瑞星卡卡电脑诊断日志 v1.30 (2009-1-9 3:23:18) 北京瑞星信息技术有限公司 注释: [A]表示该文件存在自启动关联; [M]表示该文件在内存中; + 注册表自运行项目 + 系统服务 + HKLM\System\CurrentControlSet\Services 3wareSrv [A ] 1. c:\windows\system32\3waresrv.exe .text,.rdata,.data,.rsrc, NVSvc [AM] 2. c:\windows\system32\nvsvc32.exe NVIDIA Corporation NVIDIA Driver Helper Service, Version 175.31 .text,.rdata,.data,.rsrc, ose [A ] 3. c:\program files\common files\microsoft shared\source engine\ose.exe Microsoft Corporation Office Source Engine .text,.data,.rsrc, RavCCenter [AM] 4. d:\program files\rising\rav\ccenter.exe Beijing Rising Information Technology Co., Ltd. CCenter Application .text,.rdata,.data,.rsrc, RavTask [AM] 5. d:\program files\rising\rav\ravtask.exe Beijing Rising Information Technology Co., Ltd. ravtask .text,.rdata,.data,.rsrc, RfwCCenter [AM] 6. d:\program files\rising\rfw\ccenter.exe Beijing Rising Information Technology Co., Ltd. CCenter Application .text,.rdata,.data,.rsrc, RfwService [AM] 7. d:\program files\rising\rfw\rfwsrv.exe Beijing Rising Information Technology Co., Ltd. rfwsrvex Application .text,.rdata,.data,.rsrc, RfwTask [AM] 8. d:\program files\rising\rfw\ravtask.exe Beijing Rising Information Technology Co., Ltd. ravtask .text,.rdata,.data,.rsrc, RsRavMon [A ] 9. d:\program files\rising\rav\ravmond.exe Beijing Rising Information Technology Co., Ltd. ravmond .text,.rdata,.data,.rsrc, RsScanSrv [AM] 10. d:\program files\rising\rav\scanfrm.exe Beijing Rising Information Technology Co., Ltd. Rising Scan Service Framework .text,.rdata,.data,.rsrc, UMWdf [AM] 11. c:\windows\system32\wdfmgr.exe Microsoft Corporation Windows User Mode Driver Manager .text,.data,.rsrc, + 内核驱动 + HKLM\System\CurrentControlSet\Services aaatimeo [A ] 12. c:\windows\system32\drivers\aaatimeo.sys Microsoft Corporation SRB Timout Control Driver .text,.rdata,.data,INIT,.rsrc,.reloc, AFAMgt [A ] 13. c:\windows\system32\drivers\afamgt.sys Adaptec, Inc. Dell Management Driver .text,.rdata,.data,INIT,.rsrc,.reloc, ahcix86 [A ] 14. c:\windows\system32\drivers\ahcix86.sys ATI Technologies Inc. ATI Technology AHCI Compatible Controller Driver for Windows family .text,.rdata,.data,INIT,.rsrc,.reloc, amdbusdr [A ] 15. c:\windows\system32\drivers\amdbusdr.sys AMD AMD IDE Bus Driver .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, amdeide [A ] 16. c:\windows\system32\drivers\amdeide.sys AMD AMD IDE Miniport Driver .text,.rdata,.data,INIT,.rsrc,.reloc, AmdK8 [A ] 17. c:\windows\system32\drivers\amdk8.sys Advanced Micro Devices AMD Processor Driver .text,.rdata,.data,PAGE,PAGELK,INIT,.rsrc,.reloc, ASH1205 [A ] 18. c:\windows\system32\drivers\ash1205.sys Silicon Image, Inc. Serial ATA miniport driver .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, ata1200a [A ] 19. c:\windows\system32\drivers\ata1200a.sys Adaptec, Inc. ATA1200A Miniport Driver .text,.rdata,.data,INIT,.rsrc,.reloc, AtcL001 [A ] 20. c:\windows\system32\drivers\l151x86.sys Atheros Communications, Inc. Atheros L1 Gigabit Ethernet Controller ndis miniport driver .text,.rdata,.data,PAGECONS,INIT,.rsrc,.reloc, atiide [A ] 21. c:\windows\system32\drivers\atiide.sys ATI Technologies Inc. ATI PCI BUS MASTER IDE Controller Driver .text,.rdata,.data,INIT,.rsrc,.reloc, bb-run [A ] 22. c:\windows\system32\drivers\bb-run.sys Promise Technology, Inc. Promise Disk Accelerator .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, cercsr6 [A ] 23. c:\windows\system32\drivers\cercsr6.sys Adaptec, Inc. DELL CERC SATA1.5/6ch Miniport Driver .text,.rdata,.data,INIT,.rsrc,.reloc, Cpq32fs2 [A ] 24. c:\windows\system32\drivers\cpq32fs2.sys Hewlett-Packard Company Hewlett-Packard 32-Bit SCSI-2 Controllers SCSI Miniport Driver - pnp .text,.rdata,.data,INIT,.rsrc,.reloc, dontgo [A ] 25. c:\windows\system32\drivers\dontgo.sys Promise Technology, Inc. Promise Removable Disk Control .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, EagleNT [A ] 26. c:\windows\system32\drivers\eaglent.sys fttxr52P [A ] 27. c:\windows\system32\drivers\fttxr52p.sys Promise Technology, Inc. Promise FastTRAK TX4200/TX4300 Driver for Windows family .text,.rdata,.data,INIT,.rsrc,.reloc, HDAudBus [A ] 28. c:\windows\system32\drivers\hdaudbus.sys Windows (R) Server 2003 DDK provider High Definition Audio Bus Driver v1.0a .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, hookcont [A ] 29. c:\windows\system32\drivers\hookcont.sys Beijing Rising Information Technology Co., Ltd. HookCont Driver .text,.rdata,.data,INIT,.rsrc,.reloc, hooksys [A ] 30. c:\windows\system32\drivers\hooksys.sys Beijing Rising Information Technology Co., Ltd. Hooksys.sys .text,.rdata,.data,INIT,.rsrc,.reloc, HpCISSm2 [A ] 31. c:\windows\system32\drivers\hpcissm2.sys Hewlett-Packard Company Smart Array SAS/SATA Controller Scsiport Driver .text,.rdata,.data,INIT,.rsrc,.reloc, hptmv6 [A ] 32. c:\windows\system32\drivers\hptmv6.sys HighPoint Technologies, Inc. hptmv6 Miniport Driver .text,.rdata,.data,INIT,.rsrc,.reloc, iaStor55 [A ] 33. c:\windows\system32\drivers\iastor55.sys Intel Corporation Intel Matrix Storage Manager driver .text,.rdata,.data,INIT,.rsrc,.reloc, iaStor70 [A ] 34. c:\windows\system32\drivers\iastor70.sys Intel Corporation Intel Matrix Storage Manager driver - ia32 .text,.rdata,.data,INIT,.rsrc,.reloc, IntcAzAudAddService [A ] 35. c:\windows\system32\drivers\rtkhdaud.sys Realtek Semiconductor Corp. Realtek(r) High Definition Audio Function Driver .text,CODE,.rdata,.data,.data1,PAGE,INIT,.rsrc,.reloc, MTsensor [A ] 36. c:\windows\system32\drivers\asacpi.sys ATK0110 ACPI Utility .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, mv61xx [A ] 37. c:\windows\system32\drivers\mv61xx.sys Marvell Semiconductor, Inc. Marvell Thor and Odin Windows Driver .text,.rdata,.data,INIT,.rsrc,.reloc, mvSata [A ] 38. c:\windows\system32\drivers\mvsata.sys Marvell Semiconductors Inc. MV88SX50XX/MV88SX60X1 WINDOWS 2000/XP/2003 driver .text,.rdata,.data,INIT,.rsrc,.reloc, nvgts [A ] 39. c:\windows\system32\drivers\nvgts.sys NVIDIA Corporation NVIDIA? nForce(TM) Sata Performance Driver .text,.rdata,.data,INIT,.rsrc,.reloc, nvrd32 [A ] 40. c:\windows\system32\drivers\nvrd32.sys NVIDIA Corporation NVIDIA? nForce(TM) RAID Driver .text,.rdata,.data,PAGE,INIT,DUMPDATA,.rsrc,.reloc, QKeyService [A ] 41. c:\windows\system32\keycrypt.sys Tencent Technology (Shenzhen) Company Limited KeyCrypt .text,.rdata,.data,INIT,.rsrc,.reloc, ql2100 [A ] 42. c:\windows\system32\drivers\ql2100.sys QLogic Corporation Miniport Driver for QLA2100 Adapter .text,.rdata,.data,INIT,.rsrc,.reloc, ql2200 [A ] 43. c:\windows\system32\drivers\ql2200.sys QLogic Corporation Miniport Driver for QLA2200 Adapter .text,.rdata,.data,INIT,.rsrc,.reloc, RfwBase9 [A ] 44. c:\windows\system32\drivers\rfwbase.sys Beijing Rising Information Technology Co., Ltd. rfwbase.sys .text,.rdata,.data,INIT,.rsrc,.reloc, rfwtdi [A ] 45. d:\program files\rising\rfw\rfwtdi.sys Beijing Rising Information Technology Co., Ltd. rfwtdi5.sys .text,.rdata,.data,INIT,.rsrc,.reloc, rr172x [A ] 46. c:\windows\system32\drivers\rr172x.sys HighPoint Technologies, Inc. rr172x Miniport Driver .text,.rdata,.data,INIT,.rsrc,.reloc, rr174x [A ] 47. c:\windows\system32\drivers\rr174x.sys HighPoint Technologies, Inc. rr174x Miniport Driver .text,.rdata,.data,INIT,.rsrc,.reloc, rr2340 [A ] 48. c:\windows\system32\drivers\rr2340.sys HighPoint Technologies, Inc. RR2340 Miniport Driver .text,.rdata,.data,INIT,.rsrc,.reloc, rsfwdrv [A ] 49. d:\program files\rising\rfw\rsfwdrv.sys Beijing Rising Information Technology Co., Ltd. rsfwdrv.sys .text,.rdata,.data,INIT,.rsrc,.reloc, RsNTGDI [A ] 50. c:\windows\system32\drivers\rsntgdi.sys Beijing Rising Information Technology Co., Ltd. RsNTGDI .text,.rdata,INIT,.rsrc,.reloc, Secdrv [A ] 51. c:\windows\system32\drivers\secdrv.sys Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. Macrovision SECURITY Driver .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, SiRemFil [A ] 52. c:\windows\system32\drivers\siremfil.sys Silicon Image, Inc. Filter driver for Silicon Image SATALink controllers. .text,.rdata,PAGE,INIT,.rsrc,.reloc, sisraidx [A ] 53. c:\windows\system32\drivers\sisraidx.sys Silicon Integrated Systems Corp. SiS RAID Miniport Driver .text,.rdata,.data,INIT,.rsrc,.reloc, TesDrvPt [A ] 54. c:\windows\system32\tesdrvpt.sys TENCENT Kernel helper of the Tencent's game trojan killer .text,.rdata,.data,INIT,.rsrc,.reloc, TesSafe [A ] 55. c:\windows\system32\tessafe.sys TENCENT TesSafe NT Driver .text,.rdata,.data,INIT,.rsrc,.tvm, ViBus [A ] 56. c:\windows\system32\drivers\vibus.sys VIA Technologies, Inc. VIA SATA IDE Driver .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, videX32 [A ] 57. c:\windows\system32\drivers\videx32.sys VIA Technologies, Inc. VIA Generic PCI IDE Bus Driver .text,.rdata,.data,INIT,.rsrc,.reloc, ViPrt [A ] 58. c:\windows\system32\drivers\viprt.sys VIA Technologies, Inc. VIA SATA IDE Driver .text,.rdata,.data,INIT,.rsrc,.reloc, xfilt [A ] 59. c:\windows\system32\drivers\xfilt.sys VIA Technologies,Inc ATA/ATAPI devices hot-plug monitor .text,.rdata,.data,INIT,.rsrc,.reloc, + 系统登陆自运行 + HKCU\Control Panel\Desktop Scrnsave.exe [A ] 60. c:\windows\system32\夜光时钟.scr UPX0,UPX1,.rsrc, + IE浏览器加载模块 + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects {00000000-12C9-4305-82F9-43058F20E8D2} [AM] 61. c:\program files\tencent\qqdownload\qqiehelper01.dll 腾讯公司 超级旋风下载组件 .text,.rdata,.data,.rsrc,.reloc, {01443AEC-0FD1-40fd-9C87-E93D1494C233} [AM] 62. c:\program files\thunder\comdlls\tdatonce_now.dll Thunder Networking Technologies,LTD 迅雷浏览器高级特性支持模块 .text,.rdata,.data,.rsrc,.reloc, {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} [AM] 63. d:\program files\bitcomet\tools\bitcometbho_1.2.8.7.dll BitComet BitCometBHO .text,.rdata,.data,.rsrc,.reloc, {889D2FEB-5411-4565-8998-1DD2C5261283} [AM] 64. c:\program files\thunder\comdlls\xunleibho_now.dll Thunder Networking Technologies,LTD XunLeiBHO .text,.rdata,.data,.rsrc,.reloc, {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [AM] 65. c:\windows\system32\urlfilter.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware UrlFilter Module .text,.rdata,.data,.rsrc,.reloc, {A33B53E3-404C-481D-8F9C-33E416E9D865} [AM] 66. c:\program files\internet explorer\fzsketnt.ps2 CODE,DATA,BSS,.idata,.edata,.reloc,.rsrc, + HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions Exec [A ] 67. f:\program files\thunder network\thunder\thunder.exe Thunder Networking Technologies,LTD .text,.rdata,.data,.rsrc, + 资源管理器加载模块 + HKLM\SOFTWARE\Classes\PROTOCOLS\Filter text/xml [A ] 68. c:\program files\common files\microsoft shared\office11\msoxmlmf.dll Microsoft Corporation Microsoft Office XML MIME Filter .text,.data,.cdata,.rsrc,.reloc, + HKLM\SOFTWARE\Classes\PROTOCOLS\Handler KuGoo [A ] 69. c:\windows\system32\kugoo3downxcontrol.ocx 酷狗 酷狗音乐控件 .text,.itext,.data,.bss,.idata,.edata,.reloc,.rsrc, KuGoo3 [A ] 69. c:\windows\system32\kugoo3downxcontrol.ocx 酷狗 酷狗音乐控件 .text,.itext,.data,.bss,.idata,.edata,.reloc,.rsrc, + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved HyperTerminal Icon Ext [A ] 70. c:\windows\system32\hticons.dll Hilgraeve, Inc. HyperTerminal Applet Library .text,.data,.rsrc,.reloc, WinRAR shell extension [A ] 71. c:\program files\winrar\rarext.dll .text,.data,.tls,.idata,.edata,.rsrc,.reloc, Microsoft Office HTML Icon Handler [AM] 72. c:\program files\microsoft office\office11\msohev.dll Microsoft Corporation Microsoft Office 2003 component .text,.data,.rsrc,.reloc, Web Folders [A ] 73. c:\program files\common files\microsoft shared\web folders\msonsext.dll Microsoft Corporation Microsoft Web Folders .text,.data,.rsrc,.reloc, Portable Media Devices [A ] 74. c:\windows\system32\audiodev.dll Microsoft Corporation 便携媒体设备命令行解释器扩展 .text,.data,.rsrc,.reloc, Portable Media Devices Menu [A ] 74. c:\windows\system32\audiodev.dll Microsoft Corporation 便携媒体设备命令行解释器扩展 .text,.data,.rsrc,.reloc, NvCpl DesktopContext Class [A ] 75. c:\windows\system32\nvcpl.dll NVIDIA Corporation NVIDIA Display Properties Extension .text,.orpc,.rdata,.data,CONST,.rsrc,.reloc, Play on my TV helper [A ] 75. c:\windows\system32\nvcpl.dll NVIDIA Corporation NVIDIA Display Properties Extension .text,.orpc,.rdata,.data,CONST,.rsrc,.reloc, Desktop Explorer [A ] 76. c:\windows\system32\nvshell.dll .text,.rdata,.data,.idata,.shared,.rsrc,.reloc, Desktop Explorer Menu [A ] 76. c:\windows\system32\nvshell.dll .text,.rdata,.data,.idata,.shared,.rsrc,.reloc, nView Desktop Context Menu [A ] 76. c:\windows\system32\nvshell.dll .text,.rdata,.data,.idata,.shared,.rsrc,.reloc, RISING [AM] 77. c:\windows\system32\ravext.dll Beijing Rising Information Technology Co., Ltd. Rising Shell Ext Module .text,.rdata,.data,.rsrc,.reloc, + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks {32CD708B-60A7-4C00-9377-D73EAA495F0F} [AM] 77. c:\windows\system32\ravext.dll Beijing Rising Information Technology Co., Ltd. Rising Shell Ext Module .text,.rdata,.data,.rsrc,.reloc, {D499AD8C-CF64-4660-BCD9-AF3CE2FF0EBA} [AM] 78. c:\windows\system32\dkppadoc.dll .text,.rdata,.data,.reloc, {806F3D19-1332-44B2-A668-3F9117E70309} [AM] 79. c:\windows\system32\ogmfjdhp.dll .text,.rdata,.data,.reloc, {8A40FEA5-04C8-43FD-BE31-A4DC75A10452} [AM] 80. c:\windows\system32\oakgfeal.dll .text,.rdata,.data,.reloc, {F81C390C-B9BC-411F-A6C0-81C11C3F69A9} [AM] 81. c:\windows\system32\fohcjpgc.dll .text,.rdata,.data,.reloc, {B75DCA3C-5226-4143-8E2D-0DBB0618F82B} [AM] 82. c:\windows\system32\bnldcajc.dll .text,.rdata,.data,.reloc, {FEAE7430-73FC-4854-896C-86A67684D547} [AM] 83. c:\windows\system32\feaenkjg.dll .text,.rdata,.data,.reloc, {722B1E9E-283E-4DC3-9F1F-A14CF338EBA8} [AM] 84. c:\windows\system32\niibhepe.dll .text,.rdata,.data,.reloc, {4A1E8661-C282-494A-9DC8-7D20F3DE06B7} [AM] 85. c:\windows\system32\kaheommh.dll .text,.rdata,.data,.reloc, {4922A4C3-FD79-4FC5-BDE7-9F9788C9AED3} [AM] 86. c:\windows\system32\kpiiakcj.dll .text,.rdata,.data,.reloc, {E7AE9805-145B-4639-B98D-DAF1E74EEB2B} [AM] 87. c:\windows\system32\enaepogl.dll .text,.rdata,.data,.reloc, {774E0630-1153-458E-93CC-76F842F87FBB} [AM] 88. c:\windows\system32\nnkegmjg.dll .text,.rdata,.data,.reloc, {A33B53E3-404C-481D-8F9C-33E416E9D865} [AM] 66. c:\program files\internet explorer\fzsketnt.ps2 CODE,DATA,BSS,.idata,.edata,.reloc,.rsrc, {7ADC2AB1-5C6A-4178-82DA-94863354AF7C} [AM] 89. c:\program files\common files\microsoft shared\msinfo\cc_system.sys CODE,DATA,BSS,.idata,.edata,.reloc,.rsrc, {840C5E64-E666-4AFB-AA26-F943623F2347} [AM] 90. c:\windows\system32\okgclemk.dll .text,.rdata,.data,.reloc, {A74D411D-78D7-4A0F-AB87-7F9F82BA4374} [AM] 91. c:\windows\system32\ankdkhhd.dll .text,.rdata,.data,.reloc, {3388D6C5-689A-4019-8CC6-F7DDE4891B0E} [AM] 92. c:\windows\system32\jjoodmcl.dll .text,.rdata,.data,.reloc, {6E1434D6-3FBC-4D7A-83E2-2BE67FE2B478} [AM] 93. c:\windows\system32\mehkjkdm.dll .text,.rdata,.data,.reloc, + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad D499AD8C [AM] 78. c:\windows\system32\dkppadoc.dll .text,.rdata,.data,.reloc, 806F3D19 [AM] 79. c:\windows\system32\ogmfjdhp.dll .text,.rdata,.data,.reloc, 8A40FEA5 [AM] 80. c:\windows\system32\oakgfeal.dll .text,.rdata,.data,.reloc, F81C390C [AM] 81. c:\windows\system32\fohcjpgc.dll .text,.rdata,.data,.reloc, B75DCA3C [AM] 82. c:\windows\system32\bnldcajc.dll .text,.rdata,.data,.reloc, FEAE7430 [AM] 83. c:\windows\system32\feaenkjg.dll .text,.rdata,.data,.reloc, 722B1E9E [AM] 84. c:\windows\system32\niibhepe.dll .text,.rdata,.data,.reloc, 4A1E8661 [AM] 85. c:\windows\system32\kaheommh.dll .text,.rdata,.data,.reloc, 4922A4C3 [AM] 86. c:\windows\system32\kpiiakcj.dll .text,.rdata,.data,.reloc, E7AE9805 [AM] 87. c:\windows\system32\enaepogl.dll .text,.rdata,.data,.reloc, 774E0630 [AM] 88. c:\windows\system32\nnkegmjg.dll .text,.rdata,.data,.reloc, 840C5E64 [AM] 90. c:\windows\system32\okgclemk.dll .text,.rdata,.data,.reloc, A74D411D [AM] 91. c:\windows\system32\ankdkhhd.dll .text,.rdata,.data,.reloc, 3388D6C5 [AM] 92. c:\windows\system32\jjoodmcl.dll .text,.rdata,.data,.reloc, 6E1434D6 [AM] 93. c:\windows\system32\mehkjkdm.dll .text,.rdata,.data,.reloc, + 用户登陆自运行项目 + HKLM\Software\Microsoft\Windows\CurrentVersion\Run RTHDCPL [AM] 94. c:\windows\rthdcpl.exe Realtek Semiconductor Corp. Realtek HD Audio Control Panel .text,.data,.tls,.rdata,.idata,.edata,.rsrc,.reloc, Alcmtr [A ] 95. c:\windows\alcmtr.exe Realtek Semiconductor Corp. Realtek Azalia Audio - Event Monitor .text,.rdata,.data,.rsrc, nwiz [A ] 96. c:\windows\system32\nwiz.exe .text,.rdata,.data,.rsrc, runeip [A ] 97. c:\program files\rising\antispyware\rstray.exe Beijing Rising Information Technology Co., Ltd. RSTray .text,.rdata,.data,.rsrc, RavTray [A ] 98. d:\program files\rising\rav\rstray.exe Beijing Rising Information Technology Co., Ltd. Rising tray framework .text,.rdata,.data,.rsrc, RFWTray [A ] 99. d:\program files\rising\rfw\rstray.exe Beijing Rising Information Technology Co., Ltd. Rising tray framework .text,.rdata,.data,.rsrc, HBService32 [AM] 100. c:\windows\system32\system.exe HB Software HB Inject Application Version 1.2.1.1007 .text,.rdata,.data,.rsrc, + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce KKDelay [A ] 101. c:\program files\rising\antispyware\runonce.exe Beijing Rising Information Technology Co., Ltd. RunOnce Application .text,.rdata,.data,.rsrc, + 开机执行 + HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order BootExecute [A ] 102. c:\windows\system32\bsmain.exe Beijing Rising Information Technology Co., Ltd. Rising Antivirus 2008 .text,.rdata,.data,.rsrc,.reloc, [A ] 103. c:\windows\system32\kknative.exe Beijing Rising Information Technology Co., Ltd. NativeAp .text,.data,.rsrc,.reloc, + 映像劫持 + HKCR\.html htmlfile\Edit\Command [A ] 104. c:\program files\microsoft office\office11\msohtmed.exe Microsoft Corporation Microsoft Office 2003 component .text,.data,.cdata,.rsrc, htmlfile\Print\Command [A ] 104. c:\program files\microsoft office\office11\msohtmed.exe Microsoft Corporation Microsoft Office 2003 component .text,.data,.cdata,.rsrc, + HKCR\.htm htmlfile\Edit\Command [A ] 104. c:\program files\microsoft office\office11\msohtmed.exe Microsoft Corporation Microsoft Office 2003 component .text,.data,.cdata,.rsrc, htmlfile\Print\Command [A ] 104. c:\program files\microsoft office\office11\msohtmed.exe Microsoft Corporation Microsoft Office 2003 component .text,.data,.cdata,.rsrc, + HKCR\.mp3 KuGoo.MP3\Open\Command [A ] 105. d:\program files\kugou\kugou2008\kugoo.exe 酷狗音乐 酷狗音乐2008 .text,.itext,.data,.bss,.idata,.tls,.rdata,.reloc,.rsrc, KuGoo.MP3\PlayList\Command [A ] 105. d:\program files\kugou\kugou2008\kugoo.exe 酷狗音乐 酷狗音乐2008 .text,.itext,.data,.bss,.idata,.tls,.rdata,.reloc,.rsrc, + 程序初始化和已知动态连接库 + HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows AppInit_DLLs [AM] 79. c:\windows\system32\ogmfjdhp.dll .text,.rdata,.data,.reloc, [AM] 78. c:\windows\system32\dkppadoc.dll .text,.rdata,.data,.reloc, [AM] 90. c:\windows\system32\okgclemk.dll .text,.rdata,.data,.reloc, [AM] 88. c:\windows\system32\nnkegmjg.dll .text,.rdata,.data,.reloc, [AM] 87. c:\windows\system32\enaepogl.dll .text,.rdata,.data,.reloc, [AM] 86. c:\windows\system32\kpiiakcj.dll .text,.rdata,.data,.reloc, [AM] 85. c:\windows\system32\kaheommh.dll .text,.rdata,.data,.reloc, [AM] 84. c:\windows\system32\niibhepe.dll .text,.rdata,.data,.reloc, [AM] 83. c:\windows\system32\feaenkjg.dll .text,.rdata,.data,.reloc, [AM] 82. c:\windows\system32\bnldcajc.dll .text,.rdata,.data,.reloc, [AM] 81. c:\windows\system32\fohcjpgc.dll .text,.rdata,.data,.reloc, [AM] 80. c:\windows\system32\oakgfeal.dll .text,.rdata,.data,.reloc, [AM] 91. c:\windows\system32\ankdkhhd.dll .text,.rdata,.data,.reloc, [AM] 92. c:\windows\system32\jjoodmcl.dll .text,.rdata,.data,.reloc, [AM] 106. c:\windows\system32\hbmhly.dll .text,.bss,.rdata,.data,.reloc, [AM] 107. c:\windows\system32\hbkdxy.dll .text,.rdata,.data,.reloc, [AM] 108. c:\windows\system32\hbasktao.dll .text,.rdata,.data,.reloc, [AM] 109. c:\windows\system32\hbzhuxian.dll .text,.rdata,.data,.reloc, [AM] 110. c:\windows\system32\hbchibi.dll .text,.rdata,.data,.reloc, [AM] 93. c:\windows\system32\mehkjkdm.dll .text,.rdata,.data,.reloc, + 其他自启动项目 + C:\WINDOWS\Tasks SogouImeMgr.job [A ] 111. c:\program files\sogouinput\3.6.0.1653\pinyinrepair.exe Sogou.com Inc. 搜狗拼音输入法 输入法修复程序 .text,.rdata,.data,.rsrc, + 正在运行的进程 + 000000f8(248) rsnetsvr.exe 00400000[00079000] [ M] 112. d:\program files\rising\rav\rsnetsvr.exe Beijing Rising Information Technology Co., Ltd. rsnetsvr .text,.rdata,.data,.rsrc, 10000000[00030000] [ M] 113. d:\program files\rising\rav\ncomm.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 00380000[00019000] [ M] 114. d:\program files\rising\rav\syslay.dll Beijing Rising Information Technology Co., Ltd. Syslay .text,.rdata,.data,.rsrc,.reloc, 60000000[00074000] [ M] 115. c:\windows\system32\kmon.dll Beijing Rising Information Technology Co., Ltd. KaKa Monitors .text,.rdata,.data,.rsrc,.reloc, 00A60000[0000A000] [AM] 78. c:\windows\system32\dkppadoc.dll .text,.rdata,.data,.reloc, 00AB0000[00009000] [AM] 79. c:\windows\system32\ogmfjdhp.dll .text,.rdata,.data,.reloc, 00AC0000[00009000] [AM] 106. c:\windows\system32\hbmhly.dll .text,.bss,.rdata,.data,.reloc, 00AD0000[00006000] [AM] 110. c:\windows\system32\hbchibi.dll .text,.rdata,.data,.reloc, 00AE0000[0000A000] [AM] 80. c:\windows\system32\oakgfeal.dll .text,.rdata,.data,.reloc, 00AF0000[00009000] [AM] 81. c:\windows\system32\fohcjpgc.dll .text,.rdata,.data,.reloc, 00B00000[00009000] [AM] 82. c:\windows\system32\bnldcajc.dll .text,.rdata,.data,.reloc, 00B10000[0003C000] [AM] 83. c:\windows\system32\feaenkjg.dll .text,.rdata,.data,.reloc, 00B50000[00009000] [AM] 84. c:\windows\system32\niibhepe.dll .text,.rdata,.data,.reloc, 00B60000[00009000] [AM] 85. c:\windows\system32\kaheommh.dll .text,.rdata,.data,.reloc, 00B70000[00006000] [AM] 109. c:\windows\system32\hbzhuxian.dll .text,.rdata,.data,.reloc, 00B80000[00006000] [AM] 108. c:\windows\system32\hbasktao.dll .text,.rdata,.data,.reloc, 00B90000[0000A000] [AM] 86. c:\windows\system32\kpiiakcj.dll .text,.rdata,.data,.reloc, 00BA0000[00009000] [AM] 87. c:\windows\system32\enaepogl.dll .text,.rdata,.data,.reloc, 00BB0000[00006000] [AM] 107. c:\windows\system32\hbkdxy.dll .text,.rdata,.data,.reloc, 00BC0000[0003C000] [AM] 88. c:\windows\system32\nnkegmjg.dll .text,.rdata,.data,.reloc, 00C00000[0000A000] [AM] 90. c:\windows\system32\okgclemk.dll .text,.rdata,.data,.reloc, 00C70000[0002E000] [ M] 116. d:\program files\rising\rav\comx3.dll Beijing Rising Information Technology Co., Ltd. comx3 Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00FF0000[00010000] [ M] 117. d:\program files\rising\rav\proccomm.dll Beijing Rising Information Technology Co., Ltd. ProcComm Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 7C340000[00056000] [ M] 118. c:\windows\system32\msvcr71.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 7C3A0000[0007B000] [ M] 119. c:\windows\system32\msvcp71.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, + 000001f4(500) Explorer.EXE 60000000[00074000] [ M] 115. c:\windows\system32\kmon.dll Beijing Rising Information Technology Co., Ltd. KaKa Monitors .text,.rdata,.data,.rsrc,.reloc, 10000000[0000A000] [AM] 78. c:\windows\system32\dkppadoc.dll .text,.rdata,.data,.reloc, 003F0000[00009000] [AM] 79. c:\windows\system32\ogmfjdhp.dll .text,.rdata,.data,.reloc, 009C0000[00009000] [AM] 106. c:\windows\system32\hbmhly.dll .text,.bss,.rdata,.data,.reloc, 009D0000[00006000] [AM] 110. c:\windows\system32\hbchibi.dll .text,.rdata,.data,.reloc, 009E0000[0000A000] [AM] 80. c:\windows\system32\oakgfeal.dll .text,.rdata,.data,.reloc, 009F0000[00009000] [AM] 81. c:\windows\system32\fohcjpgc.dll .text,.rdata,.data,.reloc, 00A00000[00009000] [AM] 82. c:\windows\system32\bnldcajc.dll .text,.rdata,.data,.reloc, 00A10000[0003C000] [AM] 83. c:\windows\system32\feaenkjg.dll .text,.rdata,.data,.reloc, 00A50000[00009000] [AM] 84. c:\windows\system32\niibhepe.dll .text,.rdata,.data,.reloc, 00A60000[00009000] [AM] 85. c:\windows\system32\kaheommh.dll .text,.rdata,.data,.reloc, 00A70000[00006000] [AM] 109. c:\windows\system32\hbzhuxian.dll .text,.rdata,.data,.reloc, 00A80000[00006000] [AM] 108. c:\windows\system32\hbasktao.dll .text,.rdata,.data,.reloc, 00A90000[0000A000] [AM] 86. c:\windows\system32\kpiiakcj.dll .text,.rdata,.data,.reloc, 00AA0000[00009000] [AM] 87. c:\windows\system32\enaepogl.dll .text,.rdata,.data,.reloc, 00AB0000[00006000] [AM] 107. c:\windows\system32\hbkdxy.dll .text,.rdata,.data,.reloc, 00AC0000[0003C000] [AM] 88. c:\windows\system32\nnkegmjg.dll .text,.rdata,.data,.reloc, 00B00000[0000A000] [AM] 90. c:\windows\system32\okgclemk.dll .text,.rdata,.data,.reloc, 00F50000[0003E000] [ M] 120. c:\documents and settings\administrator\application data\ppstream\bin\1.0.0.2\vodrc.dll ppstream.com vodrc .text,.rdata,.data,.rsrc,.reloc, 00FB0000[00024000] [AM] 77. c:\windows\system32\ravext.dll Beijing Rising Information Technology Co., Ltd. Rising Shell Ext Module .text,.rdata,.data,.rsrc,.reloc, 01390000[0000D000] [AM] 89. c:\program files\common files\microsoft shared\msinfo\cc_system.sys CODE,DATA,BSS,.idata,.edata,.reloc,.rsrc, 014E0000[00016000] [AM] 66. c:\program files\internet explorer\fzsketnt.ps2 CODE,DATA,BSS,.idata,.edata,.reloc,.rsrc, 72C80000[00008000] [ M] 121. c:\windows\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, 00E50000[0000A000] [AM] 91. c:\windows\system32\ankdkhhd.dll .text,.rdata,.data,.reloc, 00E60000[00009000] [AM] 92. c:\windows\system32\jjoodmcl.dll .text,.rdata,.data,.reloc, 00EB0000[0000A000] [AM] 93. c:\windows\system32\mehkjkdm.dll .text,.rdata,.data,.reloc, + 00000260(608) smss.exe + 0000028c(652) RsMain.exe 00400000[00010000] [ M] 122. d:\program files\rising\rfw\rsmain.exe Beijing Rising Information Technology Co., Ltd. Rising RsShell .text,.rdata,.data,.rsrc, 7C340000[00056000] [ M] 118. c:\windows\system32\msvcr71.