各位大侠帮看下这个日志有没有什么问题！谢谢了！

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛各位大侠帮看下这个日志有没有什么问题！谢谢了！

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1 / 1 页

跳转页

各位大侠帮看下这个日志有没有什么问题！谢谢了！

蜣螂初生襁褓狮帖子:26 注册: 2004-11-16 来自:	发表于： 2006-05-30 14:45 \| 只看楼主短消息资料字号：小中大 1楼各位大侠帮看下这个日志有没有什么问题！谢谢了！ System Information Collect Tool - Designed By Smallfrogs 20060530-14:31 Windows XP Service Pack 1 Internet Explorer: 6.0.2800.1106 *************************************************************** Runing Processes information *************************************************************** ===================================================== PROCESS NAME: [System Process] ----------------------------------------------------- Process ID = 0 Thread count= 1 Parent process ID = 0 Modules: ------------------------------------ D:\Rising\其他检测程序\System Information Collect Tool(1.20)\SysInfoCollect.EXE C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\System32\MFC42.DLL C:\WINDOWS\system32\MSVCRT.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\System32\USP10.dll C:\WINDOWS\System32\MFC42LOC.DLL C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1740_x-ww_7cb8ab44\comctl32.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\System32\MSCTF.dll C:\WINDOWS\System32\msctfime.ime C:\WINDOWS\System32\ole32.dll C:\WINDOWS\System32\pintlgnt.ime C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\System32\Secur32.dll ===================================================== PROCESS NAME: System ----------------------------------------------------- Process ID = 4 Thread count= 47 Parent process ID = 0 Modules: ------------------------------------ ===================================================== PROCESS NAME: SMSS.EXE ----------------------------------------------------- Process ID = 424 Thread count= 3 Parent process ID = 4 Modules: ------------------------------------ ===================================================== PROCESS NAME: CSRSS.EXE ----------------------------------------------------- Process ID = 480 Thread count= 10 Parent process ID = 424 Modules: ------------------------------------ ===================================================== PROCESS NAME: WINLOGON.EXE ----------------------------------------------------- Process ID = 504 Thread count= 19 Parent process ID = 424 Modules: ------------------------------------ ===================================================== PROCESS NAME: SERVICES.EXE ----------------------------------------------------- Process ID = 548 Thread count= 18 Parent process ID = 504 Modules: ------------------------------------ ===================================================== PROCESS NAME: LSASS.EXE ----------------------------------------------------- Process ID = 560 Thread count= 20 Parent process ID = 504 Modules: ------------------------------------ ===================================================== PROCESS NAME: SVCHOST.EXE ----------------------------------------------------- Process ID = 716 Thread count= 9 Parent process ID = 548 Modules: ------------------------------------ ===================================================== PROCESS NAME: CCenter.exe ----------------------------------------------------- Process ID = 768 Thread count= 3 Parent process ID = 548 Modules: ------------------------------------ ===================================================== PROCESS NAME: SVCHOST.EXE ----------------------------------------------------- Process ID = 784 Thread count= 58 Parent process ID = 548 Modules: ------------------------------------ ===================================================== PROCESS NAME: SVCHOST.EXE ----------------------------------------------------- Process ID = 864 Thread count= 6 Parent process ID = 548 Modules: ------------------------------------ ===================================================== PROCESS NAME: SVCHOST.EXE ----------------------------------------------------- Process ID = 964 Thread count= 15 Parent process ID = 548 Modules: ------------------------------------ ===================================================== PROCESS NAME: RavMonD.exe ----------------------------------------------------- Process ID = 1016 Thread count= 23 Parent process ID = 548 Modules: ------------------------------------ ===================================================== PROCESS NAME: rfwsrv.exe ----------------------------------------------------- Process ID = 1100 Thread count= 16 Parent process ID = 548 Modules: ------------------------------------ ===================================================== PROCESS NAME: SPOOLSV.EXE ----------------------------------------------------- Process ID = 1224 Thread count= 10 Parent process ID = 548 Modules: ------------------------------------ ===================================================== PROCESS NAME: RavStub.exe ----------------------------------------------------- Process ID = 1320 Thread count= 2 Parent process ID = 1016 Modules: ------------------------------------ ===================================================== PROCESS NAME: EXPLORER.EXE ----------------------------------------------------- Process ID = 1620 Thread count= 15 Parent process ID = 1524 Priority Class = 32 Modules: ------------------------------------ C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\System32\BROWSEUI.dll C:\WINDOWS\System32\SHDOCVW.dll C:\WINDOWS\System32\UxTheme.dll C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\System32\USP10.