[CODE]

2009-10-07,10:23:09

System Repair Engineer 2.8.1.1279
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 3 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描
    计划任务
    Windows 安全更新检查
    API HOOK
    隐藏进程


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <FlashGet 3><"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" -minimize>  [File is missing]
    <PPLiveVA><C:\Program Files\PPLiveVA\PPLiveVA.exe /LoadModule PPVA.DLL /M REAL /S 0 /T 0>  [File is missing]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <AVG8_TRAY><D:\PROGRA~1\AVG\AVG8\avgtray.exe>  [File is missing]
    <RisTray><"D:\Program Files\Rising\Ris\RsTray.exe" -system>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <Adobe Reader Speed Launcher><"D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe">  [(Verified)"Adobe Systems, Incorporated"]
    <runeip><"D:\Program Files\Rising\AntiSpyware\rstray.exe" /startup>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <Stormtray><D:\Program Files\StormII\Stormtray.exe /Start>  [(Verified)北京暴风网际科技有限公司]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><kmon.dll>  [(Verified)Beijing Rising Information Technology Corporation Limited]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [Microsoft Corporation]
    <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [Microsoft Corporation]
    <WebCheck><%SystemRoot%\system32\webcheck.dll>  [Microsoft Corporation]
    <SysTray><C:\WINDOWS\system32\stobject.dll>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
    <WinlogonNotify: avgrsstarter><avgrsstx.dll>  [(Verified)AVG Technologies]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
    <WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    <WinlogonNotify: ScCertProp><wlnotify.dll>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    <WinlogonNotify: Schedule><wlnotify.dll>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    <WinlogonNotify: termsrv><wlnotify.dll>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    <WinlogonNotify: wlballoon><wlnotify.dll>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
    <浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\system32\热带鱼~1.SCR>  []

==================================
启动文件夹
N/A

==================================
服务
[Application Layer Gateway Service / ALG][Running/Manual Start]
  <C:\WINDOWS\System32\alg.exe><Microsoft Corporation>
[Application Management / AppMgmt][Stopped/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><Microsoft Corporation>
[Windows Audio / AudioSrv][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\audiosrv.dll><Microsoft Corporation>
[AVG8 E-mail Scanner / avg8emc][Stopped/Auto Start]
  <D:\PROGRA~1\AVG\AVG8\avgemc.exe><(File is missing)>
[AVG8 WatchDog / avg8wd][Stopped/Auto Start]
  <D:\PROGRA~1\AVG\AVG8\avgwdsvc.exe><(File is missing)>
[Background Intelligent Transfer Service / BITS][Stopped/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\qmgr.dll><Microsoft Corporation>
[Computer Browser / Browser][Running/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\browser.dll><Microsoft Corporation>
[ClipBook / ClipSrv][Stopped/Disabled]
  <C:\WINDOWS\system32\clipsrv.exe><Microsoft Corporation>
[COM+ System Application / COMSysApp][Stopped/Manual Start]
  <C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}><Microsoft Corporation>
[Cryptographic Services / CryptSvc][Running/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\cryptsvc.dll><Microsoft Corporation>
[DCOM Server Process Launcher / DcomLaunch][Running/Auto Start]
  <C:\WINDOWS\system32\svchost -k DcomLaunch-->%SystemRoot%\system32\rpcss.dll><Microsoft Corporation>
[DHCP Client / Dhcp][Running/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\dhcpcsvc.dll><Microsoft Corporation>
[Logical Disk Manager Administrative Service / dmadmin][Stopped/Manual Start]
  <C:\WINDOWS\System32\dmadmin.exe /com><Microsoft Corp., Veritas Software>
[Logical Disk Manager / dmserver][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\dmserver.dll><Microsoft Corp.>
[DNS Client / Dnscache][Running/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k NetworkService-->%SystemRoot%\System32\dnsrslvr.dll><Microsoft Corporation>
[Wired AutoConfig / Dot3svc][Stopped/Manual Start]
  <C:\WINDOWS\System32\svchost.exe -k dot3svc-->%SystemRoot%\System32\dot3svc.dll><Microsoft Corporation>
[Extensible Authentication Protocol Service / EapHost][Stopped/Manual Start]
  <C:\WINDOWS\System32\svchost.exe -k eapsvcs-->%SystemRoot%\System32\eapsvc.dll><Microsoft Corporation>
[Event Log / Eventlog][Running/Auto Start]
  <C:\WINDOWS\system32\services.exe><Microsoft Corporation>
[COM+ Event System / EventSystem][Running/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\es.dll><Microsoft Corporation>
[Fast User Switching Compatibility / FastUserSwitchingCompatibility][Stopped/Manual Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\shsvcs.dll><Microsoft Corporation>
[HID Input Service / HidServ][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><Microsoft Corporation>
[Health Key and Certificate Management Service / hkmsvc][Stopped/Manual Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\kmsvc.dll><Microsoft Corporation>
[HTTP SSL / HTTPFilter][Stopped/Manual Start]
  <C:\WINDOWS\System32\svchost.exe -k HTTPFilter-->%SystemRoot%\System32\w3ssl.dll><Microsoft Corporation>
[IMAPI CD-Burning COM Service / ImapiService][Stopped/Disabled]
  <C:\WINDOWS\system32\imapi.exe><Microsoft Corporation>
[Server / LanmanServer][Running/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\srvsvc.dll><Microsoft Corporation>
[Workstation / lanmanworkstation][Running/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\wkssvc.dll><Microsoft Corporation>
[TCP/IP NetBIOS Helper / LmHosts][Running/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k LocalService-->%SystemRoot%\System32\lmhsvc.dll><Microsoft Corporation>
[Messenger / Messenger][Stopped/Disabled]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\msgsvc.dll><Microsoft Corporation>
[NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
  <C:\WINDOWS\system32\mnmsrvc.exe><Microsoft Corporation>
[Distributed Transaction Coordinator / MSDTC][Stopped/Manual Start]
  <C:\WINDOWS\system32\msdtc.exe><Microsoft Corporation>
[Windows Installer / MSIServer][Stopped/Manual Start]
  <C:\WINDOWS\system32\msiexec.exe /V><Microsoft Corporation>
[Network Access Protection Agent / napagent][Stopped/Manual Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\qagentrt.dll><Microsoft Corporation>
[Network DDE / NetDDE][Stopped/Disabled]
  <C:\WINDOWS\system32\netdde.exe><Microsoft Corporation>
[Network DDE DSDM / NetDDEdsdm][Stopped/Disabled]
  <C:\WINDOWS\system32\netdde.exe><Microsoft Corporation>
[Net Logon / Netlogon][Stopped/Manual Start]
  <C:\WINDOWS\system32\lsass.exe><Microsoft Corporation>
[Network Connections / Netman][Running/Manual Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\netman.dll><Microsoft Corporation>
[Network Location Awareness (NLA) / Nla][Running/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\mswsock.dll><Microsoft Corporation>
[NT LM Security Support Provider / NtLmSsp][Stopped/Manual Start]
  <C:\WINDOWS\system32\lsass.exe><Microsoft Corporation>
[Plug and Play / PlugPlay][Running/Auto Start]
  <C:\WINDOWS\system32\services.exe><Microsoft Corporation>
[IPSEC Services / PolicyAgent][Running/Auto Start]
  <C:\WINDOWS\system32\lsass.exe><Microsoft Corporation>
[Protected Storage / ProtectedStorage][Running/Auto Start]
  <C:\WINDOWS\system32\lsass.exe><Microsoft Corporation>
[Remote Access Auto Connection Manager / RasAuto][Stopped/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\rasauto.dll><Microsoft Corporation>
[Remote Access Connection Manager / RasMan][Running/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\rasmans.dll><Microsoft Corporation>
[Remote Desktop Help Session Manager / RDSessMgr][Stopped/Manual Start]
  <C:\WINDOWS\system32\sessmgr.exe><Microsoft Corporation>
[Routing and Remote Access / RemoteAccess][Stopped/Disabled]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\mprdim.dll><Microsoft Corporation>
[Remote Registry / RemoteRegistry][Stopped/Disabled]
  <C:\WINDOWS\system32\svchost.exe -k LocalService-->%SystemRoot%\system32\regsvc.dll><Microsoft Corporation>
[Remote Procedure Call (RPC) Locator / RpcLocator][Stopped/Manual Start]
  <C:\WINDOWS\system32\locator.exe><Microsoft Corporation>
[Remote Procedure Call (RPC) / RpcSs][Running/Auto Start]
  <C:\WINDOWS\system32\svchost -k rpcss-->%SystemRoot%\system32\rpcss.dll><Microsoft Corporation>
[Ris Service / RsRisMon][Running/Auto Start]
  <"D:\Program Files\Rising\Ris\RavMonD.exe"><Beijing Rising Information Technology Co., Ltd.>
[QoS RSVP / RSVP][Stopped/Manual Start]
  <C:\WINDOWS\system32\rsvp.exe><Microsoft Corporation>
[Security Accounts Manager / SamSs][Running/Auto Start]
  <C:\WINDOWS\system32\lsass.exe><Microsoft Corporation>
[Smart Card / SCardSvr][Stopped/Manual Start]
  <C:\WINDOWS\System32\SCardSvr.exe><Microsoft Corporation>
[Task Scheduler / Schedule][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\system32\schedsvc.dll><Microsoft Corporation>
[Secondary Logon / seclogon][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\seclogon.dll><Microsoft Corporation>
[System Event Notification / SENS][Running/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\system32\sens.dll><Microsoft Corporation>
[Windows Firewall/Internet Connection Sharing (ICS) / SharedAccess][Running/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\ipnathlp.dll><Microsoft Corporation>
[Shell Hardware Detection / ShellHWDetection][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\shsvcs.dll><Microsoft Corporation>
[Print Spooler / Spooler][Running/Auto Start]
  <C:\WINDOWS\system32\spoolsv.exe><Microsoft Corporation>
[System Restore Service / srservice][Stopped/Disabled]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\srsvc.dll><Microsoft Corporation>
[SSDP Discovery Service / SSDPSRV][Running/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k LocalService-->%SystemRoot%\System32\ssdpsrv.dll><Microsoft Corporation>
[Windows Image Acquisition (WIA) / stisvc][Stopped/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k imgsvc-->%SystemRoot%\system32\wiaservc.dll><Microsoft Corporation>
[MS Software Shadow Copy Provider / SwPrv][Stopped/Manual Start]
  <C:\WINDOWS\system32\dllhost.exe /Processid:{A55513AA-040B-427B-A519-AD85008AD71E}><Microsoft Corporation>
[Performance Logs and Alerts / SysmonLog][Stopped/Manual Start]
  <C:\WINDOWS\system32\smlogsvc.exe><Microsoft Corporation>
[Telephony / TapiSrv][Running/Manual Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\tapisrv.dll><Microsoft Corporation>
[Terminal Services / TermService][Running/Manual Start]
  <C:\WINDOWS\System32\svchost -k DComLaunch-->%SystemRoot%\System32\termsrv.dll><Microsoft Corporation>
[Themes / Themes][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\shsvcs.dll><Microsoft Corporation>
[Telnet / TlntSvr][Stopped/Disabled]
  <C:\WINDOWS\system32\tlntsvr.exe><Microsoft Corporation>
[Distributed Link Tracking Client / TrkWks][Running/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\system32\trkwks.dll><Microsoft Corporation>
[Windows User Mode Driver Framework / UMWdf][Stopped/Manual Start]
  <C:\WINDOWS\system32\wdfmgr.exe><Microsoft Corporation>
[Universal Plug and Play Device Host / upnphost][Stopped/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k LocalService-->%SystemRoot%\System32\upnphost.dll><Microsoft Corporation>
[Volume Shadow Copy / VSS][Stopped/Manual Start]
  <C:\WINDOWS\System32\vssvc.exe><Microsoft Corporation>
[Windows Time / W32Time][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\w32time.dll><Microsoft Corporation>
[WebClient / WebClient][Running/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k LocalService-->%SystemRoot%\System32\webclnt.dll><Microsoft Corporation>
[Windows Management Instrumentation / winmgmt][Running/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\system32\wbem\WMIsvc.dll><Microsoft Corporation>
[Portable Media Serial Number Service / WmdmPmSN][Stopped/Manual Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\mspmsnsv.dll><Microsoft Corporation>
[Windows Management Instrumentation Driver Extensions / Wmi][Stopped/Manual Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\advapi32.dll><Microsoft Corporation>
[WMI Performance Adapter / WmiApSrv][Stopped/Manual Start]
  <C:\WINDOWS\system32\wbem\wmiapsrv.exe><Microsoft Corporation>
[Security Center / wscsvc][Stopped/Manual Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SYSTEMROOT%\system32\wscsvc.dll><Microsoft Corporation>
[自动更新 / wuauserv][Running/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\wuauserv.dll><Microsoft Corporation>
[Wireless Zero Configuration / WZCSVC][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\wzcsvc.dll><Microsoft Corporation>
[Network Provisioning Service / xmlprov][Stopped/Manual Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\xmlprov.dll><Microsoft Corporation>

==================================
驱动程序
[Microsoft ACPI Driver / ACPI][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\ACPI.sys><Microsoft Corporation>
[Microsoft Embedded Controller Driver / ACPIEC][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\ACPIEC.sys><Microsoft Corporation>
[Microsoft Kernel Acoustic Echo Canceller / aec][Stopped/Manual Start]
  <system32\drivers\aec.sys><Microsoft Corporation>
[AFD / AFD][Running/System Start]
  <\SystemRoot\System32\drivers\afd.sys><Microsoft Corporation>
[ahcix86 / ahcix86][Stopped/Disabled]
  <\SystemRoot\system32\drivers\ahcix86.sys><AMD Technologies Inc.>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[RAS Asynchronous Media Driver / AsyncMac][Stopped/Manual Start]
