瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 救命啊!要死了!我的瑞星 防火墙 卡卡 都不能装了

1   1  /  1  页   跳转

[已解决] 救命啊!要死了!我的瑞星 防火墙 卡卡 都不能装了

救命啊!要死了!我的瑞星 防火墙 卡卡 都不能装了

防火墙  杀毒软件 卡卡 都能安装完毕, 但是点击图标都说 没有找到应用程序  卸载又卸不干净  我就去找了官方卸载程式 
  又可以装了 但是装完一样用不了!!!!!!!

我还发现 C:\Program Files 下为什么老有eMu1e 出现 我已经删掉了  过段时间又冒出来而且四五百兆


不要问我为什么不发打包发  我发不了!!

==============================================================
        金山清理专家系统诊断报告

该诊断报告由金山清理专家提供 http://www.duba.net
==============================================================

诊断时间:            2008-09-14, 16:49
诊断平台:            Windows XP [5.1.2600] Service Pack 2
IE版本:              Internet Explorer V6.0.2180.2900
计算机物理内存:      767(MB)
当前可用内存:        449(MB)
硬盘总大小:          19(GB)
硬盘可用空间:        2(GB)
清理专家版本:        2008.08.12.553
恶意软件库版本:      2008.08.06.1
漏洞库版本:          2008.08.14.1




==============================================================
        常规启动项
==============================================================

该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

        [RavTask]            <"C:\Program Files\Rising\Rav\RavTask.exe" -system>


==============================================================
        启动文件夹位置
==============================================================

Common Startup:      C:\Documents and Settings\All Users\「开始」菜单\程序\启动
Startup:            C:\Documents and Settings\Administrator\「开始」菜单\程序\启动
Common Startup:      %ALLUSERSPROFILE%\「开始」菜单\程序\启动

==============================================================
        Host File
==============================================================

127.0.0.1 localhost
127.0.0.1 www.dj3344.com
127.0.0.1 www.qq168.net
127.0.0.1 www.777888.com
127.0.0.1 www.5dsoft.com
127.0.0.1 www.wokoo.net
127.0.0.1 movie.sx.zj.cn
127.0.0.1 yeaple.com
127.0.0.1 xyxy68.8u8.net
127.0.0.1 www.youmiss.com
127.0.0.1 www.cctv8.net
127.0.0.1 www.kuliao.com
127.0.0.1 www.yyqy.com
127.0.0.1 winzheng.126.com
127.0.0.1 www.sunvod.com
127.0.0.1 www.t168.com
127.0.0.1 www.boliwo.com
127.0.0.1 www.coolcdrom.com
127.0.0.1 www.zhengdian.com
127.0.0.1 girlchinese.com
127.0.0.1 www.yibinren.com
127.0.0.1 www.mtv51.com
127.0.0.1 www.163[1].com
127.0.0.1 www.37021.com
127.0.0.1 www.cnqb.net
127.0.0.1 www.qq3344.com
127.0.0.1 www.qq3344.net
127.0.0.1 youlove.3322.net
127.0.0.1 www.58589.com
127.0.0.1 www.ftlink.net
127.0.0.1 home.kimo.com.tw/avnvyou520/ 127.0.0.1 www.pixpox.com
127.0.0.1 www.k163.com
127.0.0.1 www.pk.com
127.0.0.1 www.xxx.com
127.0.0.1 204.177.92.68/rotate/r3.jhtml
127.0.0.1 www.fassia.net/wmed/index1.html
127.0.0.1 www.ehomeday.com
127.0.0.1 www.jinpin.net
127.0.0.1 www.cnqb.net
127.0.0.1 www.myxq.net
127.0.0.1 www.5dsoft.com
127.0.0.1 www.wokoo.net
127.0.0.1 movie.sx.zj.cn
127.0.0.1 h444.net
127.0.0.1 3721.com #3721网络实名
127.0.0.1 3721.net #3721网络实名
127.0.0.1 cnsmin.3721.com #3721网络实名
127.0.0.1 cnsmin.3721.net #3721网络实名
127.0.0.1 download.3721.com #3721网络实名
127.0.0.1 download.3721.net #3721网络实名
127.0.0.1 www.3721.com #3721网络实名
127.0.0.1 www.3721.net #3721网络实名
127.0.0.1 young-erotic.com
127.0.0.1 aifind.info
127.0.0.1 80pictures.com
127.0.0.1 www.88dvd.com
127.0.0.1 www.sex591.com
127.0.0.1 www.qq3344.com
127.0.0.1 www.dj3344.com
127.0.0.1 www.yysky.net
127.0.0.1 www.qq168.net
127.0.0.1 www.777888.com
127.0.0.1 www.5dsoft.com
127.0.0.1 www.wokoo.net
127.0.0.1 movie.sx.zj.cn
127.0.0.1 yeapple.com
127.0.0.1 xyxy68.8u8.net
127.0.0.1 www.youmiss.com
127.0.0.1 www.cctv8.net
127.0.0.1 www.kuliao.com
127.0.0.1 www.yyqy.com
127.0.0.1 winzheng.126.com
127.0.0.1 www.sunvod.com
127.0.0.1 www.t168.com
127.0.0.1 www.boliwo.com
127.0.0.1 www.coolcdrom.com
127.0.0.1 www.zhengdian.comoe
127.0.0.1 www.zhengdian.com
127.0.0.1 girlchinese.comie
127.0.0.1 girlchinese.com
127.0.0.1 www.yibinren.com
127.0.0.1 www.mtv51.com
127.0.0.1 www.163[1].com
127.0.0.1 www.37021.com
127.0.0.1 www.cnqb.net
127.0.0.1 www.qq3344.net
127.0.0.1 youlove.3322.net/picture.exe
127.0.0.1 youlove.3322.net
127.0.0.1 www.58589.com
127.0.0.1 tty.yyun.net
127.0.0.1 www.ftlink.net
127.0.0.1 home.kimo.com.tw/avnvyou520/
127.0.0.1 home.kimo.com.tw
127.0.0.1 www.pixpox.com
127.0.0.1 www.k163.com
127.0.0.1 www.pk.com
127.0.0.1 www.xxx.com
127.0.0.1 204.177.92.68/rotate/r3.jhtml
127.0.0.1 204.177.92.68
127.0.0.1 www.fassia.net/wmed/index1.html
127.0.0.1 www.fassia.net/wmed
127.0.0.1 www.fassia.net
127.0.0.1 www.ehomeday.com
127.0.0.1 www.jinpin.net
127.0.0.1 hothack.home.chinaren.com
127.0.0.1 www.777888.com
127.0.0.1 xyxy68.8u8.net
127.0.0.1 www.t168.com
127.0.0.1 www.wokoo.net
127.0.0.1 www.coolcdrom.com
127.0.0.1 www.zhengdian.com
127.0.0.1 girlchinese.com
127.0.0.1 www.girl008.com
127.0.0.1 xajh.15888.ne
127.0.0.1 www.51bug.com
127.0.0.1 www.51bug.com
127.0.0.1 www.wplune.com
127.0.0.1 www.wplune.com
127.0.0.1 www.777888.net
127.0.0.1 pollen.my001.net
127.0.0.1 www.yule21.com
127.0.0.1 www.fish3000.com
127.0.0.1 www.kuliao.com
127.0.0.1 www.666e.com
127.0.0.1 qm.8ok.com
127.0.0.1 qm.8ok.com
127.0.0.1 www.guosir.ccoo.com
127.0.0.1 www.163mm.com
127.0.0.1 www.cnooo.com
127.0.0.1 www.es158.com
127.0.0.1 www.aisa-girl.net
127.0.0.1 www.boliwu.com
127.0.0.1 www.cctv1.net
127.0.0.1 www.cctv8.net
127.0.0.1 www.play.cn.gs
127.0.0.1 newyouth.3322.net
127.0.0.1 newyouth.3322.net
127.0.0.1 chinabdkx.363.net
127.0.0.1 www.zknew.com/
127.0.0.1 www.dhchao.com/
127.0.0.1 www.top666.net
127.0.0.1 www.amoisonic.com/
127.0.0.1 www.markguide.com
127.0.0.1 www.xyxc.ccoo.com
127.0.0.1 www.flyingwalk.com
127.0.0.1 www.yezine.net
127.0.0.1 www.mmgirls.com
127.0.0.1 www.net5w.com
127.0.0.1 www.fbstu.com
127.0.0.1 www.qlwl.com
127.0.0.1 www.yibinren.com
127.0.0.1 www.yinshang.com
127.0.0.1 www.ncunet.com
127.0.0.1 www.555666.net
127.0.0.1 www.fm1058.cc/
127.0.0.1 meim.y365.com
127.0.0.1 meim.y365.com
127.0.0.1 www.qq520.net
127.0.0.1 jjkafei.longcity.net
127.0.0.1 jjkafei.longcity.net
127.0.0.1 chow.yesky.net
127.0.0.1 oicq.hk.st
127.0.0.1 www.my288.com
127.0.0.1 www.youmiss.com
127.0.0.1 www.laws-online.net
127.0.0.1 www.hj168.net
127.0.0.1 16888.6to23.com
127.0.0.1 www.love520.net
127.0.0.1 www.qq520.com
127.0.0.1 www.ezhgc.com
127.0.0.1 www.eastedu.com.cn
127.0.0.1 www.435000.com
127.0.0.1 sdik.8ok.net
127.0.0.1 feiying.coolwww.net
127.0.0.1 feiying.coolwww.net
127.0.0.1 zhongxuesheng.myrice.com
127.0.0.1 yes9999.com
127.0.0.1 yes9999.com
127.0.0.1 www.nnptt.com/tv/
127.0.0.1 www.nnptt.com
127.0.0.1 vod.hengshui.com/
127.0.0.1 vod.hengshui.com/
127.0.0.1 tv.megajoy.com/video/movies/
127.0.0.1 tv.megajoy.com/video/movies/ 127.0.0.1 tv.megajoy.com/video
127.0.0.1 tv.megajoy.com/
127.0.0.1 h444.net/
127.0.0.1 h444.net/
127.0.0.1 update.myxq.com/ads.htm
127.0.0.1 update.myxq.com
127.0.0.1 www.happy666.net
127.0.0.1 www.myxq.com
127.0.0.1 bbs.ccjz.com
127.0.0.1 bbs.ccjz.com
127.0.0.1 91mm.net/join.php
127.0.0.1 91mm.net
127.0.0.1 www.film888.com/film.asp
127.0.0.1 www.film888.com
127.0.0.1 vod.52en.com/index.asp
127.0.0.1 vod.52en.com
127.0.0.1 www.6mb.net/movie/
127.0.0.1 www.6mb.net
127.0.0.1 www.nic2000.com/?huyantao
127.0.0.1 www.nic2000.com
127.0.0.1 www.getfreedomain.biz/index.php
127.0.0.1 www.getfreedomain.biz
127.0.0.1 chinaour.com
127.0.0.1 chinaour.com/
127.0.0.1 www.ttjj.com/index.php
127.0.0.1 www.hao123.com
127.0.0.1 hao123.com
127.0.0.1 www.okww.net
127.0.0.1 www.ttlook.com
127.0.0.1 www.ent8.com
127.0.0.1 my518@jining.info
127.0.0.1 cnlove.bl.am
127.0.0.1 lingaonbvm.myrice.com/cnlove.htm
127.0.0.1 lingaonbvm.myrice.com/logo.jpg
127.0.0.1 lingaonbvm.myrice.com
127.0.0.1 xyz8848@jining.info
127.0.0.1 QQ6ss.126.com
127.0.0.1 epzj.1m.cn/
127.0.0.1 www.hahabus.com
127.0.0.1 www.eliao.com
127.0.0.1 wacky.nease.net
127.0.0.1 www.QQ588.com
127.0.0.1 www.qq988.com
127.0.0.1 www.ktv530.com
127.0.0.1 user.netomia.com
127.0.0.1 www.eliao.net
127.0.0.1 182838.com
127.0.0.1 www.365ww.com
127.0.0.1 music.94xp.com
127.0.0.1 www.ok530.com
127.0.0.1 nicex.126.com
127.0.0.1 www.dj33344.com
127.0.0.1 www.film3344.com
127.0.0.1 www.mmqm.com
127.0.0.1 www.hao3344.com
127.0.0.1 www.mtv365.com
127.0.0.1 www.mtvxp.com
127.0.0.1 www.88music.com
127.0.0.1 ye99.com/2/
127.0.0.1 ye99.com
127.0.0.1 www.xgmm.com
127.0.0.1 www.xxx.xom
127.0.0.1 www.163z.com
127.0.0.1 www.qq886.com
127.0.0.1 www.haohz.com
127.0.0.1 www.qq250.com
127.0.0.1 www.youxika.net/bbs/topic
127.0.0.1 www.youxika.net/
127.0.0.1 asqin123.51.net/down/dhwg.rar
127.0.0.1 asqin123.51.net/
127.0.0.1 xywaigua.126.com
127.0.0.1 dxy.9126.com
127.0.0.1 63581.yeah.net/
127.0.0.1 maomao363.126.com
127.0.0.1 www.mucopy.com/dh/
127.0.0.1 www.mucopy.com/
127.0.0.1 www.sa25.y365.com/index.htm
127.0.0.1 www.sa25.y365.com/
127.0.0.1 dahau2.7u7.net
127.0.0.1 www.websamba.com/dujianpeng
127.0.0.1 www.websamba.com/
127.0.0.1 126gzs.yeah.net
127.0.0.1 www.mmm123.com
127.0.0.1 young-erotic.com
127.0.0.1 aifind.info
127.0.0.1 80pictures.com
127.0.0.1 www.88dvd.com
127.0.0.1 www.sex591.com
127.0.0.1 www.coolsearch.biz/
127.0.0.1 www.wo365.com/
127.0.0.1 www.mp3.funcn.net
127.0.0.1 muiscmov.xx.to

==============================================================
        系统服务
==============================================================

该项来源: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services

        [MPSVCService] [已启用]        <C:\Program Files\Micropoint\MPSVC.exe>

        [RfwProxySrv] [已启用]        <c:\program files\rising\rfw\rfwproxy.exe>

        [RfwService] [已启用]          <c:\program files\rising\rfw\rfwsrv.exe>

        [vvebc1nt] [已禁用]            <C:\WINDOWS\system32\vvebc1nt.exe>
        文件路径: C:\WINDOWS\system32\vvebc1nt.exe [分析中]


==============================================================
        驱动程序
==============================================================

该项来源: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services

        [0000ddfc] [已启用]            <\??\C:\WINDOWS\system32\Drivers\0000ddfc.sys>

        [0000e752] [已启用]            <\??\C:\WINDOWS\system32\Drivers\0000e752.sys>

        [0000ed1f] [已启用]            <\??\C:\WINDOWS\system32\Drivers\0000ed1f.sys>

        [0000efbf] [已启用]            <\??\C:\WINDOWS\system32\Drivers\0000efbf.sys>

        [0000f339] [已启用]            <\??\C:\WINDOWS\system32\Drivers\0000f339.sys>

        [0000f675] [已启用]            <\??\C:\WINDOWS\system32\Drivers\0000f675.sys>

        [0000f954] [已启用]            <\??\C:\WINDOWS\system32\Drivers\0000f954.sys>

        [00010700] [已启用]            <\??\C:\WINDOWS\system32\Drivers\00010700.sys>

        [000117d8] [已启用]            <\??\C:\WINDOWS\system32\Drivers\000117d8.sys>

        [00021ff2] [已启用]            <\??\C:\WINDOWS\system32\Drivers\00021ff2.sys>

        [0006ccf7] [已启用]            <\??\C:\WINDOWS\system32\Drivers\0006ccf7.sys>

        [HookUrl] [已启用]            <\??\C:\Program Files\Rising\Rfw\HookUrl.sys>

        [RsFwDrv] [已启用]            <\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys>

        [vvebc1ntDrv] [已启用]        <\??\C:\WINDOWS\system32\vvebc1nt.sys>
        文件路径: C:\WINDOWS\system32\vvebc1nt.exe [分析中]


==============================================================
        BHO
==============================================================

该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

        [IE2EMBHO Class]
        {0A0DDBD3-6641-40B9-873F-BBDD26D6C14E}  <D:\TDdownload\easyMule\modules\IE2EM.dll>


==============================================================
        当前进程
==============================================================

名称:    kasmain.exe  [已启用]
命令行:  "D:\Program Files\Kingsoft Antispy\kasmain.exe"
文件路径: RsHide  [文件无法访问]
模块文件: C:\WINDOWS\system32\ntdll.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\kernel32.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\msvcrt.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\GDI32.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\USER32.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\SHLWAPI.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ADVAPI32.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\RPCRT4.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\Secur32.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\MSIMG32.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\comdlg32.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\COMCTL32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\SHELL32.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ole32.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\OLEAUT32.dll              (Microsoft Corporation)
模块文件: D:\Program Files\Kingsoft Antispy\kis.dll    (Kingsoft Corporation)
模块文件: C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\VERSION.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WININET.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\CRYPT32.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\MSASN1.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\PSAPI.DLL                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WS2_32.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WS2HELP.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\IMM32.DLL                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\LPK.DLL                  (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\USP10.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\kmon.dll                  (Beijing Rising Information Technology Co.. Ltd.)
模块文件: C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80CHS.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\urlmon.dll                (Microsoft Corporation)
模块文件: d:\ADMINI~1\TEMP\rsv843.tmp                  (Beijing Rising Tech. Co.. Ltd.)
模块文件: C:\WINDOWS\system32\MSCTF.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\msctfime.ime              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\UxTheme.dll              (Microsoft Corporation)
模块文件: D:\Program Files\Kingsoft Antispy\KAVDevC.dll (Kingsoft Corporation)
模块文件: C:\WINDOWS\system32\Apphelp.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\wsock32.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\RASAPI32.DLL              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\rasman.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\NETAPI32.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\TAPI32.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\rtutils.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WINMM.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\sensapi.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\USERENV.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\System32\mswsock.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\DNSAPI.dll                (Microsoft Corporation)
模块文件: D:\Program Files\Kingsoft Antispy\KAO\KAOExtend.dll
模块文件: D:\Program Files\Kingsoft Antispy\KAEAutorunEx.DLL (Kingsoft Corporation)
模块文件: C:\WINDOWS\system32\rasadhlp.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\hnetcfg.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\System32\wshtcpip.dll              (Microsoft Corporation)
模块文件: D:\Program Files\Kingsoft Antispy\RICHED20.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\CLBCATQ.DLL              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\COMRes.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\xpsp2res.dll              (Microsoft Corporation)
模块文件: D:\Program Files\Kingsoft Antispy\UpLive.DLL  (Kingsoft Corporation)
模块文件: C:\WINDOWS\System32\winrnr.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WLDAP32.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\shdocvw.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\CRYPTUI.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WINTRUST.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\IMAGEHLP.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\shdoclc.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\mlang.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\mshtml.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\msls31.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\msimtf.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\wbem\wbemprox.dll        (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\wbem\wbemcomn.dll        (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\wbem\wbemsvc.dll          (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\SETUPAPI.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\wbem\fastprox.dll        (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\MSVCP60.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\NTDSAPI.dll              (Microsoft Corporation)
模块文件: D:\Program Files\Kingsoft Antispy\KasCommon.dll (Kingsoft Corporation)
模块文件: D:\Program Files\Kingsoft Antispy\KAVRep.DLL  (Kingsoft Corporation)
模块文件: C:\WINDOWS\system32\LINKINFO.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ntshrui.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ATL.DLL                  (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\AcSignIcon.dll            (Autodesk)
模块文件: C:\WINDOWS\system32\WINSPOOL.DRV              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\OLEACC.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\System32\cscui.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\System32\CSCDLL.dll                (Microsoft Corporation)
模块文件: d:\Program Files\Microsoft Office\OFFICE11\msohev.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\rsaenh.dll                (Microsoft Corporation)


==============================================================
        IE扩展菜单
==============================================================

该项来源: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt

        <使用电驴下载>        <D:\TDdownload\easyMule\IE2EM.htm>

        <导出到 Microsoft Office Excel(&X)>        <>


==============================================================
        ActiveX控件
==============================================================

该项来源: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats

        [IE2EMBHO Class]
        <{0A0DDBD3-6641-40B9-873F-BBDD26D6C14E}>        <D:\TDdownload\easyMule\modules\IE2EM.dll>



用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
最后编辑3828669 最后编辑于 2008-09-15 18:11:44
分享到:
gototop
 

回复:救命啊!要死了!我的瑞星 防火墙 卡卡 都不能装了

SReng

2008-09-14,16:44:55

System Repair Engineer 2.6.11.992
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
    <bgswitch><C:\WINDOWS\system32\bgswitch.exe>  []
    <SRS Audio Sandbox><"D:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme>  [SRS Labs, Inc.]
    <OlympicExpress><d:\Program Files\SogouInput\OlympicNews.exe>  [(Verified)Sogou.com]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [File is missing]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><kmon.dll>  [(Verified)Beijing Rising Information Technology Corporation Limited]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [Microsoft Corporation]
    <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [Microsoft Corporation]
    <WebCheck><%SystemRoot%\system32\webcheck.dll>  [(Verified)Microsoft Windows Publisher]
    <SysTray><C:\WINDOWS\system32\stobject.dll>  [(Verified)Microsoft Windows Publisher]
    <WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    <WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    <WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    <WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    <WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
    <浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [Microsoft Corporation]

==================================
启动文件夹
[34098656]
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\34098656.lnk --> D:\PROGRA~1\Tencent\QQ\CaiHong.exe [N/A]><N>
[ProcessTamer]
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\ProcessTamer.lnk --> D:\TOOL\PROCES~1\PROCES~2.EXE []><N>

==================================
服务
[ARSVC / ARSVC][Running/Auto Start]
  <C:\WINDOWS\arservice.exe><Microsoft>
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
  <C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[ATI Smart / ATI Smart][Stopped/Auto Start]
  <C:\WINDOWS\system32\ati2sgag.exe><>
[Autodesk Licensing Service / Autodesk Licensing Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"><Autodesk>
[Contrl Center of Storm Media / ccosm][Running/Auto Start]
  <D:\Program Files\StormII\stormliv.exe /asservice><北京暴风网际科技有限公司>
[DCOM Server Process Launcher / DcomLaunch][Running/Auto Start]
  <C:\WINDOWS\system32\svchost -k DcomLaunch-->%SystemRoot%\system32\rpcss.dll><Microsoft Corporation>
[DHCP Client / Dhcp][Running/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\dhcpcsvc.dll><Microsoft Corporation>
[COM+ Event System / EventSystem][Running/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\es.dll><Microsoft Corporation>
[Fast User Switching Compatibility / FastUserSwitchingCompatibility][Stopped/Manual Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\shsvcs.dll><Microsoft Corporation>
[Server / lanmanserver][Running/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\srvsvc.dll><Microsoft Corporation>
[Workstation / lanmanworkstation][Running/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\wkssvc.dll><Microsoft Corporation>
[MPSVC Service / MPSVCService][Stopped/Auto Start]
  <C:\Program Files\Micropoint\MPSVC.exe><(File is missing)>
[Network Connections / Netman][Running/Manual Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\netman.dll><Microsoft Corporation>
[Remote Access Connection Manager / RasMan][Stopped/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\rasmans.dll><Microsoft Corporation>
[Rising Proxy  Service / RfwProxySrv][Stopped/Auto Start]
  <c:\program files\rising\rfw\rfwproxy.exe><(File is missing)>
[Rising Personal Firewall Service / RfwService][Stopped/Auto Start]
  <c:\program files\rising\rfw\rfwsrv.exe><(File is missing)>
[Remote Packet Capture Protocol v.0 (experimental) / rpcapd][Stopped/Manual Start]
  <"C:\Program Files\WinPcap\rpcapd.exe" -d -f "C:\Program Files\WinPcap\rpcapd.ini"><CACE Technologies>
[Remote Procedure Call (RPC) / RpcSs][Running/Auto Start]
  <C:\WINDOWS\system32\svchost -k rpcss-->%SystemRoot%\system32\rpcss.dll><Microsoft Corporation>
[Shell Hardware Detection / ShellHWDetection][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\shsvcs.dll><Microsoft Corporation>
[Print Spooler / Spooler][Running/Auto Start]
  <C:\WINDOWS\system32\spoolsv.exe><Microsoft Corporation>
[Windows Image Acquisition (WIA) / stisvc][Stopped/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k imgsvc-->%SystemRoot%\system32\wiaservc.dll><Microsoft Corporation>
[Telephony / TapiSrv][Stopped/Manual Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\tapisrv.dll><Microsoft Corporation>
[Themes / Themes][Stopped/Manual Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\shsvcs.dll><Microsoft Corporation>
[Ulead Burning Helper / UleadBurningHelper][Running/Auto Start]
  <C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe><Ulead Systems, Inc.>
[Universal Plug and Play Device Host / upnphost][Stopped/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k LocalService-->%SystemRoot%\System32\upnphost.dll><Microsoft Corporation>
[UPS / UPS][Stopped/Manual Start]
  <><(File is missing)>
[WebClient / WebClient][Stopped/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k LocalService-->%SystemRoot%\System32\webclnt.dll><Microsoft Corporation>

