瑞星卡卡安全论坛
gash - 2008-3-22 20:04:00
最近用卡卡检测到两个木马
清除了后又会再次出现
可能是U盘带上来的
有没有哪位高手提供彻底清除的办法?
[用户系统信息]Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; InfoPath.2)附件:
10242522008322195200.jpg
newcenturymoon - 2008-3-22 20:21:00
直接找到c:\windows\system.exe 删除
gash - 2008-3-23 18:37:00
我找了,可是找不到
就算把系统隐藏文件显示出来 也没有
而且卡卡每次可以重启清除
但是我的u盘一插上去 就又出现了
但是我在u盘里没有发现奇怪的文件
我还特别去linux下检查了一下我的盘,真的没发现奇怪的文件
aaccbbdd - 2008-3-23 18:43:00
粉碎文件
用WinRAR看看U盘
天月来了 - 2008-3-23 18:45:00
可能只是注册表残留了什么。
扫SRENG日志发论坛来
http://www.kztechs.com/sreng/download.html下载System Repair Engineer
1 解压缩sreng2.zip(建议解压到系统Windows文件夹里)
2 运行SREng.exe ((将SREng.exe改名为123.com运行))
3 智能扫描=》扫描=》保存报告
4 把报告保存后,直接将日志内容彻底复制到一个空记事本里,然后再保存,就可以以附件的形式发论坛来了。
一定以附件形式发这论坛来。
点击我这贴右下角的“引用”然后就应该知道怎么发了。
饿的扶墙 - 2008-10-12 18:17:00
[CODE]
2008-10-12,18:01:48
System Repair Engineer 2.6.12.1018
Smallfrogs (
http://www.KZTechs.com)
Windows Server 2003 "R2" Enterprise Edition Service Pack 2 (Build 3790) - 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<internat><internat.exe> [Microsoft Corporation]
<NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup> [NVIDIA Corporation]
<HBService32><System.exe> [HB Software]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
<XLKLS_reboot><C:\Program Files\Thunder Network\SoftManager\Plugins\Security\LeakFix\ThunderLeakFix.exe> [(Verified)ShenZhen Thunder Networking Technologies Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><comboaus.dll svtepps.dll ringtte.dll> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><%SystemRoot%\system32\logonui.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll> [(Verified)Microsoft Windows Component Publisher]
<{4BF9CBA3-8DEE-41A1-8BDB-FC28D30E949F}><4BF9CBA3.dll> []
<{2CB77746-8ECC-40ca-8217-10CA8BE5EFC8}><C:\WINDOWS\system32\fckskzso.dll> []
<{F0C9FBC2-6FA2-479d-B65D-F9D65C613ECC}><C:\WINDOWS\system32\trgktsxv.dll> []
<{4EFDDEBE-303C-4D1A-8C9E-E4F215C43651}><4EFDDEBE.dll> []
<{3474A8C2-BEF9-46C8-983A-A26A0030EC30}><3474A8C2.dll> []
<{8566F82E-03A4-416E-AEAC-66600D8881F1}><8566F82E.dll> []
<{9CA963CA-107C-4089-B0AB-31380F90D7E3}><9CA963CA.dll> []
<{53360697-E270-4F80-AD5D-6FB518F03D24}><53360697.dll> []
<{495271CA-D0C6-4052-ABE6-5B01C73CDFB0}><495271CA.dll> []
<{D1CC9DC6-F0BC-40fc-9552-E497B05E05B8}><C:\WINDOWS\system32\wtxwbiuy.dll> []
<{C56BCC10-503E-43AB-B208-3CD37FCFCE40}><C56BCC10.dll> []
<{F0930A2F-D971-4828-8209-B7DFD266ED44}><C:\WINDOWS\system32\ntvtckrq.dll> []
<{C250CF20-5F89-4310-9854-4BC261FB14FB}><C250CF20.dll> []
<{D3112B69-A745-4805-874E-ABD480EA1299}><C:\WINDOWS\system32\xqmryeve.dll> []
<{4BD36A11-8E6A-47bd-A49E-740D8ACF73A0}><C:\WINDOWS\system32\ddicjfgz.dll> []
<{E4814792-EFA3-4C20-93D0-8B130A59F9A8}><E4814792.dll> []
<{BA4B5EBD-AB43-4c2b-84F5-F1AD85E79E4A}><C:\WINDOWS\system32\uvvsijmb.dll> []
<{DA56B183-A731-402b-9235-2CB8803E212D}><C:\WINDOWS\system32\xxxyakem.dll> []
<{76D44356-B494-443a-BEDC-AA68DE4255E6}><C:\WINDOWS\system32\nlknhmii.dll> []
<{432BDC7C-DE5B-43f4-AA81-E7F8AFB0182D}><C:\WINDOWS\system32\aldqwhwz.dll> []
<{D91BC61E-7D78-4A2A-A336-7B97E8E52F0B}><D91BC61E.dll> []
<{DB2D9172-BDCF-432E-8AF3-8D2688F850DE}><DB2D9172.dll> []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<PostBootReminder><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher]
<CDBurn><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher]
<WebCheck><%SystemRoot%\system32\webcheck.dll> [(Verified)Microsoft Windows Component Publisher]
<SysTray><C:\WINDOWS\system32\stobject.dll> [(Verified)Microsoft Windows Component Publisher]
<fckskzso.dll><C:\WINDOWS\system32\fckskzso.dll> []
<trgktsxv.dll><C:\WINDOWS\system32\trgktsxv.dll> []
<wtxwbiuy.dll><C:\WINDOWS\system32\wtxwbiuy.dll> []
<nlknhmii.dll><C:\WINDOWS\system32\nlknhmii.dll> []
<aldqwhwz.dll><C:\WINDOWS\system32\aldqwhwz.dll> []
<ntvtckrq.dll><C:\WINDOWS\system32\ntvtckrq.dll> []
<xqmryeve.dll><C:\WINDOWS\system32\xqmryeve.dll> []
<ddicjfgz.dll><C:\WINDOWS\system32\ddicjfgz.dll> []
<uvvsijmb.dll><C:\WINDOWS\system32\uvvsijmb.dll> []
<xxxyakem.dll><C:\WINDOWS\system32\xxxyakem.dll> []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
<WinlogonNotify: crypt32chain><crypt32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
<WinlogonNotify: cryptnet><cryptnet.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
<WinlogonNotify: cscdll><cscdll.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
<WinlogonNotify: dimsntfy><dimsntfy.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
<WinlogonNotify: ScCertProp><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
<WinlogonNotify: Schedule><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
<WinlogonNotify: sclgntfy><sclgntfy.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
<WinlogonNotify: SensLogn><WlNotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
<WinlogonNotify: termsrv><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
<WinlogonNotify: wlballoon><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
<{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
<Microsoft Windows Media Player><C:\WINDOWS\INF\unregmp2.exe /HideWMP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
<浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
<Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
<Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}]
<%IEHARDENADMIN_BASE_DESC%><%SystemRoot%\system32\rundll32.exe iesetup.dll,IEHardenAdmin> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A8-37EF-4b3f-8CFC-4F3A74704073}]
<%IEHARDENUSER_DESC%><%SystemRoot%\system32\rundll32.exe iesetup.dll,IEHardenUser> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<NvCplDaemon><; RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup> [NVIDIA Corporation]
<NvMediaCenter><; RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit> [NVIDIA Corporation]
<NVRaidService><; C:\WINDOWS\system32\nvraidservice.exe> [NVIDIA Corporation]
<nwiz><; nwiz.exe /install> []
<SoundMan><; SOUNDMAN.EXE> [Realtek Semiconductor Corp.]
饿的扶墙 - 2008-10-12 18:18:00
==================================
启动文件夹
[服务端]
<C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\服务端.lnk --> D:\Xunlei\网吧公~1\服务端\公告服~1.EXE [深圳市新联盈网联科技有限公司]><N>
==================================
服务
[DCOM Server Process Launcher / DcomLaunch][Running/Auto Start]
<C:\WINDOWS\system32\svchost.exe -k DcomLaunch-->%SystemRoot%\system32\rpcss.dll><N/A>
[锐起CGO服务 / GSGIoService][Running/Auto Start]
<C:\Program Files\Richtech\Rtcgosrv\GSGIOSRV.EXE><RichTech>
[Human Interface Device Access / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
<C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Remote Procedure Call (RPC) / RpcSs][Running/Auto Start]
<C:\WINDOWS\system32\svchost.exe -k rpcss-->%SystemRoot%\system32\rpcss.dll><N/A>
[Sunward Information ServerManager / ServerManager][Running/Auto Start]
<C:\Program Files\iCafe8\ServerMgr\ServerManager.exe><Sunward Information Technology Co.Ltd>
[VNC 服务器版本 4 / WinVNC4][Running/Auto Start]
<"C:\Program Files\RealVNC\WinVNC4.exe" -service><RealVNC Ltd.>
==================================
驱动程序
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
<system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AMD Processor Driver / AmdK8][Running/System Start]
<system32\DRIVERS\AmdK8.sys><Advanced Micro Devices>
[GSGFDISK / GSGFDISK][Running/Manual Start]
<\??\C:\Program Files\Richtech\Rtcgosrv\GSGFDISK.SYS><RichTech>
[IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start]
<system32\DRIVERS\ipinip.sys><N/A>
[ATK0110 ACPI UTILITY / MTsensor][Running/Manual Start]
<system32\DRIVERS\ASACPI.sys><>
[npkcrypt / npkcrypt][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv / nv][Running/Manual Start]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[nvata / nvata][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\nvata.sys><NVIDIA Corporation>
[nvatabus / nvatabus][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\nvatabus.sys><NVIDIA Corporation>
[NVIDIA nForce Networking Controller Driver / NVENETFD][Running/Manual Start]
<system32\DRIVERS\NVENETFD.sys><NVIDIA Corporation>
[NVIDIA Network Bus Enumerator / nvnetbus][Running/Manual Start]
<system32\DRIVERS\nvnetbus.sys><NVIDIA Corporation>
[NVIDIA nForce(tm) RAID Class Driver / nvraid][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\nvraid.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RTGSGEXP / RTGSGEXP][Running/Manual Start]
<\??\C:\Program Files\Richtech\Rtcgosrv\RTGSGEXP.SYS><RichTech>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[atpx4896 / atpx4896][Running/Manual Start]
<2 - 系统找不到指定的文件。
><N/A>
[HBKernel32 Driver / HBKernel32][Stopped/Boot Start]
<\SystemRoot\system32\drivers\HBKernel32.sys><N/A>
[8882fa1 / 8882fa1][Running/Manual Start]
<\??\C:\WINDOWS\system32\8882fa1.sys><N/A>
[d4f876 / d4f876][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\d4f876.sys><N/A>
[c56bcc1 / c56bcc1][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\c56bcc1.sys><N/A>
[4c70249 / 4c70249][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\4c70249.sys><N/A>
[c551839 / c551839][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\c551839.sys><N/A>
==================================
浏览器加载项
[WebThunder Browser Helper]
{00000AAA-A363-466E-BEF5-9BB68697AA7F} <C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[启动WEB迅雷]
{962EFB8E-2683-42d4-AC74-AAA4C759B9C6} <
http://my.xunlei.com, N/A>
[WebThunder Browser Helper]
{00000AAA-A363-466E-BEF5-9BB68697AA7F} <C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[WebThunder Class]
{03507A1A-E0C5-4404-AA26-205385C0892D} <, >
[WebThunder DapPlayer]
{2EEDA47E-8D5C-4d7e-B4B6-E16E19218555} <C:\Program Files\Thunder Network\WebThunder\DownAndPlay\DapPlayer3.0.5712.71.621.dll, ShenZhen Thunder Networking Technologies Ltd.>
[XML Document]
{48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[XMP Class]
{6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, >
[XDRM]
{693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, >
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[Microsoft Web 浏览器]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, (Signed) Microsoft Corporation>
[XML DOM 文档 5.0]
{88D969E5-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL, Microsoft Corporation>
[]
{962EFB8E-2683-42D4-AC74-AAA4C759B9C6} <, >
[DapCtrl Class]
{ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <C:\Program Files\Common Files\Thunder Network\KanKan\dapctrl.2.1.5801.53.(621).dll, ShenZhen Thunder Networking Technologies Ltd.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, (Signed) Adobe Systems, Inc.>
[XML HTTP Request]
{ED8C108E-4349-11D2-91A4-00C04F7969E8} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[XPPlayer Class]
{F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Program Files\Common Files\Thunder Network\KanKan\PPlayer.2.0.0.164.(621).dll, Thunder>
[XML DOM Document 3.0]
{F5078F32-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[XML HTTP 3.0]
{F5078F35-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[XML HTTP]
{F6D90F16-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[使用WEB迅雷下载]
<C:\Program Files\Thunder Network\WebThunder\GetUrl.htm, N/A>
[使用WEB迅雷下载全部链接]
<C:\Program Files\Thunder Network\WebThunder\GetAllUrl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
<res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000, N/A>
饿的扶墙 - 2008-10-12 18:18:00
==================================
正在运行的进程
[PID: 292 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[PID: 348 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\CSRSRV.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\basesrv.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\winsrv.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\KERNEL32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\sxs.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[PID: 372 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\NDdeApi.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\PROFMAP.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\PSAPI.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\REGAPI.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SETUPAPI.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WINSTA.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MSGINA.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SHSVCS.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\sfc.dll] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[C:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\imagehlp.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WINSCARD.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WTSAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\shell32.dll] [Microsoft Corporation, 6.00.3790.4184 (srv03_sp2_gdr.071106-1258)]
