【求助】请帮忙看下日志，开机速度巨慢，每次上网前要搞大扫除 bbs.ikaka.com

idmod - 2006-12-21 21:42:00

就是要用优化大师清理一下才行。
HijackThis_zww汉化版扫描日志 V1.99.1
保存于 21:27:30, 日期 2006-12-21
操作系统： Windows XP SP1 (WinNT 5.01.2600)
浏览器： Internet Explorer v6.00 SP1 (6.00.2800.1106)

当前运行的进程：
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
D:\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
D:\Rising\Rav\Ravmond.exe
D:\Rising\Rav\RavStub.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
D:\Rising\Rav\RavTask.exe
D:\Rising\Rav\Ravmon.exe
D:\Rising\kaka\runiep.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\RUNDLL32.EXE
E:\Hi\HijackThis1[1].99.1\HijackThis1991zww.exe

F2 - REG:system.ini: UserInit=userinit.exe,
O3 - IE工具栏增项: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - 启动项HKLM\\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - 启动项HKLM\\Run: [nwiz] nwiz.exe /install
O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [RavTask] "D:\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [RfwMain] "D:\Rising\Rfw\rfwmain.exe" -Startup
O4 - 启动项HKLM\\Run: [runeip] D:\Rising\kaka\runiep.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe

idmod - 2006-12-21 21:43:00

O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O9 - 浏览器额外的按钮: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - 浏览器额外的“工具”菜单项: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O14 - IERESET.INF: START_PAGE_URL=about:blank
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1164943814578
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1164813628515
O23 - NT 服务: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - D:\Rising\Rfw\rfwsrv.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - D:\Rising\Rav\CCenter.exe
O23 - NT 服务: Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\Rising\Rav\Ravmond.exe

idmod - 2006-12-21 21:47:00

卡卡的：
[smss.exe]
PID = 0x1c0
CommandLine =
smss.exe
0x48580000
C:\WINDOWS\system32\smss.exe
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows NT Session Manager
2002-10-07 12:00:00

ntdll.dll
0x77f50000
C:\WINDOWS\system32\ntdll.dll
5.1.2600.1217 (xpsp2.030429-2131)
Microsoft Corporation
NT Layer DLL
2003-05-01 16:57:50

[csrss.exe]
PID = 0x200
CommandLine = C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
csrss.exe
0x4a680000
c:\windows\system32\csrss.exe
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Client Server Runtime Process
2002-10-07 12:00:00

ntdll.dll
0x77f50000
C:\WINDOWS\system32\ntdll.dll
5.1.2600.1217 (xpsp2.030429-2131)
Microsoft Corporation
NT Layer DLL
2003-05-01 16:57:50

idmod - 2006-12-21 21:48:00

CSRSRV.dll
0x75aa0000
C:\WINDOWS\system32\csrsrv.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Client Server Runtime Process
2002-10-07 12:00:00

basesrv.dll
0x75ab0000
C:\WINDOWS\system32\basesrv.dll
5.1.2600.1566 (xpsp2_gdr.040517-1325)
Microsoft Corporation
Windows NT BASE API Server DLL
2004-06-18 02:31:30

winsrv.dll
0x4fa70000
C:\WINDOWS\system32\winsrv.dll
5.1.2600.1740 (xpsp2.050831-1533)
Microsoft Corporation
Windows Server DLL
2005-09-01 09:51:50

GDI32.dll
0x7f000000
C:\WINDOWS\system32\gdi32.dll
5.1.2600.1789 (xpsp2.051228-1438)
Microsoft Corporation
GDI Client DLL
2006-01-03 06:38:18

ADVAPI32.dll
0x77da0000
C:\WINDOWS\system32\advapi32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Advanced Windows 32 Base API
2002-10-07 12:00:00

KERNEL32.dll
0x77e40000
C:\WINDOWS\system32\kernel32.dll
5.1.2600.1560 (xpsp2_gdr.040517-1325)
Microsoft Corporation
Windows NT BASE API Client DLL
2004-06-18 02:31:30

RPCRT4.dll
0x78000000
C:\WINDOWS\system32\rpcrt4.dll
5.1.2600.1361 (xpsp2.040109-1800)
Microsoft Corporation
Remote Procedure Call Runtime
2004-03-06 10:17:32

idmod - 2006-12-21 21:49:00

USER32.dll
0x77d10000
C:\WINDOWS\system32\user32.dll
5.1.2600.1634 (xpsp2.050301-1526)
Microsoft Corporation
Windows XP USER API Client DLL
2005-03-03 02:21:30

LPK.DLL
0x62c20000
C:\WINDOWS\system32\lpk.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Language Pack
2002-10-07 12:00:00

USP10.dll
0x72f10000
C:\WINDOWS\system32\usp10.dll
1.0409.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Uniscribe Unicode script processor
2002-10-07 12:00:00

sxs.dll
0x75e00000
C:\WINDOWS\system32\sxs.dll
5.1.2600.1579 (xpsp2.040720-1705)
Microsoft Corporation
Fusion 2.5
2004-08-21 05:53:24

[winlogon.exe]
PID = 0x218
CommandLine = winlogon.exe
winlogon.exe
0x1000000
c:\windows\system32\winlogon.exe
5.1.2600.1557 (xpsp2_gdr.040517-1325)
Microsoft Corporation
Windows NT Logon Application
2004-06-18 02:27:30

ntdll.dll
0x77f50000
C:\WINDOWS\system32\ntdll.dll
5.1.2600.1217 (xpsp2.030429-2131)
Microsoft Corporation
NT Layer DLL
2003-05-01 16:57:50

kernel32.dll
0x77e40000
C:\WINDOWS\system32\kernel32.dll
5.1.2600.1560 (xpsp2_gdr.040517-1325)
Microsoft Corporation
Windows NT BASE API Client DLL
2004-06-18 02:31:30

ADVAPI32.dll
0x77da0000
C:\WINDOWS\system32\advapi32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Advanced Windows 32 Base API
2002-10-07 12:00:00

RPCRT4.dll
0x78000000
C:\WINDOWS\system32\rpcrt4.dll
5.1.2600.1361 (xpsp2.040109-1800)
Microsoft Corporation
Remote Procedure Call Runtime
2004-03-06 10:17:32

idmod - 2006-12-21 21:50:00

USER32.dll
0x77d10000
C:\WINDOWS\system32\user32.dll
5.1.2600.1634 (xpsp2.050301-1526)
Microsoft Corporation
Windows XP USER API Client DLL
2005-03-03 02:21:30

LPK.DLL
0x62c20000
C:\WINDOWS\system32\lpk.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Language Pack
2002-10-07 12:00:00

USP10.dll
0x72f10000
C:\WINDOWS\system32\usp10.dll
1.0409.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Uniscribe Unicode script processor
2002-10-07 12:00:00

sxs.dll
0x75e00000
C:\WINDOWS\system32\sxs.dll
5.1.2600.1579 (xpsp2.040720-1705)
Microsoft Corporation
Fusion 2.5
2004-08-21 05:53:24

[winlogon.exe]
PID = 0x218
CommandLine = winlogon.exe
winlogon.exe
0x1000000
c:\windows\system32\winlogon.exe
5.1.2600.1557 (xpsp2_gdr.040517-1325)
Microsoft Corporation
Windows NT Logon Application
2004-06-18 02:27:30

ntdll.dll
0x77f50000
C:\WINDOWS\system32\ntdll.dll
5.1.2600.1217 (xpsp2.030429-2131)
Microsoft Corporation
NT Layer DLL
2003-05-01 16:57:50

kernel32.dll
0x77e40000
C:\WINDOWS\system32\kernel32.dll
5.1.2600.1560 (xpsp2_gdr.040517-1325)
Microsoft Corporation
Windows NT BASE API Client DLL
2004-06-18 02:31:30

ADVAPI32.dll
0x77da0000
C:\WINDOWS\system32\advapi32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Advanced Windows 32 Base API
2002-10-07 12:00:00

RPCRT4.dll
0x78000000
C:\WINDOWS\system32\rpcrt4.dll
5.1.2600.1361 (xpsp2.040109-1800)
Microsoft Corporation
Remote Procedure Call Runtime
2004-03-06 10:17:32

idmod - 2006-12-21 21:51:00

AUTHZ.dll
0x76c90000
C:\WINDOWS\system32\authz.dll
5.1.2600.1634 (xpsp2.050301-1526)
Microsoft Corporation
Authorization Framework
2005-03-03 02:21:30

msvcrt.dll
0x77be0000
C:\WINDOWS\system32\msvcrt.dll
7.0.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows NT CRT DLL
2002-10-07 12:00:00

CRYPT32.dll
0x76230000
C:\WINDOWS\system32\crypt32.dll
5.131.2600.1123 (xpsp2.020921-0842)
Microsoft Corporation
Crypto API32
2002-09-23 15:10:56

USER32.dll
0x77d10000
C:\WINDOWS\system32\user32.dll
5.1.2600.1634 (xpsp2.050301-1526)
Microsoft Corporation
Windows XP USER API Client DLL
2005-03-03 02:21:30

