[CODE] 2009-11-18,19:26:59 SysLog Scanner 1.0 - build 20080726 Arswp (http://www.arswp.com) Windows XP Professional Service Pack 3 (build 2600) - Administrators ======================================== Registries [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <"E:\Program Files\Tencent\QQDownload\QQDownload.exe" autostart> [(Verified)Tencent Technology (Shenzhen) Company Limited, 1, 9, 271, 271, C:2009-03-09 14:44 M:2009-03-09 14:44] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [(Verified)Logitech Inc., 3.1.82, C:2009-02-01 17:36 M:2006-07-19 12:03] [Samsung Electronics, Inc., 1, 0, 0, 8, C:2009-11-05 22:30 M:2005-11-21 22:58] <"C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE"> [(Verified)Logitech Inc., 3.1.82, C:2006-07-19 12:03 M:2006-07-19 12:03] <><> [] <"e:\Program Files\Rising\AntiSpyware\rstray.exe" /startup> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.17, C:2009-11-05 22:50 M:2009-11-06 12:33] <"e:\Program Files\Rising\Rfw\RsTray.exe" -system> [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.10, C:2009-11-06 12:37 M:2009-11-06 12:32] <"e:\Program Files\Rising\Rav\RsTray.exe" -system> [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.10, C:2009-11-06 13:49 M:2009-11-06 13:33] <桌面美化秀> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{32CD708B-60A7-4C00-9377-D73EAA495F0F}> [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1, C:2009-11-05 22:36 M:2009-11-06 13:31] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&使用BitComet下载] <> [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&使用BitComet下载全部链接] <> [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&使用BitComet下载本页视频] <> [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&使用超级旋风下载] <> [N/A, C:2008-11-21 15:47 M:2008-11-21 15:47] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&使用超级旋风下载全部链接] <> [N/A, C:2008-11-21 15:47 M:2008-11-21 15:47] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\添加到QQ表情] <> [N/A, C:2008-11-26 16:46 M:2008-11-26 16:46] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] [(Verified)ATI Technologies Inc., 6.14.10.4177, C:2009-11-05 22:15 M:2008-12-02 04:40] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00|(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00|(Verified)N/A, C:2008-04-14 20:00 M:2008-04-14 20:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00|(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00|(Verified)N/A, C:2008-04-14 20:00 M:2008-04-14 20:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00|(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00|(Verified)N/A, C:2008-12-22 16:23 M:2005-01-28 15:25] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A}] [] ======================================== Startup Folders [腾讯QQ] "E:\Program Files\Tencent\QQ\QQ.exe" > [(Verified)TENCENT, 8,0,1300,1881, C:2009-07-01 11:39 M:2009-07-01 11:39] [Color Calibration] "C:\Program Files\SEC\MagicTune3.6\GammaTray.exe" > [Copyright (C) 2004, 1, 0, 0, 1, C:2009-11-05 22:30 M:2006-05-04 14:22] [Logitech SetPoint] "E:\Program Files\Logitech\SetPoint\SetPoint.exe" > [Logitech Inc., 3.1.116, C:2009-11-05 22:33 M:2006-09-01 11:01] [MagicTune 3.6] "C:\Program Files\SEC\MagicTune3.6\MagicTuneTray.exe" > [Copyright (C) 2004, 1, 0, 0, 1, C:2009-11-05 22:30 M:2004-12-30 10:59] ======================================== Task ======================================== Components ShellExecuteHook [ShlExecHack Class] {32CD708B-60A7-4C00-9377-D73EAA495F0F} [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1, C:2009-11-05 22:36 M:2009-11-06 13:31] Shell Extension [Display Panning CPL Extension] {42071714-76d4-11d1-8b24-00a0c9068ff3} [] [HyperTerminal Icon Ext] {88895560-9AA2-1069-930E-00AA0030EBC8} [(Verified)Hilgraeve, Inc., 5.1.2600.0, C:2008-12-22 14:55 M:2008-04-14 20:00] [MagicRotation Shell Extension] {9E5E1445-6CEA-4761-8E45-AA19F654571E} [Samsung Electronics, Inc., 1, 0, 0, 1, C:2009-11-05 22:30 M:2005-11-14 03:26] [Logitech Setpoint Extension] {DC70C4A5-2044-4c59-B806-DEFB9AE0DF7C} [Logitech Inc., 3.1.116, C:2009-02-01 17:36 M:2006-09-01 12:02] [Logitech Setpoint Extension] {B9B9F083-2B04-452A-8691-83694AC1037B} [Logitech Inc., 3.1.116, C:2009-02-01 17:36 M:2006-09-01 12:03] [WinRAR shell extension] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2009-11-05 23:14 M:2008-09-30 21:14] [RISING] {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1, C:2009-11-05 22:36 M:2009-11-06 13:31] Protocols [] {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} [酷狗, 5.2.4.4, C:2009-11-05 23:22 M:2009-11-05 23:22] BrowserHelperObject [QQCycloneHelper Class] {00000000-12C9-4305-82F9-43058F20E8D2} [(Verified)Tencent Technology (Shenzhen) Company Limited, 1, 9, 266, 266, C:2008-03-06 14:36 M:2008-03-06 14:36] [QQToolbar] {29CF293A-1E7D-4069-9E11-E39698D0AF95} [(Verified)TENCENT, 3, 1, 41, 10, C:2009-11-09 11:31 M:2009-11-05 17:00] [BitComet Helper] {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} [(Verified)BitComet, 20090716, C:2009-07-16 15:29 M:2009-07-16 15:29] [卡卡上网安全助手] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2009-11-05 22:50 M:2009-11-05 22:49] ToolBar [QQToolbar] {29CF293A-1E7D-4069-9E11-E39698D0AF95} [(Verified)TENCENT, 3, 1, 41, 10, C:2009-11-09 11:31 M:2009-11-05 17:00] ActiveX Extension [QQCycloneHelper Class] {00000000-12C9-4305-82F9-43058F20E8D2} [(Verified)Tencent Technology (Shenzhen) Company Limited, 1, 9, 266, 266, C:2008-03-06 14:36 M:2008-03-06 14:36] [iTrusPTA Class] {1E0DFFCF-27FF-4574-849B-55007349FEDA} [(Verified)Copyright 2001, 2, 5, 1, 509, C:2009-03-02 19:56 M:2009-08-05 09:01] [QQToolbar] {29CF293A-1E7D-4069-9E11-E39698D0AF95} [(Verified)TENCENT, 3, 1, 41, 10, C:2009-11-09 11:31 M:2009-11-05 17:00] [BitComet Helper] {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} [(Verified)BitComet, 20090716, C:2009-07-16 15:29 M:2009-07-16 15:29] [EditCtrl Class] {488A4255-3236-44B3-8F27-FA1AECAA8844} [(Verified)Copyright 2008, 2, 1, 2, 5, C:2009-07-08 17:53 M:2009-08-05 09:01] [WangWangX Class] {5D09DD40-CDC4-4C56-B615-0D1E3B357C2B} [(Verified)Alibaba software (Shanghai) Corporation., 1.0.0.1, C:2009-08-27 11:31 M:2009-08-27 11:31] [卡卡上网安全助手] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2009-11-05 22:50 M:2009-11-05 22:49] [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [(Verified)Adobe Systems, Inc., 10,0,12,36, C:2008-10-05 11:16 M:2008-10-05 11:16] [PlayerCtrl Class] {E05BC2A3-9A46-4A32-80C9-023A473F5B23} [(Verified)深圳腾讯科技, 3, 1, 164, 203, C:2007-10-13 13:24 M:2007-10-13 13:24] Context Menu [OpenFolder] {0DE1378D-F811-40E6-B60A-1CC56F57D3E9} [(Verified)Alibaba