瑞星卡卡安全论坛

机器是XP Professional sp1 系统 ie 6.0版本。
近来发现 进程中出现非正常的 2个IEXPLORE.EXE 全是大写 用户名为SYSTEM 占用内存在 11424K和11420K。
这2个和平时IE 打开时一个窗口多一个进程是不一样的，正常的用户名字应该是本机的用户名。
刚开机 没有这个2个进程，而是一会后才出现，目前并无发现其他异常状态，只是占用内存。
在安全模式文件全显示下 用瑞星最新的杀毒软件和卡卡扫描以及瑞星的灰鸽子专杀也正常。
查看系统自动启动项目 3个微软的输入法(IMJPMIG TINISETP TINTSETP)
2个瑞星的(RavTask rfwmain) 一个NVIDIA显示卡的 (nvcpl.dll)

在卡卡的进程管理中发现 这个2个非正常 IEXPLORE.EXE进程情况如下：
[IEXPLORE.EXE]
PID = 0xf0
CommandLine = "C:\Program Files\Internet Explorer\iexplore.exe" http://www.djdj123.com/10/pname.asp?d=2&pn=WSB-OOO

[IEXPLORE.EXE]
PID = 0xe0
CommandLine = "C:\Program Files\Internet Explorer\iexplore.exe" http://www.djdj123.com/10/pname.asp?pn=WSB-OOO

请问该如何解决？同时问下 我应该再告之些什么详细的资料 有助于你们判断并解决这个问题？望告之 先谢谢了

卡卡诊断日志

Logfile of Kaka v2. 0. 2. 1 Scan Module v1. 0. 0. 41
Scan saved at 20:43:38, on 2006-11-30
Platform: Microsoft Windows XP Professional Service Pack 1 (Build 2600)
MSIE: Internet Explorer v6.00 SP1;Q823353;Q867801;Q824145;Q832894; (6.00.2800.1106 (xpsp1.020828-1920))


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINDOWS\System32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page=%SystemRoot%\system32\blank.htm
O1 - Hosts: 127.0.0.1 localhost
O3 - Toolbar: (file missing)
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\System32\KakaTool.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PowerStrip] d:\powerstrip\pstrip.exe
O4 - HKLM\..\Run: [RavTask] "d:\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [RfwMain] "d:\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - Startup: desktop.ini =
O4 - Global Startup: desktop.ini =
O9 - Extra Button: @shdoclc.dll,-866 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: @shdoclc.dll,-864 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra Button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Tencent\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Tencent\QQ\QQ.EXE
O14 - IERESET.INF: START_PAGE_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
O15 - Trusted Zone: mybank.icbc.com.cn
O15 - Trusted Zone: http://www.icbc.com.cn
O16 - DPF: DirectAnimation Java Classes - file://C:\WINDOWS\Java\classes\dajava.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1164540094734
O17 - HKLM\System\CCS\Services\Tcpip\..\{6BF81887-2149-4852-8EB9-256F572EFCE2}: NameServer = 61.153.177.197 61.153.177.201
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\System32\msvidctl.dll
O18 - Protocol: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ipp - (no CLSID) - (no file)
O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\System32\inetcomm.dll
O18 - Protocol: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll
O18 - Protocol: msdaipp - (no CLSID) - (no file)
O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\System32\msvidctl.dll
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\System32\msdxm.ocx
O18 - Protocol: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\System32\wiascr.dll
O23 - Service: Human Interface Device Access (HidServ) - - C:\WINDOWS\System32\svchost.exe -k netsvcs
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Rising Proxy Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - d:\rising\rfw\rfwproxy.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - d:\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - "d:\Rising\Rav\CCenter.exe"
O23 - Service: Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - "d:\Rising\Rav\Ravmond.exe"
O23 - Service: User Privilege Service (usprserv) - Microsoft Corporation - C:\WINDOWS\System32\svchost.exe -k netsvcs