GDI32.dll
0x7f000000
C:\WINDOWS\system32\gdi32.dll
5.1.2600.1789 (xpsp2.051228-1438)
Microsoft Corporation
GDI Client DLL
2006-01-03 06:38:18

MSASN1.dll
0x76210000
C:\WINDOWS\system32\msasn1.dll
5.1.2600.1362 (xpsp2.040109-1800)
Microsoft Corporation
ASN.1 Runtime APIs
2004-03-30 09:50:00

NDdeApi.dll
0x758a0000
C:\WINDOWS\system32\nddeapi.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Network DDE Share Management APIs

idmod - 2006-12-21 21:51:00

2002-10-07 12:00:00

PROFMAP.dll
0x75890000
C:\WINDOWS\system32\profmap.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Userenv
2002-10-07 12:00:00

NETAPI32.dll
0x71ba0000
C:\WINDOWS\system32\netapi32.dll
5.1.2600.1562 (xpsp2_gdr.040517-1325)
Microsoft Corporation
Net Win32 API DLL
2004-06-09 06:01:18

USERENV.dll
0x759d0000
C:\WINDOWS\system32\userenv.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Userenv
2002-10-07 12:00:00

PSAPI.DLL
0x76bc0000
C:\WINDOWS\system32\psapi.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Process Status Helper
2002-10-07 12:00:00

REGAPI.dll
0x76b90000
C:\WINDOWS\system32\regapi.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Registry Configuration APIs
2002-10-07 12:00:00

Secur32.dll
0x76f60000
C:\WINDOWS\system32\secur32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Security Support Provider Interface
2002-10-07 12:00:00

SETUPAPI.dll
0x765e0000
C:\WINDOWS\system32\setupapi.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows Setup API
2002-10-07 12:00:00

VERSION.dll
0x77bd0000
C:\WINDOWS\system32\version.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Version Checking and File Installation Libraries
2002-10-07 12:00:00

WINSTA.dll
0x762d0000
C:\WINDOWS\system32\winsta.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Winstation Library
2002-10-07 12:00:00

WS2_32.dll
0x71a20000
C:\WINDOWS\system32\ws2_32.dll
5.1.2600.1240 (xpsp2.030618-0119)
Microsoft Corporation
Windows Socket 2.0 32-Bit DLL
2003-07-10 12:22:40

WS2HELP.dll
0x71a10000
C:\WINDOWS\system32\ws2help.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Windows Socket 2.0 Helper for Windows NT
2002-10-07 12:00:00

IMM32.DLL
0x76300000
C:\WINDOWS\system32\imm32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows XP IMM32 API Client DLL
2002-10-07 12:00:00

LPK.DLL
0x62c20000
C:\WINDOWS\system32\lpk.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Language Pack
2002-10-07 12:00:00

USP10.dll
0x72f10000
C:\WINDOWS\system32\usp10.dll
1.0409.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Uniscribe Unicode script processor
2002-10-07 12:00:00

MSGINA.dll
0x758d0000
C:\WINDOWS\system32\msgina.dll
5.1.2600.1343 (xpsp2.040109-1800)
Microsoft Corporation
Windows NT Logon GINA DLL
2004-03-30 09:50:00

idmod - 2006-12-21 21:52:00

SHELL32.dll
0x773a0000
C:\WINDOWS\system32\shell32.dll
6.00.2800.1816 (xpsp2.060316-1527)
Microsoft Corporation
Windows Shell Common Dll
2006-03-17 13:04:50

SHLWAPI.dll
0x772a0000
C:\WINDOWS\system32\SHLWAPI.DLL
6.00.2800.1740 (xpsp2.050831-1533)
Microsoft Corporation
Shell Light-weight Utility Library
2005-08-31 17:51:50

COMCTL32.dll
0x77310000
C:\WINDOWS\system32\comctl32.dll
5.82 (xpsp1.020828-1920)
Microsoft Corporation
Common Controls Library
2002-10-07 12:00:00

ODBC32.dll
0x900000
C:\WINDOWS\system32\ODBC32.dll
3.520.9041.40
Microsoft Corporation
Microsoft Data Access - ODBC Driver Manager
2003-07-22 11:22:38

comdlg32.dll
0x76320000
C:\WINDOWS\system32\comdlg32.dll
6.00.2800.1106 (xpsp1.020828-1920)
Microsoft Corporation
Common Dialogs DLL
2002-10-07 12:00:00

comctl32.dll
0x78090000
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1816_x-ww_7d33ba0e\comctl32.dll
6.0 (xpsp2.060316-1527)
Microsoft Corporation
User Experience Controls Library
2006-03-16 22:04:46

odbcint.dll
0x1f850000
C:\WINDOWS\system32\odbcint.dll
3.520.7713.0
Microsoft Corporation
Microsoft Data Access - ODBC Resources
2002-10-07 12:00:00

SHSVCS.dll
0x76ba0000
C:\WINDOWS\system32\shsvcs.dll
6.00.2800.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows Shell Services Dll
2002-10-07 12:00:00

sfc.dll
0x76b80000
C:\WINDOWS\system32\sfc.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Windows File Protection
2002-10-07 12:00:00

sfc_os.dll
0x76c30000
C:\WINDOWS\system32\sfc_os.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows 文件保护
2002-10-07 12:00:00

WINTRUST.dll
0x76c00000
C:\WINDOWS\system32\wintrust.dll
5.131.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Microsoft Trust Verification APIs
2002-10-07 12:00:00

ole32.dll
0x4fec0000
C:\WINDOWS\system32\ole32.dll
5.1.2600.1720 (xpsp2.050722-1526)
Microsoft Corporation
Microsoft OLE for Windows
2005-07-26 12:38:28

IMAGEHLP.dll
0x76c60000
C:\WINDOWS\system32\imagehlp.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows NT Image Helper
2002-10-07 12:00:00

msctfime.ime
0xd80000
C:\WINDOWS\system32\MSCTFIME.IME
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Microsoft Text Frame Work Service IME
2002-10-07 12:00:00

WINSCARD.DLL
0x72360000
C:\WINDOWS\system32\winscard.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Microsoft Smart Card API
2002-10-07 12:00:00

WTSAPI32.dll
0x76f20000
C:\WINDOWS\system32\wtsapi32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows Terminal Server SDK APIs
2002-10-07 12:00:00

sxs.dll
0x75e00000
C:\WINDOWS\system32\sxs.dll
5.1.2600.1579 (xpsp2.040720-1705)
Microsoft Corporation
Fusion 2.5
2004-08-21 05:53:24

uxtheme.dll
0x5adc0000
C:\WINDOWS\system32\UXTHEME.DLL
6.00.2800.1106 (xpsp1.020828-1920)
Microsoft Corporation
Microsoft UxTheme Library
2002-10-07 20:00:00

WINMM.dll
0x76b10000
C:\WINDOWS\system32\winmm.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
MCI API DLL
2002-10-07 12:00:00

cscdll.dll
0x76570000
C:\WINDOWS\system32\cscdll.dll
5.1.2600.1599 (xpsp2.040919-1003)
Microsoft Corporation
Offline Network Agent
2004-10-28 09:30:36

WlNotify.dll
0x758b0000
C:\WINDOWS\system32\wlnotify.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Common DLL to receive Winlogon notifications
2002-10-07 12:00:00

WINSPOOL.DRV
0x72f70000
C:\WINDOWS\system32\winspool.drv
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows Spooler Driver
2002-10-07 12:00:00

MPR.dll
0x71a90000
C:\WINDOWS\system32\mpr.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Multiple Provider Router DLL
2002-10-07 12:00:00

rsaenh.dll
0xffd0000
C:\WINDOWS\system32\rsaenh.dll
5.1.2600.1029 (xpsp1.020426-1800)
Microsoft Corporation
Microsoft Base Cryptographic Provider
2002-10-07 12:00:00

msv1_0.dll
0x76ce0000
C:\WINDOWS\system32\msv1_0.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Microsoft Authentication Package v1.0
2002-10-07 12:00:00

wldap32.dll
0x76f30000
C:\WINDOWS\system32\wldap32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Win32 LDAP API DLL
2002-10-07 12:00:00

SAMLIB.dll
0x71b70000
C:\WINDOWS\system32\samlib.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
SAM Library DLL
2002-10-07 12:00:00

cscui.dll
0x76590000
C:\WINDOWS\system32\cscui.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Client Side Caching UI
2002-10-07 12:00:00

wdmaud.drv
0x72c90000
C:\WINDOWS\system32\wdmaud.drv
5.1.2600.0 (XPClient.010817-1148)
Microsoft Corporation
WDM Audio driver mapper
2001-08-31 16:04:38

msacm32.drv
0x72c80000
C:\WINDOWS\system32\msacm32.drv
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Microsoft Sound Mapper
2002-10-07 12:00:00

MSACM32.dll
0x77bb0000
C:\WINDOWS\system32\msacm32.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Microsoft ACM Audio Filter
2002-10-07 12:00:00

midimap.dll
0x77ba0000
C:\WINDOWS\system32\midimap.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Microsoft MIDI Mapper
2002-10-07 12:00:00