[C:\WINDOWS\system32\rsaenh.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\wldap32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\cscdll.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\dimsntfy.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WlNotify.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WINSPOOL.DRV] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MPR.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.2.3790.3959]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\NTMARTA.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\wdmaud.drv] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MSACM32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\midimap.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\CLBCatQ.DLL] [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\wbem\wbemprox.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\wbem\wbemcomn.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\wbem\wbemsvc.dll] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[C:\WINDOWS\system32\wbem\fastprox.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\msvcp60.dll] [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\NTDSAPI.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\DNSAPI.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[PID: 420 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SCESRV.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\AUTHZ.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\umpnpmgr.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WINSTA.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\NCObjAPI.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\msvcp60.dll] [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\eventlog.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\PSAPI.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\wtsapi32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[PID: 432 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\LSASRV.dll] [Microsoft Corporation, 5.2.3790.4275 (srv03_sp2_qfe.080417-1307)]
[C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\SAMSRV.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\cryptdll.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\DNSAPI.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MPR.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\NTDSAPI.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\msprivs.dll] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[C:\WINDOWS\system32\kerberos.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\msv1_0.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\iphlpapi.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\PSAPI.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\netlogon.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\w32time.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\msvcp60.dll] [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\AUTHZ.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\schannel.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\wdigest.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\rsaenh.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\RASSFM.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\KDCSVC.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\NTDSA.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\NTDSATQ.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MSWSOCK.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ESENT.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\scecli.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SETUPAPI.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WS03RES.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\pstorsvc.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\psbase.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\dssenh.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[PID: 588 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\rpcss.dll] [N/A, ]
[C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\WS2_32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\WS2HELP.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\rsaenh.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\PSAPI.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\CLBCatQ.DLL] [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.2.3790.3959]
[C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[PID: 652 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
饿的扶墙 - 2008-10-12 18:19:00
[C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\rpcss.dll] [N/A, ]
[C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\WS2_32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\WS2HELP.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\rsaenh.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\PSAPI.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\mswsock.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\CLBCatQ.DLL] [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.2.3790.3959]
[C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\msi.dll] [Microsoft Corporation, 3.1.4000.3959]
[PID: 720 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\dnsrslvr.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[c:\windows\system32\DNSAPI.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\WS2_32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\WS2HELP.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\DHCPCSVC.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\iphlpapi.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\PSAPI.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\netman.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\netshell.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\rtutils.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\credui.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.3790.4184 (srv03_sp2_gdr.071106-1258)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.2.3790.3959]
[C:\WINDOWS\system32\ATL.DLL] [Microsoft Corporation, 3.05.2283]
[C:\WINDOWS\system32\CLUSAPI.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MPRAPI.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ACTIVEDS.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\adsldpc.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SETUPAPI.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\RASAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\rasman.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\TAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WZCSvc.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WMI.dll] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[C:\WINDOWS\system32\WTSAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WINSTA.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ESENT.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.3790.4186 (srv03_sp2_gdr.071108-1306)]
[C:\WINDOWS\system32\WZCSAPI.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\mswsock.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[PID: 748 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\NTMARTA.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\SAMLIB.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\LPK.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\USP10.dll] [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\xpsp2res.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\audiosrv.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\SETUPAPI.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\WTSAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\WINSTA.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\imagehlp.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\wkssvc.dll] [Microsoft Corporation, 5.2.3790.4275 (srv03_sp2_qfe.080417-1307)]
[c:\windows\system32\NTDSAPI.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\DNSAPI.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\WS2_32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\WS2HELP.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\cryptsvc.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\certcli.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\ATL.DLL] [Microsoft Corporation, 3.05.2283]
[C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.2.3790.3959]
[c:\windows\system32\PSAPI.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\ESENT.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\VSSAPI.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MPR.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\sfc.dll] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[c:\windows\system32\sfc_os.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\es.dll] [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\CLBCatQ.DLL] [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\COMRes.dll] [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\SXS.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\comsvcs.dll] [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\wbem\wmisvc.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\Wbem\wbemcore.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\msvcp60.dll] [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\Wbem\esscli.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\Wbem\wbemcomn.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\Wbem\FastProx.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\wbem\wbemsvc.dll] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[C:\WINDOWS\system32\wbem\wmiutils.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\wbem\repdrvfs.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\wbem\wmiprvsd.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
饿的扶墙 - 2008-10-12 18:19:00
[C:\WINDOWS\system32\NCObjAPI.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\wbem\wbemess.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\rsaenh.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\netman.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\netshell.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\rtutils.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\credui.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.3790.4184 (srv03_sp2_gdr.071106-1258)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\iphlpapi.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\CLUSAPI.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\MPRAPI.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\ACTIVEDS.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\adsldpc.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\RASAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\rasman.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\TAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\WINMM.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\WZCSvc.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\WMI.dll] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[c:\windows\system32\DHCPCSVC.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.3790.4186 (srv03_sp2_gdr.071108-1306)]
[c:\windows\system32\WZCSAPI.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\mswsock.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\hnetcfg.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\USERENV.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\RASDLG.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\rasadhlp.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\wbem\ncprov.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\netcfgx.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WINIPSEC.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[PID: 836 / SYSTEM][C:\Program Files\Richtech\Rtcgosrv\GSGIOSRV.EXE] [RichTech, 2.0.1209]