  <system32\DRIVERS\asyncmac.sys><Microsoft Corporation>
[标准 IDE/ESDI 硬盘控制器 / atapi][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\atapi.sys><Microsoft Corporation>
[音频存根驱动程序 / audstub][Running/Manual Start]
  <system32\DRIVERS\audstub.sys><Microsoft Corporation>
[AVG AVI Loader Driver x86 / AvgLdx86][Running/System Start]
  <\SystemRoot\System32\Drivers\avgldx86.sys><AVG Technologies CZ, s.r.o.>
[AVG On-access Scanner Minifilter Driver x86 / AvgMfx86][Running/System Start]
  <\SystemRoot\System32\Drivers\avgmfx86.sys><AVG Technologies CZ, s.r.o.>
[avgrkx86.sys / AvgRkx86][Running/Boot Start]
  <\SystemRoot\System32\Drivers\avgrkx86.sys><AVG Technologies CZ, s.r.o.>
[AVG8 Network Redirector / AvgTdiX][Running/System Start]
  <\SystemRoot\System32\Drivers\avgtdix.sys><AVG Technologies CZ, s.r.o.>
[bootsafe / bootsafe][Running/Boot Start]
  <\SystemRoot\system32\Drivers\bootsafe.sys><>
[CD-ROM Driver / Cdrom][Running/System Start]
  <system32\DRIVERS\cdrom.sys><Microsoft Corporation>
[磁盘驱动器 / Disk][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\disk.sys><Microsoft Corporation>
[dmboot / dmboot][Stopped/Disabled]
  <System32\drivers\dmboot.sys><Microsoft Corp., Veritas Software>
[Logical Disk Manager Driver / dmio][Running/Boot Start]
  <\SystemRoot\System32\drivers\dmio.sys><Microsoft Corp., Veritas Software>
[dmload / dmload][Running/Boot Start]
  <\SystemRoot\System32\drivers\dmload.sys><Microsoft Corp., Veritas Software.>
[Microsoft Kernel DLS Syntheiszer / DMusic][Stopped/Manual Start]
  <system32\drivers\DMusic.sys><Microsoft Corporation>
[Microsoft Kernel DRM Audio Descrambler / drmkaud][Stopped/Manual Start]
  <system32\drivers\drmkaud.sys><Microsoft Corporation>
[Floppy Disk Controller Driver / Fdc][Running/Manual Start]
  <system32\DRIVERS\fdc.sys><Microsoft Corporation>
[软盘驱动程序 / Flpydisk][Running/Manual Start]
  <system32\DRIVERS\flpydisk.sys><Microsoft Corporation>
[FltMgr / FltMgr][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\fltMgr.sys><Microsoft Corporation>
[FsVga / FsVga][Running/System Start]
  <system32\DRIVERS\fsvga.sys><Microsoft Corporation>
[Volume Manager Driver / Ftdisk][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\ftdisk.sys><Microsoft Corporation>
[Generic Packet Classifier / Gpc][Running/Manual Start]
  <system32\DRIVERS\msgpc.sys><Microsoft Corporation>
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Stopped/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[Microsoft HID Class Driver / HidUsb][Running/Manual Start]
  <system32\DRIVERS\hidusb.sys><Microsoft Corporation>
[hookcont / hookcont][Running/System Start]
  <system32\drivers\HookCont.sys><Beijing Rising Information Technology Co., Ltd.>
[hooksys / hooksys][Running/System Start]
  <system32\drivers\HookSys.sys><Beijing Rising Information Technology Co., Ltd.>
[HTTP / HTTP][Running/Manual Start]
  <System32\Drivers\HTTP.sys><Microsoft Corporation>
[i8042 键盘和 PS/2 鼠标端口驱动程序 / i8042prt][Running/System Start]
  <system32\DRIVERS\i8042prt.sys><Microsoft Corporation>
[ialm / ialm][Running/Manual Start]
  <system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[Intel RAID Controller / iaStor5][Stopped/Disabled]
  <\SystemRoot\system32\drivers\iastor5.sys><Intel Corporation>
[Intel AHCI Controller 7 / iaStor7][Stopped/Disabled]
  <\SystemRoot\system32\drivers\iastor7.sys><Intel Corporation>
[Intel AHCI Controller 8 / iaStor8][Stopped/Disabled]
  <\SystemRoot\system32\drivers\iastor8.sys><Intel Corporation>
[CD 烧制筛选驱动器 / Imapi][Stopped/System Start]
  <system32\DRIVERS\imapi.sys><Microsoft Corporation>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Stopped/Manual Start]
  <system32\drivers\RtkHDAud.sys><N/A>
[Intel Processor Driver / intelppm][Running/System Start]
  <system32\DRIVERS\intelppm.sys><Microsoft Corporation>
[IPv6 Windows Firewall Driver / Ip6Fw][Stopped/Manual Start]
  <system32\DRIVERS\Ip6Fw.sys><Microsoft Corporation>
[IP Traffic Filter Driver / IpFilterDriver][Stopped/Manual Start]
  <system32\DRIVERS\ipfltdrv.sys><Microsoft Corporation>
[IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start]
  <system32\DRIVERS\ipinip.sys><Microsoft Corporation>
[IP Network Address Translator / IpNat][Running/Manual Start]
  <system32\DRIVERS\ipnat.sys><Microsoft Corporation>
[IPSEC driver / IPSec][Running/System Start]
  <system32\DRIVERS\ipsec.sys><Microsoft Corporation>
[IR Enumerator Service / IRENUM][Stopped/Manual Start]
  <system32\DRIVERS\irenum.sys><Microsoft Corporation>
[Microsoft Serial Infrared Driver / irsir][Stopped/Manual Start]
  <system32\DRIVERS\irsir.sys><Microsoft Corporation>
[PnP ISA/EISA Bus Driver / isapnp][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\isapnp.sys><Microsoft Corporation>
[ITEATAPI_Service_Install / iteatapi][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\iteatapi.sys><Integrated Technology Express, Inc.>
[JRAID / JRAID][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\jraid.sys><JMicron Technology Corp.>
[Keyboard Class Driver / Kbdclass][Running/System Start]
  <system32\DRIVERS\kbdclass.sys><Microsoft Corporation>
[Keyboard HID Driver / kbdhid][Running/System Start]
  <system32\DRIVERS\kbdhid.sys><Microsoft Corporation>
[Microsoft Kernel Wave Audio Mixer / kmixer][Running/Manual Start]
  <system32\drivers\kmixer.sys><Microsoft Corporation>
[m5228 / m5228][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\m5228.sys><ALi Corporation.>
[m5281 / m5281][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\m5281.sys><ALi Corporation>
[m5287 / m5287][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\m5287.sys><ULi Electronics Inc.>
[m5288 / m5288][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\m5288.sys><ULi Electronics Inc.>
[m5289 / m5289][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\m5289.sys><ULi Electronics Inc.>
[Mouse Class Driver / Mouclass][Running/System Start]
  <system32\DRIVERS\mouclass.sys><Microsoft Corporation>
[Mouse HID Driver / mouhid][Running/Manual Start]
  <system32\DRIVERS\mouhid.sys><Microsoft Corporation>
[WebDav Client Redirector / MRxDAV][Running/Manual Start]
  <system32\DRIVERS\mrxdav.sys><Microsoft Corporation>
[MRxSmb / MRxSmb][Running/System Start]
  <system32\DRIVERS\mrxsmb.sys><Microsoft Corporation>
[Microsoft Streaming Service Proxy / MSKSSRV][Stopped/Manual Start]
  <system32\drivers\MSKSSRV.sys><Microsoft Corporation>
[Microsoft Streaming Clock Proxy / MSPCLOCK][Stopped/Manual Start]
  <system32\drivers\MSPCLOCK.sys><Microsoft Corporation>
[Microsoft Streaming Quality Manager Proxy / MSPQM][Stopped/Manual Start]
  <system32\drivers\MSPQM.sys><Microsoft Corporation>
[Microsoft System Management BIOS Driver / mssmbios][Running/Manual Start]
  <system32\DRIVERS\mssmbios.sys><Microsoft Corporation>
[Remote Access NDIS TAPI Driver / NdisTapi][Running/Manual Start]
  <system32\DRIVERS\ndistapi.sys><Microsoft Corporation>
[NDIS 用户模式 I/O 协议 / Ndisuio][Running/Manual Start]
  <system32\DRIVERS\ndisuio.sys><Microsoft Corporation>
[Remote Access NDIS WAN Driver / NdisWan][Running/Manual Start]
  <system32\DRIVERS\ndiswan.sys><Microsoft Corporation>
[NetBIOS Interface / NetBIOS][Running/System Start]
  <system32\DRIVERS\netbios.sys><Microsoft Corporation>
[NetBios over Tcpip / NetBT][Running/System Start]
  <system32\DRIVERS\netbt.sys><Microsoft Corporation>
[nvatabus / nvatabus][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\nvatabus.sys><NVIDIA Corporation>
[nvgts / nvgts][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\nvgts.sys><NVIDIA Corporation>
[NVIDIA nForce RAID Driver / nvrd32][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
[IPX Traffic Filter Driver / NwlnkFlt][Stopped/Manual Start]
  <system32\DRIVERS\nwlnkflt.sys><Microsoft Corporation>
[IPX Traffic Forwarder Driver / NwlnkFwd][Stopped/Manual Start]
  <system32\DRIVERS\nwlnkfwd.sys><Microsoft Corporation>
[Parallel port driver / Parport][Running/Manual Start]
  <system32\DRIVERS\parport.sys><Microsoft Corporation>
[PCI Bus Driver / PCI][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\pci.sys><Microsoft Corporation>
[PCIIde / PCIIde][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\pciide.sys><Microsoft Corporation>
[WAN Miniport (PPTP) / PptpMiniport][Running/Manual Start]
  <system32\DRIVERS\raspptp.sys><Microsoft Corporation>
[处理器驱动程序 / Processor][Stopped/System Start]
  <system32\DRIVERS\processr.sys><Microsoft Corporation>
[QoS Packet Scheduler / PSched][Running/Manual Start]
  <system32\DRIVERS\psched.sys><Microsoft Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Remote Access Auto Connection Driver / RasAcd][Running/System Start]
  <system32\DRIVERS\rasacd.sys><Microsoft Corporation>
[WAN Miniport (IrDA) / Rasirda][Stopped/Manual Start]
  <system32\DRIVERS\rasirda.sys><Microsoft Corporation>
[WAN Miniport (L2TP) / Rasl2tp][Running/Manual Start]
  <system32\DRIVERS\rasl2tp.sys><Microsoft Corporation>
[远程访问 PPPOE 驱动程序 / RasPppoe][Running/Manual Start]
  <system32\DRIVERS\raspppoe.sys><Microsoft Corporation>
[Direct Parallel / Raspti][Running/Manual Start]
  <system32\DRIVERS\raspti.sys><Microsoft Corporation>
[Rdbss / Rdbss][Running/System Start]
  <system32\DRIVERS\rdbss.sys><Microsoft Corporation>
[RDPCDD / RDPCDD][Running/System Start]
  <System32\DRIVERS\RDPCDD.sys><Microsoft Corporation>
[Terminal Server Device Redirector Driver / rdpdr][Running/Manual Start]
  <system32\DRIVERS\rdpdr.sys><Microsoft Corporation>
[Digital CD Audio Playback Filter Driver / redbook][Running/System Start]
  <system32\DRIVERS\redbook.sys><Microsoft Corporation>
[Rising RfwARP Driver / RFWARP][Running/Auto Start]
  <system32\DRIVERS\rfwarp.sys><Beijing Rising Information Technology Co., Ltd.>
[Rising RfwBase Driver / RfwBase9][Running/Manual Start]
  <system32\DRIVERS\rfwbase.sys><Beijing Rising Information Technology Co., Ltd.>
[rfwtdi / rfwtdi][Running/Auto Start]
  <\??\D:\Program Files\Rising\Ris\rfwtdi.sys><Beijing Rising Information Technology Co., Ltd.>
[rsassist / rsassist][Running/Auto Start]
  <system32\drivers\rsassist.sys><Beijing Rising Information Technology Co., Ltd.>
[rsfwdrv / rsfwdrv][Running/System Start]
  <\??\D:\Program Files\Rising\Ris\rsfwdrv.sys><Beijing Rising Information Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Information Technology Co., Ltd.>
[Realtek 10/100/1000 PCI NIC Family NDIS XP Driver / RTL8023xp][Running/Manual Start]
  <system32\DRIVERS\Rtnicxp.sys><Realtek Semiconductor Corporation>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver / RTLE8023xp][Stopped/Manual Start]
  <system32\DRIVERS\Rtenicxp.sys><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[Serenum Filter Driver / serenum][Running/Manual Start]
  <system32\DRIVERS\serenum.sys><Microsoft Corporation>
[Serial port driver / Serial][Running/System Start]
  <system32\DRIVERS\serial.sys><Microsoft Corporation>
[ATI-437A Serial ATA Controller / SI3112r][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\SI3112r.sys><Silicon Image, Inc>
[SATALink driver accelerator / SiFilter][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\SiWinAcc.sys><Silicon Image, Inc.>
[SiSRaid / SiSRaid][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\SiSRaid.sys><Silicon Integrated Systems>
[SiSRaid2 / SiSRaid2][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\SiSRaid2.sys><Silicon Integrated Systems Corp>
[SiSRaid4 / SiSRaid4][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\sisraid4.sys><Silicon Integrated Systems>
[Microsoft Kernel Audio Splitter / splitter][Stopped/Manual Start]
  <system32\drivers\splitter.sys><Microsoft Corporation>
[System Restore Filter Driver / Sr][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\sr.sys><Microsoft Corporation>
[Srv / Srv][Running/Manual Start]
  <system32\DRIVERS\srv.sys><Microsoft Corporation>
[Software Bus Driver / swenum][Running/Manual Start]
  <system32\DRIVERS\swenum.sys><Microsoft Corporation>
[Microsoft Kernel GS Wavetable Synthesizer / swmidi][Stopped/Manual Start]
  <system32\drivers\swmidi.sys><Microsoft Corporation>
[Microsoft Kernel System Audio Device / sysaudio][Running/Manual Start]
  <system32\drivers\sysaudio.sys><Microsoft Corporation>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[Terminal Device Driver / TermDD][Running/System Start]
  <system32\DRIVERS\termdd.sys><Microsoft Corporation>
[Microcode Update Driver / Update][Running/Manual Start]
  <system32\DRIVERS\update.sys><Microsoft Corporation>
[Microsoft USB Generic Parent Driver / usbccgp][Running/Manual Start]
  <system32\DRIVERS\usbccgp.sys><Microsoft Corporation>
[Microsoft USB 2.0 Enhanced Host Controller Miniport Driver / usbehci][Running/Manual Start]
  <system32\DRIVERS\usbehci.sys><Microsoft Corporation>
[Microsoft USB Standard Hub Driver / usbhub][Running/Manual Start]
  <system32\DRIVERS\usbhub.sys><Microsoft Corporation>
[Microsoft USB Open Host Controller Miniport Driver / usbohci][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\usbohci.sys><Microsoft Corporation>
[USB 大容量存储设备 / USBSTOR][Stopped/Manual Start]
  <system32\DRIVERS\USBSTOR.SYS><Microsoft Corporation>
[Microsoft USB Universal Host Controller Miniport Driver / usbuhci][Running/Manual Start]
  <system32\DRIVERS\usbuhci.sys><Microsoft Corporation>
[VgaSave / VgaSave][Running/System Start]
  <\SystemRoot\System32\drivers\vga.sys><Microsoft Corporation>
[viamraid / viamraid][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\viamraid.sys><VIA Technologies inc,.ltd>
[vmscsi / vmscsi][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\vmscsi.sys><VMware, Inc.>
[Remote Access IP ARP Driver / Wanarp][Running/Manual Start]
  <system32\DRIVERS\wanarp.sys><Microsoft Corporation>
[Microsoft WINMM WDM Audio Compatibility Driver / wdmaud][Running/Manual Start]
  <system32\drivers\wdmaud.sys><Microsoft Corporation>

==================================
浏览器加载项