==================================
驱动程序
[0000ddfc / 0000ddfc][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\Drivers\0000ddfc.sys><N/A>
[0000e752 / 0000e752][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\Drivers\0000e752.sys><N/A>
[0000ed1f / 0000ed1f][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\Drivers\0000ed1f.sys><N/A>
[0000f339 / 0000f339][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\Drivers\0000f339.sys><N/A>
[0000f675 / 0000f675][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\Drivers\0000f675.sys><N/A>
[0000f954 / 0000f954][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\Drivers\0000f954.sys><N/A>
[00010700 / 00010700][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\Drivers\00010700.sys><N/A>
[000117d8 / 000117d8][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\Drivers\000117d8.sys><N/A>
[00021ff2 / 00021ff2][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\Drivers\00021ff2.sys><N/A>
[0006ccf7 / 0006ccf7][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\Drivers\0006ccf7.sys><N/A>
[Microsoft Kernel Acoustic Echo Canceller / aec][Stopped/Manual Start]
  <system32\drivers\aec.sys><Microsoft Corporation>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Stopped/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AntiARP NDIS Protocol Driver / AntiArpNdisProt][Running/Auto Start]
  <system32\DRIVERS\AntiArpNdisProt.sys><Windows (R) 2000 DDK provider>
[MS Ar HID Filter Driver / arhidfltr][Running/Manual Start]
  <system32\DRIVERS\arhidfltr.sys><Microsoft Corporation>
[Microsoft PS2 Keyboard Filter / arkbcfltr][Running/Manual Start]
  <system32\DRIVERS\arkbcfltr.sys><Microsoft Corporation>
[Microsoft PS2 Mouse Filter / armoucfltr][Running/Manual Start]
  <system32\DRIVERS\armoucfltr.sys><Microsoft Corporation>
[ARPolicy / ARPolicy][Running/Manual Start]
  <system32\DRIVERS\arpolicy.sys><Microsoft Corporation>
[ati2mtag / ati2mtag][Running/Manual Start]
  <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[BRGSp50 NDIS Protocol Driver / BRGSp50][Stopped/Manual Start]
  <System32\Drivers\BRGSp50.sys><Printing Communications Assoc., Inc. (PCAUSA)>
[WinFast TV2000 XP WDM Video Capture / BT848][Running/Auto Start]
  <system32\drivers\wf2kvcap.sys><Leadtek Research Inc.>
[C-Media PCI Audio Driver (WDM) / cmpci][Running/Manual Start]
  <system32\drivers\cmaudio.sys><C-Media Inc>
[d347bus / d347bus][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\d347bus.sys><>
[d347prt / d347prt][Running/Boot Start]
  <\SystemRoot\System32\Drivers\d347prt.sys><>
[FltMgr / FltMgr][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\fltMgr.sys><Microsoft Corporation>
[HookNtos / HookNtos][Running/System Start]
  <\SystemRoot\system32\drivers\HookNtos.sys><Beijing Rising Technology Co., Ltd>
[HookReg / HookReg][Running/System Start]
  <\SystemRoot\system32\drivers\HookReg.sys><Beijing Rising Technology Co., Ltd>
[HookSys / HookSys][Running/System Start]
  <\SystemRoot\system32\drivers\HookSys.sys><Beijing Rising Technology Co., Ltd>
[HookUrl / HookUrl][Stopped/Auto Start]
  <\??\C:\Program Files\Rising\Rfw\HookUrl.sys><N/A>
[HTTP / HTTP][Running/Manual Start]
  <System32\Drivers\HTTP.sys><Microsoft Corporation>
[IP Network Address Translator / IpNat][Stopped/Manual Start]
  <system32\DRIVERS\ipnat.sys><Microsoft Corporation>
[Microsoft Kernel Wave Audio Mixer / kmixer][Stopped/Manual Start]
  <system32\drivers\kmixer.sys><Microsoft Corporation>
[Motorola Inc. USB Device / MotDev][Stopped/Manual Start]
  <system32\DRIVERS\motodrv.sys><Motorola Inc>
[Motorola USB CDC ACM Driver / motmodem][Stopped/Manual Start]
  <system32\DRIVERS\motmodem.sys><Motorola>
[mp110001 / mp110001][Running/Auto Start]
  <system32\drivers\mp110001.sys><MicroPoint Corporation>
[mp110002 / mp110002][Running/Auto Start]
  <system32\drivers\mp110002.sys><Micropoint Corporation>
[mp110003 / mp110003][Running/Boot Start]
  <\SystemRoot\system32\drivers\mp110003.sys><Micropoint Corporation>
[mp110004 / mp110004][Running/Auto Start]
  <system32\drivers\mp110004.sys><Micropoint Corporation>
[mp110005 / mp110005][Running/Manual Start]
  <system32\drivers\mp110005.sys><Micropoint Corporation>
[mp110006 / mp110006][Running/System Start]
  <system32\drivers\mp110006.sys><Micropoint Corporation>
[mp110007 / mp110007][Running/System Start]
  <system32\drivers\mp110007.sys><Micropoint Corporation>
[mp110008 / mp110008][Running/Auto Start]
  <system32\drivers\mp110008.sys><Micropoint Corporation>
[mp110009 / mp110009][Running/System Start]
  <system32\drivers\mp110009.sys><Micropoint Corporation>
[mp110010 / mp110010][Running/Boot Start]
  <\SystemRoot\system32\drivers\mp110010.sys><Micropoint Corporation>
[mp110011 / mp110011][Running/System Start]
  <system32\drivers\mp110011.sys><Micropoint Corporation>
[mp110013 / mp110013][Running/Boot Start]
  <\SystemRoot\system32\drivers\mp110013.sys><Micropoint Corporation>
[MRxSmb / MRxSmb][Running/System Start]
  <system32\DRIVERS\mrxsmb.sys><Microsoft Corporation>
[NetGroup Packet Filter Driver / NPF][Running/Manual Start]
  <system32\drivers\npf.sys><CACE Technologies>
[Psx Hid to Gamepad Port Enabler / PSXGamepadEnabler][Running/Manual Start]
  <system32\drivers\psxpad.sys><Yoshinari Kimura>
[Psx Port Enumerator / PsxPortEnumerator][Running/Manual Start]
  <System32\Drivers\psxenum.sys><Yoshinari Kimura>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Rdbss / Rdbss][Running/System Start]
  <system32\DRIVERS\rdbss.sys><Microsoft Corporation>
[Rising  Rfwbase Driver / RfwBase][Running/Auto Start]
  <System32\DRIVERS\rfwbase.SYS><Beijing Rising Information Technology Co., Ltd.>
[RsFwDrv / RsFwDrv][Stopped/System Start]
  <\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys><N/A>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[Microsoft Kernel Audio Splitter / splitter][Stopped/Manual Start]
  <system32\drivers\splitter.sys><Microsoft Corporation>
[SRS Labs Audio Sandbox (WDM) / SRS_SSCFilter][Running/Manual Start]
  <system32\drivers\srs_sscfilter_i386.sys><>
[Srv / Srv][Running/Manual Start]
  <system32\DRIVERS\srv.sys><Microsoft Corporation>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[WinFast TV2000 XP WDM TVTuner / tv2ktunr][Running/Auto Start]
  <system32\drivers\wf2ktunr.sys><Leadtek Research Inc.>
[WinFast TV2000 XP WDM Crossbar / Tv2kXbar][Running/Auto Start]
  <system32\drivers\wf2kxbar.sys><Leadtek Research Inc.>
[Microcode Update Driver / Update][Running/Manual Start]
  <system32\DRIVERS\update.sys><Microsoft Corporation>
[vvebc1ntDrv / vvebc1ntDrv][Running/Manual Start]
  <\??\C:\WINDOWS\system32\vvebc1nt.sys><N/A>
[Microsoft WINMM WDM Audio Compatibility Driver / wdmaud][Running/Manual Start]
  <system32\drivers\wdmaud.sys><Microsoft Corporation>
[WFIOCTL / WFIOCTL][Stopped/Manual Start]
  <\??\D:\Program Files\WinFast\WFDTV\WFIOCTL.SYS><Leadtek Research Inc.>
[xAntiArpSpoof Service / xAntiArp][Running/Manual Start]
  <system32\DRIVERS\xAntiArp.sys><Windows (R) 2000 DDK provider>
[ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS) / ZD1211BU(ZyDAS)][Stopped/Manual Start]
  <system32\DRIVERS\zd1211Bu.sys><ZyDAS Technology Corporation>
[ZDPSp50 NDIS Protocol Driver / ZDPSp50][Stopped/Manual Start]
  <System32\Drivers\ZDPSp50.sys><Printing Communications Assoc., Inc. (PCAUSA)>
[0000efbf / 0000efbf][Running/Manual Start]
  <\??\C:\WINDOWS\system32\Drivers\0000efbf.sys><N/A>

==================================
浏览器加载项
[IE2EMBHO Class]
  {0A0DDBD3-6641-40B9-873F-BBDD26D6C14E} <D:\TDdownload\easyMule\modules\IE2EM.dll, N/A>
[卡卡上网安全助手]
  {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} <C:\WINDOWS\system32\UrlFilter.dll, Beijing Rising Information Technology Co., Ltd.>
[IE2EMBHO Class]
  {0A0DDBD3-6641-40B9-873F-BBDD26D6C14E} <D:\TDdownload\easyMule\modules\IE2EM.dll, N/A>
[卡卡上网安全助手]
  {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} <C:\WINDOWS\system32\UrlFilter.dll, Beijing Rising Information Technology Co., Ltd.>
[&U使用纳米机器人下载并收藏]
  <d:\Program Files\NamiRobot\Data\du.html, N/A>
[使用电驴下载]
  <D:\TDdownload\easyMule\IE2EM.htm, N/A>
[使用迅雷下载]
  <D:\Program Files\Thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <D:\Program Files\Thunder\Program\getallurl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <, N/A>