NTMARTA.DLL
0x76cb0000
C:\WINDOWS\system32\ntmarta.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows NT MARTA provider
2002-10-07 12:00:00

COMRes.dll
0x77020000
C:\WINDOWS\system32\comres.dll
2001.12.4414.42
Microsoft Corporation

2002-10-07 12:00:00

OLEAUT32.dll
0x770f0000
C:\WINDOWS\system32\oleaut32.dll
3.50.5016.0
Microsoft Corporation
Microsoft OLE 3.50 for Windows NT(TM) and Windows 95(TM) Operating Systems
2002-10-07 12:00:00

CLBCATQ.DLL
0x7a170000
C:\WINDOWS\system32\clbcatq.dll
2001.12.4414.62
Microsoft Corporation

2005-07-26 12:38:20

[services.exe]
PID = 0x244
CommandLine = C:\WINDOWS\system32\services.exe
services.exe
0x1000000
C:\WINDOWS\system32\services.exe
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Services and Controller app
2002-10-07 12:00:00

高歌猛进 - 2006-12-21 21:53:00

把HJ日志完整贴上来

idmod - 2006-12-21 21:53:00

ntdll.dll
0x77f50000
C:\WINDOWS\system32\ntdll.dll
5.1.2600.1217 (xpsp2.030429-2131)
Microsoft Corporation
NT Layer DLL
2003-05-01 16:57:50

kernel32.dll
0x77e40000
C:\WINDOWS\system32\kernel32.dll
5.1.2600.1560 (xpsp2_gdr.040517-1325)
Microsoft Corporation
Windows NT BASE API Client DLL
2004-06-18 02:31:30

msvcrt.dll
0x77be0000
C:\WINDOWS\system32\msvcrt.dll
7.0.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows NT CRT DLL
2002-10-07 12:00:00

ADVAPI32.dll
0x77da0000
C:\WINDOWS\system32\advapi32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Advanced Windows 32 Base API
2002-10-07 12:00:00

RPCRT4.dll
0x78000000
C:\WINDOWS\system32\rpcrt4.dll
5.1.2600.1361 (xpsp2.040109-1800)
Microsoft Corporation
Remote Procedure Call Runtime
2004-03-06 10:17:32

USER32.dll
0x77d10000
C:\WINDOWS\system32\user32.dll
5.1.2600.1634 (xpsp2.050301-1526)
Microsoft Corporation
Windows XP USER API Client DLL
2005-03-03 02:21:30

GDI32.dll
0x7f000000
C:\WINDOWS\system32\gdi32.dll
5.1.2600.1789 (xpsp2.051228-1438)
Microsoft Corporation
GDI Client DLL
2006-01-03 06:38:18

USERENV.dll
0x759d0000
C:\WINDOWS\system32\userenv.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Userenv
2002-10-07 12:00:00

SCESRV.dll
0x75840000
C:\WINDOWS\system32\scesrv.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows Security Configuration Editor Engine
2002-10-07 12:00:00

AUTHZ.dll
0x76c90000
C:\WINDOWS\system32\authz.dll
5.1.2600.1634 (xpsp2.050301-1526)
Microsoft Corporation
Authorization Framework
2005-03-03 02:21:30

umpnpmgr.dll
0x75820000
C:\WINDOWS\system32\umpnpmgr.dll
5.1.2600.1734 (xpsp2.050822-1657)
Microsoft Corporation
User-mode Plug-and-Play Service
2005-08-23 11:52:12

WINSTA.dll
0x762d0000
C:\WINDOWS\system32\winsta.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Winstation Library
2002-10-07 12:00:00

NCObjAPI.DLL
0x5f9a0000
C:\WINDOWS\system32\ncobjapi.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation

2002-10-07 12:00:00

IMM32.DLL
0x76300000
C:\WINDOWS\system32\imm32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows XP IMM32 API Client DLL
2002-10-07 12:00:00

LPK.DLL
0x62c20000
C:\WINDOWS\system32\lpk.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Language Pack
2002-10-07 12:00:00

USP10.dll
0x72f10000
C:\WINDOWS\system32\usp10.dll
1.0409.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Uniscribe Unicode script processor
2002-10-07 12:00:00

secur32.dll
0x76f60000
C:\WINDOWS\system32\secur32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Security Support Provider Interface
2002-10-07 12:00:00

eventlog.dll
0x75800000
C:\WINDOWS\system32\eventlog.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Event Logging Service
2002-10-07 12:00:00

WS2_32.dll
0x71a20000
C:\WINDOWS\system32\ws2_32.dll
5.1.2600.1240 (xpsp2.030618-0119)
Microsoft Corporation
Windows Socket 2.0 32-Bit DLL
2003-07-10 12:22:40

WS2HELP.dll
0x71a10000
C:\WINDOWS\system32\ws2help.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Windows Socket 2.0 Helper for Windows NT
2002-10-07 12:00:00

PSAPI.DLL
0x76bc0000
C:\WINDOWS\system32\psapi.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Process Status Helper
2002-10-07 12:00:00

wtsapi32.dll
0x76f20000
C:\WINDOWS\system32\wtsapi32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows Terminal Server SDK APIs
2002-10-07 12:00:00

netapi32.dll
0x71ba0000
C:\WINDOWS\system32\netapi32.dll
5.1.2600.1562 (xpsp2_gdr.040517-1325)
Microsoft Corporation
Net Win32 API DLL
2004-06-09 06:01:18

msv1_0.dll
0x76ce0000
C:\WINDOWS\system32\msv1_0.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Microsoft Authentication Package v1.0
2002-10-07 12:00:00

ESENT.dll
0x69a20000
C:\WINDOWS\system32\esent.dll
5.1.2468.0 (Lab03_N(jliem).010306-1456)
Microsoft Corporation
服务器数据库存储引擎
2002-10-07 12:00:00

SETUPAPI.dll
0x765e0000
C:\WINDOWS\system32\setupapi.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows Setup API
2002-10-07 12:00:00

Cabinet.dll
0x750b0000
C:\WINDOWS\system32\cabinet.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Microsoft? Cabinet File API
2002-10-07 12:00:00

ole32.dll
0x4fec0000
C:\WINDOWS\system32\ole32.dll
5.1.2600.1720 (xpsp2.050722-1526)
Microsoft Corporation
Microsoft OLE for Windows
2005-07-26 12:38:28

NTMARTA.DLL
0x76cb0000
C:\WINDOWS\system32\ntmarta.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows NT MARTA provider
2002-10-07 12:00:00

WLDAP32.dll
0x76f30000
C:\WINDOWS\system32\wldap32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Win32 LDAP API DLL
2002-10-07 12:00:00

SAMLIB.dll
0x71b70000
C:\WINDOWS\system32\samlib.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
SAM Library DLL
2002-10-07 12:00:00

[lsass.exe]
PID = 0x250
CommandLine = C:\WINDOWS\system32\lsass.exe
lsass.exe
0x1000000
C:\WINDOWS\system32\lsass.exe
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
LSA Shell (Export Version)
2002-10-07 12:00:00

ntdll.dll
0x77f50000
C:\WINDOWS\system32\ntdll.dll
5.1.2600.1217 (xpsp2.030429-2131)
Microsoft Corporation
NT Layer DLL
2003-05-01 16:57:50

idmod - 2006-12-21 21:55:00

引用:

【高歌猛进的贴子】把HJ日志完整贴上来
………………

上面两个就是全部了呀

idmod - 2006-12-21 21:57:00

[lsass.exe]
PID = 0x250
CommandLine = C:\WINDOWS\system32\lsass.exe
lsass.exe
0x1000000
C:\WINDOWS\system32\lsass.exe
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
LSA Shell (Export Version)
2002-10-07 12:00:00

ntdll.dll
0x77f50000
C:\WINDOWS\system32\ntdll.dll
5.1.2600.1217 (xpsp2.030429-2131)
Microsoft Corporation
NT Layer DLL
2003-05-01 16:57:50

kernel32.dll
0x77e40000
C:\WINDOWS\system32\kernel32.dll
5.1.2600.1560 (xpsp2_gdr.040517-1325)
Microsoft Corporation
Windows NT BASE API Client DLL
2004-06-18 02:31:30

ADVAPI32.dll
0x77da0000
C:\WINDOWS\system32\advapi32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Advanced Windows 32 Base API
2002-10-07 12:00:00

RPCRT4.dll
0x78000000
C:\WINDOWS\system32\rpcrt4.dll
5.1.2600.1361 (xpsp2.040109-1800)
Microsoft Corporation
Remote Procedure Call Runtime
2004-03-06 10:17:32

LSASRV.dll
0x74480000
C:\WINDOWS\system32\lsasrv.dll
5.1.2600.1361 (xpsp2.040109-1800)
Microsoft Corporation
LSA Server DLL
2004-03-30 09:50:00

msvcrt.dll
0x77be0000
C:\WINDOWS\system32\msvcrt.dll
7.0.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows NT CRT DLL
2002-10-07 12:00:00