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1740_x-ww_7cb8ab44\comctl32.dll C:\WINDOWS\system32\comctl32.dll C:\WINDOWS\System32\msctfime.ime C:\WINDOWS\System32\pintlgnt.ime C:\WINDOWS\System32\Secur32.dll C:\WINDOWS\system32\appHelp.dll C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\System32\cscui.dll C:\WINDOWS\System32\CSCDLL.dll C:\WINDOWS\System32\themeui.dll C:\WINDOWS\System32\MSIMG32.dll C:\WINDOWS\System32\netapi32.dll C:\WINDOWS\system32\RavExt.dll C:\WINDOWS\system32\urlmon.dll C:\WINDOWS\System32\msctf.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\System32\LINKINFO.dll C:\WINDOWS\System32\ntshrui.dll C:\WINDOWS\System32\ATL.DLL C:\WINDOWS\System32\WINSTA.dll C:\WINDOWS\System32\webcheck.dll C:\WINDOWS\System32\SETUPAPI.dll C:\WINDOWS\System32\stobject.dll C:\WINDOWS\System32\BatMeter.dll C:\WINDOWS\System32\POWRPROF.dll C:\WINDOWS\System32\WTSAPI32.dll C:\WINDOWS\system32\NETSHELL.dll C:\WINDOWS\system32\credui.dll C:\WINDOWS\system32\WS2_32.dll C:\WINDOWS\system32\WS2HELP.dll C:\WINDOWS\system32\iphlpapi.dll C:\WINDOWS\System32\WINTRUST.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\system32\IMAGEHLP.dll C:\WINDOWS\System32\rsaenh.dll C:\WINDOWS\System32\msi.dll C:\WINDOWS\System32\SXS.DLL C:\WINDOWS\System32\printui.dll C:\WINDOWS\System32\WINSPOOL.DRV C:\WINDOWS\System32\ACTIVEDS.dll C:\WINDOWS\System32\adsldpc.dll C:\WINDOWS\system32\WLDAP32.dll C:\WINDOWS\System32\CFGMGR32.dll C:\WINDOWS\system32\MPR.dll C:\WINDOWS\System32\WINMM.dll C:\WINDOWS\System32\shdoclc.dll C:\WINDOWS\system32\WININET.dll C:\WINDOWS\System32\drprov.dll C:\WINDOWS\System32\ntlanman.dll C:\WINDOWS\System32\NETUI0.dll C:\WINDOWS\System32\NETUI1.dll C:\WINDOWS\System32\NETRAP.dll C:\WINDOWS\System32\SAMLIB.dll C:\WINDOWS\System32\davclnt.dll C:\WINDOWS\System32\browselc.dll D:\FLASHG~1.71\FLASHGET\jccatch.dll C:\WINDOWS\System32\MSGINA.dll C:\WINDOWS\System32\ODBC32.dll C:\WINDOWS\system32\comdlg32.dll C:\WINDOWS\System32\odbcint.dll C:\WINDOWS\System32\DUSER.dll C:\WINDOWS\System32\wdmaud.drv C:\WINDOWS\System32\msacm32.drv C:\WINDOWS\System32\MSACM32.dll C:\WINDOWS\System32\midimap.dll C:\WINDOWS\System32\shmedia.dll C:\WINDOWS\System32\MSVFW32.dll C:\WINDOWS\System32\AVIFIL32.dll C:\WINDOWS\System32\l3codeca.acm C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll C:\WINDOWS\System32\WMVCore.DLL C:\WINDOWS\System32\WMASF.DLL C:\WINDOWS\System32\actxprxy.dll C:\WINDOWS\System32\NTMARTA.DLL C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll C:\WINDOWS\System32\MSVCR71.dll C:\Program Files\WinRAR\rarext.dll D:\epp210c\eppshell.dll C:\WINDOWS\System32\mydocs.dll ===================================================== PROCESS NAME: SVCHOST.EXE ----------------------------------------------------- Process ID = 1708 Thread count= 7 Parent process ID = 548 Modules: ------------------------------------ ===================================================== PROCESS NAME: RfwMain.exe ----------------------------------------------------- Process ID = 1900 Thread count= 4 Parent process ID = 1100 Priority Class = 32 Modules: ------------------------------------ d:\rising\rising\rfw\RfwMain.exe C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\System32\MFC42.DLL C:\WINDOWS\system32\MSVCRT.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\COMCTL32.dll C:\WINDOWS\System32\MSVCP60.dll d:\rising\rising\rfw\RsGuiLib.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\System32\WINMM.dll C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\System32\USP10.dll C:\WINDOWS\System32\MFC42LOC.DLL C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1740_x-ww_7cb8ab44\comctl32.dll C:\WINDOWS\system32\USERENV.dll d:\rising\rising\rfw\RSCOMMON.DLL d:\rising\rising\rfw\PngDll.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\System32\msctfime.ime C:\WINDOWS\System32\ole32.dll C:\WINDOWS\System32\pintlgnt.ime C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\System32\Secur32.dll C:\WINDOWS\system32\perfproc.dll C:\WINDOWS\System32\MSCTF.dll 续下 2006-05-30 16:51:38.357000000
蜣螂初生襁褓狮帖子:26 注册: 2004-11-16 来自:	分享到：

