不言大哥，电脑又中毒了trojan.spy.small.l和trojan.clicker.small.lw

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛不言大哥，电脑又中毒了trojan.spy.small.l和trojan.clicker.small.lw

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1 / 2 页

跳转页

不言大哥，电脑又中毒了trojan.spy.small.l和trojan.clicker.small.lw

我的眼泪你无所谓拙长孩提狮帖子:48 注册: 2004-11-26 来自:	发表于： 2006-04-15 08:09 \| 只看楼主短消息资料字号：小中大 1楼不言大哥，电脑又中毒了trojan.spy.small.l和trojan.clicker.small.lw 一个在D：\WINDOWS\SYSTEM32和D:\DOCUMENT and setting\a.xr-esei506ixxwj\LOCAL SETTING\TEMP.好像还有黄色页面出来,可我没去过什么黄色网站啊.用瑞星最新版本杀了,在安全模式下也杀过了,系统还原也关闭了,但是重启后还是有 System Information Collect Tool - Designed By Smallfrogs 20060415-07:56 Windows XP Internet Explorer: 6.0.2600.0000 *************************************************************** Runing Processes information *************************************************************** ===================================================== PROCESS NAME: System ----------------------------------------------------- Process ID = 0x00000004 Thread count= 42 Parent process ID = 0 Priority Class = 32 Modules: ------------------------------------ ===================================================== PROCESS NAME: smss.exe ----------------------------------------------------- Process ID = 0x000001bc Thread count= 3 Parent process ID = 4 Priority Class = 32 Modules: ------------------------------------ \SystemRoot\System32\smss.exe (0x48580000) D:\WINDOWS\System32\ntdll.dll (0x77F50000) ===================================================== PROCESS NAME: csrss.exe ----------------------------------------------------- Process ID = 0x000001ec Thread count= 10 Parent process ID = 444 Priority Class = 32 Modules: ------------------------------------ \??\D:\WINDOWS\system32\csrss.exe (0x4A680000) D:\WINDOWS\System32\ntdll.dll (0x77F50000) D:\WINDOWS\system32\CSRSRV.dll (0x75AA0000) D:\WINDOWS\system32\basesrv.dll (0x75AB0000) D:\WINDOWS\system32\winsrv.dll (0x75AC0000) D:\WINDOWS\system32\USER32.dll (0x77D10000) D:\WINDOWS\system32\KERNEL32.dll (0x77E40000) D:\WINDOWS\system32\GDI32.dll (0x77C40000) D:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000) D:\WINDOWS\system32\RPCRT4.dll (0x78000000) D:\WINDOWS\system32\LPK.DLL (0x62C20000) D:\WINDOWS\system32\USP10.dll (0x72F10000) D:\WINDOWS\System32\sxs.dll (0x75E00000) ===================================================== PROCESS NAME: winlogon.exe ----------------------------------------------------- Process ID = 0x00000204 Thread count= 16 Parent process ID = 444 Priority Class = 128 Modules: ------------------------------------ \??\D:\WINDOWS\system32\winlogon.exe (0x01000000) D:\WINDOWS\System32\ntdll.dll (0x77F50000) D:\WINDOWS\system32\kernel32.dll (0x77E40000) D:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000) D:\WINDOWS\system32\RPCRT4.dll (0x78000000) D:\WINDOWS\system32\AUTHZ.dll (0x76C90000) D:\WINDOWS\system32\msvcrt.dll (0x77BE0000) D:\WINDOWS\system32\CRYPT32.dll (0x76230000) D:\WINDOWS\system32\USER32.dll (0x77D10000) D:\WINDOWS\system32\GDI32.dll (0x77C40000) D:\WINDOWS\system32\MSASN1.dll (0x76210000) D:\WINDOWS\system32\NDdeApi.dll (0x758A0000) D:\WINDOWS\system32\PROFMAP.dll (0x75890000) D:\WINDOWS\system32\NETAPI32.dll (0x71BA0000) D:\WINDOWS\system32\USERENV.dll (0x759D0000) D:\WINDOWS\system32\PSAPI.DLL (0x76BC0000) D:\WINDOWS\system32\REGAPI.dll (0x76B90000) D:\WINDOWS\system32\Secur32.dll (0x76F60000) D:\WINDOWS\system32\SETUPAPI.dll (0x765E0000) D:\WINDOWS\system32\sfc_os.dll (0x76C30000) D:\WINDOWS\system32\WINTRUST.dll (0x76C00000) D:\WINDOWS\system32\ole32.dll (0x77180000) D:\WINDOWS\system32\IMAGEHLP.dll (0x76C60000) D:\WINDOWS\system32\VERSION.dll (0x77BD0000) D:\WINDOWS\system32\WINSTA.dll (0x762D0000) D:\WINDOWS\system32\WS2_32.dll (0x71A20000) D:\WINDOWS\system32\WS2HELP.dll (0x71A10000) D:\WINDOWS\System32\IMM32.DLL (0x76300000) D:\WINDOWS\system32\LPK.DLL (0x62C20000) D:\WINDOWS\system32\USP10.dll (0x72F10000) D:\WINDOWS\system32\MSGINA.dll (0x758D0000) D:\WINDOWS\system32\SHELL32.dll (0x773A0000) D:\WINDOWS\system32\SHLWAPI.dll (0x772A0000) D:\WINDOWS\system32\COMCTL32.dll (0x77310000) D:\WINDOWS\system32\ODBC32.dll (0x1F7B0000) D:\WINDOWS\system32\comdlg32.dll (0x76320000) D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll (0x00A50000) D:\WINDOWS\system32\odbcint.dll (0x1F850000) D:\WINDOWS\system32\SHSVCS.dll (0x76BA0000) D:\WINDOWS\system32\sfc.dll (0x76B80000) D:\WINDOWS\system32\WINSCARD.DLL (0x72360000) D:\WINDOWS\system32\WTSAPI32.dll (0x76F20000) D:\WINDOWS\System32\rsaenh.dll (0x0FFD0000) D:\WINDOWS\system32\sxs.dll (0x75E00000) D:\WINDOWS\system32\wldap32.dll (0x76F30000) D:\WINDOWS\system32\WINMM.dll (0x76B10000) D:\WINDOWS\system32\UxTheme.dll (0x5ADC0000) D:\WINDOWS\system32\SAMLIB.dll (0x71B70000) D:\WINDOWS\system32\mpr.dll (0x71A90000) D:\WINDOWS\system32\NTMARTA.DLL (0x76CB0000) ===================================================== PROCESS NAME: services.exe ----------------------------------------------------- Process ID = 0x00000230 Thread count= 9 Parent process ID = 516 Priority Class = 32 Modules: ------------------------------------ D:\WINDOWS\system32\services.exe (0x01000000) D:\WINDOWS\System32\ntdll.dll (0x77F50000) D:\WINDOWS\system32\kernel32.dll (0x77E40000) D:\WINDOWS\system32\msvcrt.dll (0x77BE0000) D:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000) D:\WINDOWS\system32\RPCRT4.dll (0x78000000) D:\WINDOWS\system32\USER32.dll (0x77D10000) D:\WINDOWS\system32\GDI32.dll (0x77C40000) D:\WINDOWS\system32\USERENV.dll (0x759D0000) D:\WINDOWS\system32\SCESRV.dll (0x75840000) D:\WINDOWS\system32\AUTHZ.dll (0x76C90000) D:\WINDOWS\system32\umpnpmgr.dll (0x75820000) D:\WINDOWS\system32\WINSTA.dll (0x762D0000) D:\WINDOWS\system32\NCObjAPI.DLL (0x5F9A0000) D:\WINDOWS\System32\IMM32.DLL (0x76300000) D:\WINDOWS\system32\LPK.DLL (0x62C20000) D:\WINDOWS\system32\USP10.dll (0x72F10000) D:\WINDOWS\system32\secur32.dll (0x76F60000) ===================================================== PROCESS NAME: lsass.exe ----------------------------------------------------- Process ID = 0x0000023c Thread count= 14 Parent process ID = 516 Priority Class = 32 Modules: ------------------------------------ D:\WINDOWS\system32\lsass.exe (0x01000000) D:\WINDOWS\System32\ntdll.dll (0x77F50000) D:\WINDOWS\system32\kernel32.dll (0x77E40000) D:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000) D:\WINDOWS\system32\RPCRT4.dll (0x78000000) D:\WINDOWS\system32\LSASRV.dll (0x74480000) D:\WINDOWS\system32\msvcrt.dll (0x77BE0000) D:\WINDOWS\system32\Secur32.dll (0x76F60000) D:\WINDOWS\system32\USER32.dll (0x77D10000) D:\WINDOWS\system32\GDI32.dll (0x77C40000) D:\WINDOWS\system32\SAMSRV.dll (0x743A0000) D:\WINDOWS\system32\cryptdll.dll (0x76760000) D:\WINDOWS\system32\DNSAPI.dll (0x76EF0000) D:\WINDOWS\system32\WS2_32.dll (0x71A20000) D:\WINDOWS\system32\WS2HELP.dll (0x71A10000) D:\WINDOWS\system32\MSASN1.dll (0x76210000) D:\WINDOWS\system32\NETAPI32.dll (0x71BA0000) D:\WINDOWS\system32\SAMLIB.dll (0x71B70000) D:\WINDOWS\system32\MPR.dll (0x71A90000) D:\WINDOWS\system32\NTDSAPI.dll (0x76770000) D:\WINDOWS\system32\WLDAP32.dll (0x76F30000) D:\WINDOWS\System32\IMM32.DLL (0x76300000) D:\WINDOWS\system32\LPK.DLL (0x62C20000) D:\WINDOWS\system32\USP10.dll (0x72F10000) D:\WINDOWS\system32\msprivs.dll (0x74310000) D:\WINDOWS\system32\kerberos.dll (0x71C70000) D:\WINDOWS\system32\msv1_0.dll (0x76CE0000) D:\WINDOWS\system32\netlogon.dll (0x74410000) D:\WINDOWS\system32\w32time.dll (0x76790000) D:\WINDOWS\system32\MSVCP60.dll (0x75FF0000) D:\WINDOWS\system32\iphlpapi.dll (0x76D30000) D:\WINDOWS\system32\netman.dll (0x76DB0000) D:\WINDOWS\system32\MPRAPI.dll (0x76D10000) D:\WINDOWS\system32\ACTIVEDS.dll (0x76E10000) D:\WINDOWS\system32\adsldpc.dll (0x76DE0000) D:\WINDOWS\system32\ATL.DLL (0x76AF0000) D:\WINDOWS\system32\ole32.dll (0x77180000) D:\WINDOWS\system32\OLEAUT32.dll (0x770F0000) D:\WINDOWS\system32\rtutils.dll (0x76E50000) D:\WINDOWS\system32\SETUPAPI.dll (0x765E0000) D:\WINDOWS\system32\RASAPI32.dll (0x76EB0000) D:\WINDOWS\system32\rasman.dll (0x76E60000) D:\WINDOWS\system32\TAPI32.dll (0x76E80000) D:\WINDOWS\system32\SHLWAPI.dll (0x772A0000) D:\WINDOWS\system32\WINMM.dll (0x76B10000) D:\WINDOWS\system32\SHELL32.dll (0x773A0000) D:\WINDOWS\system32\WZCSvc.DLL (0x76D70000) D:\WINDOWS\system32\WMI.dll (0x76D00000) D:\WINDOWS\system32\DHCPCSVC.DLL (0x76D50000) D:\WINDOWS\system32\CRYPT32.dll (0x76230000) D:\WINDOWS\system32\WTSAPI32.dll (0x76F20000) D:\WINDOWS\system32\WINSTA.dll (0x762D0000) D:\WINDOWS\system32\USERENV.dll (0x759D0000) D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll (0x00940000) D:\WINDOWS\system32\comctl32.dll (0x77310000) D:\WINDOWS\system32\schannel.dll (0x767C0000) D:\WINDOWS\system32\wdigest.dll (0x742E0000) D:\WINDOWS\System32\rsaenh.dll (0x0FFD0000) D:\WINDOWS\system32\scecli.dll (0x74370000) 2006-04-15 11:05:14
我的眼泪你无所谓拙长孩提狮帖子:48 注册: 2004-11-26 来自:	分享到：