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[Adobe PDF Link Helper]
  {18DF081C-E8AD-4283-A596-FA578C2EBDC3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll, (Signed) Adobe Systems Incorporated>
[IEFXZ]
  {6A49F431-2A2E-41a5-9080-0F41D1A3AEC2} <C:\PROGRA~1\IEfxz\iefxz.dll, >
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[卡卡上网安全助手]
  {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} <C:\WINDOWS\system32\UrlFilter.dll, (Signed) Beijing Rising Information Technology Co., Ltd.>
[Download_Bho Class]
  {A986E409-30CC-4185-89BB-AB212C104524} <C:\Program Files\PPLiveVA\DownloaderManager.dll, N/A>
[IEFXZTool]
  {61F0024B-8278-4999-B7E6-2718426D9FE6} <C:\PROGRA~1\IEfxz\iefxz.dll, >
[]
  {CCC7A320-B3CA-4199-B1A6-9F516DD69829} <, >
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[]
  {116BA71C-8187-4F15-9A1F-C9D6289155D1} <, >
[Adobe PDF Link Helper]
  {18DF081C-E8AD-4283-A596-FA578C2EBDC3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll, (Signed) Adobe Systems Incorporated>
[]
  {2974c985-8151-4de5-b23c-b875f0a8522f} <, >
[]
  {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} <, >
[]
  {61F0024B-8278-4999-B7E6-2718426D9FE6} <, >
[IEFXZHelper]
  {6A49F431-2A2E-41a5-9080-0F41D1A3AEC1} <C:\PROGRA~1\IEfxz\iefxz.dll, >
[IEFXZ]
  {6A49F431-2A2E-41A5-9080-0F41D1A3AEC2} <C:\PROGRA~1\IEfxz\iefxz.dll, >
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[]
  {95B3F550-91C4-4627-BCC4-521288C52977} <, >
[卡卡上网安全助手]
  {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} <C:\WINDOWS\system32\UrlFilter.dll, (Signed) Beijing Rising Information Technology Co., Ltd.>
[]
  {A3BC75A2-1F87-4686-AA43-5347D756017C} <, >
[Download_Bho Class]
  {A986E409-30CC-4185-89BB-AB212C104524} <C:\Program Files\PPLiveVA\DownloaderManager.dll, N/A>
[]
  {CCC7A320-B3CA-4199-B1A6-9F516DD69829} <, >
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10c.ocx, (Signed) Adobe Systems, Inc.>
[]
  {E2E2DD38-D088-4134-82B7-F2BA38496583} <, >
[使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000, N/A>

==================================
正在运行的进程
[PID: 848 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
[PID: 916 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\CSRSRV.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\basesrv.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\winsrv.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.5698 (xpsp_sp3_qfe.081022-1941)]
    [C:\WINDOWS\system32\KERNEL32.dll]  [Microsoft Corporation, 5.1.2600.5781 (xpsp_sp3_qfe.090321-1341)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.5795 (xpsp_sp3_qfe.090415-1301)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\system32\sxs.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 940 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.5781 (xpsp_sp3_qfe.090321-1341)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.5795 (xpsp_sp3_qfe.090415-1301)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\system32\AUTHZ.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.5698 (xpsp_sp3_qfe.081022-1941)]
    [C:\WINDOWS\system32\NDdeApi.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\PROFMAP.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_qfe.081015-1409)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\PSAPI.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\REGAPI.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\SETUPAPI.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\WINSTA.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\WINTRUST.dll]  [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\IMAGEHLP.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\MSGINA.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\COMCTL32.dll]  [Microsoft Corporation, 5.82 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\ODBC32.dll]  [Microsoft Corporation, 3.525.1132.0 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\comdlg32.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.5686 (xpsp_sp3_qfe.080929-1340)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll]  [Microsoft Corporation, 6.0 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\odbcint.dll]  [Microsoft Corporation, 3.525.1117.0 built by: (_sqlbld)]
    [C:\WINDOWS\system32\SHSVCS.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\sfc.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\system32\Apphelp.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.5768 (xpsp_sp3_gdr.090226-1442)]
    [C:\WINDOWS\system32\WINSCARD.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\WTSAPI32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.317]
    [C:\WINDOWS\system32\cscdll.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\rsaenh.dll]  [Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711)]
    [C:\WINDOWS\System32\dimsntfy.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\WlNotify.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\MPR.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\WINSPOOL.DRV]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\SAMLIB.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\cscui.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\NTMARTA.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\msv1_0.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\system32\cryptdll.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\iphlpapi.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\wdmaud.drv]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)]
    [C:\WINDOWS\system32\midimap.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)]
    [C:\WINDOWS\system32\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.700]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.5512]
    [C:\WINDOWS\system32\CLBCATQ.DLL]  [Microsoft Corporation, 2001.12.4414.700]
    [C:\WINDOWS\system32\xpsp2res.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[PID: 984 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.5781 (xpsp_sp3_qfe.090321-1341)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.5795 (xpsp_sp3_qfe.090415-1301)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\NCObjAPI.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\system32\MSVCP60.dll]  [Microsoft Corporation, 6.02.3104.0]
    [C:\WINDOWS\system32\SCESRV.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\AUTHZ.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.5698 (xpsp_sp3_qfe.081022-1941)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\umpnpmgr.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\WINSTA.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_qfe.081015-1409)]
    [C:\WINDOWS\system32\ShimEng.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\AppPatch\AcAdProc.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\Apphelp.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\eventlog.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\PSAPI.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\wtsapi32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 996 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.5781 (xpsp_sp3_qfe.090321-1341)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.5795 (xpsp_sp3_qfe.090415-1301)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\system32\LSASRV.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\system32\MPR.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.5698 (xpsp_sp3_qfe.081022-1941)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_qfe.081015-1409)]
    [C:\WINDOWS\system32\NTDSAPI.dll]  [Microsoft Corporation, 5.1.2600.5582 (xpsp_sp3_qfe.080416-1432)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\SAMLIB.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\SAMSRV.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\cryptdll.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\ShimEng.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\AppPatch\AcGenral.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.5512]
    [C:\WINDOWS\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.5686 (xpsp_sp3_qfe.080929-1340)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll]  [Microsoft Corporation, 6.0 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\comctl32.dll]  [Microsoft Corporation, 5.82 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\msprivs.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\kerberos.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\system32\msv1_0.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\system32\iphlpapi.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\netlogon.dll]  [Microsoft Corporation, 5.1.2600.5582 (xpsp_sp3_qfe.080416-1432)]
    [C:\WINDOWS\system32\w32time.dll]  [Microsoft Corporation, 5.1.2600.5582 (xpsp_sp3_qfe.080416-1432)]
    [C:\WINDOWS\system32\MSVCP60.dll]  [Microsoft Corporation, 6.02.3104.0]
    [C:\WINDOWS\system32\schannel.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\wdigest.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\system32\rsaenh.dll]  [Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711)]
    [C:\WINDOWS\system32\scecli.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\SETUPAPI.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\ipsecsvc.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\AUTHZ.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\oakley.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\WINIPSEC.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\pstorsvc.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)]
    [C:\WINDOWS\system32\hnetcfg.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\wshtcpip.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\psbase.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\dssenh.dll]  [Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711)]
[PID: 1164 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.5781 (xpsp_sp3_qfe.090321-1341)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.5795 (xpsp_sp3_qfe.090415-1301)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\system32\ShimEng.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\AppPatch\AcGenral.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.5698 (xpsp_sp3_qfe.081022-1941)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.5512]
    [C:\WINDOWS\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.5686 (xpsp_sp3_qfe.080929-1340)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll]  [Microsoft Corporation, 6.0 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\comctl32.dll]  [Microsoft Corporation, 5.82 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\NTMARTA.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\SAMLIB.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [c:\windows\system32\rpcss.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [c:\windows\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [c:\windows\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\xpsp2res.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [c:\windows\system32\termsrv.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [c:\windows\system32\ICAAPI.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [c:\windows\system32\SETUPAPI.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\WINTRUST.dll]  [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\IMAGEHLP.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [c:\windows\system32\AUTHZ.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [c:\windows\system32\mstlsapi.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [c:\windows\system32\ACTIVEDS.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [c:\windows\system32\adsldpc.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_qfe.081015-1409)]
    [c:\windows\system32\ATL.DLL]  [Microsoft Corporation, 3.05.2284]
    [C:\WINDOWS\system32\REGAPI.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\rsaenh.dll]  [Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711)]
    [C:\WINDOWS\system32\CLBCATQ.DLL]  [Microsoft Corporation, 2001.12.4414.700]
    [C:\WINDOWS\system32\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.700]
    [C:\WINDOWS\system32\Apphelp.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[PID: 1248 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.5781 (xpsp_sp3_qfe.090321-1341)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.5795 (xpsp_sp3_qfe.090415-1301)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\system32\ShimEng.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\AppPatch\AcGenral.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.5698 (xpsp_sp3_qfe.081022-1941)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.5512]
    [C:\WINDOWS\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.5686 (xpsp_sp3_qfe.080929-1340)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll]  [Microsoft Corporation, 6.0 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\comctl32.dll]  [Microsoft Corporation, 5.82 (xpsp.080413-2105)]
    [c:\windows\system32\rpcss.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [c:\windows\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [c:\windows\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\xpsp2res.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\rsaenh.dll]  [Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711)]
    [C:\WINDOWS\system32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)]
    [C:\WINDOWS\system32\hnetcfg.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\wshtcpip.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)]
    [C:\WINDOWS\system32\iphlpapi.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\winrnr.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\rasadhlp.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\CLBCATQ.DLL]  [Microsoft Corporation, 2001.12.4414.700]
