瑞星卡卡安全论坛
♂血祭│潇遥 - 2007-2-11 13:48:00
Microsoft Windows XP Service Pack 2 [Build 5.1.2600]
QQ 16.31.162 SP0 KB0 734021742F9DE5A1077E7FC36D1E4A93
-----------------------------------
Type: EXCEPTION_ACCESS_VIOLATION
Address: 0x77BFB929
Error: Read address 0xFFFFFFFF
Call stack:
0x77BE0000[1B929] msvcrt.dll: (3677840,0,-1,2009056263)
0x77BE0000[1C320] msvcrt.dll: (128,1232852,2009056302,128)
0x77BE0000[1C3E7] msvcrt.dll: (128,0,128,1621178436)
0x77BE0000[1C42E] msvcrt.dll: (128,0,11575648,1232916)
0X60A10000[3844] MFC42.DLL: (128,11819752,11819748,0)
0X60090000[E880] BasicCtrlDll.dll: (1,1232936,1611260307,76512432)
0X00400000[892D6] QQ.exe: (76512432,4,646315095,1232968)
0X60090000[E193] BasicCtrlDll.dll: (11575680,76512432,646315095,11819748)
0X00400000[88DB2] QQ.exe: (11575680,76512432,646315095,11819752)
0X00400000[889AE] QQ.exe: (11575680,76512432,11819748,11819752)
0X00400000[88853] QQ.exe: (11819756,11819648,11819648,1233152)
0X00400000[F4AC2] QQ.exe: (11838976,1233300,14624368,1611216223)
0X00400000[86CBD] QQ.exe: (11819648,13997904,472,1233240)
0X00400000[43E64] QQ.exe: (1233300,1233627,11713684,14625600)
0X00400000[44872] QQ.exe: (496,1233880,1233627,11713684)
0X00400000[44F6C] QQ.exe: (496,1233880,1233627,11713684)
0X00400000[4777E] QQ.exe: (496,1233880,1233627,11713684)
0X00400000[476F0] QQ.exe: (496,1233880,1233627,11713684)
0X00400000[47E35] QQ.exe: (11713684,496,1233880,1233627)
0X00400000[40FC1] QQ.exe: (16777216,76707376,8000,496)
0X00400000[4137B] QQ.exe: (0,76707376,8000,496)
0X00400000[4204C] QQ.exe: (0,11504736,1233672,1233788)
0X60A10000[1B49] MFC42.DLL: (0,76707376,8000,496)
0X00400000[41FB8] QQ.exe: (0,76707376,8000,496)
0X00400000[42222] QQ.exe: (11504956,0,76707376,8000)
0X00400000[5353D] QQ.exe: (0,76707376,8000,496)
0X00400000[537F4] QQ.exe: (1234832,2010220543,0,983544)
0X77D10000[8832] USER32.dll: (0,983544,11364336,20)
0X77D10000[87FF] USER32.dll: (2010220552,-1,2010220543,2010231656)
0X77D10000[30494] USER32.dll: (2010231656,0,1613052632,983544)
0X77D10000[87FF] USER32.dll: (0,1613052632,983544,24)
0X77D10000[B368] USER32.dll: (8,1378312,1376256,1665336)
0X7C920000[10732] ntdll.dll: (2090010283,2090010347,52,1874384)
0X7C920000[10732] ntdll.dll: (2090010347,52,1874384,0)
0X7C920000[106AB] ntdll.dll: (52,1874384,0,1)
0X7C920000[106EB] ntdll.dll: (2010233014,983544,1,0)
0X77D10000[84BC] USER32.dll: (983544,1,0,1235064)
0X77D10000[B8B6] USER32.dll: (1014,1235064,14078096,1235080)
0X00400000[B4F93] QQ.exe: (14078096,1014,1235064,1621193085)
0X00400000[B5029] QQ.exe: (14078100,0,14078096,14078096)
0X60A10000[717D] MFC42.DLL: (14129072,1635776880,1397504,1235468)
0X00400000[AE9DE] QQ.exe: (14080840,0,14129072,1)
0X61780000[11934] QQMainFrame.dll: (2090010958,1236048,131108,1235516)
0X7C920000[10945] ntdll.dll: (1236048,131108,1235516,2)
0X7C920000[1094E] ntdll.dll: (1238872,0,1623179265,2090010992)
0X7C920000[12D34] ntdll.dll: (1646616289,2090024559,2090024546,520)
0X7C920000[10970] ntdll.dll: (2090024559,2090024546,520,1236204)
0X62240000[15EE1] vbscript.dll: (2090024546,520,1236204,0)
0X7C920000[13E6F] ntdll.dll: (520,1236204,0,60)
0X7C920000[13E62] ntdll.dll: (1235526,1235388,30,2)
Modules:
-----------------------------------