我的眼泪你无所谓拙长孩提狮帖子:48 注册: 2004-11-26 来自:	发表于： 2006-04-15 08:14 \| 只看楼主短消息资料字号：小中大 2楼 ===================================================== PROCESS NAME: SVCHOST.EXE ----------------------------------------------------- Process ID = 0x000002e4 Thread count= 8 Parent process ID = 560 Priority Class = 32 Modules: ------------------------------------ D:\WINDOWS\system32\svchost.exe (0x01000000) D:\WINDOWS\System32\ntdll.dll (0x77F50000) D:\WINDOWS\system32\kernel32.dll (0x77E40000) D:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000) D:\WINDOWS\system32\RPCRT4.dll (0x78000000) d:\windows\system32\rpcss.dll (0x757B0000) D:\WINDOWS\system32\msvcrt.dll (0x77BE0000) d:\windows\system32\WS2_32.dll (0x71A20000) d:\windows\system32\WS2HELP.dll (0x71A10000) D:\WINDOWS\system32\USER32.dll (0x77D10000) D:\WINDOWS\system32\GDI32.dll (0x77C40000) d:\windows\system32\Secur32.dll (0x76F60000) D:\WINDOWS\System32\IMM32.DLL (0x76300000) D:\WINDOWS\system32\LPK.DLL (0x62C20000) D:\WINDOWS\system32\USP10.dll (0x72F10000) D:\WINDOWS\system32\userenv.dll (0x759D0000) D:\WINDOWS\system32\mswsock.dll (0x719C0000) D:\WINDOWS\System32\wshtcpip.dll (0x71A00000) D:\WINDOWS\system32\DNSAPI.dll (0x76EF0000) D:\WINDOWS\system32\iphlpapi.dll (0x76D30000) D:\WINDOWS\system32\netman.dll (0x76DB0000) D:\WINDOWS\system32\MPRAPI.dll (0x76D10000) D:\WINDOWS\system32\ACTIVEDS.dll (0x76E10000) D:\WINDOWS\system32\adsldpc.dll (0x76DE0000) D:\WINDOWS\system32\NETAPI32.dll (0x71BA0000) D:\WINDOWS\system32\WLDAP32.dll (0x76F30000) D:\WINDOWS\system32\ATL.DLL (0x76AF0000) D:\WINDOWS\system32\ole32.dll (0x77180000) D:\WINDOWS\system32\OLEAUT32.dll (0x770F0000) D:\WINDOWS\system32\rtutils.dll (0x76E50000) D:\WINDOWS\system32\SAMLIB.dll (0x71B70000) D:\WINDOWS\system32\SETUPAPI.dll (0x765E0000) D:\WINDOWS\system32\RASAPI32.dll (0x76EB0000) D:\WINDOWS\system32\rasman.dll (0x76E60000) D:\WINDOWS\system32\TAPI32.dll (0x76E80000) D:\WINDOWS\system32\SHLWAPI.dll (0x772A0000) D:\WINDOWS\system32\WINMM.dll (0x76B10000) D:\WINDOWS\system32\SHELL32.dll (0x773A0000) D:\WINDOWS\system32\WZCSvc.DLL (0x76D70000) D:\WINDOWS\system32\WMI.dll (0x76D00000) D:\WINDOWS\system32\DHCPCSVC.DLL (0x76D50000) D:\WINDOWS\system32\CRYPT32.dll (0x76230000) D:\WINDOWS\system32\MSASN1.dll (0x76210000) D:\WINDOWS\system32\WTSAPI32.dll (0x76F20000) D:\WINDOWS\system32\WINSTA.dll (0x762D0000) D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll (0x00760000) D:\WINDOWS\system32\comctl32.dll (0x77310000) D:\WINDOWS\System32\winrnr.dll (0x76F80000) D:\WINDOWS\system32\rasadhlp.dll (0x76F90000) D:\WINDOWS\system32\CLBCATQ.DLL (0x76FA0000) D:\WINDOWS\system32\COMRes.dll (0x77020000) D:\WINDOWS\system32\VERSION.dll (0x77BD0000) ===================================================== PROCESS NAME: CCenter.exe ----------------------------------------------------- Process ID = 0x00000328 Thread count= 3 Parent process ID = 560 Priority Class = 32 Modules: ------------------------------------ D:\Program Files\Rising\Rav\CCenter.exe (0x00400000) D:\WINDOWS\System32\ntdll.dll (0x77F50000) D:\WINDOWS\system32\kernel32.dll (0x77E40000) D:\WINDOWS\system32\USER32.dll (0x77D10000) D:\WINDOWS\system32\GDI32.dll (0x77C40000) D:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000) D:\WINDOWS\system32\RPCRT4.dll (0x78000000) D:\WINDOWS\System32\IMM32.DLL (0x76300000) D:\WINDOWS\system32\LPK.DLL (0x62C20000) D:\WINDOWS\system32\USP10.dll (0x72F10000) ===================================================== PROCESS NAME: RavMonD.exe ----------------------------------------------------- Process ID = 0x00000338 Thread count= 16 Parent process ID = 560 Priority Class = 32 Modules: ------------------------------------ D:\Program Files\Rising\Rav\Ravmond.exe (0x00400000) D:\WINDOWS\System32\ntdll.dll (0x77F50000) D:\WINDOWS\system32\kernel32.dll (0x77E40000) D:\Program Files\Rising\Rav\BWList.dll (0x10000000) D:\WINDOWS\system32\MFC42.DLL (0x73D30000) D:\WINDOWS\system32\MSVCRT.dll (0x77BE0000) D:\WINDOWS\system32\GDI32.dll (0x77C40000) D:\WINDOWS\system32\USER32.dll (0x77D10000) D:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000) D:\WINDOWS\system32\RPCRT4.dll (0x78000000) D:\WINDOWS\system32\SHELL32.dll (0x773A0000) D:\WINDOWS\system32\SHLWAPI.dll (0x772A0000) D:\WINDOWS\system32\MSVCP60.dll (0x75FF0000) D:\WINDOWS\system32\WSOCK32.dll (0x71A40000) D:\WINDOWS\system32\WS2_32.dll (0x71A20000) D:\WINDOWS\system32\WS2HELP.dll (0x71A10000) D:\WINDOWS\system32\OLEAUT32.dll (0x770F0000) D:\WINDOWS\system32\OLE32.DLL (0x77180000) D:\WINDOWS\system32\VERSION.dll (0x77BD0000) D:\WINDOWS\System32\IMM32.DLL (0x76300000) D:\WINDOWS\system32\LPK.DLL (0x62C20000) D:\WINDOWS\system32\USP10.dll (0x72F10000) D:\WINDOWS\System32\MFC42LOC.DLL (0x61BE0000) D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll (0x00720000) D:\WINDOWS\system32\comctl32.dll (0x77310000) D:\Program Files\Rising\Rav\RsCommX.dll (0x00810000) D:\Program Files\Rising\Rav\RSAPPMGR.DLL (0x00C30000) D:\Program Files\Rising\Rav\CfgDll.dll (0x08D50000) D:\Program Files\Rising\Rav\RSCOMMON.DLL (0x23700000) D:\Program Files\Rising\Rav\RsLog.dll (0x08FE0000) D:\Program Files\Rising\Rav\HOOKSYS.dll (0x08FF0000) D:\Program Files\Rising\Rav\Scanner.dll (0x09120000) D:\Program Files\Rising\Rav\libload.dll (0x13100000) D:\Program Files\Rising\Rav\VirusLib.dll (0x09280000) D:\Program Files\Rising\Rav\regmon.dll (0x093C0000) D:\Program Files\Rising\Rav\psapi.dll (0x731B0000) D:\WINDOWS\system32\IMAGEHLP.dll (0x76C60000) D:\Program Files\Rising\Rav\HookWeb.dll (0x09650000) D:\Program Files\Rising\Rav\MemMon.dll (0x09670000) D:\Program Files\Rising\Rav\expscan.dll (0x096A0000) D:\Program Files\Rising\Rav\mPorts.dll (0x096C0000) D:\WINDOWS\system32\iphlpapi.dll (0x76D30000) D:\WINDOWS\system32\netman.dll (0x76DB0000) D:\WINDOWS\system32\MPRAPI.dll (0x76D10000) D:\WINDOWS\system32\ACTIVEDS.dll (0x76E10000) D:\WINDOWS\system32\adsldpc.dll (0x76DE0000) D:\WINDOWS\system32\NETAPI32.dll (0x71BA0000) D:\WINDOWS\system32\WLDAP32.dll (0x76F30000) D:\WINDOWS\system32\ATL.DLL (0x76AF0000) D:\WINDOWS\system32\rtutils.dll (0x76E50000) D:\WINDOWS\system32\SAMLIB.dll (0x71B70000) D:\WINDOWS\system32\SETUPAPI.dll (0x765E0000) D:\WINDOWS\system32\RASAPI32.dll (0x76EB0000) D:\WINDOWS\system32\rasman.dll (0x76E60000) D:\WINDOWS\system32\TAPI32.dll (0x76E80000) D:\WINDOWS\system32\WINMM.dll (0x76B10000) D:\WINDOWS\system32\Secur32.dll (0x76F60000) D:\WINDOWS\system32\WZCSvc.DLL (0x76D70000) D:\WINDOWS\system32\WMI.dll (0x76D00000) D:\WINDOWS\system32\DHCPCSVC.DLL (0x76D50000) D:\WINDOWS\system32\DNSAPI.dll (0x76EF0000) D:\WINDOWS\system32\CRYPT32.dll (0x76230000) D:\WINDOWS\system32\MSASN1.dll (0x76210000) D:\WINDOWS\system32\WTSAPI32.dll (0x76F20000) D:\WINDOWS\system32\WINSTA.dll (0x762D0000) D:\Program Files\Rising\Rav\MailMon.dll (0x09810000) D:\Program Files\Rising\Rav\SpamEng.dll (0x09950000) D:\Program Files\Rising\Rav\engine.dll (0x13A80000) D:\WINDOWS\system32\mswsock.dll (0x719C0000) D:\WINDOWS\System32\wshtcpip.dll (0x71A00000) D:\WINDOWS\system32\perfproc.dll (0x5E8E0000) ===================================================== PROCESS NAME: SVCHOST.EXE ----------------------------------------------------- Process ID = 0x00000368 Thread count= 6 Parent process ID = 560 Priority Class = 32 Modules: ------------------------------------ D:\WINDOWS\System32\svchost.exe (0x01000000) D:\WINDOWS\System32\ntdll.dll (0x77F50000) D:\WINDOWS\system32\kernel32.dll (0x77E40000) D:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000) D:\WINDOWS\system32\RPCRT4.dll (0x78000000) D:\WINDOWS\system32\ole32.dll (0x77180000) D:\WINDOWS\system32\GDI32.dll (0x77C40000) D:\WINDOWS\system32\USER32.dll (0x77D10000) D:\WINDOWS\System32\IMM32.DLL (0x76300000) D:\WINDOWS\System32\LPK.DLL (0x62C20000) D:\WINDOWS\System32\USP10.dll (0x72F10000) d:\windows\pchealth\helpctr\binaries\pchsvc.dll (0x74EA0000) D:\WINDOWS\system32\msvcrt.dll (0x77BE0000) D:\WINDOWS\system32\OLEAUT32.dll (0x770F0000) D:\WINDOWS\system32\WINSTA.dll (0x762D0000) D:\WINDOWS\System32\CLBCATQ.DLL (0x76FA0000) D:\WINDOWS\System32\COMRes.dll (0x77020000) D:\WINDOWS\system32\VERSION.dll (0x77BD0000) D:\WINDOWS\System32\SXS.DLL (0x75E00000) ===================================================== PROCESS NAME: explorer.exe ----------------------------------------------------- Process ID = 0x0000042c Thread count= 13 Parent process ID = 1060 Priority Class = 32
我的眼泪你无所谓拙长孩提狮帖子:48 注册: 2004-11-26 来自:

我的眼泪你无所谓拙长孩提狮帖子:48 注册: 2004-11-26 来自:	发表于： 2006-04-15 08:15 \| 只看楼主短消息资料字号：小中大 3楼 Modules: ------------------------------------ D:\WINDOWS\explorer.exe (0x01000000) D:\WINDOWS\System32\ntdll.dll (0x77F50000) D:\WINDOWS\system32\kernel32.dll (0x77E40000) D:\WINDOWS\system32\msvcrt.dll (0x77BE0000) D:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000) D:\WINDOWS\system32\RPCRT4.dll (0x78000000) D:\WINDOWS\system32\GDI32.dll (0x77C40000) D:\WINDOWS\system32\USER32.dll (0x77D10000) D:\WINDOWS\system32\SHLWAPI.dll (0x772A0000) D:\WINDOWS\system32\SHELL32.dll (0x773A0000) D:\WINDOWS\system32\ole32.dll (0x77180000) D:\WINDOWS\system32\OLEAUT32.dll (0x770F0000) D:\WINDOWS\System32\BROWSEUI.dll (0x75EF0000) D:\WINDOWS\System32\SHDOCVW.dll (0x76990000) D:\WINDOWS\System32\UxTheme.dll (0x5ADC0000) D:\WINDOWS\System32\IMM32.DLL (0x76300000) D:\WINDOWS\System32\LPK.DLL (0x62C20000) D:\WINDOWS\System32\USP10.dll (0x72F10000) D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll (0x71950000) D:\WINDOWS\system32\comctl32.dll (0x77310000) D:\WINDOWS\system32\appHelp.dll (0x75EB0000) D:\WINDOWS\System32\CLBCATQ.DLL (0x76FA0000) D:\WINDOWS\System32\COMRes.dll (0x77020000) D:\WINDOWS\system32\VERSION.dll (0x77BD0000) D:\WINDOWS\System32\cscui.dll (0x76590000) D:\WINDOWS\System32\CSCDLL.dll (0x76570000) D:\WINDOWS\System32\themeui.dll (0x5B680000) D:\WINDOWS\System32\Secur32.dll (0x76F60000) D:\WINDOWS\System32\MSIMG32.dll (0x762F0000) D:\WINDOWS\System32\netapi32.dll (0x71BA0000) D:\WINDOWS\downlo~1\CnsHook.dll (0x37260000) D:\WINDOWS\System32\WSOCK32.dll (0x71A40000) D:\WINDOWS\System32\WS2_32.dll (0x00930000) D:\WINDOWS\System32\WS2HELP.dll (0x00D30000) D:\WINDOWS\System32\SETUPAPI.dll (0x765E0000) D:\WINDOWS\system32\urlmon.dll (0x76060000) D:\WINDOWS\system32\USERENV.dll (0x759D0000) D:\WINDOWS\downlo~1\CnsMin.dll (0x00DB0000) D:\WINDOWS\system32\imagehlp.dll (0x76C60000) D:\WINDOWS\System32\Cabinet.dll (0x750B0000) D:\WINDOWS\System32\ntshrui.dll (0x76960000) D:\WINDOWS\System32\ATL.DLL (0x76AF0000) D:\WINDOWS\System32\msi.dll (0x76370000) D:\WINDOWS\System32\LINKINFO.dll (0x76950000) D:\WINDOWS\System32\WINSTA.dll (0x762D0000) D:\WINDOWS\System32\webcheck.dll (0x74A90000) D:\WINDOWS\System32\stobject.dll (0x74A60000) D:\WINDOWS\System32\BatMeter.dll (0x74A50000) D:\WINDOWS\System32\POWRPROF.dll (0x74A30000) D:\WINDOWS\System32\WTSAPI32.dll (0x76F20000) D:\WINDOWS\System32\WINMM.dll (0x76B10000) D:\WINDOWS\system32\NETSHELL.dll (0x75C60000) D:\WINDOWS\system32\credui.dll (0x76BD0000) D:\WINDOWS\system32\iphlpapi.dll (0x76D30000) D:\WINDOWS\system32\netman.dll (0x76DB0000) D:\WINDOWS\system32\MPRAPI.dll (0x76D10000) D:\WINDOWS\system32\ACTIVEDS.dll (0x76E10000) D:\WINDOWS\system32\adsldpc.dll (0x76DE0000) D:\WINDOWS\system32\WLDAP32.dll (0x76F30000) D:\WINDOWS\system32\rtutils.dll (0x76E50000) D:\WINDOWS\system32\SAMLIB.dll (0x71B70000) D:\WINDOWS\system32\RASAPI32.dll (0x76EB0000) D:\WINDOWS\system32\rasman.dll (0x76E60000) D:\WINDOWS\system32\TAPI32.dll (0x76E80000) D:\WINDOWS\system32\WZCSvc.DLL (0x76D70000) D:\WINDOWS\system32\WMI.dll (0x76D00000) D:\WINDOWS\system32\DHCPCSVC.DLL (0x76D50000) D:\WINDOWS\system32\DNSAPI.dll (0x76EF0000) D:\WINDOWS\system32\CRYPT32.dll (0x76230000) D:\WINDOWS\system32\MSASN1.dll (0x76210000) D:\WINDOWS\System32\printui.dll (0x74AE0000) D:\WINDOWS\System32\WINSPOOL.DRV (0x72F70000) D:\WINDOWS\System32\CFGMGR32.dll (0x74A40000) D:\WINDOWS\system32\MPR.dll (0x71A90000) D:\WINDOWS\System32\drprov.dll (0x75ED0000) D:\WINDOWS\System32\ntlanman.dll (0x71B90000) D:\WINDOWS\System32\NETUI0.dll (0x71C50000) D:\WINDOWS\System32\NETUI1.dll (0x71C10000) D:\WINDOWS\System32\NETRAP.dll (0x71C00000) D:\WINDOWS\System32\davclnt.dll (0x75EE0000) D:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll (0x10000000) D:\Program Files\WinRAR\rarext.dll (0x016D0000) D:\PROGRA~1\3721\ske\contmenu.dll (0x01700000) D:\WINDOWS\system32\RavExt.dll (0x01CA0000) D:\WINDOWS\System32\SXS.DLL (0x75E00000) D:\WINDOWS\System32\shdoclc.dll (0x760E0000) D:\WINDOWS\system32\WININET.dll (0x76170000) D:\WINDOWS\System32\browselc.dll (0x723C0000) D:\WINDOWS\System32\DUSER.dll (0x6C520000) D:\WINDOWS\System32\MSGINA.dll (0x758D0000) D:\WINDOWS\System32\ODBC32.dll (0x1F7B0000) D:\WINDOWS\system32\comdlg32.dll (0x76320000) D:\WINDOWS\System32\odbcint.dll (0x1F850000) D:\Program Files\Microsoft Office\Office10\msohev.dll (0x32520000) D:\WINDOWS\System32\mydocs.dll (0x723A0000) D:\WINDOWS\System32\zipfldr.dll (0x732F0000) D:\WINDOWS\System32\actxprxy.dll (0x71CC0000) ===================================================== PROCESS NAME: Rundll32.exe ----------------------------------------------------- Process ID = 0x00000440 Thread count= 4 Parent process ID = 1068 Priority Class = 32 Modules: ------------------------------------ D:\WINDOWS\System32\Rundll32.exe (0x01000000) D:\WINDOWS\System32\ntdll.dll (0x77F50000) D:\WINDOWS\system32\kernel32.dll (0x77E40000) D:\WINDOWS\system32\msvcrt.dll (0x77BE0000) D:\WINDOWS\system32\GDI32.dll (0x77C40000) D:\WINDOWS\system32\USER32.dll (0x77D10000) D:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000) D:\WINDOWS\system32\RPCRT4.dll (0x78000000) D:\WINDOWS\system32\IMAGEHLP.dll (0x76C60000) D:\WINDOWS\System32\IMM32.DLL (0x76300000) D:\WINDOWS\System32\LPK.DLL (0x62C20000) D:\WINDOWS\System32\USP10.dll (0x72F10000) D:\WINDOWS\downlo~1\CnsMin.dll (0x37210000) D:\WINDOWS\system32\SHLWAPI.dll (0x772A0000) D:\WINDOWS\System32\NETAPI32.dll (0x71BA0000) D:\WINDOWS\system32\VERSION.dll (0x77BD0000) D:\WINDOWS\System32\NTMARTA.DLL (0x76CB0000) D:\WINDOWS\system32\WLDAP32.dll (0x76F30000) D:\WINDOWS\system32\ole32.dll (0x77180000) D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll (0x71950000) D:\WINDOWS\downlo~1\CnsMinIO.dll (0x00920000) D:\WINDOWS\downlo~1\cnsio.dll (0x00970000) D:\WINDOWS\system32\COMCTL32.dll (0x77310000) D:\WINDOWS\downlo~1\CnsMinEx.dll (0x00A50000) D:\WINDOWS\system32\urlmon.dll (0x76060000) D:\WINDOWS\System32\SETUPAPI.dll (0x765E0000) D:\WINDOWS\System32\mlang.dll (0x746D0000) D:\WINDOWS\system32\WININET.dll (0x76170000) D:\WINDOWS\system32\CRYPT32.dll (0x76230000) D:\WINDOWS\system32\MSASN1.dll (0x76210000) D:\WINDOWS\system32\OLEAUT32.dll (0x770F0000) D:\WINDOWS\System32\Secur32.dll (0x76F60000) D:\WINDOWS\system32\shell32.dll (0x773A0000) D:\WINDOWS\System32\wsock32.dll (0x71A40000) D:\WINDOWS\System32\WS2_32.dll (0x00C40000) D:\WINDOWS\System32\WS2HELP.dll (0x00AD0000) D:\WINDOWS\system32\mswsock.dll (0x00CA0000) D:\WINDOWS\System32\wshtcpip.dll (0x00D20000) D:\WINDOWS\System32\RASAPI32.DLL (0x76EB0000) D:\WINDOWS\System32\rasman.dll (0x76E60000) D:\WINDOWS\System32\TAPI32.dll (0x76E80000) D:\WINDOWS\System32\rtutils.dll (0x76E50000) D:\WINDOWS\System32\WINMM.dll (0x76B10000) D:\WINDOWS\system32\USERENV.dll (0x759D0000) D:\WINDOWS\System32\DNSAPI.dll (0x76EF0000) D:\WINDOWS\System32\iphlpapi.dll (0x76D30000) D:\WINDOWS\System32\netman.dll (0x76DB0000) D:\WINDOWS\System32\MPRAPI.dll (0x76D10000) D:\WINDOWS\System32\ACTIVEDS.dll (0x76E10000) D:\WINDOWS\System32\adsldpc.dll (0x76DE0000) D:\WINDOWS\System32\ATL.DLL (0x76AF0000) D:\WINDOWS\System32\SAMLIB.dll (0x71B70000) D:\WINDOWS\System32\WZCSvc.DLL (0x76D70000) D:\WINDOWS\System32\WMI.dll (0x76D00000)
我的眼泪你无所谓拙长孩提狮帖子:48 注册: 2004-11-26 来自:

我的眼泪你无所谓拙长孩提狮帖子:48 注册: 2004-11-26 来自:	发表于： 2006-04-15 08:17 \| 只看楼主短消息资料字号：小中大 4楼 D:\WINDOWS\System32\DHCPCSVC.DLL (0x76D50000) D:\WINDOWS\System32\WTSAPI32.dll (0x76F20000) D:\WINDOWS\System32\WINSTA.dll (0x762D0000) D:\WINDOWS\System32\winrnr.dll (0x76F80000) D:\WINDOWS\System32\rasadhlp.dll (0x76F90000) ===================================================== PROCESS NAME: winlogon.exe ----------------------------------------------------- Process ID = 0x00000460 Thread count= 2 Parent process ID = 1112 Priority Class = 32 Modules: ------------------------------------ D:\WINDOWS\winlogon.exe (0x00400000) D:\WINDOWS\System32\ntdll.dll (0x77F50000) D:\WINDOWS\system32\kernel32.dll (0x77E40000) D:\WINDOWS\system32\user32.dll (0x77D10000) D:\WINDOWS\system32\GDI32.dll (0x77C40000) D:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000) D:\WINDOWS\system32\RPCRT4.dll (0x78000000) D:\WINDOWS\System32\IMM32.DLL (0x76300000) D:\WINDOWS\System32\LPK.DLL (0x62C20000) D:\WINDOWS\System32\USP10.dll (0x72F10000) D:\WINDOWS\system32\shell32.dll (0x773A0000) D:\WINDOWS\system32\msvcrt.dll (0x77BE0000) D:\WINDOWS\system32\SHLWAPI.dll (0x772A0000) D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll (0x71950000) D:\WINDOWS\system32\comctl32.dll (0x77310000) D:\WINDOWS\system32\wininet.dll (0x76170000) D:\WINDOWS\system32\CRYPT32.dll (0x76230000) D:\WINDOWS\system32\MSASN1.dll (0x76210000) D:\WINDOWS\system32\OLEAUT32.dll (0x770F0000) D:\WINDOWS\system32\OLE32.DLL (0x77180000) D:\WINDOWS\downlo~1\CnsMin.dll (0x37210000) D:\WINDOWS\system32\imagehlp.dll (0x76C60000) D:\WINDOWS\System32\NETAPI32.dll (0x71BA0000) D:\WINDOWS\system32\VERSION.dll (0x77BD0000) D:\WINDOWS\System32\Secur32.dll (0x76F60000) D:\WINDOWS\System32\RASAPI32.DLL (0x76EB0000) D:\WINDOWS\System32\rasman.dll (0x76E60000) D:\WINDOWS\System32\WS2_32.dll (0x00BB0000) D:\WINDOWS\System32\WS2HELP.dll (0x00BD0000) D:\WINDOWS\System32\TAPI32.dll (0x76E80000) D:\WINDOWS\System32\rtutils.dll (0x76E50000) D:\WINDOWS\System32\WINMM.dll (0x76B10000) D:\WINDOWS\system32\USERENV.dll (0x759D0000) D:\WINDOWS\System32\wsock32.dll (0x71A40000) D:\WINDOWS\System32\mswsock.dll (0x00DA0000) D:\WINDOWS\System32\DNSAPI.dll (0x76EF0000) D:\WINDOWS\System32\iphlpapi.dll (0x76D30000) D:\WINDOWS\System32\netman.dll (0x76DB0000) D:\WINDOWS\System32\MPRAPI.dll (0x76D10000) D:\WINDOWS\System32\ACTIVEDS.dll (0x76E10000) D:\WINDOWS\System32\adsldpc.dll (0x76DE0000) D:\WINDOWS\system32\WLDAP32.dll (0x76F30000) D:\WINDOWS\System32\ATL.DLL (0x76AF0000) D:\WINDOWS\System32\SAMLIB.dll (0x71B70000) D:\WINDOWS\System32\SETUPAPI.dll (0x765E0000) D:\WINDOWS\System32\WZCSvc.DLL (0x76D70000) D:\WINDOWS\System32\WMI.dll (0x76D00000) D:\WINDOWS\System32\DHCPCSVC.DLL (0x76D50000) D:\WINDOWS\System32\WTSAPI32.dll (0x76F20000) D:\WINDOWS\System32\WINSTA.dll (0x762D0000) D:\WINDOWS\System32\winrnr.dll (0x76F80000) D:\WINDOWS\System32\rasadhlp.dll (0x76F90000) D:\WINDOWS\system32\urlmon.dll (0x76060000) D:\WINDOWS\System32\wshtcpip.dll (0x00E30000) D:\WINDOWS\system32\Apphelp.dll (0x75EB0000) ===================================================== PROCESS NAME: RavTask.exe ----------------------------------------------------- Process ID = 0x000004bc Thread count= 2 Parent process ID = 1068 Priority Class = 64 Modules: ------------------------------------ D:\Program Files\Rising\Rav\RavTask.exe (0x00400000) D:\WINDOWS\System32\ntdll.dll (0x77F50000) D:\WINDOWS\system32\kernel32.dll (0x77E40000) D:\WINDOWS\system32\USER32.dll (0x77D10000) D:\WINDOWS\system32\GDI32.dll (0x77C40000) D:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000) D:\WINDOWS\system32\RPCRT4.dll (0x78000000) D:\WINDOWS\system32\COMCTL32.dll (0x77310000) D:\WINDOWS\System32\IMM32.DLL (0x76300000) D:\WINDOWS\System32\LPK.DLL (0x62C20000) D:\WINDOWS\System32\USP10.dll (0x72F10000) D:\Program Files\Rising\Rav\RSCOMMON.DLL (0x23700000) D:\Program Files\Rising\Rav\RSAPPMGR.DLL (0x10000000) D:\Program Files\Rising\Rav\CfgDll.dll (0x08A00000) D:\WINDOWS\system32\ole32.dll (0x77180000) D:\WINDOWS\system32\OLEAUT32.dll (0x770F0000) D:\WINDOWS\system32\MSVCRT.DLL (0x77BE0000) D:\Program Files\Rising\Rav\RsCommX.dll (0x08B70000) D:\WINDOWS\downlo~1\CnsMin.dll (0x37210000) D:\WINDOWS\system32\imagehlp.dll (0x76C60000) D:\WINDOWS\system32\SHLWAPI.dll (0x772A0000) D:\WINDOWS\System32\NETAPI32.dll (0x71BA0000) D:\WINDOWS\system32\VERSION.dll (0x77BD0000) D:\WINDOWS\system32\SHELL32.dll (0x773A0000) D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll (0x71950000) D:\WINDOWS\System32\ODBC32.dll (0x1F7B0000) D:\WINDOWS\system32\comdlg32.dll (0x76320000) D:\WINDOWS\System32\odbcint.dll (0x1F850000) D:\WINDOWS\System32\odbccp32.dll (0x1F800000) D:\WINDOWS\System32\Secur32.dll (0x76F60000) D:\WINDOWS\System32\CLBCATQ.DLL (0x76FA0000) D:\WINDOWS\System32\COMRes.dll (0x77020000) D:\WINDOWS\System32\VBAJET32.DLL (0x0F9A0000) ===================================================== PROCESS NAME: iexplore.exe ----------------------------------------------------- Process ID = 0x00000678 Thread count= 13 Parent process ID = 1068 Priority Class = 32 Modules: ------------------------------------ D:\Program Files\Internet Explorer\iexplore.exe (0x00400000) D:\WINDOWS\System32\ntdll.dll (0x77F50000) D:\WINDOWS\system32\kernel32.dll (0x77E40000) D:\WINDOWS\system32\msvcrt.dll (0x77BE0000) D:\WINDOWS\system32\USER32.dll (0x77D10000) D:\WINDOWS\system32\GDI32.dll (0x77C40000) D:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000) D:\WINDOWS\system32\RPCRT4.dll (0x78000000) D:\WINDOWS\system32\SHLWAPI.dll (0x772A0000) D:\WINDOWS\System32\SHDOCVW.dll (0x76990000) D:\WINDOWS\System32\IMM32.DLL (0x76300000) D:\WINDOWS\System32\LPK.DLL (0x62C20000) D:\WINDOWS\System32\USP10.dll (0x72F10000) D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll (0x71950000) D:\WINDOWS\system32\SHELL32.dll (0x773A0000) D:\WINDOWS\system32\comctl32.dll (0x77310000) D:\WINDOWS\system32\ole32.dll (0x77180000) D:\WINDOWS\downlo~1\CnsMin.dll (0x37210000) D:\WINDOWS\system32\imagehlp.dll (0x76C60000) D:\WINDOWS\System32\NETAPI32.dll (0x71BA0000) D:\WINDOWS\system32\VERSION.dll (0x77BD0000) D:\WINDOWS\downlo~1\CnsHint.dll (0x10000000) D:\WINDOWS\system32\OLEAUT32.dll (0x770F0000) D:\WINDOWS\System32\UxTheme.dll (0x5ADC0000) D:\WINDOWS\System32\BROWSEUI.dll (0x75EF0000) D:\WINDOWS\System32\browselc.dll (0x723C0000) D:\WINDOWS\system32\appHelp.dll (0x75EB0000) D:\WINDOWS\System32\CLBCATQ.DLL (0x76FA0000) D:\WINDOWS\System32\COMRes.dll (0x77020000) D:\WINDOWS\downlo~1\cnsplus.dll (0x00B00000) D:\WINDOWS\system32\WININET.dll (0x76170000) D:\WINDOWS\system32\CRYPT32.dll (0x76230000) D:\WINDOWS\system32\MSASN1.dll (0x76210000) D:\WINDOWS\System32\Secur32.dll (0x76F60000) D:\WINDOWS\System32\CSCDLL.dll (0x76570000) D:\WINDOWS\System32\SETUPAPI.dll (0x765E0000) D:\WINDOWS\system32\USERENV.dll (0x759D0000) D:\WINDOWS\downlo~1\CnsHook.dll (0x00FD0000) D:\WINDOWS\System32\WSOCK32.dll (0x71A40000) D:\WINDOWS\System32\WS2_32.dll (0x00FF0000) D:\WINDOWS\System32\WS2HELP.dll (0x00BB0000)
我的眼泪你无所谓拙长孩提狮帖子:48 注册: 2004-11-26 来自:

不言放弃社区嘉宾帖子:30678 注册: 2004-09-17 来自:蓝色星球	发表于： 2006-04-15 08:18 \| 短消息资料字号：小中大 5楼【回复“我的眼泪你无所谓”的帖子】病毒名称？病毒文件名称与路径？
不言放弃社区嘉宾帖子:30678 注册: 2004-09-17 来自:蓝色星球

我的眼泪你无所谓拙长孩提狮帖子:48 注册: 2004-11-26 来自:	发表于： 2006-04-15 08:19 \| 只看楼主短消息资料字号：小中大 6楼 D:\WINDOWS\system32\urlmon.dll (0x76060000) D:\WINDOWS\System32\SXS.DLL (0x75E00000) D:\WINDOWS\System32\shdoclc.dll (0x760E0000) D:\WINDOWS\System32\mlang.dll (0x746D0000) D:\WINDOWS\system32\mswsock.dll (0x011A0000) D:\WINDOWS\System32\wshtcpip.dll (0x011E0000) D:\WINDOWS\System32\RASAPI32.DLL (0x76EB0000) D:\WINDOWS\System32\rasman.dll (0x76E60000) D:\WINDOWS\System32\TAPI32.dll (0x76E80000) D:\WINDOWS\System32\rtutils.dll (0x76E50000) D:\WINDOWS\System32\WINMM.dll (0x76B10000) D:\WINDOWS\System32\DNSAPI.dll (0x76EF0000) D:\WINDOWS\System32\iphlpapi.dll (0x76D30000) D:\WINDOWS\System32\netman.dll (0x76DB0000) D:\WINDOWS\System32\MPRAPI.dll (0x76D10000) D:\WINDOWS\System32\ACTIVEDS.dll (0x76E10000) D:\WINDOWS\System32\adsldpc.dll (0x76DE0000) D:\WINDOWS\system32\WLDAP32.dll (0x76F30000) D:\WINDOWS\System32\ATL.DLL (0x76AF0000) D:\WINDOWS\System32\SAMLIB.dll (0x71B70000) D:\WINDOWS\System32\WZCSvc.DLL (0x76D70000) D:\WINDOWS\System32\WMI.dll (0x76D00000) D:\WINDOWS\System32\DHCPCSVC.DLL (0x76D50000) D:\WINDOWS\System32\WTSAPI32.dll (0x76F20000) D:\WINDOWS\System32\WINSTA.dll (0x762D0000) D:\WINDOWS\System32\winrnr.dll (0x76F80000) D:\WINDOWS\System32\rasadhlp.dll (0x76F90000) D:\WINDOWS\System32\mshtml.dll (0x74770000) D:\WINDOWS\System32\c_g18030.dll (0x702B0000) D:\WINDOWS\System32\c_is2022.dll (0x702A0000) D:\WINDOWS\System32\msimtf.dll (0x74650000) D:\WINDOWS\System32\MSCTF.dll (0x74680000) D:\Program Files\Microsoft Office\Office10\msohev.dll (0x32520000) D:\Program Files\Rising\Rav\RavScrCh.dll (0x02A80000) D:\WINDOWS\System32\vbscript.dll (0x73270000) D:\WINDOWS\System32\jscript.dll (0x75BC0000) D:\WINDOWS\System32\MSLS31.DLL (0x74620000) D:\WINDOWS\System32\actxprxy.dll (0x71CC0000) D:\WINDOWS\System32\mshtmled.dll (0x74C10000) D:\WINDOWS\downlo~1\CnsMinIO.dll (0x03050000) D:\WINDOWS\downlo~1\cnsio.dll (0x03510000) D:\WINDOWS\System32\imgutil.dll (0x66B50000) D:\WINDOWS\system32\MPR.dll (0x71A90000) D:\WINDOWS\System32\drprov.dll (0x75ED0000) D:\WINDOWS\System32\ntlanman.dll (0x71B90000) D:\WINDOWS\System32\NETUI0.dll (0x71C50000) D:\WINDOWS\System32\NETUI1.dll (0x71C10000) D:\WINDOWS\System32\NETRAP.dll (0x71C00000) D:\WINDOWS\System32\davclnt.dll (0x75EE0000) D:\WINDOWS\System32\MSGINA.dll (0x758D0000) D:\WINDOWS\System32\ODBC32.dll (0x1F7B0000) D:\WINDOWS\system32\comdlg32.dll (0x76320000) D:\WINDOWS\System32\odbcint.dll (0x1F850000) D:\WINDOWS\System32\Macromed\Flash\Flash8a.ocx (0x30000000) D:\WINDOWS\System32\ddrawex.dll (0x6D7C0000) D:\WINDOWS\System32\DDRAW.dll (0x736D0000) D:\WINDOWS\System32\DCIMAN32.dll (0x73B30000) D:\WINDOWS\System32\pngfilt.dll (0x5E400000) D:\WINDOWS\System32\plugin.ocx (0x72A90000) D:\WINDOWS\System32\ntshrui.dll (0x76960000) D:\WINDOWS\System32\MSRATING.DLL (0x60150000) D:\WINDOWS\System32\msratelc.dll (0x60180000)
我的眼泪你无所谓拙长孩提狮帖子:48 注册: 2004-11-26 来自:

我的眼泪你无所谓拙长孩提狮帖子:48 注册: 2004-11-26 来自:	发表于： 2006-04-15 08:23 \| 只看楼主短消息资料字号：小中大 7楼 trojan.spy.small.l这个在D：\WINDOWS\SYSTEM32和trojan.clicker.small.lw在D:\DOCUMENT and setting\a.xr-esei506ixxwj\LOCAL SETTING\TEMP
我的眼泪你无所谓拙长孩提狮帖子:48 注册: 2004-11-26 来自:

社区嘉宾

帖子:30678
注册: 2004-09-17
来自:蓝色星球

发表于： 2006-04-15 08:26 | 短消息资料

字号：小中大 8楼

引用:

【我的眼泪你无所谓的贴子】trojan.spy.small.l这个在D：\WINDOWS\SYSTEM32和trojan.clicker.small.lw在D:\DOCUMENT and setting\a.xr-esei506ixxwj\LOCAL SETTING\TEMP
...........................

晕倒
好好参考我的回贴

病毒文件名称呢？

我的眼泪你无所谓拙长孩提狮帖子:48 注册: 2004-11-26 来自:	发表于： 2006-04-15 09:26 \| 只看楼主短消息资料字号：小中大 9楼不言大哥，你可千万不能晕啊，否则我可成千古罪人啦，会被追杀的。呵呵 trojan.spy.small.l这个的文件名是mpcsvc.exe,这个我昨天在安全模式下删了，但今天重启又有。 trojan.clicker.small.lw这个的文件名可以一大堆啦：18393312.exe、29478484.exe、379078.exe,都是这一类型的文件名.
我的眼泪你无所谓拙长孩提狮帖子:48 注册: 2004-11-26 来自:

不言放弃社区嘉宾帖子:30678 注册: 2004-09-17 来自:蓝色星球	发表于： 2006-04-15 11:00 \| 短消息资料字号：小中大 10楼【回复“我的眼泪你无所谓”的帖子】用HIJACKTHIS导出全部日志
不言放弃社区嘉宾帖子:30678 注册: 2004-09-17 来自:蓝色星球

<<上一主题|下一主题>>

1 / 2 页

跳转页

我的眼泪你无所谓拙长孩提狮帖子:48 注册: 2004-11-26 来自:	发表于： 2006-04-15 08:09 \| 只看楼主短消息资料字号：小中大 1楼不言大哥，电脑又中毒了trojan.spy.small.l和trojan.clicker.small.lw 一个在D：\WINDOWS\SYSTEM32和D:\DOCUMENT and setting\a.xr-esei506ixxwj\LOCAL SETTING\TEMP.好像还有黄色页面出来,可我没去过什么黄色网站啊.用瑞星最新版本杀了,在安全模式下也杀过了,系统还原也关闭了,但是重启后还是有 System Information Collect Tool - Designed By Smallfrogs 20060415-07:56 Windows XP Internet Explorer: 6.0.2600.0000 *************************************************************** Runing Processes information *************************************************************** ===================================================== PROCESS NAME: System ----------------------------------------------------- Process ID = 0x00000004 Thread count= 42 Parent process ID = 0 Priority Class = 32 Modules: ------------------------------------ ===================================================== PROCESS NAME: smss.exe ----------------------------------------------------- Process ID = 0x000001bc Thread count= 3 Parent process ID = 4 Priority Class = 32 Modules: ------------------------------------ \SystemRoot\System32\smss.exe (0x48580000) D:\WINDOWS\System32\ntdll.dll (0x77F50000) ===================================================== PROCESS NAME: csrss.exe ----------------------------------------------------- Process ID = 0x000001ec Thread count= 10 Parent process ID = 444 Priority Class = 32 Modules: ------------------------------------ \??\D:\WINDOWS\system32\csrss.exe (0x4A680000) D:\WINDOWS\System32\ntdll.dll (0x77F50000) D:\WINDOWS\system32\CSRSRV.dll (0x75AA0000) D:\WINDOWS\system32\basesrv.dll (0x75AB0000) D:\WINDOWS\system32\winsrv.dll (0x75AC0000) D:\WINDOWS\system32\USER32.dll (0x77D10000) D:\WINDOWS\system32\KERNEL32.dll (0x77E40000) D:\WINDOWS\system32\GDI32.dll (0x77C40000) D:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000) D:\WINDOWS\system32\RPCRT4.dll (0x78000000) D:\WINDOWS\system32\LPK.DLL (0x62C20000) D:\WINDOWS\system32\USP10.dll (0x72F10000) D:\WINDOWS\System32\sxs.dll (0x75E00000) ===================================================== PROCESS NAME: winlogon.exe ----------------------------------------------------- Process ID = 0x00000204 Thread count= 16 Parent process ID = 444 Priority Class = 128 Modules: ------------------------------------ \??\D:\WINDOWS\system32\winlogon.exe (0x01000000) D:\WINDOWS\System32\ntdll.dll (0x77F50000) D:\WINDOWS\system32\kernel32.dll (0x77E40000) D:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000) D:\WINDOWS\system32\RPCRT4.dll (0x78000000) D:\WINDOWS\system32\AUTHZ.dll (0x76C90000) D:\WINDOWS\system32\msvcrt.dll (0x77BE0000) D:\WINDOWS\system32\CRYPT32.dll (0x76230000) D:\WINDOWS\system32\USER32.dll (0x77D10000) D:\WINDOWS\system32\GDI32.dll (0x77C40000) D:\WINDOWS\system32\MSASN1.dll (0x76210000) D:\WINDOWS\system32\NDdeApi.dll (0x758A0000) D:\WINDOWS\system32\PROFMAP.dll (0x75890000) D:\WINDOWS\system32\NETAPI32.dll (0x71BA0000) D:\WINDOWS\system32\USERENV.dll (0x759D0000) D:\WINDOWS\system32\PSAPI.DLL (0x76BC0000) D:\WINDOWS\system32\REGAPI.dll (0x76B90000) D:\WINDOWS\system32\Secur32.dll (0x76F60000) D:\WINDOWS\system32\SETUPAPI.dll (0x765E0000) D:\WINDOWS\system32\sfc_os.dll (0x76C30000) D:\WINDOWS\system32\WINTRUST.dll (0x76C00000) D:\WINDOWS\system32\ole32.dll (0x77180000) D:\WINDOWS\system32\IMAGEHLP.dll (0x76C60000) D:\WINDOWS\system32\VERSION.dll (0x77BD0000) D:\WINDOWS\system32\WINSTA.dll (0x762D0000) D:\WINDOWS\system32\WS2_32.dll (0x71A20000) D:\WINDOWS\system32\WS2HELP.dll (0x71A10000) D:\WINDOWS\System32\IMM32.DLL (0x76300000) D:\WINDOWS\system32\LPK.DLL (0x62C20000) D:\WINDOWS\system32\USP10.dll (0x72F10000) D:\WINDOWS\system32\MSGINA.dll (0x758D0000) D:\WINDOWS\system32\SHELL32.dll (0x773A0000) D:\WINDOWS\system32\SHLWAPI.dll (0x772A0000) D:\WINDOWS\system32\COMCTL32.dll (0x77310000) D:\WINDOWS\system32\ODBC32.dll (0x1F7B0000) D:\WINDOWS\system32\comdlg32.dll (0x76320000) D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll (0x00A50000) D:\WINDOWS\system32\odbcint.dll (0x1F850000) D:\WINDOWS\system32\SHSVCS.dll (0x76BA0000) D:\WINDOWS\system32\sfc.dll (0x76B80000) D:\WINDOWS\system32\WINSCARD.DLL (0x72360000) D:\WINDOWS\system32\WTSAPI32.dll (0x76F20000) D:\WINDOWS\System32\rsaenh.dll (0x0FFD0000) D:\WINDOWS\system32\sxs.dll (0x75E00000) D:\WINDOWS\system32\wldap32.dll (0x76F30000) D:\WINDOWS\system32\WINMM.dll (0x76B10000) D:\WINDOWS\system32\UxTheme.dll (0x5ADC0000) D:\WINDOWS\system32\SAMLIB.dll (0x71B70000) D:\WINDOWS\system32\mpr.dll (0x71A90000) D:\WINDOWS\system32\NTMARTA.DLL (0x76CB0000) ===================================================== PROCESS NAME: services.exe ----------------------------------------------------- Process ID = 0x00000230 Thread count= 9 Parent process ID = 516 Priority Class = 32 Modules: ------------------------------------ D:\WINDOWS\system32\services.exe (0x01000000) D:\WINDOWS\System32\ntdll.dll (0x77F50000) D:\WINDOWS\system32\kernel32.dll (0x77E40000) D:\WINDOWS\system32\msvcrt.dll (0x77BE0000) D:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000) D:\WINDOWS\system32\RPCRT4.dll (0x78000000) D:\WINDOWS\system32\USER32.dll (0x77D10000) D:\WINDOWS\system32\GDI32.dll (0x77C40000) D:\WINDOWS\system32\USERENV.dll (0x759D0000) D:\WINDOWS\system32\SCESRV.dll (0x75840000) D:\WINDOWS\system32\AUTHZ.dll (0x76C90000) D:\WINDOWS\system32\umpnpmgr.dll (0x75820000) D:\WINDOWS\system32\WINSTA.dll (0x762D0000) D:\WINDOWS\system32\NCObjAPI.DLL (0x5F9A0000) D:\WINDOWS\System32\IMM32.DLL (0x76300000) D:\WINDOWS\system32\LPK.DLL (0x62C20000) D:\WINDOWS\system32\USP10.dll (0x72F10000) D:\WINDOWS\system32\secur32.dll (0x76F60000) ===================================================== PROCESS NAME: lsass.exe ----------------------------------------------------- Process ID = 0x0000023c Thread count= 14 Parent process ID = 516 Priority Class = 32 Modules: ------------------------------------ D:\WINDOWS\system32\lsass.exe (0x01000000) D:\WINDOWS\System32\ntdll.dll (0x77F50000) D:\WINDOWS\system32\kernel32.dll (0x77E40000) D:\WINDOWS\system32\ADVAPI32.dll (0x77DA0000) D:\WINDOWS\system32\RPCRT4.dll (0x78000000) D:\WINDOWS\system32\LSASRV.dll (0x74480000) D:\WINDOWS\system32\msvcrt.dll (0x77BE0000) D:\WINDOWS\system32\Secur32.dll (0x76F60000) D:\WINDOWS\system32\USER32.dll (0x77D10000) D:\WINDOWS\system32\GDI32.dll (0x77C40000) D:\WINDOWS\system32\SAMSRV.dll (0x743A0000) D:\WINDOWS\system32\cryptdll.dll (0x76760000) D:\WINDOWS\system32\DNSAPI.dll (0x76EF0000) D:\WINDOWS\system32\WS2_32.dll (0x71A20000) D:\WINDOWS\system32\WS2HELP.dll (0x71A10000) D:\WINDOWS\system32\MSASN1.dll (0x76210000) D:\WINDOWS\system32\NETAPI32.dll (0x71BA0000) D:\WINDOWS\system32\SAMLIB.dll (0x71B70000) D:\WINDOWS\system32\MPR.dll (0x71A90000) D:\WINDOWS\system32\NTDSAPI.dll (0x76770000) D:\WINDOWS\system32\WLDAP32.dll (0x76F30000) D:\WINDOWS\System32\IMM32.DLL (0x76300000) D:\WINDOWS\system32\LPK.DLL (0x62C20000) D:\WINDOWS\system32\USP10.dll (0x72F10000) D:\WINDOWS\system32\msprivs.dll (0x74310000) D:\WINDOWS\system32\kerberos.dll (0x71C70000) D:\WINDOWS\system32\msv1_0.dll (0x76CE0000) D:\WINDOWS\system32\netlogon.dll (0x74410000) D:\WINDOWS\system32\w32time.dll (0x76790000) D:\WINDOWS\system32\MSVCP60.dll (0x75FF0000) D:\WINDOWS\system32\iphlpapi.dll (0x76D30000) D:\WINDOWS\system32\netman.dll (0x76DB0000) D:\WINDOWS\system32\MPRAPI.dll (0x76D10000) D:\WINDOWS\system32\ACTIVEDS.dll (0x76E10000) D:\WINDOWS\system32\adsldpc.dll (0x76DE0000) D:\WINDOWS\system32\ATL.DLL (0x76AF0000) D:\WINDOWS\system32\ole32.dll (0x77180000) D:\WINDOWS\system32\OLEAUT32.dll (0x770F0000) D:\WINDOWS\system32\rtutils.dll (0x76E50000) D:\WINDOWS\system32\SETUPAPI.dll (0x765E0000) D:\WINDOWS\system32\RASAPI32.dll (0x76EB0000) D:\WINDOWS\system32\rasman.dll (0x76E60000) D:\WINDOWS\system32\TAPI32.dll (0x76E80000) D:\WINDOWS\system32\SHLWAPI.dll (0x772A0000) D:\WINDOWS\system32\WINMM.dll (0x76B10000) D:\WINDOWS\system32\SHELL32.dll (0x773A0000) D:\WINDOWS\system32\WZCSvc.DLL (0x76D70000) D:\WINDOWS\system32\WMI.dll (0x76D00000) D:\WINDOWS\system32\DHCPCSVC.DLL (0x76D50000) D:\WINDOWS\system32\CRYPT32.dll (0x76230000) D:\WINDOWS\system32\WTSAPI32.dll (0x76F20000) D:\WINDOWS\system32\WINSTA.dll (0x762D0000) D:\WINDOWS\system32\USERENV.dll (0x759D0000) D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll (0x00940000) D:\WINDOWS\system32\comctl32.dll (0x77310000) D:\WINDOWS\system32\schannel.dll (0x767C0000) D:\WINDOWS\system32\wdigest.dll (0x742E0000) D:\WINDOWS\System32\rsaenh.dll (0x0FFD0000) D:\WINDOWS\system32\scecli.dll (0x74370000) 2006-04-15 11:05:14
我的眼泪你无所谓拙长孩提狮帖子:48 注册: 2004-11-26 来自:	分享到：

瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 不言大哥，电脑又中毒了trojan.spy.small.l和trojan.clicker.small.lw

不言大哥，电脑又中毒了trojan.spy.small.l和trojan.clicker.small.lw

不言大哥，电脑又中毒了trojan.spy.small.l和trojan.clicker.small.lw

瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛不言大哥，电脑又中毒了trojan.spy.small.l和trojan.clicker.small.lw