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 60000000[00074000] [ M] 115. c:\windows\system32\kmon.dll Beijing Rising Information Technology Co., Ltd. KaKa Monitors .text,.rdata,.data,.rsrc,.reloc, 10000000[00009000] [AM] 106. c:\windows\system32\hbmhly.dll .text,.bss,.rdata,.data,.reloc, 00A90000[00016000] [AM] 66. c:\program files\internet explorer\fzsketnt.ps2 CODE,DATA,BSS,.idata,.edata,.reloc,.rsrc, 00AC0000[0000A000] [AM] 90. c:\windows\system32\okgclemk.dll .text,.rdata,.data,.reloc, 00BF0000[0003C000] [AM] 88. c:\windows\system32\nnkegmjg.dll .text,.rdata,.data,.reloc, 00AD0000[00009000] [AM] 87. c:\windows\system32\enaepogl.dll .text,.rdata,.data,.reloc, 00C30000[0000A000] [AM] 86. c:\windows\system32\kpiiakcj.dll .text,.rdata,.data,.reloc, 00C40000[00009000] [AM] 85. c:\windows\system32\kaheommh.dll .text,.rdata,.data,.reloc, 00C50000[00009000] [AM] 84. c:\windows\system32\niibhepe.dll .text,.rdata,.data,.reloc, 00C60000[0003C000] [AM] 83. c:\windows\system32\feaenkjg.dll .text,.rdata,.data,.reloc, 00CA0000[00009000] [AM] 82. c:\windows\system32\bnldcajc.dll .text,.rdata,.data,.reloc, 00CB0000[00009000] [AM] 81. c:\windows\system32\fohcjpgc.dll .text,.rdata,.data,.reloc, 00CC0000[0000A000] [AM] 80. c:\windows\system32\oakgfeal.dll .text,.rdata,.data,.reloc, 00CD0000[00009000] [AM] 79. c:\windows\system32\ogmfjdhp.dll .text,.rdata,.data,.reloc, 00CE0000[0000A000] [AM] 78. c:\windows\system32\dkppadoc.dll .text,.rdata,.data,.reloc, 00CF0000[00032000] [ M] 123. d:\program files\rising\rfw\rspalmgr.dll Beijing Rising Information Technology Co., Ltd. rspalmgr Program .text,.rdata,.data,.rsrc,.reloc, 00D30000[00019000] [ M] 124. d:\program files\rising\rfw\syslay.dll Beijing Rising Information Technology Co., Ltd. Syslay .text,.rdata,.data,.rsrc,.reloc, 23800000[00025000] [ M] 125. d:\program files\rising\rfw\rsxml.dll Beijing Rising Information Technology Co., Ltd. RsXML .text,.rdata,.data,.rsrc,.reloc, 7C3A0000[0007B000] [ M] 119. c:\windows\system32\msvcp71.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 26600000[000C3000] [ M] 126. d:\program files\rising\rfw\rsguilib.dll Beijing Rising Information Technology Co., Ltd. Rising GUI Library Loader .text,.rdata,.data,.rsrc,.reloc, 7C140000[00103000] [ M] 127. c:\windows\system32\mfc71.dll Microsoft Corporation MFCDLL Shared Library - Retail Version .text,.data,.rsrc,.reloc, 00F30000[0000C000] [ M] 128. d:\program files\rising\rfw\rfwrule.dll Beijing Rising Information Technology Co., Ltd. TODO: .text,.rdata,.data,.rsrc,.reloc, 23700000[00023000] [ M] 129. d:\program files\rising\rfw\rslang.dll Beijing Rising Information Technology Co., Ltd. Rising Common Function Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 33000000[00025000] [ M] 130. d:\program files\rising\rfw\ravbintl.dll Beijing Rising Information Technology Co., Ltd. ravbintl Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00F60000[00013000] [ M] 131. d:\program files\rising\rfw\monstate.dll Beijing Rising Information Technology Co., Ltd. MonState .text,.rdata,.data,.rsrc,.reloc, 34000000[00025000] [ M] 132. d:\program files\rising\rfw\ravbmenu.dll Beijing Rising Information Technology Co., Ltd. ravbmenu Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00FA0000[00017000] [ M] 133. d:\program files\rising\rfw\rsconf.dll Beijing Rising Information Technology Co., Ltd. rsconf Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00FD0000[0002F000] [ M] 134. d:\program files\rising\rfw\rspalvd.dll Beijing Rising Information Technology Co., Ltd. rspalvd .text,.rdata,.data,.rsrc,.reloc, 01010000[00064000] [ M] 135. d:\program files\rising\rfw\rfwlog.dll Beijing Rising Information Technology Co., Ltd. rfwlog Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 011A0000[00010000] [ M] 136. d:\program files\rising\rfw\proccomm.dll Beijing Rising Information Technology Co., Ltd. ProcComm Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 013B0000[000A8000] [ M] 137. d:\program files\rising\rfw\rfw.dll Beijing Rising Information Technology Co., Ltd. rfw Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01480000[0000E000] [ M] 138. d:\program files\rising\rfw\rsappmgr.dll Beijing Rising Information Technology Co., Ltd. Rising Application Manager .text,.rdata,.data,.rsrc,.reloc, 014A0000[00031000] [ M] 139. d:\program files\rising\rfw\cfgdll.dll Beijing Rising Information Technology Co., Ltd. CfgDll .text,.rdata,.data,.rsrc,.reloc, 23900000[00040000] [ M] 140. d:\program files\rising\rfw\pngdll.dll Beijing Rising Information Technology Co., Ltd. Rising .Png File Loader Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 02090000[00024000] [AM] 77. c:\windows\system32\ravext.dll Beijing Rising Information Technology Co., Ltd. Rising Shell Ext Module .text,.rdata,.data,.rsrc,.reloc, 020F0000[0002E000] [ M] 141. d:\program files\rising\rfw\comx3.dll Beijing Rising Information Technology Co., Ltd. comx3 Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 02C10000[0001B000] [ M] 142. d:\program files\rising\rfw\mports.dll Beijing Rising Information Technology Co., Ltd. get ports list .text,.rdata,.data,.rsrc,.reloc, 02E90000[0000A000] [AM] 91. c:\windows\system32\ankdkhhd.dll .text,.rdata,.data,.reloc, 02EA0000[00009000] [AM] 92. c:\windows\system32\jjoodmcl.dll .text,.rdata,.data,.reloc, 02FC0000[00006000] [AM] 110. c:\windows\system32\hbchibi.dll .text,.rdata,.data,.reloc, 02FD0000[00006000] [AM] 109. c:\windows\system32\hbzhuxian.dll .text,.rdata,.data,.reloc, 02FE0000[00006000] [AM] 108. c:\windows\system32\hbasktao.dll .text,.rdata,.data,.reloc, 02FF0000[00006000] [AM] 107. c:\windows\system32\hbkdxy.dll .text,.rdata,.data,.reloc, 03020000[0000A000] [AM] 93. c:\windows\system32\mehkjkdm.dll .text,.rdata,.data,.reloc, 01D00000[00067000] [ M] 143. d:\program files\rising\rfw\rsnetsvr.dll Beijing Rising Information Technology Co., Ltd. rsnetsvr .text,.rdata,.data,.rsrc,.reloc, + 000002d0(720) conime.exe 60000000[00074000] [ M] 115. c:\windows\system32\kmon.dll Beijing Rising Information Technology Co., Ltd. KaKa Monitors .text,.rdata,.data,.rsrc,.reloc, 10000000[00009000] [AM] 106. c:\windows\system32\hbmhly.dll .text,.bss,.rdata,.data,.reloc, 00AB0000[00009000] [AM] 81. c:\windows\system32\fohcjpgc.dll .text,.rdata,.data,.reloc, 00AD0000[0000A000] [AM] 80. c:\windows\system32\oakgfeal.dll .text,.rdata,.data,.reloc, 00AF0000[00009000] [AM] 79. c:\windows\system32\ogmfjdhp.dll .text,.rdata,.data,.reloc, 00B00000[0000A000] [AM] 78. c:\windows\system32\dkppadoc.dll .text,.rdata,.data,.reloc, 00B20000[00009000] [AM] 82. c:\windows\system32\bnldcajc.dll .text,.rdata,.data,.reloc, 00B30000[0003C000] [AM] 83. c:\windows\system32\feaenkjg.dll .text,.rdata,.data,.reloc, 00B70000[00009000] [AM] 84. c:\windows\system32\niibhepe.dll .text,.rdata,.data,.reloc, 00B80000[00009000] [AM] 85. c:\windows\system32\kaheommh.dll .text,.rdata,.data,.reloc, 00B90000[0000A000] [AM] 86. c:\windows\system32\kpiiakcj.dll .text,.rdata,.data,.reloc, 00BA0000[00009000] [AM] 87. c:\windows\system32\enaepogl.dll .text,.rdata,.data,.reloc, 00BB0000[0003C000] [AM] 88. c:\windows\system32\nnkegmjg.dll .text,.rdata,.data,.reloc, 00BF0000[0000A000] [AM] 90. c:\windows\system32\okgclemk.dll .text,.rdata,.data,.reloc, 00C00000[00016000] [AM] 66. c:\program files\internet explorer\fzsketnt.ps2 CODE,DATA,BSS,.idata,.edata,.reloc,.rsrc, 00D20000[0000A000] [AM] 91. c:\windows\system32\ankdkhhd.dll .text,.rdata,.data,.reloc, 00D30000[00009000] [AM] 92. c:\windows\system32\jjoodmcl.dll .text,.rdata,.data,.reloc, 00D50000[0000A000] [AM] 93. c:\windows\system32\mehkjkdm.dll .text,.rdata,.data,.reloc, + 000003fc(1020) csrss.exe 10000000[0001E000] [ M] 144. c:\windows\system32\csrss.dll .bss,.data,.rsrc,.reloc, 20000000[0401F000] [ M] 145. c:\windows\system32\sh05015.dll .bss,.data,.shared,.reloc, + 00000414(1044) winlogon.exe 10000000[0000A000] [AM] 78. c:\windows\system32\dkppadoc.dll .text,.rdata,.data,.reloc, 004D0000[00009000] [AM] 79. c:\windows\system32\ogmfjdhp.dll .text,.rdata,.data,.reloc, 004F0000[00009000] [AM] 106. c:\windows\system32\hbmhly.dll .text,.bss,.rdata,.data,.reloc, 00500000[00006000] [AM] 110. c:\windows\system32\hbchibi.dll .text,.rdata,.data,.reloc, 00510000[0000A000] [AM] 80. c:\windows\system32\oakgfeal.dll .text,.rdata,.data,.reloc, 00520000[00009000] [AM] 81. c:\windows\system32\fohcjpgc.dll .text,.rdata,.data,.reloc, 00530000[00009000] [AM] 82. c:\windows\system32\bnldcajc.dll .text,.rdata,.data,.reloc, 00580000[0003C000] [AM] 83. c:\windows\system32\feaenkjg.dll .text,.rdata,.data,.reloc, 00540000[00009000] [AM] 84. c:\windows\system32\niibhepe.dll .text,.rdata,.data,.reloc, 00550000[00009000] [AM] 85. c:\windows\system32\kaheommh.dll .text,.rdata,.data,.reloc, 00560000[00006000] [AM] 109. c:\windows\system32\hbzhuxian.dll .text,.rdata,.data,.reloc, 005C0000[00006000] [AM] 108. c:\windows\system32\hbasktao.dll .text,.rdata,.data,.reloc, 005D0000[0000A000] [AM] 86. c:\windows\system32\kpiiakcj.dll .text,.rdata,.data,.reloc, 005E0000[00009000] [AM] 87. c:\windows\system32\enaepogl.dll .text,.rdata,.data,.reloc, 005F0000[00006000] [AM] 107. c:\windows\system32\hbkdxy.dll .text,.rdata,.data,.reloc, 00600000[0003C000] [AM] 88. c:\windows\system32\nnkegmjg.dll .text,.rdata,.data,.reloc, 00640000[0000A000] [AM] 90. c:\windows\system32\okgclemk.dll .text,.rdata,.data,.reloc, 72C80000[00008000] [ M] 121. c:\windows\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, + 00000440(1088) services.exe 10000000[0000A000] [AM] 78. c:\windows\system32\dkppadoc.dll .text,.rdata,.data,.reloc, 003D0000[00009000] [AM] 79. c:\windows\system32\ogmfjdhp.dll .text,.rdata,.data,.reloc, 00630000[00009000] [AM] 106. c:\windows\system32\hbmhly.dll .text,.bss,.rdata,.data,.reloc, 00640000[00006000] [AM] 110. c:\windows\system32\hbchibi.dll .text,.rdata,.data,.reloc, 00650000[0000A000] [AM] 80. c:\windows\system32\oakgfeal.dll .text,.rdata,.data,.reloc, 00660000[00009000] [AM] 81. c:\windows\system32\fohcjpgc.dll .text,.rdata,.data,.reloc, 00670000[00009000] [AM] 82. c:\windows\system32\bnldcajc.dll .text,.rdata,.data,.reloc, 00680000[0003C000] [AM] 83. c:\windows\system32\feaenkjg.dll .text,.rdata,.data,.reloc, 006C0000[00009000] [AM] 84. c:\windows\system32\niibhepe.dll .text,.rdata,.data,.reloc, 006D0000[00009000] [AM] 85. c:\windows\system32\kaheommh.dll .text,.rdata,.data,.reloc, 006E0000[00006000] [AM] 109. c:\windows\system32\hbzhuxian.dll .text,.rdata,.data,.reloc, 006F0000[00006000] [AM] 108. c:\windows\system32\hbasktao.dll .text,.rdata,.data,.reloc, 00700000[0000A000] [AM] 86. c:\windows\system32\kpiiakcj.dll .text,.rdata,.data,.reloc, 00710000[00009000] [AM] 87. c:\windows\system32\enaepogl.dll .text,.rdata,.data,.reloc, 00720000[00006000] [AM] 107. c:\windows\system32\hbkdxy.dll .text,.rdata,.data,.reloc, 00730000[0003C000] [AM] 88. c:\windows\system32\nnkegmjg.dll .text,.rdata,.data,.reloc, 00770000[0000A000] [AM] 90. c:\windows\system32\okgclemk.dll .text,.rdata,.data,.reloc, + 0000044c(1100) lsass.exe 10000000[0000A000] [AM] 78. c:\windows\system32\dkppadoc.dll .text,.rdata,.data,.reloc, 003D0000[00009000] [AM] 79. c:\windows\system32\ogmfjdhp.dll .text,.rdata,.data,.reloc, 006F0000[00009000] [AM] 106. c:\windows\system32\hbmhly.dll .text,.bss,.rdata,.data,.reloc, 00700000[00006000] [AM] 110. c:\windows\system32\hbchibi.dll .text,.rdata,.data,.reloc, 00710000[0000A000] [AM] 80. c:\windows\system32\oakgfeal.dll .text,.rdata,.data,.reloc, 00720000[00009000] [AM] 81. c:\windows\system32\fohcjpgc.dll .text,.rdata,.data,.reloc, 00730000[00009000] [AM] 82. c:\windows\system32\bnldcajc.dll .text,.rdata,.data,.reloc, 00740000[0003C000] [AM] 83. c:\windows\system32\feaenkjg.dll .text,.rdata,.data,.reloc, 00780000[00009000] [AM] 84. c:\windows\system32\niibhepe.dll .text,.rdata,.data,.reloc, 00790000[00009000] [AM] 85. c:\windows\system32\kaheommh.dll .text,.rdata,.data,.reloc, 007A0000[00006000] [AM] 109. c:\windows\system32\hbzhuxian.dll .text,.rdata,.data,.reloc, 007B0000[00006000] [AM] 108. c:\windows\system32\hbasktao.dll .text,.rdata,.data,.reloc, 007C0000[0000A000] [AM] 86. c:\windows\system32\kpiiakcj.dll .text,.rdata,.data,.reloc, 007D0000[00009000] [AM] 87. c:\windows\system32\enaepogl.dll .text,.rdata,.data,.reloc, 007E0000[00006000] [AM] 107. c:\windows\system32\hbkdxy.dll .text,.rdata,.data,.reloc, 007F0000[0003C000] [AM] 88. c:\windows\system32\nnkegmjg.dll .text,.rdata,.data,.reloc, 00830000[0000A000] [AM] 90. c:\windows\system32\okgclemk.dll .text,.rdata,.data,.reloc, + 000004fc(1276) svchost.exe 10000000[0000A000] [AM] 78. c:\windows\system32\dkppadoc.dll .text,.rdata,.data,.reloc, 003D0000[00009000] [AM] 79. c:\windows\system32\ogmfjdhp.dll .text,.rdata,.data,.reloc, 00730000[00009000] [AM] 106. c:\windows\system32\hbmhly.dll .text,.bss,.rdata,.data,.reloc, 00740000[00006000] [AM] 110. c:\windows\system32\hbchibi.dll .text,.rdata,.data,.reloc, 00750000[0000A000] [AM] 80. c:\windows\system32\oakgfeal.dll .text,.rdata,.data,.reloc, 00760000[00009000] [AM] 81. c:\windows\system32\fohcjpgc.dll .text,.rdata,.data,.reloc, 00770000[00009000] [AM] 82. c:\windows\system32\bnldcajc.dll .text,.rdata,.data,.reloc, 00780000[0003C000] [AM] 83. c:\windows\system32\feaenkjg.dll .text,.rdata,.data,.reloc, 007C0000[00009000] [AM] 84. c:\windows\system32\niibhepe.dll .text,.rdata,.data,.reloc, 007D0000[00009000] [AM] 85. c:\windows\system32\kaheommh.dll .text,.rdata,.data,.reloc, 007E0000[00006000] [AM] 109. c:\windows\system32\hbzhuxian.dll .text,.rdata,.data,.reloc, 007F0000[00006000] [AM] 108. c:\windows\system32\hbasktao.dll .text,.rdata,.data,.reloc, 00800000[0000A000] [AM] 86. c:\windows\system32\kpiiakcj.dll .text,.rdata,.data,.reloc, 00810000[00009000] [AM] 87. c:\windows\system32\enaepogl.dll .text,.rdata,.data,.reloc, 00820000[00006000] [AM] 107. c:\windows\system32\hbkdxy.dll .text,.rdata,.data,.reloc, 00830000[0003C000] [AM] 88. c:\windows\system32\nnkegmjg.dll .text,.rdata,.data,.reloc, 00870000[0000A000] [AM] 90. c:\windows\system32\okgclemk.dll .text,.rdata,.data,.reloc, 76230000[00063000] [ M] 146. c:\windows\system32\spcss.dll Microsoft Corporation Distributed COM Services .text,.data,.rsrc,.reloc, + 00000548(1352) svchost.exe 10000000[0000A000] [AM] 78. c:\windows\system32\dkppadoc.dll .text,.rdata,.data,.reloc, 003D0000[00009000] [AM] 79. c:\windows\system32\ogmfjdhp.dll .text,.rdata,.data,.reloc, 00730000[00009000] [AM] 106. c:\windows\system32\hbmhly.dll .text,.bss,.rdata,.data,.reloc, 00740000[00006000] [AM] 110. c:\windows\system32\hbchibi.dll .text,.rdata,.data,.reloc, 00750000[0000A000] [AM] 80. c:\windows\system32\oakgfeal.dll .text,.rdata,.data,.reloc, 00760000[00009000] [AM] 81. c:\windows\system32\fohcjpgc.dll .text,.rdata,.data,.reloc, 00770000[00009000] [AM] 82. c:\windows\system32\bnldcajc.dll .text,.rdata,.data,.reloc, 00780000[0003C000] [AM] 83. c:\windows\system32\feaenkjg.dll .text,.rdata,.data,.reloc, 007C0000[00009000] [AM] 84. c:\windows\system32\niibhepe.dll .text,.rdata,.data,.reloc, 007D0000[00009000] [AM] 85. c:\windows\system32\kaheommh.dll .text,.rdata,.data,.reloc, 007E0000[00006000] [AM] 109. c:\windows\system32\hbzhuxian.dll .text,.rdata,.data,.reloc, 007F0000[00006000] [AM] 108. c:\windows\system32\hbasktao.dll .text,.rdata,.data,.reloc, 00800000[0000A000] [AM] 86. c:\windows\system32\kpiiakcj.dll .text,.rdata,.data,.reloc, 00810000[00009000] [AM] 87. c:\windows\system32\enaepogl.dll .text,.rdata,.data,.reloc, 00820000[00006000] [AM] 107. c:\windows\system32\hbkdxy.dll .text,.rdata,.data,.reloc, 00830000[0003C000] [AM] 88. c:\windows\system32\nnkegmjg.dll .text,.rdata,.data,.reloc, 00870000[0000A000] [AM] 90. c:\windows\system32\okgclemk.dll .text,.rdata,.data,.reloc, 76230000[00063000] [ M] 146. c:\windows\system32\spcss.dll Microsoft Corporation Distributed COM Services .text,.data,.rsrc,.reloc, + 00000570(1392) RTHDCPL.EXE 00400000[010EF000] [AM] 94. c:\windows\rthdcpl.exe Realtek Semiconductor Corp. Realtek HD Audio Control Panel .text,.data,.tls,.rdata,.idata,.edata,.rsrc,.reloc, 60000000[00074000] [ M] 115. c:\windows\system32\kmon.dll Beijing Rising Information Technology Co., Ltd. KaKa Monitors .text,.rdata,.data,.rsrc,.reloc, 10000000[00009000] [AM] 106. c:\windows\system32\hbmhly.dll .text,.bss,.rdata,.data,.reloc, 01C50000[00016000] [AM] 66. c:\program files\internet explorer\fzsketnt.ps2 CODE,DATA,BSS,.idata,.edata,.reloc,.rsrc, 01D70000[0000A000] [AM] 90. c:\windows\system32\okgclemk.dll .text,.rdata,.data,.reloc, 01D80000[0003C000] [AM] 88. c:\windows\system32\nnkegmjg.dll .text,.rdata,.data,.reloc, 01DC0000[00009000] [AM] 87. c:\windows\system32\enaepogl.dll .text,.rdata,.data,.reloc, 01DD0000[0000A000] [AM] 86. c:\windows\system32\kpiiakcj.dll .text,.rdata,.data,.reloc, 01DE0000[00009000] [AM] 85. c:\windows\system32\kaheommh.dll .text,.rdata,.data,.reloc, 01DF0000[00009000] [AM] 84. c:\windows\system32\niibhepe.dll .text,.rdata,.data,.reloc, 01E00000[0003C000] [AM] 83. c:\windows\system32\feaenkjg.dll .text,.rdata,.data,.reloc, 01E40000[00009000] [AM] 82. c:\windows\system32\bnldcajc.dll .text,.rdata,.data,.reloc, 01E50000[00009000] [AM] 81. c:\windows\system32\fohcjpgc.dll .text,.rdata,.data,.reloc, 01E60000[0000A000] [AM] 80. c:\windows\system32\oakgfeal.dll .text,.rdata,.data,.reloc, 01E70000[00009000] [AM] 79. c:\windows\system32\ogmfjdhp.dll .text,.rdata,.data,.reloc, 01E80000[0000A000] [AM] 78. c:\windows\system32\dkppadoc.dll .text,.rdata,.data,.reloc, 72C80000[00008000] [ M] 121. c:\windows\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, 03920000[0000A000] [AM] 91. c:\windows\system32\ankdkhhd.dll .text,.rdata,.data,.reloc, 03ED0000[00009000] [AM] 92. c:\windows\system32\jjoodmcl.dll .text,.rdata,.data,.reloc, 04E40000[0000A000] [AM] 93. c:\windows\system32\mehkjkdm.dll .text,.rdata,.data,.reloc, + 000005bc(1468) nvsvc32.exe 00400000[0002C000] [AM] 2. c:\windows\system32\nvsvc32.exe NVIDIA Corporation NVIDIA Driver Helper Service, Version 175.31 .text,.rdata,.data,.rsrc, 60000000[00074000] [ M] 115. c:\windows\system32\kmon.dll Beijing Rising Information Technology Co., Ltd. KaKa Monitors .text,.rdata,.data,.rsrc,.reloc, 10000000[00009000] [AM] 106. c:\windows\system32\hbmhly.dll .text,.bss,.rdata,.data,.reloc, 01870000[0006A000] [ M] 147. c:\windows\system32\nvapi.dll NVIDIA Corporation NVIDIA NVAPI Library, Version 175.31 .text,.rdata,.data,.idata,.rsrc,.reloc, + 000005c4(1476) RUNDLL32.EXE 60000000[00074000] [ M] 115. c:\windows\system32\kmon.dll Beijing Rising Information Technology Co., Ltd. KaKa Monitors .text,.rdata,.data,.rsrc,.reloc, 10000000[00009000] [AM] 106. c:\windows\system32\hbmhly.dll .text,.bss,.rdata,.data,.reloc, 00A60000[00017000] [ M] 148. c:\windows\system32\nvmctray.dll NVIDIA Corporation NVIDIA Media Center Library .text,.rdata,.data,.rsrc,.reloc, 00B70000[0006A000] [ M] 147. c:\windows\system32\nvapi.dll NVIDIA Corporation NVIDIA NVAPI Library, Version 175.31 .text,.rdata,.data,.idata,.rsrc,.reloc, 00A90000[00016000] [AM] 66. c:\program files\internet explorer\fzsketnt.ps2 CODE,DATA,BSS,.idata,.edata,.reloc,.rsrc, 00AC0000[0000A000] [AM] 90. c:\windows\system32\okgclemk.dll .text,.rdata,.data,.reloc, 00AF0000[0003C000] [AM] 88. c:\windows\system32\nnkegmjg.dll .text,.rdata,.data,.reloc, 00D30000[00009000] [AM] 87. c:\windows\system32\enaepogl.dll .text,.rdata,.data,.reloc, 00D40000[0000A000] [AM] 86. c:\windows\system32\kpiiakcj.dll .text,.rdata,.data,.reloc, 00D50000[00009000] [AM] 85. c:\windows\system32\kaheommh.dll .text,.rdata,.data,.reloc, 00D60000[00009000] [AM] 84. c:\windows\system32\niibhepe.dll .text,.rdata,.data,.reloc, 00D70000[0003C000] [AM] 83. c:\windows\system32\feaenkjg.dll .text,.rdata,.data,.reloc, 00DB0000[00009000] [AM] 82. c:\windows\system32\bnldcajc.dll .text,.rdata,.data,.reloc, 00DC0000[00009000] [AM] 81. c:\windows\system32\fohcjpgc.dll .text,.rdata,.data,.reloc, 00DD0000[0000A000] [AM] 80. c:\windows\system32\oakgfeal.dll .text,.rdata,.data,.reloc, 00DE0000[00009000] [AM] 79. c:\windows\system32\ogmfjdhp.dll .text,.rdata,.data,.reloc, 00DF0000[0000A000] [AM] 78. c:\windows\system32\dkppadoc.dll .text,.rdata,.data,.reloc, 00E50000[00037000] [ M] 149. c:\windows\system32\nvrszhc.dll NVIDIA Corporation NVIDIA Simplified Chinese language resource library .rsrc,.reloc, 00E10000[0000A000] [AM] 91. c:\windows\system32\ankdkhhd.dll .text,.rdata,.data,.reloc, 00E90000[0000A000] [AM] 93. c:\windows\system32\mehkjkdm.dll .text,.rdata,.data,.reloc, 00EA0000[00009000] [AM] 92. c:\windows\system32\jjoodmcl.dll .text,.rdata,.data,.reloc, + 000005fc(1532) CCENTER.EXE 00400000[0001B000] [AM] 4. d:\program files\rising\rav\ccenter.exe Beijing Rising Information Technology Co., Ltd. CCenter Application .text,.rdata,.data,.rsrc, 10000000[00029000] [ M] 150. d:\program files\rising\rav\combase.dll Beijing Rising Information Technology Co., Ltd. combase .text,.rdata,.data,.rsrc,.reloc, 60000000[00074000] [ M] 115. c:\windows\system32\kmon.dll Beijing Rising Information Technology Co., Ltd. KaKa Monitors .text,.rdata,.data,.rsrc,.reloc, 003E0000[00009000] [AM] 106. c:\windows\system32\hbmhly.dll .text,.bss,.rdata,.data,.reloc, 006D0000[00027000] [ M] 151. d:\program files\rising\rav\cnt09.dll Beijing Rising Information Technology Co., Ltd. cnt09 Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00A10000[0001D000] [ M] 152. d:\program files\rising\rav\cnt08.dll Beijing Rising Information Technology Co., Ltd. cnt08 Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, + 0000060c(1548) CCENTER.EXE 00400000[0001B000] [AM] 6. d:\program files\rising\rfw\ccenter.exe Beijing Rising Information Technology Co., Ltd. CCenter Application .text,.rdata,.data,.rsrc, 10000000[00029000] [ M] 153. d:\program files\rising\rfw\combase.dll Beijing Rising Information Technology Co., Ltd. combase .text,.rdata,.data,.rsrc,.reloc, 60000000[00074000] [ M] 115. c:\windows\system32\kmon.dll Beijing Rising Information Technology Co., Ltd. KaKa Monitors .text,.rdata,.data,.rsrc,.reloc, 003E0000[00009000] [AM] 106. c:\windows\system32\hbmhly.dll .text,.bss,.rdata,.data,.reloc, 006D0000[00027000] [ M] 154. d:\program files\rising\rfw\cnt09.dll Beijing Rising Information Technology Co., Ltd. cnt09 Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, + 00000614(1556) svchost.exe 10000000[0000A000] [AM] 78. c:\windows\system32\dkppadoc.dll .text,.rdata,.data,.reloc, 003D0000[00009000] [AM] 79. c:\windows\system32\ogmfjdhp.dll .text,.rdata,.data,.reloc, 00730000[00009000] [AM] 106. c:\windows\system32\hbmhly.dll .text,.bss,.rdata,.data,.reloc, 00740000[00006000] [AM] 110. c:\windows\system32\hbchibi.dll .text,.rdata,.data,.reloc, 00750000[0000A000] [AM] 80. c:\windows\system32\oakgfeal.dll .text,.rdata,.data,.reloc, 00760000[00009000] [AM] 81. c:\windows\system32\fohcjpgc.dll .text,.rdata,.data,.reloc, 00770000[00009000] [AM] 82. c:\windows\system32\bnldcajc.dll .text,.rdata,.data,.reloc, 00780000[0003C000] [AM] 83. c:\windows\system32\feaenkjg.dll .text,.rdata,.data,.reloc, 007C0000[00009000] [AM] 84. c:\windows\system32\niibhepe.dll .text,.rdata,.data,.reloc, 007D0000[00009000] [AM] 85. c:\windows\system32\kaheommh.dll .text,.rdata,.data,.reloc, 007E0000[00006000] [AM] 109. c:\windows\system32\hbzhuxian.dll .text,.rdata,.data,.reloc, 007F0000[00006000] [AM] 108. c:\windows\system32\hbasktao.dll .text,.rdata,.data,.reloc, 00800000[0000A000] [AM] 86. c:\windows\system32\kpiiakcj.dll .text,.rdata,.data,.reloc, 00810000[00009000] [AM] 87. c:\windows\system32\enaepogl.dll .text,.rdata,.data,.reloc, 00820000[00006000] [AM] 107. c:\windows\system32\hbkdxy.dll .text,.rdata,.data,.reloc, 00830000[0003C000] [AM] 88. c:\windows\system32\nnkegmjg.dll .text,.rdata,.data,.reloc, 00870000[0000A000] [AM] 90. c:\windows\system32\okgclemk.dll .text,.rdata,.data,.reloc, 50E60000[0000C000] [ M] 155. c:\windows\system32\wups2.dll Microsoft Corporation Windows Update client proxy stub 2 .text,.orpc,.data,.rsrc,.reloc, + 00000658(1624) RavTask.exe 00400000[00020000] [AM] 5. d:\program files\rising\rav\ravtask.exe Beijing Rising Information Technology Co., Ltd. ravtask .text,.rdata,.data,.rsrc, 60000000[00074000] [ M] 115. c:\windows\system32\kmon.dll Beijing Rising Information Technology Co., Ltd. KaKa Monitors .text,.rdata,.data,.rsrc,.reloc, 10000000[00009000] [AM] 106. c:\windows\system32\hbmhly.dll .text,.bss,.rdata,.data,.reloc, 006C0000[00017000] [ M] 156. d:\program files\rising\rav\rsconf.dll Beijing Rising Information Technology Co., Ltd. rsconf Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 006F0000[0000E000] [ M] 157. d:\program files\rising\rav\rsappmgr.dll Beijing Rising Information Technology Co., Ltd. Rising Application Manager .text,.rdata,.data,.rsrc,.reloc, 00850000[00031000] [ M] 158. d:\program files\rising\rav\cfgdll.dll Beijing Rising Information Technology Co., Ltd. CfgDll .text,.rdata,.data,.rsrc,.reloc, 00720000[00010000] [ M] 117. d:\program files\rising\rav\proccomm.dll Beijing Rising Information Technology Co., Ltd. ProcComm Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 7C340000[00056000] [ M] 118. c:\windows\system32\msvcr71.