Secur32.dll
0x76f60000
C:\WINDOWS\system32\secur32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Security Support Provider Interface
2002-10-07 12:00:00

USER32.dll
0x77d10000
C:\WINDOWS\system32\user32.dll
5.1.2600.1634 (xpsp2.050301-1526)
Microsoft Corporation
Windows XP USER API Client DLL
2005-03-03 02:21:30

GDI32.dll
0x7f000000
C:\WINDOWS\system32\gdi32.dll
5.1.2600.1789 (xpsp2.051228-1438)
Microsoft Corporation
GDI Client DLL
2006-01-03 06:38:18

SAMSRV.dll
0x743a0000
C:\WINDOWS\system32\samsrv.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
SAM Server DLL
2002-10-07 12:00:00

cryptdll.dll
0x76760000
C:\WINDOWS\system32\cryptdll.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Cryptography Manager
2002-10-07 12:00:00

DNSAPI.dll
0x76ef0000
C:\WINDOWS\system32\dnsapi.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
DNS Client API DLL
2002-10-07 12:00:00

WS2_32.dll
0x71a20000
C:\WINDOWS\system32\ws2_32.dll
5.1.2600.1240 (xpsp2.030618-0119)
Microsoft Corporation
Windows Socket 2.0 32-Bit DLL
2003-07-10 12:22:40

WS2HELP.dll
0x71a10000
C:\WINDOWS\system32\ws2help.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Windows Socket 2.0 Helper for Windows NT
2002-10-07 12:00:00

MSASN1.dll
0x76210000
C:\WINDOWS\system32\msasn1.dll
5.1.2600.1362 (xpsp2.040109-1800)
Microsoft Corporation
ASN.1 Runtime APIs
2004-03-30 09:50:00

NETAPI32.dll
0x71ba0000
C:\WINDOWS\system32\netapi32.dll
5.1.2600.1562 (xpsp2_gdr.040517-1325)
Microsoft Corporation
Net Win32 API DLL
2004-06-09 06:01:18

SAMLIB.dll
0x71b70000
C:\WINDOWS\system32\samlib.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
SAM Library DLL
2002-10-07 12:00:00

MPR.dll
0x71a90000
C:\WINDOWS\system32\mpr.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Multiple Provider Router DLL
2002-10-07 12:00:00

NTDSAPI.dll
0x76770000
C:\WINDOWS\system32\ntdsapi.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
NT5DS
2002-10-07 12:00:00

WLDAP32.dll
0x76f30000
C:\WINDOWS\system32\wldap32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Win32 LDAP API DLL
2002-10-07 12:00:00

IMM32.DLL
0x76300000
C:\WINDOWS\system32\imm32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows XP IMM32 API Client DLL
2002-10-07 12:00:00

LPK.DLL
0x62c20000
C:\WINDOWS\system32\lpk.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Language Pack
2002-10-07 12:00:00

USP10.dll
0x72f10000
C:\WINDOWS\system32\usp10.dll
1.0409.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Uniscribe Unicode script processor
2002-10-07 12:00:00

msprivs.dll
0x74310000
C:\WINDOWS\system32\msprivs.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Microsoft Privilege Translations
2002-10-07 12:00:00

kerberos.dll
0x71c70000
C:\WINDOWS\system32\kerberos.dll
5.1.2600.1701 (xpsp2.050614-1532)
Microsoft Corporation
Kerberos Security Package
2005-06-16 01:51:36

msv1_0.dll
0x76ce0000
C:\WINDOWS\system32\msv1_0.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Microsoft Authentication Package v1.0
2002-10-07 12:00:00

netlogon.dll
0x74410000
C:\WINDOWS\system32\netlogon.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Net Logon Services DLL
2002-10-07 12:00:00

w32time.dll
0x76790000
C:\WINDOWS\system32\w32time.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows Time Service
2002-10-07 12:00:00

MSVCP60.dll
0x75ff0000
C:\WINDOWS\system32\msvcp60.dll
6.00.8972.0
Microsoft Corporation
Microsoft (R) C++ Runtime Library
2002-10-07 12:00:00

iphlpapi.dll
0x76d30000
C:\WINDOWS\system32\iphlpapi.dll
5.1.2600.1240 (xpsp2.030618-0119)
Microsoft Corporation
IP Helper API
2003-07-10 12:22:38

USERENV.dll
0x759d0000
C:\WINDOWS\system32\userenv.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Userenv
2002-10-07 12:00:00

schannel.dll
0x767c0000
C:\WINDOWS\system32\schannel.dll
5.1.2600.1347 (xpsp2.040109-1800)
Microsoft Corporation
TLS / SSL Security Provider
2004-03-30 09:50:00

CRYPT32.dll
0x76230000
C:\WINDOWS\system32\crypt32.dll
5.131.2600.1123 (xpsp2.020921-0842)
Microsoft Corporation
Crypto API32
2002-09-23 15:10:56

wdigest.dll
0x742e0000
C:\WINDOWS\system32\wdigest.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Microsoft Digest Access
2002-10-07 12:00:00

rsaenh.dll
0xffd0000
C:\WINDOWS\system32\rsaenh.dll
5.1.2600.1029 (xpsp1.020426-1800)
Microsoft Corporation
Microsoft Base Cryptographic Provider
2002-10-07 12:00:00

nwprovau.dll
0x5f300000
C:\WINDOWS\system32\nwprovau.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Client Service for NetWare Provider and Authentication Package DLL
2002-10-07 12:00:00

COMCTL32.dll
0x77310000
C:\WINDOWS\system32\comctl32.dll
5.82 (xpsp1.020828-1920)
Microsoft Corporation
Common Controls Library
2002-10-07 12:00:00

setupapi.dll
0x765e0000
C:\WINDOWS\system32\setupapi.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows Setup API
2002-10-07 12:00:00

scecli.dll
0x74370000
C:\WINDOWS\system32\scecli.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows Security Configuration Editor Client Engine
2002-10-07 12:00:00

OLEAUT32.dll
0x770f0000
C:\WINDOWS\system32\oleaut32.dll
3.50.5016.0
Microsoft Corporation
Microsoft OLE 3.50 for Windows NT(TM) and Windows 95(TM) Operating Systems
2002-10-07 12:00:00

OLE32.DLL
0x4fec0000
C:\WINDOWS\system32\ole32.dll
5.1.2600.1720 (xpsp2.050722-1526)
Microsoft Corporation
Microsoft OLE for Windows
2005-07-26 12:38:28

shell32.dll
0x773a0000
C:\WINDOWS\system32\shell32.dll
6.00.2800.1816 (xpsp2.060316-1527)
Microsoft Corporation
Windows Shell Common Dll
2006-03-17 13:04:50

idmod - 2006-12-21 21:58:00

SHLWAPI.dll
0x772a0000
C:\WINDOWS\system32\SHLWAPI.DLL
6.00.2800.1740 (xpsp2.050831-1533)
Microsoft Corporation
Shell Light-weight Utility Library
2005-08-31 17:51:50

comctl32.dll
0x78090000
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1816_x-ww_7d33ba0e\comctl32.dll
6.0 (xpsp2.060316-1527)
Microsoft Corporation
User Experience Controls Library
2006-03-16 22:04:46

ipsecsvc.dll
0x74340000
C:\WINDOWS\system32\ipsecsvc.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows IPSec SPD Server DLL
2002-10-07 12:00:00

oakley.DLL
0x74530000
C:\WINDOWS\system32\oakley.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Oakley Key Manager
2002-10-07 12:00:00

WINIPSEC.DLL
0x742d0000
C:\WINDOWS\system32\winipsec.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Windows IPSec SPD Client DLL
2002-10-07 12:00:00

pstorsvc.dll
0x74300000
C:\WINDOWS\system32\pstorsvc.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Protected storage server
2002-10-07 12:00:00

mswsock.dll
0x719c0000
C:\WINDOWS\system32\mswsock.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Microsoft Windows Sockets 2.0 Service Provider
2002-10-07 12:00:00

wshtcpip.dll
0x71a00000
C:\WINDOWS\system32\wshtcpip.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Windows Sockets Helper DLL
2002-10-07 12:00:00

psbase.dll
0x74320000
C:\WINDOWS\system32\psbase.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Protected Storage default provider
2002-10-07 12:00:00

dssenh.dll
0xffa0000
C:\WINDOWS\system32\dssenh.dll
5.1.2600.1029 (xpsp1.020426-1800)
Microsoft Corporation
Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider
2002-10-07 12:00:00

[svchost.exe]
PID = 0x2f0
CommandLine = C:\WINDOWS\system32\svchost -k rpcss
svchost.exe
0x1000000
C:\WINDOWS\system32\svchost.exe
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Generic Host Process for Win32 Services
2002-10-07 12:00:00

ntdll.dll
0x77f50000
C:\WINDOWS\system32\ntdll.dll
5.1.2600.1217 (xpsp2.030429-2131)
Microsoft Corporation
NT Layer DLL
2003-05-01 16:57:50

kernel32.dll
0x77e40000
C:\WINDOWS\system32\kernel32.dll
5.1.2600.1560 (xpsp2_gdr.040517-1325)
Microsoft Corporation
Windows NT BASE API Client DLL
2004-06-18 02:31:30