    [C:\WINDOWS\system32\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.700]
[PID: 1388 / SYSTEM][D:\Program Files\Rising\Ris\RavMonD.exe]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.5781 (xpsp_sp3_qfe.090321-1341)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.5698 (xpsp_sp3_qfe.081022-1941)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.5795 (xpsp_sp3_qfe.090415-1301)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)]
    [D:\Program Files\Rising\Ris\combase.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 16]
    [D:\Program Files\Rising\Ris\cnt09.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2]
    [D:\Program Files\Rising\Ris\moncomm.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 9]
    [D:\Program Files\Rising\Ris\MonBase.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3]
    [D:\Program Files\Rising\Ris\Rslog.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.39]
    [D:\Program Files\Rising\Ris\mondrv.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6]
    [D:\Program Files\Rising\Ris\defmon.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 41]
    [C:\WINDOWS\system32\PSAPI.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [D:\Program Files\Rising\Ris\moncom08.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1]
    [D:\Program Files\Rising\Ris\MonRule.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 9]
    [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll]  [Microsoft Corporation, 6.0 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\comctl32.dll]  [Microsoft Corporation, 5.82 (xpsp.080413-2105)]
    [D:\Program Files\Rising\Ris\FileMon.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 27]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.5512]
    [D:\Program Files\Rising\Ris\MailMon.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 19]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [D:\Program Files\Rising\Ris\HookWeb.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 12]
    [D:\Program Files\Rising\Ris\rfwlog.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.12]
    [D:\Program Files\Rising\Ris\rfwrule.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.1]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [D:\Program Files\Rising\Ris\rfwsrv.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.2]
    [D:\Program Files\Rising\Ris\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [D:\Program Files\Rising\Ris\mPorts.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.0]
    [D:\Program Files\Rising\Ris\rfwdrvc.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
    [D:\Program Files\Rising\Ris\Rfwdrv.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.5]
    [D:\Program Files\Rising\Ris\rsnetsvr.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2]
    [D:\Program Files\Rising\Ris\RfwArp.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.5]
    [C:\WINDOWS\system32\Iphlpapi.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [D:\Program Files\Rising\Ris\urlrule.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.1]
    [D:\Program Files\Rising\Ris\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [D:\Program Files\Rising\Ris\recomp.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6]
    [C:\WINDOWS\system32\Wtsapi32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\WINSTA.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_qfe.081015-1409)]
    [D:\Program Files\Rising\Ris\refs.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3]
    [D:\Program Files\Rising\Ris\viruslib.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3]
    [D:\Program Files\Rising\Ris\relibldr.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3]
    [D:\Program Files\Rising\Ris\urllib.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1]
    [D:\Program Files\Rising\Ris\rfwproxy.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 40]
    [C:\WINDOWS\system32\WININET.dll]  [Microsoft Corporation, 6.00.2900.5835 (xpsp_sp3_qfe.090626-1600)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)]
    [C:\WINDOWS\system32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)]
    [C:\WINDOWS\system32\hnetcfg.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\wshtcpip.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [D:\Program Files\Rising\Ris\rsindent.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 7]
    [D:\Program Files\Rising\Ris\taskplug.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 8]
    [D:\Program Files\Rising\Ris\scansrvp.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.7]
    [D:\Program Files\Rising\Ris\cnt08.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1]
    [D:\Program Files\Rising\Ris\proccomm.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4]
    [D:\Program Files\Rising\Ris\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.0]
    [D:\Program Files\Rising\Ris\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.0]
    [D:\Program Files\Rising\Ris\Hooksys.dll]  [Beijing Rising Information Technology Co., Ltd., 24, 0, 0, 3]
    [D:\Program Files\Rising\Ris\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [D:\Program Files\Rising\Ris\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [D:\Program Files\Rising\Ris\HookCont.dll]  [Beijing Rising Information Technology Co., Ltd., 24, 0, 0, 1]
    [D:\Program Files\Rising\Ris\BACore.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 25]
    [C:\WINDOWS\system32\sfc.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\WINTRUST.dll]  [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\IMAGEHLP.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [D:\Program Files\Rising\Ris\bawhite.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1]
    [D:\Program Files\Rising\Ris\RSStore.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3]
    [D:\Program Files\Rising\Ris\Scanner.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.16]
    [D:\Program Files\Rising\Ris\ScanAdd.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.4]
    [D:\Program Files\Rising\Ris\NComm2.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2]
    [D:\Program Files\Rising\Ris\rstask.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5]
    [D:\Program Files\Rising\Ris\rsstub.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1]
    [D:\Program Files\Rising\Ris\ScanSrv.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.3]
    [C:\WINDOWS\system32\rsaenh.dll]  [Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711)]
    [C:\WINDOWS\system32\xpsp2res.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\userenv.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\cryptnet.dll]  [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\SensApi.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\system32\WINHTTP.dll]  [Microsoft Corporation, 5.1.2600.5727 (xpsp_sp3_qfe.081215-1350)]
    [C:\WINDOWS\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [D:\Program Files\Rising\Ris\scanpe.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 10]
    [D:\Program Files\Rising\Ris\pearc.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2]
    [D:\Program Files\Rising\Ris\ur000.dat]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3]
    [D:\Program Files\Rising\Ris\urutils.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1]
    [C:\WINDOWS\system32\CLBCATQ.DLL]  [Microsoft Corporation, 2001.12.4414.700]
    [C:\WINDOWS\system32\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.700]
    [D:\Program Files\Rising\Ris\ffr.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4]
    [D:\Program Files\Rising\Ris\nvfile.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1]
    [D:\Program Files\Rising\Ris\scanexec.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2]
    [D:\Program Files\Rising\Ris\unexe.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2]
    [D:\Program Files\Rising\Ris\scanex.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 27]
    [C:\WINDOWS\system32\Apphelp.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\shell32.dll]  [Microsoft Corporation, 6.00.2900.5686 (xpsp_sp3_qfe.080929-1340)]
    [C:\WINDOWS\system32\wsock32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\RASAPI32.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\rasman.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\TAPI32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\rtutils.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\msv1_0.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\system32\cryptdll.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\urlmon.dll]  [Microsoft Corporation, 6.00.2900.5835 (xpsp_sp3_qfe.090626-1600)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)]
    [C:\WINDOWS\System32\winrnr.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\rasadhlp.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [D:\Program Files\Rising\Ris\scansct.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1]
    [D:\Program Files\Rising\Ris\scantj.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4]
    [D:\Program Files\Rising\Ris\methodex.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3]
    [D:\Program Files\Rising\Ris\revm.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3]
    [D:\Program Files\Rising\Ris\heurex.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 9]
    [D:\Program Files\Rising\Ris\pecompd.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3]
    [D:\Program Files\Rising\Ris\extmail.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5]
[PID: 1400 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.5781 (xpsp_sp3_qfe.090321-1341)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.5795 (xpsp_sp3_qfe.090415-1301)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\System32\ShimEng.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\AppPatch\AcGenral.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.5698 (xpsp_sp3_qfe.081022-1941)]
    [C:\WINDOWS\System32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.5512]
    [C:\WINDOWS\System32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.5686 (xpsp_sp3_qfe.080929-1340)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\System32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\System32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll]  [Microsoft Corporation, 6.0 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\comctl32.dll]  [Microsoft Corporation, 5.82 (xpsp.080413-2105)]
    [C:\WINDOWS\System32\NTMARTA.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\System32\SAMLIB.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\System32\xpsp2res.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [c:\windows\system32\shsvcs.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\System32\WINSTA.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_qfe.081015-1409)]
    [c:\windows\system32\dhcpcsvc.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [c:\windows\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)]
    [c:\windows\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [c:\windows\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [c:\windows\system32\iphlpapi.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)]
    [C:\WINDOWS\System32\hnetcfg.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\wshtcpip.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [c:\windows\system32\wzcsvc.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [c:\windows\system32\rtutils.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [c:\windows\system32\WMI.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [c:\windows\system32\EapolQec.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [c:\windows\system32\ATL.DLL]  [Microsoft Corporation, 3.05.2284]
    [c:\windows\system32\QUtil.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [c:\windows\system32\MSVCP60.dll]  [Microsoft Corporation, 6.02.3104.0]
    [c:\windows\system32\dot3api.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [c:\windows\system32\WTSAPI32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [c:\windows\system32\ESENT.dll]  [Microsoft Corporation, 5.1.2468.0 (Lab03_N(jliem).010306-1456)]
    [C:\WINDOWS\System32\CLBCATQ.DLL]  [Microsoft Corporation, 2001.12.4414.700]
    [C:\WINDOWS\System32\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.700]
    [C:\WINDOWS\System32\SETUPAPI.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\System32\rsaenh.dll]  [Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711)]
    [C:\WINDOWS\System32\rastls.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\CRYPTUI.dll]  [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\WININET.dll]  [Microsoft Corporation, 6.00.2900.5835 (xpsp_sp3_qfe.090626-1600)]
    [C:\WINDOWS\system32\WINTRUST.dll]  [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\IMAGEHLP.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\System32\MPRAPI.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\ACTIVEDS.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\System32\adsldpc.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\System32\RASAPI32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\rasman.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\TAPI32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\SCHANNEL.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\System32\WinSCard.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\System32\PSAPI.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\System32\raschap.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\msv1_0.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\System32\cryptdll.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [c:\windows\system32\schedsvc.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [c:\windows\system32\NTDSAPI.dll]  [Microsoft Corporation, 5.1.2600.5582 (xpsp_sp3_qfe.080416-1432)]