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 7C3A0000[0007B000] [ M] 119. c:\windows\system32\msvcp71.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 00A80000[00018000] [ M] 159. d:\program files\rising\rav\rsstub.dll Beijing Rising Information Technology Co., Ltd. rsstub Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00EA0000[00028000] [ M] 160. d:\program files\rising\rav\rstask.dll Beijing Rising Information Technology Co., Ltd. RsTask Control .text,.rdata,.data,.rsrc,.reloc, + 00000678(1656) RavTask.exe 00400000[00020000] [AM] 8. d:\program files\rising\rfw\ravtask.exe Beijing Rising Information Technology Co., Ltd. ravtask .text,.rdata,.data,.rsrc, 60000000[00074000] [ M] 115. c:\windows\system32\kmon.dll Beijing Rising Information Technology Co., Ltd. KaKa Monitors .text,.rdata,.data,.rsrc,.reloc, 10000000[00009000] [AM] 106. c:\windows\system32\hbmhly.dll .text,.bss,.rdata,.data,.reloc, 006C0000[00017000] [ M] 133. d:\program files\rising\rfw\rsconf.dll Beijing Rising Information Technology Co., Ltd. rsconf Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 006F0000[0000E000] [ M] 138. d:\program files\rising\rfw\rsappmgr.dll Beijing Rising Information Technology Co., Ltd. Rising Application Manager .text,.rdata,.data,.rsrc,.reloc, 00850000[00031000] [ M] 139. d:\program files\rising\rfw\cfgdll.dll Beijing Rising Information Technology Co., Ltd. CfgDll .text,.rdata,.data,.rsrc,.reloc, 00720000[00010000] [ M] 136. d:\program files\rising\rfw\proccomm.dll Beijing Rising Information Technology Co., Ltd. ProcComm Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 7C340000[00056000] [ M] 118. c:\windows\system32\msvcr71.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 7C3A0000[0007B000] [ M] 119. c:\windows\system32\msvcp71.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 00A60000[00018000] [ M] 161. d:\program files\rising\rfw\rsstub.dll Beijing Rising Information Technology Co., Ltd. rsstub Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00D50000[00028000] [ M] 162. d:\program files\rising\rfw\rstask.dll Beijing Rising Information Technology Co., Ltd. RsTask Control .text,.rdata,.data,.rsrc,.reloc, + 000006dc(1756) svchost.exe 10000000[0000A000] [AM] 78. c:\windows\system32\dkppadoc.dll .text,.rdata,.data,.reloc, 003D0000[00009000] [AM] 79. c:\windows\system32\ogmfjdhp.dll .text,.rdata,.data,.reloc, 00730000[00009000] [AM] 106. c:\windows\system32\hbmhly.dll .text,.bss,.rdata,.data,.reloc, 00740000[00006000] [AM] 110. c:\windows\system32\hbchibi.dll .text,.rdata,.data,.reloc, 00750000[0000A000] [AM] 80. c:\windows\system32\oakgfeal.dll .text,.rdata,.data,.reloc, 00760000[00009000] [AM] 81. c:\windows\system32\fohcjpgc.dll .text,.rdata,.data,.reloc, 00770000[00009000] [AM] 82. c:\windows\system32\bnldcajc.dll .text,.rdata,.data,.reloc, 00780000[0003C000] [AM] 83. c:\windows\system32\feaenkjg.dll .text,.rdata,.data,.reloc, 007C0000[00009000] [AM] 84. c:\windows\system32\niibhepe.dll .text,.rdata,.data,.reloc, 007D0000[00009000] [AM] 85. c:\windows\system32\kaheommh.dll .text,.rdata,.data,.reloc, 007E0000[00006000] [AM] 109. c:\windows\system32\hbzhuxian.dll .text,.rdata,.data,.reloc, 007F0000[00006000] [AM] 108. c:\windows\system32\hbasktao.dll .text,.rdata,.data,.reloc, 00800000[0000A000] [AM] 86. c:\windows\system32\kpiiakcj.dll .text,.rdata,.data,.reloc, 00810000[00009000] [AM] 87. c:\windows\system32\enaepogl.dll .text,.rdata,.data,.reloc, 00820000[00006000] [AM] 107. c:\windows\system32\hbkdxy.dll .text,.rdata,.data,.reloc, 00830000[0003C000] [AM] 88. c:\windows\system32\nnkegmjg.dll .text,.rdata,.data,.reloc, 00870000[0000A000] [AM] 90. c:\windows\system32\okgclemk.dll .text,.rdata,.data,.reloc, + 0000070c(1804) svchost.exe 10000000[0000A000] [AM] 78. c:\windows\system32\dkppadoc.dll .text,.rdata,.data,.reloc, 003D0000[00009000] [AM] 79. c:\windows\system32\ogmfjdhp.dll .text,.rdata,.data,.reloc, 00730000[00009000] [AM] 106. c:\windows\system32\hbmhly.dll .text,.bss,.rdata,.data,.reloc, 00740000[00006000] [AM] 110. c:\windows\system32\hbchibi.dll .text,.rdata,.data,.reloc, 00750000[0000A000] [AM] 80. c:\windows\system32\oakgfeal.dll .text,.rdata,.data,.reloc, 00760000[00009000] [AM] 81. c:\windows\system32\fohcjpgc.dll .text,.rdata,.data,.reloc, 00770000[00009000] [AM] 82. c:\windows\system32\bnldcajc.dll .text,.rdata,.data,.reloc, 00780000[0003C000] [AM] 83. c:\windows\system32\feaenkjg.dll .text,.rdata,.data,.reloc, 007C0000[00009000] [AM] 84. c:\windows\system32\niibhepe.dll .text,.rdata,.data,.reloc, 007D0000[00009000] [AM] 85. c:\windows\system32\kaheommh.dll .text,.rdata,.data,.reloc, 007E0000[00006000] [AM] 109. c:\windows\system32\hbzhuxian.dll .text,.rdata,.data,.reloc, 007F0000[00006000] [AM] 108. c:\windows\system32\hbasktao.dll .text,.rdata,.data,.reloc, 00800000[0000A000] [AM] 86. c:\windows\system32\kpiiakcj.dll .text,.rdata,.data,.reloc, 00810000[00009000] [AM] 87. c:\windows\system32\enaepogl.dll .text,.rdata,.data,.reloc, 00820000[00006000] [AM] 107. c:\windows\system32\hbkdxy.dll .text,.rdata,.data,.reloc, 00830000[0003C000] [AM] 88. c:\windows\system32\nnkegmjg.dll .text,.rdata,.data,.reloc, 00870000[0000A000] [AM] 90. c:\windows\system32\okgclemk.dll .text,.rdata,.data,.reloc, + 0000074c(1868) wdfmgr.exe 01000000[0000C000] [AM] 11. c:\windows\system32\wdfmgr.exe Microsoft Corporation Windows User Mode Driver Manager .text,.data,.rsrc, 60000000[00074000] [ M] 115. c:\windows\system32\kmon.dll Beijing Rising Information Technology Co., Ltd. KaKa Monitors .text,.rdata,.data,.rsrc,.reloc, 10000000[0000A000] [AM] 78. c:\windows\system32\dkppadoc.dll .text,.rdata,.data,.reloc, 005B0000[00009000] [AM] 79. c:\windows\system32\ogmfjdhp.dll .text,.rdata,.data,.reloc, 005D0000[00009000] [AM] 106. c:\windows\system32\hbmhly.dll .text,.bss,.rdata,.data,.reloc, 005E0000[00006000] [AM] 110. c:\windows\system32\hbchibi.dll .text,.rdata,.data,.reloc, 005F0000[0000A000] [AM] 80. c:\windows\system32\oakgfeal.dll .text,.rdata,.data,.reloc, 00600000[00009000] [AM] 81. c:\windows\system32\fohcjpgc.dll .text,.rdata,.data,.reloc, 00610000[00009000] [AM] 82. c:\windows\system32\bnldcajc.dll .text,.rdata,.data,.reloc, 00660000[0003C000] [AM] 83. c:\windows\system32\feaenkjg.dll .text,.rdata,.data,.reloc, 00620000[00009000] [AM] 84. c:\windows\system32\niibhepe.dll .text,.rdata,.data,.reloc, 00630000[00009000] [AM] 85. c:\windows\system32\kaheommh.dll .text,.rdata,.data,.reloc, 00640000[00006000] [AM] 109. c:\windows\system32\hbzhuxian.dll .text,.rdata,.data,.reloc, 006A0000[00006000] [AM] 108. c:\windows\system32\hbasktao.dll .text,.rdata,.data,.reloc, 006B0000[0000A000] [AM] 86. c:\windows\system32\kpiiakcj.dll .text,.rdata,.data,.reloc, 006C0000[00009000] [AM] 87. c:\windows\system32\enaepogl.dll .text,.rdata,.data,.reloc, 006D0000[00006000] [AM] 107. c:\windows\system32\hbkdxy.dll .text,.rdata,.data,.reloc, 006E0000[0003C000] [AM] 88. c:\windows\system32\nnkegmjg.dll .text,.rdata,.data,.reloc, 00720000[0000A000] [AM] 90. c:\windows\system32\okgclemk.dll .text,.rdata,.data,.reloc, + 00000750(1872) rfwsrv.exe 00400000[00016000] [AM] 7. d:\program files\rising\rfw\rfwsrv.exe Beijing Rising Information Technology Co., Ltd. rfwsrvex Application .text,.rdata,.data,.rsrc, 10000000[00029000] [ M] 153. d:\program files\rising\rfw\combase.dll Beijing Rising Information Technology Co., Ltd. combase .text,.rdata,.data,.rsrc,.reloc, 60000000[00074000] [ M] 115. c:\windows\system32\kmon.dll Beijing Rising Information Technology Co., Ltd. KaKa Monitors .text,.rdata,.data,.rsrc,.reloc, 003E0000[00009000] [AM] 106. c:\windows\system32\hbmhly.dll .text,.bss,.rdata,.data,.reloc, 7C3A0000[0007B000] [ M] 119. c:\windows\system32\msvcp71.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 7C340000[00056000] [ M] 118. c:\windows\system32\msvcr71.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 00950000[0001D000] [ M] 163. d:\program files\rising\rfw\monbase.dll Beijing Rising Information Technology Co., Ltd. MonBase .text,.rdata,.data,.rsrc,.reloc, 00980000[00019000] [ M] 164. d:\program files\rising\rfw\moncomm.dll Beijing Rising Information Technology Co., Ltd. MonComm .text,.rdata,.data,.rsrc,.reloc, 009B0000[00064000] [ M] 135. d:\program files\rising\rfw\rfwlog.dll Beijing Rising Information Technology Co., Ltd. rfwlog Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00A40000[0000C000] [ M] 128. d:\program files\rising\rfw\rfwrule.dll Beijing Rising Information Technology Co., Ltd. TODO: .text,.rdata,.data,.rsrc,.reloc, 00A50000[00040000] [ M] 165. d:\program files\rising\rfw\rfwsrv.dll Beijing Rising Information Technology Co., Ltd. Rising Personal FireWall Service .text,.rdata,.data,.rsrc,.reloc, 00A90000[00019000] [ M] 124. d:\program files\rising\rfw\syslay.dll Beijing Rising Information Technology Co., Ltd. Syslay .text,.rdata,.data,.rsrc,.reloc, 00AD0000[0001B000] [ M] 142. d:\program files\rising\rfw\mports.dll Beijing Rising Information Technology Co., Ltd. get ports list .text,.rdata,.data,.rsrc,.reloc, 00B00000[00010000] [ M] 166. d:\program files\rising\rfw\rfwdrvc.dll Beijing Rising Information Technology Co., Ltd. rfwdrvc Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00B20000[00014000] [ M] 167. d:\program files\rising\rfw\rfwdrv.dll Beijing Rising Information Technology Co., Ltd. rfwdrv.dll .text,.rdata,.data,.rsrc,.reloc, 00CF0000[00067000] [ M] 143. d:\program files\rising\rfw\rsnetsvr.dll Beijing Rising Information Technology Co., Ltd. rsnetsvr .text,.rdata,.data,.rsrc,.reloc, 00B70000[0002E000] [ M] 141. d:\program files\rising\rfw\comx3.dll Beijing Rising Information Technology Co., Ltd. comx3 Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 014B0000[00014000] [ M] 168. d:\program files\rising\rfw\urlrule.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware UrlRule Library .text,.rdata,.data,.rsrc,.reloc, 015E0000[0003C000] [ M] 169. d:\program files\rising\rfw\recomp.dll Beijing Rising Information Technology Co., Ltd. component manager Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01630000[00036000] [ M] 170. d:\program files\rising\rfw\refs.dll Beijing Rising Information Technology Co., Ltd. filesystem Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 018A0000[00030000] [ M] 171. d:\program files\rising\rfw\viruslib.dll Beijing Rising Information Technology Co., Ltd. VirusLib Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 018E0000[00028000] [ M] 172. d:\program files\rising\rfw\relibldr.dll Beijing Rising Information Technology Co., Ltd. libloader Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01960000[0022B000] [ M] 173. d:\program files\rising\rfw\rfwproxy.dll Beijing Rising Information Technology Co., Ltd. rfwproxy Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01DE0000[0000E000] [ M] 138. d:\program files\rising\rfw\rsappmgr.dll Beijing Rising Information Technology Co., Ltd. Rising Application Manager .text,.rdata,.data,.rsrc,.reloc, 01E00000[00031000] [ M] 139. d:\program files\rising\rfw\cfgdll.dll Beijing Rising Information Technology Co., Ltd. CfgDll .text,.rdata,.data,.rsrc,.reloc, 01F20000[00010000] [ M] 136. d:\program files\rising\rfw\proccomm.dll Beijing Rising Information Technology Co., Ltd. ProcComm Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01C50000[0000E000] [ M] 174. d:\program files\rising\rfw\urllib.dll Beijing Rising Information Technology Co., Ltd. Urllib Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, + 000007e8(2024) spoolsv.exe 10000000[0000A000] [AM] 78. c:\windows\system32\dkppadoc.dll .text,.rdata,.data,.reloc, 003D0000[00009000] [AM] 79. c:\windows\system32\ogmfjdhp.dll .text,.rdata,.data,.reloc, 009B0000[00009000] [AM] 106. c:\windows\system32\hbmhly.dll .text,.bss,.rdata,.data,.reloc, 009C0000[00006000] [AM] 110. c:\windows\system32\hbchibi.dll .text,.rdata,.data,.reloc, 009D0000[0000A000] [AM] 80. c:\windows\system32\oakgfeal.dll .text,.rdata,.data,.reloc, 009E0000[00009000] [AM] 81. c:\windows\system32\fohcjpgc.dll .text,.rdata,.data,.reloc, 009F0000[00009000] [AM] 82. c:\windows\system32\bnldcajc.dll .text,.rdata,.data,.reloc, 00A00000[0003C000] [AM] 83. c:\windows\system32\feaenkjg.dll .text,.rdata,.data,.reloc, 00A40000[00009000] [AM] 84. c:\windows\system32\niibhepe.dll .text,.rdata,.data,.reloc, 00A50000[00009000] [AM] 85. c:\windows\system32\kaheommh.dll .text,.rdata,.data,.reloc, 00A60000[00006000] [AM] 109. c:\windows\system32\hbzhuxian.dll .text,.rdata,.data,.reloc, 00A70000[00006000] [AM] 108. c:\windows\system32\hbasktao.dll .text,.rdata,.data,.reloc, 00A80000[0000A000] [AM] 86. c:\windows\system32\kpiiakcj.dll .text,.rdata,.data,.reloc, 00A90000[00009000] [AM] 87. c:\windows\system32\enaepogl.dll .text,.rdata,.data,.reloc, 00AA0000[00006000] [AM] 107. c:\windows\system32\hbkdxy.dll .text,.rdata,.data,.reloc, 00AB0000[0003C000] [AM] 88. c:\windows\system32\nnkegmjg.dll .text,.rdata,.data,.reloc, 00AF0000[0000A000] [AM] 90. c:\windows\system32\okgclemk.dll .text,.rdata,.data,.reloc, + 000009fc(2556) IEXPLORE.EXE 10000000[00009000] [AM] 79. c:\windows\system32\ogmfjdhp.dll .text,.rdata,.data,.reloc, 00960000[0000A000] [AM] 78. c:\windows\system32\dkppadoc.dll .text,.rdata,.data,.reloc, 00970000[0000A000] [AM] 90. c:\windows\system32\okgclemk.dll .text,.rdata,.data,.reloc, 00980000[0003C000] [AM] 88. c:\windows\system32\nnkegmjg.dll .text,.rdata,.data,.reloc, 009C0000[00009000] [AM] 87. c:\windows\system32\enaepogl.dll .text,.rdata,.data,.reloc, 009D0000[0000A000] [AM] 86. c:\windows\system32\kpiiakcj.dll .text,.rdata,.data,.reloc, 009E0000[00009000] [AM] 85. c:\windows\system32\kaheommh.dll .text,.rdata,.data,.reloc, 009F0000[00009000] [AM] 84. c:\windows\system32\niibhepe.dll .text,.rdata,.data,.reloc, 00A00000[0003C000] [AM] 83. c:\windows\system32\feaenkjg.dll .text,.rdata,.data,.reloc, 00A40000[00009000] [AM] 82. c:\windows\system32\bnldcajc.dll .text,.rdata,.data,.reloc, 00A50000[00009000] [AM] 81. c:\windows\system32\fohcjpgc.dll .text,.rdata,.data,.reloc, 00A60000[0000A000] [AM] 80. c:\windows\system32\oakgfeal.dll .text,.rdata,.data,.reloc, 00A70000[0000A000] [AM] 91. c:\windows\system32\ankdkhhd.dll .text,.rdata,.data,.reloc, 00A80000[00009000] [AM] 92. c:\windows\system32\jjoodmcl.dll .text,.rdata,.data,.reloc, 00A90000[00009000] [AM] 106. c:\windows\system32\hbmhly.dll .text,.bss,.rdata,.data,.reloc, 00AA0000[00006000] [AM] 107. c:\windows\system32\hbkdxy.dll .text,.rdata,.data,.reloc, 00AB0000[00006000] [AM] 108. c:\windows\system32\hbasktao.dll .text,.rdata,.data,.reloc, 00AC0000[00006000] [AM] 109. c:\windows\system32\hbzhuxian.dll .text,.rdata,.data,.reloc, 00AD0000[00006000] [AM] 110. c:\windows\system32\hbchibi.dll .text,.rdata,.data,.reloc, 00AE0000[0000A000] [AM] 93. c:\windows\system32\mehkjkdm.dll .text,.rdata,.data,.reloc, 00CA0000[00016000] [AM] 66. c:\program files\internet explorer\fzsketnt.ps2 CODE,DATA,BSS,.idata,.edata,.reloc,.rsrc, 01480000[0003E000] [ M] 120. c:\documents and settings\administrator\application data\ppstream\bin\1.0.0.2\vodrc.dll ppstream.com vodrc .text,.rdata,.data,.rsrc,.reloc, 015E0000[00032000] [AM] 61. c:\program files\tencent\qqdownload\qqiehelper01.dll 腾讯公司 超级旋风下载组件 .text,.rdata,.data,.rsrc,.reloc, 01790000[0005F000] [AM] 62. c:\program files\thunder\comdlls\tdatonce_now.dll Thunder Networking Technologies,LTD 迅雷浏览器高级特性支持模块 .text,.rdata,.data,.rsrc,.reloc, 017F0000[000A1000] [AM] 63. d:\program files\bitcomet\tools\bitcometbho_1.2.8.7.dll BitComet BitCometBHO .text,.rdata,.data,.rsrc,.reloc, 018C0000[00029000] [AM] 64. c:\program files\thunder\comdlls\xunleibho_now.dll Thunder Networking Technologies,LTD XunLeiBHO .text,.rdata,.data,.rsrc,.reloc, 01910000[00018000] [AM] 65. c:\windows\system32\urlfilter.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware UrlFilter Module .text,.rdata,.data,.rsrc,.reloc, 01940000[00011000] [ M] 175. c:\program files\rising\antispyware\urlrule.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware UrlRule Library .text,.rdata,.data,.rsrc,.reloc, 325C0000[00012000] [AM] 72. c:\program files\microsoft office\office11\msohev.dll Microsoft Corporation Microsoft Office 2003 component .text,.data,.rsrc,.reloc, 72C80000[00008000] [ M] 121. c:\windows\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, 036F0000[00016000] [ M] 176. d:\program files\rising\rav\ravscrch.dll Beijing Rising Information Technology Co., Ltd. webmon module .text,.rdata,.data,.rsrc,.reloc, 7C3A0000[0007B000] [ M] 119. c:\windows\system32\msvcp71.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 7C340000[00056000] [ M] 118. c:\windows\system32\msvcr71.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 30000000[003AE000] [ M] 177. c:\windows\system32\macromed\flash\flash9e.ocx Adobe Systems, Inc. Adobe Flash Player 9.0 r115 .text,.rdata,.data,.rodata,.rsrc,.reloc, 69000000[0000E000] [ M] 178. c:\windows\system32\macromed\common\swsupport.dll Adobe Systems, Inc. Director Support .text,.rdata,.data,.rsrc,.reloc, 7C480000[0002F000] [ M] 179. c:\windows\system32\javacypt.dll Microsoft Corporation MS Java Crypt Dll .text,.data,.rsrc,.reloc, 7C000000[000EA000] [ M] 180. c:\windows\system32\msjava.dll Microsoft Corporation Microsoft? VM .text,.data,.rsrc,.reloc, 7C520000[00048000] [ M] 181. c:\windows\system32\vmhelper.dll Microsoft Corporation Microsoft(R) Virtual Machine Helper Library for Java .text,.rsrc,.reloc, 09810000[00070000] [ M] 182. c:\windows\downloaded program files\ravolctl.dll Beijing Rising Information Technology Co., Ltd. Rising Online Control .text,.rdata,.data,.rsrc,.reloc, 029A0000[0001B000] [ M] 183. c:\program files\rising\ravol\scanstub.dll Beijing Rising Information Technology Co., Ltd. Rising Online Scan Stub .text,.rdata,.data,.rsrc,.reloc, 029D0000[00032000] [ M] 184. c:\program files\rising\ravol\oscanner.dll Beijing Rising Information Technology Co., Ltd. Rising Online Scanner .text,.rdata,.data,.rsrc,.reloc, 07090000[00035000] [ M] 185. c:\program files\rising\ravol\recomp.dll Beijing Rising Information Technology Co., Ltd. component manager Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 070D0000[00036000] [ M] 186. c:\program files\rising\ravol\refs.dll Beijing Rising Information Technology Co., Ltd. filesystem Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 07110000[0002F000] [ M] 187. c:\program files\rising\ravol\viruslib.dll Beijing Rising Information Technology Co., Ltd. VirusLib Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 07140000[00028000] [ M] 188. c:\program files\rising\ravol\relibldr.dll Beijing Rising Information Technology Co., Ltd. libloader Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 09D50000[00030000] [ M] 189. c:\program files\rising\ravol\mvengine.dll Beijing Rising Information Technology Co., Ltd. mvengine Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 09D90000[00046000] [ M] 190. c:\program files\rising\ravol\posttrt.dll Beijing Rising Information Technology Co., Ltd. PostTrt .text,.rdata,.data,.rsrc,.reloc, 0A790000[00022000] [ M] 191. c:\program files\rising\ravol\ffr.dll Beijing Rising Information Technology Co., Ltd. ffr Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 0A7D0000[00021000] [ M] 192. c:\program files\rising\ravol\nvfile.dll Beijing Rising Information Technology Co., Ltd. NVFile .text,.rdata,.data,.rsrc,.reloc, 13AB0000[0004A000] [ M] 193. c:\program files\rising\ravol\scanexec.dll Beijing Rising Information Technology Co., Ltd. ScanExec .text,.rdata,.data,.rsrc,.reloc, 0C0C0000[002DC000] [ M] 194. c:\program files\rising\ravol\unexe.dll Beijing Rising Information Technology Co., Ltd. UnExe .text,.rdata,.data,.rsrc,.reloc, 0C3B0000[000D4000] [ M] 195. c:\program files\rising\ravol\scanex.dll Beijing Rising Information Technology Co., Ltd. ScanEx .text,.rdata,.data,.rsrc,.reloc, 0C830000[00027000] [ M] 196. c:\program files\rising\ravol\pearc.dll Beijing Rising Information Technology Co., Ltd. pearchive Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 0C970000[000DC000] [ M] 197. c:\program files\rising\ravol\extfile.dll Beijing Rising Information Technology Co., Ltd. extFile Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 0B0D0000[00036000] [ M] 198. c:\program files\rising\ravol\scanpack.dll Beijing Rising Information Technology Co., Ltd. Unpack Engine .text,.rdata,.data,.rsrc,.reloc, 0B120000[000B7000] [ M] 199. c:\program files\rising\ravol\revm.dll Beijing Rising Information Technology Co., Ltd. REVM Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 0B310000[00020000] [ M] 200. c:\program files\rising\ravol\urutils.dll Beijing Rising Information Technology Co., Ltd. urutils Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 0B660000[00018000] [ M] 201. c:\program files\rising\ravol\ur000.dat Beijing Rising Information Technology Co., Ltd. Unpack Routine .text,.rdata,.data,.rsrc,.reloc, 0BC00000[00045000] [ M] 202. c:\program files\rising\ravol\extole.dll Beijing Rising Information Technology Co., Ltd. ExtOLE .text,.rdata,.data,.rsrc,.reloc, 0BC60000[00023000] [ M] 203. c:\program files\rising\ravol\scansct.dll Beijing Rising Information Technology Co., Ltd. ScanSct Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 14210000[00038000] [ M] 204. c:\program files\rising\ravol\extmail.dll Beijing Rising Information Technology Co., Ltd. ExtMail .text,.rdata,.data,.rsrc,.reloc, 0BE70000[00038000] [ M] 205. c:\program files\rising\ravol\scriptci.dll Beijing Rising Information Technology Co., Ltd. scriptci Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 0C080000[0001D000] [ M] 206. c:\program files\rising\ravol\ur001.dat Beijing Rising Information Technology Co., Ltd. Unpack Routine .text,.rdata,.data,.rsrc,.reloc, 0CB60000[0001F000] [ M] 207. c:\program files\rising\ravol\ur004.dat Beijing Rising Information Technology Co., Ltd. Unpack Routine .text,.rdata,.data,.rsrc,.reloc, 12670000[000F3000] [ M] 208. c:\program files\rising\ravol\uroutine.dll Beijing Rising Information Technology Co., Ltd. Unpack Routine .text,.rdata,.data,.rsrc,.reloc, 02A50000[00017000] [ M] 209. c:\program files\rising\ravol\ur023.dat Beijing Rising Information Technology Co., Ltd. Unpack Routine .text,.rdata,.data,.rsrc,.reloc, + 00000ba0(2976) RsMain.exe 00400000[00010000] [ M] 210. d:\program files\rising\rav\rsmain.exe Beijing Rising Information Technology Co., Ltd. Rising RsShell .text,.rdata,.data,.rsrc, 7C340000[00056000] [ M] 118. c:\windows\system32\msvcr71.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 10000000[00009000] [AM] 92. c:\windows\system32\jjoodmcl.dll .text,.rdata,.data,.reloc, 00A80000[0000A000] [AM] 91. c:\windows\system32\ankdkhhd.dll .text,.rdata,.data,.reloc, 00A90000[00016000] [AM] 66. c:\program files\internet explorer\fzsketnt.ps2 CODE,DATA,BSS,.idata,.edata,.reloc,.rsrc, 00BB0000[0000A000] [AM] 90. c:\windows\system32\okgclemk.dll .text,.rdata,.data,.reloc, 00BC0000[0003C000] [AM] 88. c:\windows\system32\nnkegmjg.dll .text,.rdata,.data,.reloc, 00C00000[00009000] [AM] 87. c:\windows\system32\enaepogl.dll .text,.rdata,.data,.reloc, 00C10000[0000A000] [AM] 86. c:\windows\system32\kpiiakcj.dll .text,.rdata,.data,.reloc, 00C20000[00009000] [AM] 85. c:\windows\system32\kaheommh.dll .text,.rdata,.data,.reloc, 00C30000[00009000] [AM] 84. c:\windows\system32\niibhepe.dll .text,.rdata,.data,.reloc, 00C40000[0003C000] [AM] 83. c:\windows\system32\feaenkjg.dll .text,.rdata,.data,.reloc, 00C80000[00009000] [AM] 82. c:\windows\system32\bnldcajc.dll .text,.rdata,.data,.reloc, 00C90000[00009000] [AM] 81. c:\windows\system32\fohcjpgc.dll .text,.rdata,.data,.reloc, 00CA0000[0000A000] [AM] 80. c:\windows\system32\oakgfeal.dll .text,.rdata,.data,.reloc, 00CB0000[00009000] [AM] 79. c:\windows\system32\ogmfjdhp.dll .text,.rdata,.data,.reloc, 00CC0000[0000A000] [AM] 78. c:\windows\system32\dkppadoc.dll .text,.rdata,.data,.reloc, 00CD0000[00032000] [ M] 211. d:\program files\rising\rav\rspalmgr.dll Beijing Rising Information Technology Co., Ltd. rspalmgr Program .text,.rdata,.data,.rsrc,.reloc, 00D10000[00019000] [ M] 114. d:\program files\rising\rav\syslay.dll Beijing Rising Information Technology Co., Ltd. Syslay .text,.rdata,.data,.rsrc,.reloc, 23800000[00025000] [ M] 212. d:\program files\rising\rav\rsxml.dll Beijing Rising Information Technology Co., Ltd. RsXML .text,.rdata,.data,.rsrc,.reloc, 7C3A0000[0007B000] [ M] 119. c:\windows\system32\msvcp71.