ADVAPI32.dll
0x77da0000
C:\WINDOWS\system32\advapi32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Advanced Windows 32 Base API
2002-10-07 12:00:00

RPCRT4.dll
0x78000000
C:\WINDOWS\system32\rpcrt4.dll
5.1.2600.1361 (xpsp2.040109-1800)
Microsoft Corporation
Remote Procedure Call Runtime
2004-03-06 10:17:32

rpcss.dll
0x757b0000
c:\WINDOWS\system32\rpcss.dll
5.1.2600.1720 (xpsp2.050722-1526)
Microsoft Corporation
Distributed COM Services
2005-07-26 12:38:30

msvcrt.dll
0x77be0000
C:\WINDOWS\system32\msvcrt.dll
7.0.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows NT CRT DLL
2002-10-07 12:00:00

Secur32.dll
0x76f60000
c:\WINDOWS\system32\secur32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Security Support Provider Interface
2002-10-07 12:00:00

USER32.dll
0x77d10000
C:\WINDOWS\system32\user32.dll
5.1.2600.1634 (xpsp2.050301-1526)
Microsoft Corporation
Windows XP USER API Client DLL
2005-03-03 02:21:30

GDI32.dll
0x7f000000
C:\WINDOWS\system32\gdi32.dll
5.1.2600.1789 (xpsp2.051228-1438)
Microsoft Corporation
GDI Client DLL
2006-01-03 06:38:18

WS2_32.dll
0x71a20000
c:\WINDOWS\system32\ws2_32.dll
5.1.2600.1240 (xpsp2.030618-0119)
Microsoft Corporation
Windows Socket 2.0 32-Bit DLL
2003-07-10 12:22:40

WS2HELP.dll
0x71a10000
c:\WINDOWS\system32\ws2help.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Windows Socket 2.0 Helper for Windows NT
2002-10-07 12:00:00

IMM32.DLL
0x76300000
C:\WINDOWS\system32\imm32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows XP IMM32 API Client DLL
2002-10-07 12:00:00

LPK.DLL
0x62c20000
C:\WINDOWS\system32\lpk.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Language Pack
2002-10-07 12:00:00

USP10.dll
0x72f10000
C:\WINDOWS\system32\usp10.dll
1.0409.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Uniscribe Unicode script processor
2002-10-07 12:00:00

userenv.dll
0x759d0000
C:\WINDOWS\system32\userenv.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Userenv
2002-10-07 12:00:00

rsaenh.dll
0xffd0000
C:\WINDOWS\system32\rsaenh.dll
5.1.2600.1029 (xpsp1.020426-1800)
Microsoft Corporation
Microsoft Base Cryptographic Provider
2002-10-07 12:00:00

mswsock.dll
0x719c0000
C:\WINDOWS\system32\mswsock.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Microsoft Windows Sockets 2.0 Service Provider
2002-10-07 12:00:00

wshtcpip.dll
0x71a00000
C:\WINDOWS\system32\wshtcpip.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Windows Sockets Helper DLL
2002-10-07 12:00:00

wshisn.dll
0x71eb0000
C:\WINDOWS\system32\wshisn.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
NWLINK2 Socket Helper DLL
2002-10-07 12:00:00

WSOCK32.dll
0x71a40000
C:\WINDOWS\system32\wsock32.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Windows Socket 32-Bit DLL
2002-10-07 12:00:00

DNSAPI.dll
0x76ef0000
C:\WINDOWS\system32\dnsapi.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
DNS Client API DLL
2002-10-07 12:00:00

iphlpapi.dll
0x76d30000
C:\WINDOWS\system32\iphlpapi.dll
5.1.2600.1240 (xpsp2.030618-0119)
Microsoft Corporation
IP Helper API
2003-07-10 12:22:38

winrnr.dll
0x76f80000
C:\WINDOWS\system32\winrnr.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
LDAP RnR Provider DLL
2002-10-07 12:00:00

WLDAP32.dll
0x76f30000
C:\WINDOWS\system32\wldap32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Win32 LDAP API DLL
2002-10-07 12:00:00

rasadhlp.dll
0x76f90000
C:\WINDOWS\system32\rasadhlp.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Remote Access AutoDial Helper
2002-10-07 12:00:00

CLBCATQ.DLL
0x7a170000
C:\WINDOWS\system32\clbcatq.dll
2001.12.4414.62
Microsoft Corporation

2005-07-26 12:38:20

ole32.dll
0x4fec0000
C:\WINDOWS\system32\ole32.dll
5.1.2600.1720 (xpsp2.050722-1526)
Microsoft Corporation
Microsoft OLE for Windows
2005-07-26 12:38:28

idmod - 2006-12-21 21:58:00

OLEAUT32.dll
0x770f0000
C:\WINDOWS\system32\oleaut32.dll
3.50.5016.0
Microsoft Corporation
Microsoft OLE 3.50 for Windows NT(TM) and Windows 95(TM) Operating Systems
2002-10-07 12:00:00

COMRes.dll
0x77020000
C:\WINDOWS\system32\comres.dll
2001.12.4414.42
Microsoft Corporation

2002-10-07 12:00:00

VERSION.dll
0x77bd0000
C:\WINDOWS\system32\version.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Version Checking and File Installation Libraries
2002-10-07 12:00:00

[CCenter.exe]
PID = 0x330
CommandLine = "D:\Rising\Rav\CCenter.exe"
CCenter.exe
0x400000
D:\Rising\Rav\CCenter.exe
18, 0, 0, 3
Beijing Rising Technology Co., Ltd.
CCenter
2006-11-29 05:24:42

ntdll.dll
0x77f50000
C:\WINDOWS\system32\ntdll.dll
5.1.2600.1217 (xpsp2.030429-2131)
Microsoft Corporation
NT Layer DLL
2003-05-01 16:57:50

kernel32.dll
0x77e40000
C:\WINDOWS\system32\kernel32.dll
5.1.2600.1560 (xpsp2_gdr.040517-1325)
Microsoft Corporation
Windows NT BASE API Client DLL
2004-06-18 02:31:30

USER32.dll
0x77d10000
C:\WINDOWS\system32\user32.dll
5.1.2600.1634 (xpsp2.050301-1526)
Microsoft Corporation
Windows XP USER API Client DLL
2005-03-03 02:21:30

GDI32.dll
0x7f000000
C:\WINDOWS\system32\gdi32.dll
5.1.2600.1789 (xpsp2.051228-1438)
Microsoft Corporation
GDI Client DLL
2006-01-03 06:38:18

ADVAPI32.dll
0x77da0000
C:\WINDOWS\system32\advapi32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Advanced Windows 32 Base API
2002-10-07 12:00:00

RPCRT4.dll
0x78000000
C:\WINDOWS\system32\rpcrt4.dll
5.1.2600.1361 (xpsp2.040109-1800)
Microsoft Corporation
Remote Procedure Call Runtime
2004-03-06 10:17:32

IMM32.DLL
0x76300000
C:\WINDOWS\system32\imm32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows XP IMM32 API Client DLL
2002-10-07 12:00:00

LPK.DLL
0x62c20000
C:\WINDOWS\system32\lpk.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Language Pack
2002-10-07 12:00:00

USP10.dll
0x72f10000
C:\WINDOWS\system32\usp10.dll
1.0409.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Uniscribe Unicode script processor
2002-10-07 12:00:00

uxtheme.dll
0x5adc0000
C:\WINDOWS\system32\UXTHEME.DLL
6.00.2800.1106 (xpsp1.020828-1920)
Microsoft Corporation
Microsoft UxTheme Library
2002-10-07 20:00:00

msvcrt.dll
0x77be0000
C:\WINDOWS\system32\msvcrt.dll
7.0.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows NT CRT DLL
2002-10-07 12:00:00

[svchost.exe]
PID = 0x340
CommandLine = C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
0x1000000
C:\WINDOWS\system32\svchost.exe
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Generic Host Process for Win32 Services
2002-10-07 12:00:00

ntdll.dll
0x77f50000
C:\WINDOWS\system32\ntdll.dll
5.1.2600.1217 (xpsp2.030429-2131)
Microsoft Corporation
NT Layer DLL
2003-05-01 16:57:50

kernel32.dll
0x77e40000
C:\WINDOWS\system32\kernel32.dll
5.1.2600.1560 (xpsp2_gdr.040517-1325)
Microsoft Corporation
Windows NT BASE API Client DLL
2004-06-18 02:31:30

ADVAPI32.dll
0x77da0000
C:\WINDOWS\system32\advapi32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Advanced Windows 32 Base API
2002-10-07 12:00:00

RPCRT4.dll
0x78000000
C:\WINDOWS\system32\rpcrt4.dll
5.1.2600.1361 (xpsp2.040109-1800)
Microsoft Corporation
Remote Procedure Call Runtime
2004-03-06 10:17:32

ole32.dll
0x4fec0000
C:\WINDOWS\system32\ole32.dll
5.1.2600.1720 (xpsp2.050722-1526)
Microsoft Corporation
Microsoft OLE for Windows
2005-07-26 12:38:28