==================================
正在运行的进程
[PID: 860 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 924 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\CSRSRV.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\basesrv.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\winsrv.dll]  [Microsoft Corporation, 5.1.2600.3103 (xpsp_sp2_gdr.070316-1309)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_gdr.070619-1300)]
    [C:\WINDOWS\system32\KERNEL32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\sxs.dll]  [Microsoft Corporation, 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414)]
    [d:\ADMINI~1\TEMP\rsv843.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 3, 0, 0]
[PID: 952 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\AUTHZ.dll]  [Microsoft Corporation, 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_gdr.070619-1300)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\NDdeApi.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\PROFMAP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\PSAPI.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\REGAPI.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SETUPAPI.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINSTA.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINTRUST.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMAGEHLP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSGINA.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\COMCTL32.dll]  [Microsoft Corporation, 5.82 (xpsp.060825-0040)]
    [C:\WINDOWS\system32\ODBC32.dll]  [Microsoft Corporation, 3.525.1117.0 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\comdlg32.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\odbcint.dll]  [Microsoft Corporation, 3.525.1117.0 built by: (_sqlbld)]
    [C:\WINDOWS\system32\SHSVCS.dll]  [Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_gdr.061219-0316)]
    [C:\WINDOWS\system32\sfc.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [C:\WINDOWS\system32\Apphelp.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINSCARD.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WTSAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Ati2evxx.dll]  [ATI Technologies Inc., 6.14.10.4124]
    [C:\WINDOWS\system32\rsaenh.dll]  [Microsoft Corporation, 5.1.2600.2161 (xpsp.040706-1629)]
    [C:\WINDOWS\system32\cscdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WlNotify.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINSPOOL.DRV]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MPR.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SAMLIB.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\cscui.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msv1_0.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\iphlpapi.dll]  [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)]
    [C:\WINDOWS\system32\xpsp2res.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\NTMARTA.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\wdmaud.drv]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\midimap.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.258]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3139]
    [C:\WINDOWS\system32\CLBCATQ.DLL]  [Microsoft Corporation, 2001.12.4414.308]
    [d:\ADMINI~1\TEMP\rsv843.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 3, 0, 0]
[PID: 996 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_gdr.070619-1300)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SCESRV.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\AUTHZ.dll]  [Microsoft Corporation, 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)]
    [C:\WINDOWS\system32\umpnpmgr.dll]  [Microsoft Corporation, 5.1.2600.2744 (xpsp_sp2_gdr.050822-1647)]
    [C:\WINDOWS\system32\WINSTA.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106)]
    [C:\WINDOWS\system32\NCObjAPI.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSVCP60.dll]  [Microsoft Corporation, 6.02.3104.0]
    [C:\WINDOWS\system32\ShimEng.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\AppPatch\AcGenral.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3139]
    [C:\WINDOWS\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\comctl32.dll]  [Microsoft Corporation, 5.82 (xpsp.060825-0040)]
    [C:\WINDOWS\system32\Apphelp.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\eventlog.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\PSAPI.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\wtsapi32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [d:\ADMINI~1\TEMP\rsv843.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 3, 0, 0]
[PID: 1008 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LSASRV.dll]  [Microsoft Corporation, 5.1.2600.3249 (xpsp_sp2_gdr.071106-1716)]
    [C:\WINDOWS\system32\MPR.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_gdr.070619-1300)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106)]
    [C:\WINDOWS\system32\NTDSAPI.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SAMLIB.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SAMSRV.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\cryptdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ShimEng.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\AppPatch\AcGenral.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3139]
    [C:\WINDOWS\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\comctl32.dll]  [Microsoft Corporation, 5.82 (xpsp.060825-0040)]
    [C:\WINDOWS\system32\msprivs.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kerberos.dll]  [Microsoft Corporation, 5.1.2600.2698 (xpsp_sp2_gdr.050614-1522)]
    [C:\WINDOWS\system32\msv1_0.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\iphlpapi.dll]  [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)]
    [C:\WINDOWS\system32\netlogon.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\w32time.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSVCP60.dll]  [Microsoft Corporation, 6.02.3104.0]
    [C:\WINDOWS\system32\schannel.dll]  [Microsoft Corporation, 5.1.2600.3126 (xpsp_sp2_gdr.070425-0226)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\wdigest.dll]  [Microsoft Corporation, 5.1.2600.2874 (xpsp_sp2_gdr.060323-1516)]
    [C:\WINDOWS\system32\rsaenh.dll]  [Microsoft Corporation, 5.1.2600.2161 (xpsp.040706-1629)]
    [C:\WINDOWS\system32\setupapi.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\scecli.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\pstorsvc.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\psbase.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\dssenh.dll]  [Microsoft Corporation, 5.1.2600.2133 (xpsp.040514-1639)]
    [d:\ADMINI~1\TEMP\rsv843.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 3, 0, 0]
[PID: 1180 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4124]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_gdr.070619-1300)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3139]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2499]
    [d:\ADMINI~1\TEMP\rsv843.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 3, 0, 0]
[PID: 1208 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ShimEng.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\AppPatch\AcGenral.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_gdr.070619-1300)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3139]
    [C:\WINDOWS\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\comctl32.dll]  [Microsoft Corporation, 5.82 (xpsp.060825-0040)]
    [C:\WINDOWS\system32\NTMARTA.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SAMLIB.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\rpcss.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [c:\windows\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\xpsp2res.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\CLBCATQ.DLL]  [Microsoft Corporation, 2001.12.4414.308]
    [C:\WINDOWS\system32\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.258]
    [c:\windows\system32\termsrv.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\ICAAPI.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\SETUPAPI.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINTRUST.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMAGEHLP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\AUTHZ.dll]  [Microsoft Corporation, 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)]
    [c:\windows\system32\mstlsapi.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\ACTIVEDS.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\adsldpc.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106)]
    [c:\windows\system32\ATL.DLL]  [Microsoft Corporation, 3.05.2284]
    [C:\WINDOWS\system32\REGAPI.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\rsaenh.dll]  [Microsoft Corporation, 5.1.2600.2161 (xpsp.040706-1629)]
    [C:\WINDOWS\system32\Apphelp.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [d:\ADMINI~1\TEMP\rsv843.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 3, 0, 0]
[PID: 1284 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ShimEng.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\AppPatch\AcGenral.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_gdr.070619-1300)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3139]
    [C:\WINDOWS\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\comctl32.dll]  [Microsoft Corporation, 5.82 (xpsp.060825-0040)]
    [c:\windows\system32\rpcss.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [c:\windows\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\xpsp2res.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\rsaenh.dll]  [Microsoft Corporation, 5.1.2600.2161 (xpsp.040706-1629)]
    [C:\WINDOWS\system32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\hnetcfg.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\wshtcpip.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)]
    [C:\WINDOWS\system32\iphlpapi.dll]  [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)]
    [C:\WINDOWS\System32\winrnr.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\rasadhlp.dll]  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)]
    [C:\WINDOWS\system32\CLBCATQ.DLL]  [Microsoft Corporation, 2001.12.4414.308]
    [C:\WINDOWS\system32\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.258]
    [d:\ADMINI~1\TEMP\rsv843.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 3, 0, 0]
    [C:\WINDOWS\system32\msv1_0.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1472 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ShimEng.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\AppPatch\AcGenral.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_gdr.070619-1300)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3139]
    [C:\WINDOWS\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\comctl32.dll]  [Microsoft Corporation, 5.82 (xpsp.060825-0040)]
    [C:\WINDOWS\system32\NTMARTA.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SAMLIB.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\xpsp2res.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\dhcpcsvc.dll]  [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)]
    [c:\windows\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)]
    [c:\windows\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\iphlpapi.dll]  [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)]
    [c:\windows\system32\wzcsvc.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\rtutils.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\WMI.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\WTSAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\WINSTA.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106)]
    [c:\windows\system32\ESENT.dll]  [Microsoft Corporation, 5.1.2468.0 (Lab03_N(jliem).010306-1456)]
    [c:\windows\system32\ATL.DLL]  [Microsoft Corporation, 3.05.2284]
    [c:\windows\system32\shsvcs.dll]  [Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_gdr.061219-0316)]
    [C:\WINDOWS\system32\rsaenh.dll]  [Microsoft Corporation, 5.1.2600.2161 (xpsp.040706-1629)]
    [C:\WINDOWS\System32\rastls.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\CRYPTUI.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINTRUST.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMAGEHLP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WININET.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\MPRAPI.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ACTIVEDS.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\adsldpc.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SETUPAPI.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RASAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\rasman.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\TAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SCHANNEL.dll]  [Microsoft Corporation, 5.1.2600.3126 (xpsp_sp2_gdr.070425-0226)]
    [C:\WINDOWS\system32\WinSCard.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\CLBCATQ.DLL]  [Microsoft Corporation, 2001.12.4414.308]
    [C:\WINDOWS\system32\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.258]
    [C:\WINDOWS\System32\raschap.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\schedsvc.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\NTDSAPI.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msv1_0.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSIDLE.DLL]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\audiosrv.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\wkssvc.dll]  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106)]
    [c:\windows\system32\cryptsvc.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\certcli.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\es.dll]  [Microsoft Corporation, 2001.12.4414.308]
    [c:\windows\system32\srvsvc.dll]  [Microsoft Corporation, 5.1.2600.2577 (xpsp_sp2_gdr.041130-1729)]
    [C:\WINDOWS\system32\HNETCFG.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\wbem\wmisvc.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\VSSAPI.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\sens.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\browser.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\Wbem\wbemcore.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSVCP60.dll]  [Microsoft Corporation, 6.02.3104.0]
    [C:\WINDOWS\System32\Wbem\esscli.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\Wbem\wbemcomn.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\Wbem\FastProx.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\netman.dll]  [Microsoft Corporation, 5.1.2600.2743 (xpsp_sp2_gdr.050819-1525)]
    [c:\windows\system32\netshell.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\credui.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\WZCSAPI.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SXS.DLL]  [Microsoft Corporation, 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414)]
    [C:\WINDOWS\system32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\wshtcpip.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\upnp.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINHTTP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SSDPAPI.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\comsvcs.dll]  [Microsoft Corporation, 2001.12.4414.308]
    [C:\WINDOWS\system32\colbact.DLL]  [Microsoft Corporation, 2001.12.4414.308]
    [C:\WINDOWS\system32\MTXCLU.DLL]  [Microsoft Corporation, 2001.12.4414.311]
    [C:\WINDOWS\system32\WSOCK32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\CLUSAPI.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RESUTILS.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\wbem\wmiutils.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msi.dll]  [Microsoft Corporation, 3.1.4000.4039]
    [C:\WINDOWS\system32\wbem\repdrvfs.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\urlmon.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\wbem\wmiprvsd.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\NCObjAPI.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\wbem\wbemess.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\rasadhlp.dll]  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)]
    [C:\WINDOWS\system32\RASDLG.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\wbem\ncprov.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [d:\ADMINI~1\TEMP\rsv843.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 3, 0, 0]
    [C:\WINDOWS\system32\msxml3.dll]  [Microsoft Corporation, 8.90.1101.0]
[PID: 1500 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ShimEng.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\AppPatch\AcGenral.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_gdr.070619-1300)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3139]
    [C:\WINDOWS\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\comctl32.dll]  [Microsoft Corporation, 5.82 (xpsp.060825-0040)]
    [c:\windows\system32\dnsrslvr.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)]
    [c:\windows\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\iphlpapi.dll]  [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)]
    [C:\WINDOWS\system32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\hnetcfg.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\wshtcpip.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [d:\ADMINI~1\TEMP\rsv843.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 3, 0, 0]
[PID: 1588 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ShimEng.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\AppPatch\AcGenral.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_gdr.070619-1300)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3139]
    [C:\WINDOWS\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\comctl32.dll]  [Microsoft Corporation, 5.82 (xpsp.060825-0040)]
    [C:\WINDOWS\system32\NTMARTA.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SAMLIB.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\xpsp2res.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\lmhsvc.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\iphlpapi.dll]  [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)]
    [c:\windows\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\ssdpsrv.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\hnetcfg.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\CLBCATQ.DLL]  [Microsoft Corporation, 2001.12.4414.308]
    [C:\WINDOWS\system32\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.258]
    [C:\WINDOWS\system32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\wshtcpip.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\rsaenh.dll]  [Microsoft Corporation, 5.1.2600.2161 (xpsp.040706-1629)]
    [C:\WINDOWS\system32\httpapi.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINHTTP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [d:\ADMINI~1\TEMP\rsv843.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 3, 0, 0]
[PID: 1772 / Administrator][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4124]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_gdr.070619-1300)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3139]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\xpsp2res.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\CLBCATQ.DLL]  [Microsoft Corporation, 2001.12.4414.308]
    [C:\WINDOWS\system32\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.258]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2499]
    [C:\WINDOWS\system32\MSCTF.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [d:\ADMINI~1\TEMP\rsv843.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 3, 0, 0]
[PID: 1888 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_gdr.070619-1300)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ShimEng.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\AppPatch\AcGenral.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3139]
    [C:\WINDOWS\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\comctl32.dll]  [Microsoft Corporation, 5.82 (xpsp.060825-0040)]
    [C:\WINDOWS\system32\SPOOLSS.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)]
    [C:\WINDOWS\system32\rasadhlp.dll]  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)]
    [C:\WINDOWS\system32\localspl.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINTRUST.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMAGEHLP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\winspool.drv]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\netapi32.dll]  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106)]
    [C:\WINDOWS\system32\mdimon.dll]  [Microsoft Corporation, 11.3.8166.2]
    [C:\WINDOWS\system32\msi.dll]  [Microsoft Corporation, 3.1.4000.4039]
    [C:\WINDOWS\system32\tcpmon.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\usbmon.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll]  [Microsoft Corporation, 11.3.8166.2]
    [C:\WINDOWS\System32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\winrnr.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\win32spl.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\NETRAP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\NTDSAPI.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\CLBCATQ.DLL]  [Microsoft Corporation, 2001.12.4414.308]
    [C:\WINDOWS\system32\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.258]
    [C:\WINDOWS\system32\xpsp2res.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\inetpp.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [d:\ADMINI~1\TEMP\rsv843.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 3, 0, 0]
[PID: 1892 / Administrator][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\BROWSEUI.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_gdr.070619-1300)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3139]
    [C:\WINDOWS\system32\SHDOCVW.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\CRYPTUI.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINTRUST.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMAGEHLP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106)]
    [C:\WINDOWS\system32\WININET.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ShimEng.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\AppPatch\AcGenral.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\comctl32.dll]  [Microsoft Corporation, 5.82 (xpsp.060825-0040)]
    [C:\WINDOWS\system32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\appHelp.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\CLBCATQ.DLL]  [Microsoft Corporation, 2001.12.4414.308]
    [C:\WINDOWS\system32\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.258]
    [C:\WINDOWS\system32\AcSignIcon.dll]  [Autodesk, 16.2.54.0]
    [C:\WINDOWS\system32\WINSPOOL.DRV]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\OLEACC.dll]  [Microsoft Corporation, 4.2.5406.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\MSVCP60.dll]  [Microsoft Corporation, 6.02.3104.0]
    [C:\WINDOWS\System32\cscui.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\CSCDLL.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\themeui.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSIMG32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\xpsp2res.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msutb.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSCTF.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SAMLIB.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]  [Autodesk, 16.2.54.0]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msi.dll]  [Microsoft Corporation, 3.1.4000.4039]
    [C:\WINDOWS\system32\SETUPAPI.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ntshrui.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ATL.DLL]  [Microsoft Corporation, 3.05.2284]
    [C:\WINDOWS\system32\urlmon.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\LINKINFO.dll]  [Microsoft Corporation, 5.1.2600.2751 (xpsp_sp2_gdr.050831-1520)]
    [C:\WINDOWS\system32\rsaenh.dll]  [Microsoft Corporation, 5.1.2600.2161 (xpsp.040706-1629)]
    [C:\WINDOWS\system32\WINSTA.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\webcheck.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WSOCK32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\stobject.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\BatMeter.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\POWRPROF.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WTSAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WPDShServiceObj.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\WINHTTP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\mydocs.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\PortableDeviceTypes.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\PortableDeviceApi.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
    [C:\WINDOWS\system32\NETSHELL.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\rtutils.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\credui.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\iphlpapi.dll]  [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)]
    [C:\WINDOWS\system32\browselc.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MPR.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\drprov.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\ntlanman.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\NETUI0.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\NETUI1.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\NETRAP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\davclnt.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\DUSER.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MLANG.dll]  [Microsoft Corporation, 6.00.2900.2530 (xpsp.040919-1030)]
    [C:\Program Files\Unlocker\UnlockerCOM.dll]  [N/A, ]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\WINDOWS\system32\shdoclc.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SXS.DLL]  [Microsoft Corporation, 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414)]
    [C:\WINDOWS\system32\HiveBase.dll]  [Jiangmin Co., Ltd., 1, 0, 7, 717]
    [C:\WINDOWS\system32\NTMARTA.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\KVInstall.dll]  [Jiangmin Co.,Ltd, 2, 0, 7, 831]
    [d:\ADMINI~1\TEMP\rsv843.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 3, 0, 0]
    [d:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
    [d:\Program Files\Rhinoceros 4.0\System\RhinoShExt.dll]  [Robert McNeel & Associates, 22-Feb-2008]
    [d:\Program Files\NamiRobot\Data\NamipanExt1.dll]  [N/A, ]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\JiangMin\AntiVirus\KVshell.dll]  [Jiangmin Co.Ltd, 2, 0, 7, 1018]
    [C:\JiangMin\AntiVirus\lang\KvXP0804.lng]  [N/A, ]
[PID: 184 / Administrator][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_gdr.070619-1300)]
    [C:\WINDOWS\system32\MSCTF.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSUTB.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ShimEng.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\AppPatch\AcGenral.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3139]
    [C:\WINDOWS\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [d:\ADMINI~1\TEMP\rsv843.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 3, 0, 0]
[PID: 244 / Administrator][C:\WINDOWS\system32\bgswitch.exe]  [N/A, ]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_gdr.070619-1300)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSCTF.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SETUPAPI.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\CLBCATQ.DLL]  [Microsoft Corporation, 2001.12.4414.308]
    [C:\WINDOWS\system32\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.258]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3139]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\shimgvw.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [d:\ADMINI~1\TEMP\rsv843.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 3, 0, 0]
[PID: 256 / Administrator][D:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe]  [SRS Labs, Inc., 2.1.0.0]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\SETUPAPI.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_gdr.070619-1300)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSIMG32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\COMDLG32.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)]
    [C:\WINDOWS\system32\WINSPOOL.DRV]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3139]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WININET.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\DSOUND.dll]  [Microsoft Corporation, 5.3.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IPHLPAPI.DLL]  [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSCTF.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINTRUST.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMAGEHLP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\wdmaud.drv]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\midimap.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\KsUser.dll]  [Microsoft Corporation, 5.3.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [d:\ADMINI~1\TEMP\rsv843.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 3, 0, 0]
[PID: 264 / Administrator][D:\Program Files\SogouInput\OlympicNews.exe]  [Sogou.com Inc., 3.5.0.0]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WININET.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_gdr.070619-1300)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3139]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\IMM32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\COMCTL32.dll]  [Microsoft Corporation, 5.82 (xpsp.060825-0040)]
    [C:\WINDOWS\system32\MSIMG32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\NTMARTA.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SAMLIB.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\wsock32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RASAPI32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\rasman.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106)]
    [C:\WINDOWS\system32\TAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\rtutils.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\urlmon.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\System32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)]
    [C:\WINDOWS\system32\rasadhlp.dll]  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)]
    [C:\WINDOWS\system32\hnetcfg.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\wshtcpip.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\Program Files\SogouInput\pxpnet.dll]  [Sohu.com Inc., 1, 0, 0, 23]
    [C:\WINDOWS\system32\ODBC32.dll]  [Microsoft Corporation, 3.525.1117.0 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\comdlg32.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\odbcint.dll]  [Microsoft Corporation, 3.525.1117.0 built by: (_sqlbld)]
    [C:\WINDOWS\system32\inetmib1.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\iphlpapi.dll]  [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)]
    [C:\WINDOWS\system32\snmpapi.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MPRAPI.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ACTIVEDS.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\adsldpc.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ATL.DLL]  [Microsoft Corporation, 3.05.2284]
    [C:\WINDOWS\system32\SETUPAPI.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSCTF.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\sensapi.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [d:\ADMINI~1\TEMP\rsv843.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 3, 0, 0]
[PID: 292 / SYSTEM][C:\WINDOWS\arservice.exe]  [Microsoft, 6.0.0160.0]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_gdr.070619-1300)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SETUPAPI.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\POWRPROF.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\wdmaud.drv]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINTRUST.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMAGEHLP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\midimap.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [d:\ADMINI~1\TEMP\rsv843.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 3, 0, 0]
[PID: 348 / SYSTEM][D:\Program Files\StormII\stormliv.exe]  [北京暴风网际科技有限公司, 3, 7, 12, 20]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_gdr.070619-1300)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\Program Files\StormII\MSVCP60.dll]  [Microsoft Corporation, 6.02.3104.0]
    [C:\WINDOWS\system32\MFC42.DLL]  [Microsoft Corporation, 6.02.4131.0]
    [C:\WINDOWS\system32\comdlg32.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3139]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SETUPAPI.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WININET.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MFC42LOC.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [C:\WINDOWS\system32\xpsp2res.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\hnetcfg.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\wshtcpip.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\CLBCATQ.DLL]  [Microsoft Corporation, 2001.12.4414.308]
    [C:\WINDOWS\system32\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.258]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)]
    [C:\WINDOWS\System32\winrnr.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msxml3.dll]  [Microsoft Corporation, 8.90.1101.0]
    [C:\WINDOWS\system32\rasadhlp.dll]  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)]
    [C:\WINDOWS\system32\urlmon.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\mlang.dll]  [Microsoft Corporation, 6.00.2900.2530 (xpsp.040919-1030)]
    [d:\ADMINI~1\TEMP\rsv843.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 3, 0, 0]
[PID: 512 / SYSTEM][C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe]  [Ulead Systems, Inc., 1, 0, 0, 4]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [d:\ADMINI~1\TEMP\rsv843.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 3, 0, 0]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_gdr.070619-1300)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 28]
[PID: 1708 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ShimEng.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\AppPatch\AcGenral.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_gdr.070619-1300)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3139]
    [C:\WINDOWS\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\comctl32.dll]  [Microsoft Corporation, 5.82 (xpsp.060825-0040)]
    [C:\WINDOWS\system32\vvebc1nt.dll]  [N/A, ]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WININET.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\PSAPI.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\vvebc1nt.zip]  [奇虎网, 3, 6, 4, 1001]
    [C:\WINDOWS\system32\Apphelp.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\wsock32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RASAPI32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\rasman.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106)]
    [C:\WINDOWS\system32\TAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\rtutils.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\sensapi.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\urlmon.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\System32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)]
    [C:\WINDOWS\system32\rasadhlp.dll]  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)]
    [C:\WINDOWS\system32\hnetcfg.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\wshtcpip.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\CLBCATQ.DLL]  [Microsoft Corporation, 2001.12.4414.308]
    [C:\WINDOWS\system32\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.258]
    [C:\WINDOWS\system32\shdocvw.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\CRYPTUI.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINTRUST.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMAGEHLP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\shdoclc.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\xpsp2res.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\mlang.dll]  [Microsoft Corporation, 6.00.2900.2530 (xpsp.040919-1030)]
    [C:\WINDOWS\system32\mshtml.dll]  [Microsoft Corporation, 6.00.2900.3243 (xpsp_sp2_gdr.071029-1246)]
    [C:\WINDOWS\system32\msls31.dll]  [Microsoft Corporation, 3.10.349.0]
    [C:\WINDOWS\system32\msimtf.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSCTF.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SETUPAPI.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [d:\ADMINI~1\TEMP\rsv843.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 3, 0, 0]
[PID: 1988 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ShimEng.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\AppPatch\AcGenral.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_gdr.070619-1300)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3139]
    [C:\WINDOWS\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\comctl32.dll]  [Microsoft Corporation, 5.82 (xpsp.060825-0040)]
    [C:\WINDOWS\system32\vvebc1nt.ocx]  [N/A, ]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WININET.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\PSAPI.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\vvebc1nt.zip]  [奇虎网, 3, 6, 4, 1001]
    [d:\ADMINI~1\TEMP\rsv843.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 3, 0, 0]
[PID: 232 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\ShimEng.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\AppPatch\AcGenral.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_gdr.070619-1300)]
    [C:\WINDOWS\System32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3139]
    [C:\WINDOWS\System32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\comctl32.dll]  [Microsoft Corporation, 5.82 (xpsp.060825-0040)]
    [C:\WINDOWS\System32\NTMARTA.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\SAMLIB.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\xpsp2res.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\w3ssl.dll]  [Microsoft Corporation, 6.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\strmfilt.dll]  [Microsoft Corporation, 6.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\HTTPAPI.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [d:\ADMINI~1\TEMP\rsv843.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 3, 0, 0]
[PID: 336 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ShimEng.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\AppPatch\AcGenral.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_gdr.070619-1300)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3139]
    [C:\WINDOWS\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\comctl32.dll]  [Microsoft Corporation, 5.82 (xpsp.060825-0040)]
    [C:\WINDOWS\system32\vvebc1nt.ocx]  [N/A, ]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WININET.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\PSAPI.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [d:\ADMINI~1\TEMP\rsv843.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 3, 0, 0]
    [C:\WINDOWS\system32\vvebc1nt.zip]  [奇虎网, 3, 6, 4, 1001]
[PID: 736 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ShimEng.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\AppPatch\AcGenral.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_gdr.070619-1300)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3139]
    [C:\WINDOWS\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\comctl32.dll]  [Microsoft Corporation, 5.82 (xpsp.060825-0040)]
    [C:\WINDOWS\system32\vvebc1nt.ocx]  [N/A, ]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WININET.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\PSAPI.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [d:\ADMINI~1\TEMP\rsv843.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 3, 0, 0]
    [C:\WINDOWS\system32\vvebc1nt.zip]  [奇虎网, 3, 6, 4, 1001]
[PID: 896 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ShimEng.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\AppPatch\AcGenral.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_gdr.070619-1300)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3139]
    [C:\WINDOWS\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\comctl32.dll]  [Microsoft Corporation, 5.82 (xpsp.060825-0040)]
    [C:\WINDOWS\system32\vvebc1nt.ocx]  [N/A, ]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WININET.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\PSAPI.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [d:\ADMINI~1\TEMP\rsv843.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 3, 0, 0]
    [C:\WINDOWS\system32\vvebc1nt.zip]  [奇虎网, 3, 6, 4, 1001]
[PID: 1188 / Administrator][D:\TheWorld2\TheWorld.exe]  [Phoenix Studio, 2, 1, 3, 0]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_gdr.070619-1300)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMM32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\comdlg32.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3139]
    [C:\WINDOWS\system32\WININET.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\urlmon.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 28]
    [C:\WINDOWS\system32\MSCTF.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\appHelp.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\CLBCATQ.DLL]  [Microsoft Corporation, 2001.12.4414.308]
    [C:\WINDOWS\system32\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.258]
    [C:\WINDOWS\system32\AcSignIcon.dll]  [Autodesk, 16.2.54.0]
    [C:\WINDOWS\system32\WINSPOOL.DRV]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\OLEACC.dll]  [Microsoft Corporation, 4.2.5406.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\MSVCP60.dll]  [Microsoft Corporation, 6.02.3104.0]
    [C:\WINDOWS\System32\cscui.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\CSCDLL.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SETUPAPI.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\shdocvw.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\CRYPTUI.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINTRUST.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMAGEHLP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106)]
    [C:\WINDOWS\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\browseui.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [D:\THEWOR~1\Plugin\SysState\SysState.dll]  [Phoenix Stdio, 1, 0, 0, 5]
    [C:\WINDOWS\system32\iphlpapi.dll]  [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)]
    [C:\WINDOWS\system32\msxml3.dll]  [Microsoft Corporation, 8.90.1101.0]
    [C:\WINDOWS\system32\DSOUND.DLL]  [Microsoft Corporation, 5.3.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\vbscript.dll]  [Microsoft Corporation, 5.6.0.8820]
    [C:\WINDOWS\system32\MFC42.DLL]  [Microsoft Corporation, 6.02.4131.0]
    [C:\WINDOWS\system32\MFC42LOC.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [C:\WINDOWS\system32\SXS.DLL]  [Microsoft Corporation, 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414)]
    [C:\WINDOWS\system32\mshtml.dll]  [Microsoft Corporation, 6.00.2900.3243 (xpsp_sp2_gdr.071029-1246)]
    [C:\WINDOWS\system32\msls31.dll]  [Microsoft Corporation, 3.10.349.0]
    [C:\WINDOWS\system32\PSAPI.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MPRAPI.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ACTIVEDS.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\adsldpc.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ATL.DLL]  [Microsoft Corporation, 3.05.2284]
    [C:\WINDOWS\system32\rtutils.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SAMLIB.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\xpsp2res.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msi.dll]  [Microsoft Corporation, 3.1.4000.4039]
    [C:\WINDOWS\system32\UrlFilter.dll]  [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15]
    [C:\WINDOWS\system32\shdoclc.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\mlang.dll]  [Microsoft Corporation, 6.00.2900.2530 (xpsp.040919-1030)]
    [C:\WINDOWS\system32\msimtf.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\wsock32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\hnetcfg.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\wshtcpip.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RASAPI32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\rasman.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\TAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\sensapi.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)]
    [C:\WINDOWS\system32\rasadhlp.dll]  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)]
    [C:\WINDOWS\System32\winrnr.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ImgUtil.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\pngfilt.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\actxprxy.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\mshtmled.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\iepeers.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\SOGOUPY.IME]  [Sogou.com Inc., 3.5.0.0]
    [C:\WINDOWS\system32\MSIMG32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\NTMARTA.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [d:\Program Files\SogouInput\Plugin\SgImeWord.dll]  [Sogou.com Inc., 3.5.0.0]
    [C:\WINDOWS\system32\dciman32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [d:\ADMINI~1\TEMP\rsv843.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 3, 0, 0]
    [C:\WINDOWS\system32\mscoree.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\system32\dxtrans.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\ddrawex.dll]  [Microsoft Corporation, 5.03.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\DDRAW.dll]  [Microsoft Corporation, 5.03.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\dxtmsft.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\MPR.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\drprov.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\ntlanman.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\NETUI0.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\NETUI1.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\NETRAP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\davclnt.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\twext.dll]  [Microsoft Corporation, 6.00.3800.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\mshtmler.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 484 / Administrator][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_gdr.070619-1300)]
    [C:\WINDOWS\system32\IMM32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ShimEng.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\AppPatch\AcGenral.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3139]
    [C:\WINDOWS\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 28]
    [C:\WINDOWS\system32\comctl32.dll]  [Microsoft Corporation, 5.82 (xpsp.060825-0040)]
    [C:\WINDOWS\system32\urlmon.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\MSCTF.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [d:\ADMINI~1\TEMP\rsv843.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 3, 0, 0]
[PID: 3304 / Administrator][C:\Documents and Settings\Administrator\LocalS~1\Temp\un_kv.exe]  [                                                                                            ,  0. 0. ]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\user32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_gdr.070619-1300)]
    [C:\WINDOWS\system32\advapi32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\oleaut32.dll]  [Microsoft Corporation, 5.1.2600.3139]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [C:\WINDOWS\system32\SHFolder.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 28]
    [C:\WINDOWS\system32\urlmon.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\comctl32.dll]  [Microsoft Corporation, 5.82 (xpsp.060825-0040)]
    [C:\WINDOWS\system32\Apphelp.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3340 / Administrator][C:\WINDOWS\system32\cmd.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_gdr.070619-1300)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 28]
    [C:\WINDOWS\system32\urlmon.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 808 / Administrator][C:\JiangMin\Antivirus\UnRAR.exe]  [N/A, ]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\ADVAPI32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHELL32.DLL]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_gdr.070619-1300)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 28]
    [C:\WINDOWS\system32\comctl32.dll]  [Microsoft Corporation, 5.82 (xpsp.060825-0040)]
    [C:\WINDOWS\system32\urlmon.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSCTF.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SETUPAPI.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2800 / Administrator][d:\Administrator_Documents\我的文档\kztechssuite(1)\小狮子.bat]  [Smallfrogs Studio, 2.6.11.992]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [d:\ADMINI~1\TEMP\rsv843.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 3, 0, 0]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_gdr.070619-1300)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 28]
    [C:\WINDOWS\system32\Apphelp.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 640 / Administrator][d:\Administrator_Documents\我的文档\kztechssuite(1)\SRE1ca9e52b.EXE]  [Smallfrogs Studio, 2.6.11.992]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3159 (xpsp_sp2_gdr.070619-1300)]
    [C:\WINDOWS\system32\comdlg32.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)]
    [C:\WINDOWS\system32\WINSPOOL.DRV]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\oledlg.dll]  [Microsoft Corporation, 1.0 (xpsp_sp2_gdr.061016-0148)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3139]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WININET.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [d:\ADMINI~1\TEMP\rsv843.tmp]  [Beijing Rising Tech. Co., Ltd., 1, 3, 0, 0]
    [C:\WINDOWS\system32\RICHED20.DLL]  [Microsoft Corporation, 5.30.23.1228]
    [C:\WINDOWS\system32\NTMARTA.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SAMLIB.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSCTF.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\sfc.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINTRUST.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMAGEHLP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [d:\Administrator_Documents\我的文档\kztechssuite(1)\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
    [C:\WINDOWS\system32\Winsta.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106)]
    [C:\WINDOWS\system32\utildll.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\TAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\rtutils.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SETUPAPI.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\xpsp2res.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\rsaenh.dll]  [Microsoft Corporation, 5.1.2600.2161 (xpsp.040706-1629)]
    [C:\WINDOWS\system32\wsock32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RASAPI32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\rasman.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\sensapi.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\userenv.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\urlmon.dll]  [Microsoft Corporation, 6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)]
    [C:\WINDOWS\System32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)]
    [C:\WINDOWS\system32\rasadhlp.dll]  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)]
    [C:\WINDOWS\system32\hnetcfg.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\wshtcpip.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\cryptnet.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINHTTP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Cabinet.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
N/A

==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 1888, C:\WINDOWS\SYSTEM32\SPOOLSV.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1892, C:\WINDOWS\EXPLORER.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 244, C:\WINDOWS\SYSTEM32\BGSWITCH.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 256, D:\PROGRAM FILES\SRS LABS\AUDIO SANDBOX\SRSSSC.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 292, C:\WINDOWS\ARSERVICE.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1188, D:\THEWORLD2\THEWORLD.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3304, C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCALS~1\TEMP\UN_KV.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 808, C:\JIANGMIN\ANTIVIRUS\UNRAR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2800, D:\ADMINISTRATOR_DOCUMENTS\我的文档\KZTECHSSUITE(1)\小狮子.BAT]

==================================
API HOOK
入口点错误:RegCreateKeyExA (危险等级: 高,  被下面模块所HOOK: 0x00E81FE5)
入口点错误:RegCreateKeyExW (危险等级: 高,  被下面模块所HOOK: 0x00E820B5)
入口点错误:Process32NextW (危险等级: 高,  被下面模块所HOOK: 0x00E82325)
入口点错误:Module32FirstW (危险等级: 高,  被下面模块所HOOK: 0x00E839ED)
入口点错误:TerminateProcess (危险等级: 高,  被下面模块所HOOK: 0x00E8413D)
入口点错误:CreateProcessA (危险等级: 高,  被下面模块所HOOK: 0x00E82185)
入口点错误:CreateProcessW (危险等级: 高,  被下面模块所HOOK: 0x00E82255)
入口点错误:FindWindowA (危险等级: 高,  被下面模块所HOOK: 0x00E83ABD)
入口点错误:FindWindowExA (危险等级: 高,  被下面模块所HOOK: 0x00E83C5D)
入口点错误:FindWindowExW (危险等级: 高,  被下面模块所HOOK: 0x00E83D2D)
入口点错误:FindWindowW (危险等级: 高,  被下面模块所HOOK: 0x00E83B8D)
入口点错误:SendMessageA (危险等级: 高,  被下面模块所HOOK: 0x00E83DFD)
入口点错误:SendMessageW (危险等级: 高,  被下面模块所HOOK: 0x00E83ECD)

==================================
隐藏进程
N/A

==================================


gototop
 

回复:救命啊!要死了!我的瑞星 防火墙 卡卡 都不能装了

AutoRuns.txt


HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run           

+ RavTask            文件未找到: C:\Program Files\Rising\Rav\RavTask.exe

C:\Documents and Settings\Administrator\「开始」菜单\程序\启动           

+ 34098656.lnk            d:\program files\tencent\qq\caihong.exe

+ ProcessTamer.lnk    汉化: 余飞雨        d:\tool\process tamer\processtamertray.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run           

+ bgswitch            c:\windows\system32\bgswitch.exe

+ OlympicExpress    搜狐奥运快讯    Sogou.com Inc.    d:\program files\sogouinput\olympicnews.exe

+ SRS Audio Sandbox    SRS Audio Sandbox control panel    SRS Labs, Inc.    d:\program files\srs labs\audio sandbox\srsssc.exe

HKLM\SOFTWARE\Classes\Protocols\Handler           

+ ic32pp            c:\windows\wc98pp.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved           

+ AutoCAD 数字签名图标覆盖处理程序    AcSignIcon Module    Autodesk    c:\windows\system32\acsignicon.dll

+ Autodesk Drawing Preview    AcThumbnail Module    Autodesk    c:\program files\common files\autodesk shared\thumbnail\acthumbnail16.dll

+ Autodesk DWF Preview    AcThumbnail Module    Autodesk    c:\program files\common files\autodesk shared\thumbnail\acdwfthmbprxy16.dll

+ GMail Drive    GMail File System Shell Namespace Extension    Bjarke Viksoe    c:\windows\system32\shellext\gmailfs.dll

+ GMailFS Context Menu    GMail File System Shell Namespace Extension    Bjarke Viksoe    c:\windows\system32\shellext\gmailfs.dll

+ GMailFS Drop Handler    GMail File System Shell Namespace Extension    Bjarke Viksoe    c:\windows\system32\shellext\gmailfs.dll

+ GMailFS Property Sheet    GMail File System Shell Namespace Extension    Bjarke Viksoe    c:\windows\system32\shellext\gmailfs.dll

+ RhinoShExt    Rhino 3DM File Extension    Robert McNeel & Associates    d:\program files\rhinoceros 4.0\system\rhinoshext.dll

+ UnlockerShellExtension            c:\program files\unlocker\unlockercom.dll

+ WinRAR shell extension            c:\program files\winrar\rarext.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects           

+ IE2EMBHO Class            文件未找到: D:\TDdownload\easyMule\modules\IE2EM.dll

+ 卡卡上网安全助手    Rising AntiSpyware UrlFilter Module    Beijing Rising Information Technology Co., Ltd.    c:\windows\system32\urlfilter.dll

HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks           

+ cssrhplus.dll    CSSrhPlus Module    ChinaStar Studio    c:\windows\system32\cssrhplus.dll