    [C:\WINDOWS\System32\MSIDLE.DLL]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [c:\windows\system32\audiosrv.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)]
    [c:\windows\system32\wkssvc.dll]  [Microsoft Corporation, 5.1.2600.5826 (xpsp_sp3_qfe.090609-1445)]
    [c:\windows\system32\cryptsvc.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [c:\windows\system32\certcli.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [c:\windows\system32\dmserver.dll]  [Microsoft Corp., 2600.5512.503.0]
    [c:\windows\system32\es.dll]  [Microsoft Corporation, 2001.12.4414.706]
    [c:\windows\system32\srvsvc.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [c:\windows\system32\hidserv.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [c:\windows\system32\HID.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [c:\windows\system32\netman.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [c:\windows\system32\netshell.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [c:\windows\system32\credui.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [c:\windows\system32\dot3dlg.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [c:\windows\system32\OneX.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [c:\windows\system32\eappcfg.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [c:\windows\system32\eappprxy.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [c:\windows\system32\WZCSAPI.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [c:\windows\system32\seclogon.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [c:\windows\system32\wbem\wmisvc.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\system32\VSSAPI.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [c:\windows\system32\w32time.dll]  [Microsoft Corporation, 5.1.2600.5582 (xpsp_sp3_qfe.080416-1432)]
    [c:\windows\system32\trkwks.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [c:\windows\system32\sens.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [c:\windows\system32\ipnathlp.dll]  [Microsoft Corporation, 5.1.2600.5584 (xpsp_sp3_qfe.080421-1413)]
    [c:\windows\system32\AUTHZ.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\System32\SXS.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\comsvcs.dll]  [Microsoft Corporation, 2001.12.4414.702]
    [C:\WINDOWS\system32\colbact.DLL]  [Microsoft Corporation, 2001.12.4414.700]
    [C:\WINDOWS\system32\MTXCLU.DLL]  [Microsoft Corporation, 2001.12.4414.706]
    [C:\WINDOWS\system32\WSOCK32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\CLUSAPI.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\System32\RESUTILS.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [c:\windows\system32\browser.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\System32\rasadhlp.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\wbem\wbemcomn.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\System32\Wbem\wbemcore.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\System32\Wbem\esscli.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\System32\Wbem\FastProx.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\wbem\wmiutils.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\system32\wbem\repdrvfs.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\system32\upnp.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\WINHTTP.dll]  [Microsoft Corporation, 5.1.2600.5727 (xpsp_sp3_qfe.081215-1350)]
    [C:\WINDOWS\system32\SSDPAPI.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\wbem\wmiprvsd.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\NCObjAPI.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\system32\wbem\wbemess.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\system32\netcfgx.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\rasmans.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\WINIPSEC.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [c:\windows\system32\tapisrv.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\rastapi.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\unimdm.tsp]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\uniplat.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\kmddsp.tsp]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\ndptsp.tsp]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\h323.tsp]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\hidphone.tsp]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\rasppp.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\ntlsapi.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\kerberos.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\System32\RASQEC.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\RASDLG.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\wbem\ncprov.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [c:\windows\system32\wuauserv.dll]  [Microsoft Corporation, 5.4.3790.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\WINSPOOL.DRV]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\Cabinet.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\System32\mspatcha.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\System32\sfc.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\System32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\msxml3.dll]  [Microsoft Corporation, 8.100.1048.0]
    [C:\WINDOWS\system32\Apphelp.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\System32\dssenh.dll]  [Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711)]
    [C:\WINDOWS\system32\advpack.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\msi.dll]  [Microsoft Corporation, 3.1.4001.5512]
    [C:\WINDOWS\system32\wbem\wbemsvc.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
[PID: 1516 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.5781 (xpsp_sp3_qfe.090321-1341)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.5795 (xpsp_sp3_qfe.090415-1301)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\system32\ShimEng.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\AppPatch\AcGenral.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.5698 (xpsp_sp3_qfe.081022-1941)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.5512]
    [C:\WINDOWS\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.5686 (xpsp_sp3_qfe.080929-1340)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll]  [Microsoft Corporation, 6.0 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\comctl32.dll]  [Microsoft Corporation, 5.82 (xpsp.080413-2105)]
    [c:\windows\system32\dnsrslvr.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [c:\windows\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)]
    [c:\windows\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [c:\windows\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [c:\windows\system32\iphlpapi.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\rsaenh.dll]  [Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711)]
    [C:\WINDOWS\system32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)]
    [C:\WINDOWS\system32\hnetcfg.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\wshtcpip.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[PID: 1672 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.5781 (xpsp_sp3_qfe.090321-1341)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.5795 (xpsp_sp3_qfe.090415-1301)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\system32\ShimEng.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\AppPatch\AcGenral.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.5698 (xpsp_sp3_qfe.081022-1941)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.5512]
    [C:\WINDOWS\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.5686 (xpsp_sp3_qfe.080929-1340)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll]  [Microsoft Corporation, 6.0 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\comctl32.dll]  [Microsoft Corporation, 5.82 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\NTMARTA.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\SAMLIB.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\xpsp2res.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [c:\windows\system32\lmhsvc.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [c:\windows\system32\iphlpapi.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [c:\windows\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [c:\windows\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [c:\windows\system32\ssdpsrv.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\hnetcfg.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\CLBCATQ.DLL]  [Microsoft Corporation, 2001.12.4414.700]
    [C:\WINDOWS\system32\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.700]
    [C:\WINDOWS\system32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)]
    [C:\WINDOWS\System32\wshtcpip.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[PID: 1916 / Administrator][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.5781 (xpsp_sp3_qfe.090321-1341)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.5795 (xpsp_sp3_qfe.090415-1301)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\system32\BROWSEUI.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.5698 (xpsp_sp3_qfe.081022-1941)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.5512]
    [C:\WINDOWS\system32\SHDOCVW.dll]  [Microsoft Corporation, 6.00.2900.5848 (xpsp_sp3_qfe.090718-1313)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\CRYPTUI.dll]  [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_qfe.081015-1409)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\WININET.dll]  [Microsoft Corporation, 6.00.2900.5835 (xpsp_sp3_qfe.090626-1600)]
    [C:\WINDOWS\system32\WINTRUST.dll]  [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\IMAGEHLP.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.5686 (xpsp_sp3_qfe.080929-1340)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\ShimEng.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\AppPatch\AcGenral.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)]
    [C:\WINDOWS\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
    [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll]  [Microsoft Corporation, 6.0 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\comctl32.dll]  [Microsoft Corporation, 5.82 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\urlmon.dll]  [Microsoft Corporation, 6.00.2900.5835 (xpsp_sp3_qfe.090626-1600)]
    [C:\WINDOWS\system32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.5768 (xpsp_sp3_gdr.090226-1442)]
    [C:\WINDOWS\system32\appHelp.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\CLBCATQ.DLL]  [Microsoft Corporation, 2001.12.4414.700]
    [C:\WINDOWS\system32\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.700]
    [C:\WINDOWS\System32\cscui.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\System32\CSCDLL.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\themeui.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\MSIMG32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\xpsp2res.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\msutb.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\MSCTF.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\ntshrui.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\ATL.DLL]  [Microsoft Corporation, 3.05.2284]
    [C:\WINDOWS\system32\LINKINFO.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\WINSTA.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\webcheck.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\WSOCK32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\stobject.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\BatMeter.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\POWRPROF.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\SETUPAPI.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\WTSAPI32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\wdmaud.drv]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\midimap.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)]
    [C:\WINDOWS\system32\NETSHELL.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\credui.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\dot3api.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\rtutils.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\dot3dlg.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\OneX.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\eappcfg.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\MSVCP60.dll]  [Microsoft Corporation, 6.02.3104.0]
    [C:\WINDOWS\system32\eappprxy.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\iphlpapi.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 9.0.0.2008061100]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS]  [Adobe Systems, Inc., 9.0.0.0]
    [C:\WINDOWS\system32\msi.dll]  [Microsoft Corporation, 3.1.4001.5512]
    [C:\WINDOWS\system32\WZCSAPI.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\browselc.dll]  [Microsoft Corporation, 6.00.2600.0000]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5.0.8.179]
    [C:\WINDOWS\system32\OLEACC.dll]  [Microsoft Corporation, 4.2.5406.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\SXS.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\MPR.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\drprov.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\System32\ntlanman.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\System32\NETUI0.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\System32\NETUI1.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\System32\NETRAP.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\System32\SAMLIB.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\System32\davclnt.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\DUSER.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\MSGINA.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\ODBC32.dll]  [Microsoft Corporation, 3.525.1132.0 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\comdlg32.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\odbcint.dll]  [Microsoft Corporation, 3.525.1117.0 built by: (_sqlbld)]