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 26600000[000C3000] [ M] 213. d:\program files\rising\rav\rsguilib.dll Beijing Rising Information Technology Co., Ltd. Rising GUI Library Loader .text,.rdata,.data,.rsrc,.reloc, 7C140000[00103000] [ M] 127. c:\windows\system32\mfc71.dll Microsoft Corporation MFCDLL Shared Library - Retail Version .text,.data,.rsrc,.reloc, 23700000[00023000] [ M] 214. d:\program files\rising\rav\rslang.dll Beijing Rising Information Technology Co., Ltd. Rising Common Function Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 34000000[00025000] [ M] 215. d:\program files\rising\rav\ravbmenu.dll Beijing Rising Information Technology Co., Ltd. ravbmenu Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00F30000[00017000] [ M] 156. d:\program files\rising\rav\rsconf.dll Beijing Rising Information Technology Co., Ltd. rsconf Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00F60000[0002F000] [ M] 216. d:\program files\rising\rav\rspalvd.dll Beijing Rising Information Technology Co., Ltd. rspalvd .text,.rdata,.data,.rsrc,.reloc, 32000000[00021000] [ M] 217. d:\program files\rising\rav\ravppops.dll Beijing Rising Information Technology Co., Ltd. ravppops Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 33000000[00025000] [ M] 218. d:\program files\rising\rav\ravbintl.dll Beijing Rising Information Technology Co., Ltd. ravbintl Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00FC0000[00041000] [ M] 219. d:\program files\rising\rav\ravpsafe.dll Beijing Rising Information Technology Co., Ltd. ravpsafe Module .text,.rdata,.data,.rsrc,.reloc, 01020000[00013000] [ M] 220. d:\program files\rising\rav\monstate.dll Beijing Rising Information Technology Co., Ltd. MonState .text,.rdata,.data,.rsrc,.reloc, 01050000[00059000] [ M] 221. d:\program files\rising\rav\scanprxy.dll Beijing Rising Information Technology Co., Ltd. ScanPrxy Module .text,.rdata,.data,.rsrc,.reloc, 010B0000[0001F000] [ M] 222. d:\program files\rising\rav\psafecfg.dll Beijing Rising Information Technology Co., Ltd. psafecfg Program .text,.rdata,.data,.rsrc,.reloc, 011E0000[0000E000] [ M] 157. d:\program files\rising\rav\rsappmgr.dll Beijing Rising Information Technology Co., Ltd. Rising Application Manager .text,.rdata,.data,.rsrc,.reloc, 01200000[00031000] [ M] 158. d:\program files\rising\rav\cfgdll.dll Beijing Rising Information Technology Co., Ltd. CfgDll .text,.rdata,.data,.rsrc,.reloc, 01360000[00024000] [AM] 77. c:\windows\system32\ravext.dll Beijing Rising Information Technology Co., Ltd. Rising Shell Ext Module .text,.rdata,.data,.rsrc,.reloc, 013D0000[0002E000] [ M] 116. d:\program files\rising\rav\comx3.dll Beijing Rising Information Technology Co., Ltd. comx3 Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01440000[00010000] [ M] 117. d:\program files\rising\rav\proccomm.dll Beijing Rising Information Technology Co., Ltd. ProcComm Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 30000000[000A5000] [ M] 223. d:\program files\rising\rav\ravxpage.dll Beijing Rising Information Technology Co., Ltd. scanviru Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 31000000[00023000] [ M] 224. d:\program files\rising\rav\ravxmons.dll Beijing Rising Information Technology Co., Ltd. scanviru Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01480000[0002F000] [ M] 225. d:\program files\rising\rav\ravptool.dll Beijing Rising Information Technology Co., Ltd. Rising tools page .text,.rdata,.data,.rsrc,.reloc, 01A30000[0006C000] [ M] 226. d:\program files\rising\rav\log2file.dll Beijing Rising Information Technology Co., Ltd. Rising Log2File .text,.rdata,.data,.rsrc,.reloc, 23900000[00040000] [ M] 227. d:\program files\rising\rav\pngdll.dll Beijing Rising Information Technology Co., Ltd. Rising .Png File Loader Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 02790000[00030000] [ M] 228. d:\program files\rising\rav\htmllib.dll Beijing Rising Information Technology Co., Ltd. htmllib .text,.rdata,.data,.rsrc,.reloc, 02AB0000[0003E000] [ M] 120. c:\documents and settings\administrator\application data\ppstream\bin\1.0.0.2\vodrc.dll ppstream.com vodrc .text,.rdata,.data,.rsrc,.reloc, 02BF0000[00009000] [AM] 106. c:\windows\system32\hbmhly.dll .text,.bss,.rdata,.data,.reloc, 02C10000[00006000] [AM] 109. c:\windows\system32\hbzhuxian.dll .text,.rdata,.data,.reloc, 02C20000[00006000] [AM] 108. c:\windows\system32\hbasktao.dll .text,.rdata,.data,.reloc, 02C30000[00006000] [AM] 107. c:\windows\system32\hbkdxy.dll .text,.rdata,.data,.reloc, 030A0000[00014000] [ M] 229. d:\program files\rising\rav\rsvrinfo.dll Beijing Rising Information Technology Co., Ltd. rsvrinfo Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 030D0000[0003C000] [ M] 230. d:\program files\rising\rav\recomp.dll Beijing Rising Information Technology Co., Ltd. component manager Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 03120000[00036000] [ M] 231. d:\program files\rising\rav\refs.dll Beijing Rising Information Technology Co., Ltd. filesystem Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 03380000[00030000] [ M] 232. d:\program files\rising\rav\viruslib.dll Beijing Rising Information Technology Co., Ltd. VirusLib Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 034C0000[00028000] [ M] 233. d:\program files\rising\rav\relibldr.dll Beijing Rising Information Technology Co., Ltd. libloader Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 72C80000[00008000] [ M] 121. c:\windows\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, 02E90000[0000A000] [AM] 93. c:\windows\system32\mehkjkdm.dll .text,.rdata,.data,.reloc, 02EA0000[00006000] [AM] 110. c:\windows\system32\hbchibi.dll .text,.rdata,.data,.reloc, + 00000ba8(2984) scanfrm.exe 00400000[0000B000] [AM] 10. d:\program files\rising\rav\scanfrm.exe Beijing Rising Information Technology Co., Ltd. Rising Scan Service Framework .text,.rdata,.data,.rsrc, 7C3A0000[0007B000] [ M] 119. c:\windows\system32\msvcp71.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 7C340000[00056000] [ M] 118. c:\windows\system32\msvcr71.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 10000000[00009000] [AM] 79. c:\windows\system32\ogmfjdhp.dll .text,.rdata,.data,.reloc, 008F0000[0000A000] [AM] 78. c:\windows\system32\dkppadoc.dll .text,.rdata,.data,.reloc, 00910000[0000A000] [AM] 90. c:\windows\system32\okgclemk.dll .text,.rdata,.data,.reloc, 00920000[0003C000] [AM] 88. c:\windows\system32\nnkegmjg.dll .text,.rdata,.data,.reloc, 00960000[00009000] [AM] 87. c:\windows\system32\enaepogl.dll .text,.rdata,.data,.reloc, 00970000[0000A000] [AM] 86. c:\windows\system32\kpiiakcj.dll .text,.rdata,.data,.reloc, 00980000[00009000] [AM] 85. c:\windows\system32\kaheommh.dll .text,.rdata,.data,.reloc, 009A0000[00009000] [AM] 84. c:\windows\system32\niibhepe.dll .text,.rdata,.data,.reloc, 009B0000[0003C000] [AM] 83. c:\windows\system32\feaenkjg.dll .text,.rdata,.data,.reloc, 009F0000[00009000] [AM] 82. c:\windows\system32\bnldcajc.dll .text,.rdata,.data,.reloc, 00A00000[00009000] [AM] 81. c:\windows\system32\fohcjpgc.dll .text,.rdata,.data,.reloc, 00A10000[0000A000] [AM] 80. c:\windows\system32\oakgfeal.dll .text,.rdata,.data,.reloc, 00A20000[0000A000] [AM] 91. c:\windows\system32\ankdkhhd.dll .text,.rdata,.data,.reloc, 00A30000[00009000] [AM] 92. c:\windows\system32\jjoodmcl.dll .text,.rdata,.data,.reloc, 00A50000[00029000] [ M] 150. d:\program files\rising\rav\combase.dll Beijing Rising Information Technology Co., Ltd. combase .text,.rdata,.data,.rsrc,.reloc, 00A90000[00019000] [ M] 234. d:\program files\rising\rav\moncomm.dll Beijing Rising Information Technology Co., Ltd. MonComm .text,.rdata,.data,.rsrc,.reloc, 00AC0000[0000A000] [ M] 235. d:\program files\rising\rav\scansrvp.dll Beijing Rising Information Technology Co., Ltd. ScanSrvP Module .text,.rdata,.data,.rsrc,.reloc, 00AD0000[00010000] [ M] 117. d:\program files\rising\rav\proccomm.dll Beijing Rising Information Technology Co., Ltd. ProcComm Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00DE0000[0000E000] [ M] 236. d:\program files\rising\rav\scansrv.dll Beijing Rising Information Technology Co., Ltd. ScanSrv Module .text,.rdata,.data,.rsrc,.reloc, 012F0000[0002E000] [ M] 116. d:\program files\rising\rav\comx3.dll Beijing Rising Information Technology Co., Ltd. comx3 Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01320000[00019000] [ M] 114. d:\program files\rising\rav\syslay.dll Beijing Rising Information Technology Co., Ltd. Syslay .text,.rdata,.data,.rsrc,.reloc, 017E0000[00016000] [AM] 66. c:\program files\internet explorer\fzsketnt.ps2 CODE,DATA,BSS,.idata,.edata,.reloc,.rsrc, 01A10000[0000F000] [ M] 237. d:\program files\rising\rav\scanravt.dll Beijing Rising Information Technology Co., Ltd. ScanRavT Module .text,.rdata,.data,.rsrc,.reloc, 01A20000[00070000] [ M] 238. d:\program files\rising\rav\scanbt.dll Beijing Rising Information Technology Co., Ltd. ScanBT Module .text,.rdata,.data,.rsrc,.reloc, 01A90000[0000D000] [ M] 239. d:\program files\rising\rav\scanstub.dll Beijing Rising Information Technology Co., Ltd. ScanStub Module .text,.rdata,.data,.rsrc,.reloc, 01AA0000[00067000] [ M] 240. d:\program files\rising\rav\rslog.dll Beijing Rising Information Technology Co., Ltd. rslog Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01B30000[0000D000] [ M] 241. d:\program files\rising\rav\scanadd.dll Beijing Rising Information Technology Co., Ltd. Rising Scan Service Addon .text,.rdata,.data,.rsrc,.reloc, 01B40000[0000E000] [ M] 157. d:\program files\rising\rav\rsappmgr.dll Beijing Rising Information Technology Co., Ltd. Rising Application Manager .text,.rdata,.data,.rsrc,.reloc, 01B60000[00031000] [ M] 158. d:\program files\rising\rav\cfgdll.dll Beijing Rising Information Technology Co., Ltd. CfgDll .text,.rdata,.data,.rsrc,.reloc, 01CA0000[00026000] [ M] 242. d:\program files\rising\rav\scanner.dll Beijing Rising Information Technology Co., Ltd. RsScanner Module .text,.rdata,.data,.rsrc,.reloc, 01CD0000[0003C000] [ M] 230. d:\program files\rising\rav\recomp.dll Beijing Rising Information Technology Co., Ltd. component manager Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01D20000[00036000] [ M] 231. d:\program files\rising\rav\refs.dll Beijing Rising Information Technology Co., Ltd. filesystem Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01F80000[00030000] [ M] 232. d:\program files\rising\rav\viruslib.dll Beijing Rising Information Technology Co., Ltd. VirusLib Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 020C0000[00028000] [ M] 233. d:\program files\rising\rav\relibldr.dll Beijing Rising Information Technology Co., Ltd. libloader Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 02400000[0000D000] [ M] 243. d:\program files\rising\rav\sysmail.dll Beijing Rising Information Technology Co., Ltd. SysMail Module .text,.rdata,.data,.rsrc,.reloc, 02560000[00030000] [ M] 244. d:\program files\rising\rav\mvengine.dll Beijing Rising Information Technology Co., Ltd. mvengine Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 02590000[00045000] [ M] 245. d:\program files\rising\rav\posttrt.dll Beijing Rising Information Technology Co., Ltd. PostTrt .text,.rdata,.data,.rsrc,.reloc, 03080000[00022000] [ M] 246. d:\program files\rising\rav\ffr.dll Beijing Rising Information Technology Co., Ltd. ffr Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 030C0000[00021000] [ M] 247. d:\program files\rising\rav\nvfile.dll Beijing Rising Information Technology Co., Ltd. NVFile .text,.rdata,.data,.rsrc,.reloc, 13AB0000[00045000] [ M] 248. d:\program files\rising\rav\scanexec.dll Beijing Rising Information Technology Co., Ltd. ScanExec .text,.rdata,.data,.rsrc,.reloc, 03960000[002DD000] [ M] 249. d:\program files\rising\rav\unexe.dll Beijing Rising Information Technology Co., Ltd. UnExe .text,.rdata,.data,.rsrc,.reloc, 03C50000[000D7000] [ M] 250. d:\program files\rising\rav\scanex.dll Beijing Rising Information Technology Co., Ltd. ScanEx .text,.rdata,.data,.rsrc,.reloc, 040D0000[00029000] [ M] 251. d:\program files\rising\rav\pearc.dll Beijing Rising Information Technology Co., Ltd. pearchive Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 04110000[00028000] [ M] 252. d:\program files\rising\rav\scanpe.dll Beijing Rising Information Technology Co., Ltd. scanpe Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 04450000[0001A000] [ M] 253. d:\program files\rising\rav\ur000.dat Beijing Rising Information Technology Co., Ltd. Unpack Routine .text,.rdata,.data,.rsrc,.reloc, 04D50000[000F6000] [ M] 254. d:\program files\rising\rav\extfile.dll Beijing Rising Information Technology Co., Ltd. extfile Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 04F50000[000B7000] [ M] 255. d:\program files\rising\rav\revm.dll Beijing Rising Information Technology Co., Ltd. REVM Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 04810000[00035000] [ M] 256. d:\program files\rising\rav\urutils.dll Beijing Rising Information Technology Co., Ltd. urutils Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 04B10000[0003A000] [ M] 257. d:\program files\rising\rav\scriptci.dll Beijing Rising Information Technology Co., Ltd. scriptci Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 05420000[0006C000] [ M] 258. d:\program files\rising\rav\uroutine.dll Beijing Rising Information Technology Co., Ltd. Unpack Routine .text,.rdata,.data,.rsrc,.reloc, 08010000[0000A000] [AM] 93. c:\windows\system32\mehkjkdm.dll .text,.rdata,.data,.reloc, 0D250000[00012000] [ M] 259. d:\program files\rising\rav\ur001.dat