software (Shanghai) Corporation., 1.0.0.1, C:2009-08-27 11:31 M:2009-08-27 11:31] [RisingKaKaExt] {356B11FA-929F-4eb7-8B26-D7E3184DDD16} [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1, C:2009-11-06 12:34 M:2009-11-06 12:34] [RisingRavExt] {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1, C:2009-11-05 22:36 M:2009-11-06 13:31] [WinRAR] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2009-11-05 23:14 M:2008-09-30 21:14] ======================================== Services [Human Interface Device Access / HidServ][Stopped/Disabled] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll"> [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-14 20:00 M:2008-04-14 20:00] [Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start] <%SystemRoot%\system32\Ati2evxx.exe> [(Verified)ATI Technologies Inc., 6.14.10.4213, C:2009-11-05 22:15 M:2008-12-02 04:38] [Rav Service / RsRavMon][Running/Auto Start] <"e:\Program Files\Rising\Rav\RavMonD.exe"> [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2, C:2009-11-06 13:49 M:2009-11-06 13:31] [RFW Service / RsRFWMon][Running/Auto Start] <"e:\Program Files\Rising\Rfw\RavMonD.exe"> [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2, C:2009-11-06 12:37 M:2009-11-06 12:31] ======================================== Drivers [magicpvt / magicpvt][Running/System Start] [Samsung Electronics, Inc., 1.00.00.00, C:2009-11-05 22:30 M:2005-11-14 03:26] [MagicTune / MagicTune][Running/System Start] <\SystemRoot\system32\drivers\MTictwl.sys> [N/A, C:2009-11-05 22:30 M:2006-05-10 11:12] [SATALink driver accelerator / SiFilter][Running/Boot Start] [Silicon Image, Inc., 1.0.0.11, C:2006-08-08 22:19 M:2006-08-08 22:19] [TCP/IP Protocol Driver / Tcpip][Running/System Start] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-14 20:00 M:2008-06-20 19:51] [Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start] [(Verified)Realtek Semiconductor Corp., 5.10.00.6300 built by: WinDDK, C:2009-11-05 22:17 M:2008-09-24 10:40] [ati2mtag / ati2mtag][Running/Manual Start] [(Verified)ATI Technologies Inc., 6.14.10.6891, C:2009-11-05 22:15 M:2008-12-02 06:13] [VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start] [(Verified)VIA Technologies, Inc. , 2.66, C:2008-12-22 14:52 M:2001-08-17 12:13] [hookcont / hookcont][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 24, 0, 0, 1, C:2009-11-06 13:49 M:2009-11-06 13:46] [hooksys / hooksys][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 24, 0, 0, 23, C:2009-11-06 13:49 M:2009-11-06 13:34] [Logitech SetPoint Keyboard Driver / L8042Kbd][Running/Manual Start] [(Verified)Logitech Inc., 3.1.82.00, C:2009-11-05 22:26 M:2006-07-19 12:27] [SetPoint HID Mouse Filter Driver / LHidKe][Running/Manual Start] [(Verified)Logitech Inc., 3.1.82.00, C:2009-02-01 17:36 M:2006-07-19 12:29] [SetPoint USB Receiver device driver / LHidUsbK][Running/Manual Start] [(Verified)Logitech Inc., 3.1.82.00, C:2009-02-01 17:36 M:2006-07-19 12:28] [SetPoint Mouse Filter Driver / LMouKE][Running/Manual Start] [(Verified)Logitech Inc., 3.1.82.00, C:2009-11-05 22:26 M:2006-07-19 12:28] [nv / nv][Stopped/Manual Start] [(Verified)NVIDIA Corporation, 6.14.10.5673, C:2008-12-22 14:52 M:2008-04-13 09:34] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2008-04-14 20:00 M:2008-04-14 20:00] [Rising RfwARP Driver / RFWARP][Running/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1, C:2009-11-06 16:52 M:2009-11-06 12:31] [Rising RfwBase Driver / RfwBase9][Running/Manual Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.3, C:2009-11-06 16:51 M:2009-11-06 12:31] [rfwtdi / rfwtdi][Running/Auto Start] <\??\e:\Program Files\Rising\Rfw\rfwtdi.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1, C:2009-11-06 12:37 M:2009-11-06 12:32] [rsassist / rsassist][Running/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 1, C:2009-11-06 13:49 M:2009-11-06 13:31] [rsfwdrv / rsfwdrv][Running/System Start] <\??\e:\Program Files\Rising\Rfw\rsfwdrv.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.34, C:2009-11-06 12:37 M:2009-11-06 12:31] [RsNTGDI / RsNTGDI][Running/Boot Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1, C:2009-11-05 23:22 M:2009-11-06 13:36] [Secdrv / Secdrv][Stopped/Manual Start] [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2008-04-14 20:00 M:2008-04-14 20:00] [NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller / yukonwxp][Running/Manual Start] [(Verified)Marvell, 10.66.4.3 built by: WinDDK, C:2009-11-05 22:15 M:2008-12-09 17:06] ======================================== Running Processes [PID: 852 / SYSTEM] \SystemRoot\System32\smss.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-14 20:00 M:2008-04-14 20:00] [PID: 928 / SYSTEM] \??\C:\WINDOWS\system32\csrss.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-14 20:00 M:2008-04-14 20:00] [PID: 960 / SYSTEM] \??\C:\WINDOWS\system32\winlogon.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2008-04-14 20:00 M:2008-04-14 20:00] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00] C:\WINDOWS\system32\Ati2evxx.dll [(Verified)ATI Technologies Inc., 6.14.10.4177, C:2009-11-05 22:15 M:2008-12-02 04:40] [PID: 1004 / SYSTEM] C:\WINDOWS\system32\services.exe [(Verified)Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234), C:2008-04-14 20:00 M:2009-02-09 19:21] [PID: 1016 / SYSTEM] C:\WINDOWS\system32\lsass.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2008-04-14 20:00 M:2008-04-14 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00] [PID: 1172 / SYSTEM] C:\WINDOWS\system32\Ati2evxx.exe [(Verified)ATI Technologies Inc., 6.14.10.4213, C:2009-11-05 22:15 M:2008-12-02 04:38] C:\WINDOWS\system32\Ati2edxx.dll [(Verified)ATI Technologies, Inc., 6, 14, 10, 2513, C:2009-11-05 22:15 M:2008-12-02 04:40] C:\WINDOWS\system32\atipdlxx.dll [(Verified)ATI Technologies, Inc., 6, 14, 10, 2543, C:2009-11-05 22:15 M:2008-12-02 04:41] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00] [PID: 1216 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-14 20:00 M:2008-04-14 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00] [PID: 1296 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-14 20:00 M:2008-04-14 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00] [PID: 1456 / SYSTEM] e:\Program Files\Rising\Rfw\RavMonD.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2, C:2009-11-06 12:37 M:2009-11-06 12:31] e:\Program Files\Rising\Rfw\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 17, C:2009-11-06 12:37 M:2009-11-06 12:34] e:\Program Files\Rising\Rfw\cnt09.