[C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\advapi32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\iphlpapi.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\PSAPI.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\winmm.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\setupapi.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\Program Files\Richtech\Rtcgosrv\LPK.DLL] [N/A, ]
[C:\WINDOWS\system32\lpk.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\Program Files\Richtech\Rtcgosrv\GetParam.dll] [N/A, ]
[C:\WINDOWS\system32\wsock32.dll] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[C:\WINDOWS\system32\oleaut32.dll] [Microsoft Corporation, 5.2.3790.3959]
[C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\mswsock.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[PID: 884 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe] [NVIDIA Corporation, 6.14.10.9371]
[C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\POWRPROF.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\wtsapi32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WINSTA.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.2.3790.3959]
[C:\WINDOWS\system32\nvapi.dll] [N/A, ]
[C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\imagehlp.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\NTMARTA.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[PID: 904 / SYSTEM][C:\Program Files\iCafe8\ServerMgr\ServerManager.exe] [Sunward Information Technology Co.Ltd, 2007, 4, 5, 0]
饿的扶墙 - 2008-10-12 18:20:00
[C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\Program Files\iCafe8\ServerMgr\IOCPTcp.dll] [Sunward Information Technology Co.Ltd, 2006, 11, 13, 2]
[C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WINSPOOL.DRV] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.2.3790.3959]
[C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MSWSOCK.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\PSAPI.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[PID: 948 / SYSTEM][C:\Program Files\RealVNC\WinVNC4.exe] [RealVNC Ltd., E4.2.6]
[C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.3790.4184 (srv03_sp2_gdr.071106-1258)]
[C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\wtsapi32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WINSTA.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\security.dll] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[C:\WINDOWS\system32\aclui.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.2.3790.3959]
[C:\WINDOWS\system32\mswsock.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\DNSAPI.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\winrnr.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\rasadhlp.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[PID: 1024 / SYSTEM][c:\program files\icafe8\logserver\logserver.exe] [Sunward Information Technology Co.Ltd, 2, 0, 0, 2]
[C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\program files\icafe8\logserver\IOCPTcp.dll] [Sunward Information Technology Co.Ltd, 2006, 11, 13, 2]
[C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WINSPOOL.DRV] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.2.3790.3959]
[C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MSWSOCK.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[PID: 1040 / SYSTEM][c:\program files\icafe8\nbms\barserver\barserver.exe] [Sunward Information Technology Co.Ltd, 6, 1, 3, 0]
[C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\program files\icafe8\nbms\barserver\IOCPTcp.dll] [Sunward Information Technology Co.Ltd, 2008, 4, 2, 1]
[C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WINSPOOL.DRV] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.2.3790.3959]
[C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MSWSOCK.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\program files\icafe8\nbms\barserver\IOCPUdp.dll] [Sunward Information Technology Co.Ltd, 2, 0, 0, 5]
[C:\WINDOWS\system32\comdlg32.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.3790.4184 (srv03_sp2_gdr.071106-1258)]
[C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\CLBCatQ.DLL] [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)]
[C:\Program Files\Common Files\System\ado\msado15.dll] [Microsoft Corporation, 2.82.3959.0 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MSDART.DLL] [Microsoft Corporation, 2.82.3959.0 (srv03_sp2_rtm.070216-1710)]
[C:\Program Files\Common Files\System\Ole DB\oledb32.dll] [Microsoft Corporation, 2.82.3959.0 (srv03_sp2_rtm.070216-1710)]
[C:\Program Files\Common Files\System\Ole DB\OLEDB32R.DLL] [Microsoft Corporation, 2.82.3959.0 (srv03_sp2_rtm.070216-1710)]
饿的扶墙 - 2008-10-12 18:20:00
[C:\WINDOWS\system32\comsvcs.dll] [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\msjetoledb40.dll] [, ]
[C:\WINDOWS\system32\msjet40.dll] [Microsoft Corporation, 4.00.9505.0]
[C:\WINDOWS\system32\mswstr10.dll] [Microsoft Corporation, 4.00.9502.0]
[C:\WINDOWS\system32\msjter40.dll] [Microsoft Corporation, 4.00.9502.0]
[C:\WINDOWS\system32\MSJINT40.DLL] [Microsoft Corporation, 4.00.9502.0]
[C:\Program Files\Common Files\System\ado\msadrh15.dll] [Microsoft Corporation, 2.82.3959.0 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\msjtes40.dll] [Microsoft Corporation, 4.00.9502.0]
[C:\WINDOWS\system32\VBAJET32.DLL] [Microsoft Corporation, 6.1.9431]
[C:\WINDOWS\system32\expsrv.dll] [Microsoft Corporation, 6.0.9589]
[C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\DNSAPI.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\winrnr.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\rasadhlp.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[PID: 1052 / SYSTEM][c:\program files\icafe8\personudisk\personudisk.exe] [Sunward Information Technology Co.Ltd, 2007, 7, 14, 0]
[C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\program files\icafe8\personudisk\IOCPTcp.dll] [Sunward Information Technology Co.Ltd, 2007, 6, 21, 0]
[C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WINSPOOL.DRV] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.2.3790.3959]
[C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MSWSOCK.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\program files\icafe8\personudisk\IOCPUdp.dll] [Sunward Information Technology Co.Ltd, 2, 0, 0, 5]
[C:\WINDOWS\system32\comdlg32.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.3790.4184 (srv03_sp2_gdr.071106-1258)]
[C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[PID: 1156 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.3790.4184 (srv03_sp2_gdr.071106-1258)]
[C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.2.3790.3959]
[C:\WINDOWS\system32\BROWSEUI.dll] [Microsoft Corporation, 6.00.3790.4186 (srv03_sp2_gdr.071108-1306)]
[C:\WINDOWS\system32\SHDOCVW.dll] [Microsoft Corporation, 6.00.3790.4186 (srv03_sp2_gdr.071108-1306)]
[C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\CRYPTUI.dll] [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\imagehlp.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\CLBCatQ.DLL] [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\themeui.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MSIMG32.dll] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\LINKINFO.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ntshrui.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\apphelp.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.3790.4186 (srv03_sp2_gdr.071108-1306)]
[C:\WINDOWS\system32\WINSTA.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\webcheck.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WSOCK32.dll] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\INDICDLL.dll] [Microsoft Corporation, 5.00.2920.0000]
[C:\WINDOWS\system32\stobject.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\BatMeter.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\POWRPROF.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SETUPAPI.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WTSAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\wdmaud.drv] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MSACM32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\midimap.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\NETSHELL.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\rtutils.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\credui.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ATL.DLL] [Microsoft Corporation, 3.05.2283]
[C:\WINDOWS\system32\iphlpapi.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\PSAPI.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\CLUSAPI.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\nvcpl.dll] [NVIDIA Corporation, 6.14.10.9371]
[C:\WINDOWS\system32\comdlg32.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WINSPOOL.DRV] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\OLEACC.dll] [Microsoft Corporation, 4.2.5406.0 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\msvcp60.dll] [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\NVRSZHC.DLL] [NVIDIA Corporation, 6.14.10.9371]
[C:\WINDOWS\system32\NTMARTA.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\nvapi.dll] [N/A, ]
[C:\WINDOWS\system32\nvshell.dll] [, ]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.3790.4186 (srv03_sp2_gdr.071108-1306)]
[C:\WINDOWS\system32\rsaenh.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SXS.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.3790.0 (srv03_rtm.030324-2048)]
[C:\WINDOWS\system32\MLANG.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\Program Files\WinRAR\rarext.dll] [N/A, ]
[C:\WINDOWS\system32\browselc.dll] [Microsoft Corporation, 6.00.3790.0 (srv03_rtm.030324-2048)]
[C:\WINDOWS\system32\RASAPI32.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\rasman.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\TAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MPR.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\mswsock.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\DNSAPI.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\rasadhlp.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\actxprxy.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\msi.dll] [Microsoft Corporation, 3.1.4000.3959]
[C:\WINDOWS\system32\mydocs.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\winpy.ime] [Microsoft Corporation, 5.2.3790.3959]
[C:\WINDOWS\system32\winwb86.ime] [Microsoft Corporation, 4.00.950]
[C:\WINDOWS\system32\winabc.ime] [Microsoft Corporation, 5.2.3790.0]
[C:\WINDOWS\system32\mscms.dll] [Microsoft Corporation, 5.2.3790.4320 (srv03_sp2_gdr.080624-1215)]
[C:\WINDOWS\system32\sendmail.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\audiodev.dll] [Microsoft Corporation, 5.2.3810.3997 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WMVCore.DLL] [Microsoft Corporation, 10.00.00.3997 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WMASF.DLL] [Microsoft Corporation, 10.00.00.3997 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\adsldpc.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\sys05015.dll] [N/A, ]
[C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\WowInitcode.dat] [N/A, ]
饿的扶墙 - 2008-10-12 18:21:00
[C:\WINDOWS\system32\HBTL.dll] [N/A, ]
[C:\WINDOWS\system32\HBDNF.dll] [N/A, ]
[C:\WINDOWS\system32\HBASKTAO.dll] [N/A, ]
[C:\WINDOWS\system32\fckskzso.dll] [N/A, ]
[C:\WINDOWS\system32\4BF9CBA3.dll] [N/A, ]
[C:\WINDOWS\system32\trgktsxv.dll] [N/A, ]
[C:\WINDOWS\system32\HBSOUL.dll] [N/A, ]
[C:\WINDOWS\system32\4EFDDEBE.dll] [N/A, ]
[C:\WINDOWS\system32\3474A8C2.dll] [N/A, ]
[C:\WINDOWS\system32\8566F82E.dll] [N/A, ]
[C:\WINDOWS\system32\9CA963CA.dll] [N/A, ]
[C:\WINDOWS\system32\wtxwbiuy.dll] [N/A, ]
[C:\WINDOWS\system32\nlknhmii.dll] [N/A, ]
[C:\WINDOWS\system32\53360697.dll] [N/A, ]
[C:\WINDOWS\system32\495271CA.dll] [N/A, ]
[C:\WINDOWS\system32\aldqwhwz.dll] [N/A, ]
[C:\WINDOWS\system32\C56BCC10.dll] [N/A, ]
[C:\WINDOWS\system32\HBBO.dll] [N/A, ]
[C:\WINDOWS\system32\ntvtckrq.dll] [N/A, ]
[C:\WINDOWS\system32\xqmryeve.dll] [N/A, ]
[C:\WINDOWS\system32\C250CF20.dll] [N/A, ]
[C:\WINDOWS\system32\sys07008.dll] [N/A, ]
[C:\WINDOWS\system32\ddicjfgz.dll] [N/A, ]
[C:\WINDOWS\system32\E4814792.dll] [N/A, ]
[C:\WINDOWS\system32\uvvsijmb.dll] [N/A, ]
[C:\WINDOWS\system32\xxxyakem.dll] [N/A, ]
[C:\WINDOWS\system32\D91BC61E.dll] [N/A, ]
[C:\WINDOWS\system32\HBmhly.dll] [N/A, ]
[C:\WINDOWS\system32\HBFY.dll] [N/A, ]
[C:\WINDOWS\system32\DB2D9172.dll] [N/A, ]
[C:\WINDOWS\system32\RASDLG.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MPRAPI.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ACTIVEDS.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WZCSAPI.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 75]
[C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
[C:\WINDOWS\system32\diskcopy.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[PID: 1528 / Administrator][C:\WINDOWS\system32\internat.exe] [Microsoft Corporation, 5.00.2920.0000]
[C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USER32.DLL] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SETUPAPI.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SHELL32.DLL] [Microsoft Corporation, 6.00.3790.4184 (srv03_sp2_gdr.071106-1258)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\INDICDLL.dll] [Microsoft Corporation, 5.00.2920.0000]
[C:\WINDOWS\system32\Cabinet.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\fckskzso.dll] [N/A, ]
[C:\WINDOWS\system32\4BF9CBA3.dll] [N/A, ]
[C:\WINDOWS\system32\NETAPI32.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\rsaenh.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\PSAPI.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\WowInitcode.dat] [N/A, ]
[C:\WINDOWS\system32\oleaut32.dll] [Microsoft Corporation, 5.2.3790.3959]
[C:\WINDOWS\system32\wininet.dll] [Microsoft Corporation, 6.00.3790.4186 (srv03_sp2_gdr.071108-1306)]
[C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\wsock32.dll] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\trgktsxv.dll] [N/A, ]
[C:\WINDOWS\system32\4EFDDEBE.dll] [N/A, ]
[C:\WINDOWS\system32\3474A8C2.dll] [N/A, ]
[C:\WINDOWS\system32\wtxwbiuy.dll] [N/A, ]
[C:\WINDOWS\system32\nlknhmii.dll] [N/A, ]
[C:\WINDOWS\system32\aldqwhwz.dll] [N/A, ]
[C:\WINDOWS\system32\C56BCC10.dll] [N/A, ]
[C:\WINDOWS\system32\495271CA.dll] [N/A, ]
[C:\WINDOWS\system32\53360697.dll] [N/A, ]
[C:\WINDOWS\system32\9CA963CA.dll] [N/A, ]
[C:\WINDOWS\system32\8566F82E.dll] [N/A, ]
[C:\WINDOWS\system32\ntvtckrq.dll] [N/A, ]
[C:\WINDOWS\system32\xqmryeve.dll] [N/A, ]
[C:\WINDOWS\system32\ddicjfgz.dll] [N/A, ]
[C:\WINDOWS\system32\uvvsijmb.dll] [N/A, ]
[C:\WINDOWS\system32\xxxyakem.dll] [N/A, ]
[C:\WINDOWS\system32\D91BC61E.dll] [N/A, ]
[C:\WINDOWS\system32\E4814792.dll] [N/A, ]
[C:\WINDOWS\system32\C250CF20.dll] [N/A, ]
[C:\WINDOWS\system32\DB2D9172.dll] [N/A, ]
[PID: 1564 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\NTMARTA.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\SAMLIB.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\LPK.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\USP10.dll] [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\xpsp2res.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\termsrv.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\ICAAPI.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\WS2_32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\WS2HELP.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.2.3790.3959]
[c:\windows\system32\AUTHZ.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\mstlsapi.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\ACTIVEDS.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\adsldpc.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\credui.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.3790.4184 (srv03_sp2_gdr.071106-1258)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\ATL.DLL] [Microsoft Corporation, 3.05.2283]
[C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[c:\windows\system32\REGAPI.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\rsaenh.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\PSAPI.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\USERENV.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[PID: 1988 / SYSTEM][C:\WINDOWS\system32\wbem\wmiprvse.exe] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
饿的扶墙 - 2008-10-12 18:21:00
[C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\wbem\wbemcomn.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.2.3790.3959]
[C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\wbem\FastProx.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\msvcp60.dll] [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\NTDSAPI.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\DNSAPI.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\NCObjAPI.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\faultrep.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WINSTA.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SETUPAPI.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\CLBCatQ.DLL] [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\wbem\wbemsvc.dll] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[C:\WINDOWS\system32\wbem\wmiutils.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\wbem\wmiprov.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WMI.dll] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[C:\WINDOWS\system32\NTMARTA.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\authz.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\wbem\esscli.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[PID: 520 / Administrator][D:\Xunlei\网吧公告网络单机\服务端\公告服务端.exe] [深圳市新联盈网联科技有限公司, 1,0,0,0]
[C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USER32.DLL] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\E_4\krnln.fnr] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\WINMM.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\COMDLG32.DLL] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.3790.4184 (srv03_sp2_gdr.071106-1258)]
[C:\WINDOWS\system32\WINSPOOL.DRV] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\OLE32.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\OLEPRO32.DLL] [Microsoft Corporation, 5.2.3790.3959]
[C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.2.3790.3959]
[C:\WINDOWS\system32\WS2_32.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\INDICDLL.dll] [Microsoft Corporation, 5.00.2920.0000]
[C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\E_4\iext.fnr] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\mswsock.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\apphelp.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\winpy.ime] [Microsoft Corporation, 5.2.3790.3959]
[C:\WINDOWS\system32\winwb86.ime] [Microsoft Corporation, 4.00.950]
[C:\WINDOWS\system32\winabc.ime] [Microsoft Corporation, 5.2.3790.0]
[C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\WowInitcode.dat] [N/A, ]
[C:\WINDOWS\system32\netapi32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\wininet.dll] [Microsoft Corporation, 6.00.3790.4186 (srv03_sp2_gdr.071108-1306)]
[C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\wsock32.dll] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[C:\WINDOWS\system32\fckskzso.dll] [N/A, ]
[C:\WINDOWS\system32\4BF9CBA3.dll] [N/A, ]
[C:\WINDOWS\system32\rsaenh.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\PSAPI.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\trgktsxv.dll] [N/A, ]
[C:\WINDOWS\system32\HBSOUL.dll] [N/A, ]
[C:\WINDOWS\system32\HBTL.dll] [N/A, ]
[C:\WINDOWS\system32\HBDNF.dll] [N/A, ]
[C:\WINDOWS\system32\HBASKTAO.dll] [N/A, ]
[C:\WINDOWS\system32\4EFDDEBE.dll] [N/A, ]
[C:\WINDOWS\system32\3474A8C2.dll] [N/A, ]
[C:\WINDOWS\system32\8566F82E.dll] [N/A, ]
[C:\WINDOWS\system32\9CA963CA.dll] [N/A, ]
[C:\WINDOWS\system32\wtxwbiuy.dll] [N/A, ]
[C:\WINDOWS\system32\53360697.dll] [N/A, ]
[C:\WINDOWS\system32\nlknhmii.dll] [N/A, ]
[C:\WINDOWS\system32\495271CA.dll] [N/A, ]
[C:\WINDOWS\system32\aldqwhwz.dll] [N/A, ]
[C:\WINDOWS\system32\C56BCC10.dll] [N/A, ]
[C:\WINDOWS\system32\ntvtckrq.dll] [N/A, ]
[C:\WINDOWS\system32\xqmryeve.dll] [N/A, ]
[C:\WINDOWS\system32\C250CF20.dll] [N/A, ]
[C:\WINDOWS\system32\ddicjfgz.dll] [N/A, ]
[C:\WINDOWS\system32\E4814792.dll] [N/A, ]
[C:\WINDOWS\system32\uvvsijmb.dll] [N/A, ]
[C:\WINDOWS\system32\xxxyakem.dll] [N/A, ]
[C:\WINDOWS\system32\D91BC61E.dll] [N/A, ]
[C:\WINDOWS\system32\HBmhly.dll] [N/A, ]
[C:\WINDOWS\system32\HBFY.dll] [N/A, ]
[C:\WINDOWS\system32\HBBO.dll] [N/A, ]
[C:\WINDOWS\system32\DB2D9172.dll] [N/A, ]
饿的扶墙 - 2008-10-12 18:21:00
PID: 3980 / Administrator][C:\WINDOWS\system32\System.exe] [HB Software, 1, 2, 1, 1007]
[C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SHLWAPI.DLL] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\INDICDLL.dll] [Microsoft Corporation, 5.00.2920.0000]
[C:\WINDOWS\system32\HBASKTAO.dll] [N/A, ]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.3790.4186 (srv03_sp2_gdr.071108-1306)]
[C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.2.3790.3959]
[C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\HBDNF.dll] [N/A, ]
[C:\WINDOWS\system32\HBTL.dll] [N/A, ]
[C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\WowInitcode.dat] [N/A, ]
[C:\WINDOWS\system32\netapi32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\wsock32.dll] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[C:\WINDOWS\system32\fckskzso.dll] [N/A, ]
[C:\WINDOWS\system32\4BF9CBA3.dll] [N/A, ]
[C:\WINDOWS\system32\rsaenh.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\PSAPI.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\trgktsxv.dll] [N/A, ]
[C:\WINDOWS\system32\HBSOUL.dll] [N/A, ]
[C:\WINDOWS\system32\4EFDDEBE.dll] [N/A, ]
[C:\WINDOWS\system32\3474A8C2.dll] [N/A, ]
[C:\WINDOWS\system32\8566F82E.dll] [N/A, ]
[C:\WINDOWS\system32\HBBO.dll] [N/A, ]
[C:\WINDOWS\system32\9CA963CA.dll] [N/A, ]
[C:\WINDOWS\system32\wtxwbiuy.dll] [N/A, ]
[C:\WINDOWS\system32\53360697.dll] [N/A, ]
[C:\WINDOWS\system32\nlknhmii.dll] [N/A, ]
[C:\WINDOWS\system32\495271CA.dll] [N/A, ]
[C:\WINDOWS\system32\aldqwhwz.dll] [N/A, ]
[C:\WINDOWS\system32\C56BCC10.dll] [N/A, ]
[C:\WINDOWS\system32\ntvtckrq.dll] [N/A, ]
[C:\WINDOWS\system32\C250CF20.dll] [N/A, ]
[C:\WINDOWS\system32\xqmryeve.dll] [N/A, ]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.3790.4184 (srv03_sp2_gdr.071106-1258)]
[C:\WINDOWS\system32\ddicjfgz.dll] [N/A, ]
[C:\WINDOWS\system32\HBFY.dll] [N/A, ]
[C:\WINDOWS\system32\E4814792.dll] [N/A, ]
[C:\WINDOWS\system32\uvvsijmb.dll] [N/A, ]
[C:\WINDOWS\system32\xxxyakem.dll] [N/A, ]
[C:\WINDOWS\system32\HBmhly.dll] [N/A, ]
[C:\WINDOWS\system32\D91BC61E.dll] [N/A, ]
[C:\WINDOWS\system32\DB2D9172.dll] [N/A, ]
[PID: 1896 / Administrator][C:\WINDOWS\system32\comboausk.exe] [N/A, ]
[C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MSVCRT.dll] [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
[PID: 1384 / Administrator][C:\Program Files\iCafe8\NBMS\BarServerView\BarServerView.exe] [Sunward Information Technology Co.Ltd, 6, 1, 3, 0]
[C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\Program Files\iCafe8\NBMS\BarServerView\IOCPTcp.dll] [Sunward Information Technology Co.Ltd, 2007, 8, 14, 0]
[C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WINSPOOL.DRV] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.2.3790.3959]
[C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MSWSOCK.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\Program Files\iCafe8\NBMS\BarServerView\IOCPUdp.dll] [Sunward Information Technology Co.Ltd, 2, 0, 0, 5]
[C:\WINDOWS\system32\comdlg32.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.3790.4184 (srv03_sp2_gdr.071106-1258)]
[C:\WINDOWS\system32\oledlg.dll] [Microsoft Corporation, 1.0 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\iphlpapi.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\PSAPI.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\RICHED32.DLL] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[C:\WINDOWS\system32\RICHED20.dll] [Microsoft Corporation, 5.31.23.1225]
[C:\WINDOWS\system32\INDICDLL.dll] [Microsoft Corporation, 5.00.2920.0000]
[C:\WINDOWS\system32\xxxyakem.dll] [N/A, ]
[C:\WINDOWS\system32\uvvsijmb.dll] [N/A, ]
[C:\WINDOWS\system32\ddicjfgz.dll] [N/A, ]
[C:\WINDOWS\system32\xqmryeve.dll] [N/A, ]
[C:\WINDOWS\system32\ntvtckrq.dll] [N/A, ]
[C:\WINDOWS\system32\aldqwhwz.dll] [N/A, ]
[C:\WINDOWS\system32\nlknhmii.dll] [N/A, ]
[C:\WINDOWS\system32\wtxwbiuy.dll] [N/A, ]
[C:\WINDOWS\system32\trgktsxv.dll] [N/A, ]
[C:\WINDOWS\system32\fckskzso.dll] [N/A, ]
[C:\WINDOWS\system32\D91BC61E.dll] [N/A, ]
[C:\WINDOWS\system32\rsaenh.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\E4814792.dll] [N/A, ]
[C:\WINDOWS\system32\C250CF20.dll] [N/A, ]
[C:\WINDOWS\system32\C56BCC10.dll] [N/A, ]
[C:\WINDOWS\system32\495271CA.dll] [N/A, ]
[C:\WINDOWS\system32\53360697.dll] [N/A, ]
[C:\WINDOWS\system32\9CA963CA.dll] [N/A, ]
[C:\WINDOWS\system32\8566F82E.dll] [N/A, ]
[C:\WINDOWS\system32\3474A8C2.dll] [N/A, ]
[C:\WINDOWS\system32\4EFDDEBE.dll] [N/A, ]
[C:\WINDOWS\system32\4BF9CBA3.dll] [N/A, ]
[C:\WINDOWS\system32\NETAPI32.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\WowInitcode.dat] [N/A, ]
[C:\WINDOWS\system32\wininet.dll] [Microsoft Corporation, 6.00.3790.4186 (srv03_sp2_gdr.071108-1306)]
[C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\wsock32.dll] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[C:\WINDOWS\system32\HBmhly.dll] [N/A, ]
[C:\WINDOWS\system32\HBFY.dll] [N/A, ]
[C:\WINDOWS\system32\HBBO.dll] [N/A, ]
[C:\WINDOWS\system32\HBSOUL.dll] [N/A, ]
[C:\WINDOWS\system32\HBTL.dll] [N/A, ]
[C:\WINDOWS\system32\HBDNF.dll] [N/A, ]
[C:\WINDOWS\system32\HBASKTAO.dll] [N/A, ]
[C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\apphelp.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\winpy.ime] [Microsoft Corporation, 5.2.3790.3959]
[C:\WINDOWS\system32\SETUPAPI.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\CLBCatQ.DLL] [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.3790.4186 (srv03_sp2_gdr.071108-1306)]
[C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\DB2D9172.dll] [N/A, ]
[PID: 4044 / Administrator][C:\Program Files\Richtech\Rtcgosrv\Manager.exe] [N/A, ]
[C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\Program Files\Richtech\Rtcgosrv\rndinter.dll] [N/A, ]
[C:\WINDOWS\system32\advapi32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\iphlpapi.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\PSAPI.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\setupapi.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\wsock32.dll] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[C:\WINDOWS\system32\comdlg32.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.3790.4184 (srv03_sp2_gdr.071106-1258)]
[C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\oleaut32.dll] [Microsoft Corporation, 5.2.3790.3959]
[C:\Program Files\Richtech\Rtcgosrv\qtintf.dll] [Borland Software Corporation, 6.0.0.0]
[C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\Program Files\Richtech\Rtcgosrv\LPK.DLL] [N/A, ]
[C:\WINDOWS\system32\lpk.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\INDICDLL.dll] [Microsoft Corporation, 5.00.2920.0000]
[C:\WINDOWS\system32\xxxyakem.dll] [N/A, ]
[C:\WINDOWS\system32\uvvsijmb.dll] [N/A, ]
[C:\WINDOWS\system32\ddicjfgz.dll] [N/A, ]
[C:\WINDOWS\system32\xqmryeve.dll] [N/A, ]
[C:\WINDOWS\system32\ntvtckrq.dll] [N/A, ]
[C:\WINDOWS\system32\aldqwhwz.dll] [N/A, ]
[C:\WINDOWS\system32\nlknhmii.dll] [N/A, ]
[C:\WINDOWS\system32\wtxwbiuy.dll] [N/A, ]
[C:\WINDOWS\system32\trgktsxv.dll] [N/A, ]
[C:\WINDOWS\system32\fckskzso.dll] [N/A, ]
[C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\HBmhly.dll] [N/A, ]
[C:\WINDOWS\system32\HBFY.dll] [N/A, ]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.3790.4186 (srv03_sp2_gdr.071108-1306)]
[C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\HBBO.dll] [N/A, ]
[C:\WINDOWS\system32\HBSOUL.dll] [N/A, ]
[C:\WINDOWS\system32\HBTL.dll] [N/A, ]
[C:\WINDOWS\system32\HBDNF.dll] [N/A, ]
[C:\WINDOWS\system32\HBASKTAO.dll] [N/A, ]
[C:\WINDOWS\system32\DB2D9172.dll] [N/A, ]
[C:\WINDOWS\system32\rsaenh.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\D91BC61E.dll] [N/A, ]
[C:\WINDOWS\system32\E4814792.dll] [N/A, ]
[C:\WINDOWS\system32\C250CF20.dll] [N/A, ]
[C:\WINDOWS\system32\C56BCC10.dll] [N/A, ]
[C:\WINDOWS\system32\495271CA.dll] [N/A, ]
[C:\WINDOWS\system32\53360697.dll] [N/A, ]
[C:\WINDOWS\system32\9CA963CA.dll] [N/A, ]
[C:\WINDOWS\system32\8566F82E.dll] [N/A, ]
[C:\WINDOWS\system32\3474A8C2.dll] [N/A, ]
[C:\WINDOWS\system32\4EFDDEBE.dll] [N/A, ]
[C:\WINDOWS\system32\4BF9CBA3.dll] [N/A, ]
饿的扶墙 - 2008-10-12 18:22:00
[C:\WINDOWS\system32\NETAPI32.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\WowInitcode.dat] [N/A, ]
[C:\WINDOWS\system32\MSWSOCK.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[PID: 4020 / Administrator][C:\WINDOWS\system32\taskmgr.exe] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\iphlpapi.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\PSAPI.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.3790.4184 (srv03_sp2_gdr.071106-1258)]
[C:\WINDOWS\system32\VDMDBG.dll] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\INDICDLL.dll] [Microsoft Corporation, 5.00.2920.0000]
[C:\WINDOWS\system32\xxxyakem.dll] [N/A, ]
[C:\WINDOWS\system32\uvvsijmb.dll] [N/A, ]
[C:\WINDOWS\system32\ddicjfgz.dll] [N/A, ]
[C:\WINDOWS\system32\xqmryeve.dll] [N/A, ]
[C:\WINDOWS\system32\ntvtckrq.dll] [N/A, ]
[C:\WINDOWS\system32\aldqwhwz.dll] [N/A, ]
[C:\WINDOWS\system32\nlknhmii.dll] [N/A, ]
[C:\WINDOWS\system32\wtxwbiuy.dll] [N/A, ]
[C:\WINDOWS\system32\trgktsxv.dll] [N/A, ]
[C:\WINDOWS\system32\fckskzso.dll] [N/A, ]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\DB2D9172.dll] [N/A, ]
[C:\WINDOWS\system32\rsaenh.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\D91BC61E.dll] [N/A, ]
[C:\WINDOWS\system32\E4814792.dll] [N/A, ]
[C:\WINDOWS\system32\C250CF20.dll] [N/A, ]
[C:\WINDOWS\system32\C56BCC10.dll] [N/A, ]
[C:\WINDOWS\system32\495271CA.dll] [N/A, ]
[C:\WINDOWS\system32\53360697.dll] [N/A, ]
[C:\WINDOWS\system32\9CA963CA.dll] [N/A, ]
[C:\WINDOWS\system32\8566F82E.dll] [N/A, ]
[C:\WINDOWS\system32\3474A8C2.dll] [N/A, ]
[C:\WINDOWS\system32\4EFDDEBE.dll] [N/A, ]
[C:\WINDOWS\system32\4BF9CBA3.dll] [N/A, ]
[C:\WINDOWS\system32\NETAPI32.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\WowInitcode.dat] [N/A, ]
[C:\WINDOWS\system32\oleaut32.dll] [Microsoft Corporation, 5.2.3790.3959]
[C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\wininet.dll] [Microsoft Corporation, 6.00.3790.4186 (srv03_sp2_gdr.071108-1306)]
[C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\wsock32.dll] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[C:\WINDOWS\system32\WINSTA.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\UTILDLL.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\TAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\rtutils.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SETUPAPI.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WTSAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\HBmhly.dll] [N/A, ]
[C:\WINDOWS\system32\HBFY.dll] [N/A, ]
[C:\WINDOWS\system32\HBBO.dll] [N/A, ]
[C:\WINDOWS\system32\HBSOUL.dll] [N/A, ]
[C:\WINDOWS\system32\HBTL.dll] [N/A, ]
[C:\WINDOWS\system32\HBDNF.dll] [N/A, ]
[C:\WINDOWS\system32\HBASKTAO.dll] [N/A, ]
[PID: 3732 / Administrator][C:\Program Files\Thunder Network\WebThunder\WebThunder.exe] [深圳市迅雷网络技术有限公司, 1, 13, 1, 223]
[C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\comdlg32.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.3790.4184 (srv03_sp2_gdr.071106-1258)]
[C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.2.3790.3959]
[C:\WINDOWS\system32\MSIMG32.dll] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[C:\WINDOWS\system32\imagehlp.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.3790.4186 (srv03_sp2_gdr.071108-1306)]
[C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\Program Files\Thunder Network\WebThunder\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\INDICDLL.dll] [Microsoft Corporation, 5.00.2920.0000]
[C:\WINDOWS\system32\xxxyakem.dll] [N/A, ]
[C:\WINDOWS\system32\uvvsijmb.dll] [N/A, ]
[C:\WINDOWS\system32\ddicjfgz.dll] [N/A, ]
[C:\WINDOWS\system32\xqmryeve.dll] [N/A, ]
[C:\WINDOWS\system32\ntvtckrq.dll] [N/A, ]
[C:\WINDOWS\system32\aldqwhwz.dll] [N/A, ]
[C:\WINDOWS\system32\nlknhmii.dll] [N/A, ]
[C:\WINDOWS\system32\wtxwbiuy.dll] [N/A, ]
[C:\WINDOWS\system32\trgktsxv.dll] [N/A, ]
[C:\WINDOWS\system32\fckskzso.dll] [N/A, ]
[C:\Program Files\Thunder Network\WebThunder\TaskManager.dll] [Thunder Networking Technologies,LTD, 1, 3, 1, 56]
[C:\WINDOWS\system32\MFC42.DLL] [Microsoft Corporation, 6.06.8063.0]
[C:\WINDOWS\system32\WSOCK32.dll] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[C:\WINDOWS\system32\ODBC32.dll] [Microsoft Corporation, 3.526.3959.0 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MSVCP60.dll] [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\odbcint.dll] [Microsoft Corporation, 3.526.3959.0 (srv03_sp2_rtm.070216-1710)]
[C:\Program Files\Thunder Network\WebThunder\download_interface.dll] [Thunder Networking Technologies,LTD, 2, 21, 2, 217]
[C:\Program Files\Thunder Network\WebThunder\stlport_vc646.dll] [STLport Consulting, Inc., 4.6.2003.1031]
[C:\Program Files\Thunder Network\WebThunder\asyn_dns.dll] [Thunder Networking Technologies,LTD, 2, 21, 2, 217]
[C:\WINDOWS\system32\iphlpapi.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\PSAPI.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MSWSOCK.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\Program Files\Thunder Network\WebThunder\streammedialib.dll] [, 1, 3, 2, 124]
[C:\Program Files\Thunder Network\WebThunder\al.dll] [, 1, 0, 1, 3]
[C:\WINDOWS\system32\DNSAPI.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\winrnr.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\rasadhlp.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\Program Files\Thunder Network\WebThunder\xldc.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 14]
[C:\Program Files\Thunder Network\WebThunder\bd.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 6]
[C:\WINDOWS\system32\CLBCatQ.DLL] [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\mlang.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\Program Files\Thunder Network\WebThunder\RegisterDll.dll] [Thunder Networking Technologies,LTD, 2, 16, 5, 63]
[C:\WINDOWS\system32\MSVCIRT.dll] [Microsoft Corporation, 7.0.3790.0 (srv03_rtm.030324-2048)]
[C:\Program Files\Thunder Network\WebThunder\CacheServer.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\shdocvw.dll] [Microsoft Corporation, 6.00.3790.4186 (srv03_sp2_gdr.071108-1306)]
[C:\WINDOWS\system32\CRYPTUI.dll] [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\apphelp.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SXS.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.3790.4186 (srv03_sp2_gdr.071108-1306)]
[C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.3790.0 (srv03_rtm.030324-2048)]
[C:\WINDOWS\system32\mshtml.dll] [Microsoft Corporation, 6.00.3790.4186 (srv03_sp2_gdr.071108-1306)]
[C:\WINDOWS\system32\msls31.dll] [Microsoft Corporation, 3.10.349.0]
[C:\Program Files\Thunder Network\WebThunder\XLSafe\SafeInfo.dll] [深圳市迅雷网络技术有限公司, 1, 0, 1, 2]
[C:\Program Files\Thunder Network\WebThunder\XLSafe\RMFScan.dll] [N/A, ]
[C:\WINDOWS\system32\RASAPI32.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\rasman.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\TAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\rtutils.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\Program Files\Thunder Network\WebThunder\XLNet.Dll] [Thunder Networking Technologies,LTD, 1, 3, 4, 18]
[C:\WINDOWS\system32\DB2D9172.dll] [N/A, ]
[C:\WINDOWS\system32\rsaenh.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\D91BC61E.dll] [N/A, ]
[C:\WINDOWS\system32\E4814792.dll] [N/A, ]
[C:\WINDOWS\system32\C250CF20.dll] [N/A, ]
[C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\C56BCC10.dll] [N/A, ]
[C:\WINDOWS\system32\495271CA.dll] [N/A, ]
[C:\WINDOWS\system32\53360697.dll] [N/A, ]
[C:\WINDOWS\system32\9CA963CA.dll] [N/A, ]
[C:\WINDOWS\system32\8566F82E.dll] [N/A, ]
[C:\WINDOWS\system32\3474A8C2.dll] [N/A, ]
[C:\WINDOWS\system32\4EFDDEBE.dll] [N/A, ]
[C:\WINDOWS\system32\4BF9CBA3.dll] [N/A, ]
[C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\WowInitcode.dat] [N/A, ]
[C:\WINDOWS\system32\msimtf.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MSCTF.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\jscript.dll] [Microsoft Corporation, 5.6.0.8832]
[C:\WINDOWS\system32\SETUPAPI.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\mshtmled.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\HBmhly.dll] [N/A, ]
[C:\WINDOWS\system32\HBFY.dll] [N/A, ]
[C:\WINDOWS\system32\HBBO.dll] [N/A, ]
[C:\WINDOWS\system32\HBSOUL.dll] [N/A, ]
[C:\WINDOWS\system32\HBTL.dll] [N/A, ]
[C:\WINDOWS\system32\HBDNF.dll] [N/A, ]
[C:\WINDOWS\system32\HBASKTAO.dll] [N/A, ]
饿的扶墙 - 2008-10-12 18:22:00
[C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx] [Adobe Systems, Inc., 9,0,16,0]
[C:\WINDOWS\system32\wdmaud.drv] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MSACM32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\midimap.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\schannel.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ddrawex.dll] [Microsoft Corporation, 5.3.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\DDRAW.dll] [Microsoft Corporation, 5.3.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\DCIMAN32.dll] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[C:\WINDOWS\system32\actxprxy.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\Program Files\Thunder Network\WebThunder\DownAndPlay\WebDownAndPlay.dll] [ShenZhen Thunder Networking Technologies Ltd., 1, 0, 4, 22]
[C:\Program Files\Thunder Network\WebThunder\XLStatistic\XLStatisticAddin.dll] [深圳市迅雷网络技术有限公司, 1, 4, 1, 5]
[C:\WINDOWS\system32\WINSPOOL.DRV] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ImgUtil.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[PID: 1996 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SHDOCVW.dll] [Microsoft Corporation, 6.00.3790.4186 (srv03_sp2_gdr.071108-1306)]
[C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\CRYPTUI.dll] [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\imagehlp.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.2.3790.3959]
[C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.3790.4184 (srv03_sp2_gdr.071106-1258)]
[C:\WINDOWS\system32\INDICDLL.dll] [Microsoft Corporation, 5.00.2920.0000]
[C:\WINDOWS\system32\xxxyakem.dll] [N/A, ]
[C:\WINDOWS\system32\uvvsijmb.dll] [N/A, ]
[C:\WINDOWS\system32\ddicjfgz.dll] [N/A, ]
[C:\WINDOWS\system32\xqmryeve.dll] [N/A, ]
[C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ntvtckrq.dll] [N/A, ]
[C:\WINDOWS\system32\aldqwhwz.dll] [N/A, ]
[C:\WINDOWS\system32\nlknhmii.dll] [N/A, ]
[C:\WINDOWS\system32\wtxwbiuy.dll] [N/A, ]
[C:\WINDOWS\system32\trgktsxv.dll] [N/A, ]
[C:\WINDOWS\system32\fckskzso.dll] [N/A, ]
[C:\WINDOWS\system32\BROWSEUI.dll] [Microsoft Corporation, 6.00.3790.4186 (srv03_sp2_gdr.071108-1306)]
[C:\WINDOWS\system32\browselc.dll] [Microsoft Corporation, 6.00.3790.0 (srv03_rtm.030324-2048)]
[C:\WINDOWS\system32\apphelp.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\CLBCatQ.DLL] [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4720.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.3790.4186 (srv03_sp2_gdr.071108-1306)]
[C:\WINDOWS\system32\SETUPAPI.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.3790.4186 (srv03_sp2_gdr.071108-1306)]
[C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 75]
[C:\WINDOWS\system32\wsock32.dll] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.3790.0 (srv03_rtm.030324-2048)]
[C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\mlang.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\mswsock.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\mshtml.dll] [Microsoft Corporation, 6.00.3790.4186 (srv03_sp2_gdr.071108-1306)]
[C:\WINDOWS\system32\msls31.dll] [Microsoft Corporation, 3.10.349.0]
[C:\WINDOWS\system32\PSAPI.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SXS.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\DB2D9172.dll] [N/A, ]
[C:\WINDOWS\system32\rsaenh.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\D91BC61E.dll] [N/A, ]
[C:\WINDOWS\system32\E4814792.dll] [N/A, ]
[C:\WINDOWS\system32\C250CF20.dll] [N/A, ]
[C:\WINDOWS\system32\C56BCC10.dll] [N/A, ]
[C:\WINDOWS\system32\495271CA.dll] [N/A, ]
[C:\WINDOWS\system32\53360697.dll] [N/A, ]
[C:\WINDOWS\system32\9CA963CA.dll] [N/A, ]
[C:\WINDOWS\system32\8566F82E.dll] [N/A, ]
[C:\WINDOWS\system32\3474A8C2.dll] [N/A, ]
[C:\WINDOWS\system32\4EFDDEBE.dll] [N/A, ]
[C:\WINDOWS\system32\4BF9CBA3.dll] [N/A, ]
[C:\WINDOWS\system32\msimtf.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MSCTF.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
[C:\WINDOWS\system32\jscript.dll] [Microsoft Corporation, 5.6.0.8832]
[C:\WINDOWS\system32\HBmhly.dll] [N/A, ]
[C:\WINDOWS\system32\HBFY.dll] [N/A, ]
[C:\WINDOWS\system32\HBBO.dll] [N/A, ]
[C:\WINDOWS\system32\HBSOUL.dll] [N/A, ]
[C:\WINDOWS\system32\HBTL.dll] [N/A, ]
[C:\WINDOWS\system32\HBDNF.dll] [N/A, ]
[C:\WINDOWS\system32\HBASKTAO.dll] [N/A, ]
[C:\WINDOWS\system32\iepeers.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WINSPOOL.DRV] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\dxtrans.dll] [Microsoft Corporation, 6.00.3790.4324 (srv03_sp2_gdr.080630-1205)]
[C:\WINDOWS\system32\ATL.DLL] [Microsoft Corporation, 3.05.2283]
[C:\WINDOWS\system32\ddrawex.dll] [Microsoft Corporation, 5.3.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\DDRAW.dll] [Microsoft Corporation, 5.3.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\DCIMAN32.dll] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[C:\WINDOWS\system32\dxtmsft.dll] [Microsoft Corporation, 6.00.3790.4324 (srv03_sp2_gdr.080630-1205)]
[C:\WINDOWS\system32\mshtmled.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\PSTOREC.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\actxprxy.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\RASAPI32.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\rasman.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\TAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\rtutils.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\DNSAPI.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\winrnr.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\rasadhlp.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\inetcpl.cpl] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\inetcplc.dll] [Microsoft Corporation, 6.00.3790.0 (srv03_rtm.030324-2048)]
[C:\WINDOWS\system32\MSRATING.DLL] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\msratelc.dll] [Microsoft Corporation, 6.00.3790.0 (srv03_rtm.030324-2048)]
[C:\WINDOWS\system32\wdmaud.drv] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MSACM32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\midimap.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\IMGUTIL.DLL] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\pngfilt.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx] [Adobe Systems, Inc., 9,0,16,0]
[C:\WINDOWS\system32\comdlg32.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\schannel.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\W03A2409.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[PID: 2936 / Administrator][C:\WINDOWS\sreng2\123.com] [Smallfrogs Studio, 2.6.12.1018]
[C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\user32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)]
[PID: 3280 / Administrator][C:\WINDOWS\sreng2\SRE36a3b920.EXE] [Smallfrogs Studio, 2.6.12.1018]
[C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.2.3790.4033 (srv03_sp2_gdr.070228-0030)]
[C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\comdlg32.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.3790.4184 (srv03_sp2_gdr.071106-1258)]
[C:\WINDOWS\system32\WINSPOOL.DRV] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\oledlg.dll] [Microsoft Corporation, 1.0 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.2.3790.3959]
[C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.3790.4186 (srv03_sp2_gdr.071108-1306)]
[C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0422.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\RICHED20.DLL] [Microsoft Corporation, 5.31.23.1225]
[C:\WINDOWS\system32\NTMARTA.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\INDICDLL.dll] [Microsoft Corporation, 5.00.2920.0000]
[C:\WINDOWS\system32\xxxyakem.dll] [N/A, ]
[C:\WINDOWS\system32\uvvsijmb.dll] [N/A, ]
[C:\WINDOWS\system32\ddicjfgz.dll] [N/A, ]
[C:\WINDOWS\system32\xqmryeve.dll] [N/A, ]
[C:\WINDOWS\system32\ntvtckrq.dll] [N/A, ]
[C:\WINDOWS\system32\aldqwhwz.dll] [N/A, ]
[C:\WINDOWS\system32\nlknhmii.dll] [N/A, ]
[C:\WINDOWS\system32\wtxwbiuy.dll] [N/A, ]
[C:\WINDOWS\system32\trgktsxv.dll] [N/A, ]
[C:\WINDOWS\system32\fckskzso.dll] [N/A, ]
饿的扶墙 - 2008-10-12 18:22:00
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\DB2D9172.dll] [N/A, ]
[C:\WINDOWS\system32\rsaenh.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\PSAPI.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\D91BC61E.dll] [N/A, ]
[C:\WINDOWS\system32\E4814792.dll] [N/A, ]
[C:\WINDOWS\system32\C250CF20.dll] [N/A, ]
[C:\WINDOWS\system32\C56BCC10.dll] [N/A, ]
[C:\WINDOWS\system32\495271CA.dll] [N/A, ]
[C:\WINDOWS\system32\53360697.dll] [N/A, ]
[C:\WINDOWS\system32\9CA963CA.dll] [N/A, ]
[C:\WINDOWS\system32\8566F82E.dll] [N/A, ]
[C:\WINDOWS\system32\3474A8C2.dll] [N/A, ]
[C:\WINDOWS\system32\4EFDDEBE.dll] [N/A, ]
[C:\WINDOWS\system32\4BF9CBA3.dll] [N/A, ]
[C:\WINDOWS\system32\NETAPI32.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\sfc.dll] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[C:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\imagehlp.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\HBmhly.dll] [N/A, ]
[C:\WINDOWS\system32\HBFY.dll] [N/A, ]
[C:\WINDOWS\system32\HBBO.dll] [N/A, ]
[C:\WINDOWS\system32\HBSOUL.dll] [N/A, ]
[C:\WINDOWS\system32\HBTL.dll] [N/A, ]
[C:\WINDOWS\system32\HBDNF.dll] [N/A, ]
[C:\WINDOWS\system32\HBASKTAO.dll] [N/A, ]
[C:\WINDOWS\sreng2\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
[C:\WINDOWS\system32\wsock32.dll] [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[C:\WINDOWS\system32\RASAPI32.DLL] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\rasman.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\TAPI32.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\rtutils.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.3790.4186 (srv03_sp2_gdr.071108-1306)]
[C:\WINDOWS\System32\mswsock.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\DNSAPI.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\winrnr.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\rasadhlp.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\Winsta.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\utildll.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
[C:\WINDOWS\system32\SETUPAPI.dll] [Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)]
==================================
文件关联
.TXT Error. [C:\WINDOWS\notepad.exe %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM Error. ["hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1 localhost
==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 836, C:\PROGRAM FILES\RICHTECH\RTCGOSRV\GSGIOSRV.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 3980, C:\WINDOWS\SYSTEM32\SYSTEM.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 1896, C:\WINDOWS\SYSTEM32\COMBOAUSK.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 1384, C:\PROGRAM FILES\ICAFE8\NBMS\BARSERVERVIEW\BARSERVERVIEW.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 4044, C:\PROGRAM FILES\RICHTECH\RTCGOSRV\MANAGER.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 2936, C:\WINDOWS\SRENG2\123.COM]
==================================
API HOOK
N/A
==================================
隐藏进程
N/A
==================================
[/CODE]
lichun005 - 2008-10-12 19:22:00
楼主应该是中蝗虫军团
建议先升级杀软杀毒,金山有专杀,不知道效果,o(∩_∩)o...
http://bbs.duba.net/thread-21978027-1-1.html也可以按下操作
1.建议使用XDelBox或冰刃删除以下文件:
使用说明:删除时复制所有要删除文件的路径,在待删除文件列表里点击右键选择从剪贴板导入,导入后在要删除文件上点击右键,选择立刻重启删除,电脑会重启进入DOS界面进行删除操作。运行xdelbox前最好卸载所有可移动存储介质(包括U盘,MP3,手机存储卡等)。
c:\windows\system32\comboausk.exe
c:\windows\system32\rpcss.dll
c:\program files\richtech\rtcgosrv\lpk.dll
c:\docume~1\admini~1\locals~1\temp\e_4\iext.fnr
c:\docume~1\admini~1\locals~1\temp\e_4\krnln.fnr
c:\docume~1\admini~1\locals~1\temp\wowinitcode.dat
c:\windows\system32\3474a8c2.dll
c:\windows\system32\495271ca.dll
c:\windows\system32\4bf9cba3.dll
c:\windows\system32\4efddebe.dll
c:\windows\system32\53360697.dll
c:\windows\system32\8566f82e.dll
c:\windows\system32\9ca963ca.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\aldqwhwz.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\c250cf20.dll
c:\windows\system32\c56bcc10.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\d91bc61e.dll
c:\windows\system32\db2d9172.dll
c:\windows\system32\ddicjfgz.dll
c:\windows\system32\e4814792.dll
c:\windows\system32\fckskzso.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\hbasktao.dll
c:\windows\system32\hbbo.dll
c:\windows\system32\hbdnf.dll
c:\windows\system32\hbfy.dll
c:\windows\system32\hbmhly.dll
c:\windows\system32\hbsoul.dll
c:\windows\system32\hbtl.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\imm32.dll
c:\windows\system32\indicdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\nlknhmii.dll
c:\windows\system32\ntdll.dll
c:\windows\system32\ntvtckrq.dll
c:\windows\system32\trgktsxv.dll
c:\windows\system32\uvvsijmb.dll
c:\windows\system32\wtxwbiuy.dll
c:\windows\system32\xqmryeve.dll
c:\windows\system32\xxxyakem.dll
c:\program files\richtech\rtcgosrv\rndinter.dll
db2d9172.dll
d91bc61e.dll
e4814792.dll
c250cf20.dll
c56bcc10.dll
495271ca.dll
53360697.dll
9ca963ca.dll
8566f82e.dll
3474a8c2.dll
4efddebe.dll
4bf9cba3.dll
comboaus.dll svtepps.dll ringtte.dll
system.exe
c:\windows\system32\svchost.exe -k dcomlaunch-->%systemroot%\system32\rpcss.dll
c:\windows\system32\svchost.exe -k rpcss-->%systemroot%\system32\rpcss.dll
c:\windows\system32\c551839.sys
c:\windows\system32\4c70249.sys
c:\windows\system32\c56bcc1.sys
c:\windows\system32\d4f876.sys
c:\windows\system32\8882fa1.sys
c:\windows\system32\drivers\hbkernel32.sys
2.删除重启后使用SREng修复下面各项: 启动项目 -- 注册表之如下项删除:
[xxxyakem.dll] <C:\WINDOWS\system32\xxxyakem.dll>
[uvvsijmb.dll] <C:\WINDOWS\system32\uvvsijmb.dll>
[ddicjfgz.dll] <C:\WINDOWS\system32\ddicjfgz.dll>
[xqmryeve.dll] <C:\WINDOWS\system32\xqmryeve.dll>
[ntvtckrq.dll] <C:\WINDOWS\system32\ntvtckrq.dll>
[aldqwhwz.dll] <C:\WINDOWS\system32\aldqwhwz.dll>
[nlknhmii.dll] <C:\WINDOWS\system32\nlknhmii.dll>
[wtxwbiuy.dll] <C:\WINDOWS\system32\wtxwbiuy.dll>
[trgktsxv.dll] <C:\WINDOWS\system32\trgktsxv.dll>
[fckskzso.dll] <C:\WINDOWS\system32\fckskzso.dll>
[{DB2D9172-BDCF-432E-8AF3-8D2688F850DE}] <DB2D9172.dll>
[{D91BC61E-7D78-4A2A-A336-7B97E8E52F0B}] <D91BC61E.dll>
[{432BDC7C-DE5B-43f4-AA81-E7F8AFB0182D}] <C:\WINDOWS\system32\aldqwhwz.dll>
[{76D44356-B494-443a-BEDC-AA68DE4255E6}] <C:\WINDOWS\system32\nlknhmii.dll>
[{DA56B183-A731-402b-9235-2CB8803E212D}] <C:\WINDOWS\system32\xxxyakem.dll>
[{BA4B5EBD-AB43-4c2b-84F5-F1AD85E79E4A}] <C:\WINDOWS\system32\uvvsijmb.dll>
[{E4814792-EFA3-4C20-93D0-8B130A59F9A8}] <E4814792.dll>
[{4BD36A11-8E6A-47bd-A49E-740D8ACF73A0}] <C:\WINDOWS\system32\ddicjfgz.dll>
[{D3112B69-A745-4805-874E-ABD480EA1299}] <C:\WINDOWS\system32\xqmryeve.dll>
[{C250CF20-5F89-4310-9854-4BC261FB14FB}] <C250CF20.dll>
[{F0930A2F-D971-4828-8209-B7DFD266ED44}] <C:\WINDOWS\system32\ntvtckrq.dll>
[{C56BCC10-503E-43AB-B208-3CD37FCFCE40}] <C56BCC10.dll>
[{D1CC9DC6-F0BC-40fc-9552-E497B05E05B8}] <C:\WINDOWS\system32\wtxwbiuy.dll>
[{495271CA-D0C6-4052-ABE6-5B01C73CDFB0}] <495271CA.dll>
[{53360697-E270-4F80-AD5D-6FB518F03D24}] <53360697.dll>
[{9CA963CA-107C-4089-B0AB-31380F90D7E3}] <9CA963CA.dll>
[{8566F82E-03A4-416E-AEAC-66600D8881F1}] <8566F82E.dll>
[{3474A8C2-BEF9-46C8-983A-A26A0030EC30}] <3474A8C2.dll>
[{4EFDDEBE-303C-4D1A-8C9E-E4F215C43651}] <4EFDDEBE.dll>
[{F0C9FBC2-6FA2-479d-B65D-F9D65C613ECC}] <C:\WINDOWS\system32\trgktsxv.dll>
[{2CB77746-8ECC-40ca-8217-10CA8BE5EFC8}] <C:\WINDOWS\system32\fckskzso.dll>
[{4BF9CBA3-8DEE-41A1-8BDB-FC28D30E949F}] <4BF9CBA3.dll>
注意该项[AppInit_DLLs]修改:把<comboaus.dll svtepps.dll ringtte.dll>修改为<>即清空
[HBService32] <System.exe>
启动项目 -- 服务 -- Win32服务应用程序之如下项禁用:
[DCOM Server Process Launcher / DcomLaunch] <C:\WINDOWS\system32\svchost.exe -k DcomLaunch-->%SystemRoot%\system32\rpcss.dll>
[Remote Procedure Call (RPC) / RpcSs] <C:\WINDOWS\system32\svchost.exe -k rpcss-->%SystemRoot%\system32\rpcss.dll>
启动项目 -- 服务-- 驱动程序之如下项禁用:
[c551839 / c551839] <\??\C:\WINDOWS\system32\c551839.sys>
[4c70249 / 4c70249] <\??\C:\WINDOWS\system32\4c70249.sys>
[c56bcc1 / c56bcc1] <\??\C:\WINDOWS\system32\c56bcc1.sys>
[d4f876 / d4f876] <\??\C:\WINDOWS\system32\d4f876.sys>
[8882fa1 / 8882fa1] <\??\C:\WINDOWS\system32\8882fa1.sys>
[HBKernel32 Driver / HBKernel32] <\SystemRoot\system32\drivers\HBKernel32.sys>
[atpx4896 / atpx4896] <>
**************以上分析报告由SREngLog分析助手提供******************分析:lichun005
楼主是在局域网里???
