Fitconan - 2007-9-1 16:54:00
今天玩梦幻西游出现以下提示:
因检测到有木马或第三方程序试图修改游戏客户端。
请各位高手帮忙看看是否中招
ver 1.1
Windows XP
注册表启动信息
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
NvCplDaemon RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
Microsoft Pinyin IME Migration C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL
GrooveMonitor "F:\Microsoft Office\Office12\GrooveMonitor.exe"
Storm2Set C:\WINDOWS\system32\rundll32.exe "F:\StormII\StormSet.dll",CheckEnv
ISUSPM Startup "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
ISUSScheduler "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
===========================================
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
ctfmon.exe C:\WINDOWS\system32\ctfmon.exe
===========================================
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
DebugOptions 2048
Documents
DosPrint no
load
NetMessage no
NullPort None
Programs com exe bat pif cmd
Device 发送至 OneNote 2007,winspool,Ne00:
===========================================
系统进程列表
映像名称 PID
F:\ProcessInfo.exe 0
System 4
smss.exe 456
csrss.exe 504
winlogon.exe 528
services.exe 572
lsass.exe 584
svchost.exe 748
svchost.exe 796
svchost.exe 864
svchost.exe 964
svchost.exe 1004
spoolsv.exe 1316
C:\WINDOWS\Explorer.EXE 1408
C:\WINDOWS\system32\ctfmon.exe 1660
inetinfo.exe 1828
nvsvc32.exe 1864
wdfmgr.exe 1996
alg.exe 1488
F:\Tencent\QQ\QQ.exe 2584
f:\Tencent\QQ\TIMPlatform.exe 840
C:\Program Files\Internet Explorer\iexplore.exe 556
C:\Program Files\Internet Explorer\iexplore.exe 3988
C:\WINDOWS\notepad.exe 288
C:\WINDOWS\system32\taskmgr.exe 2740
F:\ProcessInfo.exe 2152
D:\梦幻西游\my.exe 2436
[用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; (R1 1.3); InfoPath.2; .NET CLR 1.1.4322)
Fitconan - 2007-9-1 16:54:00
===========================================
梦幻西游进程信息
2436MY.EXE
地址 长度 模块路径 模块描述 公司 版本
4194304 1318912 D:\梦幻西游\my.exe 梦幻西游 Netease 1, 0, 0, 1
2089943040 606208 C:\WINDOWS\system32\ntdll.dll NT Layer DLL Microsoft Corporation 5.1.2600.2180
2088763392 1167360 C:\WINDOWS\system32\kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 5.1.2600.3119
1561788416 630784 C:\WINDOWS\system32\COMCTL32.dll Common Controls Library Microsoft Corporation 6.00.2900.2982
2010775552 692224 C:\WINDOWS\system32\ADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 5.1.2600.2180
2011496448 593920 C:\WINDOWS\system32\RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 5.1.2600.2180
2012151808 290816 C:\WINDOWS\system32\GDI32.dll GDI Client DLL Microsoft Corporation 5.1.2600.3099
2010185728 585728 C:\WINDOWS\system32\USER32.dll Windows XP USER API Client DLL Microsoft Corporation 5.1.2600.3099
1982857216 118784 C:\WINDOWS\system32\IMM32.DLL Windows XP IMM32 API Client DLL Microsoft Corporation 5.1.2600.2180
1656881152 36864 C:\WINDOWS\system32\LPK.DLL Language Pack Microsoft Corporation 5.1.2600.2180
1945763840 438272 C:\WINDOWS\system32\USP10.dll Uniscribe Unicode script processor Microsoft Corporation 1.0420.2600.2180
2008940544 360448 C:\WINDOWS\system32\msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.0.2600.2180
1991311360 172032 C:\WINDOWS\system32\winmm.dll MCI API DLL Microsoft Corporation 5.1.2600.2180
1906442240 94208 C:\WINDOWS\system32\WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 5.1.2600.2180
1906376704 32768 C:\WINDOWS\system32\WS2HELP.dll Windows Socket 2.0 Helper for Windows NT Microsoft Corporation 5.1.2600.2180
2102984704 8331264 C:\WINDOWS\system32\SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.00.2900.3051
2012479488 483328 C:\WINDOWS\system32\SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.00.2900.3157
1998061568 1060864 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll User Experience Controls Library Microsoft Corporation 6.00.2900.2982
1524367360 225280 C:\WINDOWS\system32\uxtheme.dll Microsoft UxTheme Library Microsoft Corporation 6.00.2900.2180
1952972800 307200 C:\WINDOWS\system32\MSCTF.dll MSCTF Server DLL Microsoft Corporation 5.1.2600.2180
1935933440 188416 C:\WINDOWS\system32\msctfime.ime Microsoft Text Frame Work Service IME Microsoft Corporation 5.1.2600.2180
1989738496 1298432 C:\WINDOWS\system32\ole32.dll Microsoft OLE for Windows Microsoft Corporation 5.1.2600.2726
1906049024 253952 C:\WINDOWS\System32\mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 5.1.2600.2180
1995374592 159744 C:\WINDOWS\system32\DNSAPI.dll DNS Client API DLL Microsoft Corporation 5.1.2600.2938
1995964416 32768 C:\WINDOWS\System32\winrnr.dll LDAP RnR Provider DLL Microsoft Corporation 5.1.2600.2180
1995636736 180224 C:\WINDOWS\system32\WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 5.1.2600.2180
1996029952 24576 C:\WINDOWS\system32\rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 5.1.2600.2938
1627193344 348160 C:\WINDOWS\system32\hnetcfg.dll Home Networking Configuration Manager Microsoft Corporation 5.1.2600.2180
1906311168 32768 C:\WINDOWS\System32\wshtcpip.dll Windows Sockets Helper DLL Microsoft Corporation 5.1.2600.2180
285212
© 2000 - 2026 Rising Corp. Ltd.