Beijing Rising Information Technology Co., Ltd. Unpack Routine .text,.rdata,.data,.rsrc,.reloc, 0D710000[00015000] [ M] 260. d:\program files\rising\rav\ur023.dat Beijing Rising Information Technology Co., Ltd. Unpack Routine .text,.rdata,.data,.rsrc,.reloc, 05CB0000[00045000] [ M] 261. d:\program files\rising\rav\extole.dll Beijing Rising Information Technology Co., Ltd. ExtOLE .text,.rdata,.data,.rsrc,.reloc, 05D10000[00023000] [ M] 262. d:\program files\rising\rav\scansct.dll Beijing Rising Information Technology Co., Ltd. ScanSct Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 14210000[00038000] [ M] 263. d:\program files\rising\rav\extmail.dll Beijing Rising Information Technology Co., Ltd. ExtMail .text,.rdata,.data,.rsrc,.reloc, 024D0000[0001D000] [ M] 264. d:\program files\rising\rav\ur004.dat Beijing Rising Information Technology Co., Ltd. Unpack Routine .text,.rdata,.data,.rsrc,.reloc, 08090000[00087000] [ M] 265. d:\program files\rising\rav\ur027.dat Beijing Rising Information Technology Co., Ltd. Unpack Routine .text,.rdata,.data,.rsrc,.reloc, 02530000[00013000] [ M] 266. d:\program files\rising\rav\ur025.dat Beijing Rising Information Technology Co., Ltd. Unpack Routine .text,.rdata,.data,.rsrc,.reloc, 079C0000[00022000] [ M] 267. d:\program files\rising\rav\scanmac.dll Beijing Rising Information Technology Co., Ltd. ScanMac .text,.rdata,.data,.rsrc,.reloc, 07A00000[00012000] [ M] 268. d:\program files\rising\rav\scanelf.dll Beijing Rising Information Technology Co., Ltd. scanelf .text,.rdata,.data,.rsrc,.reloc, 01490000[0002D000] [ M] 269. d:\program files\rising\rav\ur007.dat Beijing Rising Information Technology Co., Ltd. Unpack Routine007 .text,.rdata,.data,.rsrc,.reloc, 014D0000[0002A000] [ M] 270. d:\program files\rising\rav\rsstore.dll Beijing Rising Information Technology Co., Ltd. RSStore .text,.rdata,.data,.rsrc,.reloc, + 00000ccc(3276) alg.exe 10000000[00009000] [AM] 106. c:\windows\system32\hbmhly.dll .text,.bss,.rdata,.data,.reloc, + 00000db8(3512) System.exe 00400000[00005000] [AM] 100. c:\windows\system32\system.exe HB Software HB Inject Application Version 1.2.1.1007 .text,.rdata,.data,.rsrc, 10000000[00009000] [AM] 79. c:\windows\system32\ogmfjdhp.dll .text,.rdata,.data,.reloc, 009F0000[0000A000] [AM] 78. c:\windows\system32\dkppadoc.dll .text,.rdata,.data,.reloc, 00A10000[0000A000] [AM] 90. c:\windows\system32\okgclemk.dll .text,.rdata,.data,.reloc, 00A20000[0003C000] [AM] 88. c:\windows\system32\nnkegmjg.dll .text,.rdata,.data,.reloc, 00A60000[00009000] [AM] 87. c:\windows\system32\enaepogl.dll .text,.rdata,.data,.reloc, 00A70000[0000A000] [AM] 86. c:\windows\system32\kpiiakcj.dll .text,.rdata,.data,.reloc, 00A80000[00009000] [AM] 85. c:\windows\system32\kaheommh.dll .text,.rdata,.data,.reloc, 00A90000[00009000] [AM] 84. c:\windows\system32\niibhepe.dll .text,.rdata,.data,.reloc, 00AA0000[0003C000] [AM] 83. c:\windows\system32\feaenkjg.dll .text,.rdata,.data,.reloc, 00AE0000[00009000] [AM] 82. c:\windows\system32\bnldcajc.dll .text,.rdata,.data,.reloc, 00AF0000[00009000] [AM] 81. c:\windows\system32\fohcjpgc.dll .text,.rdata,.data,.reloc, 00B00000[0000A000] [AM] 80. c:\windows\system32\oakgfeal.dll .text,.rdata,.data,.reloc, 00B10000[0000A000] [AM] 91. c:\windows\system32\ankdkhhd.dll .text,.rdata,.data,.reloc, 00B20000[00009000] [AM] 92. c:\windows\system32\jjoodmcl.dll .text,.rdata,.data,.reloc, 00B90000[00016000] [AM] 66. c:\program files\internet explorer\fzsketnt.ps2 CODE,DATA,BSS,.idata,.edata,.reloc,.rsrc, 00CC0000[00009000] [AM] 106. c:\windows\system32\hbmhly.dll .text,.bss,.rdata,.data,.reloc, 00CD0000[00006000] [AM] 107. c:\windows\system32\hbkdxy.dll .text,.rdata,.data,.reloc, 00CE0000[00006000] [AM] 108. c:\windows\system32\hbasktao.dll .text,.rdata,.data,.reloc, 00CF0000[00006000] [AM] 109. c:\windows\system32\hbzhuxian.dll .text,.rdata,.data,.reloc, 00D00000[00006000] [AM] 110. c:\windows\system32\hbchibi.dll .text,.rdata,.data,.reloc, 00D20000[0000A000] [AM] 93. c:\windows\system32\mehkjkdm.dll .text,.rdata,.data,.reloc, + 00000ea4(3748) Ras.exe 00400000[0000B000] [ M] 271. c:\program files\rising\antispyware\ras.exe Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc, 7C140000[00103000] [ M] 272. c:\program files\rising\antispyware\mfc71.dll Microsoft Corporation MFCDLL Shared Library - Retail Version .text,.data,.rsrc,.reloc, 7C340000[00056000] [ M] 273. c:\program files\rising\antispyware\msvcr71.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 10000000[00009000] [AM] 106. c:\windows\system32\hbmhly.dll .text,.bss,.rdata,.data,.reloc, 003E0000[00009000] [AM] 92. c:\windows\system32\jjoodmcl.dll .text,.rdata,.data,.reloc, 00B40000[0000A000] [AM] 91. c:\windows\system32\ankdkhhd.dll .text,.rdata,.data,.reloc, 00B50000[00016000] [AM] 66. c:\program files\internet explorer\fzsketnt.ps2 CODE,DATA,BSS,.idata,.edata,.reloc,.rsrc, 00B70000[0000A000] [AM] 90. c:\windows\system32\okgclemk.dll .text,.rdata,.data,.reloc, 00B80000[0003C000] [AM] 88. c:\windows\system32\nnkegmjg.dll .text,.rdata,.data,.reloc, 00BC0000[00009000] [AM] 87. c:\windows\system32\enaepogl.dll .text,.rdata,.data,.reloc, 00BD0000[0000A000] [AM] 86. c:\windows\system32\kpiiakcj.dll .text,.rdata,.data,.reloc, 00CF0000[00009000] [AM] 85. c:\windows\system32\kaheommh.dll .text,.rdata,.data,.reloc, 00D00000[00009000] [AM] 84. c:\windows\system32\niibhepe.dll .text,.rdata,.data,.reloc, 00D10000[0003C000] [AM] 83. c:\windows\system32\feaenkjg.dll .text,.rdata,.data,.reloc, 00D50000[00009000] [AM] 82. c:\windows\system32\bnldcajc.dll .text,.rdata,.data,.reloc, 00D60000[00009000] [AM] 81. c:\windows\system32\fohcjpgc.dll .text,.rdata,.data,.reloc, 00D70000[0000A000] [AM] 80. c:\windows\system32\oakgfeal.dll .text,.rdata,.data,.reloc, 00D80000[00009000] [AM] 79. c:\windows\system32\ogmfjdhp.dll .text,.rdata,.data,.reloc, 00D90000[0000A000] [AM] 78. c:\windows\system32\dkppadoc.dll .text,.rdata,.data,.reloc, 00DA0000[00047000] [ M] 274. c:\program files\rising\antispyware\kakamgr.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 7C3A0000[0007B000] [ M] 275. c:\program files\rising\antispyware\msvcp71.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 00DF0000[00019000] [ M] 276. c:\program files\rising\antispyware\syslay.dll Beijing Rising Information Technology Co., Ltd. Syslay .text,.rdata,.data,.rsrc,.reloc, 00E20000[0001F000] [ M] 277. d:\program files\rising\rav\proccom.dll Beijing Rising Information Technology Co., Ltd. ProcessC Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00E40000[00024000] [ M] 278. c:\program files\rising\antispyware\rscommx2.dll Beijing Rising Information Technology Co., Ltd. RsCommX2 .text,.rdata,.data,.rsrc,.reloc, 00F90000[0002E000] [ M] 279. c:\program files\rising\antispyware\comx3.dll Beijing Rising Information Technology Co., Ltd. comx3 Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01200000[00058000] [ M] 280. c:\program files\rising\antispyware\dbmgr.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 23800000[00022000] [ M] 281. c:\program files\rising\antispyware\rsxml.dll Beijing Rising Information Technology Co., Ltd. RsXML .text,.rdata,.data,.rsrc,.reloc, 01360000[0002D000] [ M] 282. c:\program files\rising\antispyware\pweb.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 01390000[000C1000] [ M] 283. c:\program files\rising\antispyware\pscan.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 01460000[00034000] [ M] 284. c:\program files\rising\antispyware\ncomm.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 014C0000[00070000] [ M] 285. c:\program files\rising\antispyware\pset.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 01530000[0002A000] [ M] 286. c:\program files\rising\antispyware\pdefend.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 01610000[000B6000] [ M] 287. c:\program files\rising\antispyware\ptools.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 01560000[0008D000] [ M] 288. c:\program files\rising\antispyware\psysinfo.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 017F0000[00024000] [AM] 77. c:\windows\system32\ravext.dll Beijing Rising Information Technology Co., Ltd. Rising Shell Ext Module .text,.rdata,.data,.rsrc,.reloc, 23900000[00040000] [ M] 289. c:\program files\rising\antispyware\pngdll.dll Beijing Rising Information Technology Co., Ltd. Rising .Png File Loader Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 033F0000[00006000] [AM] 109. c:\windows\system32\hbzhuxian.dll .text,.rdata,.data,.reloc, 03400000[00006000] [AM] 108. c:\windows\system32\hbasktao.dll .text,.rdata,.data,.reloc, 03410000[00006000] [AM] 107. c:\windows\system32\hbkdxy.dll .text,.rdata,.data,.reloc, 03060000[00006000] [AM] 110. c:\windows\system32\hbchibi.dll .text,.rdata,.data,.reloc, 035B0000[0002F000] [ M] 290. c:\program files\rising\antispyware\engine.dll Beijing Rising Information Technology Co., Ltd. kaka engine .text,.rdata,.data,.rsrc,.reloc, 031D0000[0000F000] [ M] 291. c:\program files\rising\antispyware\zip.dll Beijing Rising Information Technology Co., Ltd. zip .text,.rdata,.data,.rsrc,.reloc, 03290000[0000A000] [AM] 93. c:\windows\system32\mehkjkdm.dll .text,.rdata,.data,.reloc, 02F70000[00024000] [ M] 292. c:\program files\rising\antispyware\secscan.dll Beijing Rising Information Technology Co., Ltd. SecScan Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 02FA0000[00018000] [ M] 293. c:\program files\rising\antispyware\secex.dll Beijing Rising Information Technology Co., Ltd. SecScanE Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 04230000[0003E000] [ M] 120. c:\documents and settings\administrator\application data\ppstream\bin\1.0.0.2\vodrc.dll ppstream.com vodrc .text,.rdata,.data,.rsrc,.reloc, 04890000[00016000] [ M] 176. d:\program files\rising\rav\ravscrch.dll Beijing Rising Information Technology Co., Ltd. webmon module .text,.rdata,.data,.rsrc,.reloc, 30000000[003AE000] [ M] 177. c:\windows\system32\macromed\flash\flash9e.ocx Adobe Systems, Inc. Adobe Flash Player 9.0 r115 .text,.rdata,.data,.rodata,.rsrc,.reloc, 72C80000[00008000] [ M] 121. c:\windows\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, + 00000ec4(3780) knownsvr.exe 00400000[00072000] [ M] 294. c:\program files\rising\antispyware\knownsvr.exe Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc, 10000000[00034000] [ M] 284. c:\program files\rising\antispyware\ncomm.dll Beijing Rising Information Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc,.reloc, 003C0000[00009000] [AM] 79. c:\windows\system32\ogmfjdhp.dll .text,.rdata,.data,.reloc, 003D0000[0000A000] [AM] 78. c:\windows\system32\dkppadoc.dll .text,.rdata,.data,.reloc, 003E0000[0000A000] [AM] 90. c:\windows\system32\okgclemk.dll .text,.rdata,.data,.reloc, 00AA0000[0003C000] [AM] 88. c:\windows\system32\nnkegmjg.dll .text,.rdata,.data,.reloc, 003F0000[00009000] [AM] 87. c:\windows\system32\enaepogl.dll .text,.rdata,.data,.reloc, 00AE0000[0000A000] [AM] 86. c:\windows\system32\kpiiakcj.dll .text,.rdata,.data,.reloc, 00AF0000[00009000] [AM] 85. c:\windows\system32\kaheommh.dll .text,.rdata,.data,.reloc, 00B00000[00009000] [AM] 84. c:\windows\system32\niibhepe.dll .text,.rdata,.data,.reloc, 00B10000[0003C000] [AM] 83. c:\windows\system32\feaenkjg.dll .text,.rdata,.data,.reloc, 00B50000[00009000] [AM] 82. c:\windows\system32\bnldcajc.dll .text,.rdata,.data,.reloc, 00B60000[00009000] [AM] 81. c:\windows\system32\fohcjpgc.dll .text,.rdata,.data,.reloc, 00B70000[0000A000] [AM] 80. c:\windows\system32\oakgfeal.dll .text,.rdata,.data,.reloc, 00B80000[0000A000] [AM] 91. c:\windows\system32\ankdkhhd.dll .text,.rdata,.data,.reloc, 00B90000[00009000] [AM] 92. c:\windows\system32\jjoodmcl.dll .text,.rdata,.data,.reloc, 00BA0000[00009000] [AM] 106. c:\windows\system32\hbmhly.dll .text,.bss,.rdata,.data,.reloc, 00BB0000[00006000] [AM] 107. c:\windows\system32\hbkdxy.dll .text,.rdata,.data,.reloc, 00BC0000[00006000] [AM] 108. c:\windows\system32\hbasktao.dll .text,.rdata,.data,.reloc, 00BD0000[00006000] [AM] 109. c:\windows\system32\hbzhuxian.dll .text,.rdata,.data,.reloc, 00BE0000[00006000] [AM] 110. c:\windows\system32\hbchibi.dll .text,.rdata,.data,.reloc, 00C30000[0002E000] [ M] 279. c:\program files\rising\antispyware\comx3.dll Beijing Rising Information Technology Co., Ltd. comx3 Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00C60000[00019000] [ M] 276. c:\program files\rising\antispyware\syslay.dll Beijing Rising Information Technology Co., Ltd. Syslay .text,.rdata,.data,.rsrc,.reloc, 010F0000[0000A000] [AM] 93. c:\windows\system32\mehkjkdm.dll .text,.rdata,.data,.reloc, 01100000[00016000] [AM] 66. c:\program files\internet explorer\fzsketnt.ps2 CODE,DATA,BSS,.idata,.edata,.reloc,.rsrc,