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5, C:2009-11-06 12:37 M:2009-11-06 12:34] e:\Program Files\Rising\Rfw\MonBase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3, C:2009-11-06 12:37 M:2009-11-06 12:31] e:\Program Files\Rising\Rfw\MonComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 9, C:2009-11-06 12:37 M:2009-11-06 12:32] e:\Program Files\Rising\Rfw\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.14, C:2009-11-06 12:37 M:2009-11-06 12:32] e:\Program Files\Rising\Rfw\rfwrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1, C:2009-11-06 12:37 M:2009-11-06 12:31] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:14 M:2003-03-18 21:14] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 05:42 M:2003-02-21 05:42] e:\Program Files\Rising\Rfw\rfwsrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.2, C:2009-11-06 12:37 M:2009-11-06 12:32] e:\Program Files\Rising\Rfw\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-11-06 12:37 M:2009-11-05 22:52] e:\Program Files\Rising\Rfw\mPorts.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0, C:2009-11-06 12:37 M:2009-11-06 12:31] e:\Program Files\Rising\Rfw\rfwdrvc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-11-06 12:37 M:2009-11-06 12:32] e:\Program Files\Rising\Rfw\Rfwdrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.5, C:2009-11-06 12:37 M:2009-11-06 12:32] e:\Program Files\Rising\Rfw\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3, C:2009-11-06 12:37 M:2009-11-06 12:36] e:\Program Files\Rising\Rfw\RfwArp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.5, C:2009-11-06 12:37 M:2009-11-06 12:32] e:\Program Files\Rising\Rfw\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-11-06 12:37 M:2009-11-05 22:52] e:\Program Files\Rising\Rfw\urlrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1, C:2009-11-06 12:37 M:2009-11-06 12:32] e:\Program Files\Rising\Rfw\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6, C:2009-11-06 12:37 M:2009-11-06 12:34] e:\Program Files\Rising\Rfw\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3, C:2009-11-06 12:37 M:2009-11-06 12:34] e:\Program Files\Rising\Rfw\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3, C:2009-11-06 12:37 M:2009-11-06 12:34] e:\Program Files\Rising\Rfw\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3, C:2009-11-06 12:37 M:2009-11-06 12:34] e:\Program Files\Rising\Rfw\rfwproxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 40, C:2009-11-06 12:37 M:2009-11-06 12:32] e:\Program Files\Rising\Rfw\rsindent.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 11, C:2009-11-06 12:37 M:2009-11-06 12:36] e:\Program Files\Rising\Rfw\taskplug.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 8, C:2009-11-06 12:37 M:2009-11-06 12:34] e:\Program Files\Rising\Rfw\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0, C:2009-11-06 12:37 M:2009-11-06 12:32] e:\Program Files\Rising\Rfw\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0, C:2009-11-06 12:37 M:2009-11-06 12:32] e:\Program Files\Rising\Rfw\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4, C:2009-11-06 12:37 M:2009-11-06 12:34] e:\Program Files\Rising\Rfw\NComm2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2, C:2009-11-06 12:37 M:2009-11-06 12:35] e:\Program Files\Rising\Rfw\rstask.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5, C:2009-11-06 12:37 M:2009-11-06 12:34] e:\Program Files\Rising\Rfw\rsstub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1, C:2009-11-06 12:37 M:2009-11-06 12:34] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00] e:\Program Files\Rising\Rfw\urllib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1, C:2009-11-06 12:37 M:2009-11-06 12:32] [PID: 1484 / SYSTEM] C:\WINDOWS\System32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-14 20:00 M:2008-04-14 20:00] C:\WINDOWS\System32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00] [PID: 1644 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-14 20:00 M:2008-04-14 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00] [PID: 1684 / SYSTEM] C:\WINDOWS\system32\Ati2evxx.exe [(Verified)ATI Technologies Inc., 6.14.10.4213, C:2009-11-05 22:15 M:2008-12-02 04:38] C:\WINDOWS\system32\Ati2edxx.dll [(Verified)ATI Technologies, Inc., 6, 14, 10, 2513, C:2009-11-05 22:15 M:2008-12-02 04:40] C:\WINDOWS\system32\atipdlxx.dll [(Verified)ATI Technologies, Inc., 6, 14, 10, 2543, C:2009-11-05 22:15 M:2008-12-02 04:41] C:\WINDOWS\system32\ati2evxx.dll [(Verified)ATI Technologies Inc., 6.14.10.4177, C:2009-11-05 22:15 M:2008-12-02 04:40] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00] [PID: 1948 / SYSTEM] C:\WINDOWS\system32\spoolsv.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2008-04-14 20:00 M:2008-04-14 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00] [PID: 536 / Administrator] C:\WINDOWS\Explorer.EXE [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00] C:\WINDOWS\system32\msi.dll [Microsoft Corporation, 4.5.6001.22159, C:2008-04-14 20:00 M:2008-05-19 06:33] E:\Program Files\Logitech\SetPoint\lgscroll.dll [Logitech Inc., 3.1.116, C:2009-02-01 17:36 M:2006-09-01 10:30] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\MSVCR80.dll [Microsoft Corporation, 8.00.50727.42, C:2005-09-22 23:48 M:2005-09-22 23:48] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\MSVCP80.dll [Microsoft Corporation, 8.00.50727.42, C:2005-09-22 23:48 M:2005-09-22 23:48] E:\Program Files\Logitech\SetPoint\GameHook.dll [Logitech Inc., 3.1.116, C:2009-02-01 17:36 M:2006-09-01 10:26] C:\Program Files\SEC\MagicTune3.6\Highlight.dll [Copyright (C) 1998, 1, 0, 0, 1, C:2009-11-05 22:30 M:2005-08-18 14:19] C:\WINDOWS\system32\mpvthook.dll [Samsung Electronics, Inc., 1, 0, 0, 1, C:2009-11-05 22:30 M:2005-11-14 03:26] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1, C:2009-11-05 22:36 M:2009-11-06 13:31] e:\Program Files\WinRAR\rarext.dll [N/A, C:2009-11-05 23:14 M:2008-09-30 21:14] C:\WINDOWS\system32\kakaext.