GDI32.dll
0x7f000000
C:\WINDOWS\system32\gdi32.dll
5.1.2600.1789 (xpsp2.051228-1438)
Microsoft Corporation
GDI Client DLL
2006-01-03 06:38:18

USER32.dll
0x77d10000
C:\WINDOWS\system32\user32.dll
5.1.2600.1634 (xpsp2.050301-1526)
Microsoft Corporation
Windows XP USER API Client DLL
2005-03-03 02:21:30

IMM32.DLL
0x76300000
C:\WINDOWS\system32\imm32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows XP IMM32 API Client DLL
2002-10-07 12:00:00

LPK.DLL
0x62c20000
C:\WINDOWS\system32\lpk.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Language Pack
2002-10-07 12:00:00

USP10.dll
0x72f10000
C:\WINDOWS\system32\usp10.dll
1.0409.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Uniscribe Unicode script processor
2002-10-07 12:00:00

shsvcs.dll
0x76ba0000
c:\WINDOWS\system32\shsvcs.dll
6.00.2800.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows Shell Services Dll
2002-10-07 12:00:00

msvcrt.dll
0x77be0000
C:\WINDOWS\system32\msvcrt.dll
7.0.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows NT CRT DLL
2002-10-07 12:00:00

SHLWAPI.dll
0x772a0000
C:\WINDOWS\system32\SHLWAPI.DLL
6.00.2800.1740 (xpsp2.050831-1533)
Microsoft Corporation
Shell Light-weight Utility Library
2005-08-31 17:51:50

shell32.dll
0x773a0000
C:\WINDOWS\system32\shell32.dll
6.00.2800.1816 (xpsp2.060316-1527)
Microsoft Corporation
Windows Shell Common Dll
2006-03-17 13:04:50

comctl32.dll
0x78090000
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1816_x-ww_7d33ba0e\comctl32.dll
6.0 (xpsp2.060316-1527)
Microsoft Corporation
User Experience Controls Library
2006-03-16 22:04:46

comctl32.dll
0x77310000
C:\WINDOWS\system32\comctl32.dll
5.82 (xpsp1.020828-1920)
Microsoft Corporation
Common Controls Library
2002-10-07 12:00:00

WINSTA.dll
0x762d0000
C:\WINDOWS\system32\winsta.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Winstation Library
2002-10-07 12:00:00

UxTheme.dll
0x5adc0000
C:\WINDOWS\system32\UXTHEME.DLL
6.00.2800.1106 (xpsp1.020828-1920)
Microsoft Corporation
Microsoft UxTheme Library
2002-10-07 20:00:00

rsaenh.dll
0xffd0000
C:\WINDOWS\system32\rsaenh.dll
5.1.2600.1029 (xpsp1.020426-1800)
Microsoft Corporation
Microsoft Base Cryptographic Provider
2002-10-07 12:00:00

dhcpcsvc.dll
0x76d50000
c:\WINDOWS\system32\dhcpcsvc.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
DHCP Client Service
2002-10-07 12:00:00

DNSAPI.dll
0x76ef0000
c:\WINDOWS\system32\dnsapi.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
DNS Client API DLL
2002-10-07 12:00:00

WS2_32.dll
0x71a20000
c:\WINDOWS\system32\ws2_32.dll
5.1.2600.1240 (xpsp2.030618-0119)
Microsoft Corporation
Windows Socket 2.0 32-Bit DLL
2003-07-10 12:22:40

WS2HELP.dll
0x71a10000
c:\WINDOWS\system32\ws2help.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Windows Socket 2.0 Helper for Windows NT
2002-10-07 12:00:00

idmod - 2006-12-21 21:58:00

iphlpapi.dll
0x76d30000
c:\WINDOWS\system32\iphlpapi.dll
5.1.2600.1240 (xpsp2.030618-0119)
Microsoft Corporation
IP Helper API
2003-07-10 12:22:38

Secur32.dll
0x76f60000
c:\WINDOWS\system32\secur32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Security Support Provider Interface
2002-10-07 12:00:00

mswsock.dll
0x719c0000
C:\WINDOWS\system32\mswsock.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Microsoft Windows Sockets 2.0 Service Provider
2002-10-07 12:00:00

wshtcpip.dll
0x71a00000
C:\WINDOWS\system32\wshtcpip.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Windows Sockets Helper DLL
2002-10-07 12:00:00

wzcsvc.dll
0x77c80000
c:\WINDOWS\system32\wzcsvc.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Wireless Zero Configuration Service
2002-10-07 12:00:00

rtutils.dll
0x76e50000
c:\WINDOWS\system32\rtutils.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Routing Utilities
2002-10-07 12:00:00

WMI.dll
0x76d00000
c:\WINDOWS\system32\wmi.dll
5.1.2600.0 (XPClient.010817-1148)
Microsoft Corporation
WMI DC and DP functionality
2002-10-07 12:00:00

OLEAUT32.dll
0x770f0000
C:\WINDOWS\system32\oleaut32.dll
3.50.5016.0
Microsoft Corporation
Microsoft OLE 3.50 for Windows NT(TM) and Windows 95(TM) Operating Systems
2002-10-07 12:00:00

CRYPT32.dll
0x76230000
C:\WINDOWS\system32\crypt32.dll
5.131.2600.1123 (xpsp2.020921-0842)
Microsoft Corporation
Crypto API32
2002-09-23 15:10:56

MSASN1.dll
0x76210000
C:\WINDOWS\system32\msasn1.dll
5.1.2600.1362 (xpsp2.040109-1800)
Microsoft Corporation
ASN.1 Runtime APIs
2004-03-30 09:50:00

WTSAPI32.dll
0x76f20000
c:\WINDOWS\system32\wtsapi32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows Terminal Server SDK APIs
2002-10-07 12:00:00

ESENT.dll
0x69a20000
c:\WINDOWS\system32\esent.dll
5.1.2468.0 (Lab03_N(jliem).010306-1456)
Microsoft Corporation
服务器数据库存储引擎
2002-10-07 12:00:00

WLDAP32.dll
0x76f30000
C:\WINDOWS\system32\wldap32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Win32 LDAP API DLL
2002-10-07 12:00:00

NETAPI32.dll
0x71ba0000
c:\WINDOWS\system32\netapi32.dll
5.1.2600.1562 (xpsp2_gdr.040517-1325)
Microsoft Corporation
Net Win32 API DLL
2004-06-09 06:01:18

SETUPAPI.DLL
0x765e0000
C:\WINDOWS\system32\setupapi.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows Setup API
2002-10-07 12:00:00

rastls.dll
0x74e70000
C:\WINDOWS\system32\rastls.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Remote Access PPP EAP-TLS
2002-10-07 12:00:00

ATL.DLL
0x76af0000
C:\WINDOWS\system32\atl.dll
3.00.9435
Microsoft Corporation
ATL Module for Windows NT (Unicode)
2002-10-07 12:00:00

CRYPTUI.dll
0x75430000
C:\WINDOWS\system32\cryptui.dll
5.131.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Microsoft Trust UI Provider
2002-10-07 12:00:00

WINTRUST.dll
0x76c00000
C:\WINDOWS\system32\wintrust.dll
5.131.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Microsoft Trust Verification APIs
2002-10-07 12:00:00

IMAGEHLP.dll
0x76c60000
C:\WINDOWS\system32\imagehlp.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows NT Image Helper
2002-10-07 12:00:00

idmod - 2006-12-21 21:59:00

WININET.dll
0x63000000
C:\WINDOWS\system32\WININET.DLL
6.00.2800.1548
Microsoft Corporation
Internet Extensions for Win32
2006-04-28 15:07:32

MPRAPI.dll
0x76d10000
C:\WINDOWS\system32\mprapi.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Windows NT MP Router Administration DLL
2002-10-07 12:00:00

ACTIVEDS.dll
0x76e10000
C:\WINDOWS\system32\activeds.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
ADs Router Layer DLL
2002-10-07 12:00:00

adsldpc.dll
0x76de0000
C:\WINDOWS\system32\adsldpc.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
ADs LDAP Provider C DLL
2002-10-07 12:00:00

SAMLIB.dll
0x71b70000
C:\WINDOWS\system32\samlib.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
SAM Library DLL
2002-10-07 12:00:00

RASAPI32.dll
0x76eb0000
C:\WINDOWS\system32\rasapi32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Remote Access API
2002-10-07 12:00:00

rasman.dll
0x76e60000
C:\WINDOWS\system32\rasman.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Remote Access Connection Manager
2002-10-07 12:00:00

TAPI32.dll
0x76e80000
C:\WINDOWS\system32\tapi32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Microsoft(R) Windows(TM) Telephony API Client DLL
2002-10-07 12:00:00

WINMM.dll
0x76b10000
C:\WINDOWS\system32\winmm.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
MCI API DLL
2002-10-07 12:00:00