HKLM\System\CurrentControlSet\Services           

+ Ati HotKey Poller    ATI External Event Utility EXE Module    ATI Technologies Inc.    c:\windows\system32\ati2evxx.exe

+ ATI Smart    ATI Smart        c:\windows\system32\ati2sgag.exe

+ ccosm    暴风影音媒体控制中心    北京暴风网际科技有限公司    d:\program files\stormii\stormliv.exe

+ MPSVCService            文件未找到: C:\Program Files\Micropoint\MPSVC.exe

+ RfwProxySrv            文件未找到: c:\program files\rising\rfw\rfwproxy.exe

+ RfwService            文件未找到: c:\program files\rising\rfw\rfwsrv.exe

+ UleadBurningHelper    ULCDRSvr    Ulead Systems, Inc.    c:\program files\common files\ulead systems\dvd\ulcdrsvr.exe

+ vvebc1nt            c:\windows\system32\vvebc1nt.exe

HKLM\System\CurrentControlSet\Services           

+ 0000ddfc            文件未找到: C:\WINDOWS\system32\Drivers\0000ddfc.sys

+ 0000e752            文件未找到: C:\WINDOWS\system32\Drivers\0000e752.sys

+ 0000ed1f            文件未找到: C:\WINDOWS\system32\Drivers\0000ed1f.sys

+ 0000efbf            文件未找到: C:\WINDOWS\system32\Drivers\0000efbf.sys

+ 0000f339            文件未找到: C:\WINDOWS\system32\Drivers\0000f339.sys

+ 0000f675            文件未找到: C:\WINDOWS\system32\Drivers\0000f675.sys

+ 0000f954            文件未找到: C:\WINDOWS\system32\Drivers\0000f954.sys

+ 00010700            文件未找到: C:\WINDOWS\system32\Drivers\00010700.sys

+ 000117d8            文件未找到: C:\WINDOWS\system32\Drivers\000117d8.sys

+ 00021ff2            文件未找到: C:\WINDOWS\system32\Drivers\00021ff2.sys

+ 0006ccf7            文件未找到: C:\WINDOWS\system32\Drivers\0006ccf7.sys

+ ALCXWDM    Realtek AC'97 Audio Driver (WDM)    Realtek Semiconductor Corp.    c:\windows\system32\drivers\alcxwdm.sys

+ AntiArpNdisProt    NDIS User mode I/O Driver    Windows (R) 2000 DDK provider    c:\windows\system32\drivers\antiarpndisprot.sys

+ ati2mtag    ATI Radeon WindowsNT Miniport Driver    ATI Technologies Inc.    c:\windows\system32\drivers\ati2mtag.sys

+ BRGSp50    PCAUSA NDIS 5.0 SPR Protocol Driver    Printing Communications Assoc., Inc. (PCAUSA)    c:\windows\system32\drivers\brgsp50.sys

+ BT848    WinFast TV2000 XP WDM Video Capture Driver.    Leadtek Research Inc.    c:\windows\system32\drivers\wf2kvcap.sys

+ cmpci    C-Media Audio WDM Driver    C-Media Inc    c:\windows\system32\drivers\cmaudio.sys

+ d347bus    PnP BIOS Extension         c:\windows\system32\drivers\d347bus.sys

+ d347prt    SCSI miniport         c:\windows\system32\drivers\d347prt.sys

+ HookNtos    HookNtos    Beijing Rising Technology Co., Ltd    c:\windows\system32\drivers\hookntos.sys

+ HookReg    HookReg    Beijing Rising Technology Co., Ltd    c:\windows\system32\drivers\hookreg.sys

+ HookSys    Hooksys    Beijing Rising Technology Co., Ltd    c:\windows\system32\drivers\hooksys.sys

+ HookUrl            文件未找到: C:\Program Files\Rising\Rfw\HookUrl.sys

+ MotDev    Motorola USB Composite/Flash Driver    Motorola Inc    c:\windows\system32\drivers\motodrv.sys

+ motmodem    Motorola USB Modem and Ports Driver    Motorola    c:\windows\system32\drivers\motmodem.sys

+ mp110001    mp110001    MicroPoint Corporation    c:\windows\system32\drivers\mp110001.sys

+ mp110002    mp110002    Micropoint Corporation    c:\windows\system32\drivers\mp110002.sys

+ mp110003    mp110003    Micropoint Corporation    c:\windows\system32\drivers\mp110003.sys

+ mp110004    mp110004    Micropoint Corporation    c:\windows\system32\drivers\mp110004.sys

+ mp110005    mp110005    Micropoint Corporation    c:\windows\system32\drivers\mp110005.sys

+ mp110006    mp110006    Micropoint Corporation    c:\windows\system32\drivers\mp110006.sys

+ mp110007    mp110007    Micropoint Corporation    c:\windows\system32\drivers\mp110007.sys

+ mp110008    mp110008    Micropoint Corporation    c:\windows\system32\drivers\mp110008.sys

+ mp110009    mp110009    Micropoint Corporation    c:\windows\system32\drivers\mp110009.sys

+ mp110013    mp110013    Micropoint Corporation    c:\windows\system32\drivers\mp110013.sys

+ NPF    npf.sys (NT5/6 x86) Kernel Driver    CACE Technologies    c:\windows\system32\drivers\npf.sys

+ PSXGamepadEnabler    Psxpad Driver    Yoshinari Kimura    c:\windows\system32\drivers\psxpad.sys

+ PsxPortEnumerator    PsxPortEnumerator    Yoshinari Kimura    c:\windows\system32\drivers\psxenum.sys

+ Ptilink    Parallel Technologies DirectParallel IO Library    Parallel Technologies, Inc.    c:\windows\system32\drivers\ptilink.sys

+ RfwBase    net base driver    Beijing Rising Information Technology Co., Ltd.    c:\windows\system32\drivers\rfwbase.sys

+ RsFwDrv            文件未找到: C:\Program Files\Rising\Rfw\RsFwDrv.sys

+ RsNTGDI    RsNTGDI    Beijing Rising Technology Co., Ltd.    c:\windows\system32\drivers\rsntgdi.sys

+ rtl8139    Realtek RTL8139 NDIS 5.0 Driver    Realtek Semiconductor Corporation    c:\windows\system32\drivers\rtl8139.sys

+ Secdrv    Macrovision SECURITY Driver    Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.    c:\windows\system32\drivers\secdrv.sys

+ SRS_SSCFilter    SRS WOW HD, TSXT, CSII, Mobile HD Standalone driver        c:\windows\system32\drivers\srs_sscfilter_i386.sys

+ tv2ktunr    WinFast TV2000 XP WDM Tuner Driver.    Leadtek Research Inc.    c:\windows\system32\drivers\wf2ktunr.sys

+ Tv2kXbar    WinFast TV2000 XP WDM XBar Crossbar Driver.    Leadtek Research Inc.    c:\windows\system32\drivers\wf2kxbar.sys

+ vvebc1ntDrv            文件未找到: C:\WINDOWS\system32\vvebc1nt.sys

+ WFIOCTL    WinFast MultiMedia Device Driver    Leadtek Research Inc.    d:\program files\winfast\wfdtv\wfioctl.sys

+ xAntiArp    Sample NDIS 4.0 Intermediate Miniport Driver    Windows (R) 2000 DDK provider    c:\windows\system32\drivers\xantiarp.sys

+ ZD1211BU(ZyDAS)    ZD1211B 802.11 b+g USB LAN Driver    ZyDAS Technology Corporation    c:\windows\system32\drivers\zd1211bu.sys

+ ZDPSp50    PCAUSA NDIS 5.0 SPR Protocol Driver    Printing Communications Assoc., Inc. (PCAUSA)    c:\windows\system32\drivers\zdpsp50.sys

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls           

+ kmon.dll    KaKa Monitors    Beijing Rising Information Technology Co., Ltd.    c:\windows\system32\kmon.dll

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify           

+ AtiExtEvent    ATI External Event Utility DLL Module    ATI Technologies Inc.    c:\windows\system32\ati2evxx.dll
gototop
 

回复:救命啊!要死了!我的瑞星 防火墙 卡卡 都不能装了

/瑞星听诊信息.htm


未知家族病毒分析
扫描结果:
无可疑文件


系统活动进程
C:\WINDOWS\SYSTEM32\CTFMON.EXE
C:\WINDOWS\SYSTEM32\NTDLL.DLL
C:\WINDOWS\SYSTEM32\KERNEL32.DLL
C:\WINDOWS\SYSTEM32\MSVCRT.DLL
C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
C:\WINDOWS\SYSTEM32\RPCRT4.DLL
C:\WINDOWS\SYSTEM32\SECUR32.DLL
C:\WINDOWS\SYSTEM32\USER32.DLL
C:\WINDOWS\SYSTEM32\GDI32.DLL
C:\WINDOWS\SYSTEM32\MSCTF.DLL
C:\WINDOWS\SYSTEM32\MSUTB.DLL
C:\WINDOWS\SYSTEM32\SHIMENG.DLL
C:\WINDOWS\APPPATCH\ACGENRAL.DLL
C:\WINDOWS\SYSTEM32\WINMM.DLL
C:\WINDOWS\SYSTEM32\OLE32.DLL
C:\WINDOWS\SYSTEM32\OLEAUT32.DLL
C:\WINDOWS\SYSTEM32\MSACM32.DLL
C:\WINDOWS\SYSTEM32\VERSION.DLL
C:\WINDOWS\SYSTEM32\SHELL32.DLL
C:\WINDOWS\SYSTEM32\SHLWAPI.DLL
C:\WINDOWS\SYSTEM32\USERENV.DLL
C:\WINDOWS\SYSTEM32\UXTHEME.DLL
C:\WINDOWS\SYSTEM32\IMM32.DLL
C:\WINDOWS\SYSTEM32\LPK.DLL
C:\WINDOWS\SYSTEM32\USP10.DLL
C:\WINDOWS\SYSTEM32\MSCTFIME.IME
D:\ADMINI~1\TEMP\RSV843.TMP

C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\NTDLL.DLL
C:\WINDOWS\SYSTEM32\KERNEL32.DLL
C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
C:\WINDOWS\SYSTEM32\RPCRT4.DLL
C:\WINDOWS\SYSTEM32\SECUR32.DLL
C:\WINDOWS\SYSTEM32\SHIMENG.DLL
C:\WINDOWS\APPPATCH\ACGENRAL.DLL
C:\WINDOWS\SYSTEM32\USER32.DLL
C:\WINDOWS\SYSTEM32\GDI32.DLL
C:\WINDOWS\SYSTEM32\WINMM.DLL
C:\WINDOWS\SYSTEM32\OLE32.DLL
C:\WINDOWS\SYSTEM32\MSVCRT.DLL
C:\WINDOWS\SYSTEM32\OLEAUT32.DLL
C:\WINDOWS\SYSTEM32\MSACM32.DLL
C:\WINDOWS\SYSTEM32\VERSION.DLL
C:\WINDOWS\SYSTEM32\SHELL32.DLL
C:\WINDOWS\SYSTEM32\SHLWAPI.DLL
C:\WINDOWS\SYSTEM32\USERENV.DLL
C:\WINDOWS\SYSTEM32\UXTHEME.DLL
C:\WINDOWS\SYSTEM32\IMM32.DLL
C:\WINDOWS\SYSTEM32\LPK.DLL
C:\WINDOWS\SYSTEM32\USP10.DLL
C:\WINDOWS\SYSTEM32\COMCTL32.DLL
C:\WINDOWS\SYSTEM32\NTMARTA.DLL
C:\WINDOWS\SYSTEM32\WLDAP32.DLL
C:\WINDOWS\SYSTEM32\SAMLIB.DLL
C:\WINDOWS\SYSTEM32\XPSP2RES.DLL
C:\WINDOWS\SYSTEM32\W3SSL.DLL
C:\WINDOWS\SYSTEM32\STRMFILT.DLL
C:\WINDOWS\SYSTEM32\CRYPT32.DLL
C:\WINDOWS\SYSTEM32\MSASN1.DLL
C:\WINDOWS\SYSTEM32\HTTPAPI.DLL
C:\WINDOWS\SYSTEM32\WS2_32.DLL
C:\WINDOWS\SYSTEM32\WS2HELP.DLL
D:\ADMINI~1\TEMP\RSV843.TMP

C:\WINDOWS\SYSTEM32\BGSWITCH.EXE
C:\WINDOWS\SYSTEM32\NTDLL.DLL
C:\WINDOWS\SYSTEM32\KERNEL32.DLL
C:\WINDOWS\SYSTEM32\MSVCRT.DLL
C:\WINDOWS\SYSTEM32\USER32.DLL
C:\WINDOWS\SYSTEM32\GDI32.DLL
C:\WINDOWS\SYSTEM32\SHELL32.DLL
C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
C:\WINDOWS\SYSTEM32\RPCRT4.DLL
C:\WINDOWS\SYSTEM32\SECUR32.DLL
C:\WINDOWS\SYSTEM32\SHLWAPI.DLL
C:\WINDOWS\SYSTEM32\OLE32.DLL
C:\WINDOWS\SYSTEM32\IMM32.DLL
C:\WINDOWS\SYSTEM32\LPK.DLL
C:\WINDOWS\SYSTEM32\USP10.DLL
C:\WINDOWS\SYSTEM32\MSCTF.DLL
C:\WINDOWS\SYSTEM32\MSCTFIME.IME
C:\WINDOWS\SYSTEM32\SETUPAPI.DLL
C:\WINDOWS\SYSTEM32\CLBCATQ.DLL
C:\WINDOWS\SYSTEM32\COMRES.DLL
C:\WINDOWS\SYSTEM32\OLEAUT32.DLL
C:\WINDOWS\SYSTEM32\VERSION.DLL
C:\WINDOWS\SYSTEM32\SHIMGVW.DLL
D:\ADMINI~1\TEMP\RSV843.TMP

D:\PROGRAM FILES\SRS LABS\AUDIO SANDBOX\SRSSSC.EXE
C:\WINDOWS\SYSTEM32\NTDLL.DLL
C:\WINDOWS\SYSTEM32\KERNEL32.DLL
C:\WINDOWS\SYSTEM32\SETUPAPI.DLL
C:\WINDOWS\SYSTEM32\MSVCRT.DLL
C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
C:\WINDOWS\SYSTEM32\RPCRT4.DLL
C:\WINDOWS\SYSTEM32\SECUR32.DLL
C:\WINDOWS\SYSTEM32\GDI32.DLL
C:\WINDOWS\SYSTEM32\USER32.DLL
C:\WINDOWS\SYSTEM32\VERSION.DLL
C:\WINDOWS\SYSTEM32\MSIMG32.DLL
C:\WINDOWS\SYSTEM32\COMDLG32.DLL
C:\WINDOWS\SYSTEM32\SHLWAPI.DLL
C:\WINDOWS\SYSTEM32\SHELL32.DLL
C:\WINDOWS\SYSTEM32\WINSPOOL.DRV
C:\WINDOWS\SYSTEM32\OLE32.DLL
C:\WINDOWS\SYSTEM32\OLEAUT32.DLL
C:\WINDOWS\SYSTEM32\WS2_32.DLL
C:\WINDOWS\SYSTEM32\WS2HELP.DLL
C:\WINDOWS\SYSTEM32\WINMM.DLL
C:\WINDOWS\SYSTEM32\WININET.DLL
C:\WINDOWS\SYSTEM32\CRYPT32.DLL
C:\WINDOWS\SYSTEM32\MSASN1.DLL
C:\WINDOWS\SYSTEM32\DSOUND.DLL
C:\WINDOWS\SYSTEM32\IPHLPAPI.DLL
C:\WINDOWS\SYSTEM32\IMM32.DLL
C:\WINDOWS\SYSTEM32\LPK.DLL
C:\WINDOWS\SYSTEM32\USP10.DLL
C:\WINDOWS\SYSTEM32\MSCTF.DLL
C:\WINDOWS\SYSTEM32\WINTRUST.DLL
C:\WINDOWS\SYSTEM32\IMAGEHLP.DLL
C:\WINDOWS\SYSTEM32\WDMAUD.DRV
C:\WINDOWS\SYSTEM32\MSACM32.DRV
C:\WINDOWS\SYSTEM32\MSACM32.DLL
C:\WINDOWS\SYSTEM32\MIDIMAP.DLL
C:\WINDOWS\SYSTEM32\MSCTFIME.IME
C:\WINDOWS\SYSTEM32\UXTHEME.DLL
C:\WINDOWS\SYSTEM32\KSUSER.DLL
D:\ADMINI~1\TEMP\RSV843.TMP

D:\PROGRAM FILES\SOGOUINPUT\OLYMPICNEWS.EXE
C:\WINDOWS\SYSTEM32\NTDLL.DLL
C:\WINDOWS\SYSTEM32\KERNEL32.DLL
C:\WINDOWS\SYSTEM32\VERSION.DLL
C:\WINDOWS\SYSTEM32\WININET.DLL
C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
C:\WINDOWS\SYSTEM32\RPCRT4.DLL
C:\WINDOWS\SYSTEM32\SECUR32.DLL
C:\WINDOWS\SYSTEM32\CRYPT32.DLL
C:\WINDOWS\SYSTEM32\MSVCRT.DLL
C:\WINDOWS\SYSTEM32\USER32.DLL
C:\WINDOWS\SYSTEM32\GDI32.DLL
C:\WINDOWS\SYSTEM32\MSASN1.DLL
C:\WINDOWS\SYSTEM32\OLEAUT32.DLL
C:\WINDOWS\SYSTEM32\OLE32.DLL
C:\WINDOWS\SYSTEM32\SHLWAPI.DLL
C:\WINDOWS\SYSTEM32\IMM32.DLL
C:\WINDOWS\SYSTEM32\COMCTL32.DLL
C:\WINDOWS\SYSTEM32\MSIMG32.DLL
C:\WINDOWS\SYSTEM32\SHELL32.DLL
C:\WINDOWS\SYSTEM32\LPK.DLL
C:\WINDOWS\SYSTEM32\USP10.DLL
C:\WINDOWS\SYSTEM32\NTMARTA.DLL
C:\WINDOWS\SYSTEM32\WLDAP32.DLL
C:\WINDOWS\SYSTEM32\SAMLIB.DLL
C:\WINDOWS\SYSTEM32\WSOCK32.DLL
C:\WINDOWS\SYSTEM32\WS2_32.DLL
C:\WINDOWS\SYSTEM32\WS2HELP.DLL
C:\WINDOWS\SYSTEM32\RASAPI32.DLL
C:\WINDOWS\SYSTEM32\RASMAN.DLL
C:\WINDOWS\SYSTEM32\NETAPI32.DLL
C:\WINDOWS\SYSTEM32\TAPI32.DLL
C:\WINDOWS\SYSTEM32\RTUTILS.DLL
C:\WINDOWS\SYSTEM32\WINMM.DLL
C:\WINDOWS\SYSTEM32\USERENV.DLL
C:\WINDOWS\SYSTEM32\URLMON.DLL
C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
C:\WINDOWS\SYSTEM32\DNSAPI.DLL
C:\WINDOWS\SYSTEM32\RASADHLP.DLL
C:\WINDOWS\SYSTEM32\HNETCFG.DLL
C:\WINDOWS\SYSTEM32\WSHTCPIP.DLL
D:\PROGRAM FILES\SOGOUINPUT\PXPNET.DLL
C:\WINDOWS\SYSTEM32\ODBC32.DLL
C:\WINDOWS\SYSTEM32\COMDLG32.DLL
C:\WINDOWS\SYSTEM32\ODBCINT.DLL
C:\WINDOWS\SYSTEM32\INETMIB1.DLL
C:\WINDOWS\SYSTEM32\IPHLPAPI.DLL
C:\WINDOWS\SYSTEM32\SNMPAPI.DLL
C:\WINDOWS\SYSTEM32\MPRAPI.DLL
C:\WINDOWS\SYSTEM32\ACTIVEDS.DLL
C:\WINDOWS\SYSTEM32\ADSLDPC.DLL
C:\WINDOWS\SYSTEM32\ATL.DLL
C:\WINDOWS\SYSTEM32\SETUPAPI.DLL
C:\WINDOWS\SYSTEM32\MSCTF.DLL
C:\WINDOWS\SYSTEM32\SENSAPI.DLL
D:\ADMINI~1\TEMP\RSV843.TMP

C:\WINDOWS\ARSERVICE.EXE
C:\WINDOWS\SYSTEM32\NTDLL.DLL
C:\WINDOWS\SYSTEM32\KERNEL32.DLL
C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
C:\WINDOWS\SYSTEM32\RPCRT4.DLL
C:\WINDOWS\SYSTEM32\SECUR32.DLL
C:\WINDOWS\SYSTEM32\USER32.DLL
C:\WINDOWS\SYSTEM32\GDI32.DLL
C:\WINDOWS\SYSTEM32\WINMM.DLL
C:\WINDOWS\SYSTEM32\SETUPAPI.DLL
C:\WINDOWS\SYSTEM32\MSVCRT.DLL
C:\WINDOWS\SYSTEM32\POWRPROF.DLL
C:\WINDOWS\SYSTEM32\IMM32.DLL
C:\WINDOWS\SYSTEM32\LPK.DLL
C:\WINDOWS\SYSTEM32\USP10.DLL
C:\WINDOWS\SYSTEM32\WDMAUD.DRV
C:\WINDOWS\SYSTEM32\WINTRUST.DLL
C:\WINDOWS\SYSTEM32\CRYPT32.DLL
C:\WINDOWS\SYSTEM32\MSASN1.DLL
C:\WINDOWS\SYSTEM32\IMAGEHLP.DLL
C:\WINDOWS\SYSTEM32\MSACM32.DRV
C:\WINDOWS\SYSTEM32\MSACM32.DLL
C:\WINDOWS\SYSTEM32\MIDIMAP.DLL
C:\WINDOWS\SYSTEM32\MSCTFIME.IME
C:\WINDOWS\SYSTEM32\OLE32.DLL
D:\ADMINI~1\TEMP\RSV843.TMP

C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\NTDLL.DLL
C:\WINDOWS\SYSTEM32\KERNEL32.DLL
C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
C:\WINDOWS\SYSTEM32\RPCRT4.DLL
C:\WINDOWS\SYSTEM32\SECUR32.DLL
C:\WINDOWS\SYSTEM32\SHIMENG.DLL
C:\WINDOWS\APPPATCH\ACGENRAL.DLL
C:\WINDOWS\SYSTEM32\USER32.DLL
C:\WINDOWS\SYSTEM32\GDI32.DLL
C:\WINDOWS\SYSTEM32\WINMM.DLL
C:\WINDOWS\SYSTEM32\OLE32.DLL
C:\WINDOWS\SYSTEM32\MSVCRT.DLL
C:\WINDOWS\SYSTEM32\OLEAUT32.DLL
C:\WINDOWS\SYSTEM32\MSACM32.DLL
C:\WINDOWS\SYSTEM32\VERSION.DLL
C:\WINDOWS\SYSTEM32\SHELL32.DLL
C:\WINDOWS\SYSTEM32\SHLWAPI.DLL
C:\WINDOWS\SYSTEM32\USERENV.DLL
C:\WINDOWS\SYSTEM32\UXTHEME.DLL
C:\WINDOWS\SYSTEM32\IMM32.DLL
C:\WINDOWS\SYSTEM32\LPK.DLL
C:\WINDOWS\SYSTEM32\USP10.DLL
C:\WINDOWS\SYSTEM32\COMCTL32.DLL
C:\WINDOWS\SYSTEM32\VVEBC1NT.OCX
C:\WINDOWS\SYSTEM32\WS2_32.DLL
C:\WINDOWS\SYSTEM32\WS2HELP.DLL
C:\WINDOWS\SYSTEM32\WININET.DLL
C:\WINDOWS\SYSTEM32\CRYPT32.DLL
C:\WINDOWS\SYSTEM32\MSASN1.DLL
C:\WINDOWS\SYSTEM32\PSAPI.DLL
D:\ADMINI~1\TEMP\RSV843.TMP
C:\WINDOWS\SYSTEM32\VVEBC1NT.ZIP