[ 0x00400000 ] E:\QQ\QQ.exe [0.0.0.0,2007-02-02 18:59:37]
[ 0x00ED0000 ] E:\QQ\npkpdb.dll [2003.10.1.1,2003-10-09 12:33:47]
[ 0x01400000 ] E:\QQ\LoginCtrl.dll [,2007-02-07 18:02:37]
[ 0x01430000 ] E:\QQ\npkcntc.dll [2006.6.27.1,2006-08-15 17:09:47]
[ 0x019D0000 ] E:\QQ\QQRes.dll [1.0.0.1,2007-02-03 15:09:19]
[ 0x0FFD0000 ] C:\WINDOWS\system32\rsaenh.dll [5.1.2600.2161,2004-07-07 10:17:12]
[ 0x10000000 ] C:\Program Files\Rising\AntiSpyware\ieprot.dll [1.0.0.8,2007-01-08 11:11:23]
[ 0x20000000 ] C:\WINDOWS\system32\xpsp2res.dll [5.1.2600.2180,2004-08-17 07:40:46]
[ 0x30000000 ] C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx [9.0.28.0,2006-11-10 06:46:14]
[ 0x5ADC0000 ] C:\WINDOWS\system32\UxTheme.dll [6.0.2900.2180,2004-08-04 15:52:01]
[ 0x5D170000 ] C:\WINDOWS\system32\COMCTL32.dll [5.82.2900.2180,2004-08-17 07:38:02]
[ 0x5EFE0000 ] C:\WINDOWS\system32\OLEPRO32.DLL [5.1.2600.2180,2004-08-17 07:39:26]
[ 0x5FDD0000 ] C:\WINDOWS\system32\NETAPI32.dll [5.1.2600.2180,2004-08-17 07:38:07]
[ 0x60090000 ] E:\QQ\BasicCtrlDll.dll [7.0.101.80,2007-02-02 15:49:47]
[ 0x600F0000 ] E:\QQ\CameraDll.dll [1.0.0.1,2006-08-19 15:38:47]
[ 0x601A0000 ] E:\QQ\CQQApplication.dll [,2007-02-02 17:26:49]
[ 0x60350000 ] E:\QQ\gdiplus.dll [5.1.3102.2180,2004-08-04 15:50:55]
[ 0x60640000 ] E:\QQ\GroupLive.dll [,2007-02-02 17:40:07]
[ 0x60680000 ] E:\QQ\HostingMgr.dll [1.0.0.1,2007-02-02 18:02:29]
[ 0x60800000 ] C:\WINDOWS\system32\mslbui.dll [5.1.2600.2180,2004-08-17 07:40:11]
[ 0x608B0000 ] E:\QQ\LoginCtrlRes.dll [1.0.0.1,2007-02-02 17:43:37]
[ 0x60910000 ] E:\QQ\LongConnection.dll [5.0.200.160,2007-01-31 18:17:58]
[ 0x609E0000 ] E:\QQ\MailSummary.dll [1.0.0.1,2007-02-02 18:57:30]
[ 0x60A10000 ] E:\QQ\MFC42.DLL [6.0.8665.0,1999-12-11 01:17:01]
[ 0x60BB0000 ] E:\QQ\NewSkin.dll [1.0.0.1,2007-02-02 16:54:56]
[ 0x60FD0000 ] C:\WINDOWS\system32\hnetcfg.dll [5.1.2600.2180,2004-08-17 07:37:44]
[ 0x61100000 ] E:\QQ\QQAllInOne.dll [,2007-02-02 18:54:07]
[ 0x612E0000 ] E:\QQ\QQAPI.dll [1.0.0.1,2007-02-02 17:54:09]
[ 0x61360000 ] E:\QQ\QQBaseClassInDll.dll [1.0.0.1,2007-02-02 17:13:47]
[ 0x615A0000 ] E:\QQ\QQConfigPlugin.dll [1.0.0.1,2007-02-02 17:54:30]
[ 0x61640000 ] E:\QQ\QQGroupMng.dll [1.0.0.1,2007-02-02 17:43:17]
[ 0x616B0000 ] E:\QQ\QQHelperDll.dll [1.0.0.1,2007-02-02 17:00:45]
[ 0x61750000 ] E:\QQ\QQKnowledgeSearch.dll [1.0.0.1,2007-02-02 17:16:08]
[ 0x61780000 ] E:\QQ\QQMainFrame.dll [,2007-02-02 18:10:55]
[ 0x61950000 ] E:\QQ\QQPlugin.dll [,2007-02-02 18:19:40]
[ 0x61BE0000 ] C:\WINDOWS\system32\MFC42LOC.DLL [6.0.8665.0,2001-09-01 07:01:06]
[ 0x61EF0000 ] E:\QQ\QQSpace.dll [1.0.0.1,2007-02-02 18:04:57]
[ 0x62020000 ] E:\QQ\QRingMng.dll [,2007-02-02 17:38:34]
[ 0x62040000 ] E:\QQ\RICHED20.dll [5.31.23.1218,2003-03-26 11:45:31]
[ 0x620B0000 ] E:\QQ\RICHED32.DLL [5.0.2134.1,1999-12-11 01:14:55]
[ 0x620D0000 ] E:\QQ\SCCore.dll [2.0.0.1,2006-08-07 11:12:33]
[ 0x621F0000 ] E:\QQ\TIMProxy.dll [0.3.2.4,2005-08-18 15:39:48]
[ 0x62220000 ] E:\QQ\UserDefinedHead.dll [1.0.0.1,2007-02-02 18:03:19]
[ 0x62240000 ] E:\QQ\vbscript.dll [5.6.0.7426,2002-02-27 06:58:03]
[ 0x626B0000 ] E:\QQ\WizardCtrl.dll [1.0.0.1,2007-02-02 17:52:58]
[ 0x62C20000 ] C:\WINDOWS\system32\LPK.DLL [5.1.2600.2180,2004-08-17 07:37:58]