SCHANNEL.dll
0x767c0000
C:\WINDOWS\system32\schannel.dll
5.1.2600.1347 (xpsp2.040109-1800)
Microsoft Corporation
TLS / SSL Security Provider
2004-03-30 09:50:00

USERENV.dll
0x759d0000
C:\WINDOWS\system32\userenv.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Userenv
2002-10-07 12:00:00

WinSCard.dll
0x72360000
C:\WINDOWS\system32\winscard.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Microsoft Smart Card API
2002-10-07 12:00:00

raschap.dll
0x74f60000
C:\WINDOWS\system32\raschap.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Remote Access PPP CHAP
2002-10-07 12:00:00

msv1_0.dll
0x76ce0000
C:\WINDOWS\system32\msv1_0.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Microsoft Authentication Package v1.0
2002-10-07 12:00:00

CLBCATQ.DLL
0x7a170000
C:\WINDOWS\system32\clbcatq.dll
2001.12.4414.62
Microsoft Corporation

2005-07-26 12:38:20

COMRes.dll
0x77020000
C:\WINDOWS\system32\comres.dll
2001.12.4414.42
Microsoft Corporation

2002-10-07 12:00:00

VERSION.dll
0x77bd0000
C:\WINDOWS\system32\version.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Version Checking and File Installation Libraries
2002-10-07 12:00:00

schedsvc.dll
0x75130000
c:\WINDOWS\system32\schedsvc.dll
5.1.2600.1564 (xpsp2_gdr.040517-1325)
Microsoft Corporation
Task Scheduler Engine
2004-06-09 06:01:18

NTDSAPI.dll
0x76770000
c:\WINDOWS\system32\ntdsapi.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
NT5DS
2002-10-07 12:00:00

wshisn.dll
0x71eb0000
C:\WINDOWS\system32\wshisn.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
NWLINK2 Socket Helper DLL
2002-10-07 12:00:00

WSOCK32.dll
0x71a40000
C:\WINDOWS\system32\wsock32.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Windows Socket 32-Bit DLL
2002-10-07 12:00:00

MSIDLE.DLL
0x74eb0000
C:\WINDOWS\system32\msidle.dll
6.00.2600.0000 (xpclient.010817-1148)
Microsoft Corporation
User Idle Monitor
2002-10-07 12:00:00

NTMARTA.DLL
0x76cb0000
C:\WINDOWS\system32\ntmarta.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows NT MARTA provider
2002-10-07 12:00:00

audiosrv.dll
0x70de0000
c:\WINDOWS\system32\audiosrv.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows Audio Service
2002-10-07 12:00:00

wkssvc.dll
0x750d0000
c:\WINDOWS\system32\wkssvc.dll
5.1.2600.1309 (xpsp2.031013-2110)
Microsoft Corporation
Workstation Service DLL
2003-10-22 07:17:22

nwwks.dll
0x5f2e0000
c:\WINDOWS\system32\nwwks.dll
5.1.2600.1727 (xpsp2.050810-1556)
Microsoft Corporation
Client Service for Netware
2005-08-11 23:21:10

NWPROVAU.dll
0x5f300000
c:\WINDOWS\system32\nwprovau.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Client Service for NetWare Provider and Authentication Package DLL
2002-10-07 12:00:00

MPR.dll
0x71a90000
C:\WINDOWS\system32\mpr.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Multiple Provider Router DLL
2002-10-07 12:00:00

NWAPI32.dll
0x5f350000
c:\WINDOWS\system32\nwapi32.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
NW Win32 API DLL
2002-10-07 12:00:00

qmgr.dll
0x16a0000
c:\WINDOWS\system32\qmgr.dll
6.6.2600.1569 (xpsp2_gdr.040517-1325)
Microsoft Corporation
后台智能传送服务
2004-07-02 06:08:14

SHFOLDER.dll
0x76750000
c:\WINDOWS\system32\shfolder.dll
6.00.2800.1106 (xpsp1.020828-1920)
Microsoft Corporation
Shell Folder Service
2002-10-07 12:00:00

WINHTTP.dll
0x1700000
c:\WINDOWS\system32\winhttp.dll
5.1.2600.1557 (xpsp2_gdr.040517-1325)
Microsoft Corporation
Windows HTTP Services
2004-07-02 06:08:14

srvsvc.dll
0x74ff0000
c:\WINDOWS\system32\srvsvc.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Server Service DLL
2002-10-07 12:00:00

pchsvc.dll
0x74ea0000
c:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Microsoft PCHealth Service Holder
2002-10-07 20:00:00

es.dll
0x76b40000
c:\WINDOWS\system32\es.dll
2001.12.4414.62
Microsoft Corporation

2005-07-26 12:38:26

dmserver.dll
0x74ef0000
c:\WINDOWS\system32\dmserver.dll
2600.0.503.0
Microsoft Corp.
Logical Disk Manager service dll
2002-10-07 12:00:00

cryptsvc.dll
0x74f00000
c:\WINDOWS\system32\cryptsvc.dll
5.1.2600.1190 (xpsp2.030320-1720)
Microsoft Corporation
Cryptographic Services
2003-04-02 17:32:02

certcli.dll
0x752b0000
c:\WINDOWS\system32\certcli.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Microsoft(R) Certificate Services Client
2002-10-07 12:00:00

msgsvc.dll
0x74ec0000
c:\WINDOWS\system32\msgsvc.dll
5.1.2600.1309 (xpsp2.031013-2110)
Microsoft Corporation
NT Messenger Service
2003-10-22 07:17:22

seclogon.dll
0x73c90000
c:\WINDOWS\system32\seclogon.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Secondary Logon Service DLL
2002-10-07 12:00:00

browser.dll
0x74f40000
c:\WINDOWS\system32\browser.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Computer Browser Service DLL
2002-10-07 12:00:00

wuauserv.dll
0x74e20000
c:\WINDOWS\system32\wuauserv.dll
5.4.3630.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows Update AutoUpdate Service
2002-10-07 20:00:00

mspmspsv.dll
0x72430000
c:\WINDOWS\system32\mspmspsv.dll
8.0.1.20
Microsoft Corporation
Microsoft Media Device Service Provider
2002-10-07 12:00:00

wmisvc.dll
0x59470000
c:\WINDOWS\system32\wbem\wmisvc.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
WMI
2002-10-07 20:00:00

wbemcomn.dll
0x751f0000
c:\WINDOWS\system32\wbem\wbemcomn.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
WMI
2002-10-07 20:00:00

VSSAPI.DLL
0x75340000
C:\WINDOWS\system32\vssapi.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Microsoft? Volume Shadow Copy Requestor/Writer Services API DLL
2002-10-07 12:00:00

wuaueng.dll
0x50040000
C:\WINDOWS\system32\wuaueng.dll
5.8.0.2469 built by: lab01_n(wmbla)
Microsoft Corporation
Windows Update AutoUpdate Engine
2005-05-26 04:16:30

ADVPACK.dll
0x751c0000
C:\WINDOWS\system32\advpack.dll
6.00.2800.1106 (xpsp1.020828-1920)
Microsoft Corporation
ADVPACK
2002-10-07 12:00:00

WINSPOOL.DRV
0x72f70000
C:\WINDOWS\system32\winspool.drv
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows Spooler Driver
2002-10-07 12:00:00

Cabinet.dll
0x750b0000
C:\WINDOWS\system32\cabinet.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Microsoft? Cabinet File API
2002-10-07 12:00:00

mspatcha.dll
0x602d0000
C:\WINDOWS\system32\mspatcha.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Microsoft(R) Patch Engine
2002-10-07 12:00:00

sfc.dll
0x76b80000
C:\WINDOWS\system32\sfc.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Windows File Protection
2002-10-07 12:00:00

sfc_os.dll
0x76c30000
C:\WINDOWS\system32\sfc_os.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows 文件保护
2002-10-07 12:00:00

w32time.dll
0x76790000
c:\WINDOWS\system32\w32time.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows Time Service
2002-10-07 12:00:00

MSVCP60.dll
0x75ff0000
c:\WINDOWS\system32\msvcp60.dll
6.00.8972.0
Microsoft Corporation
Microsoft (R) C++ Runtime Library
2002-10-07 12:00:00

与时拒进 - 2006-12-21 22:02:00

你贴没用的资料，不累啊

鸟儿天上飞 - 2006-12-21 22:04:00

呵呵
请下载SREng2（最新版），使用“智能扫描”，按下“扫描”按钮进行扫描，
扫描完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告
日志文件内容复制-粘贴上来,,日志一次粘不完，分次粘完，请不要修改。

下载地址
http://www.kztechs.com/sreng/sreng2.zip

高歌猛进 - 2006-12-21 22:06:00

又见鬼了，我看不到日志

与时拒进 - 2006-12-21 22:08:00

引用:

【高歌猛进的贴子】又见鬼了，我看不到日志
………………

楼主和一楼是hijackthis日志

与时拒进 - 2006-12-21 22:15:00

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

idmod - 2006-12-21 22:17:00

2006-12-21,22:04:16

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 1 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe> [(Verified)Microsoft Corporation]
<NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit> [NVIDIA Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup> [NVIDIA Corporation]
<nwiz><nwiz.exe /install> [NVIDIA Corporation]
<SoundMan><SOUNDMAN.EXE> [(Verified)Realtek Semiconductor Corp.]
<RavTask><"D:\Rising\Rav\RavTask.exe" -system> [Beijing Rising Technology Co., Ltd.]
<RfwMain><"D:\Rising\Rfw\rfwmain.exe" -Startup> [Beijing Rising Technology Co., Ltd.]
<runeip><D:\Rising\kaka\runiep.exe> [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><EXPLORER.EXE> [(Verified)Microsoft Corporation]
<Userinit><userinit.exe,> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Corporation]

idmod - 2006-12-21 22:17:00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll> [Beijing Rising Technology Co., Ltd.]