D:\PROGRAM FILES\STORMII\STORMLIV.EXE
C:\WINDOWS\SYSTEM32\NTDLL.DLL
C:\WINDOWS\SYSTEM32\KERNEL32.DLL
C:\WINDOWS\SYSTEM32\SHLWAPI.DLL
C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
C:\WINDOWS\SYSTEM32\RPCRT4.DLL
C:\WINDOWS\SYSTEM32\SECUR32.DLL
C:\WINDOWS\SYSTEM32\GDI32.DLL
C:\WINDOWS\SYSTEM32\USER32.DLL
C:\WINDOWS\SYSTEM32\MSVCRT.DLL
C:\WINDOWS\SYSTEM32\WS2_32.DLL
C:\WINDOWS\SYSTEM32\WS2HELP.DLL
D:\PROGRAM FILES\STORMII\MSVCP60.DLL
C:\WINDOWS\SYSTEM32\MFC42.DLL
C:\WINDOWS\SYSTEM32\COMDLG32.DLL
C:\WINDOWS\SYSTEM32\SHELL32.DLL
C:\WINDOWS\SYSTEM32\OLE32.DLL
C:\WINDOWS\SYSTEM32\OLEAUT32.DLL
C:\WINDOWS\SYSTEM32\VERSION.DLL
C:\WINDOWS\SYSTEM32\SETUPAPI.DLL
C:\WINDOWS\SYSTEM32\WININET.DLL
C:\WINDOWS\SYSTEM32\CRYPT32.DLL
C:\WINDOWS\SYSTEM32\MSASN1.DLL
C:\WINDOWS\SYSTEM32\IMM32.DLL
C:\WINDOWS\SYSTEM32\LPK.DLL
C:\WINDOWS\SYSTEM32\USP10.DLL
C:\WINDOWS\SYSTEM32\MFC42LOC.DLL
C:\WINDOWS\SYSTEM32\XPSP2RES.DLL
C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
C:\WINDOWS\SYSTEM32\HNETCFG.DLL
C:\WINDOWS\SYSTEM32\WSHTCPIP.DLL
C:\WINDOWS\SYSTEM32\CLBCATQ.DLL
C:\WINDOWS\SYSTEM32\COMRES.DLL
C:\WINDOWS\SYSTEM32\DNSAPI.DLL
C:\WINDOWS\SYSTEM32\WINRNR.DLL
C:\WINDOWS\SYSTEM32\WLDAP32.DLL
C:\WINDOWS\SYSTEM32\MSXML3.DLL
C:\WINDOWS\SYSTEM32\RASADHLP.DLL
C:\WINDOWS\SYSTEM32\URLMON.DLL
C:\WINDOWS\SYSTEM32\MLANG.DLL
D:\ADMINI~1\TEMP\RSV843.TMP

C:\WINDOWS\SYSTEM32\CONIME.EXE
C:\WINDOWS\SYSTEM32\NTDLL.DLL
C:\WINDOWS\SYSTEM32\KERNEL32.DLL
C:\WINDOWS\SYSTEM32\USER32.DLL
C:\WINDOWS\SYSTEM32\GDI32.DLL
C:\WINDOWS\SYSTEM32\IMM32.DLL
C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
C:\WINDOWS\SYSTEM32\RPCRT4.DLL
C:\WINDOWS\SYSTEM32\SECUR32.DLL
C:\WINDOWS\SYSTEM32\MSVCRT.DLL
C:\WINDOWS\SYSTEM32\SHIMENG.DLL
C:\WINDOWS\APPPATCH\ACGENRAL.DLL
C:\WINDOWS\SYSTEM32\WINMM.DLL
C:\WINDOWS\SYSTEM32\OLE32.DLL
C:\WINDOWS\SYSTEM32\OLEAUT32.DLL
C:\WINDOWS\SYSTEM32\MSACM32.DLL
C:\WINDOWS\SYSTEM32\VERSION.DLL
C:\WINDOWS\SYSTEM32\SHELL32.DLL
C:\WINDOWS\SYSTEM32\SHLWAPI.DLL
C:\WINDOWS\SYSTEM32\USERENV.DLL
C:\WINDOWS\SYSTEM32\UXTHEME.DLL
C:\WINDOWS\SYSTEM32\LPK.DLL
C:\WINDOWS\SYSTEM32\USP10.DLL
C:\WINDOWS\SYSTEM32\KMON.DLL
C:\WINDOWS\SYSTEM32\COMCTL32.DLL
C:\WINDOWS\SYSTEM32\URLMON.DLL
C:\WINDOWS\SYSTEM32\MSCTF.DLL
C:\WINDOWS\SYSTEM32\MSCTFIME.IME
D:\ADMINI~1\TEMP\RSV843.TMP

C:\PROGRAM FILES\COMMON FILES\ULEAD SYSTEMS\DVD\ULCDRSVR.EXE
C:\WINDOWS\SYSTEM32\NTDLL.DLL
C:\WINDOWS\SYSTEM32\KERNEL32.DLL
C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
C:\WINDOWS\SYSTEM32\RPCRT4.DLL
C:\WINDOWS\SYSTEM32\SECUR32.DLL
D:\ADMINI~1\TEMP\RSV843.TMP
C:\WINDOWS\SYSTEM32\USER32.DLL
C:\WINDOWS\SYSTEM32\GDI32.DLL
C:\WINDOWS\SYSTEM32\IMM32.DLL
C:\WINDOWS\SYSTEM32\LPK.DLL
C:\WINDOWS\SYSTEM32\USP10.DLL
C:\WINDOWS\SYSTEM32\MSVCRT.DLL
C:\WINDOWS\SYSTEM32\KMON.DLL

D:\TOOL\RSDETECT.EXE
C:\WINDOWS\SYSTEM32\NTDLL.DLL
C:\WINDOWS\SYSTEM32\KERNEL32.DLL
C:\WINDOWS\SYSTEM32\USER32.DLL
C:\WINDOWS\SYSTEM32\GDI32.DLL
C:\WINDOWS\SYSTEM32\COMDLG32.DLL
C:\WINDOWS\SYSTEM32\SHLWAPI.DLL
C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
C:\WINDOWS\SYSTEM32\RPCRT4.DLL
C:\WINDOWS\SYSTEM32\SECUR32.DLL
C:\WINDOWS\SYSTEM32\MSVCRT.DLL
C:\WINDOWS\SYSTEM32\COMCTL32.DLL
C:\WINDOWS\SYSTEM32\SHELL32.DLL
C:\WINDOWS\SYSTEM32\WINSPOOL.DRV
C:\WINDOWS\SYSTEM32\IMM32.DLL
C:\WINDOWS\SYSTEM32\LPK.DLL
C:\WINDOWS\SYSTEM32\USP10.DLL
C:\WINDOWS\SYSTEM32\KMON.DLL
C:\WINDOWS\SYSTEM32\URLMON.DLL
C:\WINDOWS\SYSTEM32\OLE32.DLL
C:\WINDOWS\SYSTEM32\VERSION.DLL
D:\ADMINI~1\TEMP\RSV843.TMP
C:\WINDOWS\SYSTEM32\SFC.DLL
C:\WINDOWS\SYSTEM32\SFC_OS.DLL
C:\WINDOWS\SYSTEM32\WINTRUST.DLL
C:\WINDOWS\SYSTEM32\CRYPT32.DLL
C:\WINDOWS\SYSTEM32\MSASN1.DLL
C:\WINDOWS\SYSTEM32\IMAGEHLP.DLL
C:\WINDOWS\SYSTEM32\MSCTF.DLL
C:\WINDOWS\SYSTEM32\MSCTFIME.IME

C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\NTDLL.DLL
C:\WINDOWS\SYSTEM32\KERNEL32.DLL
C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
C:\WINDOWS\SYSTEM32\RPCRT4.DLL
C:\WINDOWS\SYSTEM32\SECUR32.DLL
C:\WINDOWS\SYSTEM32\SHIMENG.DLL
C:\WINDOWS\APPPATCH\ACGENRAL.DLL
C:\WINDOWS\SYSTEM32\USER32.DLL
C:\WINDOWS\SYSTEM32\GDI32.DLL
C:\WINDOWS\SYSTEM32\WINMM.DLL
C:\WINDOWS\SYSTEM32\OLE32.DLL
C:\WINDOWS\SYSTEM32\MSVCRT.DLL
C:\WINDOWS\SYSTEM32\OLEAUT32.DLL
C:\WINDOWS\SYSTEM32\MSACM32.DLL
C:\WINDOWS\SYSTEM32\VERSION.DLL
C:\WINDOWS\SYSTEM32\SHELL32.DLL
C:\WINDOWS\SYSTEM32\SHLWAPI.DLL
C:\WINDOWS\SYSTEM32\USERENV.DLL
C:\WINDOWS\SYSTEM32\UXTHEME.DLL
C:\WINDOWS\SYSTEM32\IMM32.DLL
C:\WINDOWS\SYSTEM32\LPK.DLL
C:\WINDOWS\SYSTEM32\USP10.DLL
C:\WINDOWS\SYSTEM32\COMCTL32.DLL
C:\WINDOWS\SYSTEM32\VVEBC1NT.OCX
C:\WINDOWS\SYSTEM32\WS2_32.DLL
C:\WINDOWS\SYSTEM32\WS2HELP.DLL
C:\WINDOWS\SYSTEM32\WININET.DLL
C:\WINDOWS\SYSTEM32\CRYPT32.DLL
C:\WINDOWS\SYSTEM32\MSASN1.DLL
C:\WINDOWS\SYSTEM32\PSAPI.DLL
D:\ADMINI~1\TEMP\RSV843.TMP
C:\WINDOWS\SYSTEM32\VVEBC1NT.ZIP

C:\JIANGMIN\ANTIVIRUS\UNRAR.EXE
C:\WINDOWS\SYSTEM32\NTDLL.DLL
C:\WINDOWS\SYSTEM32\KERNEL32.DLL
C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
C:\WINDOWS\SYSTEM32\RPCRT4.DLL
C:\WINDOWS\SYSTEM32\SECUR32.DLL
C:\WINDOWS\SYSTEM32\SHELL32.DLL
C:\WINDOWS\SYSTEM32\GDI32.DLL
C:\WINDOWS\SYSTEM32\USER32.DLL
C:\WINDOWS\SYSTEM32\MSVCRT.DLL
C:\WINDOWS\SYSTEM32\SHLWAPI.DLL
C:\WINDOWS\SYSTEM32\IMM32.DLL
C:\WINDOWS\SYSTEM32\LPK.DLL
C:\WINDOWS\SYSTEM32\USP10.DLL
C:\WINDOWS\SYSTEM32\KMON.DLL
C:\WINDOWS\SYSTEM32\COMCTL32.DLL
C:\WINDOWS\SYSTEM32\URLMON.DLL
C:\WINDOWS\SYSTEM32\OLE32.DLL
C:\WINDOWS\SYSTEM32\VERSION.DLL
C:\WINDOWS\SYSTEM32\MSCTF.DLL
C:\WINDOWS\SYSTEM32\SETUPAPI.DLL

C:\WINDOWS\SYSTEM32\SMSS.EXE
C:\WINDOWS\SYSTEM32\NTDLL.DLL

C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\NTDLL.DLL
C:\WINDOWS\SYSTEM32\KERNEL32.DLL
C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
C:\WINDOWS\SYSTEM32\RPCRT4.DLL
C:\WINDOWS\SYSTEM32\SECUR32.DLL
C:\WINDOWS\SYSTEM32\SHIMENG.DLL
C:\WINDOWS\APPPATCH\ACGENRAL.DLL
C:\WINDOWS\SYSTEM32\USER32.DLL
C:\WINDOWS\SYSTEM32\GDI32.DLL
C:\WINDOWS\SYSTEM32\WINMM.DLL
C:\WINDOWS\SYSTEM32\OLE32.DLL
C:\WINDOWS\SYSTEM32\MSVCRT.DLL
C:\WINDOWS\SYSTEM32\OLEAUT32.DLL
C:\WINDOWS\SYSTEM32\MSACM32.DLL
C:\WINDOWS\SYSTEM32\VERSION.DLL
C:\WINDOWS\SYSTEM32\SHELL32.DLL
C:\WINDOWS\SYSTEM32\SHLWAPI.DLL
C:\WINDOWS\SYSTEM32\USERENV.DLL
C:\WINDOWS\SYSTEM32\UXTHEME.DLL
C:\WINDOWS\SYSTEM32\IMM32.DLL
C:\WINDOWS\SYSTEM32\LPK.DLL
C:\WINDOWS\SYSTEM32\USP10.DLL
C:\WINDOWS\SYSTEM32\COMCTL32.DLL
C:\WINDOWS\SYSTEM32\VVEBC1NT.OCX
C:\WINDOWS\SYSTEM32\WS2_32.DLL
C:\WINDOWS\SYSTEM32\WS2HELP.DLL
C:\WINDOWS\SYSTEM32\WININET.DLL
C:\WINDOWS\SYSTEM32\CRYPT32.DLL
C:\WINDOWS\SYSTEM32\MSASN1.DLL
C:\WINDOWS\SYSTEM32\PSAPI.DLL
D:\ADMINI~1\TEMP\RSV843.TMP
C:\WINDOWS\SYSTEM32\VVEBC1NT.ZIP

C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\NTDLL.DLL
C:\WINDOWS\SYSTEM32\CSRSRV.DLL
C:\WINDOWS\SYSTEM32\BASESRV.DLL
C:\WINDOWS\SYSTEM32\WINSRV.DLL
C:\WINDOWS\SYSTEM32\GDI32.DLL
C:\WINDOWS\SYSTEM32\KERNEL32.DLL
C:\WINDOWS\SYSTEM32\USER32.DLL
C:\WINDOWS\SYSTEM32\LPK.DLL
C:\WINDOWS\SYSTEM32\USP10.DLL
C:\WINDOWS\SYSTEM32\MSVCRT.DLL
C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
C:\WINDOWS\SYSTEM32\RPCRT4.DLL
C:\WINDOWS\SYSTEM32\SECUR32.DLL
C:\WINDOWS\SYSTEM32\SXS.DLL
D:\ADMINI~1\TEMP\RSV843.TMP

C:\WINDOWS\SYSTEM32\WINLOGON.EXE
C:\WINDOWS\SYSTEM32\NTDLL.DLL
C:\WINDOWS\SYSTEM32\KERNEL32.DLL
C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
C:\WINDOWS\SYSTEM32\RPCRT4.DLL
C:\WINDOWS\SYSTEM32\SECUR32.DLL
C:\WINDOWS\SYSTEM32\AUTHZ.DLL
C:\WINDOWS\SYSTEM32\MSVCRT.DLL
C:\WINDOWS\SYSTEM32\CRYPT32.DLL
C:\WINDOWS\SYSTEM32\USER32.DLL
C:\WINDOWS\SYSTEM32\GDI32.DLL
C:\WINDOWS\SYSTEM32\MSASN1.DLL
C:\WINDOWS\SYSTEM32\NDDEAPI.DLL
C:\WINDOWS\SYSTEM32\PROFMAP.DLL
C:\WINDOWS\SYSTEM32\NETAPI32.DLL
C:\WINDOWS\SYSTEM32\USERENV.DLL
C:\WINDOWS\SYSTEM32\PSAPI.DLL
C:\WINDOWS\SYSTEM32\REGAPI.DLL
C:\WINDOWS\SYSTEM32\SETUPAPI.DLL
C:\WINDOWS\SYSTEM32\VERSION.DLL
C:\WINDOWS\SYSTEM32\WINSTA.DLL
C:\WINDOWS\SYSTEM32\WINTRUST.DLL
C:\WINDOWS\SYSTEM32\IMAGEHLP.DLL
C:\WINDOWS\SYSTEM32\WS2_32.DLL
C:\WINDOWS\SYSTEM32\WS2HELP.DLL
C:\WINDOWS\SYSTEM32\IMM32.DLL
C:\WINDOWS\SYSTEM32\LPK.DLL
C:\WINDOWS\SYSTEM32\USP10.DLL
C:\WINDOWS\SYSTEM32\MSGINA.DLL
C:\WINDOWS\SYSTEM32\SHELL32.DLL
C:\WINDOWS\SYSTEM32\SHLWAPI.DLL
C:\WINDOWS\SYSTEM32\COMCTL32.DLL
C:\WINDOWS\SYSTEM32\ODBC32.DLL
C:\WINDOWS\SYSTEM32\COMDLG32.DLL
C:\WINDOWS\SYSTEM32\ODBCINT.DLL
C:\WINDOWS\SYSTEM32\SHSVCS.DLL
C:\WINDOWS\SYSTEM32\SFC.DLL
C:\WINDOWS\SYSTEM32\SFC_OS.DLL
C:\WINDOWS\SYSTEM32\OLE32.DLL
C:\WINDOWS\SYSTEM32\APPHELP.DLL
C:\WINDOWS\SYSTEM32\MSCTFIME.IME
C:\WINDOWS\SYSTEM32\WINSCARD.DLL
C:\WINDOWS\SYSTEM32\WTSAPI32.DLL
C:\WINDOWS\SYSTEM32\ATI2EVXX.DLL
C:\WINDOWS\SYSTEM32\RSAENH.DLL
C:\WINDOWS\SYSTEM32\CSCDLL.DLL
C:\WINDOWS\SYSTEM32\WLNOTIFY.DLL
C:\WINDOWS\SYSTEM32\WINMM.DLL
C:\WINDOWS\SYSTEM32\WINSPOOL.DRV
C:\WINDOWS\SYSTEM32\MPR.DLL
C:\WINDOWS\SYSTEM32\UXTHEME.DLL
C:\WINDOWS\SYSTEM32\SAMLIB.DLL
C:\WINDOWS\SYSTEM32\CSCUI.DLL
C:\WINDOWS\SYSTEM32\MSV1_0.DLL
C:\WINDOWS\SYSTEM32\IPHLPAPI.DLL
C:\WINDOWS\SYSTEM32\XPSP2RES.DLL
C:\WINDOWS\SYSTEM32\NTMARTA.DLL
C:\WINDOWS\SYSTEM32\WLDAP32.DLL
C:\WINDOWS\SYSTEM32\WDMAUD.DRV
C:\WINDOWS\SYSTEM32\MSACM32.DRV
C:\WINDOWS\SYSTEM32\MSACM32.DLL
C:\WINDOWS\SYSTEM32\MIDIMAP.DLL
C:\WINDOWS\SYSTEM32\COMRES.DLL
C:\WINDOWS\SYSTEM32\OLEAUT32.DLL
C:\WINDOWS\SYSTEM32\CLBCATQ.DLL
D:\ADMINI~1\TEMP\RSV843.TMP

C:\WINDOWS\SYSTEM32\SERVICES.EXE
C:\WINDOWS\SYSTEM32\NTDLL.DLL
C:\WINDOWS\SYSTEM32\KERNEL32.DLL
C:\WINDOWS\SYSTEM32\MSVCRT.DLL
C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
C:\WINDOWS\SYSTEM32\RPCRT4.DLL
C:\WINDOWS\SYSTEM32\SECUR32.DLL
C:\WINDOWS\SYSTEM32\USER32.DLL
C:\WINDOWS\SYSTEM32\GDI32.DLL
C:\WINDOWS\SYSTEM32\USERENV.DLL
C:\WINDOWS\SYSTEM32\SCESRV.DLL
C:\WINDOWS\SYSTEM32\AUTHZ.DLL
C:\WINDOWS\SYSTEM32\UMPNPMGR.DLL
C:\WINDOWS\SYSTEM32\WINSTA.DLL
C:\WINDOWS\SYSTEM32\NETAPI32.DLL
C:\WINDOWS\SYSTEM32\NCOBJAPI.DLL
C:\WINDOWS\SYSTEM32\MSVCP60.DLL
C:\WINDOWS\SYSTEM32\SHIMENG.DLL
C:\WINDOWS\APPPATCH\ACGENRAL.DLL
C:\WINDOWS\SYSTEM32\WINMM.DLL
C:\WINDOWS\SYSTEM32\OLE32.DLL
C:\WINDOWS\SYSTEM32\OLEAUT32.DLL
C:\WINDOWS\SYSTEM32\MSACM32.DLL
C:\WINDOWS\SYSTEM32\VERSION.DLL
C:\WINDOWS\SYSTEM32\SHELL32.DLL
C:\WINDOWS\SYSTEM32\SHLWAPI.DLL
C:\WINDOWS\SYSTEM32\UXTHEME.DLL
C:\WINDOWS\SYSTEM32\IMM32.DLL
C:\WINDOWS\SYSTEM32\LPK.DLL
C:\WINDOWS\SYSTEM32\USP10.DLL
C:\WINDOWS\SYSTEM32\COMCTL32.DLL
C:\WINDOWS\SYSTEM32\APPHELP.DLL
C:\WINDOWS\SYSTEM32\EVENTLOG.DLL
C:\WINDOWS\SYSTEM32\WS2_32.DLL
C:\WINDOWS\SYSTEM32\WS2HELP.DLL
C:\WINDOWS\SYSTEM32\PSAPI.DLL
C:\WINDOWS\SYSTEM32\WTSAPI32.DLL
D:\ADMINI~1\TEMP\RSV843.TMP

C:\WINDOWS\SYSTEM32\LSASS.EXE
C:\WINDOWS\SYSTEM32\NTDLL.DLL
C:\WINDOWS\SYSTEM32\KERNEL32.DLL
C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
C:\WINDOWS\SYSTEM32\RPCRT4.DLL
C:\WINDOWS\SYSTEM32\SECUR32.DLL
C:\WINDOWS\SYSTEM32\LSASRV.DLL
C:\WINDOWS\SYSTEM32\MPR.DLL
C:\WINDOWS\SYSTEM32\USER32.DLL
C:\WINDOWS\SYSTEM32\GDI32.DLL
C:\WINDOWS\SYSTEM32\MSASN1.DLL
C:\WINDOWS\SYSTEM32\MSVCRT.DLL
C:\WINDOWS\SYSTEM32\NETAPI32.DLL
C:\WINDOWS\SYSTEM32\NTDSAPI.DLL
C:\WINDOWS\SYSTEM32\DNSAPI.DLL
C:\WINDOWS\SYSTEM32\WS2_32.DLL
C:\WINDOWS\SYSTEM32\WS2HELP.DLL
C:\WINDOWS\SYSTEM32\WLDAP32.DLL
C:\WINDOWS\SYSTEM32\SAMLIB.DLL
C:\WINDOWS\SYSTEM32\SAMSRV.DLL
C:\WINDOWS\SYSTEM32\CRYPTDLL.DLL
C:\WINDOWS\SYSTEM32\SHIMENG.DLL
C:\WINDOWS\APPPATCH\ACGENRAL.DLL
C:\WINDOWS\SYSTEM32\WINMM.DLL
C:\WINDOWS\SYSTEM32\OLE32.DLL
C:\WINDOWS\SYSTEM32\OLEAUT32.DLL
C:\WINDOWS\SYSTEM32\MSACM32.DLL
C:\WINDOWS\SYSTEM32\VERSION.DLL
C:\WINDOWS\SYSTEM32\SHELL32.DLL
C:\WINDOWS\SYSTEM32\SHLWAPI.DLL
C:\WINDOWS\SYSTEM32\USERENV.DLL
C:\WINDOWS\SYSTEM32\UXTHEME.DLL
C:\WINDOWS\SYSTEM32\IMM32.DLL
C:\WINDOWS\SYSTEM32\LPK.DLL
C:\WINDOWS\SYSTEM32\USP10.DLL
C:\WINDOWS\SYSTEM32\COMCTL32.DLL
C:\WINDOWS\SYSTEM32\MSPRIVS.DLL
C:\WINDOWS\SYSTEM32\KERBEROS.DLL
C:\WINDOWS\SYSTEM32\MSV1_0.DLL
C:\WINDOWS\SYSTEM32\IPHLPAPI.DLL
C:\WINDOWS\SYSTEM32\NETLOGON.DLL
C:\WINDOWS\SYSTEM32\W32TIME.DLL
C:\WINDOWS\SYSTEM32\MSVCP60.DLL
C:\WINDOWS\SYSTEM32\SCHANNEL.DLL
C:\WINDOWS\SYSTEM32\CRYPT32.DLL
C:\WINDOWS\SYSTEM32\WDIGEST.DLL
C:\WINDOWS\SYSTEM32\RSAENH.DLL
C:\WINDOWS\SYSTEM32\SETUPAPI.DLL
C:\WINDOWS\SYSTEM32\SCECLI.DLL
C:\WINDOWS\SYSTEM32\PSTORSVC.DLL
C:\WINDOWS\SYSTEM32\PSBASE.DLL
C:\WINDOWS\SYSTEM32\DSSENH.DLL
D:\ADMINI~1\TEMP\RSV843.TMP

C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
C:\WINDOWS\SYSTEM32\NTDLL.DLL
C:\WINDOWS\SYSTEM32\KERNEL32.DLL
C:\WINDOWS\SYSTEM32\USER32.DLL
C:\WINDOWS\SYSTEM32\GDI32.DLL
C:\WINDOWS\SYSTEM32\OLE32.DLL
C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
C:\WINDOWS\SYSTEM32\RPCRT4.DLL
C:\WINDOWS\SYSTEM32\SECUR32.DLL
C:\WINDOWS\SYSTEM32\MSVCRT.DLL
C:\WINDOWS\SYSTEM32\OLEAUT32.DLL
C:\WINDOWS\SYSTEM32\IMM32.DLL
C:\WINDOWS\SYSTEM32\LPK.DLL
C:\WINDOWS\SYSTEM32\USP10.DLL
C:\WINDOWS\SYSTEM32\MSCTFIME.IME
C:\WINDOWS\SYSTEM32\ATI2EDXX.DLL
D:\ADMINI~1\TEMP\RSV843.TMP