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1, C:2009-11-06 12:34 M:2009-11-06 12:34] I:\阿里旺旺\AliIMExt.dll [(Verified)Alibaba software (Shanghai) Corporation., 1.0.0.1, C:2009-08-27 11:31 M:2009-08-27 11:31] [PID: 224 / Administrator] C:\Program Files\MagicRotation\MagicPvt.exe [Samsung Electronics, Inc., 1, 0, 0, 8, C:2009-11-05 22:30 M:2005-11-21 22:58] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00] E:\Program Files\Logitech\SetPoint\lgscroll.dll [Logitech Inc., 3.1.116, C:2009-02-01 17:36 M:2006-09-01 10:30] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\MSVCR80.dll [Microsoft Corporation, 8.00.50727.42, C:2005-09-22 23:48 M:2005-09-22 23:48] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\MSVCP80.dll [Microsoft Corporation, 8.00.50727.42, C:2005-09-22 23:48 M:2005-09-22 23:48] E:\Program Files\Logitech\SetPoint\GameHook.dll [Logitech Inc., 3.1.116, C:2009-02-01 17:36 M:2006-09-01 10:26] [PID: 708 / LOCAL SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-14 20:00 M:2008-04-14 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00] [PID: 808 / Administrator] E:\Program Files\Rising\AntiSpyware\rstray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.17, C:2009-11-05 22:50 M:2009-11-06 12:33] E:\Program Files\Rising\AntiSpyware\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-11-05 22:50 M:2009-11-05 22:49] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00] E:\Program Files\Rising\AntiSpyware\RsXML.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2009-11-05 22:50 M:2009-11-05 22:49] E:\Program Files\Rising\AntiSpyware\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2009-11-05 22:50 M:2009-11-05 22:49] E:\Program Files\Rising\AntiSpyware\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2009-11-05 22:50 M:2009-11-05 22:49] E:\Program Files\Rising\AntiSpyware\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.31, C:2009-11-05 22:50 M:2009-11-06 12:32] E:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-11-05 22:50 M:2009-11-05 22:49] E:\Program Files\Rising\AntiSpyware\rscommon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.1.1, C:2009-11-05 22:50 M:2009-11-05 22:49] E:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-11-05 22:50 M:2009-11-06 12:32] E:\Program Files\Rising\AntiSpyware\pngdll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2009-11-05 22:50 M:2009-11-05 22:49] E:\Program Files\Rising\AntiSpyware\runiep.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.44, C:2009-11-05 22:50 M:2009-11-06 12:33] E:\Program Files\Rising\AntiSpyware\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.11, C:2009-11-05 22:50 M:2009-11-05 22:49] e:\Program Files\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2009-11-05 22:36 M:2009-11-05 23:20] E:\Program Files\Rising\AntiSpyware\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2009-11-05 22:50 M:2009-11-05 22:49] [PID: 816 / Administrator] E:\Program Files\Rising\Rfw\RsTray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.10, C:2009-11-06 12:37 M:2009-11-06 12:32] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00] E:\Program Files\Rising\Rfw\comserv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.15, C:2009-11-06 12:37 M:2009-11-06 12:32] E:\Program Files\Rising\Rfw\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1, C:2009-11-06 12:37 M:2009-11-06 12:32] E:\Program Files\Rising\Rfw\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-11-06 12:37 M:2009-11-05 22:52] E:\Program Files\Rising\Rfw\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-11-06 12:37 M:2009-11-05 22:52] E:\Program Files\Rising\Rfw\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4, C:2009-11-06 12:37 M:2009-11-06 12:34] E:\Program Files\Rising\Rfw\rsxml.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2, C:2009-11-06 12:37 M:2009-11-06 12:32] E:\Program Files\Rising\Rfw\MonState.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2, C:2009-11-06 12:37 M:2009-11-06 12:32] E:\Program Files\Rising\Rfw\rfwrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1, C:2009-11-06 12:37 M:2009-11-06 12:31] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:14 M:2003-03-18 21:14] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 05:42 M:2003-02-21 05:42] E:\Program Files\Rising\Rfw\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1, C:2009-11-06 12:37 M:2009-11-06 12:32] E:\Program Files\Rising\Rfw\rspalvd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.6, C:2009-11-06 12:37 M:2009-11-06 12:32] E:\Program Files\Rising\Rfw\rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 55, C:2009-11-06 12:37 M:2009-11-06 12:32] E:\Program Files\Rising\Rfw\ravbintl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 21, C:2009-11-06 12:37 M:2009-11-06 12:33] E:\Program Files\Rising\Rfw\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3, C:2009-11-06 12:37 M:2009-11-06 12:36] E:\Program Files\Rising\Rfw\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3, C:2009-11-06 12:37 M:2009-11-06 12:32] E:\Program Files\Rising\Rfw\rfwtray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 38, C:2009-11-06 12:37 M:2009-11-06 12:32] E:\Program Files\Rising\Rfw\ravppops.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 21, C:2009-11-06 12:37 M:2009-11-06 12:33] E:\Program Files\Rising\Rfw\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0, C:2009-11-06 12:37 M:2009-11-06 12:32] E:\Program Files\Rising\Rfw\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0, C:2009-11-06 12:37 M:2009-11-06 12:32] E:\Program Files\Rising\Rfw\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-11-06 12:37 M:2009-11-05 22:52] E:\Program Files\Rising\Rfw\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.14, C:2009-11-06 12:37 M:2009-11-06 12:32] [PID: 896 / Administrator] C:\WINDOWS\system32\ctfmon.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00] E:\Program Files\Logitech\SetPoint\lgscroll.dll [Logitech Inc., 3.1.116, C:2009-02-01 17:36 M:2006-09-01 10:30] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\MSVCR80.dll [Microsoft Corporation, 8.00.50727.42, C:2005-09-22 23:48 M:2005-09-22 23:48] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\MSVCP80.dll [Microsoft Corporation, 8.00.50727.42, C:2005-09-22 23:48 M:2005-09-22 23:48] E:\Program Files\Logitech\SetPoint\GameHook.dll [Logitech Inc., 3.1.116, C:2009-02-01 17:36 M:2006-09-01 10:26] [PID: 1548 / LOCAL SERVICE] C:\WINDOWS\System32\alg.