==================================
启动文件夹
N/A

==================================
服务
[Human Interface Device Access / HidServ]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[NVIDIA Driver Helper Service / NVSvc]
<C:\WINDOWS\System32\nvsvc32.exe><NVIDIA Corporation>
[Rising Personal Firewall Service / RfwService]
<D:\Rising\Rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
<"D:\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon]
<"D:\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>

==================================
驱动程序
[Service for Realtek AC97 Audio (WDM) / ALCXWDM]
<system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[Rising TDI Base Driver / BaseTDI]
<System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[ExpScaner / ExpScaner]
<\??\D:\Rising\Rav\ExpScan.sys><>
[HookCont / HookCont]
<\??\D:\Rising\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg]
<\??\D:\Rising\Rav\HookReg.sys><>
[hooksys / hooksys]
<\??\D:\Rising\Rav\HookSys.sys><Rising>

idmod - 2006-12-21 22:17:00

[HookUrl / HookUrl]
<\??\D:\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[MEMSCAN / MEMSCAN]
<\??\D:\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs]
<\??\d:\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[New0 / New0]
<\??\C:\WINDOWS\System32\new.sys><N/A>
[Netgroup Packet Filter / NPF]
<System32\DRIVERS\npf.sys><CACE Technologies>
[nv / nv]
<System32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink]
<System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsFwDrv / RsFwDrv]
<\??\D:\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI]
<\SystemRoot\System32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS]
<\??\D:\Rising\Rav\RSPPSYS.sys><Rising>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139]
<System32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv]
<System32\DRIVERS\secdrv.sys><N/A>
[st3wolf / st3wolf]
<System32\DRIVERS\st3wolf.sys><>
[stwlfbus / stwlfbus]
<\SystemRoot\System32\DRIVERS\stwlfbus.sys><>

==================================
浏览器加载项
[@shdoclc.dll,-866]

idmod - 2006-12-21 22:18:00

{c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[电台(&R)]
{8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\System32\wuweb.dll, Microsoft Corporation>
[MUWebControl Class]
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\System32\muweb.dll, Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>

==================================
正在运行的进程
[PID: 448][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 512][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 536][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.1557 (xpsp2_gdr.040517-1325)]
[PID: 580][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 592][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 752][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 816][D:\Rising\Rav\CCenter.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 832][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 968][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 996][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1012][D:\Rising\Rav\Ravmond.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 39]
[D:\Rising\Rav\BWList.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 6]
[D:\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[D:\Rising\Rav\rfwctrl.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
[D:\Rising\Rav\RsPPsys.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[D:\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[D:\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[D:\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[D:\Rising\Rav\RsLog.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
[D:\Rising\Rav\HOOKSYS.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 0]

idmod - 2006-12-21 22:18:00

[Beijing Rising Technology Co., Ltd., 19, 0, 0, 8]
[D:\Rising\Rav\libload.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
[D:\Rising\Rav\VirusLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[D:\Rising\Rav\regmon.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
[D:\Rising\Rav\psapi.dll] [Microsoft Corporation, 4.00]
[D:\Rising\Rav\HookWeb.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 1]
[D:\Rising\Rav\MemMon.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
[D:\Rising\Rav\expscan.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[D:\Rising\Rav\mPorts.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
[D:\Rising\Rav\HookCont.dll] [Rising, 19, 0, 0, 0]
[D:\Rising\Rav\SpamEng.dll] [N/A, 18, 0, 0, 6]
[D:\Rising\Rav\engine.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 20]
[D:\Rising\Rav\PostTrt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 8]
[D:\Rising\Rav\UnExe.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
[D:\Rising\Rav\ScanExec.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 15]
[D:\Rising\Rav\ScanEx.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 30]
[D:\Rising\Rav\ExtFile.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 23]
[D:\Rising\Rav\NvFile.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
[D:\Rising\Rav\ScanMac.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 13]
[D:\Rising\Rav\ScanSct.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
[D:\Rising\Rav\Unpacker.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 17]
[D:\Rising\Rav\ScanPack.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 18]
[D:\Rising\Rav\RsVM.dll] [N/A, 19, 0, 0, 13]
[D:\Rising\Rav\Uroutine.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
[D:\Rising\Rav\Uscript.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 17]
[PID: 1252][D:\Rising\Rav\RavStub.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 4]
[D:\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[D:\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[PID: 1424][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.1699 (xpsp2.050610-1533)]
[PID: 288][C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE] [Microsoft Corporation, 7.00.9466]
[C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\2052\mdmui.dll] [Microsoft Corporation, 7.00.9466]
[C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MSDBG2.DLL] [Microsoft Corporation, 7.00.9466]
[PID: 796][C:\WINDOWS\System32\nvsvc32.exe] [NVIDIA Corporation, 6.14.01.4345]
[PID: 880][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
[D:\Rising\kaka\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
[C:\Program Files\WinRAR\rarext.dll] [N/A, N/A]

idmod - 2006-12-21 22:19:00

[D:\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[PID: 1532][C:\WINDOWS\SOUNDMAN.EXE] [Realtek Semiconductor Corp., 5.0.14]
[D:\Rising\kaka\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
[PID: 1588][D:\Rising\Rav\RavTask.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
[D:\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[D:\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[D:\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[D:\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[D:\Rising\kaka\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
[PID: 1624][D:\Rising\Rav\Ravmon.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 36]
[D:\Rising\Rav\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 28]
[D:\Rising\Rav\BWList.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 6]
[D:\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[D:\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[D:\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[D:\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[D:\Rising\Rav\RsXML.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[D:\Rising\Rav\PngDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[D:\Rising\kaka\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
[PID: 1696][D:\Rising\kaka\runiep.exe] [Beijing Rising Technology Co., Ltd., 1, 0, 1, 3]
[D:\Rising\kaka\iep_ctrl.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 4]
[D:\Rising\kaka\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
[PID: 1340][C:\WINDOWS\System32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[D:\Rising\kaka\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
[PID: 640][C:\WINDOWS\System32\RUNDLL32.EXE] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\System32\NVMCTRAY.DLL] [NVIDIA Corporation, 6.14.01.4345]
[D:\Rising\kaka\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
[PID: 508][d:\wubi\wnie.exe] [万能软件开发部, 6, 12, 4, 1]
[C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\PDM.DLL] [Microsoft Corporation, 7.00.9466]
[C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\2052\mdmui.dll] [Microsoft Corporation, 7.00.9466]
[C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MSDBG2.DLL] [Microsoft Corporation, 7.00.9466]
[D:\Rising\kaka\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
[D:\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\WINDOWS\System32\WNWBIO.IME] [深圳世强软件开发部 www.wn51.com , 2006, 10, 20, 1]
[PID: 220][C:\WINDOWS\System32\wuauclt.exe] [Microsoft Corporation, 5.8.0.2469 built by: lab01_n(wmbla)]
[PID: 1860][d:\wubi\wnwb.exe] [深圳世强软件开发部 www.wn51.com , 2006, 11, 17, 1]
[d:\wubi\flyDll.dll] [N/A, N/A]
[D:\Rising\kaka\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
[d:\wubi\29854wnmkey.dll] [深圳世强软件开发部 www.wnwb.com , 2005, 7, 5, 1]
[PID: 692][D:\Rising\Rav\RsAgent.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
[D:\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]

idmod - 2006-12-21 22:20:00

[D:\Rising\kaka\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
[PID: 440][C:\WINDOWS\msagent\AgentSvr.exe] [Microsoft Corporation, 2.00.0.3422]
[D:\Rising\kaka\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
[PID: 1116][E:\Hi\sreng2\SREng\SREng.exe] [Smallfrogs Studio, 2.2.6.605]
[D:\Rising\kaka\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]

==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1 localhost

==================================

鸟儿天上飞 - 2006-12-21 22:44:00

运行(双击)SRENG2，点“启动项目，服务，点“驱动程序”
勾选“隐藏微软服务”选中病毒服务
[New0 / New0]
<\??\C:\WINDOWS\System32\new.sys><N/A>
，选择“删除服务”
点“设置”选择“否”
重启按F８进入安全模式下
显示隐藏文件
删除：
C:\WINDOWS\System32\new.sys
没看出什么来也许你的优化大师的问题

瑞星卡卡安全论坛