[ 0x68D60000 ] C:\WINDOWS\system32\DBGHELP.dll [5.1.2600.2180,2004-08-17 07:37:37]
[ 0x70E20000 ] C:\WINDOWS\system32\asycfilt.dll [5.1.2600.2180,2004-08-17 07:38:10]
[ 0x719C0000 ] C:\WINDOWS\system32\mswsock.dll [5.1.2600.2180,2004-08-17 07:40:52]
[ 0x71A00000 ] C:\WINDOWS\System32\wshtcpip.dll [5.1.2600.2180,2004-08-17 07:39:46]
[ 0x71A10000 ] C:\WINDOWS\system32\WS2HELP.dll [5.1.2600.2180,2004-08-17 07:39:36]
[ 0x71A20000 ] C:\WINDOWS\system32\WS2_32.dll [5.1.2600.2180,2004-08-17 07:39:35]
[ 0x71A40000 ] C:\WINDOWS\system32\WSOCK32.dll [5.1.2600.2180,2004-08-17 07:39:48]
[ 0x72210000 ] C:\WINDOWS\system32\DINPUT.dll [5.3.2600.2180,2004-08-17 07:37:58]
[ 0x72240000 ] C:\WINDOWS\system32\sensapi.dll [5.1.2600.2180,2004-08-17 07:38:16]
[ 0x72C80000 ] C:\WINDOWS\system32\msacm32.drv [5.1.2600.0,2001-09-01 06:59:06]
[ 0x72C90000 ] C:\WINDOWS\system32\wdmaud.drv [5.1.2600.2180,2004-08-17 07:38:47]
[ 0x72F70000 ] C:\WINDOWS\system32\WINSPOOL.DRV [5.1.2600.2180,2004-08-17 07:38:34]
[ 0x73620000 ] C:\WINDOWS\system32\msdmo.dll [6.5.2600.2180,2004-08-17 07:39:25]
[ 0x73640000 ] C:\WINDOWS\system32\msctfime.ime [5.1.2600.2180,2004-08-17 07:39:03]
[ 0x73AF0000 ] C:\WINDOWS\system32\AVICAP32.dll [5.1.2600.0,2001-09-01 06:58:59]
[ 0x73B40000 ] C:\WINDOWS\system32\MSVFW32.dll [5.1.2600.2180,2004-08-17 07:40:47]
[ 0x73FA0000 ] C:\WINDOWS\system32\USP10.dll [1.420.2600.2180,2004-08-17 07:38:33]
[ 0x74680000 ] C:\WINDOWS\system32\MSCTF.dll [5.1.2600.2180,2004-08-17 07:39:02]
[ 0x759D0000 ] C:\WINDOWS\system32\USERENV.dll [5.1.2600.2180,2004-08-17 07:38:32]
[ 0x75AF0000 ] C:\WINDOWS\system32\devenum.dll [6.5.2600.2180,2004-08-17 07:37:49]
[ 0x75C60000 ] C:\WINDOWS\system32\urlmon.dll [6.0.2900.2180,2004-08-17 07:38:28]
[ 0x75E00000 ] C:\WINDOWS\system32\SXS.DLL [5.1.2600.2180,2004-08-17 07:41:20]
[ 0x75FF0000 ] C:\WINDOWS\system32\MSVCP60.dll [6.2.3104.0,2004-08-17 07:40:45]
[ 0x76060000 ] C:\WINDOWS\system32\SETUPAPI.dll [5.1.2600.2180,2004-08-17 07:38:20]
[ 0x762F0000 ] C:\WINDOWS\system32\MSIMG32.dll [5.1.2600.2180,2004-08-17 07:40:03]
[ 0x76300000 ] C:\WINDOWS\system32\IMM32.DLL [5.1.2600.2180,2004-08-17 07:38:09]
[ 0x76320000 ] C:\WINDOWS\system32\comdlg32.dll [6.0.2900.2180,2004-08-17 07:38:03]
[ 0x765E0000 ] C:\WINDOWS\system32\CRYPT32.dll [5.131.2600.2180,2004-08-17 07:37:27]
[ 0x76680000 ] C:\WINDOWS\system32\WININET.dll [6.0.2900.2180,2004-08-17 07:39:04]
[ 0x76990000 ] C:\WINDOWS\system32\ole32.dll [5.1.2600.2180,2004-08-17 07:39:21]
[ 0x76B10000 ] C:\WINDOWS\system32\WINMM.dll [5.1.2600.2180,2004-08-17 07:39:06]
[ 0x76C00000 ] C:\WINDOWS\system32\WINTRUST.dll [5.131.2600.2180,2004-08-17 07:38:37]
[ 0x76C60000 ] C:\WINDOWS\system32\IMAGEHLP.dll [5.1.2600.2180,2004-08-17 07:37:54]
[ 0x76D30000 ] C:\WINDOWS\system32\iphlpapi.dll [5.1.2600.2180,2004-08-17 07:37:41]
[ 0x76DB0000 ] C:\WINDOWS\system32\MSASN1.dll [5.1.2600.2180,2004-08-17 07:38:55]
[ 0x76E50000 ] C:\WINDOWS\system32\rtutils.dll [5.1.2600.2180,2004-08-17 07:38:23]
[ 0x76E60000 ] C:\WINDOWS\system32\rasman.dll [5.1.2600.2180,2004-08-17 07:38:16]
[ 0x76E80000 ] C:\WINDOWS\system32\TAPI32.dll [5.1.2600.2180,2004-08-17 07:38:27]
[ 0x76EB0000 ] C:\WINDOWS\system32\RASAPI32.DLL [5.1.2600.2180,2004-08-17 07:38:12]
[ 0x76EF0000 ] C:\WINDOWS\system32\DNSAPI.dll [5.1.2600.2180,2004-08-17 07:38:12]
[ 0x76F30000 ] C:\WINDOWS\system32\WLDAP32.dll [5.1.2600.2180,2004-08-17 07:38:40]
[ 0x76F80000 ] C:\WINDOWS\System32\winrnr.dll [5.1.2600.2180,2004-08-17 07:38:30]
[ 0x76F90000 ] C:\WINDOWS\system32\rasadhlp.dll [5.1.2600.2180,2004-08-17 07:38:11]
[ 0x76FA0000 ] C:\WINDOWS\system32\CLBCATQ.DLL [2001.12.4414.258,2004-08-17 07:37:49]
[ 0x77020000 ] C:\WINDOWS\system32\COMRes.dll [2001.12.4414.258,2004-08-17 07:38:07]
[ 0x770F0000 ] C:\WINDOWS\system32\OLEAUT32.dll [5.1.2600.2180,2004-08-17 07:39:22]
[ 0x77180000 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll [6.0.2900.2180,2004-08-17 07:37:22]
[ 0x773A0000 ] C:\WINDOWS\system32\SHELL32.dll [6.0.2900.2180,2004-08-17 07:38:27]
[ 0x77BA0000 ] C:\WINDOWS\system32\midimap.dll [5.1.2600.2180,2004-08-17 07:37:57]
[ 0x77BB0000 ] C:\WINDOWS\system32\MSACM32.dll [5.1.2600.2180,2004-08-17 07:38:35]
[ 0x77BD0000 ] C:\WINDOWS\system32\VERSION.dll [5.1.2600.2180,2004-08-17 07:38:31]
[ 0x77BE0000 ] C:\WINDOWS\system32\msvcrt.dll [7.0.2600.2180,2004-08-17 07:40:46]
[ 0x77C40000 ] C:\WINDOWS\system32\msv1_0.dll [5.1.2600.2180,2004-08-17 07:40:43]
[ 0x77D10000 ] C:\WINDOWS\system32\USER32.dll [5.1.2600.2180,2004-08-17 07:38:31]
[ 0x77DA0000 ] C:\WINDOWS\system32\ADVAPI32.dll [5.1.2600.2180,2004-08-17 07:37:49]
[ 0x77E50000 ] C:\WINDOWS\system32\RPCRT4.dll [5.1.2600.2180,2004-08-17 07:38:17]
[ 0x77EF0000 ] C:\WINDOWS\system32\GDI32.dll [5.1.2600.2180,2004-08-17 07:37:35]
[ 0x77F40000 ] C:\WINDOWS\system32\SHLWAPI.dll [6.0.2900.2180,2004-08-17 07:38:32]
[ 0x77FC0000 ] C:\WINDOWS\system32\Secur32.dll [5.1.2600.2180,2004-08-17 07:38:35]
[ 0x7C800000 ] C:\WINDOWS\system32\kernel32.dll [5.1.2600.2180,2004-08-17 07:38:36]
[ 0x7C920000 ] C:\WINDOWS\system32\ntdll.dll [5.1.2600.2180,2004-08-17 07:38:36]
[ 0x7C9C0000 ] C:\WINDOWS\system32\msi.dll [3.0.3790.2180,2004-08-17 07:39:58]
___________________________________
♂血祭│潇遥 - 2007-2-11 13:49:00
高手看看,不知道为什么QQ总是重新的自己启动
♂血祭│潇遥 - 2007-2-11 13:53:00
最新捕捉到的报告
♂血祭│潇遥 - 2007-2-11 13:54:00
目标程序发生[可持续]异常,详细信息:[异常类型] EXCEPTION_ACCESS_VIOLATION/
[异常地址] 0x77BFB929/
[出错原因]:对地址[0xBAADF00D]进行读操作/操作系统:Microsoft Windows XP Service Pack 2 [Build 5.1.2600]
Registers:
EAX=00381FF8 EBX=00381EA0 ECX=003861BC EDX=BAADF00D
ESI=00FFFFFF EDI=00000037 EBP=0012CF74 ESP=0012CF54
EIP=77BFB929
Bytes at cs:Eip:
8B 0A 2B 4D F0 8B F1 C1 FE 04 4E 83 FE 3F 89 4D F8 7E 03 6A 3F 5E 3B F7 0F 84 01 01 00 00 8B 4A
Call stack:
0x77BE0000[1B929] msvcrt.dll: - 0x77BFB929(00381EA0,00000000,FFFFFFFF,77BFC407)
0x77BE0000[1C320] msvcrt.dll: - 0x77BFC320(00000080,0012CFC8,77BFC42E,00000080)
0x77BE0000[1C3E7] msvcrt.dll: - 0x77BFC3E7(00000080,00000000,00000080,60A13844)
0x77BE0000[1C42E] msvcrt.dll: - 0x77BFC42E(00000080,00000000,00B4A530,0012D014)
0X60A10000[3844] MFC42.DLL: - 0x60A13844(00000080,00000080,00000020,00000080)
0X60090000[E89F] BasicCtrlDll.dll: - 0x6009E89F(0365AAE8,00000004,1B510F94,0012D048)
0X60090000[E193] BasicCtrlDll.dll: - 0x6009E193(00B4A550,0365AAE8,1B510F94,00B57624)
0X00400000[88DB2] QQ.exe: - 0x00488DB2(00B4A550,0365AAE8,1B510F94,00B57628)
0X00400000[889AE] QQ.exe: - 0x004889AE(00B4A550,0365AAE8,00B57624,00B57628)
0X00400000[88853] QQ.exe: - 0x00488853(00B5762C,00B575C0,00B575C0,0012D100)
0X00400000[F4AC2] QQ.exe: - 0x004F4AC2(00B51A30,0012D194,00DEB878,6009355F)
0X00400000[86CBD] QQ.exe: - 0x00486CBD(00B575C0,00D58F80,000001D8,0012D158)
0X00400000[43E64] QQ.exe: - 0x00443E64(0012D194,0012D2DB,00B57A04,00DEBD48)
0X00400000[44872] QQ.exe: - 0x00444872(000001F0,0012D3D8,0012D2DB,00B57A04)
0X00400000[44F6C] QQ.exe: - 0x00444F6C(000001F0,0012D3D8,0012D2DB,00B57A04)
0X00400000[4777E] QQ.exe: - 0x0044777E(000001F0,0012D3D8,0012D2DB,00B57A04)
0X00400000[476F0] QQ.exe: - 0x004476F0(000001F0,0012D3D8,0012D2DB,00B57A04)
0X00400000[47E35] QQ.exe: - 0x00447E35(00B57A04,000001F0,0012D3D8,0012D2DB)
0X00400000[40FC1] QQ.exe: - 0x00440FC1(01000000,03677858,00001F40,000001F0)
0X00400000[4137B] QQ.exe: - 0x0044137B(00000000,03677858,00001F40,000001F0)
0X00400000[4204C] QQ.exe: - 0x0044204C(00000000,00AF8810,0012D308,0012D37C)
0X60A10000[1B49] MFC42.DLL: - 0x60A11B49(00000000,03677858,00001F40,000001F0)
0X00400000[41FB8] QQ.exe: - 0x00441FB8(00000000,03677858,00001F40,000001F0)
0X00400000[42222] QQ.exe: - 0x00442222(00AF88EC,00000000,03677858,00001F40)
0X00400000[5353D] QQ.exe: - 0x0045353D(00000000,03677858,00001F40,000001F0)
0X00400000[537F4] QQ.exe: - 0x004537F4(7C99E4C0,7C933E6F,7C933E62,00000208)
0X7C920000[10970] ntdll.dll: - 0x7C930970(7C933E62,00000208,00000000,00000000)
0X7C920000[13E6F] ntdll.dll: - 0x7C933E6F(00000208,00000000,00000000,7FFDF000)
0X7C920000[13E62] ntdll.dll: - 0x7C933E62(0012D778,7C802600,773A63C4,00000000)
0X7C800000[262A] kernel32.dll: - 0x7C80262A(773A63C4,00000000,77F47318,00000014)
0X7C800000[2600] kernel32.dll: - 0x7C802600(00000001,00000000,00000000,00150000)
0X7C800000[FB8F] kernel32.dll: - 0x7C80FB8F(7C93B298,00150000,40000060,7C9306EB)
0X7C920000[1B686] ntdll.dll: - 0x7C93B686(00150000,40000060,7C9306EB,00000000)
0X7C920000[1B298] ntdll.dll: - 0x7C93B298(00000000,0012DD3C,0012DD30,0012E9BC)
0X7C920000[106EB] ntdll.dll: - 0x7C9306EB(0012E1BC,0012E9BC,00150000,7C96A1F5)
0X77F40000[B656] SHLWAPI.dll: - 0x77F4B656(0012DA44,7C93B5F4,7C93B686,0000021A)
0X7C920000[4A1F5] ntdll.dll: - 0x7C96A1F5(7C93B686,0000021A,00150000,00000001)
0X7C920000[1B5F4] ntdll.dll: - 0x7C93B5F4(0000021A,00150000,00000001,001F3008)
0X7C920000[1B686] ntdll.dll: - 0x7C93B686(001F3008,7C92E027,7C80B1F9,FFFFFFFF)
0X7C920000[26ABE] ntdll.dll: - 0x7C946ABE(7C80B1F9,FFFFFFFF,00000017,0012D88C)
0X7C920000[E027] ntdll.dll: - 0x7C92E027(FFFFFFFF,00000017,0012D88C,00000024)
0X7C800000[B1F9] kernel32.dll: - 0x7C80B1F9(0000003D,03030002,00000503,00000000)
0X7C800000[B249] kernel32.dll: - 0x7C80B249(0012DB10,7C93B5F4,7C93B686,00000018)
0X7C920000[49D79] ntdll.dll: - 0x7C969D79(7C93B686,00000018,00150000,00000001)
0X7C920000[1B5F4] ntdll.dll: - 0x7C93B5F4(00000018,00150000,00000001,FFFFFFFF)
0X7C920000[1B686] ntdll.dll: - 0x7C93B686(0012DB34,7C93B5F4,7C93B686,00000018)
0X7C920000[49D79] ntdll.dll: - 0x7C969D79(7C93B686,00000018,00150000,00000001)
0X7C920000[1B5F4] ntdll.dll: - 0x7C93B5F4(00000018,00150000,00000001,00000018)
0X7C920000[1B686] ntdll.dll: - 0x7C93B686(7C933E62,00000208,0012DD3C,0012DD30)
0X7C920000[13E6F] ntdll.dll: - 0x7C933E6F(00000208,0012DD3C,0012DD30,001F3008)
0X7C920000[13E62] ntdll.dll: - 0x7C933E62(7C93B686,00000070,00150178,00000001)
♂血祭│潇遥 - 2007-2-11 18:47:00
有没有人啊?
♂血祭│潇遥 - 2007-2-11 18:54:00
有人无??
奇迹天下 - 2007-2-11 19:20:00
看不懂,太高深了
♂血祭│潇遥 - 2007-2-13 9:47:00
..........9958.........
♂血祭│潇遥 - 2007-2-13 9:53:00
有没有人啊
姑苏残月 - 2007-2-13 10:02:00
换SRENG扫描吧,这个扫描器扫描的东西看不
姑苏残月 - 2007-2-13 10:02:00
换SRENG扫描吧,这个扫描器扫描的东西看不懂
♂血祭│潇遥 - 2007-2-13 10:53:00
| 引用: |
【姑苏残月的贴子】换SRENG扫描吧,这个扫描器扫描的东西看不懂
……………… |
好
姑苏残月 - 2007-2-13 10:54:00
别只说好啊,你用SRENG扫描的结果呢?拿来啊
♂血祭│潇遥 - 2007-2-13 10:57:00
[CODE]
2007-02-13,10:44:05
System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Corporation]
<h4rg9tcx5><C:\WINDOWS\iexp1ore.exe> [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Corporation]
<PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [(Verified)Microsoft Corporation]
<PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [(Verified)Microsoft Corporation]
<IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload> [(Verified)Microsoft Corporation]
<RavTask><"D:\Program Files\Rising\Rav\RavTask.exe" -system> [Beijing Rising Technology Co., Ltd.]
<TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [(Verified)RealNetworks, Inc.]
<runeip><C:\Program Files\Rising\AntiSpyware\runiep.exe> [Beijing Rising Technology Co., Ltd.]
<miniqqlive><"C:\Program Files\Tencent\QQLive\MiniQQLive.exe"> [N/A]
<StormCodec_Helper><; "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti> [N/A]
<KernelFaultCheck><%systemroot%\system32\dumprep 0 -k> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><75976M.BMP> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll> [Beijing Rising Technology Co., Ltd.]
==================================
启动文件夹
[腾讯QQ]
<C:\Documents and Settings\xiao\「开始」菜单\程序\启动\腾讯QQ.lnk --> E:\QQ\QQ.exe [TENCENT]><N>
[腾讯TM]
<C:\Documents and Settings\xiao\「开始」菜单\程序\启动\腾讯TM.lnk --> E:\QQTM\TMShell.exe [腾讯公司]><N>
==================================
服务
[Human Interface Device Access / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
<"D:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
<"D:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[Vsn vhiw Service / vhiw][Stopped/Auto Start]
<C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\COMMON~1\bnoc\iuvj.dll,Service><Microsoft Corporation>
==================================
♂血祭│潇遥 - 2007-2-13 10:57:00
驱动程序
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
<System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[ExpScaner / ExpScaner][Running/Auto Start]
<\??\D:\Program Files\Rising\Rav\ExpScan.sys><>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
<system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[HookCont / HookCont][Running/Auto Start]
<\??\D:\Program Files\Rising\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
<\??\D:\Program Files\Rising\Rav\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
<\??\D:\Program Files\Rising\Rav\HookSys.sys><Rising>
[meic / meicn][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\meicn.sys><N/A>
[npkcrypt / npkcrypt][Running/Auto Start]
<\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
<\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
<\??\D:\PROGRAM FILES\RISING\RAV\RSPPSYS.sys><Rising>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
<system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[S3SavageNB / S3SavageNB][Running/Manual Start]
<system32\DRIVERS\s3gnbm.sys><S3 Graphics, Inc.>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><N/A>
[viadsk / viadsk][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\viadsk.sys><VIA Technologies, Inc.>
[VIA AC'97 Audio Controller (WDM) / VIAudio][Running/Manual Start]
<system32\drivers\viaudio.sys><VIA Technologies, Inc.>
[zempld6 / zempld60][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\zempld60.sys><N/A>
==================================
浏览器加载项
[Thunder Browser Helper]
{4292FF4D-E809-4728-9377-43FF79326891} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_006.dll, Thunder Networking Technologies,LTD>
[vefw]
{4292FF4E-E809-4728-9377-43FF79326891} <C:\PROGRA~1\COMMON~1\bnoc\frsg.dll, N/A>
[启动迅雷5]
{09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[信息检索(&R)]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <E:\QQ\QQ.EXE, TENCENT>
[金山快译(&K)]
{6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} <C:\Program Files\Kingsoft\FastAIT 2006\IEBand.dll, 金山软件股份有限公司>
[Shockwave Flash
Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[Rising Web Scan
Object]
{E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <C:\WINDOWS\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\Mshtml.dll, N/A>
[Thunder Browser Helper]
{4292FF4D-E809-4728-9377-43FF79326891} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_006.dll, Thunder Networking Technologies,LTD>
[vefw]
{4292FF4E-E809-4728-9377-43FF79326891} <C:\PROGRA~1\COMMON~1\bnoc\frsg.dll, N/A>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[金山快译(&K)]
{6C3797D2-3FEF-4CD4-B654-D3AE55B4128C} <C:\Program Files\Kingsoft\FastAIT 2006\IEBand.dll, 金山软件股份有限公司>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_006.dll, Thunder Networking Technologies,LTD>
[Microsoft Scriptlet Component]
{AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\Mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RealPlayer G2 Control]
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash
Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[Rising Web Scan
Object]
{E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <C:\WINDOWS\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[CPasswordEditCtrl
Object]
{E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
[&使用迅雷下载]
<C:\Program Files\Thunder Network\Thunder\Program\geturl.htm, N/A>
[&使用迅雷下载全部链接]
<C:\Program Files\Thunder Network\Thunder\Program\getallurl.htm, N/A>
[上传到QQ网络硬盘]
<E:\QQ\AddToNetDisk.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
<res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
<E:\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
<E:\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
<E:\QQ\SendMMS.htm, N/A>
==================================
♂血祭│潇遥 - 2007-2-13 10:58:00
驱动程序
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
<System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[ExpScaner / ExpScaner][Running/Auto Start]
<\??\D:\Program Files\Rising\Rav\ExpScan.sys><>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
<system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[HookCont / HookCont][Running/Auto Start]
<\??\D:\Program Files\Rising\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
<\??\D:\Program Files\Rising\Rav\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
<\??\D:\Program Files\Rising\Rav\HookSys.sys><Rising>
[meic / meicn][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\meicn.sys><N/A>
[npkcrypt / npkcrypt][Running/Auto Start]
<\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
<\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
<\??\D:\PROGRAM FILES\RISING\RAV\RSPPSYS.sys><Rising>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
<system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[S3SavageNB / S3SavageNB][Running/Manual Start]
<system32\DRIVERS\s3gnbm.sys><S3 Graphics, Inc.>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><N/A>
[viadsk / viadsk][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\viadsk.sys><VIA Technologies, Inc.>
[VIA AC'97 Audio Controller (WDM) / VIAudio][Running/Manual Start]
<system32\drivers\viaudio.sys><VIA Technologies, Inc.>
[zempld6 / zempld60][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\zempld60.sys><N/A>
==================================
浏览器加载项
[Thunder Browser Helper]
{4292FF4D-E809-4728-9377-43FF79326891} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_006.dll, Thunder Networking Technologies,LTD>
[vefw]
{4292FF4E-E809-4728-9377-43FF79326891} <C:\PROGRA~1\COMMON~1\bnoc\frsg.dll, N/A>
[启动迅雷5]
{09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[信息检索(&R)]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <E:\QQ\QQ.EXE, TENCENT>
[金山快译(&K)]
{6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} <C:\Program Files\Kingsoft\FastAIT 2006\IEBand.dll, 金山软件股份有限公司>
[Shockwave Flash
Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[Rising Web Scan
Object]
{E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <C:\WINDOWS\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\Mshtml.dll, N/A>
[Thunder Browser Helper]
{4292FF4D-E809-4728-9377-43FF79326891} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_006.dll, Thunder Networking Technologies,LTD>
[vefw]
{4292FF4E-E809-4728-9377-43FF79326891} <C:\PROGRA~1\COMMON~1\bnoc\frsg.dll, N/A>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[金山快译(&K)]
{6C3797D2-3FEF-4CD4-B654-D3AE55B4128C} <C:\Program Files\Kingsoft\FastAIT 2006\IEBand.dll, 金山软件股份有限公司>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_006.dll, Thunder Networking Technologies,LTD>
[Microsoft Scriptlet Component]
{AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\Mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RealPlayer G2 Control]
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash
Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[Rising Web Scan
Object]
{E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <C:\WINDOWS\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[CPasswordEditCtrl
Object]
{E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
[&使用迅雷下载]
<C:\Program Files\Thunder Network\Thunder\Program\geturl.htm, N/A>
[&使用迅雷下载全部链接]
<C:\Program Files\Thunder Network\Thunder\Program\getallurl.htm, N/A>
[上传到QQ网络硬盘]
<E:\QQ\AddToNetDisk.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
<res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
<E:\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
<E:\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
<E:\QQ\SendMMS.htm, N/A>
==================================
♂血祭│潇遥 - 2007-2-13 10:58:00
正在运行的进程
[PID: 428][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 500][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 524][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 568][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 580][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 732][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 792][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 876][D:\Program Files\Rising\Rav\CCenter.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 892][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 960][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1068][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1080][D:\Program Files\Rising\Rav\Ravmond.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 43]
[D:\Program Files\Rising\Rav\BWList.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[D:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[D:\Program Files\Rising\Rav\rfwctrl.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
[D:\Program Files\Rising\Rav\RsPPsys.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[D:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[D:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[D:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[D:\Program Files\Rising\Rav\RsLog.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
[D:\Program Files\Rising\Rav\HOOKSYS.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 0]
[D:\Program Files\Rising\Rav\Scanner.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 12]
[D:\Program Files\Rising\Rav\libload.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
[D:\Program Files\Rising\Rav\VirusLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[D:\Program Files\Rising\Rav\regmon.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
[D:\Program Files\Rising\Rav\HookWeb.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 1]
[D:\Program Files\Rising\Rav\expscan.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[D:\Program Files\Rising\Rav\mPorts.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
[D:\Program Files\Rising\Rav\HookCont.dll] [Rising, 19, 0, 0, 0]
[D:\Program Files\Rising\Rav\SpamEng.dll] [N/A, 18, 0, 0, 6]
[D:\Program Files\Rising\Rav\engine.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 25]
[D:\Program Files\Rising\Rav\UnExe.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[D:\Program Files\Rising\Rav\ScanExec.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
[D:\Program Files\Rising\Rav\ScanEx.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 40]
[D:\Program Files\Rising\Rav\ExtFile.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 25]
[D:\Program Files\Rising\Rav\PostTrt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 8]
[D:\Program Files\Rising\Rav\NvFile.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
[D:\Program Files\Rising\Rav\ScanMac.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 13]
[D:\Program Files\Rising\Rav\ScanSct.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
[D:\Program Files\Rising\Rav\Unpacker.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
[D:\Program Files\Rising\Rav\ScanPack.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
[D:\Program Files\Rising\Rav\RsVM.dll] [N/A, 19, 0, 0, 15]
[D:\Program Files\Rising\Rav\Uroutine.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 21]
[D:\Program Files\Rising\Rav\RsStore.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[D:\Program Files\Rising\Rav\Uscript.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 18]
[D:\Program Files\Rising\Rav\ExtOLE.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
[D:\Program Files\Rising\Rav\ExtMail.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 13]
[PID: 1256][D:\Program Files\Rising\Rav\RavStub.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 4]
[D:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[D:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[PID: 1352][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\vprproc.dll] [Windows (R) 2000 DDK provider, 5.00.2195.1620]
[PID: 1476][C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE] [Microsoft Corporation, 7.00.9466]
[PID: 1932][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 572][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[D:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[PID: 1756][D:\Program Files\Rising\Rav\RavTask.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
[D:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[D:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[D:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[D:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 552][D:\Program Files\Rising\Rav\Ravmon.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 45]
[D:\Program Files\Rising\Rav\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
[D:\Program Files\Rising\Rav\BWList.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[D:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[D:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[D:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[D:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[D:\Program Files\Rising\Rav\RsXML.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[D:\Program Files\Rising\Rav\PngDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 360][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] [RealNetworks, Inc., 0.1.0.3760]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 404][C:\Program Files\Rising\AntiSpyware\runiep.exe] [Beijing Rising Technology Co., Ltd., 1, 0, 1, 6]
[C:\Program Files\Rising\AntiSpyware\iep_ctrl.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 4]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 1008][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 3148][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_006.dll] [Thunder Networking Technologies,LTD, 5, 0, 0, 3]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
[C:\WINDOWS\system32\FOURI_M3.IME] [北京紫光华宇软件股份有限公司, 4.0.0.5027]
[PID: 2628][C:\DOCUME~1\xiao\LOCALS~1\Temp\Rar$EX01.719\SREng.EXE] [Smallfrogs Studio, 2.3.13.690]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
==================================
♂血祭│潇遥 - 2007-2-13 10:58:00
文件关联
.TXT Error. [C:\WINDOWS\notepad.exe %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM Error. [hh.exe %1]
.HLP OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI Error. [notepad.exe %1]
.INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1 localhost
==================================
API HOOK
N/A
==================================
[/CODE]
♂血祭│潇遥 - 2007-2-13 10:58:00
好啦
姑苏残月 - 2007-2-13 11:00:00
太多了,简单点说吧.去把日志后面是 N/A的全部干掉就OK
♂血祭│潇遥 - 2007-2-13 11:03:00
怎么干掉???大哥哥,麻烦你了!!
♂血祭│潇遥 - 2007-2-13 11:04:00
路径文件名之类的东西
姑苏残月 - 2007-2-13 11:09:00
按照路径名,删除源文件
♂血祭│潇遥 - 2007-2-13 11:16:00
N/A全部都要?比如这个:“[vefw]
{4292FF4E-E809-4728-9377-43FF79326891} <C:\PROGRA~1\COMMON~1\bnoc\frsg.dll, N/A>”
♂血祭│潇遥 - 2007-2-13 11:17:00
要不要?带N/A的我已经全部删了连什么迅雷5,什么的都删了
1
© 2000 - 2026 Rising Corp. Ltd.