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2008-04-14 20:00 M:2008-04-14 20:00] C:\WINDOWS\System32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00] [PID: 1896 / Administrator] C:\Program Files\SEC\MagicTune3.6\GammaTray.exe [Copyright (C) 2004, 1, 0, 0, 1, C:2009-11-05 22:30 M:2006-05-04 14:22] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00] E:\Program Files\Logitech\SetPoint\lgscroll.dll [Logitech Inc., 3.1.116, C:2009-02-01 17:36 M:2006-09-01 10:30] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\MSVCR80.dll [Microsoft Corporation, 8.00.50727.42, C:2005-09-22 23:48 M:2005-09-22 23:48] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\MSVCP80.dll [Microsoft Corporation, 8.00.50727.42, C:2005-09-22 23:48 M:2005-09-22 23:48] E:\Program Files\Logitech\SetPoint\GameHook.dll [Logitech Inc., 3.1.116, C:2009-02-01 17:36 M:2006-09-01 10:26] [PID: 2056 / Administrator] E:\Program Files\Logitech\SetPoint\SetPoint.exe [Logitech Inc., 3.1.116, C:2009-11-05 22:33 M:2006-09-01 11:01] C:\WINDOWS\system32\KemUtil.dll [Logitech Inc., 3.1.116, C:2009-11-05 22:33 M:2006-09-01 10:20] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\MFC80U.DLL [Microsoft Corporation, 8.00.50727.42, C:2005-09-23 01:16 M:2005-09-23 01:16] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\MSVCR80.dll [Microsoft Corporation, 8.00.50727.42, C:2005-09-22 23:48 M:2005-09-22 23:48] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\MSVCP80.dll [Microsoft Corporation, 8.00.50727.42, C:2005-09-22 23:48 M:2005-09-22 23:48] E:\Program Files\Logitech\SetPoint\SetPointCOM.dll [Logitech Inc., 3.1.116, C:2009-02-01 17:36 M:2006-09-01 10:25] C:\WINDOWS\system32\kemutb.dll [Logitech Inc., 3.1.116, C:2009-11-05 22:33 M:2006-09-01 10:22] C:\WINDOWS\system32\KemWnd.dll [Logitech Inc., 3.1.116, C:2009-11-05 22:33 M:2006-09-01 10:21] C:\WINDOWS\system32\KemXML.dll [Logitech Inc., 3.1.116, C:2009-11-05 22:33 M:2006-09-01 10:23] E:\Program Files\Logitech\SetPoint\lgscroll.dll [Logitech Inc., 3.1.116, C:2009-02-01 17:36 M:2006-09-01 10:30] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\MFC80CHS.DLL [Microsoft Corporation, 8.00.50727.42, C:2005-09-23 00:58 M:2005-09-23 00:58] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00] E:\Program Files\Logitech\SetPoint\Macros\MacroCore.dll [Logitech Inc., 3.1.116, C:2009-02-01 17:36 M:2006-09-01 10:56] E:\Program Files\Logitech\SetPoint\IMHook.dll [Logitech Inc., 3.1.116, C:2009-02-01 17:36 M:2006-09-01 10:46] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841\ATL80.DLL [Microsoft Corporation, 8.00.50727.42, C:2005-09-22 23:49 M:2005-09-22 23:49] C:\Program Files\Common Files\Logitech\khalshared\KhalApi.dll [Logitech Inc., 3.1.116, C:2006-09-01 12:08 M:2006-09-01 12:08] E:\Program Files\Logitech\SetPoint\kgame.dll [Logitech Inc., 3.1.116, C:2009-02-01 17:36 M:2006-09-01 10:27] E:\Program Files\Logitech\SetPoint\GameHook.dll [Logitech Inc., 3.1.116, C:2009-02-01 17:36 M:2006-09-01 10:26] E:\Program Files\Logitech\SetPoint\LCabHandler.dll [Logitech Inc., 3.1.116, C:2009-02-01 17:36 M:2006-09-01 10:35] C:\Program Files\SEC\MagicTune3.6\Highlight.dll [Copyright (C) 1998, 1, 0, 0, 1, C:2009-11-05 22:30 M:2005-08-18 14:19] [PID: 2636 / Administrator] C:\Program Files\SEC\MagicTune3.6\MagicTune.exe [SAMSUNG, 1, 0, 0, 1, C:2009-11-05 22:30 M:2006-05-22 13:29] C:\Program Files\SEC\MagicTune3.6\I2CDll.dll [N/A, C:2009-11-05 22:30 M:2006-01-11 13:04] C:\Program Files\SEC\MagicTune3.6\Highlight.dll [Copyright (C) 1998, 1, 0, 0, 1, C:2009-11-05 22:30 M:2005-08-18 14:19] C:\Program Files\SEC\MagicTune3.6\HzZone.dll [Copyright (C) 2004, 1, 0, 0, 1, C:2009-11-05 22:30 M:2006-05-18 07:47] C:\Program Files\SEC\MagicTune3.6\MTResChi.dll [Copyright (C) 2003, 1, 0, 0, 1, C:2009-11-05 22:30 M:2006-05-18 07:49] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00] E:\Program Files\Logitech\SetPoint\lgscroll.dll [Logitech Inc., 3.1.116, C:2009-02-01 17:36 M:2006-09-01 10:30] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\MSVCR80.dll [Microsoft Corporation, 8.00.50727.42, C:2005-09-22 23:48 M:2005-09-22 23:48] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\MSVCP80.dll [Microsoft Corporation, 8.00.50727.42, C:2005-09-22 23:48 M:2005-09-22 23:48] C:\WINDOWS\system32\ATIDDC.dll [(Verified) ATI Technologies Inc., 6.14.10.8, C:2009-11-05 22:15 M:2008-12-02 04:37] E:\Program Files\Logitech\SetPoint\GameHook.dll [Logitech Inc., 3.1.116, C:2009-02-01 17:36 M:2006-09-01 10:26] [PID: 2940 / Administrator] C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE [(Verified)Logitech Inc., 3.1.82, C:2006-07-19 12:03 M:2006-07-19 12:03] C:\Program Files\Common Files\Logitech\khalshared\KHALAPI.DLL [Logitech Inc., 3.1.116, C:2006-09-01 12:08 M:2006-09-01 12:08] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00] E:\Program Files\Logitech\SetPoint\GameHook.dll [Logitech Inc., 3.1.116, C:2009-02-01 17:36 M:2006-09-01 10:26] E:\Program Files\Logitech\SetPoint\lgscroll.dll [Logitech Inc., 3.1.116, C:2009-02-01 17:36 M:2006-09-01 10:30] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\MSVCR80.dll [Microsoft Corporation, 8.00.50727.42, C:2005-09-22 23:48 M:2005-09-22 23:48] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\MSVCP80.dll [Microsoft Corporation, 8.00.50727.42, C:2005-09-22 23:48 M:2005-09-22 23:48] C:\Program Files\Common Files\Logitech\khalshared\KHALITCH.DLL [Logitech Inc., 3.1.116, C:2006-09-01 12:09 M:2006-09-01 12:09] C:\Program Files\Common Files\Logitech\khalshared\KHALMW.DLL [Logitech Inc., 3.1.116, C:2006-09-01 12:09 M:2006-09-01 12:09] C:\Program Files\Common Files\Logitech\khalshared\KHALHPP.DLL [Logitech Inc., 3.1.116, C:2006-09-01 12:08 M:2006-09-01 12:08] [PID: 3508 / Administrator] E:\Program Files\Tencent\QQ\QQ.exe [(Verified)TENCENT, 8,0,1300,1881, C:2009-07-01 11:39 M:2009-07-01 11:39] E:\Program Files\Tencent\QQ\QQBaseClassInDll.dll [(Verified)TENCENT, 8,0,1300,1881, C:2008-11-27 09:43 M:2008-11-27 09:43] E:\Program Files\Tencent\QQ\QQHelperDll.dll [(Verified)TENCENT, 8,0,1300,1881, C:2008-11-27 09:43 M:2008-11-27 09:43] E:\Program Files\Tencent\QQ\BasicCtrlDll.dll [(Verified)TENCENT, 8,0,1248,1851, C:2008-11-27 09:44 M:2008-11-27 09:44] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00] C:\Program Files\SEC\MagicTune3.6\Highlight.dll [Copyright (C) 1998, 1, 0, 0, 1, C:2009-11-05 22:30 M:2005-08-18 14:19] E:\Program Files\Logitech\SetPoint\GameHook.dll [Logitech Inc., 3.1.116, C:2009-02-01 17:36 M:2006-09-01 10:26] E:\Program Files\Logitech\SetPoint\lgscroll.dll [Logitech Inc., 3.1.116, C:2009-02-01 17:36 M:2006-09-01 10:30] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\MSVCR80.dll [Microsoft Corporation, 8.00.50727.42, C:2005-09-22 23:48 M:2005-09-22 23:48] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\MSVCP80.dll [Microsoft Corporation, 8.00.50727.42, C:2005-09-22 23:48 M:2005-09-22 23:48] E:\Program Files\Tencent\QQ\QQAPI.dll [(Verified)TENCENT, 8,0,1300,1881, C:2008-11-27 09:43 M:2008-11-27 09:43] E:\Program Files\Tencent\QQ\LoginCtrl.dll [(Verified)TENCENT, 8,0,1300,1881, C:2008-11-27 09:43 M:2008-11-27 09:43] E:\Program Files\Tencent\QQ\LoginCtrlRes.dll [(Verified)TENCENT, 8,0,1300,1881, C:2008-11-27 09:43 M:2008-11-27 09:43] E:\Program Files\Tencent\QQ\QQRes.dll [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 11:35 M:2008-11-27 11:35] E:\Program Files\Tencent\QQ\QQMainFrame.dll [(Verified)TENCENT, 8,0,1300,1881, C:2008-12-10 15:13 M:2008-12-10 15:13] E:\Program Files\Tencent\QQ\gdiplus.dll [Microsoft Corporation, 5.2.6001.22319 (vistasp1_ldr.081126-1506), C:2009-08-13 21:55 M:2009-08-13 21:55] E:\Program Files\Tencent\QQ\UnReadMsgMgr.dll [(Verified)TENCENT, 8,0,1300,1881, C:2008-11-27 09:44 M:2008-11-27 09:44] E:\Program Files\Tencent\QQ\QQAllInOne.dll [(Verified)TENCENT, 8,0,1300,1881, C:2008-11-27 09:43 M:2008-11-27 09:43] E:\Program Files\Tencent\QQ\SCCore.dll [(Verified)TENCENT, 1, 6, 0, 2, C:2008-11-27 09:44 M:2008-11-27 09:44] E:\Program Files\Tencent\QQ\CameraDll.dll [(Verified)TENCENT, 8,0,1300,1881, C:2008-11-27 09:44 M:2008-11-27 09:44] E:\Program Files\Tencent\QQ\CQQApplication.dll [(Verified)TENCENT, 8,0,1300,1881, C:2008-11-27 16:08 M:2008-11-27 16:08] E:\Program Files\Tencent\QQ\FlashAvatarDll.dll [(Verified)版权所有 (C) 2008, 1, 0, 0, 1, C:2008-11-27 09:43 M:2008-11-27 09:43] E:\Program Files\Tencent\QQ\NewSkin.dll [(Verified)TENCENT, 8,0,1300,1881, C:2008-11-27 09:43 M:2008-11-27 09:43] E:\Program Files\Tencent\QQ\MailSummary.dll [(Verified)TENCENT, 8,0,1234,1851, C:2008-11-27 09:43 M:2008-11-27 09:43] E:\Program Files\Tencent\QQ\QQSpace.dll [(Verified)TENCENT, 8,0,1300,1881, C:2008-11-27 09:44 M:2008-11-27 09:44] C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx [(Verified)Adobe Systems, Inc., 10,0,12,36, C:2008-10-05 11:16 M:2008-10-05 11:16] C:\WINDOWS\system32\msdmo.dll [(Verified)N/A, C:2008-04-14 20:00 M:2008-04-14 20:00] E:\Program Files\Tencent\QQ\QQAvatar.dll [(Verified)TENCENT, 8,0,1300,1881, C:2008-11-27 09:43 M:2008-11-27 09:43] E:\Program Files\Tencent\QQ\OEMApplication.dll [(Verified)TENCENT, 8,0,1300,1881, C:2008-11-27 09:43 M:2008-11-27 09:43] E:\Program Files\Tencent\QQ\QQKnowledgeSearch.dll [(Verified)TENCENT, 8,0,1300,1881, C:2008-11-27 09:43 M:2008-11-27 09:43] E:\Program Files\Tencent\QQ\QQGroupMng.dll [(Verified)TENCENT, 8,0,1300,1881, C:2008-11-27 09:43 M:2008-11-27 09:43] E:\Program Files\Tencent\QQ\QQPlugin.dll [(Verified)TENCENT, 8,0,1300,1881, C:2008-11-27 09:43 M:2008-11-27 09:43] E:\Program Files\Tencent\QQ\QQPet.dll [(Verified)TENCENT, 8,0,1300,1881, C:2008-11-27 09:43 M:2008-11-27 09:43] E:\Program Files\Tencent\QQ\QQSysMsgMng.dll [(Verified)TENCENT, 8,0,1300,1881, C:2009-07-01 11:39 M:2009-07-01 11:39] E:\Program Files\Tencent\QQ\UserDefinedHead.dll [(Verified)TENCENT, 8,0,1300,1881, C:2008-11-27 09:44 M:2008-11-27 09:44] E:\Program Files\Tencent\QQ\QQConfigPlugin.dll [(Verified)TENCENT, 8,0,1300,1881, C:2008-11-27 09:43 M:2008-11-27 09:43] E:\Program Files\Tencent\QQ\QRingMng.dll [(Verified)TENCENT, 8,0,1300,1881, C:2008-11-27 09:44 M:2008-11-27 09:44] E:\Program Files\Tencent\QQ\QQCustomFace.dll [(Verified)TENCENT, 8,0,1300,1881, C:2008-11-27 09:43 M:2008-11-27 09:43] E:\Program Files\Tencent\QQ\LongConnection.dll [(Verified)TENCENT, 8,0,1300,1881, C:2008-11-27 09:44 M:2008-11-27 09:44] E:\Program Files\Tencent\QQ\PhoneAPI.dll [(Verified)TENCENT, 8,0,1300,1881, C:2008-11-27 09:43 M:2008-11-27 09:43] E:\Program Files\Tencent\QQ\DialerAllinOne.dll [(Verified)tencent, 1, 4, 0, 0, C:2008-11-27 09:43 M:2008-11-27 09:43] E:\Program Files\Tencent\QQ\QQAddr.dll [(Verified)深圳市腾讯计算机系统有限公司, 5, 0, 101, 330, C:2008-11-27 09:44 M:2008-11-27 09:44] E:\Program Files\Tencent\QQ\QQMagicFace.dll [(Verified)TENCENT, 8,0,1300,1881, C:2008-11-27 09:43 M:2008-11-27 09:43] E:\Program Files\Tencent\QQ\ImageOle.dll [(Verified)TENCENT, 8,0,1300,1881, C:2008-11-27 09:44 M:2008-11-27 09:44] E:\Program Files\Tencent\QQ\QQLiveQMng.dll [(Verified)TENCENT, 8,0,1300,1881, C:2008-11-27 09:43 M:2008-11-27 09:43] E:\Program Files\Tencent\QQ\BQQApplication.dll [(Verified)TENCENT, 8,0,1300,1881, C:2008-11-27 09:43 M:2008-11-27 09:43] E:\Program Files\Tencent\QQ\QQSceneMng.dll [(Verified)TENCENT, 8,0,1300,1881, C:2008-11-27 09:44 M:2008-11-27 09:44] E:\Program Files\Tencent\QQ\GroupConnection.dll [(Verified)TENCENT, 8,0,1300,1881, C:2008-11-27 09:44 M:2008-11-27 09:44] E:\Program Files\Tencent\QQ\CommercesMng.dll [(Verified)TENCENT, 8,0,1300,1881, C:2008-11-27 09:43 M:2008-11-27 09:43] E:\Program Files\Tencent\QQ\PersonalDesktop.dll [(Verified)TENCENT, 8,0,1300,1881, C:2008-11-27 09:44 M:2008-11-27 09:44] E:\Program Files\Tencent\QQ\AddrSearch.dll [(Verified)Tencent, 2, 3, 16, 12, C:2008-11-27 09:42 M:2009-11-11 13:15] [PID: 3556 / Administrator] E:\Program Files\Tencent\QQ\TXPlatform.exe [(Verified)Tencent, 1, 5, 225, 0, C:2008-05-20 17:53 M:2008-05-20 17:53] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00] C:\Program Files\SEC\MagicTune3.6\Highlight.dll [Copyright (C) 1998, 1, 0, 0, 1, C:2009-11-05 22:30 M:2005-08-18 14:19] E:\Program Files\Logitech\SetPoint\GameHook.dll [Logitech Inc., 3.1.116, C:2009-02-01 17:36 M:2006-09-01 10:26] E:\Program Files\Logitech\SetPoint\lgscroll.dll [Logitech Inc., 3.1.116, C:2009-02-01 17:36 M:2006-09-01 10:30] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\MSVCR80.dll [Microsoft Corporation, 8.00.50727.42, C:2005-09-22 23:48 M:2005-09-22 23:48] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\MSVCP80.dll [Microsoft Corporation, 8.00.50727.42, C:2005-09-22 23:48 M:2005-09-22 23:48] [PID: 3180 / SYSTEM] e:\Program Files\Rising\Rav\RavMonD.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2, C:2009-11-06 13:49 M:2009-11-06 13:31] e:\Program Files\Rising\Rav\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 17, C:2009-11-06 13:49 M:2009-11-06 13:46] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00] e:\Program Files\Rising\Rav\cnt09.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5, C:2009-11-06 13:49 M:2009-11-06 13:46] e:\Program Files\Rising\Rav\moncomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 9, C:2009-11-06 13:49 M:2009-11-06 13:31] e:\Program Files\Rising\Rav\MonBase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3, C:2009-11-06 13:49 M:2009-11-06 13:31] e:\Program Files\Rising\Rav\Rslog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.41, C:2009-11-06 13:49 M:2009-11-06 13:46] e:\Program Files\Rising\Rav\mondrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6, C:2009-11-06 13:49 M:2009-11-06 13:34] e:\Program Files\Rising\Rav\defmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 44, C:2009-11-06 13:49 M:2009-11-16 15:53] e:\Program Files\Rising\Rav\moncom08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1, C:2009-11-06 13:49 M:2009-11-06 13:46] e:\Program Files\Rising\Rav\MonRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 10, C:2009-11-06 13:49 M:2009-11-06 13:34] e:\Program Files\Rising\Rav\FileMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 29, C:2009-11-06 13:49 M:2009-11-06 13:46] e:\Program Files\Rising\Rav\MailMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 22, C:2009-11-06 13:49 M:2009-11-06 13:46] e:\Program Files\Rising\Rav\HookWeb.