蜣螂初生襁褓狮帖子:26 注册: 2004-11-16 来自:	发表于： 2006-05-30 14:46 \| 只看楼主短消息资料字号：小中大 2楼 ===================================================== PROCESS NAME: Mixer.exe ----------------------------------------------------- Process ID = 176 Thread count= 2 Parent process ID = 1620 Priority Class = 32 Modules: ------------------------------------ C:\WINDOWS\Mixer.exe C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\WINMM.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\comdlg32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\COMCTL32.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\System32\WINSPOOL.DRV C:\WINDOWS\system32\ole32.dll C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\System32\USP10.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1740_x-ww_7cb8ab44\comctl32.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\System32\wdmaud.drv C:\WINDOWS\System32\msacm32.drv C:\WINDOWS\System32\MSACM32.dll C:\WINDOWS\System32\midimap.dll C:\WINDOWS\System32\msctfime.ime C:\WINDOWS\System32\pintlgnt.ime C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\System32\Secur32.dll C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\System32\cmnprop.dll C:\WINDOWS\System32\SETUPAPI.dll C:\WINDOWS\System32\msctf.dll ===================================================== PROCESS NAME: RavTask.exe ----------------------------------------------------- Process ID = 372 Thread count= 2 Parent process ID = 1620 Modules: ------------------------------------ D:\Rising\Rising\Rav\RavTask.exe C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\COMCTL32.dll C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\System32\USP10.dll D:\Rising\Rising\Rav\RSCOMMON.DLL D:\Rising\Rising\Rav\RSAPPMGR.DLL D:\Rising\Rising\Rav\CfgDll.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\MSVCRT.DLL D:\Rising\Rising\Rav\RsCommX.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\System32\msctfime.ime C:\WINDOWS\System32\pintlgnt.ime C:\WINDOWS\System32\Secur32.dll C:\WINDOWS\System32\MSCTF.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1740_x-ww_7cb8ab44\comctl32.dll C:\WINDOWS\System32\ODBC32.dll C:\WINDOWS\system32\comdlg32.dll C:\WINDOWS\System32\odbcint.dll C:\WINDOWS\System32\odbccp32.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\System32\VBAJET32.DLL ===================================================== PROCESS NAME: realsched.exe ----------------------------------------------------- Process ID = 388 Thread count= 4 Parent process ID = 1620 Priority Class = 32 Modules: ------------------------------------ C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\System32\USP10.dll C:\WINDOWS\system32\shell32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1740_x-ww_7cb8ab44\comctl32.dll C:\WINDOWS\system32\comctl32.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\System32\SETUPAPI.dll C:\WINDOWS\System32\msctfime.ime C:\WINDOWS\System32\pintlgnt.ime C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\System32\Secur32.dll C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\System32\NTMARTA.DLL C:\WINDOWS\system32\WLDAP32.dll C:\WINDOWS\System32\SAMLIB.dll C:\WINDOWS\System32\MSCTF.dll ===================================================== PROCESS NAME: RavMon.exe ----------------------------------------------------- Process ID = 392 Thread count= 7 Parent process ID = 372 Modules: ------------------------------------ D:\Rising\Rising\Rav\Ravmon.exe C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\ADVAPI32.dll D:\Rising\Rising\Rav\RsGuiLib.dll C:\WINDOWS\System32\MFC42.DLL C:\WINDOWS\system32\MSVCRT.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\COMCTL32.dll C:\WINDOWS\System32\MSVCP60.dll D:\Rising\Rising\Rav\BWList.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\System32\WSOCK32.dll C:\WINDOWS\System32\WS2_32.dll C:\WINDOWS\System32\WS2HELP.dll C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\System32\USP10.dll C:\WINDOWS\System32\MFC42LOC.DLL C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1740_x-ww_7cb8ab44\comctl32.dll D:\Rising\Rising\Rav\RSAPPMGR.DLL D:\Rising\Rising\Rav\CfgDll.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll D:\Rising\Rising\Rav\RSCOMMON.DLL D:\Rising\Rising\Rav\RsCommX.dll D:\Rising\Rising\Rav\PngDll.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\System32\msctfime.ime C:\WINDOWS\System32\pintlgnt.ime C:\WINDOWS\System32\Secur32.dll C:\WINDOWS\System32\msctf.dll C:\WINDOWS\System32\perfproc.dll C:\WINDOWS\System32\wtsapi32.dll C:\WINDOWS\System32\WINSTA.dll ===================================================== PROCESS NAME: ctfmon.exe ----------------------------------------------------- Process ID = 452 Thread count= 1 Parent process ID = 1620 Priority Class = 32 Modules: ------------------------------------ C:\WINDOWS\System32\ctfmon.exe C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\System32\MSCTF.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\System32\MSUTB.dll C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\System32\USP10.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\System32\msctfime.ime C:\WINDOWS\System32\pintlgnt.ime C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\System32\Secur32.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1740_x-ww_7cb8ab44\comctl32.dll C:\WINDOWS\system32\SHLWAPI.dll ===================================================== PROCESS NAME: ishare_user.exe ----------------------------------------------------- Process ID = 952 Thread count= 3 Parent process ID = 1620 Priority Class = 32 Modules: ------------------------------------ D:\广州创意电脑开发中心\ishare_user.exe C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\kernel32.dll D:\广州创意电脑开发中心\cw3220.DLL C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\System32\NETAPI32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\SHELL32.DLL C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\System32\WSOCK32.dll C:\WINDOWS\System32\WS2_32.dll C:\WINDOWS\System32\WS2HELP.dll C:\WINDOWS\system32\COMCTL32.DLL C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\System32\USP10.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1740_x-ww_7cb8ab44\comctl32.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\System32\MSCTF.dll C:\WINDOWS\System32\msctfime.ime C:\WINDOWS\System32\ole32.dll C:\WINDOWS\System32\pintlgnt.ime C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\System32\Secur32.dll C:\WINDOWS\system32\mswsock.dll C:\WINDOWS\System32\wshtcpip.dll C:\WINDOWS\System32\DNSAPI.dll C:\WINDOWS\System32\winrnr.dll C:\WINDOWS\system32\WLDAP32.dll C:\WINDOWS\System32\rasadhlp.dll 续下
蜣螂初生襁褓狮帖子:26 注册: 2004-11-16 来自:

mopery 卡卡技术团队帖子:17737 注册: 2005-12-06 来自:New York	发表于： 2006-05-30 14:46 \| 短消息资料字号：小中大 3楼 http://forum.ikaka.com/topic.asp?board=28&artid=6979213 一楼附件...下载HijackThis...把日志帖上来..
mopery 卡卡技术团队帖子:17737 注册: 2005-12-06 来自:New York

蜣螂初生襁褓狮帖子:26 注册: 2004-11-16 来自:	发表于： 2006-05-30 14:47 \| 只看楼主短消息资料字号：小中大 4楼 ===================================================== PROCESS NAME: IEXPLORE.EXE ----------------------------------------------------- Process ID = 3760 Thread count= 22 Parent process ID = 1620 Priority Class = 32 Modules: ------------------------------------ C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\System32\SHDOCVW.dll C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\System32\USP10.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1740_x-ww_7cb8ab44\comctl32.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\comctl32.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\System32\MSCTF.dll C:\WINDOWS\System32\BROWSEUI.dll C:\WINDOWS\System32\browselc.dll C:\WINDOWS\system32\appHelp.dll C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\System32\msctfime.ime C:\WINDOWS\System32\pintlgnt.ime C:\WINDOWS\System32\Secur32.dll C:\WINDOWS\system32\WININET.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\System32\cscui.dll C:\WINDOWS\System32\CSCDLL.dll C:\WINDOWS\System32\SETUPAPI.dll C:\WINDOWS\System32\KakaTool.dll C:\WINDOWS\System32\WINMM.dll C:\WINDOWS\System32\MFC42.DLL C:\WINDOWS\system32\comdlg32.dll C:\WINDOWS\System32\OLEPRO32.DLL C:\WINDOWS\system32\urlmon.dll C:\WINDOWS\system32\imagehlp.dll C:\WINDOWS\System32\MFC42LOC.DLL C:\WINDOWS\System32\mshtml.dll C:\Program Files\Common Files\System\ado\msado15.dll C:\WINDOWS\System32\MSDART.DLL C:\Program Files\Common Files\System\Ole DB\oledb32.dll C:\Program Files\Common Files\System\Ole DB\OLEDB32R.DLL C:\WINDOWS\System32\msjetoledb40.dll C:\WINDOWS\System32\msjet40.dll C:\WINDOWS\System32\mswstr10.dll C:\WINDOWS\System32\msjter40.dll C:\WINDOWS\System32\MSJINT40.DLL C:\WINDOWS\system32\comsvcs.dll C:\WINDOWS\system32\colbact.DLL C:\WINDOWS\system32\MTXCLU.DLL C:\WINDOWS\system32\WSOCK32.dll C:\WINDOWS\system32\WS2_32.dll C:\WINDOWS\system32\WS2HELP.dll C:\WINDOWS\system32\NETAPI32.dll C:\WINDOWS\System32\CLUSAPI.DLL C:\WINDOWS\System32\RESUTILS.DLL C:\WINDOWS\system32\USERENV.dll C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll C:\WINDOWS\System32\MSVCR71.dll D:\QQ2005\程序\QQIEHelper.dll C:\WINDOWS\System32\OLEACC.dll C:\WINDOWS\System32\MSVCP60.dll D:\FLASHG~1.71\FLASHGET\jccatch.dll C:\WINDOWS\System32\msjtes40.dll C:\WINDOWS\System32\VBAJET32.DLL C:\WINDOWS\System32\expsrv.dll C:\Program Files\Common Files\System\ado\msadrh15.dll C:\WINDOWS\System32\SXS.DLL C:\WINDOWS\System32\shdoclc.dll C:\WINDOWS\System32\mlang.dll C:\WINDOWS\system32\mswsock.dll C:\WINDOWS\System32\wshtcpip.dll C:\WINDOWS\System32\RASAPI32.DLL C:\WINDOWS\System32\rasman.dll C:\WINDOWS\System32\TAPI32.dll C:\WINDOWS\System32\rtutils.dll C:\WINDOWS\System32\sensapi.dll C:\WINDOWS\System32\DNSAPI.dll C:\WINDOWS\System32\winrnr.dll C:\WINDOWS\system32\WLDAP32.dll C:\WINDOWS\System32\rasadhlp.dll C:\WINDOWS\System32\Msimtf.dll D:\Rising\Rising\Rav\RavScrCh.dll C:\WINDOWS\System32\vbscript.dll C:\WINDOWS\System32\jscript.dll C:\WINDOWS\System32\wdmaud.drv C:\WINDOWS\System32\msacm32.drv C:\WINDOWS\System32\MSACM32.dll C:\WINDOWS\System32\midimap.dll C:\WINDOWS\ime\mscandui.dll C:\WINDOWS\System32\MSLS31.DLL C:\WINDOWS\System32\mshtmled.dll C:\WINDOWS\System32\imgutil.dll C:\WINDOWS\System32\actxprxy.dll C:\WINDOWS\system32\MPR.dll C:\WINDOWS\System32\drprov.dll C:\WINDOWS\System32\ntlanman.dll C:\WINDOWS\System32\NETUI0.dll C:\WINDOWS\System32\NETUI1.dll C:\WINDOWS\System32\NETRAP.dll C:\WINDOWS\System32\SAMLIB.dll C:\WINDOWS\System32\davclnt.dll C:\WINDOWS\System32\MSGINA.dll C:\WINDOWS\System32\WINSTA.dll C:\WINDOWS\System32\ODBC32.dll C:\WINDOWS\System32\odbcint.dll C:\WINDOWS\System32\ddrawex.dll C:\WINDOWS\System32\DDRAW.dll C:\WINDOWS\System32\DCIMAN32.dll C:\WINDOWS\System32\ATL.DLL C:\WINDOWS\System32\ntshrui.dll C:\WINDOWS\System32\wintrust.dll C:\WINDOWS\System32\schannel.dll C:\WINDOWS\System32\rsaenh.dll C:\WINDOWS\System32\dssenh.dll C:\WINDOWS\System32\Macromed\Flash\Flash8.ocx C:\WINDOWS\System32\Macromed\Common\SwSupport.dll C:\WINDOWS\System32\plugin.ocx C:\WINDOWS\System32\mydocs.dll ===================================================== PROCESS NAME: QQ.exe ----------------------------------------------------- Process ID = 3960 Thread count= 12 Parent process ID = 1620 Priority Class = 32 Modules: ------------------------------------ D:\QQ2005\程序\QQ.exe C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\kernel32.dll D:\QQ2005\程序\QQBaseClassInDll.dll D:\QQ2005\程序\QQHelperDll.dll D:\QQ2005\程序\BasicCtrlDll.dll C:\WINDOWS\System32\AVICAP32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\System32\WINMM.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\System32\MSVFW32.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\COMCTL32.dll D:\QQ2005\程序\MFC42.DLL C:\WINDOWS\system32\ole32.dll C:\WINDOWS\System32\WSOCK32.dll C:\WINDOWS\System32\WS2_32.dll C:\WINDOWS\System32\WS2HELP.dll C:\WINDOWS\System32\OLEPRO32.DLL C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\System32\MSIMG32.dll C:\WINDOWS\system32\WININET.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\System32\NETAPI32.dll C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\System32\USP10.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1740_x-ww_7cb8ab44\comctl32.dll C:\WINDOWS\System32\MFC42LOC.DLL C:\WINDOWS\System32\UxTheme.dll C:\WINDOWS\System32\MSCTF.dll D:\QQ2005\程序\RICHED32.DLL D:\QQ2005\程序\RICHED20.dll C:\WINDOWS\System32\msctfime.ime C:\WINDOWS\System32\pintlgnt.ime C:\WINDOWS\System32\Secur32.dll D:\QQ2005\程序\QQAPI.dll C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\System32\COMRes.dll D:\QQ2005\程序\TIMProxy.dll C:\WINDOWS\System32\SXS.DLL D:\QQ2005\程序\LoginCtrl.dll D:\QQ2005\程序\npkcntc.dll C:\WINDOWS\system32\comdlg32.dll C:\WINDOWS\System32\WINSPOOL.DRV D:\QQ2005\程序\npkpdb.dll C:\WINDOWS\System32\SETUPAPI.dll C:\WINDOWS\System32\Cabinet.dll D:\QQ2005\程序\QQRes.dll D:\QQ2005\程序\QQMainFrame.dll C:\WINDOWS\system32\urlmon.dll D:\QQ2005\程序\CQQApplication.dll C:\WINDOWS\System32\asycfilt.dll D:\QQ2005\程序\NewSkin.dll C:\WINDOWS\System32\MSVCP60.dll D:\QQ2005\程序\HostingMgr.dll D:\QQ2005\程序\MailSummary.dll C:\WINDOWS\system32\mswsock.dll C:\WINDOWS\System32\wshtcpip.dll C:\WINDOWS\System32\DNSAPI.dll C:\WINDOWS\System32\winrnr.dll C:\WINDOWS\system32\WLDAP32.dll C:\WINDOWS\System32\rasadhlp.dll C:\WINDOWS\System32\wdmaud.drv C:\WINDOWS\System32\msacm32.drv C:\WINDOWS\System32\MSACM32.dll C:\WINDOWS\System32\midimap.dll D:\QQ2005\程序\QQAddr.dll C:\WINDOWS\System32\msadp32.acm D:\QQ2005\程序\QQGroupMng.dll D:\QQ2005\程序\QQSpace.dll D:\QQ2005\程序\vbscript.dll C:\WINDOWS\System32\devenum.dll C:\WINDOWS\System32\msdmo.dll D:\QQ2005\程序\UserDefinedHead.dll D:\QQ2005\程序\QQPlugin.dll D:\QQ2005\程序\QQAllInOne.dll D:\QQ2005\程序\CameraDll.dll D:\QQ2005\程序\SCCore.dll D:\QQ2005\程序\QQCustomFace.dll D:\QQ2005\程序\QQPet.dll C:\WINDOWS\System32\iphlpapi.dll C:\WINDOWS\System32\MPRAPI.dll C:\WINDOWS\System32\ACTIVEDS.dll C:\WINDOWS\System32\adsldpc.dll C:\WINDOWS\System32\ATL.DLL C:\WINDOWS\System32\rtutils.dll C:\WINDOWS\System32\SAMLIB.dll D:\QQ2005\程序\QQSysMsgMng.dll D:\QQ2005\程序\QQConfigPlugin.dll C:\WINDOWS\System32\DINPUT.dll D:\QQ2005\程序\QRingMng.dll D:\QQ2005\程序\PhoneAPI.dll D:\QQ2005\程序\DialerAllinOne.dll C:\WINDOWS\System32\HID.DLL C:\WINDOWS\System32\CFGMGR32.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.10.0_x-ww_712befd8\gdiplus.dll D:\QQ2005\程序\FlashAvatarDll.dll C:\WINDOWS\System32\Macromed\Flash\Flash8.ocx C:\WINDOWS\System32\mlang.dll D:\QQ2005\程序\QQMagicFace.dll D:\QQ2005\程序\QQAvatar.dll D:\QQ2005\程序\CommercesMng.dll D:\QQ2005\程序\QQSceneMng.dll D:\QQ2005\程序\LongConnection.dll C:\WINDOWS\System32\rasapi32.dll C:\WINDOWS\System32\rasman.dll C:\WINDOWS\System32\TAPI32.dll D:\QQ2005\程序\GroupConnection.dll D:\QQ2005\程序\BQQApplication.dll C:\WINDOWS\System32\shdocvw.dll C:\WINDOWS\system32\appHelp.dll C:\WINDOWS\system32\RavExt.dll D:\QQ2005\程序\PersonalDesktop.dll C:\WINDOWS\System32\sensapi.dll C:\WINDOWS\system32\USERENV.dll D:\QQ2005\程序\QQPhoneHelper.dll D:\QQ2005\程序\QQZip.dll D:\QQ2005\程序\ImageOle.dll ===================================================== PROCESS NAME: TIMPlatform.exe ----------------------------------------------------- Process ID = 3824 Thread count= 2 Parent process ID = 716 Priority Class = 32 Modules: ------------------------------------ D:\QQ2005\程序\TIMPlatform.exe C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\MSVCRT.DLL C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\System32\USP10.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\System32\MSCTF.dll C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\system32\VERSION.dll D:\QQ2005\程序\TIMProxy.dll C:\WINDOWS\System32\SXS.DLL 续下
蜣螂初生襁褓狮帖子:26 注册: 2004-11-16 来自:

初生襁褓狮

帖子:26
注册: 2004-11-16
来自:

发表于： 2006-05-30 14:48 | 只看楼主 短消息资料

字号：小中大 5楼

引用:

【mopery的贴子】http://forum.ikaka.com/topic.asp?board=28&artid=6979213
一楼附件...下载HijackThis...把日志帖上来..
...........................

好的，谢谢指点！

初生襁褓狮

帖子:26
注册: 2004-11-16
来自:

发表于： 2006-05-30 14:50 | 只看楼主 短消息资料

字号：小中大 6楼

引用:

【mopery的贴子】http://forum.ikaka.com/topic.asp?board=28&artid=6979213
一楼附件...下载HijackThis...把日志帖上来..
...........................

好的，谢谢指点，马上

黑灯黑火飘泊而立狮帖子:734 注册: 2006-03-24 来自:	发表于： 2006-05-30 14:54 \| 短消息资料字号：小中大 7楼先说明一下，你的电脑到底有什么问题~~ 再，用楼上给的工具扫个日志上来~ 另，你帖的这个日志好像有点太祥细了（~~~~）等确定你哪个进程被插入时，再帖上它可能还有点用~~~~~
黑灯黑火飘泊而立狮帖子:734 注册: 2006-03-24 来自:

蜣螂初生襁褓狮帖子:26 注册: 2004-11-16 来自:	发表于： 2006-05-30 15:04 \| 只看楼主短消息资料字号：小中大 8楼 HijackThis_zww汉化版扫描日志 V1.99.1 保存于 15:00:03, 日期 2006-5-30 操作系统： Windows XP SP1 (WinNT 5.01.2600) 浏览器： Internet Explorer v6.00 SP1 (6.00.2800.1106) 当前运行的进程： C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe D:\Rising\Rising\Rav\CCenter.exe C:\WINDOWS\System32\svchost.exe D:\Rising\Rising\Rav\Ravmond.exe d:\rising\rising\rfw\rfwsrv.exe C:\WINDOWS\system32\spoolsv.exe D:\Rising\Rising\Rav\RavStub.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\svchost.exe d:\rising\rising\rfw\RfwMain.exe C:\WINDOWS\Mixer.exe D:\Rising\Rising\Rav\RavTask.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe D:\Rising\Rising\Rav\Ravmon.exe C:\WINDOWS\System32\ctfmon.exe D:\广州创意电脑开发中心\ishare_user.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE D:\QQ2005\程序\QQ.exe D:\QQ2005\程序\TIMPlatform.exe C:\WINDOWS\system32\notepad.exe D:\Rising\其他检测程序\HijackThis\HijackThis1991zww.exe R3 - URLSearchHook: SrchHook Class - {EED92A43-CFCE-4548-BD73-B0A405470ED5} - C:\PROGRA~1\CNNIC\Cdn\iesrch.dll O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}? - (no file) O2 - BHO: (no name) - {33BBE430-0E42-4f12-B075-8D21ACB10DCB}? - (no file) O2 - BHO: (no name) - {54EBD53A-9BC1-480B-966A-843A333CA162}? - (no file) O2 - BHO: (no name) - {62EED7C6-9F02-42f9-B634-98E2899E147B}? - (no file) O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\FLASHG~1.71\FLASHGET\jccatch.dll O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B}? - (no file) O3 - IE工具栏增项: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - IE工具栏增项: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3}? - (no file) O3 - IE工具栏增项: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\System32\KakaTool.dll O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - 启动项HKLM\\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - 启动项HKLM\\Run: [C-Media Mixer] Mixer.exe /startup O4 - 启动项HKLM\\Run: [Update] rem C:\Program Files\Common Files\UPDATE\Update.exe O4 - 启动项HKLM\\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - 启动项HKLM\\Run: [RfwMain] "D:\Rising\Rising\Rfw\rfwmain.exe" -Startup O4 - 启动项HKLM\\Run: [RavTask] "D:\Rising\Rising\Rav\RavTask.exe" -system O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - 启动项HKLM\\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - Startup: Internet Explorer.lnk = ? O4 - Startup: Dr.COM登录.lnk = ? O4 - Startup: 腾讯QQ.lnk = ? O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - D:\QQ2005\程序\AddToNetDisk.htm O8 - IE右键菜单中的新增项目: 使用网际快车下载 - D:\FLASHG~1.71\FLASHGET\jc_link.htm O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - D:\FLASHG~1.71\FLASHGET\jc_all.htm O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - D:\QQ2005\程序\AddPanel.htm O8 - IE右键菜单中的新增项目: 添加到QQ表情 - D:\QQ2005\程序\AddEmotion.htm O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - D:\QQ2005\程序\SendMMS.htm O9 - 浏览器额外的按钮: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - 浏览器额外的“工具”菜单项: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b}? - D:\QQ2005\程序\QQ.EXE O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b}? - D:\QQ2005\程序\QQ.EXE O9 - 浏览器额外的按钮: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\FLASHG~1.71\FLASHGET\flashget.exe O9 - 浏览器额外的“工具”菜单项: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\FLASHG~1.71\FLASHGET\flashget.exe O9 - 浏览器额外的按钮: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6}? - D:\QQ2005\程序\QQIEHelper.dll O9 - 浏览器额外的“工具”菜单项: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6}? - D:\QQ2005\程序\QQIEHelper.dll O15 - “受信任的站点”中添加项: http://www.icbc.com.cn O16 - DPF: {165D83D3-359C-4783-9BF0-6FA6DC42A3F1} (XDownload Class) - http://read.duxiu.com/duxiuread/exe/ssdownload.cab O16 - DPF: {5A811794-B49C-4812-B0FA-56553DA67024} (VrsOVR Control) - http://insect.snu.ac.kr/insect/cab/VRSObject4SeoulUniv.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1133491799632 O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://download.games.yahoo.com/games/popcap/zuma/popcaploader_v6.cab O18 - 列举现有的协议: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - NT 服务: Rising Proxy Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - d:\rising\rising\rfw\rfwproxy.exe O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - d:\rising\rising\rfw\rfwsrv.exe O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - D:\Rising\Rising\Rav\CCenter.exe O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\Rising\Rising\Rav\Ravmond.exe O23 - NT 服务: Universal Disk Manager - Unknown owner - C:\Program Files\Common Files\SANDF\diskman.exe (file missing) 谢谢谢谢！
蜣螂初生襁褓狮帖子:26 注册: 2004-11-16 来自:

黑灯黑火飘泊而立狮帖子:734 注册: 2006-03-24 来自:	发表于： 2006-05-30 16:51 \| 短消息资料字号：小中大 9楼 02项的(no file) O4 - 启动项HKLM\\Run: [Update] rem C:\Program Files\Common Files\UPDATE\Update.exe O23 - NT 服务: Universal Disk Manager - Unknown owner - C:\Program Files\Common Files\SANDF\diskman.exe (file missing) 修复上面的这些项删除 C:\Program Files\Common Files\UPDATE\Update.exe C:\Program Files\Common Files\UPDATE C:\Program Files\Common Files\SANDF\diskman.exe C:\Program Files\Common Files\SANDF
黑灯黑火飘泊而立狮帖子:734 注册: 2006-03-24 来自:

<<上一主题|下一主题>>

1 / 1 页

跳转页

蜣螂初生襁褓狮帖子:26 注册: 2004-11-16 来自:	发表于： 2006-05-30 14:45 \| 只看楼主短消息资料字号：小中大 1楼各位大侠帮看下这个日志有没有什么问题！谢谢了！ System Information Collect Tool - Designed By Smallfrogs 20060530-14:31 Windows XP Service Pack 1 Internet Explorer: 6.0.2800.1106 *************************************************************** Runing Processes information *************************************************************** ===================================================== PROCESS NAME: [System Process] ----------------------------------------------------- Process ID = 0 Thread count= 1 Parent process ID = 0 Modules: ------------------------------------ D:\Rising\其他检测程序\System Information Collect Tool(1.20)\SysInfoCollect.EXE C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\System32\MFC42.DLL C:\WINDOWS\system32\MSVCRT.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\System32\USP10.dll C:\WINDOWS\System32\MFC42LOC.DLL C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1740_x-ww_7cb8ab44\comctl32.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\System32\MSCTF.dll C:\WINDOWS\System32\msctfime.ime C:\WINDOWS\System32\ole32.dll C:\WINDOWS\System32\pintlgnt.ime C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\System32\Secur32.dll ===================================================== PROCESS NAME: System ----------------------------------------------------- Process ID = 4 Thread count= 47 Parent process ID = 0 Modules: ------------------------------------ ===================================================== PROCESS NAME: SMSS.EXE ----------------------------------------------------- Process ID = 424 Thread count= 3 Parent process ID = 4 Modules: ------------------------------------ ===================================================== PROCESS NAME: CSRSS.EXE ----------------------------------------------------- Process ID = 480 Thread count= 10 Parent process ID = 424 Modules: ------------------------------------ ===================================================== PROCESS NAME: WINLOGON.EXE ----------------------------------------------------- Process ID = 504 Thread count= 19 Parent process ID = 424 Modules: ------------------------------------ ===================================================== PROCESS NAME: SERVICES.EXE ----------------------------------------------------- Process ID = 548 Thread count= 18 Parent process ID = 504 Modules: ------------------------------------ ===================================================== PROCESS NAME: LSASS.EXE ----------------------------------------------------- Process ID = 560 Thread count= 20 Parent process ID = 504 Modules: ------------------------------------ ===================================================== PROCESS NAME: SVCHOST.EXE ----------------------------------------------------- Process ID = 716 Thread count= 9 Parent process ID = 548 Modules: ------------------------------------ ===================================================== PROCESS NAME: CCenter.exe ----------------------------------------------------- Process ID = 768 Thread count= 3 Parent process ID = 548 Modules: ------------------------------------ ===================================================== PROCESS NAME: SVCHOST.EXE ----------------------------------------------------- Process ID = 784 Thread count= 58 Parent process ID = 548 Modules: ------------------------------------ ===================================================== PROCESS NAME: SVCHOST.EXE ----------------------------------------------------- Process ID = 864 Thread count= 6 Parent process ID = 548 Modules: ------------------------------------ ===================================================== PROCESS NAME: SVCHOST.EXE ----------------------------------------------------- Process ID = 964 Thread count= 15 Parent process ID = 548 Modules: ------------------------------------ ===================================================== PROCESS NAME: RavMonD.exe ----------------------------------------------------- Process ID = 1016 Thread count= 23 Parent process ID = 548 Modules: ------------------------------------ ===================================================== PROCESS NAME: rfwsrv.exe ----------------------------------------------------- Process ID = 1100 Thread count= 16 Parent process ID = 548 Modules: ------------------------------------ ===================================================== PROCESS NAME: SPOOLSV.EXE ----------------------------------------------------- Process ID = 1224 Thread count= 10 Parent process ID = 548 Modules: ------------------------------------ ===================================================== PROCESS NAME: RavStub.exe ----------------------------------------------------- Process ID = 1320 Thread count= 2 Parent process ID = 1016 Modules: ------------------------------------ ===================================================== PROCESS NAME: EXPLORER.EXE ----------------------------------------------------- Process ID = 1620 Thread count= 15 Parent process ID = 1524 Priority Class = 32 Modules: ------------------------------------ C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\System32\BROWSEUI.dll C:\WINDOWS\System32\SHDOCVW.dll C:\WINDOWS\System32\UxTheme.dll C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\System32\USP10.