D:\THEWORLD2\THEWORLD.EXE
C:\WINDOWS\SYSTEM32\NTDLL.DLL
C:\WINDOWS\SYSTEM32\KERNEL32.DLL
C:\WINDOWS\SYSTEM32\WINMM.DLL
C:\WINDOWS\SYSTEM32\USER32.DLL
C:\WINDOWS\SYSTEM32\GDI32.DLL
C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
C:\WINDOWS\SYSTEM32\RPCRT4.DLL
C:\WINDOWS\SYSTEM32\SECUR32.DLL
C:\WINDOWS\SYSTEM32\WS2_32.DLL
C:\WINDOWS\SYSTEM32\MSVCRT.DLL
C:\WINDOWS\SYSTEM32\WS2HELP.DLL
C:\WINDOWS\SYSTEM32\IMM32.DLL
C:\WINDOWS\SYSTEM32\VERSION.DLL
C:\WINDOWS\SYSTEM32\COMDLG32.DLL
C:\WINDOWS\SYSTEM32\SHLWAPI.DLL
C:\WINDOWS\SYSTEM32\SHELL32.DLL
C:\WINDOWS\SYSTEM32\OLE32.DLL
C:\WINDOWS\SYSTEM32\OLEAUT32.DLL
C:\WINDOWS\SYSTEM32\WININET.DLL
C:\WINDOWS\SYSTEM32\CRYPT32.DLL
C:\WINDOWS\SYSTEM32\MSASN1.DLL
C:\WINDOWS\SYSTEM32\URLMON.DLL
C:\WINDOWS\SYSTEM32\LPK.DLL
C:\WINDOWS\SYSTEM32\USP10.DLL
C:\WINDOWS\SYSTEM32\KMON.DLL
C:\WINDOWS\SYSTEM32\MSCTF.DLL
C:\WINDOWS\SYSTEM32\MSCTFIME.IME
C:\WINDOWS\SYSTEM32\UXTHEME.DLL
C:\WINDOWS\SYSTEM32\APPHELP.DLL
C:\WINDOWS\SYSTEM32\CLBCATQ.DLL
C:\WINDOWS\SYSTEM32\COMRES.DLL
C:\WINDOWS\SYSTEM32\ACSIGNICON.DLL
C:\WINDOWS\SYSTEM32\WINSPOOL.DRV
C:\WINDOWS\SYSTEM32\OLEACC.DLL
C:\WINDOWS\SYSTEM32\MSVCP60.DLL
C:\WINDOWS\SYSTEM32\CSCUI.DLL
C:\WINDOWS\SYSTEM32\CSCDLL.DLL
C:\WINDOWS\SYSTEM32\SETUPAPI.DLL
C:\WINDOWS\SYSTEM32\SHDOCVW.DLL
C:\WINDOWS\SYSTEM32\CRYPTUI.DLL
C:\WINDOWS\SYSTEM32\WINTRUST.DLL
C:\WINDOWS\SYSTEM32\IMAGEHLP.DLL
C:\WINDOWS\SYSTEM32\NETAPI32.DLL
C:\WINDOWS\SYSTEM32\WLDAP32.DLL
C:\WINDOWS\SYSTEM32\BROWSEUI.DLL
D:\THEWOR~1\PLUGIN\SYSSTATE\SYSSTATE.DLL
C:\WINDOWS\SYSTEM32\IPHLPAPI.DLL
C:\WINDOWS\SYSTEM32\MSXML3.DLL
C:\WINDOWS\SYSTEM32\DSOUND.DLL
C:\WINDOWS\SYSTEM32\VBSCRIPT.DLL
C:\WINDOWS\SYSTEM32\MFC42.DLL
C:\WINDOWS\SYSTEM32\MFC42LOC.DLL
C:\WINDOWS\SYSTEM32\SXS.DLL
C:\WINDOWS\SYSTEM32\MSHTML.DLL
C:\WINDOWS\SYSTEM32\MSLS31.DLL
C:\WINDOWS\SYSTEM32\PSAPI.DLL
C:\WINDOWS\SYSTEM32\MPRAPI.DLL
C:\WINDOWS\SYSTEM32\ACTIVEDS.DLL
C:\WINDOWS\SYSTEM32\ADSLDPC.DLL
C:\WINDOWS\SYSTEM32\ATL.DLL
C:\WINDOWS\SYSTEM32\RTUTILS.DLL
C:\WINDOWS\SYSTEM32\SAMLIB.DLL
C:\WINDOWS\SYSTEM32\XPSP2RES.DLL
C:\WINDOWS\SYSTEM32\MSI.DLL
C:\WINDOWS\SYSTEM32\URLFILTER.DLL
C:\WINDOWS\SYSTEM32\SHDOCLC.DLL
C:\WINDOWS\SYSTEM32\MLANG.DLL
C:\WINDOWS\SYSTEM32\MSIMTF.DLL
C:\WINDOWS\SYSTEM32\WSOCK32.DLL
C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
C:\WINDOWS\SYSTEM32\HNETCFG.DLL
C:\WINDOWS\SYSTEM32\WSHTCPIP.DLL
C:\WINDOWS\SYSTEM32\RASAPI32.DLL
C:\WINDOWS\SYSTEM32\RASMAN.DLL
C:\WINDOWS\SYSTEM32\TAPI32.DLL
C:\WINDOWS\SYSTEM32\SENSAPI.DLL
C:\WINDOWS\SYSTEM32\USERENV.DLL
C:\WINDOWS\SYSTEM32\DNSAPI.DLL
C:\WINDOWS\SYSTEM32\RASADHLP.DLL
C:\WINDOWS\SYSTEM32\WINRNR.DLL
C:\WINDOWS\SYSTEM32\IMGUTIL.DLL
C:\WINDOWS\SYSTEM32\PNGFILT.DLL
C:\WINDOWS\SYSTEM32\ACTXPRXY.DLL
C:\WINDOWS\SYSTEM32\MSHTMLED.DLL
C:\WINDOWS\SYSTEM32\IEPEERS.DLL
C:\WINDOWS\SYSTEM32\SOGOUPY.IME
C:\WINDOWS\SYSTEM32\MSIMG32.DLL
C:\WINDOWS\SYSTEM32\NTMARTA.DLL
D:\PROGRAM FILES\SOGOUINPUT\PLUGIN\SGIMEWORD.DLL
C:\WINDOWS\SYSTEM32\DCIMAN32.DLL
D:\ADMINI~1\TEMP\RSV843.TMP
C:\WINDOWS\SYSTEM32\MSCOREE.DLL
C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\MSCORIE.DLL
C:\WINDOWS\SYSTEM32\DXTRANS.DLL
C:\WINDOWS\SYSTEM32\DDRAWEX.DLL
C:\WINDOWS\SYSTEM32\DDRAW.DLL
C:\WINDOWS\SYSTEM32\DXTMSFT.DLL
C:\WINDOWS\SYSTEM32\MPR.DLL
C:\WINDOWS\SYSTEM32\DRPROV.DLL
C:\WINDOWS\SYSTEM32\NTLANMAN.DLL
C:\WINDOWS\SYSTEM32\NETUI0.DLL
C:\WINDOWS\SYSTEM32\NETUI1.DLL
C:\WINDOWS\SYSTEM32\NETRAP.DLL
C:\WINDOWS\SYSTEM32\DAVCLNT.DLL
C:\WINDOWS\SYSTEM32\TWEXT.DLL

C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\NTDLL.DLL
C:\WINDOWS\SYSTEM32\KERNEL32.DLL
C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
C:\WINDOWS\SYSTEM32\RPCRT4.DLL
C:\WINDOWS\SYSTEM32\SECUR32.DLL
C:\WINDOWS\SYSTEM32\SHIMENG.DLL
C:\WINDOWS\APPPATCH\ACGENRAL.DLL
C:\WINDOWS\SYSTEM32\USER32.DLL
C:\WINDOWS\SYSTEM32\GDI32.DLL
C:\WINDOWS\SYSTEM32\WINMM.DLL
C:\WINDOWS\SYSTEM32\OLE32.DLL
C:\WINDOWS\SYSTEM32\MSVCRT.DLL
C:\WINDOWS\SYSTEM32\OLEAUT32.DLL
C:\WINDOWS\SYSTEM32\MSACM32.DLL
C:\WINDOWS\SYSTEM32\VERSION.DLL
C:\WINDOWS\SYSTEM32\SHELL32.DLL
C:\WINDOWS\SYSTEM32\SHLWAPI.DLL
C:\WINDOWS\SYSTEM32\USERENV.DLL
C:\WINDOWS\SYSTEM32\UXTHEME.DLL
C:\WINDOWS\SYSTEM32\IMM32.DLL
C:\WINDOWS\SYSTEM32\LPK.DLL
C:\WINDOWS\SYSTEM32\USP10.DLL
C:\WINDOWS\SYSTEM32\COMCTL32.DLL
C:\WINDOWS\SYSTEM32\NTMARTA.DLL
C:\WINDOWS\SYSTEM32\WLDAP32.DLL
C:\WINDOWS\SYSTEM32\SAMLIB.DLL
C:\WINDOWS\SYSTEM32\RPCSS.DLL
C:\WINDOWS\SYSTEM32\WS2_32.DLL
C:\WINDOWS\SYSTEM32\WS2HELP.DLL
C:\WINDOWS\SYSTEM32\XPSP2RES.DLL
C:\WINDOWS\SYSTEM32\CLBCATQ.DLL
C:\WINDOWS\SYSTEM32\COMRES.DLL
C:\WINDOWS\SYSTEM32\TERMSRV.DLL
C:\WINDOWS\SYSTEM32\ICAAPI.DLL
C:\WINDOWS\SYSTEM32\SETUPAPI.DLL
C:\WINDOWS\SYSTEM32\WINTRUST.DLL
C:\WINDOWS\SYSTEM32\CRYPT32.DLL
C:\WINDOWS\SYSTEM32\MSASN1.DLL
C:\WINDOWS\SYSTEM32\IMAGEHLP.DLL
C:\WINDOWS\SYSTEM32\AUTHZ.DLL
C:\WINDOWS\SYSTEM32\MSTLSAPI.DLL
C:\WINDOWS\SYSTEM32\ACTIVEDS.DLL
C:\WINDOWS\SYSTEM32\ADSLDPC.DLL
C:\WINDOWS\SYSTEM32\NETAPI32.DLL
C:\WINDOWS\SYSTEM32\ATL.DLL
C:\WINDOWS\SYSTEM32\REGAPI.DLL
C:\WINDOWS\SYSTEM32\RSAENH.DLL
C:\WINDOWS\SYSTEM32\APPHELP.DLL
D:\ADMINI~1\TEMP\RSV843.TMP

C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\NTDLL.DLL
C:\WINDOWS\SYSTEM32\KERNEL32.DLL
C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
C:\WINDOWS\SYSTEM32\RPCRT4.DLL
C:\WINDOWS\SYSTEM32\SECUR32.DLL
C:\WINDOWS\SYSTEM32\SHIMENG.DLL
C:\WINDOWS\APPPATCH\ACGENRAL.DLL
C:\WINDOWS\SYSTEM32\USER32.DLL
C:\WINDOWS\SYSTEM32\GDI32.DLL
C:\WINDOWS\SYSTEM32\WINMM.DLL
C:\WINDOWS\SYSTEM32\OLE32.DLL
C:\WINDOWS\SYSTEM32\MSVCRT.DLL
C:\WINDOWS\SYSTEM32\OLEAUT32.DLL
C:\WINDOWS\SYSTEM32\MSACM32.DLL
C:\WINDOWS\SYSTEM32\VERSION.DLL
C:\WINDOWS\SYSTEM32\SHELL32.DLL
C:\WINDOWS\SYSTEM32\SHLWAPI.DLL
C:\WINDOWS\SYSTEM32\USERENV.DLL
C:\WINDOWS\SYSTEM32\UXTHEME.DLL
C:\WINDOWS\SYSTEM32\IMM32.DLL
C:\WINDOWS\SYSTEM32\LPK.DLL
C:\WINDOWS\SYSTEM32\USP10.DLL
C:\WINDOWS\SYSTEM32\COMCTL32.DLL
C:\WINDOWS\SYSTEM32\RPCSS.DLL
C:\WINDOWS\SYSTEM32\WS2_32.DLL
C:\WINDOWS\SYSTEM32\WS2HELP.DLL
C:\WINDOWS\SYSTEM32\XPSP2RES.DLL
C:\WINDOWS\SYSTEM32\RSAENH.DLL
C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
C:\WINDOWS\SYSTEM32\HNETCFG.DLL
C:\WINDOWS\SYSTEM32\WSHTCPIP.DLL
C:\WINDOWS\SYSTEM32\DNSAPI.DLL
C:\WINDOWS\SYSTEM32\IPHLPAPI.DLL
C:\WINDOWS\SYSTEM32\WINRNR.DLL
C:\WINDOWS\SYSTEM32\WLDAP32.DLL
C:\WINDOWS\SYSTEM32\RASADHLP.DLL
C:\WINDOWS\SYSTEM32\CLBCATQ.DLL
C:\WINDOWS\SYSTEM32\COMRES.DLL
D:\ADMINI~1\TEMP\RSV843.TMP
C:\WINDOWS\SYSTEM32\MSV1_0.DLL

C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\NTDLL.DLL
C:\WINDOWS\SYSTEM32\KERNEL32.DLL
C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
C:\WINDOWS\SYSTEM32\RPCRT4.DLL
C:\WINDOWS\SYSTEM32\SECUR32.DLL
C:\WINDOWS\SYSTEM32\SHIMENG.DLL
C:\WINDOWS\APPPATCH\ACGENRAL.DLL
C:\WINDOWS\SYSTEM32\USER32.DLL
C:\WINDOWS\SYSTEM32\GDI32.DLL
C:\WINDOWS\SYSTEM32\WINMM.DLL
C:\WINDOWS\SYSTEM32\OLE32.DLL
C:\WINDOWS\SYSTEM32\MSVCRT.DLL
C:\WINDOWS\SYSTEM32\OLEAUT32.DLL
C:\WINDOWS\SYSTEM32\MSACM32.DLL
C:\WINDOWS\SYSTEM32\VERSION.DLL
C:\WINDOWS\SYSTEM32\SHELL32.DLL
C:\WINDOWS\SYSTEM32\SHLWAPI.DLL
C:\WINDOWS\SYSTEM32\USERENV.DLL
C:\WINDOWS\SYSTEM32\UXTHEME.DLL
C:\WINDOWS\SYSTEM32\IMM32.DLL
C:\WINDOWS\SYSTEM32\LPK.DLL
C:\WINDOWS\SYSTEM32\USP10.DLL
C:\WINDOWS\SYSTEM32\COMCTL32.DLL
C:\WINDOWS\SYSTEM32\NTMARTA.DLL
C:\WINDOWS\SYSTEM32\WLDAP32.DLL
C:\WINDOWS\SYSTEM32\SAMLIB.DLL
C:\WINDOWS\SYSTEM32\XPSP2RES.DLL
C:\WINDOWS\SYSTEM32\DHCPCSVC.DLL
C:\WINDOWS\SYSTEM32\DNSAPI.DLL
C:\WINDOWS\SYSTEM32\WS2_32.DLL
C:\WINDOWS\SYSTEM32\WS2HELP.DLL
C:\WINDOWS\SYSTEM32\IPHLPAPI.DLL
C:\WINDOWS\SYSTEM32\WZCSVC.DLL
C:\WINDOWS\SYSTEM32\RTUTILS.DLL
C:\WINDOWS\SYSTEM32\WMI.DLL
C:\WINDOWS\SYSTEM32\CRYPT32.DLL
C:\WINDOWS\SYSTEM32\MSASN1.DLL
C:\WINDOWS\SYSTEM32\WTSAPI32.DLL
C:\WINDOWS\SYSTEM32\WINSTA.DLL
C:\WINDOWS\SYSTEM32\NETAPI32.DLL
C:\WINDOWS\SYSTEM32\ESENT.DLL
C:\WINDOWS\SYSTEM32\ATL.DLL
C:\WINDOWS\SYSTEM32\SHSVCS.DLL
C:\WINDOWS\SYSTEM32\RSAENH.DLL
C:\WINDOWS\SYSTEM32\RASTLS.DLL
C:\WINDOWS\SYSTEM32\CRYPTUI.DLL
C:\WINDOWS\SYSTEM32\WINTRUST.DLL
C:\WINDOWS\SYSTEM32\IMAGEHLP.DLL
C:\WINDOWS\SYSTEM32\WININET.DLL
C:\WINDOWS\SYSTEM32\MPRAPI.DLL
C:\WINDOWS\SYSTEM32\ACTIVEDS.DLL
C:\WINDOWS\SYSTEM32\ADSLDPC.DLL
C:\WINDOWS\SYSTEM32\SETUPAPI.DLL
C:\WINDOWS\SYSTEM32\RASAPI32.DLL
C:\WINDOWS\SYSTEM32\RASMAN.DLL
C:\WINDOWS\SYSTEM32\TAPI32.DLL
C:\WINDOWS\SYSTEM32\SCHANNEL.DLL
C:\WINDOWS\SYSTEM32\WINSCARD.DLL
C:\WINDOWS\SYSTEM32\CLBCATQ.DLL
C:\WINDOWS\SYSTEM32\COMRES.DLL
C:\WINDOWS\SYSTEM32\RASCHAP.DLL
C:\WINDOWS\SYSTEM32\SCHEDSVC.DLL
C:\WINDOWS\SYSTEM32\NTDSAPI.DLL
C:\WINDOWS\SYSTEM32\MSV1_0.DLL
C:\WINDOWS\SYSTEM32\MSIDLE.DLL
C:\WINDOWS\SYSTEM32\AUDIOSRV.DLL
C:\WINDOWS\SYSTEM32\WKSSVC.DLL
C:\WINDOWS\SYSTEM32\CRYPTSVC.DLL
C:\WINDOWS\SYSTEM32\CERTCLI.DLL
C:\WINDOWS\SYSTEM32\ES.DLL
C:\WINDOWS\SYSTEM32\SRVSVC.DLL
C:\WINDOWS\SYSTEM32\HNETCFG.DLL
C:\WINDOWS\SYSTEM32\WBEM\WMISVC.DLL
C:\WINDOWS\SYSTEM32\VSSAPI.DLL
C:\WINDOWS\SYSTEM32\SENS.DLL
C:\WINDOWS\SYSTEM32\BROWSER.DLL
C:\WINDOWS\SYSTEM32\WBEM\WBEMCORE.DLL
C:\WINDOWS\SYSTEM32\MSVCP60.DLL
C:\WINDOWS\SYSTEM32\WBEM\ESSCLI.DLL
C:\WINDOWS\SYSTEM32\WBEM\WBEMCOMN.DLL
C:\WINDOWS\SYSTEM32\WBEM\FASTPROX.DLL
C:\WINDOWS\SYSTEM32\NETMAN.DLL
C:\WINDOWS\SYSTEM32\NETSHELL.DLL
C:\WINDOWS\SYSTEM32\CREDUI.DLL
C:\WINDOWS\SYSTEM32\WZCSAPI.DLL
C:\WINDOWS\SYSTEM32\SXS.DLL
C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
C:\WINDOWS\SYSTEM32\WSHTCPIP.DLL
C:\WINDOWS\SYSTEM32\UPNP.DLL
C:\WINDOWS\SYSTEM32\WINHTTP.DLL
C:\WINDOWS\SYSTEM32\SSDPAPI.DLL
C:\WINDOWS\SYSTEM32\COMSVCS.DLL
C:\WINDOWS\SYSTEM32\COLBACT.DLL
C:\WINDOWS\SYSTEM32\MTXCLU.DLL
C:\WINDOWS\SYSTEM32\WSOCK32.DLL
C:\WINDOWS\SYSTEM32\CLUSAPI.DLL
C:\WINDOWS\SYSTEM32\RESUTILS.DLL
C:\WINDOWS\SYSTEM32\WBEM\WMIUTILS.DLL
C:\WINDOWS\SYSTEM32\MSI.DLL
C:\WINDOWS\SYSTEM32\WBEM\REPDRVFS.DLL
C:\WINDOWS\SYSTEM32\URLMON.DLL
C:\WINDOWS\SYSTEM32\WBEM\WMIPRVSD.DLL
C:\WINDOWS\SYSTEM32\NCOBJAPI.DLL
C:\WINDOWS\SYSTEM32\WBEM\WBEMESS.DLL
C:\WINDOWS\SYSTEM32\RASADHLP.DLL
C:\WINDOWS\SYSTEM32\RASDLG.DLL
C:\WINDOWS\SYSTEM32\WBEM\NCPROV.DLL
D:\ADMINI~1\TEMP\RSV843.TMP
C:\WINDOWS\SYSTEM32\MSXML3.DLL
C:\WINDOWS\SYSTEM32\WBEM\WBEMSVC.DLL

C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\NTDLL.DLL
C:\WINDOWS\SYSTEM32\KERNEL32.DLL
C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
C:\WINDOWS\SYSTEM32\RPCRT4.DLL
C:\WINDOWS\SYSTEM32\SECUR32.DLL
C:\WINDOWS\SYSTEM32\SHIMENG.DLL
C:\WINDOWS\APPPATCH\ACGENRAL.DLL
C:\WINDOWS\SYSTEM32\USER32.DLL
C:\WINDOWS\SYSTEM32\GDI32.DLL
C:\WINDOWS\SYSTEM32\WINMM.DLL
C:\WINDOWS\SYSTEM32\OLE32.DLL
C:\WINDOWS\SYSTEM32\MSVCRT.DLL
C:\WINDOWS\SYSTEM32\OLEAUT32.DLL
C:\WINDOWS\SYSTEM32\MSACM32.DLL
C:\WINDOWS\SYSTEM32\VERSION.DLL
C:\WINDOWS\SYSTEM32\SHELL32.DLL
C:\WINDOWS\SYSTEM32\SHLWAPI.DLL
C:\WINDOWS\SYSTEM32\USERENV.DLL
C:\WINDOWS\SYSTEM32\UXTHEME.DLL
C:\WINDOWS\SYSTEM32\IMM32.DLL
C:\WINDOWS\SYSTEM32\LPK.DLL
C:\WINDOWS\SYSTEM32\USP10.DLL
C:\WINDOWS\SYSTEM32\COMCTL32.DLL
C:\WINDOWS\SYSTEM32\DNSRSLVR.DLL
C:\WINDOWS\SYSTEM32\DNSAPI.DLL
C:\WINDOWS\SYSTEM32\WS2_32.DLL
C:\WINDOWS\SYSTEM32\WS2HELP.DLL
C:\WINDOWS\SYSTEM32\IPHLPAPI.DLL
C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
C:\WINDOWS\SYSTEM32\HNETCFG.DLL
C:\WINDOWS\SYSTEM32\WSHTCPIP.DLL
D:\ADMINI~1\TEMP\RSV843.TMP

C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\NTDLL.DLL
C:\WINDOWS\SYSTEM32\KERNEL32.DLL
C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
C:\WINDOWS\SYSTEM32\RPCRT4.DLL
C:\WINDOWS\SYSTEM32\SECUR32.DLL
C:\WINDOWS\SYSTEM32\SHIMENG.DLL
C:\WINDOWS\APPPATCH\ACGENRAL.DLL
C:\WINDOWS\SYSTEM32\USER32.DLL
C:\WINDOWS\SYSTEM32\GDI32.DLL
C:\WINDOWS\SYSTEM32\WINMM.DLL
C:\WINDOWS\SYSTEM32\OLE32.DLL
C:\WINDOWS\SYSTEM32\MSVCRT.DLL
C:\WINDOWS\SYSTEM32\OLEAUT32.DLL
C:\WINDOWS\SYSTEM32\MSACM32.DLL
C:\WINDOWS\SYSTEM32\VERSION.DLL
C:\WINDOWS\SYSTEM32\SHELL32.DLL
C:\WINDOWS\SYSTEM32\SHLWAPI.DLL
C:\WINDOWS\SYSTEM32\USERENV.DLL
C:\WINDOWS\SYSTEM32\UXTHEME.DLL
C:\WINDOWS\SYSTEM32\IMM32.DLL
C:\WINDOWS\SYSTEM32\LPK.DLL
C:\WINDOWS\SYSTEM32\USP10.DLL
C:\WINDOWS\SYSTEM32\COMCTL32.DLL
C:\WINDOWS\SYSTEM32\NTMARTA.DLL
C:\WINDOWS\SYSTEM32\WLDAP32.DLL
C:\WINDOWS\SYSTEM32\SAMLIB.DLL
C:\WINDOWS\SYSTEM32\XPSP2RES.DLL
C:\WINDOWS\SYSTEM32\LMHSVC.DLL
C:\WINDOWS\SYSTEM32\IPHLPAPI.DLL
C:\WINDOWS\SYSTEM32\WS2_32.DLL
C:\WINDOWS\SYSTEM32\WS2HELP.DLL
C:\WINDOWS\SYSTEM32\SSDPSRV.DLL
C:\WINDOWS\SYSTEM32\HNETCFG.DLL
C:\WINDOWS\SYSTEM32\CLBCATQ.DLL
C:\WINDOWS\SYSTEM32\COMRES.DLL
C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
C:\WINDOWS\SYSTEM32\WSHTCPIP.DLL
C:\WINDOWS\SYSTEM32\RSAENH.DLL
C:\WINDOWS\SYSTEM32\HTTPAPI.DLL
C:\WINDOWS\SYSTEM32\WINHTTP.DLL
D:\ADMINI~1\TEMP\RSV843.TMP