其中可疑的 进程1：

[IEXPLORE.EXE]
PID = 0x5e0
CommandLine = "C:\Program Files\Internet Explorer\iexplore.exe" http://www.djdj123.com/10/pname.asp?d=2&pn=WSB-OOO
iexplore.exe
0x400000
C:\Program Files\Internet Explorer\IEXPLORE.EXE
6.00.2800.1106 (xpsp1.020828-1920)
Microsoft Corporation
Internet Explorer
2002-10-07 20:00:00

ntdll.dll
0x77f50000
C:\WINDOWS\system32\ntdll.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
NT Layer DLL
2002-10-07 20:00:00

kernel32.dll
0x77e40000
C:\WINDOWS\system32\kernel32.dll
5.1.2600.1560 (xpsp2_gdr.040517-1325)
Microsoft Corporation
Windows NT BASE API Client DLL
2004-06-18 02:31:29

msvcrt.dll
0x77be0000
C:\WINDOWS\system32\msvcrt.dll
7.0.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows NT CRT DLL
2002-10-07 20:00:00

USER32.dll
0x77d10000
C:\WINDOWS\system32\user32.dll
5.1.2600.1634 (xpsp2.050301-1526)
Microsoft Corporation
Windows XP USER API Client DLL
2005-03-03 02:21:29

GDI32.dll
0x7f000000
C:\WINDOWS\system32\gdi32.dll
5.1.2600.1789 (xpsp2.051228-1438)
Microsoft Corporation
GDI Client DLL
2006-01-03 06:38:17

ADVAPI32.dll
0x77da0000
C:\WINDOWS\system32\advapi32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Advanced Windows 32 Base API
2002-10-07 20:00:00

RPCRT4.dll
0x78000000
C:\WINDOWS\system32\rpcrt4.dll
5.1.2600.1361 (xpsp2.040109-1800)
Microsoft Corporation
Remote Procedure Call Runtime
2004-03-06 10:17:32

SHLWAPI.dll
0x772a0000
C:\WINDOWS\system32\SHLWAPI.DLL
6.00.2800.1740 (xpsp2.050831-1533)
Microsoft Corporation
Shell Light-weight Utility Library
2005-08-31 18:51:50

SHDOCVW.dll
0x71700000
C:\WINDOWS\system32\SHDOCVW.DLL
6.00.2800.1692 (xpsp2.050617-2102)
Microsoft Corporation
Shell Doc Object and Control Library
2005-06-18 00:24:56

IMM32.DLL
0x76300000
C:\WINDOWS\system32\imm32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows XP IMM32 API Client DLL
2002-10-07 20:00:00

LPK.DLL
0x62c20000
C:\WINDOWS\system32\lpk.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Language Pack
2002-10-07 20:00:00

USP10.dll
0x72f10000
C:\WINDOWS\system32\usp10.dll
1.0409.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Uniscribe Unicode script processor
2002-10-07 20:00:00

comctl32.dll
0x78090000
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1816_x-ww_7d33ba0e\comctl32.dll
6.0 (xpsp2.060316-1527)
Microsoft Corporation
User Experience Controls Library
2006-03-16 22:04:46

SHELL32.dll
0x773a0000
C:\WINDOWS\system32\shell32.dll
6.00.2800.1816 (xpsp2.060316-1527)
Microsoft Corporation
Windows Shell Common Dll
2006-03-17 13:04:50

comctl32.dll
0x77310000
C:\WINDOWS\system32\comctl32.dll
5.82 (xpsp1.020828-1920)
Microsoft Corporation
Common Controls Library
2002-10-07 20:00:00

ole32.dll
0x4fec0000
C:\WINDOWS\system32\ole32.dll
5.1.2600.1720 (xpsp2.050722-1526)
Microsoft Corporation
Microsoft OLE for Windows
2005-07-26 12:38:28

uxtheme.dll
0x5adc0000
C:\WINDOWS\system32\uxtheme.dll
6.00.2800.1106 (xpsp1.020828-1920)
Microsoft Corporation
Microsoft UxTheme Library
2002-10-07 20:00:00

BROWSEUI.dll
0x71500000
C:\WINDOWS\system32\BROWSEUI.DLL
6.00.2800.1692 (xpsp2.050617-2102)
Microsoft Corporation
Shell Browser UI Library
2005-06-18 00:24:56

browselc.dll
0x723c0000
C:\WINDOWS\system32\browselc.dll
6.00.2800.1106 (xpsp1.020828-1920)
Microsoft Corporation
Shell Browser UI Library
2002-10-07 20:00:00

appHelp.dll
0x75eb0000
C:\WINDOWS\system32\apphelp.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Application Compatibility Client Library
2002-10-07 20:00:00