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 12, C:2009-11-06 13:49 M:2009-11-06 13:46] e:\Program Files\Rising\Rav\rsindent.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 11, C:2009-11-06 13:49 M:2009-11-06 13:47] e:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-11-06 13:49 M:2009-11-05 22:49] e:\Program Files\Rising\Rav\taskplug.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 8, C:2009-11-06 13:49 M:2009-11-06 13:46] e:\Program Files\Rising\Rav\scansrvp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.7, C:2009-11-06 13:49 M:2009-11-06 13:31] e:\Program Files\Rising\Rav\cnt08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1, C:2009-11-06 13:49 M:2009-11-06 13:46] e:\Program Files\Rising\Rav\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4, C:2009-11-06 13:49 M:2009-11-06 13:46] e:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0, C:2009-11-06 13:49 M:2009-11-06 13:31] e:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0, C:2009-11-06 13:49 M:2009-11-06 13:32] e:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-11-06 13:49 M:2009-11-05 22:49] e:\Program Files\Rising\Rav\Hooksys.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 24, 0, 0, 3, C:2009-11-06 13:49 M:2009-11-06 13:33] e:\Program Files\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2009-11-05 22:36 M:2009-11-05 23:20] e:\Program Files\Rising\Rav\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2009-11-06 13:49 M:2009-11-05 23:20] e:\Program Files\Rising\Rav\HookCont.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 24, 0, 0, 1, C:2009-11-06 13:49 M:2009-11-06 13:46] e:\Program Files\Rising\Rav\BACore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 29, C:2009-11-06 13:49 M:2009-11-06 13:34] e:\Program Files\Rising\Rav\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6, C:2009-11-06 13:49 M:2009-11-06 13:33] e:\Program Files\Rising\Rav\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3, C:2009-11-06 13:49 M:2009-11-06 13:33] e:\Program Files\Rising\Rav\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3, C:2009-11-06 13:49 M:2009-11-06 13:33] e:\Program Files\Rising\Rav\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3, C:2009-11-06 13:49 M:2009-11-06 13:33] e:\Program Files\Rising\Rav\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3, C:2009-11-06 13:49 M:2009-11-06 13:47] e:\Program Files\Rising\Rav\bawhite.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2, C:2009-11-06 13:49 M:2009-11-06 13:34] e:\Program Files\Rising\Rav\RSStore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5, C:2009-11-06 13:49 M:2009-11-06 13:37] e:\Program Files\Rising\Rav\Scanner.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.17, C:2009-11-06 13:49 M:2009-11-06 13:31] e:\Program Files\Rising\Rav\ScanAdd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.4, C:2009-11-06 13:49 M:2009-11-06 13:31] e:\Program Files\Rising\Rav\rstask.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5, C:2009-11-06 13:49 M:2009-11-06 13:46] e:\Program Files\Rising\Rav\rsstub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1, C:2009-11-06 13:49 M:2009-11-06 13:46] e:\Program Files\Rising\Rav\ScanSrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.3, C:2009-11-06 13:49 M:2009-11-06 13:31] e:\Program Files\Rising\Rav\scanpe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 10, C:2009-11-06 13:49 M:2009-11-06 13:32] e:\Program Files\Rising\Rav\pearc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2, C:2009-11-06 13:49 M:2009-11-06 13:32] e:\Program Files\Rising\Rav\ur000.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3, C:2009-11-06 13:49 M:2009-11-06 13:32] e:\Program Files\Rising\Rav\urutils.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1, C:2009-11-06 13:49 M:2009-11-06 13:32] e:\Program Files\Rising\Rav\ffr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4, C:2009-11-06 13:49 M:2009-11-06 13:33] e:\Program Files\Rising\Rav\nvfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1, C:2009-11-06 13:49 M:2009-11-06 13:32] e:\Program Files\Rising\Rav\scanexec.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2, C:2009-11-06 13:49 M:2009-11-06 13:32] e:\Program Files\Rising\Rav\unexe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2, C:2009-11-06 13:49 M:2009-11-06 13:32] e:\Program Files\Rising\Rav\scanex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 44, C:2009-11-06 13:49 M:2009-11-18 10:40] e:\Program Files\Rising\Rav\scantj.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4, C:2009-11-06 13:49 M:2009-11-06 13:32] e:\Program Files\Rising\Rav\methodex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3, C:2009-11-06 13:49 M:2009-11-06 13:32] e:\Program Files\Rising\Rav\revm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5, C:2009-11-06 13:49 M:2009-11-06 13:32] e:\Program Files\Rising\Rav\heurex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 12, C:2009-11-06 13:49 M:2009-11-13 13:49] e:\Program Files\Rising\Rav\pecompd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5, C:2009-11-06 13:49 M:2009-11-14 15:28] e:\Program Files\Rising\Rav\scansct.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3, C:2009-11-06 13:49 M:2009-11-06 13:32] e:\Program Files\Rising\Rav\extmail.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5, C:2009-11-06 13:49 M:2009-11-06 13:33] e:\Program Files\Rising\Rav\ur001.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2, C:2009-11-06 13:49 M:2009-11-06 13:32] e:\Program Files\Rising\Rav\ur023.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1, C:2009-11-06 13:49 M:2009-11-06 13:32] [PID: 1872 / Administrator] e:\Program Files\Rising\Rav\RsTray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.10, C:2009-11-06 13:49 M:2009-11-06 13:33] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00] e:\Program Files\Rising\Rav\comserv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.15, C:2009-11-06 13:49 M:2009-11-06 13:33] e:\Program Files\Rising\Rav\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1, C:2009-11-06 13:49 M:2009-11-06 13:31] e:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-11-06 13:49 M:2009-11-05 22:49] e:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-11-06 13:49 M:2009-11-05 22:49] e:\Program Files\Rising\Rav\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4, C:2009-11-06 13:49 M:2009-11-06 13:46] e:\Program Files\Rising\Rav\rsxml.