    [C:\WINDOWS\system32\MLANG.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.1]
    [C:\WINDOWS\system32\xpsp1res.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\shdoclc.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\wzcdlg.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\WINHTTP.dll]  [Microsoft Corporation, 5.1.2600.5727 (xpsp_sp3_qfe.081215-1350)]
    [C:\WINDOWS\system32\rsaenh.dll]  [Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711)]
    [C:\WINDOWS\system32\RASDLG.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\MPRAPI.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\ACTIVEDS.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\adsldpc.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\RASAPI32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\rasman.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\TAPI32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\msv1_0.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\system32\cryptdll.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\mydocs.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\shimgvw.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll]  [Microsoft Corporation, 5.1.3102.5581 (xpsp_sp3_qfe.080415-1416)]
    [C:\WINDOWS\system32\actxprxy.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\mscms.dll]  [Microsoft Corporation, 5.1.2600.5627 (xpsp_sp3_qfe.080624-1413)]
    [C:\WINDOWS\system32\WINSPOOL.DRV]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.2.6.179]
    [C:\WINDOWS\system32\ATL71.DLL]  [Microsoft Corporation, 7.10.6041.0]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\shmedia.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\MSVFW32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)]
    [C:\WINDOWS\system32\AVIFIL32.dll]  [Microsoft Corporation, 5.1.2600.5827 (xpsp_sp3_gdr.090610-1300)]
    [C:\WINDOWS\system32\wmvcore.dll]  [Microsoft Corporation, 11.0.5721.5251 (WMP_11.080617-2149)]
    [C:\WINDOWS\system32\WMASF.DLL]  [Microsoft Corporation, 10.00.00.4060 built by: Microsoft]
[PID: 1968 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.5781 (xpsp_sp3_qfe.090321-1341)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.5795 (xpsp_sp3_qfe.090415-1301)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.5698 (xpsp_sp3_qfe.081022-1941)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\ShimEng.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\AppPatch\AcGenral.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.5512]
    [C:\WINDOWS\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.5686 (xpsp_sp3_qfe.080929-1340)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll]  [Microsoft Corporation, 6.0 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\comctl32.dll]  [Microsoft Corporation, 5.82 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\SPOOLSS.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)]
    [C:\WINDOWS\system32\iphlpapi.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\rasadhlp.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\localspl.dll]  [Microsoft Corporation, 5.1.2600.5809 (xpsp_sp3_qfe.090507-1349)]
    [C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\WINTRUST.dll]  [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\IMAGEHLP.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\winspool.drv]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\netapi32.dll]  [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_qfe.081015-1409)]
    [C:\WINDOWS\system32\msi.dll]  [Microsoft Corporation, 3.1.4001.5512]
    [C:\WINDOWS\system32\tcpmon.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\usbmon.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)]
    [C:\WINDOWS\System32\winrnr.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\win32spl.dll]  [Microsoft Corporation, 5.1.2600.5664 (xpsp_sp3_gdr.080827-1248)]
    [C:\WINDOWS\system32\NETRAP.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\NTDSAPI.dll]  [Microsoft Corporation, 5.1.2600.5582 (xpsp_sp3_qfe.080416-1432)]
    [C:\WINDOWS\system32\CLBCATQ.DLL]  [Microsoft Corporation, 2001.12.4414.700]
    [C:\WINDOWS\system32\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.700]
    [C:\WINDOWS\system32\xpsp2res.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\inetpp.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[PID: 2040 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.5781 (xpsp_sp3_qfe.090321-1341)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.5795 (xpsp_sp3_qfe.090415-1301)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\system32\ShimEng.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\AppPatch\AcGenral.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.5698 (xpsp_sp3_qfe.081022-1941)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.5512]
    [C:\WINDOWS\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.5686 (xpsp_sp3_qfe.080929-1340)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll]  [Microsoft Corporation, 6.0 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\comctl32.dll]  [Microsoft Corporation, 5.82 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\NTMARTA.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\SAMLIB.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\xpsp2res.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [c:\windows\system32\webclnt.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\WININET.dll]  [Microsoft Corporation, 6.00.2900.5835 (xpsp_sp3_qfe.090626-1600)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [c:\windows\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [c:\windows\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\wsock32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[PID: 560 / Administrator][D:\Program Files\Rising\Ris\RsTray.exe]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.10]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.5781 (xpsp_sp3_qfe.090321-1341)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.5698 (xpsp_sp3_qfe.081022-1941)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.5795 (xpsp_sp3_qfe.090415-1301)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.5512]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.dll]  [Microsoft Corporation, 6.0 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.5768 (xpsp_sp3_gdr.090226-1442)]
    [D:\Program Files\Rising\Ris\comserv.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.15]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.5686 (xpsp_sp3_qfe.080929-1340)]
    [D:\Program Files\Rising\Ris\rslang.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1]
    [D:\Program Files\Rising\Ris\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [D:\Program Files\Rising\Ris\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\WINDOWS\system32\Wtsapi32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\WINSTA.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_qfe.081015-1409)]
    [C:\WINDOWS\system32\MSCTF.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [D:\Program Files\Rising\Ris\ProcComm.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4]
    [D:\Program Files\Rising\Ris\rsxml.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2]
    [D:\Program Files\Rising\Ris\MonState.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2]
    [D:\Program Files\Rising\Ris\ScanEvnt.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.3]
    [D:\Program Files\Rising\Ris\rsguilib.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 54]
    [D:\Program Files\Rising\Ris\rsconf.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.1]
    [D:\Program Files\Rising\Ris\rfwrule.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.1]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [D:\Program Files\Rising\Ris\rspalvd.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.6]
    [D:\Program Files\Rising\Ris\rsnetsvr.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2]
    [D:\Program Files\Rising\Ris\ravbintl.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 21]
    [C:\WINDOWS\system32\WININET.dll]  [Microsoft Corporation, 6.00.2900.5835 (xpsp_sp3_qfe.090626-1600)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [D:\Program Files\Rising\Ris\mruleui.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6]
    [D:\Program Files\Rising\Ris\MonTray.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.66]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)]
    [D:\Program Files\Rising\Ris\RavITray.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6]
    [D:\Program Files\Rising\Ris\rfwtray.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 37]
    [C:\WINDOWS\system32\iphlpapi.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [D:\Program Files\Rising\Ris\rsmginfo.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3]
    [D:\Program Files\Rising\Ris\scanleak.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5]
    [D:\Program Files\Rising\Ris\ravppops.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 20]
    [D:\Program Files\Rising\Ris\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.0]
    [D:\Program Files\Rising\Ris\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.0]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [D:\Program Files\Rising\Ris\PngDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [D:\Program Files\Rising\Ris\ScanPrxy.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.3]
    [D:\Program Files\Rising\Ris\rfwlog.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.12]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\MPRAPI.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\ACTIVEDS.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\adsldpc.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\ATL.DLL]  [Microsoft Corporation, 3.05.2284]
    [C:\WINDOWS\system32\rtutils.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\SAMLIB.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\SETUPAPI.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\wsock32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\RASAPI32.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\rasman.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\TAPI32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\msv1_0.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\system32\cryptdll.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\sensapi.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\system32\urlmon.dll]  [Microsoft Corporation, 6.00.2900.5835 (xpsp_sp3_qfe.090626-1600)]
    [C:\WINDOWS\System32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)]
    [C:\WINDOWS\System32\winrnr.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\rasadhlp.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\hnetcfg.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\wshtcpip.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[PID: 768 / Administrator][D:\Program Files\Rising\AntiSpyware\rstray.exe]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.17]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.5781 (xpsp_sp3_qfe.090321-1341)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.5698 (xpsp_sp3_qfe.081022-1941)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.5795 (xpsp_sp3_qfe.090415-1301)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.5512]
    [C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.dll]  [Microsoft Corporation, 6.0 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)]
    [D:\Program Files\Rising\AntiSpyware\rsmginfo.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.5686 (xpsp_sp3_qfe.080929-1340)]
    [C:\WINDOWS\system32\WININET.dll]  [Microsoft Corporation, 6.00.2900.5835 (xpsp_sp3_qfe.090626-1600)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\MSCTF.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.5768 (xpsp_sp3_gdr.090226-1442)]
    [D:\Program Files\Rising\AntiSpyware\RsXML.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2]
    [D:\Program Files\Rising\AntiSpyware\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [D:\Program Files\Rising\AntiSpyware\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [D:\Program Files\Rising\AntiSpyware\ComServ.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.31]
    [D:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [D:\Program Files\Rising\AntiSpyware\rscommon.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.1.1]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [D:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\WINDOWS\system32\Wtsapi32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\WINSTA.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_qfe.081015-1409)]
    [D:\Program Files\Rising\AntiSpyware\pngdll.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [D:\Program Files\Rising\AntiSpyware\runiep.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.43]
    [D:\Program Files\Rising\AntiSpyware\NComm.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.11]
    [D:\Program Files\Rising\AntiSpyware\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [D:\Program Files\Rising\AntiSpyware\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [C:\WINDOWS\system32\wsock32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\RASAPI32.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\rasman.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\TAPI32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\rtutils.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)]