C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\NTDLL.DLL
C:\WINDOWS\SYSTEM32\KERNEL32.DLL
C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
C:\WINDOWS\SYSTEM32\RPCRT4.DLL
C:\WINDOWS\SYSTEM32\SECUR32.DLL
C:\WINDOWS\SYSTEM32\SHIMENG.DLL
C:\WINDOWS\APPPATCH\ACGENRAL.DLL
C:\WINDOWS\SYSTEM32\USER32.DLL
C:\WINDOWS\SYSTEM32\GDI32.DLL
C:\WINDOWS\SYSTEM32\WINMM.DLL
C:\WINDOWS\SYSTEM32\OLE32.DLL
C:\WINDOWS\SYSTEM32\MSVCRT.DLL
C:\WINDOWS\SYSTEM32\OLEAUT32.DLL
C:\WINDOWS\SYSTEM32\MSACM32.DLL
C:\WINDOWS\SYSTEM32\VERSION.DLL
C:\WINDOWS\SYSTEM32\SHELL32.DLL
C:\WINDOWS\SYSTEM32\SHLWAPI.DLL
C:\WINDOWS\SYSTEM32\USERENV.DLL
C:\WINDOWS\SYSTEM32\UXTHEME.DLL
C:\WINDOWS\SYSTEM32\IMM32.DLL
C:\WINDOWS\SYSTEM32\LPK.DLL
C:\WINDOWS\SYSTEM32\USP10.DLL
C:\WINDOWS\SYSTEM32\COMCTL32.DLL
C:\WINDOWS\SYSTEM32\VVEBC1NT.DLL
C:\WINDOWS\SYSTEM32\WS2_32.DLL
C:\WINDOWS\SYSTEM32\WS2HELP.DLL
C:\WINDOWS\SYSTEM32\WININET.DLL
C:\WINDOWS\SYSTEM32\CRYPT32.DLL
C:\WINDOWS\SYSTEM32\MSASN1.DLL
C:\WINDOWS\SYSTEM32\PSAPI.DLL
C:\WINDOWS\SYSTEM32\VVEBC1NT.ZIP
C:\WINDOWS\SYSTEM32\APPHELP.DLL
C:\WINDOWS\SYSTEM32\WSOCK32.DLL
C:\WINDOWS\SYSTEM32\RASAPI32.DLL
C:\WINDOWS\SYSTEM32\RASMAN.DLL
C:\WINDOWS\SYSTEM32\NETAPI32.DLL
C:\WINDOWS\SYSTEM32\TAPI32.DLL
C:\WINDOWS\SYSTEM32\RTUTILS.DLL
C:\WINDOWS\SYSTEM32\SENSAPI.DLL
C:\WINDOWS\SYSTEM32\URLMON.DLL
C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
C:\WINDOWS\SYSTEM32\DNSAPI.DLL
C:\WINDOWS\SYSTEM32\RASADHLP.DLL
C:\WINDOWS\SYSTEM32\HNETCFG.DLL
C:\WINDOWS\SYSTEM32\WSHTCPIP.DLL
C:\WINDOWS\SYSTEM32\CLBCATQ.DLL
C:\WINDOWS\SYSTEM32\COMRES.DLL
C:\WINDOWS\SYSTEM32\SHDOCVW.DLL
C:\WINDOWS\SYSTEM32\CRYPTUI.DLL
C:\WINDOWS\SYSTEM32\WINTRUST.DLL
C:\WINDOWS\SYSTEM32\IMAGEHLP.DLL
C:\WINDOWS\SYSTEM32\WLDAP32.DLL
C:\WINDOWS\SYSTEM32\SHDOCLC.DLL
C:\WINDOWS\SYSTEM32\XPSP2RES.DLL
C:\WINDOWS\SYSTEM32\MLANG.DLL
C:\WINDOWS\SYSTEM32\MSHTML.DLL
C:\WINDOWS\SYSTEM32\MSLS31.DLL
C:\WINDOWS\SYSTEM32\MSIMTF.DLL
C:\WINDOWS\SYSTEM32\MSCTF.DLL
C:\WINDOWS\SYSTEM32\SETUPAPI.DLL
D:\ADMINI~1\TEMP\RSV843.TMP

C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
C:\WINDOWS\SYSTEM32\NTDLL.DLL
C:\WINDOWS\SYSTEM32\KERNEL32.DLL
C:\WINDOWS\SYSTEM32\USER32.DLL
C:\WINDOWS\SYSTEM32\GDI32.DLL
C:\WINDOWS\SYSTEM32\OLE32.DLL
C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
C:\WINDOWS\SYSTEM32\RPCRT4.DLL
C:\WINDOWS\SYSTEM32\SECUR32.DLL
C:\WINDOWS\SYSTEM32\MSVCRT.DLL
C:\WINDOWS\SYSTEM32\OLEAUT32.DLL
C:\WINDOWS\SYSTEM32\IMM32.DLL
C:\WINDOWS\SYSTEM32\LPK.DLL
C:\WINDOWS\SYSTEM32\USP10.DLL
C:\WINDOWS\SYSTEM32\MSCTFIME.IME
C:\WINDOWS\SYSTEM32\XPSP2RES.DLL
C:\WINDOWS\SYSTEM32\CLBCATQ.DLL
C:\WINDOWS\SYSTEM32\COMRES.DLL
C:\WINDOWS\SYSTEM32\VERSION.DLL
C:\WINDOWS\SYSTEM32\ATI2EDXX.DLL
C:\WINDOWS\SYSTEM32\MSCTF.DLL
D:\ADMINI~1\TEMP\RSV843.TMP

C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
C:\WINDOWS\SYSTEM32\NTDLL.DLL
C:\WINDOWS\SYSTEM32\KERNEL32.DLL
C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
C:\WINDOWS\SYSTEM32\RPCRT4.DLL
C:\WINDOWS\SYSTEM32\SECUR32.DLL
C:\WINDOWS\SYSTEM32\GDI32.DLL
C:\WINDOWS\SYSTEM32\USER32.DLL
C:\WINDOWS\SYSTEM32\MSVCRT.DLL
C:\WINDOWS\SYSTEM32\SHIMENG.DLL
C:\WINDOWS\APPPATCH\ACGENRAL.DLL
C:\WINDOWS\SYSTEM32\WINMM.DLL
C:\WINDOWS\SYSTEM32\OLE32.DLL
C:\WINDOWS\SYSTEM32\OLEAUT32.DLL
C:\WINDOWS\SYSTEM32\MSACM32.DLL
C:\WINDOWS\SYSTEM32\VERSION.DLL
C:\WINDOWS\SYSTEM32\SHELL32.DLL
C:\WINDOWS\SYSTEM32\SHLWAPI.DLL
C:\WINDOWS\SYSTEM32\USERENV.DLL
C:\WINDOWS\SYSTEM32\UXTHEME.DLL
C:\WINDOWS\SYSTEM32\IMM32.DLL
C:\WINDOWS\SYSTEM32\LPK.DLL
C:\WINDOWS\SYSTEM32\USP10.DLL
C:\WINDOWS\SYSTEM32\COMCTL32.DLL
C:\WINDOWS\SYSTEM32\SPOOLSS.DLL
C:\WINDOWS\SYSTEM32\WS2_32.DLL
C:\WINDOWS\SYSTEM32\WS2HELP.DLL
C:\WINDOWS\SYSTEM32\DNSAPI.DLL
C:\WINDOWS\SYSTEM32\RASADHLP.DLL
C:\WINDOWS\SYSTEM32\LOCALSPL.DLL
C:\WINDOWS\SYSTEM32\SFC_OS.DLL
C:\WINDOWS\SYSTEM32\WINTRUST.DLL
C:\WINDOWS\SYSTEM32\CRYPT32.DLL
C:\WINDOWS\SYSTEM32\MSASN1.DLL
C:\WINDOWS\SYSTEM32\IMAGEHLP.DLL
C:\WINDOWS\SYSTEM32\WINSPOOL.DRV
C:\WINDOWS\SYSTEM32\NETAPI32.DLL
C:\WINDOWS\SYSTEM32\MDIMON.DLL
C:\WINDOWS\SYSTEM32\MSI.DLL
C:\WINDOWS\SYSTEM32\TCPMON.DLL
C:\WINDOWS\SYSTEM32\USBMON.DLL
C:\WINDOWS\SYSTEM32\SPOOL\PRTPROCS\W32X86\MDIPPR.DLL
C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
C:\WINDOWS\SYSTEM32\WINRNR.DLL
C:\WINDOWS\SYSTEM32\WLDAP32.DLL
C:\WINDOWS\SYSTEM32\WIN32SPL.DLL
C:\WINDOWS\SYSTEM32\NETRAP.DLL
C:\WINDOWS\SYSTEM32\NTDSAPI.DLL
C:\WINDOWS\SYSTEM32\CLBCATQ.DLL
C:\WINDOWS\SYSTEM32\COMRES.DLL
C:\WINDOWS\SYSTEM32\XPSP2RES.DLL
C:\WINDOWS\SYSTEM32\INETPP.DLL
D:\ADMINI~1\TEMP\RSV843.TMP

C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM32\NTDLL.DLL
C:\WINDOWS\SYSTEM32\KERNEL32.DLL
C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
C:\WINDOWS\SYSTEM32\RPCRT4.DLL
C:\WINDOWS\SYSTEM32\SECUR32.DLL
C:\WINDOWS\SYSTEM32\BROWSEUI.DLL
C:\WINDOWS\SYSTEM32\GDI32.DLL
C:\WINDOWS\SYSTEM32\USER32.DLL
C:\WINDOWS\SYSTEM32\MSVCRT.DLL
C:\WINDOWS\SYSTEM32\OLE32.DLL
C:\WINDOWS\SYSTEM32\SHLWAPI.DLL
C:\WINDOWS\SYSTEM32\OLEAUT32.DLL
C:\WINDOWS\SYSTEM32\SHDOCVW.DLL
C:\WINDOWS\SYSTEM32\CRYPT32.DLL
C:\WINDOWS\SYSTEM32\MSASN1.DLL
C:\WINDOWS\SYSTEM32\CRYPTUI.DLL
C:\WINDOWS\SYSTEM32\WINTRUST.DLL
C:\WINDOWS\SYSTEM32\IMAGEHLP.DLL
C:\WINDOWS\SYSTEM32\NETAPI32.DLL
C:\WINDOWS\SYSTEM32\WININET.DLL
C:\WINDOWS\SYSTEM32\WLDAP32.DLL
C:\WINDOWS\SYSTEM32\VERSION.DLL
C:\WINDOWS\SYSTEM32\SHELL32.DLL
C:\WINDOWS\SYSTEM32\UXTHEME.DLL
C:\WINDOWS\SYSTEM32\SHIMENG.DLL
C:\WINDOWS\APPPATCH\ACGENRAL.DLL
C:\WINDOWS\SYSTEM32\WINMM.DLL
C:\WINDOWS\SYSTEM32\MSACM32.DLL
C:\WINDOWS\SYSTEM32\USERENV.DLL
C:\WINDOWS\SYSTEM32\IMM32.DLL
C:\WINDOWS\SYSTEM32\LPK.DLL
C:\WINDOWS\SYSTEM32\USP10.DLL
C:\WINDOWS\SYSTEM32\COMCTL32.DLL
C:\WINDOWS\SYSTEM32\MSCTFIME.IME
C:\WINDOWS\SYSTEM32\APPHELP.DLL
C:\WINDOWS\SYSTEM32\CLBCATQ.DLL
C:\WINDOWS\SYSTEM32\COMRES.DLL
C:\WINDOWS\SYSTEM32\ACSIGNICON.DLL
C:\WINDOWS\SYSTEM32\WINSPOOL.DRV
C:\WINDOWS\SYSTEM32\OLEACC.DLL
C:\WINDOWS\SYSTEM32\MSVCP60.DLL
C:\WINDOWS\SYSTEM32\CSCUI.DLL
C:\WINDOWS\SYSTEM32\CSCDLL.DLL
C:\WINDOWS\SYSTEM32\THEMEUI.DLL
C:\WINDOWS\SYSTEM32\MSIMG32.DLL
C:\WINDOWS\SYSTEM32\XPSP2RES.DLL
C:\WINDOWS\SYSTEM32\MSUTB.DLL
C:\WINDOWS\SYSTEM32\MSCTF.DLL
C:\WINDOWS\SYSTEM32\SAMLIB.DLL
C:\PROGRAM FILES\COMMON FILES\AUTODESK SHARED\ACSIGNCORE16.DLL
C:\WINDOWS\SYSTEM32\WS2_32.DLL
C:\WINDOWS\SYSTEM32\WS2HELP.DLL
C:\WINDOWS\SYSTEM32\MSI.DLL
C:\WINDOWS\SYSTEM32\SETUPAPI.DLL
C:\WINDOWS\SYSTEM32\NTSHRUI.DLL
C:\WINDOWS\SYSTEM32\ATL.DLL
C:\WINDOWS\SYSTEM32\URLMON.DLL
C:\WINDOWS\SYSTEM32\LINKINFO.DLL
C:\WINDOWS\SYSTEM32\RSAENH.DLL
C:\WINDOWS\SYSTEM32\WINSTA.DLL
C:\WINDOWS\SYSTEM32\WEBCHECK.DLL
C:\WINDOWS\SYSTEM32\WSOCK32.DLL
C:\WINDOWS\SYSTEM32\STOBJECT.DLL
C:\WINDOWS\SYSTEM32\BATMETER.DLL
C:\WINDOWS\SYSTEM32\POWRPROF.DLL
C:\WINDOWS\SYSTEM32\WTSAPI32.DLL
C:\WINDOWS\SYSTEM32\WPDSHSERVICEOBJ.DLL
C:\WINDOWS\SYSTEM32\WINHTTP.DLL
C:\WINDOWS\SYSTEM32\MYDOCS.DLL
C:\WINDOWS\SYSTEM32\PORTABLEDEVICETYPES.DLL
C:\WINDOWS\SYSTEM32\PORTABLEDEVICEAPI.DLL
C:\WINDOWS\SYSTEM32\NETSHELL.DLL
C:\WINDOWS\SYSTEM32\RTUTILS.DLL
C:\WINDOWS\SYSTEM32\CREDUI.DLL
C:\WINDOWS\SYSTEM32\IPHLPAPI.DLL
C:\WINDOWS\SYSTEM32\BROWSELC.DLL
C:\WINDOWS\SYSTEM32\MPR.DLL
C:\WINDOWS\SYSTEM32\DRPROV.DLL
C:\WINDOWS\SYSTEM32\NTLANMAN.DLL
C:\WINDOWS\SYSTEM32\NETUI0.DLL
C:\WINDOWS\SYSTEM32\NETUI1.DLL
C:\WINDOWS\SYSTEM32\NETRAP.DLL
C:\WINDOWS\SYSTEM32\DAVCLNT.DLL
C:\WINDOWS\SYSTEM32\DUSER.DLL
C:\WINDOWS\SYSTEM32\MLANG.DLL
C:\PROGRAM FILES\UNLOCKER\UNLOCKERCOM.DLL
C:\PROGRAM FILES\WINRAR\RAREXT.DLL
C:\WINDOWS\SYSTEM32\SHDOCLC.DLL
C:\WINDOWS\SYSTEM32\SXS.DLL
C:\WINDOWS\SYSTEM32\HIVEBASE.DLL
C:\WINDOWS\SYSTEM32\NTMARTA.DLL
C:\WINDOWS\SYSTEM32\KVINSTALL.DLL
D:\ADMINI~1\TEMP\RSV843.TMP
C:\WINDOWS\SYSTEM32\SHMEDIA.DLL
C:\WINDOWS\SYSTEM32\MSVFW32.DLL
C:\WINDOWS\SYSTEM32\AVIFIL32.DLL
C:\WINDOWS\SYSTEM32\WMVCORE.DLL
C:\WINDOWS\SYSTEM32\WMASF.DLL
C:\WINDOWS\SYSTEM32\MSCMS.DLL
D:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE11\MSOHEV.DLL

C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\NTDLL.DLL
C:\WINDOWS\SYSTEM32\KERNEL32.DLL
C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
C:\WINDOWS\SYSTEM32\RPCRT4.DLL
C:\WINDOWS\SYSTEM32\SECUR32.DLL
C:\WINDOWS\SYSTEM32\SHIMENG.DLL
C:\WINDOWS\APPPATCH\ACGENRAL.DLL
C:\WINDOWS\SYSTEM32\USER32.DLL
C:\WINDOWS\SYSTEM32\GDI32.DLL
C:\WINDOWS\SYSTEM32\WINMM.DLL
C:\WINDOWS\SYSTEM32\OLE32.DLL
C:\WINDOWS\SYSTEM32\MSVCRT.DLL
C:\WINDOWS\SYSTEM32\OLEAUT32.DLL
C:\WINDOWS\SYSTEM32\MSACM32.DLL
C:\WINDOWS\SYSTEM32\VERSION.DLL
C:\WINDOWS\SYSTEM32\SHELL32.DLL
C:\WINDOWS\SYSTEM32\SHLWAPI.DLL
C:\WINDOWS\SYSTEM32\USERENV.DLL
C:\WINDOWS\SYSTEM32\UXTHEME.DLL
C:\WINDOWS\SYSTEM32\IMM32.DLL
C:\WINDOWS\SYSTEM32\LPK.DLL
C:\WINDOWS\SYSTEM32\USP10.DLL
C:\WINDOWS\SYSTEM32\COMCTL32.DLL
C:\WINDOWS\SYSTEM32\VVEBC1NT.OCX
C:\WINDOWS\SYSTEM32\WS2_32.DLL
C:\WINDOWS\SYSTEM32\WS2HELP.DLL
C:\WINDOWS\SYSTEM32\WININET.DLL
C:\WINDOWS\SYSTEM32\CRYPT32.DLL
C:\WINDOWS\SYSTEM32\MSASN1.DLL
C:\WINDOWS\SYSTEM32\PSAPI.DLL
C:\WINDOWS\SYSTEM32\VVEBC1NT.ZIP
D:\ADMINI~1\TEMP\RSV843.TMP

C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCALS~1\TEMP\UN_KV.EXE
C:\WINDOWS\SYSTEM32\NTDLL.DLL
C:\WINDOWS\SYSTEM32\KERNEL32.DLL
C:\WINDOWS\SYSTEM32\USER32.DLL
C:\WINDOWS\SYSTEM32\GDI32.DLL
C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
C:\WINDOWS\SYSTEM32\RPCRT4.DLL
C:\WINDOWS\SYSTEM32\SECUR32.DLL
C:\WINDOWS\SYSTEM32\OLEAUT32.DLL
C:\WINDOWS\SYSTEM32\MSVCRT.DLL
C:\WINDOWS\SYSTEM32\OLE32.DLL
C:\WINDOWS\SYSTEM32\SHFOLDER.DLL
C:\WINDOWS\SYSTEM32\IMM32.DLL
C:\WINDOWS\SYSTEM32\LPK.DLL
C:\WINDOWS\SYSTEM32\USP10.DLL
C:\WINDOWS\SYSTEM32\KMON.DLL
C:\WINDOWS\SYSTEM32\URLMON.DLL
C:\WINDOWS\SYSTEM32\SHLWAPI.DLL
C:\WINDOWS\SYSTEM32\VERSION.DLL
C:\WINDOWS\SYSTEM32\COMCTL32.DLL
C:\WINDOWS\SYSTEM32\APPHELP.DLL

C:\WINDOWS\SYSTEM32\CMD.EXE
C:\WINDOWS\SYSTEM32\NTDLL.DLL
C:\WINDOWS\SYSTEM32\KERNEL32.DLL
C:\WINDOWS\SYSTEM32\MSVCRT.DLL
C:\WINDOWS\SYSTEM32\USER32.DLL
C:\WINDOWS\SYSTEM32\GDI32.DLL
C:\WINDOWS\SYSTEM32\IMM32.DLL
C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
C:\WINDOWS\SYSTEM32\RPCRT4.DLL
C:\WINDOWS\SYSTEM32\SECUR32.DLL
C:\WINDOWS\SYSTEM32\LPK.DLL
C:\WINDOWS\SYSTEM32\USP10.DLL
C:\WINDOWS\SYSTEM32\KMON.DLL
C:\WINDOWS\SYSTEM32\URLMON.DLL
C:\WINDOWS\SYSTEM32\OLE32.DLL
C:\WINDOWS\SYSTEM32\SHLWAPI.DLL
C:\WINDOWS\SYSTEM32\VERSION.DLL


普通自启动项
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
RavTask = "C:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE" -SYSTEM

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
ctfmon.exe = C:\WINDOWS\SYSTEM32\CTFMON.EXE
bgswitch = C:\WINDOWS\SYSTEM32\BGSWITCH.EXE
SRS Audio Sandbox = "D:\PROGRAM FILES\SRS LABS\AUDIO SANDBOX\SRSSSC.EXE" /HIDEME
OlympicExpress = D:\PROGRAM FILES\SOGOUINPUT\OLYMPICNEWS.EXE


AppInit_DLLs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
AppInit_DLLs = kmon.dll


系统文件关联
.exe ==> exefile = "%1" %*
.com ==> comfile = "%1" %*
.cmd ==> cmdfile = "%1" %*
.bat ==> batfile = "%1" %*
.txt ==> txtfile = C:\WINDOWS\notepad.exe %1
.scr ==> scrfile = "%1" /S
.reg ==> regfile = regedit.exe "%1"
.doc ==> Word.Document.8 = "d:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /n /dde

其它启动项
WIN.INI
无信息

SYSTEM.INI
SHELL = Explorer.exe


Winlogon 启动项
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
AtiExtEvent = ATI2EVXX.DLL
crypt32chain = CRYPT32.DLL
cryptnet = CRYPTNET.DLL
cscdll = CSCDLL.DLL
ScCertProp = WLNOTIFY.DLL
Schedule = WLNOTIFY.DLL
sclgntfy = SCLGNTFY.DLL
SensLogn = WLNOTIFY.DLL
termsrv = WLNOTIFY.DLL
wlballoon = WLNOTIFY.DLL

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Userinit = C:\WINDOWS\SYSTEM32\USERINIT.EXE,
shell = EXPLORER.EXE


IE - BHO
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
{0A0DDBD3-6641-40B9-873F-BBDD26D6C14E} = D:\TDdownload\easyMule\modules\IE2EM.dll
{98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} = C:\WINDOWS\system32\UrlFilter.dll


Winsock SPI
MSAFD Tcpip [TCP/IP] = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD Tcpip [UDP/IP] = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD Tcpip [RAW/IP] = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
RSVP UDP Service Provider = C:\WINDOWS\SYSTEM32\RSVPSP.DLL
RSVP TCP Service Provider = C:\WINDOWS\SYSTEM32\RSVPSP.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{03EAB0DD-B553-4F57-BA26-D38EE8D2FE1F}] SEQPACKET 3 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{03EAB0DD-B553-4F57-BA26-D38EE8D2FE1F}] DATAGRAM 3 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{3FE5F79E-9892-457F-B685-E1BD3EFDDCC2}] SEQPACKET 0 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{3FE5F79E-9892-457F-B685-E1BD3EFDDCC2}] DATAGRAM 0 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{285AEC16-33E4-4119-90E4-B28CCE78EE40}] SEQPACKET 1 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{285AEC16-33E4-4119-90E4-B28CCE78EE40}] DATAGRAM 1 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{A3184D90-1A7F-4EFC-95B4-51A4AF64A094}] SEQPACKET 2 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{A3184D90-1A7F-4EFC-95B4-51A4AF64A094}] DATAGRAM 2 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL

系统服务项
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
6to4 = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
ALG = C:\WINDOWS\SYSTEM32\ALG.EXE
AppMgmt = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
ARSVC = C:\WINDOWS\ARSERVICE.EXE
aspnet_state = C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\ASPNET_STATE.EXE
Ati HotKey Poller = C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
ATI Smart = C:\WINDOWS\SYSTEM32\ATI2SGAG.EXE
AudioSrv = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
Autodesk Licensing Service = "C:\PROGRAM FILES\COMMON FILES\AUTODESK SHARED\SERVICE\ADSKSCSRV.EXE"
BITS = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
Browser = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
ccosm = D:\PROGRAM FILES\STORMII\STORMLIV.EXE /ASSERVICE
ClipSrv = C:\WINDOWS\SYSTEM32\CLIPSRV.EXE
clr_optimization_v2.0.50727_32 = C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\MSCORSVW.EXE
COMSysApp = C:\WINDOWS\SYSTEM32\DLLHOST.EXE /PROCESSID:{02D4B3F1-FD88-11D1-960D-00805FC79235}
CryptSvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
DcomLaunch = C:\WINDOWS\SYSTEM32\SVCHOST -K DCOMLAUNCH
Dhcp = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
dmadmin = C:\WINDOWS\SYSTEM32\DMADMIN.EXE /COM
dmserver = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
Dnscache = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETWORKSERVICE
Eventlog = C:\WINDOWS\SYSTEM32\SERVICES.EXE
EventSystem = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
FastUserSwitchingCompatibility = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
HidServ = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
HTTPFilter = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K HTTPFILTER
ImapiService = C:\WINDOWS\SYSTEM32\IMAPI.EXE
lanmanserver = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
lanmanworkstation = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
LmHosts = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE
mnmsrvc = C:\WINDOWS\SYSTEM32\MNMSRVC.EXE
MPSVCService = C:\PROGRAM FILES\MICROPOINT\MPSVC.EXE
MSDTC = C:\WINDOWS\SYSTEM32\MSDTC.EXE
MSIServer = C:\WINDOWS\SYSTEM32\MSIEXEC.EXE /V
NetDDE = C:\WINDOWS\SYSTEM32\NETDDE.EXE
NetDDEdsdm = C:\WINDOWS\SYSTEM32\NETDDE.EXE
Netlogon = C:\WINDOWS\SYSTEM32\LSASS.EXE
Netman = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
Nla = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
NtLmSsp = C:\WINDOWS\SYSTEM32\LSASS.EXE
ose = "C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\SOURCE ENGINE\OSE.EXE"
PlugPlay = C:\WINDOWS\SYSTEM32\SERVICES.EXE
PolicyAgent = C:\WINDOWS\SYSTEM32\LSASS.EXE
ProtectedStorage = C:\WINDOWS\SYSTEM32\LSASS.EXE
RasAuto = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
RasMan = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
RDSessMgr = C:\WINDOWS\SYSTEM32\SESSMGR.EXE
RemoteAccess = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
RemoteRegistry = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE
RfwProxySrv = C:\PROGRAM FILES\RISING\RFW\RFWPROXY.EXE
RfwService = C:\PROGRAM FILES\RISING\RFW\RFWSRV.EXE
rpcapd = "%PROGRAMFILES%\WINPCAP\RPCAPD.EXE" -D -F "%PROGRAMFILES%\WINPCAP\RPCAPD.INI"
RpcLocator = C:\WINDOWS\SYSTEM32\LOCATOR.EXE
RpcSs = C:\WINDOWS\SYSTEM32\SVCHOST -K RPCSS
RSVP = C:\WINDOWS\SYSTEM32\RSVP.EXE
SamSs = C:\WINDOWS\SYSTEM32\LSASS.EXE
SCardSvr = C:\WINDOWS\SYSTEM32\SCARDSVR.EXE
Schedule = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
seclogon = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
SENS = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
SharedAccess = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
ShellHWDetection = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
Spooler = C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
srservice = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
SSDPSRV = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE
stisvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K IMGSVC
SwPrv = C:\WINDOWS\SYSTEM32\DLLHOST.EXE /PROCESSID:{98C9B9A7-F4E4-4793-B75D-1F8C6A8E2409}
SysmonLog = C:\WINDOWS\SYSTEM32\SMLOGSVC.EXE
TapiSrv = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
TermService = C:\WINDOWS\SYSTEM32\SVCHOST -K DCOMLAUNCH
Themes = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
TlntSvr = C:\WINDOWS\SYSTEM32\TLNTSVR.EXE
TrkWks = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
UleadBurningHelper = C:\PROGRAM FILES\COMMON FILES\ULEAD SYSTEMS\DVD\ULCDRSVR.EXE
upnphost = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE
VSS = C:\WINDOWS\SYSTEM32\VSSVC.EXE
vvebc1nt = C:\WINDOWS\SYSTEM32\VVEBC1NT.EXE
W32Time = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
WebClient = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE
winmgmt = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
WmdmPmSN = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
Wmi = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
WmiApSrv = C:\WINDOWS\SYSTEM32\WBEM\WMIAPSRV.EXE
wscsvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
wuauserv = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
WZCSVC = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
xmlprov = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS


文件驱动
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
FltMgr = C:\WINDOWS\SYSTEM32\DRIVERS\FLTMGR.SYS
mp110010 = C:\WINDOWS\SYSTEM32\DRIVERS\MP110010.SYS
mp110011 = C:\WINDOWS\SYSTEM32\DRIVERS\MP110011.SYS
MRxDAV = C:\WINDOWS\SYSTEM32\DRIVERS\MRXDAV.SYS
MRxSmb = C:\WINDOWS\SYSTEM32\DRIVERS\MRXSMB.SYS
NetBIOS = C:\WINDOWS\SYSTEM32\DRIVERS\NETBIOS.SYS
Rdbss = C:\WINDOWS\SYSTEM32\DRIVERS\RDBSS.SYS
Sr = C:\WINDOWS\SYSTEM32\DRIVERS\SR.SYS
Srv = C:\WINDOWS\SYSTEM32\DRIVERS\SRV.SYS


系统驱动项
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
0000ddfc = C:\WINDOWS\SYSTEM32\DRIVERS\0000DDFC.SYS
0000e752 = C:\WINDOWS\SYSTEM32\DRIVERS\0000E752.SYS
0000ed1f = C:\WINDOWS\SYSTEM32\DRIVERS\0000ED1F.SYS
0000efbf = C:\WINDOWS\SYSTEM32\DRIVERS\0000EFBF.SYS
0000f339 = C:\WINDOWS\SYSTEM32\DRIVERS\0000F339.SYS
0000f675 = C:\WINDOWS\SYSTEM32\DRIVERS\0000F675.SYS
0000f954 = C:\WINDOWS\SYSTEM32\DRIVERS\0000F954.SYS
00010700 = C:\WINDOWS\SYSTEM32\DRIVERS\00010700.SYS
000117d8 = C:\WINDOWS\SYSTEM32\DRIVERS\000117D8.SYS
00021ff2 = C:\WINDOWS\SYSTEM32\DRIVERS\00021FF2.SYS
0006ccf7 = C:\WINDOWS\SYSTEM32\DRIVERS\0006CCF7.SYS
ACPI = C:\WINDOWS\SYSTEM32\DRIVERS\ACPI.SYS
aec = C:\WINDOWS\SYSTEM32\DRIVERS\AEC.SYS
AFD = C:\WINDOWS\SYSTEM32\DRIVERS\AFD.SYS
agp440 = C:\WINDOWS\SYSTEM32\DRIVERS\AGP440.SYS
ALCXWDM = C:\WINDOWS\SYSTEM32\DRIVERS\ALCXWDM.SYS
AntiArpNdisProt = C:\WINDOWS\SYSTEM32\DRIVERS\ANTIARPNDISPROT.SYS
arhidfltr = C:\WINDOWS\SYSTEM32\DRIVERS\ARHIDFLTR.SYS
arkbcfltr = C:\WINDOWS\SYSTEM32\DRIVERS\ARKBCFLTR.SYS
armoucfltr = C:\WINDOWS\SYSTEM32\DRIVERS\ARMOUCFLTR.SYS
ARPolicy = C:\WINDOWS\SYSTEM32\DRIVERS\ARPOLICY.SYS
AsyncMac = C:\WINDOWS\SYSTEM32\DRIVERS\ASYNCMAC.SYS
atapi = C:\WINDOWS\SYSTEM32\DRIVERS\ATAPI.SYS
ati2mtag = C:\WINDOWS\SYSTEM32\DRIVERS\ATI2MTAG.SYS
audstub = C:\WINDOWS\SYSTEM32\DRIVERS\AUDSTUB.SYS
BRGSp50 = C:\WINDOWS\SYSTEM32\DRIVERS\BRGSP50.SYS
BT848 = C:\WINDOWS\SYSTEM32\DRIVERS\WF2KVCAP.SYS
CCDECODE = C:\WINDOWS\SYSTEM32\DRIVERS\CCDECODE.SYS
Cdrom = C:\WINDOWS\SYSTEM32\DRIVERS\CDROM.SYS
cmpci = C:\WINDOWS\SYSTEM32\DRIVERS\CMAUDIO.SYS
d347bus = C:\WINDOWS\SYSTEM32\DRIVERS\D347BUS.SYS
d347prt = C:\WINDOWS\SYSTEM32\DRIVERS\D347PRT.SYS
Disk = C:\WINDOWS\SYSTEM32\DRIVERS\DISK.SYS
dmboot = C:\WINDOWS\SYSTEM32\DRIVERS\DMBOOT.SYS
dmio = C:\WINDOWS\SYSTEM32\DRIVERS\DMIO.SYS
dmload = C:\WINDOWS\SYSTEM32\DRIVERS\DMLOAD.SYS
DMusic = C:\WINDOWS\SYSTEM32\DRIVERS\DMUSIC.SYS
drmkaud = C:\WINDOWS\SYSTEM32\DRIVERS\DRMKAUD.SYS
Fdc = C:\WINDOWS\SYSTEM32\DRIVERS\FDC.SYS
FsVga = C:\WINDOWS\SYSTEM32\DRIVERS\FSVGA.SYS
Ftdisk = C:\WINDOWS\SYSTEM32\DRIVERS\FTDISK.SYS
gameenum = C:\WINDOWS\SYSTEM32\DRIVERS\GAMEENUM.SYS
Gpc = C:\WINDOWS\SYSTEM32\DRIVERS\MSGPC.SYS
hidusb = C:\WINDOWS\SYSTEM32\DRIVERS\HIDUSB.SYS
HookNtos = C:\WINDOWS\SYSTEM32\DRIVERS\HOOKNTOS.SYS
HookReg = C:\WINDOWS\SYSTEM32\DRIVERS\HOOKREG.SYS
HookSys = C:\WINDOWS\SYSTEM32\DRIVERS\HOOKSYS.SYS
HookUrl = C:\PROGRAM FILES\RISING\RFW\HOOKURL.SYS
HTTP = C:\WINDOWS\SYSTEM32\DRIVERS\HTTP.SYS
Imapi = C:\WINDOWS\SYSTEM32\DRIVERS\IMAPI.SYS
IntelIde = C:\WINDOWS\SYSTEM32\DRIVERS\INTELIDE.SYS
intelppm = C:\WINDOWS\SYSTEM32\DRIVERS\INTELPPM.SYS
Ip6Fw = C:\WINDOWS\SYSTEM32\DRIVERS\IP6FW.SYS
IpFilterDriver = C:\WINDOWS\SYSTEM32\DRIVERS\IPFLTDRV.SYS
IpInIp = C:\WINDOWS\SYSTEM32\DRIVERS\IPINIP.SYS
IpNat = C:\WINDOWS\SYSTEM32\DRIVERS\IPNAT.SYS
IPSec = C:\WINDOWS\SYSTEM32\DRIVERS\IPSEC.SYS
IRENUM = C:\WINDOWS\SYSTEM32\DRIVERS\IRENUM.SYS
isapnp = C:\WINDOWS\SYSTEM32\DRIVERS\ISAPNP.SYS
Kbdclass = C:\WINDOWS\SYSTEM32\DRIVERS\KBDCLASS.SYS
kbdhid = C:\WINDOWS\SYSTEM32\DRIVERS\KBDHID.SYS
kmixer = C:\WINDOWS\SYSTEM32\DRIVERS\KMIXER.SYS
MotDev = C:\WINDOWS\SYSTEM32\DRIVERS\MOTODRV.SYS
motmodem = C:\WINDOWS\SYSTEM32\DRIVERS\MOTMODEM.SYS
Mouclass = C:\WINDOWS\SYSTEM32\DRIVERS\MOUCLASS.SYS
mouhid = C:\WINDOWS\SYSTEM32\DRIVERS\MOUHID.SYS
mp110001 = C:\WINDOWS\SYSTEM32\DRIVERS\MP110001.SYS
mp110002 = C:\WINDOWS\SYSTEM32\DRIVERS\MP110002.SYS
mp110003 = C:\WINDOWS\SYSTEM32\DRIVERS\MP110003.SYS
mp110004 = C:\WINDOWS\SYSTEM32\DRIVERS\MP110004.SYS
mp110005 = C:\WINDOWS\SYSTEM32\DRIVERS\MP110005.SYS
mp110006 = C:\WINDOWS\SYSTEM32\DRIVERS\MP110006.SYS
mp110007 = C:\WINDOWS\SYSTEM32\DRIVERS\MP110007.SYS
mp110008 = C:\WINDOWS\SYSTEM32\DRIVERS\MP110008.SYS
mp110009 = C:\WINDOWS\SYSTEM32\DRIVERS\MP110009.SYS
mp110013 = C:\WINDOWS\SYSTEM32\DRIVERS\MP110013.SYS
MSKSSRV = C:\WINDOWS\SYSTEM32\DRIVERS\MSKSSRV.SYS
MSPCLOCK = C:\WINDOWS\SYSTEM32\DRIVERS\MSPCLOCK.SYS
MSPQM = C:\WINDOWS\SYSTEM32\DRIVERS\MSPQM.SYS
mssmbios = C:\WINDOWS\SYSTEM32\DRIVERS\MSSMBIOS.SYS
MSTEE = C:\WINDOWS\SYSTEM32\DRIVERS\MSTEE.SYS
ms_mpu401 = C:\WINDOWS\SYSTEM32\DRIVERS\MSMPU401.SYS
NABTSFEC = C:\WINDOWS\SYSTEM32\DRIVERS\NABTSFEC.SYS
NdisIP = C:\WINDOWS\SYSTEM32\DRIVERS\NDISIP.SYS
NdisTapi = C:\WINDOWS\SYSTEM32\DRIVERS\NDISTAPI.SYS
Ndisuio = C:\WINDOWS\SYSTEM32\DRIVERS\NDISUIO.SYS
NdisWan = C:\WINDOWS\SYSTEM32\DRIVERS\NDISWAN.SYS
NetBT = C:\WINDOWS\SYSTEM32\DRIVERS\NETBT.SYS
nm = C:\WINDOWS\SYSTEM32\DRIVERS\NMNT.SYS
NPF = C:\WINDOWS\SYSTEM32\DRIVERS\NPF.SYS
NwlnkFlt = C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKFLT.SYS
NwlnkFwd = C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKFWD.SYS
Parport = C:\WINDOWS\SYSTEM32\DRIVERS\PARPORT.SYS
PCI = C:\WINDOWS\SYSTEM32\DRIVERS\PCI.SYS
PptpMiniport = C:\WINDOWS\SYSTEM32\DRIVERS\RASPPTP.SYS
PSched = C:\WINDOWS\SYSTEM32\DRIVERS\PSCHED.SYS
PSXGamepadEnabler = C:\WINDOWS\SYSTEM32\DRIVERS\PSXPAD.SYS
PsxPortEnumerator = C:\WINDOWS\SYSTEM32\DRIVERS\PSXENUM.SYS
Ptilink = C:\WINDOWS\SYSTEM32\DRIVERS\PTILINK.SYS
RasAcd = C:\WINDOWS\SYSTEM32\DRIVERS\RASACD.SYS
Rasl2tp = C:\WINDOWS\SYSTEM32\DRIVERS\RASL2TP.SYS
RasPppoe = C:\WINDOWS\SYSTEM32\DRIVERS\RASPPPOE.SYS
Raspti = C:\WINDOWS\SYSTEM32\DRIVERS\RASPTI.SYS
RDPCDD = C:\WINDOWS\SYSTEM32\DRIVERS\RDPCDD.SYS
rdpdr = C:\WINDOWS\SYSTEM32\DRIVERS\RDPDR.SYS
redbook = C:\WINDOWS\SYSTEM32\DRIVERS\REDBOOK.SYS
RfwBase = C:\WINDOWS\SYSTEM32\DRIVERS\RFWBASE.SYS
RsFwDrv = C:\PROGRAM FILES\RISING\RFW\RSFWDRV.SYS
RsNTGDI = C:\WINDOWS\SYSTEM32\DRIVERS\RSNTGDI.SYS
rtl8139 = C:\WINDOWS\SYSTEM32\DRIVERS\RTL8139.SYS
Secdrv = C:\WINDOWS\SYSTEM32\DRIVERS\SECDRV.SYS
serenum = C:\WINDOWS\SYSTEM32\DRIVERS\SERENUM.SYS
Serial = C:\WINDOWS\SYSTEM32\DRIVERS\SERIAL.SYS
SLIP = C:\WINDOWS\SYSTEM32\DRIVERS\SLIP.SYS
splitter = C:\WINDOWS\SYSTEM32\DRIVERS\SPLITTER.SYS
SRS_SSCFilter = C:\WINDOWS\SYSTEM32\DRIVERS\SRS_SSCFILTER_I386.SYS
streamip = C:\WINDOWS\SYSTEM32\DRIVERS\STREAMIP.SYS
swenum = C:\WINDOWS\SYSTEM32\DRIVERS\SWENUM.SYS
swmidi = C:\WINDOWS\SYSTEM32\DRIVERS\SWMIDI.SYS
sysaudio = C:\WINDOWS\SYSTEM32\DRIVERS\SYSAUDIO.SYS
Tcpip = C:\WINDOWS\SYSTEM32\DRIVERS\TCPIP.SYS
TermDD = C:\WINDOWS\SYSTEM32\DRIVERS\TERMDD.SYS
tv2ktunr = C:\WINDOWS\SYSTEM32\DRIVERS\WF2KTUNR.SYS
Tv2kXbar = C:\WINDOWS\SYSTEM32\DRIVERS\WF2KXBAR.SYS
UnlockerDriver5 = C:\PROGRAM FILES\UNLOCKER\UNLOCKERDRIVER5.SYS
Update = C:\WINDOWS\SYSTEM32\DRIVERS\UPDATE.SYS
usbccgp = C:\WINDOWS\SYSTEM32\DRIVERS\USBCCGP.SYS
usbehci = C:\WINDOWS\SYSTEM32\DRIVERS\USBEHCI.SYS
usbhub = C:\WINDOWS\SYSTEM32\DRIVERS\USBHUB.SYS
USBSTOR = C:\WINDOWS\SYSTEM32\DRIVERS\USBSTOR.SYS
usbuhci = C:\WINDOWS\SYSTEM32\DRIVERS\USBUHCI.SYS
VgaSave = C:\WINDOWS\SYSTEM32\DRIVERS\VGA.SYS
vvebc1ntDrv = C:\WINDOWS\SYSTEM32\VVEBC1NT.SYS
Wanarp = C:\WINDOWS\SYSTEM32\DRIVERS\WANARP.SYS
Wdf01000 = C:\WINDOWS\SYSTEM32\DRIVERS\WDF01000.SYS
wdmaud = C:\WINDOWS\SYSTEM32\DRIVERS\WDMAUD.SYS
WFIOCTL = D:\PROGRAM FILES\WINFAST\WFDTV\WFIOCTL.SYS
WSTCODEC = C:\WINDOWS\SYSTEM32\DRIVERS\WSTCODEC.SYS
xAntiArp = C:\WINDOWS\SYSTEM32\DRIVERS\XANTIARP.SYS
ZD1211BU(ZyDAS) = C:\WINDOWS\SYSTEM32\DRIVERS\ZD1211BU.SYS
ZDPSp50 = C:\WINDOWS\SYSTEM32\DRIVERS\ZDPSP50.SYS
gototop
 

回复:救命啊!要死了!我的瑞星 防火墙 卡卡 都不能装了

看得我差点死了
日志不能放附件里?

操作前强烈要求先断网
1.建议使用XDelBox删除以下文件:(Xdelbox1.7下载地址:http://www.qispace.com.cn/read.php/1.htm    的工具19或http://www.dodudou.com/down/index.php?dirpath=./01.原创软件&order=0)
使用说明:先勾选抑制再生删除时复制所有要删除文件的路径,在待删除文件列表里点击右键选择从剪贴板导入不检查路径,导入后在要删除文件上点击右键,选择立刻重启删除(不论文件是否存在,继续操作重启删除
)
,电脑会重启进入DOS界面进行删除操作。运行xdelbox前最好卸载所有可移动存储介质(包括U盘,MP3,手机存储卡等)。

C:\WINDOWS\system32\vvebc1nt.exe
C:\WINDOWS\system32\vvebc1nt.sys
C:\WINDOWS\system32\Drivers\0000e752.sys
C:\WINDOWS\system32\Drivers\0000ddfc.sys
C:\WINDOWS\system32\Drivers\0000ed1f.sys
C:\WINDOWS\system32\Drivers\0000efbf.sys
C:\WINDOWS\system32\Drivers\0000f339.sys
C:\WINDOWS\system32\Drivers\0000f675.sys
C:\WINDOWS\system32\Drivers\0000f954.sys
C:\WINDOWS\system32\Drivers\00010700.sys
C:\WINDOWS\system32\Drivers\000117d8.sys
C:\WINDOWS\system32\Drivers\00021ff2.sys
C:\WINDOWS\system32\Drivers\0006ccf7.sys
SRENG-启动项目 -- 服务-- 驱动程序之如下项删除:
(选中有问题的驱动/服务后,点"删除服务",点"设置"按钮即可。注意弹出的窗口中要点"否NO"才是确认删除服务)

[0000ddfc] [已启用]            <\??\C:\WINDOWS\system32\Drivers\0000ddfc.sys>

        [0000e752] [已启用]            <\??\C:\WINDOWS\system32\Drivers\0000e752.sys>

        [0000ed1f] [已启用]            <\??\C:\WINDOWS\system32\Drivers\0000ed1f.sys>

        [0000efbf] [已启用]            <\??\C:\WINDOWS\system32\Drivers\0000efbf.sys>

        [0000f339] [已启用]            <\??\C:\WINDOWS\system32\Drivers\0000f339.sys>

        [0000f675] [已启用]            <\??\C:\WINDOWS\system32\Drivers\0000f675.sys>

        [0000f954] [已启用]            <\??\C:\WINDOWS\system32\Drivers\0000f954.sys>

        [00010700] [已启用]            <\??\C:\WINDOWS\system32\Drivers\00010700.sys>

        [000117d8] [已启用]            <\??\C:\WINDOWS\system32\Drivers\000117d8.sys>

        [00021ff2] [已启用]            <\??\C:\WINDOWS\system32\Drivers\00021ff2.sys>

        [0006ccf7] [已启用]            <\??\C:\WINDOWS\system32\Drivers\0006ccf7.sys>
[vvebc1ntDrv] [已启用]        <\??\C:\WINDOWS\system32\vvebc1nt.sys>
本帖被评分 1 次
gototop
 

回复:救命啊!要死了!我的瑞星 防火墙 卡卡 都不能装了

太棒了!!!太感谢了 !!

不枉我买了两套啊! 虽然时不时会有些许问题 但是能得到很好的解决 而且也可以学到一些东西!!!

再次谢谢!!
gototop
 

回复:救命啊!要死了!我的瑞星 防火墙 卡卡 都不能装了

顺便在问一个问题!!

在主页那的产品升级 我写上了我到底ID 序列号 但是附加码怎么看不到呢??    下载版的瑞星 写上正版的ID 是和用碟安装的一样么??
gototop
 

回复:救命啊!要死了!我的瑞星 防火墙 卡卡 都不能装了

附加码看不到与ie有关,换成其他浏览器试试,或许就可以成功。
单机版与下载版的ID和程序是无法混用的,会提示号码不正确的。
gototop
 

回复:救命啊!要死了!我的瑞星 防火墙 卡卡 都不能装了

楼主有你说的那个可怕么,我晕,就听你在这上们喊不能用了,不能装了的,是不是枪手啊
gototop
 

回复: 救命啊!要死了!我的瑞星 防火墙 卡卡 都不能装了

该用户帖子内容已被屏蔽
gototop
 
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT