瑞星卡卡安全论坛
被病毒害惨的人 - 2007-2-15 8:24:00
我中木马后我用ghost恢复到刚装好系统状态(是win98)却发现网上邻居里多了个Internet连接共享,不得
以把C盘格式化后手动重装系统,这次是装了win98和win2000,在win2000里瑞星防火墙告知我的所有硬盘被
共享,但我在打开我的电脑右键点击各个盘却没见共享选项,而按瑞星教的在管里工具里却看到了我所有的
硬盘是被共享的,请问怎么办啊?
被病毒害惨的人 - 2007-2-15 8:27:00
下面是卡卡助手里记录的进程,请帮忙看看是不是有病毒,谢谢 [csrss.exe]
PID = 0xb4
CommandLine = D:\WINNT\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
csrss.exe
0x5fff0000
d:\winnt\system32\csrss.exe
5.00.2195.6601
Microsoft Corporation
Client Server Runtime Process
2003-06-20 03:05:04
ntdll.dll
0x77f80000
D:\WINNT\system32\NTDLL.DLL
5.00.2195.6899
Microsoft Corporation
NT Layer DLL
2004-03-24 10:15:22
CSRSRV.dll
0x5ff80000
D:\WINNT\system32\CSRSRV.DLL
5.00.2195.6601
Microsoft Corporation
Client Server Runtime Process
2003-06-20 03:05:04
basesrv.dll
0x5ff90000
D:\WINNT\system32\BASESRV.DLL
5.00.2195.6951
Microsoft Corporation
Windows NT BASE API Server DLL
2004-06-18 07:05:00
被病毒害惨的人 - 2007-2-15 8:28:00
winsrv.dll
0x5ffa0000
D:\WINNT\system32\WINSRV.DLL
5.00.2195.7061
Microsoft Corporation
Windows Server DLL
2005-09-23 19:02:42
USER32.dll
0x77df0000
D:\WINNT\system32\USER32.DLL
5.00.2195.7032
Microsoft Corporation
Windows 2000 USER API Client DLL
2005-03-12 15:54:34
KERNEL32.dll
0x77e60000
D:\WINNT\system32\KERNEL32.DLL
5.00.2195.7099
Microsoft Corporation
Windows NT BASE API Client DLL
2006-06-21 12:21:46
GDI32.dll
0x77f40000
D:\WINNT\system32\GDI32.DLL
5.00.2195.7073
Microsoft Corporation
GDI Client DLL
2005-12-30 08:15:30
[winlogon.exe]
PID = 0xb0
CommandLine = winlogon.exe
winlogon.exe
0x1000000
d:\winnt\system32\winlogon.exe
5.00.2195.6970
Microsoft Corporation
Windows NT Logon Application
2004-08-25 15:12:08
ntdll.dll
0x77f80000
D:\WINNT\system32\NTDLL.DLL
5.00.2195.6899
Microsoft Corporation
NT Layer DLL
2004-03-24 10:15:22
MSVCRT.dll
0x78000000
D:\WINNT\system32\msvcrt.dll
6.10.9844.0
Microsoft Corporation
Microsoft (R) C Runtime Library
2003-06-20 03:05:04
KERNEL32.dll
0x77e60000
D:\WINNT\system32\KERNEL32.DLL
5.00.2195.7099
Microsoft Corporation
Windows NT BASE API Client DLL
2006-06-21 12:21:46
ADVAPI32.dll
0x796d0000
D:\WINNT\system32\ADVAPI32.DLL
5.00.2195.6876
Microsoft Corporation
Advanced Windows 32 Base API
2004-03-24 10:15:16
RPCRT4.DLL
0x786f0000
D:\WINNT\system32\rpcrt4.dll
5.00.2195.7085
Microsoft Corporation
Remote Procedure Call Runtime
2006-04-13 10:46:40
GDI32.dll
0x77f40000
D:\WINNT\system32\GDI32.DLL
5.00.2195.7073
Microsoft Corporation
GDI Client DLL
2005-12-30 08:15:30
USER32.dll
0x77df0000
D:\WINNT\system32\USER32.DLL
5.00.2195.7032
Microsoft Corporation
Windows 2000 USER API Client DLL
2005-03-12 15:54:34
USERENV.dll
0x794d0000
D:\WINNT\system32\USERENV.DLL
5.00.2195.6794
Microsoft Corporation
Userenv
2004-03-24 10:15:16
NDdeApi.dll
0x76940000
D:\WINNT\system32\NDDEAPI.DLL
5.00.2195.6661
Microsoft Corporation
Network DDE Share Management APIs
2003-06-20 03:05:04
sfc.dll
0x76920000
D:\WINNT\system32\sfc.dll
5.00.2195.6673
Microsoft Corporation
Windows File Protection
2003-06-20 03:05:04
被病毒害惨的人 - 2007-2-15 8:29:00
sfcfiles.dll
0x67720000
D:\WINNT\system32\sfcfiles.dll
5.00.2195.6894
Microsoft Corporation
Windows 2000 System File Checker
2004-03-24 10:15:20
Secur32.dll
0x797b0000
D:\WINNT\system32\secur32.dll
5.00.2195.6695
Microsoft Corporation
Security Support Provider Interface
2003-06-20 03:05:04
PROFMAP.dll
0x68830000
D:\WINNT\system32\profmap.dll
5.00.2195.6610
Microsoft Corporation
Userenv
2003-06-20 03:05:04
NETAPI32.dll
0x7cea0000
D:\WINNT\system32\NETAPI32.DLL
5.00.2195.7108
Microsoft Corporation
Net Win32 API DLL
2006-08-17 18:44:10
NTDSAPI.dll
0x77bd0000
D:\WINNT\system32\ntdsapi.dll
5.00.2195.6666
Microsoft Corporation
NT5DS
2003-06-20 03:05:04
DNSAPI.DLL
0x77960000
D:\WINNT\system32\dnsapi.dll
5.00.2195.7100
Microsoft Corporation
DNS Client API DLL
2006-07-06 17:15:02
WSOCK32.dll
0x74fd0000
D:\WINNT\system32\wsock32.dll
5.00.2195.6603
Microsoft Corporation
Windows Socket 32-Bit DLL
2003-06-20 03:05:04
WS2_32.DLL
0x74fb0000
D:\WINNT\system32\ws2_32.dll
5.00.2195.6601
Microsoft Corporation
Windows Socket 2.0 32-Bit DLL
2003-06-20 03:05:04
WS2HELP.DLL
0x74fa0000
D:\WINNT\system32\ws2help.dll
5.00.2134.1
Microsoft Corporation
Windows Socket 2.0 Helper for Windows NT
2000-01-10 12:00:00
WLDAP32.DLL
0x77930000
D:\WINNT\system32\WLDAP32.DLL
5.00.2195.6666
Microsoft Corporation
Win32 LDAP API DLL
2003-06-20 03:05:04
NETRAP.dll
0x75150000
D:\WINNT\system32\netrap.dll
5.00.2134.1
Microsoft Corporation
Net Remote Admin Protocol DLL
2000-01-10 12:00:00
SAMLIB.dll
0x750e0000
D:\WINNT\system32\samlib.dll
5.00.2195.6897
Microsoft Corporation
SAM Library DLL
2004-03-24 10:15:20
IMM32.DLL
0x75e00000
D:\WINNT\system32\imm32.dll
5.00.2195.6655
Microsoft Corporation
Windows 2000 IMM32 API Client DLL
2003-06-20 03:05:04
msgina.dll
0x77ca0000
D:\WINNT\system32\MSGINA.DLL
5.00.2195.6928
Microsoft Corporation
Windows NT Logon Application
2004-06-18 07:05:00
SHELL32.dll
0x78f90000
D:\WINNT\system32\SHELL32.DLL
5.00.3900.7105
Microsoft Corporation
Windows Shell Common Dll
2006-07-13 12:38:54
SHLWAPI.dll
0x8e0000
D:\WINNT\system32\shlwapi.dll
5.00.3900.7070
Microsoft Corporation
Shell Light-weight Utility Library
2006-10-23 12:13:40
COMCTL32.dll
0x77b30000
D:\WINNT\system32\comctl32.dll
5.81
Microsoft Corporation
Common Controls Library
2006-08-28 16:32:58
WINSTA.dll
0x64e20000
D:\WINNT\system32\winsta.dll
5.00.2195.6701
Microsoft Corporation
Winstation Library
2003-06-20 03:05:04
被病毒害惨的人 - 2007-2-15 8:33:00
setupapi.dll
0x6d990000
D:\WINNT\system32\SETUPAPI.DLL
5.00.2195.6622
Microsoft Corporation
Windows Setup API
2003-06-20 03:05:04
wintrust.dll
0x768d0000
D:\WINNT\system32\WINTRUST.DLL
5.131.2195.6824
Microsoft Corporation
Microsoft Trust Verification APIs
2004-03-24 10:15:18
CRYPT32.dll
0x79c40000
D:\WINNT\system32\CRYPT32.DLL
5.131.2195.6824
Microsoft Corporation
Crypto API32
2004-03-24 10:15:18
MSASN1.DLL
0x773f0000
D:\WINNT\system32\msasn1.dll
5.00.2195.6905
Microsoft Corporation
ASN.1 Runtime APIs
2004-03-24 10:15:18
IMAGEHLP.dll
0x77900000
D:\WINNT\system32\IMAGEHLP.DLL
5.00.2195.6613
Microsoft Corporation
Windows NT Image Helper
2003-06-20 03:05:04
ole32.dll
0x7cf00000
D:\WINNT\system32\OLE32.DLL
5.00.2195.7059
Microsoft Corporation
Microsoft OLE for Windows
2005-09-05 13:47:36
wdmaud.drv
0x77520000
D:\WINNT\system32\wdmaud.drv
5.00.2195.6673
Microsoft Corporation
WDM Audio driver mapper
2003-06-20 03:05:04
mscat32.dll
0x769a0000
D:\WINNT\system32\mscat32.dll
5.131.2134.1
Microsoft Corporation
MSCAT32 Forwarder DLL
2000-01-10 12:00:00
rsaenh.dll
0x7ca00000
D:\WINNT\system32\rsaenh.dll
5.00.2195.6611
Microsoft Corporation
Microsoft Enhanced Cryptographic Provider (US/Canada Only, Not for Export)
2003-06-20 03:05:04
cscdll.dll
0x77080000
D:\WINNT\system32\cscdll.dll
5.00.2195.6713
Microsoft Corporation
Offline Network Agent
2003-06-20 03:05:04
WlNotify.dll
0x768c0000
D:\WINNT\system32\wlnotify.dll
5.00.2195.6706
Microsoft Corporation
Common DLL to receive Winlogon notifications
2003-06-20 03:05:04
CERTCLI.DLL
0x75510000
D:\WINNT\system32\certcli.dll
5.00.2195.6619
Microsoft Corporation
Microsoft(R) Certificate Services Client
2003-06-20 03:05:04
ATL.DLL
0x773a0000
D:\WINNT\system32\atl.dll
3.00.9435
Microsoft Corporation
ATL Module for Windows NT (Unicode)
2003-06-20 03:05:04
WINSCARD.DLL
0x76900000
D:\WINNT\system32\winscard.dll
5.00.2195.6609
Microsoft Corporation
Microsoft Smart Card API
2003-06-20 03:05:04
WINSPOOL.DRV
0x777c0000
D:\WINNT\system32\WINSPOOL.DRV
5.00.2195.6659
Microsoft Corporation
Windows Spooler Driver
2003-06-20 03:05:04
MPR.DLL
0x79b20000
D:\WINNT\system32\mpr.dll
5.00.2195.6824
Microsoft Corporation
Multiple Provider Router DLL
2006-06-21 12:21:46
wzcdlg.dll
0x1660000
D:\WINNT\system32\wzcdlg.dll
5.00.2195.6604
Microsoft Corporation
Wireless Zero Configuration Service UI
2003-06-20 03:05:04
OLEAUT32.dll
0x77990000
D:\WINNT\system32\OLEAUT32.DLL
2.40.4522
Microsoft Corporation
2003-06-20 03:05:04
WZCSAPI.DLL
0x1680000
D:\WINNT\system32\wzcsapi.dll
5.00.2195.6604
Microsoft Corporation
Wireless Zero Configuration service API
2003-06-20 03:05:04
cscui.dll
0x77810000
D:\WINNT\system32\cscui.dll
5.00.2195.6705
Microsoft Corporation
Client Side Caching UI
2003-06-20 03:05:04
msacm32.drv
0x773c0000
D:\WINNT\system32\msacm32.drv
5.00.2134.1
Microsoft Corporation
Microsoft Sound Mapper
2000-01-10 12:00:00
MSACM32.dll
0x773d0000
D:\WINNT\system32\msacm32.dll
5.00.2134.1
Microsoft Corporation
Microsoft ACM Audio Filter
2000-01-10 12:00:00
l3codeca.acm
0x10000000
D:\WINNT\system32\l3codeca.acm
1, 9, 0, 0305
Fraunhofer Institut Integrierte Schaltungen IIS
MPEG Layer-3 Audio Codec for MSACM
2002-04-03 14:37:40
CLBCATQ.DLL
0x72c50000
D:\WINNT\system32\clbcatq.dll
2000.2.3529.0
Microsoft Corporation
2005-09-05 13:47:36
msv1_0.dll
0x782d0000
D:\WINNT\system32\MSV1_0.DLL
5.00.2195.6897
Microsoft Corporation
Microsoft Authentication Package v1.0
2004-03-11 10:37:18
IPHLPAPI.DLL
0x77300000
D:\WINNT\system32\IPHLPAPI.DLL
5.00.2195.7097
Microsoft Corporation
IP Helper API
2006-05-19 14:47:56
被病毒害惨的人 - 2007-2-15 8:34:00
ICMP.dll
0x774e0000
D:\WINNT\system32\icmp.dll
5.00.2134.1
Microsoft Corporation
ICMP DLL
2000-01-10 12:00:00
MPRAPI.dll
0x772e0000
D:\WINNT\system32\mprapi.dll
5.00.2181.1
Microsoft Corporation
Windows NT MP Router Administration DLL
2000-01-10 12:00:00
ACTIVEDS.DLL
0x77370000
D:\WINNT\system32\activeds.dll
5.00.2195.6601
Microsoft Corporation
ADs Router Layer DLL
2003-06-20 03:05:04
ADSLDPC.DLL
0x77340000
D:\WINNT\system32\adsldpc.dll
5.00.2195.6701
Microsoft Corporation
ADs LDAP Provider C DLL
2003-06-20 03:05:04
RTUTILS.DLL
0x777f0000
D:\WINNT\system32\rtutils.dll
5.00.2168.1
Microsoft Corporation
Routing Utilities
2000-01-10 12:00:00
RASAPI32.dll
0x774a0000
D:\WINNT\system32\RASAPI32.DLL
5.00.2195.6625
Microsoft Corporation
Remote Access API
2003-06-20 03:05:04
RASMAN.DLL
0x77480000
D:\WINNT\system32\RASMAN.DLL
5.00.2195.6604
Microsoft Corporation
Remote Access Connection Manager
2003-06-20 03:05:04
TAPI32.DLL
0x774f0000
D:\WINNT\system32\TAPI32.DLL
5.00.2195.6664
Microsoft Corporation
Microsoft? Windows(TM) Telephony API Client DLL
2003-06-20 03:05:04
DHCPCSVC.DLL
0x77320000
D:\WINNT\system32\DHCPCSVC.DLL
5.00.2195.7085
Microsoft Corporation
DHCP Client Service
2006-05-19 14:47:56
VERSION.dll
0x777e0000
D:\WINNT\system32\version.dll
5.00.2195.6623
Microsoft Corporation
Version Checking and File Installation Libraries
2003-06-20 03:05:04
LZ32.DLL
0x75950000
D:\WINNT\system32\lz32.dll
5.00.2195.6611
Microsoft Corporation
LZ Expand/Compress API DLL
2003-06-20 03:05:04
被病毒害惨的人 - 2007-2-15 8:37:00
[services.exe]
PID = 0xe4
CommandLine = D:\WINNT\system32\services.exe
services.exe
0x1000000
D:\WINNT\system32\SERVICES.EXE
5.00.2195.6700
Microsoft Corporation
Services and Controller app
2003-06-20 03:05:04
ntdll.dll
0x77f80000
D:\WINNT\system32\NTDLL.DLL
5.00.2195.6899
Microsoft Corporation
NT Layer DLL
2004-03-24 10:15:22
RPCRT4.DLL
0x786f0000
D:\WINNT\system32\rpcrt4.dll
5.00.2195.7085
Microsoft Corporation
Remote Procedure Call Runtime
2006-04-13 10:46:40
KERNEL32.dll
0x77e60000
D:\WINNT\system32\KERNEL32.DLL
5.00.2195.7099
Microsoft Corporation
Windows NT BASE API Client DLL
2006-06-21 12:21:46
ADVAPI32.dll
0x796d0000
D:\WINNT\system32\ADVAPI32.DLL
5.00.2195.6876
Microsoft Corporation
Advanced Windows 32 Base API
2004-03-24 10:15:16
NETAPI32.DLL
0x7cea0000
D:\WINNT\system32\NETAPI32.DLL
5.00.2195.7108
Microsoft Corporation
Net Win32 API DLL
2006-08-17 18:44:10
MSVCRT.dll
0x78000000
D:\WINNT\system32\msvcrt.dll
6.10.9844.0
Microsoft Corporation
Microsoft (R) C Runtime Library
2003-06-20 03:05:04
Secur32.dll
0x797b0000
D:\WINNT\system32\secur32.dll
5.00.2195.6695
Microsoft Corporation
Security Support Provider Interface
2003-06-20 03:05:04
NTDSAPI.dll
0x77bd0000
D:\WINNT\system32\ntdsapi.dll
5.00.2195.6666
Microsoft Corporation
NT5DS
2003-06-20 03:05:04
DNSAPI.DLL
0x77960000
D:\WINNT\system32\dnsapi.dll
5.00.2195.7100
Microsoft Corporation
DNS Client API DLL
2006-07-06 17:15:02
WSOCK32.dll
0x74fd0000
D:\WINNT\system32\wsock32.dll
5.00.2195.6603
Microsoft Corporation
Windows Socket 32-Bit DLL
2003-06-20 03:05:04
WS2_32.DLL
0x74fb0000
D:\WINNT\system32\ws2_32.dll
5.00.2195.6601
Microsoft Corporation
Windows Socket 2.0 32-Bit DLL
2003-06-20 03:05:04
WS2HELP.DLL
0x74fa0000
D:\WINNT\system32\ws2help.dll
5.00.2134.1
Microsoft Corporation
Windows Socket 2.0 Helper for Windows NT
2000-01-10 12:00:00
WLDAP32.DLL
0x77930000
D:\WINNT\system32\WLDAP32.DLL
5.00.2195.6666
Microsoft Corporation
Win32 LDAP API DLL
2003-06-20 03:05:04
NETRAP.dll
0x75150000
D:\WINNT\system32\netrap.dll
5.00.2134.1
Microsoft Corporation
Net Remote Admin Protocol DLL
2000-01-10 12:00:00
SAMLIB.dll
0x750e0000
D:\WINNT\system32\samlib.dll
5.00.2195.6897
Microsoft Corporation
SAM Library DLL
2004-03-24 10:15:20
USER32.DLL
0x77df0000
D:\WINNT\system32\USER32.DLL
5.00.2195.7032
Microsoft Corporation
Windows 2000 USER API Client DLL
2005-03-12 15:54:34
GDI32.dll
0x77f40000
D:\WINNT\system32\GDI32.DLL
5.00.2195.7073
Microsoft Corporation
GDI Client DLL
2005-12-30 08:15:30
UMPNPMGR.DLL
0x76740000
D:\WINNT\system32\UMPNPMGR.DLL
5.00.2195.7069
Microsoft Corporation
User-mode Plug-and-Play Service
2005-09-02 02:23:50
USERENV.DLL
0x794d0000
D:\WINNT\system32\USERENV.DLL
5.00.2195.6794
Microsoft Corporation
Userenv
2004-03-24 10:15:16
被病毒害惨的人 - 2007-2-15 8:38:00
SCESRV.DLL
0x767b0000
D:\WINNT\system32\scesrv.dll
5.00.2195.6903
Microsoft Corporation
Windows Security Configuration Editor Engine
2004-03-24 10:15:18
IMM32.DLL
0x75e00000
D:\WINNT\system32\imm32.dll
5.00.2195.6655
Microsoft Corporation
Windows 2000 IMM32 API Client DLL
2003-06-20 03:05:04
eventlog.dll
0x76830000
D:\WINNT\system32\EVENTLOG.DLL
5.00.2195.6883
Microsoft Corporation
Event Logging Service
2004-03-24 10:15:18
dhcpcsvc.dll
0x77320000
D:\WINNT\system32\DHCPCSVC.DLL
5.00.2195.7085
Microsoft Corporation
DHCP Client Service
2006-05-19 14:47:56
ICMP.dll
0x774e0000
D:\WINNT\system32\icmp.dll
5.00.2134.1
Microsoft Corporation
ICMP DLL
2000-01-10 12:00:00
iphlpapi.dll
0x77300000
D:\WINNT\system32\IPHLPAPI.DLL
5.00.2195.7097
Microsoft Corporation
IP Helper API
2006-05-19 14:47:56
MPRAPI.dll
0x772e0000
D:\WINNT\system32\mprapi.dll
5.00.2181.1
Microsoft Corporation
Windows NT MP Router Administration DLL
2000-01-10 12:00:00
OLE32.DLL
0x7cf00000
D:\WINNT\system32\OLE32.DLL
5.00.2195.7059
Microsoft Corporation
Microsoft OLE for Windows
2005-09-05 13:47:36
OLEAUT32.DLL
0x77990000
D:\WINNT\system32\OLEAUT32.DLL
2.40.4522
Microsoft Corporation
2003-06-20 03:05:04
ACTIVEDS.DLL
0x77370000
D:\WINNT\system32\activeds.dll
5.00.2195.6601
Microsoft Corporation
ADs Router Layer DLL
2003-06-20 03:05:04
ADSLDPC.DLL
0x77340000
D:\WINNT\system32\adsldpc.dll
5.00.2195.6701
Microsoft Corporation
ADs LDAP Provider C DLL
2003-06-20 03:05:04
RTUTILS.DLL
0x777f0000
D:\WINNT\system32\rtutils.dll
5.00.2168.1
Microsoft Corporation
Routing Utilities
2000-01-10 12:00:00
SETUPAPI.DLL
0x6d990000
D:\WINNT\system32\SETUPAPI.DLL
5.00.2195.6622
Microsoft Corporation
Windows Setup API
2003-06-20 03:05:04
RASAPI32.dll
0x774a0000
D:\WINNT\system32\RASAPI32.DLL
5.00.2195.6625
Microsoft Corporation
Remote Access API
2003-06-20 03:05:04
RASMAN.DLL
0x77480000
D:\WINNT\system32\RASMAN.DLL
5.00.2195.6604
Microsoft Corporation
Remote Access Connection Manager
2003-06-20 03:05:04
TAPI32.DLL
0x774f0000
D:\WINNT\system32\TAPI32.DLL
5.00.2195.6664
Microsoft Corporation
Microsoft? Windows(TM) Telephony API Client DLL
2003-06-20 03:05:04
COMCTL32.DLL
0x77b30000
D:\WINNT\system32\comctl32.dll
5.81
Microsoft Corporation
Common Controls Library
2006-08-28 16:32:58
SHLWAPI.DLL
0x77c70000
D:\WINNT\system32\shlwapi.dll
5.00.3900.7070
Microsoft Corporation
Shell Light-weight Utility Library
2006-10-23 12:13:40
dnsrslvr.dll
0x76840000
D:\WINNT\system32\dnsrslvr.dll
5.00.2195.7102
Microsoft Corporation
DNS Caching Resolver Service
2006-07-06 17:15:02
rsaenh.dll
0x7ca00000
D:\WINNT\system32\rsaenh.dll
5.00.2195.6611
Microsoft Corporation
Microsoft Enhanced Cryptographic Provider (US/Canada Only, Not for Export)
2003-06-20 03:05:04
CRYPT32.dll
0x79c40000
D:\WINNT\system32\CRYPT32.DLL
5.131.2195.6824
Microsoft Corporation
Crypto API32
2004-03-24 10:15:18
MSASN1.DLL
0x773f0000
D:\WINNT\system32\msasn1.dll
5.00.2195.6905
Microsoft Corporation
ASN.1 Runtime APIs
2004-03-24 10:15:18
lmhsvc.dll
0x76820000
D:\WINNT\system32\LMHSVC.DLL
5.00.2195.6601
Microsoft Corporation
TCPIP NetBios Transport Services DLL
2003-06-20 03:05:04
shell32.dll
0x78f90000
D:\WINNT\system32\SHELL32.DLL
5.00.3900.7105
Microsoft Corporation
Windows Shell Common Dll
2006-07-13 12:38:54
WINSTA.DLL
0x64e20000
D:\WINNT\system32\winsta.dll
5.00.2195.6701
Microsoft Corporation
Winstation Library
2003-06-20 03:05:04
dmserver.dll
0x76860000
D:\WINNT\system32\dmserver.dll
2195.6605.297.3
VERITAS Software Corp.
Logical Disk Manager service dll
2003-06-20 03:05:04
CFGMGR32.DLL
0x77070000
D:\WINNT\system32\cfgmgr32.dll
5.00.2134.1
Microsoft Corporation
Configuration Manager Forwarder DLL
2000-01-10 12:00:00
Srvsvc.dll
0x76780000
D:\WINNT\system32\srvsvc.dll
5.00.2195.6697
Microsoft Corporation
Server Service DLL
2003-06-20 03:05:04
WINSPOOL.DRV
0x777c0000
D:\WINNT\system32\WINSPOOL.DRV
5.00.2195.6659
Microsoft Corporation
Windows Spooler Driver
2003-06-20 03:05:04
MPR.DLL
0x79b20000
D:\WINNT\system32\mpr.dll
5.00.2195.6824
Microsoft Corporation
Multiple Provider Router DLL
2006-06-21 12:21:46
wkssvc.dll
0x76710000
D:\WINNT\system32\WKSSVC.DLL
5.00.2195.7108
Microsoft Corporation
Workstation Service DLL
2006-08-17 18:44:10
cryptdll.dll
0x76610000
D:\WINNT\system32\cryptdll.dll
5.00.2195.6607
Microsoft Corporation
Cryptography Manager
2003-06-20 03:05:04
cryptsvc.dll
0x76870000
D:\WINNT\system32\cryptsvc.dll
5.00.2195.6868
Microsoft Corporation
Protected storage server
2004-03-24 10:15:18
psbase.dll
0x783b0000
D:\WINNT\system32\PSBASE.DLL
5.00.2195.6824
Microsoft Corporation
Protected Storage default provider
2004-03-24 10:15:18
seclogon.dll
0x767a0000
D:\WINNT\system32\seclogon.dll
5.00.2195.6707
Microsoft Corporation
Secondary Logon Service DLL
2004-03-24 10:15:18
trkwks.dll
0x76760000
D:\WINNT\system32\trkwks.dll
5.00.2195.6623
Microsoft Corporation
Distributed Link Tracking Client
2003-06-20 03:05:04
browser.dll
0x79a70000
D:\WINNT\system32\browser.dll
5.00.2195.6866
Microsoft Corporation
Computer Browser Service DLL
2004-03-24 10:15:18
msgsvc.dll
0x76810000
D:\WINNT\system32\MSGSVC.DLL
5.00.2195.6656
Microsoft Corporation
NT Messenger Service
2003-06-20 03:05:04
mswsock.dll
0x74f70000
D:\WINNT\system32\mswsock.dll
5.00.2195.6603
Microsoft Corporation
Microsoft WinSock Extension APIs
2003-06-20 03:05:04
msafd.dll
0x74f50000
D:\WINNT\system32\msafd.dll
5.00.2195.6602
Microsoft Corporation
Microsoft Windows Sockets 2.0 Service Provider
2003-06-20 03:05:04
wshtcpip.dll
0x74f90000
D:\WINNT\system32\wshtcpip.dll
5.00.2195.6601
Microsoft Corporation
Windows Sockets Helper DLL
2003-06-20 03:05:04
rnr20.dll
0x77800000
D:\WINNT\system32\RNR20.DLL
5.00.2195.6603
Microsoft Corporation
Windows Socket2 NameSpace DLL
2003-06-20 03:05:04
wmicore.dll
0x766f0000
D:\WINNT\system32\wmicore.dll
5.00.2195.6611
Microsoft Corporation
WMI service core functionality
2003-06-20 03:05:04
被病毒害惨的人 - 2007-2-15 8:39:00
winrnr.dll
0x777a0000
D:\WINNT\system32\winrnr.dll
5.00.2160.1
Microsoft Corporation
LDAP RnR Provider DLL
2000-01-10 12:00:00
rasadhlp.dll
0x777b0000
D:\WINNT\system32\rasadhlp.dll
5.00.2195.7098
Microsoft Corporation
Remote Access AutoDial Helper
2006-07-06 17:15:02
WINTRUST.dll
0x768d0000
D:\WINNT\system32\WINTRUST.DLL
5.131.2195.6824
Microsoft Corporation
Microsoft Trust Verification APIs
2004-03-24 10:15:18
IMAGEHLP.dll
0x77900000
D:\WINNT\system32\IMAGEHLP.DLL
5.00.2195.6613
Microsoft Corporation
Windows NT Image Helper
2003-06-20 03:05:04
msv1_0.dll
0x782d0000
D:\WINNT\system32\MSV1_0.DLL
5.00.2195.6897
Microsoft Corporation
Microsoft Authentication Package v1.0
2004-03-11 10:37:18
ESENT.dll
0x70070000
D:\WINNT\system32\esent.dll
6.1.3940.31
Microsoft Corporation
Microsoft(R) Windows NT(TM) Server 数据库存储引擎
2003-06-20 03:05:04
[lsass.exe]
PID = 0xf0
CommandLine = D:\WINNT\system32\lsass.exe
lsass.exe
0x1000000
D:\WINNT\system32\LSASS.EXE
5.00.2195.6902
Microsoft Corporation
LSA Executable and Server DLL (Export Version)
2004-03-24 09:23:20
ntdll.dll
0x77f80000
D:\WINNT\system32\NTDLL.DLL
5.00.2195.6899
Microsoft Corporation
NT Layer DLL
2004-03-24 10:15:22
KERNEL32.dll
0x77e60000
D:\WINNT\system32\KERNEL32.DLL
5.00.2195.7099
Microsoft Corporation
Windows NT BASE API Client DLL
2006-06-21 12:21:46
LSASRV.dll
0x78540000
D:\WINNT\system32\LSASRV.DLL
5.00.2195.7108
Microsoft Corporation
LSA Executable and Server DLL (128-Bit-Version)
2006-08-17 18:41:26
MSVCRT.dll
0x78000000
D:\WINNT\system32\msvcrt.dll
6.10.9844.0
Microsoft Corporation
Microsoft (R) C Runtime Library
2003-06-20 03:05:04
cryptdll.dll
0x76610000
D:\WINNT\system32\cryptdll.dll
5.00.2195.6607
Microsoft Corporation
Cryptography Manager
2003-06-20 03:05:04
ADVAPI32.DLL
0x796d0000
D:\WINNT\system32\ADVAPI32.DLL
5.00.2195.6876
Microsoft Corporation
Advanced Windows 32 Base API
2004-03-24 10:15:16
RPCRT4.DLL
0x786f0000
D:\WINNT\system32\rpcrt4.dll
5.00.2195.7085
Microsoft Corporation
Remote Procedure Call Runtime
2006-04-13 10:46:40
Secur32.dll
0x797b0000
D:\WINNT\system32\secur32.dll
5.00.2195.6695
Microsoft Corporation
Security Support Provider Interface
2003-06-20 03:05:04
USER32.dll
0x77df0000
D:\WINNT\system32\USER32.DLL
5.00.2195.7032
Microsoft Corporation
Windows 2000 USER API Client DLL
2005-03-12 15:54:34
GDI32.dll
0x77f40000
D:\WINNT\system32\GDI32.DLL
5.00.2195.7073
Microsoft Corporation
GDI Client DLL
2005-12-30 08:15:30
SAMSRV.dll
0x799d0000
D:\WINNT\system32\SAMSRV.DLL
5.00.2195.6897
Microsoft Corporation
SAM Server DLL
2004-03-24 10:15:18
DNSAPI.DLL
0x77960000
D:\WINNT\system32\dnsapi.dll
5.00.2195.7100
Microsoft Corporation
DNS Client API DLL
2006-07-06 17:15:02
WSOCK32.dll
0x74fd0000
D:\WINNT\system32\wsock32.dll
5.00.2195.6603
Microsoft Corporation
Windows Socket 32-Bit DLL
2003-06-20 03:05:04
WS2_32.DLL
0x74fb0000
D:\WINNT\system32\ws2_32.dll
5.00.2195.6601
Microsoft Corporation
Windows Socket 2.0 32-Bit DLL
2003-06-20 03:05:04
WS2HELP.DLL
0x74fa0000
D:\WINNT\system32\ws2help.dll
5.00.2134.1
Microsoft Corporation
Windows Socket 2.0 Helper for Windows NT
2000-01-10 12:00:00
MSASN1.dll
0x773f0000
D:\WINNT\system32\msasn1.dll
5.00.2195.6905
Microsoft Corporation
ASN.1 Runtime APIs
2004-03-24 10:15:18
NETAPI32.dll
0x7cea0000
D:\WINNT\system32\NETAPI32.DLL
5.00.2195.7108
Microsoft Corporation
Net Win32 API DLL
2006-08-17 18:44:10
NTDSAPI.dll
0x77bd0000
D:\WINNT\system32\ntdsapi.dll
5.00.2195.6666
Microsoft Corporation
NT5DS
2003-06-20 03:05:04
WLDAP32.DLL
0x77930000
D:\WINNT\system32\WLDAP32.DLL
5.00.2195.6666
Microsoft Corporation
Win32 LDAP API DLL
2003-06-20 03:05:04
NETRAP.dll
0x75150000
D:\WINNT\system32\netrap.dll
5.00.2134.1
Microsoft Corporation
Net Remote Admin Protocol DLL
2000-01-10 12:00:00
SAMLIB.dll
0x750e0000
D:\WINNT\system32\samlib.dll
5.00.2195.6897
Microsoft Corporation
SAM Library DLL
2004-03-24 10:15:20
IMM32.DLL
0x75e00000
D:\WINNT\system32\imm32.dll
5.00.2195.6655
Microsoft Corporation
Windows 2000 IMM32 API Client DLL
2003-06-20 03:05:04
msprivs.dll
0x76580000
D:\WINNT\system32\MSPRIVS.DLL
5.00.2195.6695
Microsoft Corporation
Microsoft Privilege Translations
2003-06-20 03:05:04
kerberos.dll
0x78280000
D:\WINNT\system32\kerberos.dll
5.00.2195.7053
Microsoft Corporation
Kerberos Security Package
2005-06-14 21:22:48
msv1_0.dll
0x782d0000
D:\WINNT\system32\MSV1_0.DLL
5.00.2195.6897
Microsoft Corporation
Microsoft Authentication Package v1.0
2004-03-11 10:37:18
CRYPT32.DLL
0x79c40000
D:\WINNT\system32\CRYPT32.DLL
5.131.2195.6824
Microsoft Corporation
Crypto API32
2004-03-24 10:15:18
IPHLPAPI.DLL
0x77300000
D:\WINNT\system32\IPHLPAPI.DLL
5.00.2195.7097
Microsoft Corporation
IP Helper API
2006-05-19 14:47:56
ICMP.dll
0x774e0000
D:\WINNT\system32\icmp.dll
5.00.2134.1
Microsoft Corporation
ICMP DLL
2000-01-10 12:00:00
MPRAPI.dll
0x772e0000
D:\WINNT\system32\mprapi.dll
5.00.2181.1
Microsoft Corporation
Windows NT MP Router Administration DLL
2000-01-10 12:00:00
OLE32.DLL
0x7cf00000
D:\WINNT\system32\OLE32.DLL
5.00.2195.7059
Microsoft Corporation
Microsoft OLE for Windows
2005-09-05 13:47:36
OLEAUT32.DLL
0x77990000
D:\WINNT\system32\OLEAUT32.DLL
2.40.4522
Microsoft Corporation
2003-06-20 03:05:04
ACTIVEDS.DLL
0x77370000
D:\WINNT\system32\activeds.dll
5.00.2195.6601
Microsoft Corporation
ADs Router Layer DLL
2003-06-20 03:05:04
ADSLDPC.DLL
0x77340000
D:\WINNT\system32\adsldpc.dll
5.00.2195.6701
Microsoft Corporation
ADs LDAP Provider C DLL
2003-06-20 03:05:04
RTUTILS.DLL
0x777f0000
D:\WINNT\system32\rtutils.dll
5.00.2168.1
Microsoft Corporation
Routing Utilities
2000-01-10 12:00:00
SETUPAPI.DLL
0x6d990000
D:\WINNT\system32\SETUPAPI.DLL
5.00.2195.6622
Microsoft Corporation
Windows Setup API
2003-06-20 03:05:04
USERENV.DLL
0x794d0000
D:\WINNT\system32\USERENV.DLL
5.00.2195.6794
Microsoft Corporation
Userenv
2004-03-24 10:15:16
RASAPI32.dll
0x774a0000
D:\WINNT\system32\RASAPI32.DLL
5.00.2195.6625
Microsoft Corporation
Remote Access API
2003-06-20 03:05:04
RASMAN.DLL
0x77480000
D:\WINNT\system32\RASMAN.DLL
5.00.2195.6604
Microsoft Corporation
Remote Access Connection Manager
2003-06-20 03:05:04
TAPI32.DLL
0x774f0000
D:\WINNT\system32\TAPI32.DLL
5.00.2195.6664
Microsoft Corporation
Microsoft? Windows(TM) Telephony API Client DLL
2003-06-20 03:05:04
COMCTL32.DLL
0x77b30000
D:\WINNT\system32\comctl32.dll
5.81
Microsoft Corporation
Common Controls Library
2006-08-28 16:32:58
SHLWAPI.DLL
0x77c70000
D:\WINNT\system32\shlwapi.dll
5.00.3900.7070
Microsoft Corporation
Shell Light-weight Utility Library
2006-10-23 12:13:40
DHCPCSVC.DLL
0x77320000
D:\WINNT\system32\DHCPCSVC.DLL
5.00.2195.7085
Microsoft Corporation
DHCP Client Service
2006-05-19 14:47:56
被病毒害惨的人 - 2007-2-15 8:40:00
netlogon.dll
0x76520000
D:\WINNT\system32\NETLOGON.DLL
5.00.2195.6891
Microsoft Corporation
Net Logon Services DLL
2004-03-24 10:15:18
schannel.dll
0x78160000
D:\WINNT\system32\SCHANNEL.DLL
5.00.2195.6899
Microsoft Corporation
TLS / SSL Security Provider
2004-03-11 10:37:42
rsabase.dll
0x7ca00000
D:\WINNT\system32\RSABASE.DLL
5.00.2195.6619
Microsoft Corporation
Microsoft Base Cryptographic Provider (Export Version)
2003-06-20 03:05:04
mpr.dll
0x79b20000
D:\WINNT\system32\mpr.dll
5.00.2195.6824
Microsoft Corporation
Multiple Provider Router DLL
2006-06-21 12:21:46
scecli.dll
0x763d0000
D:\WINNT\system32\scecli.dll
5.00.2195.6893
Microsoft Corporation
Windows Security Configuration Editor Client Engine
2004-03-24 10:15:18
polagent.dll
0x76480000
D:\WINNT\system32\polagent.dll
5.00.2195.6738
Microsoft Corporation
IPSec Policy Agent Service
2003-05-02 06:19:18
MFC42u.DLL
0x76f70000
D:\WINNT\system32\mfc42u.dll
6.00.9586.0
Microsoft Corporation
MFCDLL Shared Library - Retail Version
2003-06-20 03:05:04
oakley.DLL
0x79a90000
D:\WINNT\system32\oakley.dll
5.00.2195.6738
Microsoft Corporation
Oakley Key Manager
2003-05-02 06:19:18
MFC42LOC.DLL
0x6bc20000
D:\WINNT\system32\mfc42loc.dll
6.00.8665.0
Microsoft Corporation
MFC Language Specific Resources
2000-01-10 12:00:00
msafd.dll
0x74f50000
D:\WINNT\system32\msafd.dll
5.00.2195.6602
Microsoft Corporation
Microsoft Windows Sockets 2.0 Service Provider
2003-06-20 03:05:04
wshtcpip.dll
0x74f90000
D:\WINNT\system32\wshtcpip.dll
5.00.2195.6601
Microsoft Corporation
Windows Sockets Helper DLL
2003-06-20 03:05:04
rsaenh.dll
0xf20000
D:\WINNT\system32\rsaenh.dll
5.00.2195.6611
Microsoft Corporation
Microsoft Enhanced Cryptographic Provider (US/Canada Only, Not for Export)
2003-06-20 03:05:04
dssenh.dll
0x67400000
D:\WINNT\system32\dssenh.dll
5.00.2195.6612
Microsoft Corporation
Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider (US/Canada Only, Not for Export) (US/Canada Only, Not for Export)
2003-06-20 03:05:04
[rfwsrv.exe]
PID = 0x18c
CommandLine = "e:\program files\rising\rfw\rfwsrv.exe"
rfwsrv.exe
0x400000
e:\program files\Rising\Rfw\rfwsrv.exe
5, 0, 0, 33
Beijing Rising Technology Co., Ltd.
Rising Personal FireWall Service
2007-02-13 21:13:32
ntdll.dll
0x77f80000
D:\WINNT\system32\NTDLL.DLL
5.00.2195.6899
Microsoft Corporation
NT Layer DLL
2004-03-24 10:15:22
RPCRT4.dll
0x786f0000
D:\WINNT\system32\rpcrt4.dll
5.00.2195.7085
Microsoft Corporation
Remote Procedure Call Runtime
2006-04-13 10:46:40
KERNEL32.dll
0x77e60000
D:\WINNT\system32\KERNEL32.DLL
5.00.2195.7099
Microsoft Corporation
Windows NT BASE API Client DLL
2006-06-21 12:21:46
ADVAPI32.dll
0x796d0000
D:\WINNT\system32\ADVAPI32.DLL
5.00.2195.6876
Microsoft Corporation
Advanced Windows 32 Base API
2004-03-24 10:15:16
VERSION.dll
0x777e0000
D:\WINNT\system32\version.dll
5.00.2195.6623
Microsoft Corporation
Version Checking and File Installation Libraries
2003-06-20 03:05:04
LZ32.DLL
0x75950000
D:\WINNT\system32\lz32.dll
5.00.2195.6611
Microsoft Corporation
LZ Expand/Compress API DLL
2003-06-20 03:05:04
USER32.dll
0x77df0000
D:\WINNT\system32\USER32.DLL
5.00.2195.7032
Microsoft Corporation
Windows 2000 USER API Client DLL
2005-03-12 15:54:34
GDI32.dll
0x77f40000
D:\WINNT\system32\GDI32.DLL
5.00.2195.7073
Microsoft Corporation
GDI Client DLL
2005-12-30 08:15:30
MFC42.DLL
0x6bc40000
D:\WINNT\system32\mfc42.dll
6.00.9586.0
Microsoft Corporation
MFCDLL Shared Library - Retail Version
2003-06-20 03:05:04
MSVCRT.dll
0x78000000
D:\WINNT\system32\msvcrt.dll
6.10.9844.0
Microsoft Corporation
Microsoft (R) C Runtime Library
2003-06-20 03:05:04
COMCTL32.dll
0x77b30000
D:\WINNT\system32\comctl32.dll
5.81
Microsoft Corporation
Common Controls Library
2006-08-28 16:32:58
ole32.dll
0x7cf00000
D:\WINNT\system32\OLE32.DLL
5.00.2195.7059
Microsoft Corporation
Microsoft OLE for Windows
2005-09-05 13:47:36
OLEAUT32.dll
0x77990000
D:\WINNT\system32\OLEAUT32.DLL
2.40.4522
Microsoft Corporation
2003-06-20 03:05:04
MSVCP60.dll
0x780c0000
D:\WINNT\system32\msvcp60.dll
6.00.8972.0
Microsoft Corporation
Microsoft (R) C++ Runtime Library
2006-07-21 18:47:42
IMM32.DLL
0x75e00000
D:\WINNT\system32\imm32.dll
5.00.2195.6655
Microsoft Corporation
Windows 2000 IMM32 API Client DLL
2003-06-20 03:05:04
MFC42LOC.DLL
0x6bc20000
D:\WINNT\system32\mfc42loc.dll
6.00.8665.0
Microsoft Corporation
MFC Language Specific Resources
2000-01-10 12:00:00
USERENV.DLL
0x794d0000
D:\WINNT\system32\USERENV.DLL
5.00.2195.6794
Microsoft Corporation
Userenv
2004-03-24 10:15:16
RfwRule.dll
0x10000000
e:\program files\Rising\Rfw\RfwRule.dll
5, 0, 0, 3
Beijing Rising Technology Co., Ltd.
rule DLL
2007-02-13 21:13:36
rfwlog.dll
0xbb0000
e:\program files\Rising\Rfw\RfwLog.dll
5, 0, 0, 2
Beijing Rising Technology Co., Ltd.
Rising Personal FireWall Logfile DLL
2007-02-13 21:13:36
Rfwdrv.dll
0xbc0000
e:\program files\Rising\Rfw\RfwDrv.dll
5, 0, 0, 10
Beijing Rising Technology Co., Ltd.
Rising Personal FireWall Driver DLL
2007-02-13 21:13:32
psapi.dll
0x731b0000
e:\program files\Rising\Rfw\Psapi.dll
4.00
Microsoft Corporation
Process Status Helper
2007-02-13 21:13:36
IMAGEHLP.dll
0x77900000
D:\WINNT\system32\IMAGEHLP.DLL
5.00.2195.6613
Microsoft Corporation
Windows NT Image Helper
2003-06-20 03:05:04
被病毒害惨的人 - 2007-2-15 8:41:00
MonDrv.dll
0xd20000
e:\program files\Rising\Rfw\MonDrv.dll
1, 0, 0, 4
rs
MonDrv
2007-02-13 21:13:36
ProcLib.dll
0xf50000
e:\program files\Rising\Rfw\ProcLib.dll
5, 0, 0, 5
Beijing Rising Technology Co., Ltd.
Rising Personal FireWall ProcLib.dll
2007-02-13 21:13:36
mPorts.dll
0x1930000
e:\program files\Rising\Rfw\mPorts.dll
4, 0, 0, 3
Beijing Rising Technology Co., Ltd.
mPorts.dll
2007-02-13 21:13:36
WS2_32.dll
0x74fb0000
D:\WINNT\system32\ws2_32.dll
5.00.2195.6601
Microsoft Corporation
Windows Socket 2.0 32-Bit DLL
2003-06-20 03:05:04
WS2HELP.DLL
0x74fa0000
D:\WINNT\system32\ws2help.dll
5.00.2134.1
Microsoft Corporation
Windows Socket 2.0 Helper for Windows NT
2000-01-10 12:00:00
iphlpapi.dll
0x77300000
D:\WINNT\system32\IPHLPAPI.DLL
5.00.2195.7097
Microsoft Corporation
IP Helper API
2006-05-19 14:47:56
ICMP.dll
0x774e0000
D:\WINNT\system32\icmp.dll
5.00.2134.1
Microsoft Corporation
ICMP DLL
2000-01-10 12:00:00
MPRAPI.dll
0x772e0000
D:\WINNT\system32\mprapi.dll
5.00.2181.1
Microsoft Corporation
Windows NT MP Router Administration DLL
2000-01-10 12:00:00
SAMLIB.DLL
0x750e0000
D:\WINNT\system32\samlib.dll
5.00.2195.6897
Microsoft Corporation
SAM Library DLL
2004-03-24 10:15:20
NETAPI32.DLL
0x7cea0000
D:\WINNT\system32\NETAPI32.DLL
5.00.2195.7108
Microsoft Corporation
Net Win32 API DLL
2006-08-17 18:44:10
Secur32.dll
0x797b0000
D:\WINNT\system32\secur32.dll
5.00.2195.6695
Microsoft Corporation
Security Support Provider Interface
2003-06-20 03:05:04
NTDSAPI.dll
0x77bd0000
D:\WINNT\system32\ntdsapi.dll
5.00.2195.6666
Microsoft Corporation
NT5DS
2003-06-20 03:05:04
DNSAPI.DLL
0x77960000
D:\WINNT\system32\dnsapi.dll
5.00.2195.7100
Microsoft Corporation
DNS Client API DLL
2006-07-06 17:15:02
WSOCK32.dll
0x74fd0000
D:\WINNT\system32\wsock32.dll
5.00.2195.6603
Microsoft Corporation
Windows Socket 32-Bit DLL
2003-06-20 03:05:04
WLDAP32.DLL
0x77930000
D:\WINNT\system32\WLDAP32.DLL
5.00.2195.6666
Microsoft Corporation
Win32 LDAP API DLL
2003-06-20 03:05:04
NETRAP.dll
0x75150000
D:\WINNT\system32\netrap.dll
5.00.2134.1
Microsoft Corporation
Net Remote Admin Protocol DLL
2000-01-10 12:00:00
ACTIVEDS.DLL
0x77370000
D:\WINNT\system32\activeds.dll
5.00.2195.6601
Microsoft Corporation
ADs Router Layer DLL
2003-06-20 03:05:04
ADSLDPC.DLL
0x77340000
D:\WINNT\system32\adsldpc.dll
5.00.2195.6701
Microsoft Corporation
ADs LDAP Provider C DLL
2003-06-20 03:05:04
RTUTILS.DLL
0x777f0000
D:\WINNT\system32\rtutils.dll
5.00.2168.1
Microsoft Corporation
Routing Utilities
2000-01-10 12:00:00
SETUPAPI.DLL
0x6d990000
D:\WINNT\system32\SETUPAPI.DLL
5.00.2195.6622
Microsoft Corporation
Windows Setup API
2003-06-20 03:05:04
RASAPI32.dll
0x774a0000
D:\WINNT\system32\RASAPI32.DLL
5.00.2195.6625
Microsoft Corporation
Remote Access API
2003-06-20 03:05:04
RASMAN.DLL
0x77480000
D:\WINNT\system32\RASMAN.DLL
5.00.2195.6604
Microsoft Corporation
Remote Access Connection Manager
2003-06-20 03:05:04
TAPI32.DLL
0x774f0000
D:\WINNT\system32\TAPI32.DLL
5.00.2195.6664
Microsoft Corporation
Microsoft? Windows(TM) Telephony API Client DLL
2003-06-20 03:05:04
SHLWAPI.DLL
0x77c70000
D:\WINNT\system32\shlwapi.dll
5.00.3900.7070
Microsoft Corporation
Shell Light-weight Utility Library
2006-10-23 12:13:40
DHCPCSVC.DLL
0x77320000
D:\WINNT\system32\DHCPCSVC.DLL
5.00.2195.7085
Microsoft Corporation
DHCP Client Service
2006-05-19 14:47:56
perfproc.dll
0x68a50000
D:\WINNT\system32\perfproc.dll
5.00.2195.6697
Microsoft Corporation
Windows System Process Performance Objects DLL
2003-06-20 03:05:04
[svchost.exe]
PID = 0x1a4
CommandLine = D:\WINNT\system32\svchost -k rpcss
svchost.exe
0x1000000
D:\WINNT\system32\svchost.exe
5.00.2134.1
Microsoft Corporation
Generic Host Process for Win32 Services
2000-01-10 12:00:00
ntdll.dll
0x77f80000
D:\WINNT\system32\NTDLL.DLL
5.00.2195.6899
Microsoft Corporation
NT Layer DLL
2004-03-24 10:15:22
ADVAPI32.DLL
0x796d0000
D:\WINNT\system32\ADVAPI32.DLL
5.00.2195.6876
Microsoft Corporation
Advanced Windows 32 Base API
2004-03-24 10:15:16
KERNEL32.DLL
0x77e60000
D:\WINNT\system32\KERNEL32.DLL
5.00.2195.7099
Microsoft Corporation
Windows NT BASE API Client DLL
2006-06-21 12:21:46
RPCRT4.DLL
0x786f0000
D:\WINNT\system32\rpcrt4.dll
5.00.2195.7085
Microsoft Corporation
Remote Procedure Call Runtime
2006-04-13 10:46:40
OLE32.DLL
0x7cf00000
D:\WINNT\system32\OLE32.DLL
5.00.2195.7059
Microsoft Corporation
Microsoft OLE for Windows
2005-09-05 13:47:36
GDI32.dll
0x77f40000
D:\WINNT\system32\GDI32.DLL
5.00.2195.7073
Microsoft Corporation
GDI Client DLL
2005-12-30 08:15:30
USER32.dll
0x77df0000
D:\WINNT\system32\USER32.DLL
5.00.2195.7032
Microsoft Corporation
Windows 2000 USER API Client DLL
2005-03-12 15:54:34
IMM32.DLL
0x75e00000
D:\WINNT\system32\imm32.dll
5.00.2195.6655
Microsoft Corporation
Windows 2000 IMM32 API Client DLL
2003-06-20 03:05:04
rpcss.dll
0x7ca90000
d:\WINNT\system32\rpcss.dll
5.00.2195.7059
Microsoft Corporation
Distributed COM Services
2005-09-05 13:47:36
MSVCRT.dll
0x78000000
D:\WINNT\system32\msvcrt.dll
6.10.9844.0
Microsoft Corporation
Microsoft (R) C Runtime Library
2003-06-20 03:05:04
USERENV.dll
0x794d0000
d:\WINNT\system32\USERENV.DLL
5.00.2195.6794
Microsoft Corporation
Userenv
2004-03-24 10:15:16
WS2_32.dll
0x74fb0000
d:\WINNT\system32\ws2_32.dll
5.00.2195.6601
Microsoft Corporation
Windows Socket 2.0 32-Bit DLL
2003-06-20 03:05:04
WS2HELP.DLL
0x74fa0000
d:\WINNT\system32\ws2help.dll
5.00.2134.1
Microsoft Corporation
Windows Socket 2.0 Helper for Windows NT
2000-01-10 12:00:00
Secur32.dll
0x797b0000
d:\WINNT\system32\secur32.dll
5.00.2195.6695
Microsoft Corporation
Security Support Provider Interface
2003-06-20 03:05:04
WINSTA.dll
0x64e20000
d:\WINNT\system32\winsta.dll
5.00.2195.6701
Microsoft Corporation
Winstation Library
2003-06-20 03:05:04
rsaenh.dll
0x7ca00000
D:\WINNT\system32\rsaenh.dll
5.00.2195.6611
Microsoft Corporation
Microsoft Enhanced Cryptographic Provider (US/Canada Only, Not for Export)
2003-06-20 03:05:04
CRYPT32.dll
0x79c40000
D:\WINNT\system32\CRYPT32.DLL
5.131.2195.6824
Microsoft Corporation
Crypto API32
2004-03-24 10:15:18
MSASN1.DLL
0x773f0000
D:\WINNT\system32\msasn1.dll
5.00.2195.6905
Microsoft Corporation
ASN.1 Runtime APIs
2004-03-24 10:15:18
mswsock.dll
0x74f70000
D:\WINNT\system32\mswsock.dll
5.00.2195.6603
Microsoft Corporation
Microsoft WinSock Extension APIs
2003-06-20 03:05:04
DNSAPI.DLL
0x77960000
D:\WINNT\system32\dnsapi.dll
5.00.2195.7100
Microsoft Corporation
DNS Client API DLL
2006-07-06 17:15:02
WSOCK32.dll
0x74fd0000
D:\WINNT\system32\wsock32.dll
5.00.2195.6603
Microsoft Corporation
Windows Socket 32-Bit DLL
2003-06-20 03:05:04
msafd.dll
0x74f50000
D:\WINNT\system32\msafd.dll
5.00.2195.6602
Microsoft Corporation
Microsoft Windows Sockets 2.0 Service Provider
2003-06-20 03:05:04
wshtcpip.dll
0x74f90000
D:\WINNT\system32\wshtcpip.dll
5.00.2195.6601
Microsoft Corporation
Windows Sockets Helper DLL
2003-06-20 03:05:04
rnr20.dll
0x77800000
D:\WINNT\system32\RNR20.DLL
5.00.2195.6603
Microsoft Corporation
Windows Socket2 NameSpace DLL
2003-06-20 03:05:04
iphlpapi.dll
0x77300000
D:\WINNT\system32\IPHLPAPI.DLL
5.00.2195.7097
Microsoft Corporation
IP Helper API
2006-05-19 14:47:56
ICMP.dll
0x774e0000
D:\WINNT\system32\icmp.dll
5.00.2134.1
Microsoft Corporation
ICMP DLL
2000-01-10 12:00:00
MPRAPI.dll
0x772e0000
D:\WINNT\system32\mprapi.dll
5.00.2181.1
Microsoft Corporation
Windows NT MP Router Administration DLL
2000-01-10 12:00:00
SAMLIB.DLL
0x750e0000
D:\WINNT\system32\samlib.dll
5.00.2195.6897
Microsoft Corporation
SAM Library DLL
2004-03-24 10:15:20
NETAPI32.DLL
0x7cea0000
D:\WINNT\system32\NETAPI32.DLL
5.00.2195.7108
Microsoft Corporation
Net Win32 API DLL
2006-08-17 18:44:10
NTDSAPI.dll
0x77bd0000
D:\WINNT\system32\ntdsapi.dll
5.00.2195.6666
Microsoft Corporation
NT5DS
2003-06-20 03:05:04
WLDAP32.DLL
0x77930000
D:\WINNT\system32\WLDAP32.DLL
5.00.2195.6666
Microsoft Corporation
Win32 LDAP API DLL
2003-06-20 03:05:04
NETRAP.dll
0x75150000
D:\WINNT\system32\netrap.dll
5.00.2134.1
Microsoft Corporation
Net Remote Admin Protocol DLL
2000-01-10 12:00:00
OLEAUT32.DLL
0x77990000
D:\WINNT\system32\OLEAUT32.DLL
2.40.4522
Microsoft Corporation
2003-06-20 03:05:04
被病毒害惨的人 - 2007-2-15 8:42:00
ACTIVEDS.DLL
0x77370000
D:\WINNT\system32\activeds.dll
5.00.2195.6601
Microsoft Corporation
ADs Router Layer DLL
2003-06-20 03:05:04
ADSLDPC.DLL
0x77340000
D:\WINNT\system32\adsldpc.dll
5.00.2195.6701
Microsoft Corporation
ADs LDAP Provider C DLL
2003-06-20 03:05:04
RTUTILS.DLL
0x777f0000
D:\WINNT\system32\rtutils.dll
5.00.2168.1
Microsoft Corporation
Routing Utilities
2000-01-10 12:00:00
SETUPAPI.DLL
0x6d990000
D:\WINNT\system32\SETUPAPI.DLL
5.00.2195.6622
Microsoft Corporation
Windows Setup API
2003-06-20 03:05:04
RASAPI32.dll
0x774a0000
D:\WINNT\system32\RASAPI32.DLL
5.00.2195.6625
Microsoft Corporation
Remote Access API
2003-06-20 03:05:04
RASMAN.DLL
0x77480000
D:\WINNT\system32\RASMAN.DLL
5.00.2195.6604
Microsoft Corporation
Remote Access Connection Manager
2003-06-20 03:05:04
TAPI32.DLL
0x774f0000
D:\WINNT\system32\TAPI32.DLL
5.00.2195.6664
Microsoft Corporation
Microsoft? Windows(TM) Telephony API Client DLL
2003-06-20 03:05:04
COMCTL32.DLL
0x77b30000
D:\WINNT\system32\comctl32.dll
5.81
Microsoft Corporation
Common Controls Library
2006-08-28 16:32:58
SHLWAPI.DLL
0x77c70000
D:\WINNT\system32\shlwapi.dll
5.00.3900.7070
Microsoft Corporation
Shell Light-weight Utility Library
2006-10-23 12:13:40
DHCPCSVC.DLL
0x77320000
D:\WINNT\system32\DHCPCSVC.DLL
5.00.2195.7085
Microsoft Corporation
DHCP Client Service
2006-05-19 14:47:56
winrnr.dll
0x777a0000
D:\WINNT\system32\winrnr.dll
5.00.2160.1
Microsoft Corporation
LDAP RnR Provider DLL
2000-01-10 12:00:00
rasadhlp.dll
0x777b0000
D:\WINNT\system32\rasadhlp.dll
5.00.2195.7098
Microsoft Corporation
Remote Access AutoDial Helper
2006-07-06 17:15:02
CLBCATQ.DLL
0x72c50000
D:\WINNT\system32\clbcatq.dll
2000.2.3529.0
Microsoft Corporation
2005-09-05 13:47:36
msv1_0.dll
0x782d0000
D:\WINNT\system32\MSV1_0.DLL
5.00.2195.6897
Microsoft Corporation
Microsoft Authentication Package v1.0
2004-03-11 10:37:18
[CCenter.exe]
PID = 0x1c0
CommandLine = "e:\Program Files\Rising\Rav\CCenter.exe"
CCenter.exe
0x400000
e:\Program Files\Rising\Rav\CCenter.exe
18, 0, 0, 3
Beijing Rising Technology Co., Ltd.
CCenter
2006-07-21 18:47:52
ntdll.dll
0x77f80000
D:\WINNT\system32\NTDLL.DLL
5.00.2195.6899
Microsoft Corporation
NT Layer DLL
2004-03-24 10:15:22
KERNEL32.dll
0x77e60000
D:\WINNT\system32\KERNEL32.DLL
5.00.2195.7099
Microsoft Corporation
Windows NT BASE API Client DLL
2006-06-21 12:21:46
USER32.dll
0x77df0000
D:\WINNT\system32\USER32.DLL
5.00.2195.7032
Microsoft Corporation
Windows 2000 USER API Client DLL
2005-03-12 15:54:34
GDI32.dll
0x77f40000
D:\WINNT\system32\GDI32.DLL
5.00.2195.7073
Microsoft Corporation
GDI Client DLL
2005-12-30 08:15:30
ADVAPI32.dll
0x796d0000
D:\WINNT\system32\ADVAPI32.DLL
5.00.2195.6876
Microsoft Corporation
Advanced Windows 32 Base API
2004-03-24 10:15:16
RPCRT4.DLL
0x786f0000
D:\WINNT\system32\rpcrt4.dll
5.00.2195.7085
Microsoft Corporation
Remote Procedure Call Runtime
2006-04-13 10:46:40
IMM32.DLL
0x75e00000
D:\WINNT\system32\imm32.dll
5.00.2195.6655
Microsoft Corporation
Windows 2000 IMM32 API Client DLL
2003-06-20 03:05:04
[spoolsv.exe]
PID = 0x230
CommandLine = D:\WINNT\system32\spoolsv.exe
spoolsv.exe
0x1000000
D:\WINNT\system32\spoolsv.exe
5.00.2195.7059
Microsoft Corporation
Spooler SubSystem App
2005-07-11 21:59:12
ntdll.dll
0x77f80000
D:\WINNT\system32\NTDLL.DLL
5.00.2195.6899
Microsoft Corporation
NT Layer DLL
2004-03-24 10:15:22
MSVCRT.dll
0x78000000
D:\WINNT\system32\msvcrt.dll
6.10.9844.0
Microsoft Corporation
Microsoft (R) C Runtime Library
2003-06-20 03:05:04
KERNEL32.dll
0x77e60000
D:\WINNT\system32\KERNEL32.DLL
5.00.2195.7099
Microsoft Corporation
Windows NT BASE API Client DLL
2006-06-21 12:21:46
ADVAPI32.dll
0x796d0000
D:\WINNT\system32\ADVAPI32.DLL
5.00.2195.6876
Microsoft Corporation
Advanced Windows 32 Base API
2004-03-24 10:15:16
RPCRT4.DLL
0x786f0000
D:\WINNT\system32\rpcrt4.dll
5.00.2195.7085
Microsoft Corporation
Remote Procedure Call Runtime
2006-04-13 10:46:40
GDI32.dll
0x77f40000
D:\WINNT\system32\GDI32.DLL
5.00.2195.7073
Microsoft Corporation
GDI Client DLL
2005-12-30 08:15:30
USER32.dll
0x77df0000
D:\WINNT\system32\USER32.DLL
5.00.2195.7032
Microsoft Corporation
Windows 2000 USER API Client DLL
2005-03-12 15:54:34
IMM32.DLL
0x75e00000
D:\WINNT\system32\imm32.dll
5.00.2195.6655
Microsoft Corporation
Windows 2000 IMM32 API Client DLL
2003-06-20 03:05:04
SPOOLSS.DLL
0x76a30000
D:\WINNT\system32\spoolss.dll
5.00.2195.7054
Microsoft Corporation
Spooler SubSystem DLL
2005-07-13 00:21:52
WS2_32.dll
0x74fb0000
D:\WINNT\system32\ws2_32.dll
5.00.2195.6601
Microsoft Corporation
Windows Socket 2.0 32-Bit DLL
2003-06-20 03:05:04
WS2HELP.DLL
0x74fa0000
D:\WINNT\system32\ws2help.dll
5.00.2134.1
Microsoft Corporation
Windows Socket 2.0 Helper for Windows NT
2000-01-10 12:00:00
NETAPI32.dll
0x7cea0000
D:\WINNT\system32\NETAPI32.DLL
5.00.2195.7108
Microsoft Corporation
Net Win32 API DLL
2006-08-17 18:44:10
Secur32.dll
0x797b0000
D:\WINNT\system32\secur32.dll
5.00.2195.6695
Microsoft Corporation
Security Support Provider Interface
2003-06-20 03:05:04
NTDSAPI.dll
0x77bd0000
D:\WINNT\system32\ntdsapi.dll
5.00.2195.6666
Microsoft Corporation
NT5DS
2003-06-20 03:05:04
被病毒害惨的人 - 2007-2-15 8:43:00
DNSAPI.DLL
0x77960000
D:\WINNT\system32\dnsapi.dll
5.00.2195.7100
Microsoft Corporation
DNS Client API DLL
2006-07-06 17:15:02
WSOCK32.dll
0x74fd0000
D:\WINNT\system32\wsock32.dll
5.00.2195.6603
Microsoft Corporation
Windows Socket 32-Bit DLL
2003-06-20 03:05:04
WLDAP32.DLL
0x77930000
D:\WINNT\system32\WLDAP32.DLL
5.00.2195.6666
Microsoft Corporation
Win32 LDAP API DLL
2003-06-20 03:05:04
NETRAP.dll
0x75150000
D:\WINNT\system32\netrap.dll
5.00.2134.1
Microsoft Corporation
Net Remote Admin Protocol DLL
2000-01-10 12:00:00
SAMLIB.dll
0x750e0000
D:\WINNT\system32\samlib.dll
5.00.2195.6897
Microsoft Corporation
SAM Library DLL
2004-03-24 10:15:20
iphlpapi.dll
0x77300000
D:\WINNT\system32\IPHLPAPI.DLL
5.00.2195.7097
Microsoft Corporation
IP Helper API
2006-05-19 14:47:56
ICMP.dll
0x774e0000
D:\WINNT\system32\icmp.dll
5.00.2134.1
Microsoft Corporation
ICMP DLL
2000-01-10 12:00:00
MPRAPI.dll
0x772e0000
D:\WINNT\system32\mprapi.dll
5.00.2181.1
Microsoft Corporation
Windows NT MP Router Administration DLL
2000-01-10 12:00:00
OLE32.DLL
0x7cf00000
D:\WINNT\system32\OLE32.DLL
5.00.2195.7059
Microsoft Corporation
Microsoft OLE for Windows
2005-09-05 13:47:36
OLEAUT32.DLL
0x77990000
D:\WINNT\system32\OLEAUT32.DLL
2.40.4522
Microsoft Corporation
2003-06-20 03:05:04
ACTIVEDS.DLL
0x77370000
D:\WINNT\system32\activeds.dll
5.00.2195.6601
Microsoft Corporation
ADs Router Layer DLL
2003-06-20 03:05:04
ADSLDPC.DLL
0x77340000
D:\WINNT\system32\adsldpc.dll
5.00.2195.6701
Microsoft Corporation
ADs LDAP Provider C DLL
2003-06-20 03:05:04
RTUTILS.DLL
0x777f0000
D:\WINNT\system32\rtutils.dll
5.00.2168.1
Microsoft Corporation
Routing Utilities
2000-01-10 12:00:00
SETUPAPI.DLL
0x6d990000
D:\WINNT\system32\SETUPAPI.DLL
5.00.2195.6622
Microsoft Corporation
Windows Setup API
2003-06-20 03:05:04
USERENV.DLL
0x794d0000
D:\WINNT\system32\USERENV.DLL
5.00.2195.6794
Microsoft Corporation
Userenv
2004-03-24 10:15:16
RASAPI32.dll
0x774a0000
D:\WINNT\system32\RASAPI32.DLL
5.00.2195.6625
Microsoft Corporation
Remote Access API
2003-06-20 03:05:04
RASMAN.DLL
0x77480000
D:\WINNT\system32\RASMAN.DLL
5.00.2195.6604
Microsoft Corporation
Remote Access Connection Manager
2003-06-20 03:05:04
TAPI32.DLL
0x774f0000
D:\WINNT\system32\TAPI32.DLL
5.00.2195.6664
Microsoft Corporation
Microsoft? Windows(TM) Telephony API Client DLL
2003-06-20 03:05:04
COMCTL32.DLL
0x77b30000
D:\WINNT\system32\comctl32.dll
5.81
Microsoft Corporation
Common Controls Library
2006-08-28 16:32:58
SHLWAPI.DLL
0x77c70000
D:\WINNT\system32\shlwapi.dll
5.00.3900.7070
Microsoft Corporation
Shell Light-weight Utility Library
2006-10-23 12:13:40
DHCPCSVC.DLL
0x77320000
D:\WINNT\system32\DHCPCSVC.DLL
5.00.2195.7085
Microsoft Corporation
DHCP Client Service
2006-05-19 14:47:56
rasadhlp.dll
0x777b0000
D:\WINNT\system32\rasadhlp.dll
5.00.2195.7098
Microsoft Corporation
Remote Access AutoDial Helper
2006-07-06 17:15:02
localspl.dll
0x786a0000
D:\WINNT\system32\LOCALSPL.DLL
5.00.2195.6714
Microsoft Corporation
Local Spooler DLL
2003-06-20 03:05:04
VERSION.DLL
0x777e0000
D:\WINNT\system32\version.dll
5.00.2195.6623
Microsoft Corporation
Version Checking and File Installation Libraries
2003-06-20 03:05:04
LZ32.DLL
0x75950000
D:\WINNT\system32\lz32.dll
5.00.2195.6611
Microsoft Corporation
LZ Expand/Compress API DLL
2003-06-20 03:05:04
SFC.DLL
0x76920000
D:\WINNT\system32\sfc.dll
5.00.2195.6673
Microsoft Corporation
Windows File Protection
2003-06-20 03:05:04
sfcfiles.dll
0x67720000
D:\WINNT\system32\sfcfiles.dll
5.00.2195.6894
Microsoft Corporation
Windows 2000 System File Checker
2004-03-24 10:15:20
winspool.drv
0x777c0000
D:\WINNT\system32\WINSPOOL.DRV
5.00.2195.6659
Microsoft Corporation
Windows Spooler Driver
2003-06-20 03:05:04
MPR.DLL
0x79b20000
D:\WINNT\system32\mpr.dll
5.00.2195.6824
Microsoft Corporation
Multiple Provider Router DLL
2006-06-21 12:21:46
cnbjmon.dll
0x73350000
D:\WINNT\system32\cnbjmon.dll
5.00.2134.1
Microsoft Corporation
Langage Monitor for Canon Bubble-Jet Printer
2000-01-10 12:00:00
pjlmon.dll
0x76a50000
D:\WINNT\system32\pjlmon.dll
5.00.2165.1
Microsoft Corporation
Spooler Setup DLL
2000-01-10 12:00:00
tcpmon.dll
0x76a20000
D:\WINNT\system32\tcpmon.dll
5.00.2195.6659
Microsoft Corporation
Standard TCP/IP Port Monitor DLL
2003-06-20 03:05:04
usbmon.dll
0x76a10000
D:\WINNT\system32\usbmon.dll
5.00.2195.6684
Microsoft Corporation
Standard USB printing Port Monitor DLL
2003-06-20 03:05:04
rnr20.dll
0x77800000
D:\WINNT\system32\RNR20.DLL
5.00.2195.6603
Microsoft Corporation
Windows Socket2 NameSpace DLL
2003-06-20 03:05:04
winrnr.dll
0x777a0000
D:\WINNT\system32\winrnr.dll
5.00.2160.1
Microsoft Corporation
LDAP RnR Provider DLL
2000-01-10 12:00:00
msafd.dll
0x74f50000
D:\WINNT\system32\msafd.dll
5.00.2195.6602
Microsoft Corporation
Microsoft Windows Sockets 2.0 Service Provider
2003-06-20 03:05:04
wshtcpip.dll
0x74f90000
D:\WINNT\system32\wshtcpip.dll
5.00.2195.6601
Microsoft Corporation
Windows Sockets Helper DLL
2003-06-20 03:05:04
win32spl.dll
0x769f0000
D:\WINNT\system32\WIN32SPL.DLL
5.00.2195.7054
Microsoft Corporation
32-bit Spooler API DLL
2005-07-13 00:21:52
CLBCATQ.DLL
0x72c50000
D:\WINNT\system32\clbcatq.dll
2000.2.3529.0
Microsoft Corporation
2005-09-05 13:47:36
inetpp.dll
0x76aa0000
D:\WINNT\system32\inetpp.dll
5.00.2195.6707
Microsoft Corporation
Internet Print Provider DLL
2003-06-20 03:05:04
被病毒害惨的人 - 2007-2-15 8:45:00
[Ati2evxx.exe]
PID = 0x250
CommandLine = D:\WINNT\System32\Ati2evxx.exe
Ati2evxx.exe
0x400000
D:\WINNT\system32\ati2evxx.exe
2003-03-01 19:29:22
ntdll.dll
0x77f80000
D:\WINNT\system32\NTDLL.DLL
5.00.2195.6899
Microsoft Corporation
NT Layer DLL
2004-03-24 10:15:22
KERNEL32.dll
0x77e60000
D:\WINNT\system32\KERNEL32.DLL
5.00.2195.7099
Microsoft Corporation
Windows NT BASE API Client DLL
2006-06-21 12:21:46
USER32.dll
0x77df0000
D:\WINNT\system32\USER32.DLL
5.00.2195.7032
Microsoft Corporation
Windows 2000 USER API Client DLL
2005-03-12 15:54:34
GDI32.dll
0x77f40000
D:\WINNT\system32\GDI32.DLL
5.00.2195.7073
Microsoft Corporation
GDI Client DLL
2005-12-30 08:15:30
ADVAPI32.dll
0x796d0000
D:\WINNT\system32\ADVAPI32.DLL
5.00.2195.6876
Microsoft Corporation
Advanced Windows 32 Base API
2004-03-24 10:15:16
RPCRT4.DLL
0x786f0000
D:\WINNT\system32\rpcrt4.dll
5.00.2195.7085
Microsoft Corporation
Remote Procedure Call Runtime
2006-04-13 10:46:40
IMM32.DLL
0x75e00000
D:\WINNT\system32\imm32.dll
5.00.2195.6655
Microsoft Corporation
Windows 2000 IMM32 API Client DLL
2003-06-20 03:05:04
被病毒害惨的人 - 2007-2-15 8:48:00
[svchost.exe]
PID = 0x270
CommandLine = D:\WINNT\System32\svchost.exe -k netsvcs
svchost.exe
0x1000000
D:\WINNT\system32\svchost.exe
5.00.2134.1
Microsoft Corporation
Generic Host Process for Win32 Services
2000-01-10 12:00:00
ntdll.dll
0x77f80000
D:\WINNT\system32\NTDLL.DLL
5.00.2195.6899
Microsoft Corporation
NT Layer DLL
2004-03-24 10:15:22
ADVAPI32.DLL
0x796d0000
D:\WINNT\system32\ADVAPI32.DLL
5.00.2195.6876
Microsoft Corporation
Advanced Windows 32 Base API
2004-03-24 10:15:16
KERNEL32.DLL
0x77e60000
D:\WINNT\system32\KERNEL32.DLL
5.00.2195.7099
Microsoft Corporation
Windows NT BASE API Client DLL
2006-06-21 12:21:46
RPCRT4.DLL
0x786f0000
D:\WINNT\system32\rpcrt4.dll
5.00.2195.7085
Microsoft Corporation
Remote Procedure Call Runtime
2006-04-13 10:46:40
OLE32.DLL
0x7cf00000
D:\WINNT\system32\OLE32.DLL
5.00.2195.7059
Microsoft Corporation
Microsoft OLE for Windows
2005-09-05 13:47:36
GDI32.dll
0x77f40000
D:\WINNT\system32\GDI32.DLL
5.00.2195.7073
Microsoft Corporation
GDI Client DLL
2005-12-30 08:15:30
USER32.dll
0x77df0000
D:\WINNT\system32\USER32.DLL
5.00.2195.7032
Microsoft Corporation
Windows 2000 USER API Client DLL
2005-03-12 15:54:34
IMM32.DLL
0x75e00000
D:\WINNT\system32\imm32.dll
5.00.2195.6655
Microsoft Corporation
Windows 2000 IMM32 API Client DLL
2003-06-20 03:05:04
es.dll
0x76230000
d:\WINNT\system32\es.dll
2000.2.3529.0
Microsoft Corporation
2005-09-05 13:47:36
TxfAux.Dll
0x784a0000
d:\WINNT\system32\txfaux.dll
2000.2.3529.0
Microsoft Corporation
Support routines for TXF
2005-09-05 13:47:36
MSVCRT.dll
0x78000000
D:\WINNT\system32\msvcrt.dll
6.10.9844.0
Microsoft Corporation
Microsoft (R) C Runtime Library
2003-06-20 03:05:04
OLEAUT32.dll
0x77990000
D:\WINNT\system32\OLEAUT32.DLL
2.40.4522
Microsoft Corporation
2003-06-20 03:05:04
被病毒害惨的人 - 2007-2-15 8:49:00
ntmssvc.dll
0x76170000
d:\WINNT\system32\ntmssvc.dll
5.00.2195.6655
Microsoft Corporation
Removable Storage Service
2003-06-20 03:05:04
CLBCATQ.DLL
0x72c50000
D:\WINNT\system32\clbcatq.dll
2000.2.3529.0
Microsoft Corporation
2005-09-05 13:47:36
sens.dll
0x76120000
d:\WINNT\system32\sens.dll
5.00.2195.6627
Microsoft Corporation
System Event Notification Service (SENS)
2003-06-20 03:05:04
COMCTL32.dll
0x77b30000
D:\WINNT\system32\comctl32.dll
5.81
Microsoft Corporation
Common Controls Library
2006-08-28 16:32:58
WS2_32.dll
0x74fb0000
D:\WINNT\system32\ws2_32.dll
5.00.2195.6601
Microsoft Corporation
Windows Socket 2.0 32-Bit DLL
2003-06-20 03:05:04
WS2HELP.DLL
0x74fa0000
D:\WINNT\system32\ws2help.dll
5.00.2134.1
Microsoft Corporation
Windows Socket 2.0 Helper for Windows NT
2000-01-10 12:00:00
netman.dll
0x76210000
d:\WINNT\system32\netman.dll
5.00.2195.7061
Microsoft Corporation
Network Connections Manager
2005-08-16 01:34:52
RASAPI32.dll
0x774a0000
d:\WINNT\system32\RASAPI32.DLL
5.00.2195.6625
Microsoft Corporation
Remote Access API
2003-06-20 03:05:04
RASMAN.DLL
0x77480000
d:\WINNT\system32\RASMAN.DLL
5.00.2195.6604
Microsoft Corporation
Remote Access Connection Manager
2003-06-20 03:05:04
TAPI32.DLL
0x774f0000
d:\WINNT\system32\TAPI32.DLL
5.00.2195.6664
Microsoft Corporation
Microsoft? Windows(TM) Telephony API Client DLL
2003-06-20 03:05:04
SHLWAPI.DLL
0x77c70000
D:\WINNT\system32\shlwapi.dll
5.00.3900.7070
Microsoft Corporation
Shell Light-weight Utility Library
2006-10-23 12:13:40
Secur32.dll
0x797b0000
d:\WINNT\system32\secur32.dll
5.00.2195.6695
Microsoft Corporation
Security Support Provider Interface
2003-06-20 03:05:04
SHELL32.dll
0x78f90000
D:\WINNT\system32\SHELL32.DLL
5.00.3900.7105
Microsoft Corporation
Windows Shell Common Dll
2006-07-13 12:38:54
RTUTILS.DLL
0x777f0000
D:\WINNT\system32\rtutils.dll
5.00.2168.1
Microsoft Corporation
Routing Utilities
2000-01-10 12:00:00
COMSVCS.DLL
0x6adf0000
D:\WINNT\system32\comsvcs.dll
2000.2.3529.0
Microsoft Corporation
2005-09-05 13:47:38
NETAPI32.dll
0x7cea0000
D:\WINNT\system32\NETAPI32.DLL
5.00.2195.7108
Microsoft Corporation
Net Win32 API DLL
2006-08-17 18:44:10
NTDSAPI.dll
0x77bd0000
D:\WINNT\system32\ntdsapi.dll
5.00.2195.6666
Microsoft Corporation
NT5DS
2003-06-20 03:05:04
DNSAPI.DLL
0x77960000
D:\WINNT\system32\dnsapi.dll
5.00.2195.7100
Microsoft Corporation
DNS Client API DLL
2006-07-06 17:15:02
WSOCK32.dll
0x74fd0000
D:\WINNT\system32\wsock32.dll
5.00.2195.6603
Microsoft Corporation
Windows Socket 32-Bit DLL
2003-06-20 03:05:04
WLDAP32.DLL
0x77930000
D:\WINNT\system32\WLDAP32.DLL
5.00.2195.6666
Microsoft Corporation
Win32 LDAP API DLL
2003-06-20 03:05:04
NETRAP.dll
0x75150000
D:\WINNT\system32\netrap.dll
5.00.2134.1
Microsoft Corporation
Net Remote Admin Protocol DLL
2000-01-10 12:00:00
SAMLIB.dll
0x750e0000
D:\WINNT\system32\samlib.dll
5.00.2195.6897
Microsoft Corporation
SAM Library DLL
2004-03-24 10:15:20
MSDTCPRX.dll
0x683a0000
D:\WINNT\system32\msdtcprx.dll
2000.2.3535.0
Microsoft Corporation
MS DTC OLE Transactions interface proxy DLL
2006-04-23 16:00:10
MTXCLU.DLL
0x6a050000
D:\WINNT\system32\mtxclu.dll
2000.2.3535.0
Microsoft Corporation
MS DTC amd MTS clustering support DLL
2006-04-23 16:00:10
VERSION.dll
0x777e0000
D:\WINNT\system32\version.dll
5.00.2195.6623
Microsoft Corporation
Version Checking and File Installation Libraries
2003-06-20 03:05:04
LZ32.DLL
0x75950000
D:\WINNT\system32\lz32.dll
5.00.2195.6611
Microsoft Corporation
LZ Expand/Compress API DLL
2003-06-20 03:05:04
CLUSAPI.DLL
0x738a0000
D:\WINNT\system32\CLUSAPI.DLL
5.00.2195.6683
Microsoft Corporation
Cluster API Library
2003-06-20 03:05:04
RESUTILS.DLL
0x68100000
D:\WINNT\system32\RESUTILS.DLL
5.00.2195.6702
Microsoft Corporation
Microsoft Cluster Resource Utility DLL
2003-06-20 03:05:04
USERENV.dll
0x794d0000
D:\WINNT\system32\USERENV.DLL
5.00.2195.6794
Microsoft Corporation
Userenv
2004-03-24 10:15:16
msi.dll
0xcf0000
D:\WINNT\system32\msi.dll
2.0.2600.1183
Microsoft Corporation
Windows Installer
2003-06-20 03:05:04
iphlpapi.dll
0x77300000
D:\WINNT\system32\IPHLPAPI.DLL
5.00.2195.7097
Microsoft Corporation
IP Helper API
2006-05-19 14:47:56
ICMP.dll
0x774e0000
D:\WINNT\system32\icmp.dll
5.00.2134.1
Microsoft Corporation
ICMP DLL
2000-01-10 12:00:00
MPRAPI.dll
0x772e0000
D:\WINNT\system32\mprapi.dll
5.00.2181.1
Microsoft Corporation
Windows NT MP Router Administration DLL
2000-01-10 12:00:00
ACTIVEDS.DLL
0x77370000
D:\WINNT\system32\activeds.dll
5.00.2195.6601
Microsoft Corporation
ADs Router Layer DLL
2003-06-20 03:05:04
ADSLDPC.DLL
0x77340000
D:\WINNT\system32\adsldpc.dll
5.00.2195.6701
Microsoft Corporation
ADs LDAP Provider C DLL
2003-06-20 03:05:04
SETUPAPI.DLL
0x6d990000
D:\WINNT\system32\SETUPAPI.DLL
5.00.2195.6622
Microsoft Corporation
Windows Setup API
2003-06-20 03:05:04
DHCPCSVC.DLL
0x77320000
D:\WINNT\system32\DHCPCSVC.DLL
5.00.2195.7085
Microsoft Corporation
DHCP Client Service
2006-05-19 14:47:56
NETSHELL.dll
0x76ee0000
D:\WINNT\system32\netshell.dll
5.00.2195.6604
Microsoft Corporation
Network Connections Shell
2003-06-20 03:05:04
WMI.dll
0x760b0000
D:\WINNT\system32\wmi.dll
5.00.2191.1
Microsoft Corporation
WMI DC and DP functionality
2000-01-10 12:00:00
tapisrv.dll
0x664c0000
d:\WINNT\system32\tapisrv.dll
5.00.2195.7057
Microsoft Corporation
Microsoft(R) Windows(TM) Telephony Server
2005-07-02 04:30:06
rasmans.dll
0x756b0000
d:\WINNT\system32\rasmans.dll
5.00.2195.7099
Microsoft Corporation
Remote Access Connection Manager
2006-06-21 17:46:48
CRYPT32.dll
0x79c40000
d:\WINNT\system32\CRYPT32.DLL
5.131.2195.6824
Microsoft Corporation
Crypto API32
2004-03-24 10:15:18
MSASN1.DLL
0x773f0000
d:\WINNT\system32\msasn1.dll
5.00.2195.6905
Microsoft Corporation
ASN.1 Runtime APIs
2004-03-24 10:15:18
netcfgx.dll
0x69d60000
d:\WINNT\system32\netcfgx.dll
5.00.2195.6604
Microsoft Corporation
Network Configuration Objects
2003-06-20 03:05:04
RASDLG.dll
0x75810000
d:\WINNT\system32\RASDLG.DLL
5.00.2195.6625
Microsoft Corporation
Remote Access Common Dialog API
2003-06-20 03:05:04
rastapi.dll
0x75610000
D:\WINNT\system32\rastapi.dll
5.00.2195.6604
Microsoft Corporation
Remote Access TAPI Compliance Layer
2003-06-20 03:05:04
unimdm.tsp
0x63b50000
D:\WINNT\system32\UNIMDM.TSP
5.00.2195.6601
Microsoft Corporation
Unimodem 5 Service Provider
2003-06-20 03:05:04
uniplat.dll
0x755a0000
D:\WINNT\system32\uniplat.dll
5.00.2195.6601
Microsoft Corporation
Unimodem AT Mini Driver Platform Driver for Windows NT
2003-06-20 03:05:04
CFGMGR32.dll
0x77070000
D:\WINNT\system32\cfgmgr32.dll
5.00.2134.1
Microsoft Corporation
Configuration Manager Forwarder DLL
2000-01-10 12:00:00
NTMARTA.DLL
0x694b0000
D:\WINNT\system32\NTMARTA.DLL
5.00.2195.6666
Microsoft Corporation
Windows NT MARTA provider
2003-06-20 03:05:04
WINSPOOL.DRV
0x777c0000
D:\WINNT\system32\WINSPOOL.DRV
5.00.2195.6659
Microsoft Corporation
Windows Spooler Driver
2003-06-20 03:05:04
MPR.DLL
0x79b20000
D:\WINNT\system32\mpr.dll
5.00.2195.6824
Microsoft Corporation
Multiple Provider Router DLL
2006-06-21 12:21:46
kmddsp.tsp
0x63bc0000
D:\WINNT\system32\kmddsp.tsp
5.00.2150.1
Microsoft Corporation
TAPI Kernel-Mode Service Provider
2000-01-10 12:00:00
ndptsp.tsp
0x63bb0000
D:\WINNT\system32\ndptsp.tsp
5.00.2143.1
Microsoft Corporation
NDIS Proxy TAPI Service Provider
2000-01-10 12:00:00
ipconf.tsp
0x63bd0000
D:\WINNT\system32\ipconf.tsp
5.00.2143.1
Microsoft Corporation
Microsoft Multicast Conference TAPI Service Provider
2000-01-10 12:00:00
h323.tsp
0x63be0000
D:\WINNT\system32\h323.tsp
5.00.2195.6901
Microsoft Corporation
Microsoft H.323 TAPI Service Provider
2004-03-24 10:15:20
rasppp.dll
0x758a0000
D:\WINNT\system32\rasppp.dll
5.00.2195.6626
Microsoft Corporation
Remote Access PPP
2003-06-20 03:05:04
ntlsapi.dll
0x75680000
D:\WINNT\system32\ntlsapi.dll
5.00.2195.6601
Microsoft Corporation
Microsoft? License Server Interface DLL
2003-06-20 03:05:04
raschap.dll
0x793e0000
D:\WINNT\system32\RASCHAP.DLL
5.00.2195.6663
Microsoft Corporation
Remote Access PPP Challenge/Handshake Authentication Protocol
2003-06-20 03:05:04
ATL.DLL
0x773a0000
D:\WINNT\system32\atl.dll
3.00.9435
Microsoft Corporation
ATL Module for Windows NT (Unicode)
2003-06-20 03:05:04
rastls.dll
0x79400000
D:\WINNT\system32\rastls.dll
5.00.2195.6680
Microsoft Corporation
Remote Access PPP EAP-TLS
2003-06-20 03:05:04
CRYPTUI.dll
0x758e0000
D:\WINNT\system32\CRYPTUI.DLL
5.131.2195.6628
Microsoft Corporation
Microsoft Trust UI Provider
2003-06-20 03:05:04
WINTRUST.dll
0x768d0000
D:\WINNT\system32\WINTRUST.DLL
5.131.2195.6824
Microsoft Corporation
Microsoft Trust Verification APIs
2004-03-24 10:15:18
IMAGEHLP.dll
0x77900000
D:\WINNT\system32\IMAGEHLP.DLL
5.00.2195.6613
Microsoft Corporation
Windows NT Image Helper
2003-06-20 03:05:04
SCHANNEL.dll
0x78160000
D:\WINNT\system32\SCHANNEL.DLL
5.00.2195.6899
Microsoft Corporation
TLS / SSL Security Provider
2004-03-11 10:37:42
WinSCard.dll
0x76900000
D:\WINNT\system32\winscard.dll
5.00.2195.6609
Microsoft Corporation
Microsoft Smart Card API
2003-06-20 03:05:04
NTMSDBA.dll
0x761e0000
D:\WINNT\system32\ntmsdba.dll
5.00.2195.6655
Microsoft Corporation
Removable Storage Manager DB Object APIs
2003-06-20 03:05:04
1
© 2000 - 2026 Rising Corp. Ltd.