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2, C:2009-11-06 13:49 M:2009-11-06 13:31] e:\Program Files\Rising\Rav\MonState.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2, C:2009-11-06 13:49 M:2009-11-06 13:33] e:\Program Files\Rising\Rav\ScanEvnt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.3, C:2009-11-06 13:49 M:2009-11-06 13:33] e:\Program Files\Rising\Rav\rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 55, C:2009-11-06 13:49 M:2009-11-06 13:31] e:\Program Files\Rising\Rav\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1, C:2009-11-06 13:49 M:2009-11-06 13:31] e:\Program Files\Rising\Rav\rspalvd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.6, C:2009-11-06 13:49 M:2009-11-06 13:31] e:\Program Files\Rising\Rav\ravbintl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 21, C:2009-11-06 13:49 M:2009-11-06 13:35] e:\Program Files\Rising\Rav\mruleui.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 7, C:2009-11-06 13:49 M:2009-11-06 13:34] e:\Program Files\Rising\Rav\MonTray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.72, C:2009-11-06 13:49 M:2009-11-16 15:53] e:\Program Files\Rising\Rav\RavITray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6, C:2009-11-06 13:49 M:2009-11-06 13:35] e:\Program Files\Rising\Rav\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3, C:2009-11-06 13:49 M:2009-11-06 13:33] e:\Program Files\Rising\Rav\scanleak.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6, C:2009-11-06 13:49 M:2009-11-10 11:40] e:\Program Files\Rising\Rav\ravppops.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 21, C:2009-11-06 13:49 M:2009-11-06 13:35] e:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0, C:2009-11-06 13:49 M:2009-11-06 13:31] e:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0, C:2009-11-06 13:49 M:2009-11-06 13:32] e:\Program Files\Rising\Rav\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-11-06 13:49 M:2009-11-05 22:49] e:\Program Files\Rising\Rav\ScanPrxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.4, C:2009-11-06 13:49 M:2009-11-06 13:31] [PID: 2920 / Administrator] C:\Program Files\Internet Explorer\iexplore.exe [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-12-22 14:56 M:2008-04-14 20:00] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00] C:\Program Files\SEC\MagicTune3.6\Highlight.dll [Copyright (C) 1998, 1, 0, 0, 1, C:2009-11-05 22:30 M:2005-08-18 14:19] E:\Program Files\Logitech\SetPoint\GameHook.dll [Logitech Inc., 3.1.116, C:2009-02-01 17:36 M:2006-09-01 10:26] E:\Program Files\Logitech\SetPoint\lgscroll.dll [Logitech Inc., 3.1.116, C:2009-02-01 17:36 M:2006-09-01 10:30] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\MSVCR80.dll [Microsoft Corporation, 8.00.50727.42, C:2005-09-22 23:48 M:2005-09-22 23:48] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\MSVCP80.dll [Microsoft Corporation, 8.00.50727.42, C:2005-09-22 23:48 M:2005-09-22 23:48] C:\Program Files\Tencent\QQToolbar\IEBar.dll [(Verified)TENCENT, 3, 1, 41, 10, C:2009-11-09 11:31 M:2009-11-05 17:00] C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\Toolbar.dll [(Verified)TENCENT, 3, 1, 41, 10, C:2009-11-09 11:31 M:2009-11-05 17:00] C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\TBAddr.dll [(Verified)Tencent, 3, 1, 34, 11, C:2009-11-09 11:33 M:2009-11-13 10:44] C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\QQMail.dll [(Verified)TENCENT, 3, 1, 10, 10, C:2009-11-09 11:31 M:2009-08-21 15:26] C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\Shuqian.dll [(Verified)TENCENT, 3, 1, 15, 10, C:2009-11-09 11:31 M:2009-10-13 15:24] C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\Wenwen.dll [(Verified)TENCENT, 3, 1, 11, 11, C:2009-11-09 11:31 M:2009-07-30 17:46] C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\Weather.dll [(Verified)TENCENT, 3, 1, 8, 10, C:2009-11-09 11:31 M:2009-10-29 09:44] C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\Paipai.dll [(Verified)TENCENT, 3, 1, 7, 11, C:2009-11-09 11:31 M:2009-04-29 11:10] C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\Qzone.dll [(Verified)TENCENT, 3, 1, 15, 10, C:2009-11-09 11:31 M:2009-11-04 16:29] C:\Documents and Settings\Administrator\Application Data\TENCENT\QQToolbar\buttons\MusicBox.dll [(Verified)TENCENT, 3, 1, 4, 11, C:2009-11-09 11:31 M:2009-04-15 13:02] E:\Program Files\Tencent\QQDownload\QQIEHelper01.dll [(Verified)Tencent Technology (Shenzhen) Company Limited, 1, 9, 266, 266, C:2008-03-06 14:36 M:2008-03-06 14:36] e:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll [(Verified)BitComet, 20090716, C:2009-07-16 15:29 M:2009-07-16 15:29] C:\WINDOWS\system32\UrlFilter.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2009-11-05 22:50 M:2009-11-05 22:49] e:\Program Files\Rising\AntiSpyware\UrlRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.15, C:2009-11-05 22:50 M:2009-11-05 22:49] e:\Program Files\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 11, C:2009-11-05 22:36 M:2009-11-10 17:58] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:14 M:2003-03-18 21:14] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 05:42 M:2003-02-21 05:42] C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx [(Verified)Adobe Systems, Inc., 10,0,12,36, C:2008-10-05 11:16 M:2008-10-05 11:16] [PID: 2836 / Administrator] E:\安装软件\病毒\SysLog-0804\SysLog-0804\SysLog.exe [N/A, C:2009-11-18 19:26 M:2008-08-04 21:19] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-14 20:00 M:2008-04-14 20:00] C:\Program Files\SEC\MagicTune3.6\Highlight.dll [Copyright (C) 1998, 1, 0, 0, 1, C:2009-11-05 22:30 M:2005-08-18 14:19] E:\Program Files\Logitech\SetPoint\GameHook.dll [Logitech Inc., 3.1.116, C:2009-02-01 17:36 M:2006-09-01 10:26] E:\Program Files\Logitech\SetPoint\lgscroll.dll [Logitech Inc., 3.1.116, C:2009-02-01 17:36 M:2006-09-01 10:30] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\MSVCR80.dll [Microsoft Corporation, 8.00.50727.42, C:2005-09-22 23:48 M:2005-09-22 23:48] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\MSVCP80.dll [Microsoft Corporation, 8.00.50727.42, C:2005-09-22 23:48 M:2005-09-22 23:48] ======================================== File Link ======================================== Autorun ======================================== Winsock Providers ======================================== HOSTS 127.0.0.1 localhost [/CODE]