    [C:\WINDOWS\system32\msv1_0.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\system32\cryptdll.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\iphlpapi.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\sensapi.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\urlmon.dll]  [Microsoft Corporation, 6.00.2900.5835 (xpsp_sp3_qfe.090626-1600)]
    [C:\WINDOWS\System32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)]
    [C:\WINDOWS\System32\winrnr.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\rasadhlp.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\SETUPAPI.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\CLBCATQ.DLL]  [Microsoft Corporation, 2001.12.4414.700]
    [C:\WINDOWS\system32\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.700]
    [C:\WINDOWS\system32\hnetcfg.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\wshtcpip.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[PID: 864 / Administrator][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.5781 (xpsp_sp3_qfe.090321-1341)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.5795 (xpsp_sp3_qfe.090415-1301)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.5698 (xpsp_sp3_qfe.081022-1941)]
    [C:\WINDOWS\system32\MSCTF.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\MSUTB.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\ShimEng.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\AppPatch\AcGenral.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.5512]
    [C:\WINDOWS\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.5686 (xpsp_sp3_qfe.080929-1340)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
    [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll]  [Microsoft Corporation, 6.0 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\urlmon.dll]  [Microsoft Corporation, 6.00.2900.5835 (xpsp_sp3_qfe.090626-1600)]
    [C:\WINDOWS\system32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.5768 (xpsp_sp3_gdr.090226-1442)]
[PID: 584 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.5781 (xpsp_sp3_qfe.090321-1341)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\System32\ATL.DLL]  [Microsoft Corporation, 3.05.2284]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.5698 (xpsp_sp3_qfe.081022-1941)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.5795 (xpsp_sp3_qfe.090415-1301)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.5512]
    [C:\WINDOWS\System32\WSOCK32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\MSWSOCK.DLL]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)]
    [C:\WINDOWS\System32\ShimEng.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\AppPatch\AcGenral.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\System32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)]
    [C:\WINDOWS\System32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.5686 (xpsp_sp3_qfe.080929-1340)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\System32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\System32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\System32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
    [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll]  [Microsoft Corporation, 6.0 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\comctl32.dll]  [Microsoft Corporation, 5.82 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\urlmon.dll]  [Microsoft Corporation, 6.00.2900.5835 (xpsp_sp3_qfe.090626-1600)]
    [C:\WINDOWS\System32\CLBCATQ.DLL]  [Microsoft Corporation, 2001.12.4414.700]
    [C:\WINDOWS\System32\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.700]
    [C:\WINDOWS\System32\xpsp2res.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\hnetcfg.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\wshtcpip.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[PID: 3044 / Administrator][D:\Program Files\Rising\AntiSpyware\knownsvr.exe]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.14]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.5781 (xpsp_sp3_qfe.090321-1341)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.5698 (xpsp_sp3_qfe.081022-1941)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.5795 (xpsp_sp3_qfe.090415-1301)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [D:\Program Files\Rising\AntiSpyware\NComm.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.11]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.5512]
    [C:\WINDOWS\system32\WININET.dll]  [Microsoft Corporation, 6.00.2900.5835 (xpsp_sp3_qfe.090626-1600)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
    [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll]  [Microsoft Corporation, 6.0 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\urlmon.dll]  [Microsoft Corporation, 6.00.2900.5835 (xpsp_sp3_qfe.090626-1600)]
    [D:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [D:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\WINDOWS\system32\Wtsapi32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\WINSTA.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_qfe.081015-1409)]
[PID: 1368 / Administrator][D:\Program Files\QQ\QQ.exe]  [TENCENT, 8,0,978,1833]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.5781 (xpsp_sp3_qfe.090321-1341)]
    [D:\Program Files\QQ\QQBaseClassInDll.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\QQ\QQHelperDll.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\QQ\BasicCtrlDll.dll]  [TENCENT, 8,0,978,1833]
    [C:\WINDOWS\system32\AVICAP32.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.5698 (xpsp_sp3_qfe.081022-1941)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.5795 (xpsp_sp3_qfe.090415-1301)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\MSVFW32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.5686 (xpsp_sp3_qfe.080929-1340)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.dll]  [Microsoft Corporation, 6.0 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\system32\MSVCP60.dll]  [Microsoft Corporation, 6.02.3104.0]
    [C:\WINDOWS\system32\WSOCK32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\WININET.dll]  [Microsoft Corporation, 6.00.2900.5835 (xpsp_sp3_qfe.090626-1600)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.5512]
    [C:\WINDOWS\system32\PSAPI.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\OLEPRO32.DLL]  [Microsoft Corporation, 5.1.2600.5512]
    [C:\WINDOWS\system32\IMAGEHLP.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\MSIMG32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_qfe.081015-1409)]
    [C:\WINDOWS\system32\iphlpapi.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
    [C:\WINDOWS\system32\MFC42LOC.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [C:\WINDOWS\system32\MSCTF.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.5768 (xpsp_sp3_gdr.090226-1442)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [D:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [D:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\WINDOWS\system32\Wtsapi32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\WINSTA.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\urlmon.dll]  [Microsoft Corporation, 6.00.2900.5835 (xpsp_sp3_qfe.090626-1600)]
    [D:\Program Files\QQ\QQAPI.dll]  [TENCENT, 8,0,978,1833]
    [C:\WINDOWS\system32\CLBCATQ.DLL]  [Microsoft Corporation, 2001.12.4414.700]
    [C:\WINDOWS\system32\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.700]
    [C:\WINDOWS\system32\xpsp2res.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\SXS.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [D:\Program Files\QQ\LoginCtrl.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\QQ\LoginCtrlRes.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\QQ\QQRes.dll]  [TENCENT, 8,0,978,1833]
    [C:\WINDOWS\system32\wintrust.dll]  [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\rsaenh.dll]  [Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711)]
    [C:\WINDOWS\system32\userenv.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [D:\Program Files\QQ\QQMainFrame.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\QQ\gdiplus.dll]  [Microsoft Corporation, 5.1.3102.3352 (xpsp_sp2_qfe.080415-1302)]
    [D:\Program Files\QQ\QQPlugin.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\QQ\UnReadMsgMgr.dll]  [TENCENT, 8,0,978,1833]
    [C:\WINDOWS\system32\asycfilt.dll]  [Microsoft Corporation, 5.1.2600.5512]
    [D:\Program Files\QQ\QQAllInOne.dll]  [TENCENT, 8,0,978,1833]
    [C:\WINDOWS\system32\comdlg32.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [D:\Program Files\QQ\SCCore.dll]  [TENCENT, 1, 6, 0, 2]
    [D:\Program Files\QQ\CameraDll.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\QQ\CQQApplication.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\QQ\FlashAvatarDll.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\QQ\NewSkin.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\QQ\MailSummary.dll]  [TENCENT, 8,0,978,1833]
    [C:\WINDOWS\System32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)]
    [C:\WINDOWS\System32\winrnr.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\wdmaud.drv]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)]
    [C:\WINDOWS\system32\midimap.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)]
    [D:\Program Files\QQ\QQSpace.dll]  [TENCENT, 8,0,978,1833]
    [C:\WINDOWS\system32\rasadhlp.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\hnetcfg.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\wshtcpip.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\Macromed\Flash\Flash10c.ocx]  [Adobe Systems, Inc., 10,0,32,18]
    [C:\WINDOWS\system32\mscms.dll]  [Microsoft Corporation, 5.1.2600.5627 (xpsp_sp3_qfe.080624-1413)]
    [C:\WINDOWS\system32\WINSPOOL.DRV]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\devenum.dll]  [Microsoft Corporation, 6.05.2600.5512]
    [C:\WINDOWS\system32\setupapi.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [D:\Program Files\QQ\OEMApplication.dll]  [TENCENT, 8,0,978,1833]
    [C:\WINDOWS\system32\RASAPI32.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\rasman.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\TAPI32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\rtutils.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\shdocvw.dll]  [Microsoft Corporation, 6.00.2900.5848 (xpsp_sp3_qfe.090718-1313)]
    [C:\WINDOWS\system32\CRYPTUI.dll]  [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)]
    [D:\Program Files\QQ\QQAvatar.dll]  [TENCENT, 8,0,978,1833]
    [C:\WINDOWS\system32\msv1_0.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\system32\cryptdll.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [D:\Program Files\QQ\QQKnowledgeSearch.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\QQ\QQGroupMng.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\QQ\QQSysMsgMng.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\QQ\UserDefinedHead.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\QQ\QQConfigPlugin.dll]  [TENCENT, 8,0,978,1833]
    [C:\WINDOWS\system32\DINPUT.dll]  [Microsoft Corporation, 5.03.2600.5512 (xpsp.080413-0845)]
    [D:\Program Files\QQ\QQCustomFace.dll]  [TENCENT, 8,0,978,1833]
    [C:\WINDOWS\system32\mlang.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\schannel.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [D:\Program Files\QQ\QRingMng.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\QQ\ImageOle.dll]  [TENCENT, 8,0,978,1833]
    [C:\WINDOWS\system32\perfos.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [D:\Program Files\QQ\LongConnection.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\QQ\QQLiveQMng.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\QQ\PhoneAPI.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\QQ\DialerAllinOne.dll]  [tencent, 1, 4, 0, 0]
    [C:\WINDOWS\system32\HID.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\system32\CFGMGR32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [D:\Program Files\QQ\QQPet.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\QQ\BQQApplication.dll]  [TENCENT, 8,0,978,1833]
    [C:\WINDOWS\system32\appHelp.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\System32\cscui.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\System32\CSCDLL.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\browseui.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\ntshrui.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\ATL.DLL]  [Microsoft Corporation, 3.05.2284]
    [C:\WINDOWS\system32\LINKINFO.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\NETSHELL.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\credui.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\dot3api.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\dot3dlg.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\OneX.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\eappcfg.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\eappprxy.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [D:\Program Files\QQ\QQSceneMng.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\QQ\GroupConnection.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\QQ\CommercesMng.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\QQ\PersonalDesktop.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\QQ\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 330]
    [D:\Program Files\QQ\AddrSearch.dll]  [Tencent, 2, 3, 14, 10]
    [C:\WINDOWS\system32\shdoclc.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\mshtml.dll]  [Microsoft Corporation, 6.00.2900.5848 (xpsp_sp3_qfe.090718-1313)]
    [C:\WINDOWS\system32\msls31.dll]  [Microsoft Corporation, 3.10.349.0]
    [C:\WINDOWS\system32\msimtf.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\jscript.dll]  [Microsoft Corporation, 5.7.0.18066]
    [C:\WINDOWS\system32\ImgUtil.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\pngfilt.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\mshtmled.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 2176 / Administrator][D:\Program Files\QQ\TXPlatform.exe]  [Tencent, 1, 5, 225, 0]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.5781 (xpsp_sp3_qfe.090321-1341)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.5698 (xpsp_sp3_qfe.081022-1941)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.5795 (xpsp_sp3_qfe.090415-1301)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.5512]
    [C:\WINDOWS\system32\WINTRUST.dll]  [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\IMAGEHLP.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\PSAPI.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
    [D:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [D:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\WINDOWS\system32\Wtsapi32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\WINSTA.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_qfe.081015-1409)]
    [C:\WINDOWS\system32\urlmon.dll]  [Microsoft Corporation, 6.00.2900.5835 (xpsp_sp3_qfe.090626-1600)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll]  [Microsoft Corporation, 6.0 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\MSCTF.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\CLBCATQ.DLL]  [Microsoft Corporation, 2001.12.4414.700]
    [C:\WINDOWS\system32\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.700]
    [C:\WINDOWS\system32\xpsp2res.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\SXS.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1852 / Administrator][C:\Documents and Settings\Administrator\桌面\sreng2\SREngLdr.EXE]  [Smallfrogs Studio, 2.8.1.1279]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.5781 (xpsp_sp3_qfe.090321-1341)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.5795 (xpsp_sp3_qfe.090415-1301)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\system32\user32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.5698 (xpsp_sp3_qfe.081022-1941)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\Apphelp.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[PID: 3932 / Administrator][C:\Documents and Settings\Administrator\桌面\sreng2\SRE3cb1113b.EXE]  [Smallfrogs Studio, 2.8.1.1279]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.5781 (xpsp_sp3_qfe.090321-1341)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.5698 (xpsp_sp3_qfe.081022-1941)]
    [C:\WINDOWS\system32\comdlg32.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.5795 (xpsp_sp3_qfe.090415-1301)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.dll]  [Microsoft Corporation, 6.0 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.5686 (xpsp_sp3_qfe.080929-1340)]
    [C:\WINDOWS\system32\WINSPOOL.DRV]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\oledlg.dll]  [Microsoft Corporation, 1.0 (xpsp.080413-2108)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.5512]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)]
    [C:\WINDOWS\system32\WININET.dll]  [Microsoft Corporation, 6.00.2900.5835 (xpsp_sp3_qfe.090626-1600)]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\RICHED20.DLL]  [Microsoft Corporation, 5.30.23.1230]
    [C:\WINDOWS\system32\NTMARTA.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\SAMLIB.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\MSCTF.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.5768 (xpsp_sp3_gdr.090226-1442)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\wsock32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\RASAPI32.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\rasman.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_qfe.081015-1409)]
    [C:\WINDOWS\system32\TAPI32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\rtutils.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\msv1_0.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\system32\cryptdll.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\iphlpapi.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\urlmon.dll]  [Microsoft Corporation, 6.00.2900.5835 (xpsp_sp3_qfe.090626-1600)]
    [C:\WINDOWS\System32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)]
    [C:\WINDOWS\system32\rasadhlp.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\hnetcfg.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\wshtcpip.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\wintrust.dll]  [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\IMAGEHLP.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\xpsp2res.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\rsaenh.dll]  [Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711)]
    [C:\WINDOWS\system32\cryptnet.dll]  [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\PSAPI.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\SensApi.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\system32\WINHTTP.dll]  [Microsoft Corporation, 5.1.2600.5727 (xpsp_sp3_qfe.081215-1350)]
    [C:\WINDOWS\system32\Cabinet.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[PID: 3900 / Administrator][C:\Documents and Settings\Administrator\桌面\sreng2\SREngLdr.EXE]  [Smallfrogs Studio, 2.8.1.1279]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.5781 (xpsp_sp3_qfe.090321-1341)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.5795 (xpsp_sp3_qfe.090415-1301)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\system32\user32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.5698 (xpsp_sp3_qfe.081022-1941)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
    [C:\WINDOWS\system32\Apphelp.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[PID: 3968 / Administrator][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\SRE1A.EXE]  [Smallfrogs Studio, 2.8.1.1279]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.5781 (xpsp_sp3_qfe.090321-1341)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.5698 (xpsp_sp3_qfe.081022-1941)]
    [C:\WINDOWS\system32\comdlg32.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.5795 (xpsp_sp3_qfe.090415-1301)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.dll]  [Microsoft Corporation, 6.0 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.5686 (xpsp_sp3_qfe.080929-1340)]
    [C:\WINDOWS\system32\WINSPOOL.DRV]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\oledlg.dll]  [Microsoft Corporation, 1.0 (xpsp.080413-2108)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.5512]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)]
    [C:\WINDOWS\system32\WININET.dll]  [Microsoft Corporation, 6.00.2900.5835 (xpsp_sp3_qfe.090626-1600)]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
    [D:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [D:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\WINDOWS\system32\Wtsapi32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\WINSTA.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.5694 (xpsp_sp3_qfe.081015-1409)]
    [C:\WINDOWS\system32\urlmon.dll]  [Microsoft Corporation, 6.00.2900.5835 (xpsp_sp3_qfe.090626-1600)]
    [C:\WINDOWS\system32\RICHED20.DLL]  [Microsoft Corporation, 5.30.23.1230]
    [C:\WINDOWS\system32\NTMARTA.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\SAMLIB.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\MSCTF.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.5768 (xpsp_sp3_gdr.090226-1442)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\sfc.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\WINTRUST.dll]  [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\IMAGEHLP.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\wsock32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\RASAPI32.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\rasman.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\TAPI32.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\rtutils.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\msv1_0.dll]  [Microsoft Corporation, 5.1.2600.5834 (xpsp_sp3_qfe.090624-1332)]
    [C:\WINDOWS\system32\cryptdll.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\iphlpapi.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\System32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)]
    [C:\WINDOWS\system32\rasadhlp.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\hnetcfg.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\wshtcpip.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\appHelp.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\CLBCATQ.DLL]  [Microsoft Corporation, 2001.12.4414.700]
    [C:\WINDOWS\system32\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.700]
    [C:\WINDOWS\system32\xpsp2res.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\rsaenh.dll]  [Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711)]
    [C:\WINDOWS\system32\cryptnet.dll]  [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\PSAPI.DLL]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\SensApi.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
    [C:\WINDOWS\system32\WINHTTP.dll]  [Microsoft Corporation, 5.1.2600.5727 (xpsp_sp3_qfe.081215-1350)]
    [C:\WINDOWS\system32\Cabinet.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\utildll.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\SETUPAPI.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
MSAFD Tcpip [TCP/IP]
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD Tcpip [UDP/IP]
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD Tcpip [RAW/IP]
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
RSVP UDP Service Provider
    C:\WINDOWS\system32\rsvpsp.dll(Microsoft Corporation, Microsoft Windows Rsvp 1.0 Service Provider)
RSVP TCP Service Provider
    C:\WINDOWS\system32\rsvpsp.dll(Microsoft Corporation, Microsoft Windows Rsvp 1.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{712F2C21-04F9-4510-A64D-015FBA1F0BDA}] SEQPACKET 0
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{712F2C21-04F9-4510-A64D-015FBA1F0BDA}] DATAGRAM 0
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{4CBD1967-6C39-4808-987E-2ACE8650DA25}] SEQPACKET 1
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{4CBD1967-6C39-4808-987E-2ACE8650DA25}] DATAGRAM 1
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{152A0A5A-25FD-438F-BF04-B180CF0B9BAD}] SEQPACKET 2
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{152A0A5A-25FD-438F-BF04-B180CF0B9BAD}] DATAGRAM 2
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{95EC234C-780C-4929-B7CA-130383DC1D11}] SEQPACKET 3
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{95EC234C-780C-4929-B7CA-130383DC1D11}] DATAGRAM 3
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{9B6B57C5-E054-45C7-9C2B-B9F7EB2E65BF}] SEQPACKET 4
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{9B6B57C5-E054-45C7-9C2B-B9F7EB2E65BF}] DATAGRAM 4
    C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1       localhost
127.0.0.1	858656.com
127.0.0.1	my123.com
127.0.0.1	8749.com
127.0.0.1	4199.com
127.0.0.1	7379.com
127.0.0.1	7255.com
127.0.0.1	3448.com
127.0.0.1	7939.com
127.0.0.1	8009.com
127.0.0.1	piaoxue.com
127.0.0.1	kzdh.com
127.0.0.1	about.blank.la
127.0.0.1	6781.com
127.0.0.1	7322.com
------ 屏蔽迅雷看看广告 ------
0.0.0.0   pubstat.sandai.net
0.0.0.0   mcfg.sandai.net
0.0.0.0   biz5.sandai.net
0.0.0.0   float.sandai.net
0.0.0.0   recommend.xunlei.com
0.0.0.0   cl.kankan.xunlei.com
0.0.0.0   211.94.190.80
0.0.0.0   mtips.xunlei.com
0.0.0.0   adsresult.joywell.com.cn

==================================
进程特权扫描
特殊特权被允许： SeLoadDriverPrivilege [PID = 940, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 996, C:\WINDOWS\SYSTEM32\LSASS.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1400, C:\WINDOWS\SYSTEM32\SVCHOST.EXE]
特殊特权被允许： SeSystemtimePrivilege [PID = 1400, C:\WINDOWS\SYSTEM32\SVCHOST.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1916, C:\WINDOWS\EXPLORER.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1968, C:\WINDOWS\SYSTEM32\SPOOLSV.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1852, C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\SRENG2\SRENGLDR.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 3932, C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\SRENG2\SRE3CB1113B.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 3932, C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\SRENG2\SRE3CB1113B.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 3900, C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\SRENG2\SRENGLDR.EXE]

==================================
计划任务
N/A

==================================
Windows 安全更新检查
 Microsoft .NET Framework 版本 1.1，简体中文版 
KB925850,  Windows Media Player 11 
KB940157,  用于 Windows XP 的 Windows 搜索 4.0 (KB940157) 
KB902344,  启用了 WMDRM 的 Media Player 更新程序 (KB902344) 
KB943729,  用于 Windows XP 的组策略首选项客户端扩展 (KB943729) 
KB905474,  Windows Genuine Advantage 通知 (KB905474) 
KB909520,  Microsoft 基本智能卡加密服务提供程序包： x86 (KB909520) 
KB951847,  Microsoft .NET Framework 3.5 Service Pack 1 和 .NET Framework 3.5 Family Update (KB951847) x86 
KB944036,  用于 Windows XP 的 Internet Explorer 8 
KB956844,  Windows XP 安全更新程序 (KB956844) MS09-046
KB890830,  Windows 恶意软件删除工具 - 2009 年 9 月 (KB890830) 
KB971961,  用于 Windows XP 的 Jscript 5.7 的安全更新程序 (KB971961) MS09-045
KB968816,  用于 Windows XP SP 3 的 Windows Media Format Runtime 9、9.5 和 11 的安全更新程序 (KB968816) MS09-047
KB931125,  根证书更新 [2009 年 9 月] (KB931125) 

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]