\vbscript.dll] [Microsoft Corporation, 5.7.0.18066] [C:\WINDOWS\system32\jscript.dll] [Microsoft Corporation, 5.7.0.18066] [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510] [C:\WINDOWS\system32\mshtmled.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\MSACM32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\midimap.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\actxprxy.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx] [Adobe Systems, Inc., 9,0,124,0] [C:\WINDOWS\system32\schannel.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\ddrawex.dll] [Microsoft Corporation, 5.03.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\DDRAW.dll] [Microsoft Corporation, 5.03.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\DCIMAN32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ImgUtil.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\pngfilt.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\dxtrans.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\dxtmsft.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\webcheck.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\mshtmler.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 4068 / Administrator][C:\WINDOWS\system32\conime.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\IMM32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ShimEng.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\AppPatch\AcGenral.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\MSACM32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [C:\Program Files\Rising\AntiSpyware\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [C:\Program Files\Rising\AntiSpyware\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [C:\WINDOWS\system32\Wtsapi32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\WINSTA.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_gdr.081015-1312)] [C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] [C:\WINDOWS\system32\MSCTF.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.5.0.0] [C:\WINDOWS\system32\MSIMG32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\NTMARTA.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\Program Files\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.5.0.0] [PID: 1440 / Administrator][F:\徐娜\猪猪窝\软件\扫描日志\sreng992\SREngLdr.EXE] [Smallfrogs Studio, 2.6.11.992] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [d:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [d:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\WINDOWS\system32\Apphelp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\version.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [PID: 1932 / Administrator][F:\徐娜\猪猪窝\软件\扫描日志\sreng992\SREcec25149.EXE] [Smallfrogs Studio, 2.6.11.992] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\comdlg32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WINSPOOL.DRV] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\oledlg.dll] [Microsoft Corporation, 1.0 (xpsp.080413-2108)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [d:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [d:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\RICHED20.DLL] [Microsoft Corporation, 5.30.23.1230] [C:\WINDOWS\system32\NTMARTA.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSCTF.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.5.0.0] [C:\WINDOWS\system32\MSIMG32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\Program Files\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.5.0.0] [C:\WINDOWS\system32\sfc.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [F:\徐娜\猪猪窝\软件\扫描日志\sreng992\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15] [C:\WINDOWS\system32\wsock32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\RASAPI32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\rasman.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_gdr.081015-1312)] [C:\WINDOWS\system32\TAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\rtutils.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\msv1_0.dll] [Microsoft Corporation, 5.1.2600.5594 (xpsp_sp3_qfe.080503-1404)] [C:\WINDOWS\system32\iphlpapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\sensapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] [C:\WINDOWS\System32\mswsock.dll] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] [C:\WINDOWS\system32\DNSAPI.dll] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] [C:\WINDOWS\system32\rasadhlp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\Winsta.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\utildll.dll] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\SETUPAPI.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\rsaenh.dll] [Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711)] [C:\WINDOWS\system32\cryptnet.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\PSAPI.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WINHTTP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\Cabinet.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] ================================== 文件关联 .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .EXE OK. ["%1" %*] .COM OK. ["%1" %*] .PIF OK. ["%1" %*] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %*] .SCR OK. ["%1" /S] .CHM OK. ["C:\WINDOWS\hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock 提供者 MSAFD Tcpip [TCP/IP] C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider) MSAFD Tcpip [UDP/IP] C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider) MSAFD Tcpip [RAW/IP] C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider) MSAFD Irda [IrDA] C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider) MSAFD NetBIOS [\Device\NetBT_Tcpip_{F0608D9D-8AD8-4563-B87D-592F0780877A}] SEQPACKET 5 C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider) MSAFD NetBIOS [\Device\NetBT_Tcpip_{F0608D9D-8AD8-4563-B87D-592F0780877A}] DATAGRAM 5 C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider) MSAFD NetBIOS [\Device\NetBT_Tcpip_{1EA06D9B-3443-4BD9-AB22-2B8930EE5024}] SEQPACKET 4 C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider) MSAFD NetBIOS [\Device\NetBT_Tcpip_{1EA06D9B-3443-4BD9-AB22-2B8930EE5024}] DATAGRAM 4 C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider) MSAFD NetBIOS [\Device\NetBT_Tcpip_{F33D1291-2A7E-49E8-9C98-FEA086BC6B8A}] SEQPACKET 3 C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider) MSAFD NetBIOS [\Device\NetBT_Tcpip_{F33D1291-2A7E-49E8-9C98-FEA086BC6B8A}] DATAGRAM 3 C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider) MSAFD NetBIOS [\Device\NetBT_Tcpip_{1F3A1E1B-1EE4-496A-9A33-2AE0F309DD19}] SEQPACKET 0 C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider) MSAFD NetBIOS [\Device\NetBT_Tcpip_{1F3A1E1B-1EE4-496A-9A33-2AE0F309DD19}] DATAGRAM 0 C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider) MSAFD NetBIOS [\Device\NetBT_Tcpip_{F6C60E97-F8D3-4E62-9FA2-A9D685B07D97}] SEQPACKET 1 C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider) MSAFD NetBIOS [\Device\NetBT_Tcpip_{F6C60E97-F8D3-4E62-9FA2-A9D685B07D97}] DATAGRAM 1 C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider) MSAFD NetBIOS [\Device\NetBT_Tcpip_{90284CC5-9E19-496E-A350-36F5EAF0B47E}] SEQPACKET 2 C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider) MSAFD NetBIOS [\Device\NetBT_Tcpip_{90284CC5-9E19-496E-A350-36F5EAF0B47E}] DATAGRAM 2 C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider) ================================== Autorun.inf N/A ================================== HOSTS 文件 127.0.0.1 localhost 127.0.0.1 858656.com 127.0.0.1 my123.com 127.0.0.1 8749.com 127.0.0.1 4199.com 127.0.0.1 7379.com 127.0.0.1 7255.com 127.0.0.1 3448.com 127.0.0.1 7939.com 127.0.0.1 8009.com 127.0.0.1 piaoxue.com 127.0.0.1 kzdh.com 127.0.0.1 about.blank.la 127.0.0.1 6781.com 127.0.0.1 7322.com 127.0.0.1 9991.com ================================== 进程特权扫描特殊特权被允许： SeLoadDriverPrivilege [PID = 716, C:\WINDOWS\SYSTEM32\ACS.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 3764, C:\PROGRAM FILES\MICROSOFT OFFICE\MEDIA\DLLHOST.EXE] 特殊特权被允许： SeDebugPrivilege [PID = 3904, D:\PROGRAM FILES\ADOBE\ACROBAT 7.0\DISTILLR\ACROTRAY.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 3904, D:\PROGRAM FILES\ADOBE\ACROBAT 7.0\DISTILLR\ACROTRAY.EXE] 特殊特权被允许： SeDebugPrivilege [PID = 1956, C:\PROGRAM FILES\MICROSOFT SQL SERVER\80\TOOLS\BINN\SQLMANGR.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 1956, C:\PROGRAM FILES\MICROSOFT SQL SERVER\80\TOOLS\BINN\SQLMANGR.EXE] 特殊特权被允许： SeDebugPrivilege [PID = 2220, C:\WINDOWS\SYSTEM32\WISPTIS.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2220, C:\WINDOWS\SYSTEM32\WISPTIS.EXE] 特殊特权被允许： SeDebugPrivilege [PID = 3560, F:\PROGRA~1\WEEPAL\PALLAS\PALLAS.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 3560, F:\PROGRA~1\WEEPAL\PALLAS\PALLAS.EXE] 特殊特权被允许： SeDebugPrivilege [PID = 1440, F:\徐娜\猪猪窝\软件\扫描日志\SRENG992\SRENGLDR.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 1440, F:\徐娜\猪猪窝\软件\扫描日志\SRENG992\SRENGLDR.EXE] ================================== API HOOK 入口点错误：CreateProcessA (危险等级: 高, 被下面模块所HOOK: 0x00DD1FFD) 入口点错误：CreateProcessW (危险等级: 高, 被下面模块所HOOK: 0x00DD20E5) ================================== 隐藏进程 N/A ================================== [/CODE]