CLBCATQ.DLL
0x7a170000
C:\WINDOWS\system32\clbcatq.dll
2001.12.4414.62
Microsoft Corporation

2005-07-26 12:38:19

OLEAUT32.dll
0x770f0000
C:\WINDOWS\system32\oleaut32.dll
3.50.5016.0
Microsoft Corporation
Microsoft OLE 3.50 for Windows NT(TM) and Windows 95(TM) Operating Systems
2002-10-07 20:00:00

COMRes.dll
0x77020000
C:\WINDOWS\system32\comres.dll
2001.12.4414.42
Microsoft Corporation

2002-10-07 20:00:00

VERSION.dll
0x77bd0000
C:\WINDOWS\system32\version.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Version Checking and File Installation Libraries
2002-10-07 20:00:00

msctfime.ime
0x980000
C:\WINDOWS\system32\MSCTFIME.IME
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Microsoft Text Frame Work Service IME
2002-10-07 20:00:00

WININET.dll
0x63000000
C:\WINDOWS\system32\WININET.DLL
6.00.2800.1511
Microsoft Corporation
Internet Extensions for Win32
2005-06-18 00:24:58

CRYPT32.dll
0x76230000
C:\WINDOWS\system32\crypt32.dll
5.131.2600.1123 (xpsp2.020921-0842)
Microsoft Corporation
Crypto API32
2002-09-23 15:10:56

MSASN1.dll
0x76210000
C:\WINDOWS\system32\msasn1.dll
5.1.2600.1362 (xpsp2.040109-1800)
Microsoft Corporation
ASN.1 Runtime APIs
2004-03-30 09:50:00

Secur32.dll
0x76f60000
C:\WINDOWS\system32\secur32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Security Support Provider Interface
2002-10-07 20:00:00

cscui.dll
0x76590000
C:\WINDOWS\system32\cscui.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Client Side Caching UI
2002-10-07 20:00:00

CSCDLL.dll
0x76570000
C:\WINDOWS\system32\cscdll.dll
5.1.2600.1599 (xpsp2.040919-1003)
Microsoft Corporation
Offline Network Agent
2004-10-28 09:30:36

SETUPAPI.dll
0x765e0000
C:\WINDOWS\system32\setupapi.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows Setup API
2002-10-07 20:00:00

urlmon.dll
0x1a400000
C:\WINDOWS\system32\URLMON.DLL
6.00.2800.1519
Microsoft Corporation
OLE32 Extensions for Win32
2005-09-02 17:30:54

shdoclc.dll
0x760e0000
C:\WINDOWS\system32\shdoclc.dll
6.00.2600.0000 (xpclient.010817-1148)
Microsoft Corporation
Shell Doc Object and Control Library
2002-10-07 20:00:00

mlang.dll
0x746d0000
C:\WINDOWS\system32\mlang.dll
6.00.2600.0000 (xpclient.010817-1148)
Microsoft Corporation
Multi Language Support DLL
2002-10-07 20:00:00

wsock32.dll
0x71a40000
C:\WINDOWS\system32\wsock32.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Windows Socket 32-Bit DLL
2002-10-07 20:00:00

WS2_32.dll
0x71a20000
C:\WINDOWS\system32\ws2_32.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Windows Socket 2.0 32-Bit DLL
2002-10-07 20:00:00

WS2HELP.dll
0x71a10000
C:\WINDOWS\system32\ws2help.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Windows Socket 2.0 Helper for Windows NT
2002-10-07 20:00:00

mswsock.dll
0x719c0000
C:\WINDOWS\system32\mswsock.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Microsoft Windows Sockets 2.0 Service Provider
2002-10-07 20:00:00

wshtcpip.dll
0x71a00000
C:\WINDOWS\system32\wshtcpip.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Windows Sockets Helper DLL
2002-10-07 20:00:00

RASAPI32.DLL
0x76eb0000
C:\WINDOWS\system32\rasapi32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Remote Access API
2002-10-07 20:00:00

rasman.dll
0x76e60000
C:\WINDOWS\system32\rasman.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Remote Access Connection Manager
2002-10-07 20:00:00

NETAPI32.dll
0x71ba0000
C:\WINDOWS\system32\netapi32.dll
5.1.2600.1562 (xpsp2_gdr.040517-1325)
Microsoft Corporation
Net Win32 API DLL
2004-06-09 06:01:17

TAPI32.dll
0x76e80000
C:\WINDOWS\system32\tapi32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Microsoft(R) Windows(TM) Telephony API Client DLL
2002-10-07 20:00:00

rtutils.dll
0x76e50000
C:\WINDOWS\system32\rtutils.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Routing Utilities
2002-10-07 20:00:00

WINMM.dll
0x76b10000
C:\WINDOWS\system32\winmm.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
MCI API DLL
2002-10-07 20:00:00

DNSAPI.dll
0x76ef0000
C:\WINDOWS\system32\dnsapi.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
DNS Client API DLL
2002-10-07 20:00:00

winrnr.dll
0x76f80000
C:\WINDOWS\system32\winrnr.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
LDAP RnR Provider DLL
2002-10-07 20:00:00

WLDAP32.dll
0x76f30000
C:\WINDOWS\system32\wldap32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Win32 LDAP API DLL
2002-10-07 20:00:00

rasadhlp.dll
0x76f90000
C:\WINDOWS\system32\rasadhlp.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Remote Access AutoDial Helper
2002-10-07 20:00:00

mshtml.dll
0x63580000
C:\WINDOWS\system32\MSHTML.DLL
6.00.2800.1522
Microsoft Corporation
Microsoft (R) HTML Viewer
2005-10-04 12:33:16

Msimtf.dll
0x74650000
C:\WINDOWS\system32\MSIMTF.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Active IMM Server DLL
2002-10-07 20:00:00

MSCTF.dll
0x74680000
C:\WINDOWS\system32\MSCTF.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
MSCTF Server DLL
2002-10-07 20:00:00

MSLS31.DLL
0x74620000
C:\WINDOWS\system32\msls31.dll
3.10.349.0
Microsoft Corporation
Microsoft Line Services library file
2002-10-07 20:00:00

可疑 进程2

[IEXPLORE.EXE]
PID = 0x580
CommandLine = "C:\Program Files\Internet Explorer\iexplore.exe" http://www.djdj123.com/10/pname.asp?pn=WSB-OOO
iexplore.exe
0x400000
C:\Program Files\Internet Explorer\IEXPLORE.EXE
6.00.2800.1106 (xpsp1.020828-1920)
Microsoft Corporation
Internet Explorer
2002-10-07 20:00:00

ntdll.dll
0x77f50000
C:\WINDOWS\system32\ntdll.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
NT Layer DLL
2002-10-07 20:00:00

kernel32.dll
0x77e40000
C:\WINDOWS\system32\kernel32.dll
5.1.2600.1560 (xpsp2_gdr.040517-1325)
Microsoft Corporation
Windows NT BASE API Client DLL
2004-06-18 02:31:29

msvcrt.dll
0x77be0000
C:\WINDOWS\system32\msvcrt.dll
7.0.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows NT CRT DLL
2002-10-07 20:00:00

USER32.dll
0x77d10000
C:\WINDOWS\system32\user32.dll
5.1.2600.1634 (xpsp2.050301-1526)
Microsoft Corporation
Windows XP USER API Client DLL
2005-03-03 02:21:29

GDI32.dll
0x7f000000
C:\WINDOWS\system32\gdi32.dll
5.1.2600.1789 (xpsp2.051228-1438)
Microsoft Corporation
GDI Client DLL
2006-01-03 06:38:17

ADVAPI32.dll
0x77da0000
C:\WINDOWS\system32\advapi32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Advanced Windows 32 Base API
2002-10-07 20:00:00

RPCRT4.dll
0x78000000
C:\WINDOWS\system32\rpcrt4.dll
5.1.2600.1361 (xpsp2.040109-1800)
Microsoft Corporation
Remote Procedure Call Runtime
2004-03-06 10:17:32

SHLWAPI.dll
0x772a0000
C:\WINDOWS\system32\SHLWAPI.DLL
6.00.2800.1740 (xpsp2.050831-1533)
Microsoft Corporation
Shell Light-weight Utility Library
2005-08-31 18:51:50

SHDOCVW.dll
0x71700000
C:\WINDOWS\system32\SHDOCVW.DLL
6.00.2800.1692 (xpsp2.050617-2102)
Microsoft Corporation
Shell Doc Object and Control Library
2005-06-18 00:24:56

IMM32.DLL
0x76300000
C:\WINDOWS\system32\imm32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows XP IMM32 API Client DLL
2002-10-07 20:00:00

LPK.DLL
0x62c20000
C:\WINDOWS\system32\lpk.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Language Pack
2002-10-07 20:00:00

USP10.dll
0x72f10000
C:\WINDOWS\system32\usp10.dll
1.0409.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Uniscribe Unicode script processor
2002-10-07 20:00:00

comctl32.dll
0x78090000
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1816_x-ww_7d33ba0e\comctl32.dll
6.0 (xpsp2.060316-1527)
Microsoft Corporation
User Experience Controls Library
2006-03-16 22:04:46

SHELL32.dll
0x773a0000
C:\WINDOWS\system32\shell32.dll
6.00.2800.1816 (xpsp2.060316-1527)
Microsoft Corporation
Windows Shell Common Dll
2006-03-17 13:04:50

comctl32.dll
0x77310000
C:\WINDOWS\system32\comctl32.dll
5.82 (xpsp1.020828-1920)
Microsoft Corporation
Common Controls Library
2002-10-07 20:00:00

ole32.dll
0x4fec0000
C:\WINDOWS\system32\ole32.dll
5.1.2600.1720 (xpsp2.050722-1526)
Microsoft Corporation
Microsoft OLE for Windows
2005-07-26 12:38:28

uxtheme.dll
0x5adc0000
C:\WINDOWS\system32\uxtheme.dll
6.00.2800.1106 (xpsp1.020828-1920)
Microsoft Corporation
Microsoft UxTheme Library
2002-10-07 20:00:00

BROWSEUI.dll
0x71500000
C:\WINDOWS\system32\BROWSEUI.DLL
6.00.2800.1692 (xpsp2.050617-2102)
Microsoft Corporation
Shell Browser UI Library
2005-06-18 00:24:56

browselc.dll
0x723c0000
C:\WINDOWS\system32\browselc.dll
6.00.2800.1106 (xpsp1.020828-1920)
Microsoft Corporation
Shell Browser UI Library
2002-10-07 20:00:00

appHelp.dll
0x75eb0000
C:\WINDOWS\system32\apphelp.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Application Compatibility Client Library
2002-10-07 20:00:00

CLBCATQ.DLL
0x7a170000
C:\WINDOWS\system32\clbcatq.dll
2001.12.4414.62
Microsoft Corporation

2005-07-26 12:38:19

OLEAUT32.dll
0x770f0000
C:\WINDOWS\system32\oleaut32.dll
3.50.5016.0
Microsoft Corporation
Microsoft OLE 3.50 for Windows NT(TM) and Windows 95(TM) Operating Systems
2002-10-07 20:00:00

COMRes.dll
0x77020000
C:\WINDOWS\system32\comres.dll
2001.12.4414.42
Microsoft Corporation

2002-10-07 20:00:00

VERSION.dll
0x77bd0000
C:\WINDOWS\system32\version.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Version Checking and File Installation Libraries
2002-10-07 20:00:00

msctfime.ime
0x980000
C:\WINDOWS\system32\MSCTFIME.IME
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Microsoft Text Frame Work Service IME
2002-10-07 20:00:00

WININET.dll
0x63000000
C:\WINDOWS\system32\WININET.DLL
6.00.2800.1511
Microsoft Corporation
Internet Extensions for Win32
2005-06-18 00:24:58

CRYPT32.dll
0x76230000
C:\WINDOWS\system32\crypt32.dll
5.131.2600.1123 (xpsp2.020921-0842)
Microsoft Corporation
Crypto API32
2002-09-23 15:10:56

MSASN1.dll
0x76210000
C:\WINDOWS\system32\msasn1.dll
5.1.2600.1362 (xpsp2.040109-1800)
Microsoft Corporation
ASN.1 Runtime APIs
2004-03-30 09:50:00

Secur32.dll
0x76f60000
C:\WINDOWS\system32\secur32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Security Support Provider Interface
2002-10-07 20:00:00

cscui.dll
0x76590000
C:\WINDOWS\system32\cscui.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Client Side Caching UI
2002-10-07 20:00:00

CSCDLL.dll
0x76570000
C:\WINDOWS\system32\cscdll.dll
5.1.2600.1599 (xpsp2.040919-1003)
Microsoft Corporation
Offline Network Agent
2004-10-28 09:30:36

SETUPAPI.dll
0x765e0000
C:\WINDOWS\system32\setupapi.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows Setup API
2002-10-07 20:00:00

urlmon.dll
0x1a400000
C:\WINDOWS\system32\URLMON.DLL
6.00.2800.1519
Microsoft Corporation
OLE32 Extensions for Win32
2005-09-02 17:30:54

shdoclc.dll
0x760e0000
C:\WINDOWS\system32\shdoclc.dll
6.00.2600.0000 (xpclient.010817-1148)
Microsoft Corporation
Shell Doc Object and Control Library
2002-10-07 20:00:00

mlang.dll
0x746d0000
C:\WINDOWS\system32\mlang.dll
6.00.2600.0000 (xpclient.010817-1148)
Microsoft Corporation
Multi Language Support DLL
2002-10-07 20:00:00

wsock32.dll
0x71a40000
C:\WINDOWS\system32\wsock32.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Windows Socket 32-Bit DLL
2002-10-07 20:00:00

WS2_32.dll
0x71a20000
C:\WINDOWS\system32\ws2_32.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Windows Socket 2.0 32-Bit DLL
2002-10-07 20:00:00

WS2HELP.dll
0x71a10000
C:\WINDOWS\system32\ws2help.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Windows Socket 2.0 Helper for Windows NT
2002-10-07 20:00:00

mswsock.dll
0x719c0000
C:\WINDOWS\system32\mswsock.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Microsoft Windows Sockets 2.0 Service Provider
2002-10-07 20:00:00

wshtcpip.dll
0x71a00000
C:\WINDOWS\system32\wshtcpip.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Windows Sockets Helper DLL
2002-10-07 20:00:00

RASAPI32.DLL
0x76eb0000
C:\WINDOWS\system32\rasapi32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Remote Access API
2002-10-07 20:00:00

rasman.dll
0x76e60000
C:\WINDOWS\system32\rasman.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Remote Access Connection Manager
2002-10-07 20:00:00

NETAPI32.dll
0x71ba0000
C:\WINDOWS\system32\netapi32.dll
5.1.2600.1562 (xpsp2_gdr.040517-1325)
Microsoft Corporation
Net Win32 API DLL
2004-06-09 06:01:17

TAPI32.dll
0x76e80000
C:\WINDOWS\system32\tapi32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Microsoft(R) Windows(TM) Telephony API Client DLL
2002-10-07 20:00:00

rtutils.dll
0x76e50000
C:\WINDOWS\system32\rtutils.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Routing Utilities
2002-10-07 20:00:00

WINMM.dll
0x76b10000
C:\WINDOWS\system32\winmm.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
MCI API DLL
2002-10-07 20:00:00

DNSAPI.dll
0x76ef0000
C:\WINDOWS\system32\dnsapi.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
DNS Client API DLL
2002-10-07 20:00:00

winrnr.dll
0x76f80000
C:\WINDOWS\system32\winrnr.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
LDAP RnR Provider DLL
2002-10-07 20:00:00

WLDAP32.dll
0x76f30000
C:\WINDOWS\system32\wldap32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Win32 LDAP API DLL
2002-10-07 20:00:00

rasadhlp.dll
0x76f90000
C:\WINDOWS\system32\rasadhlp.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Remote Access AutoDial Helper
2002-10-07 20:00:00

mshtml.dll
0x63580000
C:\WINDOWS\system32\MSHTML.DLL
6.00.2800.1522
Microsoft Corporation
Microsoft (R) HTML Viewer
2005-10-04 12:33:16

Msimtf.dll
0x74650000
C:\WINDOWS\system32\MSIMTF.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Active IMM Server DLL
2002-10-07 20:00:00

MSCTF.dll
0x74680000
C:\WINDOWS\system32\MSCTF.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
MSCTF Server DLL
2002-10-07 20:00:00

MSLS31.DLL
0x74620000
C:\WINDOWS\system32\msls31.dll
3.10.349.0
Microsoft Corporation
Microsoft Line Services library file
2002-10-07 20:00:00

以上2个可疑进程 是在卡卡 进程管理中 导出的

请帮忙看看 谢谢