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1740_x-ww_7cb8ab44\comctl32.dll C:\WINDOWS\system32\comctl32.dll C:\WINDOWS\System32\msctfime.ime C:\WINDOWS\System32\pintlgnt.ime C:\WINDOWS\System32\Secur32.dll C:\WINDOWS\system32\appHelp.dll C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\System32\cscui.dll C:\WINDOWS\System32\CSCDLL.dll C:\WINDOWS\System32\themeui.dll C:\WINDOWS\System32\MSIMG32.dll C:\WINDOWS\System32\netapi32.dll C:\WINDOWS\system32\RavExt.dll C:\WINDOWS\system32\urlmon.dll C:\WINDOWS\System32\msctf.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\System32\LINKINFO.dll C:\WINDOWS\System32\ntshrui.dll C:\WINDOWS\System32\ATL.DLL C:\WINDOWS\System32\WINSTA.dll C:\WINDOWS\System32\webcheck.dll C:\WINDOWS\System32\SETUPAPI.dll C:\WINDOWS\System32\stobject.dll C:\WINDOWS\System32\BatMeter.dll C:\WINDOWS\System32\POWRPROF.dll C:\WINDOWS\System32\WTSAPI32.dll C:\WINDOWS\system32\NETSHELL.dll C:\WINDOWS\system32\credui.dll C:\WINDOWS\system32\WS2_32.dll C:\WINDOWS\system32\WS2HELP.dll C:\WINDOWS\system32\iphlpapi.dll C:\WINDOWS\System32\WINTRUST.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\system32\IMAGEHLP.dll C:\WINDOWS\System32\rsaenh.dll C:\WINDOWS\System32\msi.dll C:\WINDOWS\System32\SXS.DLL C:\WINDOWS\System32\printui.dll C:\WINDOWS\System32\WINSPOOL.DRV C:\WINDOWS\System32\ACTIVEDS.dll C:\WINDOWS\System32\adsldpc.dll C:\WINDOWS\system32\WLDAP32.dll C:\WINDOWS\System32\CFGMGR32.dll C:\WINDOWS\system32\MPR.dll C:\WINDOWS\System32\WINMM.dll C:\WINDOWS\System32\shdoclc.dll C:\WINDOWS\system32\WININET.dll C:\WINDOWS\System32\drprov.dll C:\WINDOWS\System32\ntlanman.dll C:\WINDOWS\System32\NETUI0.dll C:\WINDOWS\System32\NETUI1.dll C:\WINDOWS\System32\NETRAP.dll C:\WINDOWS\System32\SAMLIB.dll C:\WINDOWS\System32\davclnt.dll C:\WINDOWS\System32\browselc.dll D:\FLASHG~1.71\FLASHGET\jccatch.dll C:\WINDOWS\System32\MSGINA.dll C:\WINDOWS\System32\ODBC32.dll C:\WINDOWS\system32\comdlg32.dll C:\WINDOWS\System32\odbcint.dll C:\WINDOWS\System32\DUSER.dll C:\WINDOWS\System32\wdmaud.drv C:\WINDOWS\System32\msacm32.drv C:\WINDOWS\System32\MSACM32.dll C:\WINDOWS\System32\midimap.dll C:\WINDOWS\System32\shmedia.dll C:\WINDOWS\System32\MSVFW32.dll C:\WINDOWS\System32\AVIFIL32.dll C:\WINDOWS\System32\l3codeca.acm C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll C:\WINDOWS\System32\WMVCore.DLL C:\WINDOWS\System32\WMASF.DLL C:\WINDOWS\System32\actxprxy.dll C:\WINDOWS\System32\NTMARTA.DLL C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll C:\WINDOWS\System32\MSVCR71.dll C:\Program Files\WinRAR\rarext.dll D:\epp210c\eppshell.dll C:\WINDOWS\System32\mydocs.dll ===================================================== PROCESS NAME: SVCHOST.EXE ----------------------------------------------------- Process ID = 1708 Thread count= 7 Parent process ID = 548 Modules: ------------------------------------ ===================================================== PROCESS NAME: RfwMain.exe ----------------------------------------------------- Process ID = 1900 Thread count= 4 Parent process ID = 1100 Priority Class = 32 Modules: ------------------------------------ d:\rising\rising\rfw\RfwMain.exe C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\System32\MFC42.DLL C:\WINDOWS\system32\MSVCRT.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\COMCTL32.dll C:\WINDOWS\System32\MSVCP60.dll d:\rising\rising\rfw\RsGuiLib.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\System32\WINMM.dll C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\System32\USP10.dll C:\WINDOWS\System32\MFC42LOC.DLL C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1740_x-ww_7cb8ab44\comctl32.dll C:\WINDOWS\system32\USERENV.dll d:\rising\rising\rfw\RSCOMMON.DLL d:\rising\rising\rfw\PngDll.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\System32\msctfime.ime C:\WINDOWS\System32\ole32.dll C:\WINDOWS\System32\pintlgnt.ime C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\System32\Secur32.dll C:\WINDOWS\system32\perfproc.dll C:\WINDOWS\System32\MSCTF.dll 续下 2006-05-30 16:51:38.357000000
蜣螂初生襁褓狮帖子:26 注册: 2004-11-16 来自:	分享到：

瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 各位大侠帮看下这个日志有没有什么问题！谢谢了！

各位大侠帮看下这个日志有没有什么问题！谢谢了！

各位大侠帮看下这个日志有没有什么问题！谢谢了！

瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛各位大侠帮看下这个日志有没有什么问题！谢谢了！