最后把补丁打好,下次别这样发帖了,最好附件传上,不然没多少人愿意看
宝剑开锋 - 2008-10-12 19:29:00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><comboaus.dll svtepps.dll ringtte.dll> [N/A]
<{4BF9CBA3-8DEE-41A1-8BDB-FC28D30E949F}><4BF9CBA3.dll> []
<{2CB77746-8ECC-40ca-8217-10CA8BE5EFC8}><C:\WINDOWS\system32\fckskzso.dll> []
<{F0C9FBC2-6FA2-479d-B65D-F9D65C613ECC}><C:\WINDOWS\system32\trgktsxv.dll> []
<{4EFDDEBE-303C-4D1A-8C9E-E4F215C43651}><4EFDDEBE.dll> []
<{3474A8C2-BEF9-46C8-983A-A26A0030EC30}><3474A8C2.dll> []
<{8566F82E-03A4-416E-AEAC-66600D8881F1}><8566F82E.dll> []
<{9CA963CA-107C-4089-B0AB-31380F90D7E3}><9CA963CA.dll> []
<{53360697-E270-4F80-AD5D-6FB518F03D24}><53360697.dll> []
<{495271CA-D0C6-4052-ABE6-5B01C73CDFB0}><495271CA.dll> []
<{D1CC9DC6-F0BC-40fc-9552-E497B05E05B8}><C:\WINDOWS\system32\wtxwbiuy.dll> []
<{C56BCC10-503E-43AB-B208-3CD37FCFCE40}><C56BCC10.dll> []
<{F0930A2F-D971-4828-8209-B7DFD266ED44}><C:\WINDOWS\system32\ntvtckrq.dll> []
<{C250CF20-5F89-4310-9854-4BC261FB14FB}><C250CF20.dll> []
<{D3112B69-A745-4805-874E-ABD480EA1299}><C:\WINDOWS\system32\xqmryeve.dll> []
<{4BD36A11-8E6A-47bd-A49E-740D8ACF73A0}><C:\WINDOWS\system32\ddicjfgz.dll> []
<{E4814792-EFA3-4C20-93D0-8B130A59F9A8}><E4814792.dll> []
<{BA4B5EBD-AB43-4c2b-84F5-F1AD85E79E4A}><C:\WINDOWS\system32\uvvsijmb.dll> []
<{DA56B183-A731-402b-9235-2CB8803E212D}><C:\WINDOWS\system32\xxxyakem.dll> []
<{76D44356-B494-443a-BEDC-AA68DE4255E6}><C:\WINDOWS\system32\nlknhmii.dll> []
<{432BDC7C-DE5B-43f4-AA81-E7F8AFB0182D}><C:\WINDOWS\system32\aldqwhwz.dll> []
<{D91BC61E-7D78-4A2A-A336-7B97E8E52F0B}><D91BC61E.dll> []
<{DB2D9172-BDCF-432E-8AF3-8D2688F850DE}><DB2D9172.dll> []
<fckskzso.dll><C:\WINDOWS\system32\fckskzso.dll> []
<trgktsxv.dll><C:\WINDOWS\system32\trgktsxv.dll> []
<wtxwbiuy.dll><C:\WINDOWS\system32\wtxwbiuy.dll> []
<nlknhmii.dll><C:\WINDOWS\system32\nlknhmii.dll> []
<aldqwhwz.dll><C:\WINDOWS\system32\aldqwhwz.dll> []
<ntvtckrq.dll><C:\WINDOWS\system32\ntvtckrq.dll> []
<xqmryeve.dll><C:\WINDOWS\system32\xqmryeve.dll> []
<ddicjfgz.dll><C:\WINDOWS\system32\ddicjfgz.dll> []
<uvvsijmb.dll><C:\WINDOWS\system32\uvvsijmb.dll> []
<xxxyakem.dll><C:\WINDOWS\system32\xxxyakem.dll> []
………………
哗,好多的病毒,我看最好有人能给出一个专杀来杀。
豪斯登堡新郎 - 2008-10-12 19:31:00
1.找到c:\windows\system32\rpcss.dll右键重命名为1.dll,拷贝一份正常的rpcss.dll粘贴到c:\windows\system32\文件夹内;
2.用XDelBox勾选抑制再生后删除以下文件:(
XDelBox1.7支持奥运版下载)
使用说明:删除时复制所有要删除文件的路径,在待删除文件列表里点击右键选择
从剪贴板导入不检查路径,导入后在要删除文件上点击右键,选择立刻重启删除,电脑会重启进入DOS界面进行删除操作。运行xdelbox前最好卸载所有可移动存储介质(包括U盘,MP3,手机存储卡等)。
c:\windows\system32\comboausk.exe
c:\docume~1\admini~1\locals~1\temp\wowinitcode.dat
c:\windows\system32\3474a8c2.dll
c:\windows\system32\495271ca.dll
c:\windows\system32\4bf9cba3.dll
c:\windows\system32\4efddebe.dll
c:\windows\system32\53360697.dll
c:\windows\system32\8566f82e.dll
c:\windows\system32\9ca963ca.dll
c:\windows\system32\aldqwhwz.dll
c:\windows\system32\c250cf20.dll
c:\windows\system32\c56bcc10.dll
c:\windows\system32\d91bc61e.dll
c:\windows\system32\db2d9172.dll
c:\windows\system32\ddicjfgz.dll
c:\windows\system32\e4814792.dll
c:\windows\system32\fckskzso.dll
c:\windows\system32\hbasktao.dll
c:\windows\system32\hbbo.dll
c:\windows\system32\hbdnf.dll
c:\windows\system32\hbfy.dll
c:\windows\system32\hbmhly.dll
c:\windows\system32\hbsoul.dll
c:\windows\system32\nlknhmii.dll
c:\windows\system32\ntvtckrq.dll
c:\windows\system32\sys05015.dll
c:\windows\system32\sys07008.dll
c:\windows\system32\trgktsxv.dll
c:\windows\system32\uvvsijmb.dll
c:\windows\system32\wtxwbiuy.dll
c:\windows\system32\xqmryeve.dll
c:\windows\system32\xxxyakem.dll
c:\windows\system32\internat.exe
c:\windows\system32\hbtl.dll
c:\windows\system32\system.exe
c:\windows\system32\db2d9172.dll
c:\windows\system32\d91bc61e.dll
c:\windows\system32\e4814792.dll
c:\windows\system32\c250cf20.dll
c:\windows\system32\c56bcc10.dll
c:\windows\system32\495271ca.dll
c:\windows\system32\53360697.dll
c:\windows\system32\9ca963ca.dll
c:\windows\system32\8566f82e.dll
c:\windows\system32\3474a8c2.dll
c:\windows\system32\4efddebe.dll
c:\windows\system32\4bf9cba3.dll
c:\windows\system32\comboaus.dll
c:\windows\system32\svtepps.dll
c:\windows\system32\ringtte.dll
c:\windows\system.exe
c:\windows\system32\internat.exe
c:\windows\system32\c551839.sys
c:\windows\system32\4c70249.sys
c:\windows\system32\c56bcc1.sys
c:\windows\system32\d4f876.sys
c:\windows\system32\8882fa1.sys
c:\windows\system32\drivers\hbkernel32.sys
3.删除重启后使用SREng修复下面各项: 启动项目 -- 注册表之如下项删除:
[xxxyakem.dll]
[uvvsijmb.dll]
[ddicjfgz.dll]
[xqmryeve.dll]
[ntvtckrq.dll]
[aldqwhwz.dll]
[nlknhmii.dll]
[wtxwbiuy.dll]
[trgktsxv.dll]
[fckskzso.dll]
[{DB2D9172-BDCF-432E-8AF3-8D2688F850DE}]
[{D91BC61E-7D78-4A2A-A336-7B97E8E52F0B}]
[{432BDC7C-DE5B-43f4-AA81-E7F8AFB0182D}]
[{76D44356-B494-443a-BEDC-AA68DE4255E6}]
[{DA56B183-A731-402b-9235-2CB8803E212D}]
[{BA4B5EBD-AB43-4c2b-84F5-F1AD85E79E4A}]
[{E4814792-EFA3-4C20-93D0-8B130A59F9A8}]
[{4BD36A11-8E6A-47bd-A49E-740D8ACF73A0}]
[{D3112B69-A745-4805-874E-ABD480EA1299}]
[{C250CF20-5F89-4310-9854-4BC261FB14FB}]
[{F0930A2F-D971-4828-8209-B7DFD266ED44}]
[{C56BCC10-503E-43AB-B208-3CD37FCFCE40}]
[{D1CC9DC6-F0BC-40fc-9552-E497B05E05B8}]
[{495271CA-D0C6-4052-ABE6-5B01C73CDFB0}]
[{53360697-E270-4F80-AD5D-6FB518F03D24}]
[{9CA963CA-107C-4089-B0AB-31380F90D7E3}]
[{8566F82E-03A4-416E-AEAC-66600D8881F1}]
[{3474A8C2-BEF9-46C8-983A-A26A0030EC30}]
[{4EFDDEBE-303C-4D1A-8C9E-E4F215C43651}]
[{F0C9FBC2-6FA2-479d-B65D-F9D65C613ECC}]
[{2CB77746-8ECC-40ca-8217-10CA8BE5EFC8}]
[{4BF9CBA3-8DEE-41A1-8BDB-FC28D30E949F}]
注意该项[AppInit_DLLs]修改:把<comboaus.dll svtepps.dll ringtte.dll>修改为<>即清空
[HBService32]
[internat]
启动项目 -- 服务-- 驱动程序之如下项删除:
[c551839 / c551839]
[4c70249 / 4c70249]
[c56bcc1 / c56bcc1]
[d4f876 / d4f876]
[8882fa1 / 8882fa1]
[HBKernel32 Driver / HBKernel32]
[atpx4896 / atpx4896]
[atpx4896 / atpx4896]
做完下载以下软件清理一次并更新杀毒软件至最新进行全盘杀毒一次
清理系统临时文件和IE临时文件夹
http://www.atribune.org/public-beta/ATF-Cleaner.exe 用金山清理专家清理恶意软件
http://www.duba.net/zt/ksc/down.shtml 下载 windows清理助手清理一遍
http://www.arswp.com/download/arswp2/arswp2.zip
宝剑开锋 - 2008-10-12 19:33:00
如果楼主中的是“蝗虫军团”那可就真的不幸了。
“蝗虫军团”是一款恶性木马下载器,该木马一旦执行,会在瞬间下载上百个木马,就象蝗灾来袭时那样铺天盖地。这些木马首次以“集群作战”的方式,从各个途径彻底破坏用户电脑安防体系,同时恶意弹出广告,所过之处可谓满目疮痍。形象一点说,以前的木马都是单打独斗,而“蝗虫军团”则已发展成群殴,甚至是兵团作战。更为可怕的是,该木马群具有“集体复活”的本领,就象“幽灵战士”一样可以死而复活,普通杀软很难根除。
“蝗虫军团”木马下载器具有很强的驱动级自我保护能力,会修改主页,并且通过一些技术来保护主页不被用户或其它软件再次修改,以达到长期占有的目的,还可以让杀毒软件的普通查杀模式全都失效,并且传播途径非常广泛,用户稍有不慎就会中招。而“蝗虫军团”下载的上百个功能各异的子木马分工各异,具有很强的破坏性,其中有的负责强制关闭杀毒软件,有的负责阻拦用户登陆安全厂商的网站,还有的负责在用户电脑上恶意弹出广告……
最为可怕的是,这些子木马具有“集体复活”的超强生命力,在上百个子木马中,只要有一个被杀毒软件漏杀,就能使其他已经被清除的木马快速“复活”,因此普通杀软很难将其一次性斩草除根。凭借这一特性,“蝗虫军团”对用户电脑安防体系构成了巨大的威胁,其破坏性大有赶超“机器狗”和“磁碟机”之势。
天云一剑 - 2008-10-12 22:35:00
C:\windows\system32\rpcss.dll
C:\WINDOWS\system32\npkcrypt.sys
System.exe 这几个文件请您打包上传一下
VNC如果不是你自己装的也禁用
服务里
[VNC 服务器版本 4 / WinVNC4][Running/Auto Start]
<"C:\Program Files\RealVNC\WinVNC4.exe" -service><RealVNC Ltd.>
1
© 2000 - 2026 Rising Corp. Ltd.