12   1  /  2  页   跳转

Backdoor.Gpigeon.uvc 屡删不掉!!

收藏
龙卧
头像
健康舞勺狮
  • 帖子:227
  • 注册: 2004-07-30
  • 来自:
发表于: 2006-08-09 10:05 | 显示全部 短消息 资料
字号: 1楼

Backdoor.Gpigeon.uvc 屡删不掉!!

Logfile of Kaka v2. 0. 0. 9 Scan Module v2. 0. 0. 1
Scan saved at 09:53:38, on 2006-08-09
Platform: Microsoft Windows XP Professional Service Pack 2 (Build 2600)
MSIE: Internet Explorer v6.00 SP2; (6.00.2900.2180 (xpsp_sp2_rtm.040803-2158))


Running processes:
[SMSS.EXE]
CommandLine =

[CSRSS.EXE]
CommandLine = C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

[WINLOGON.EXE]
CommandLine = winlogon.exe

[SERVICES.EXE]
CommandLine = C:\WINDOWS\system32\services.exe

[LSASS.EXE]
CommandLine = C:\WINDOWS\system32\lsass.exe

[SVCHOST.EXE]
CommandLine = C:\WINDOWS\system32\svchost -k DcomLaunch

[SVCHOST.EXE]
CommandLine = C:\WINDOWS\system32\svchost -k rpcss

[CCenter.exe]
CommandLine = "C:\Program Files\rising\Rav\CCenter.exe"

[SVCHOST.EXE]
CommandLine = C:\WINDOWS\System32\svchost.exe -k netsvcs

[SVCHOST.EXE]
CommandLine = C:\WINDOWS\System32\svchost.exe -k NetworkService

[SVCHOST.EXE]
CommandLine = C:\WINDOWS\System32\svchost.exe -k LocalService

[RavMonD.exe]
CommandLine = "C:\Program Files\rising\Rav\Ravmond.exe"

[RFWSRV.EXE]
CommandLine = "c:\program files\rising\rfw\rfwsrv.exe"

[EXPLORER.EXE]
CommandLine = C:\WINDOWS\Explorer.EXE

[RavStub.exe]
CommandLine = "C:\Program Files\rising\Rav\RavStub.exe" /RAVMOND

[spoolsv.exe]
CommandLine = C:\WINDOWS\system32\spoolsv.exe

[CnxDslTb.exe]
CommandLine = "C:\Program Files\OEM\AccessRunner ADSL\CnxDslTb.exe"

[RavTask.exe]
CommandLine = "C:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE" -SYSTEM

[RfwMain.exe]
CommandLine = "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup

[ctfmon.exe]
CommandLine = "C:\WINDOWS\system32\ctfmon.exe"

[RavMon.exe]
CommandLine = "C:\Program Files\rising\Rav\Ravmon.exe" -SYSTEM

[IEXPLORE.EXE]
CommandLine = "C:\Program Files\Internet Explorer\IEXPLORE.EXE"

[IEXPLORE.EXE]
CommandLine = "C:\Program Files\Internet Explorer\IEXPLORE.EXE"

[skeys.exe]
CommandLine = C:\WINDOWS\system32\skeys.exe

[slserv.exe]
CommandLine = slserv.exe

[SVCHOST.EXE]
CommandLine = C:\WINDOWS\System32\svchost.exe -k imgsvc

[wdfmgr.exe]
CommandLine = C:\WINDOWS\System32\wdfmgr.exe

[alg.exe]
CommandLine = C:\WINDOWS\System32\alg.exe

[wuauclt.exe]
CommandLine = "C:\WINDOWS\system32\wuauclt.exe" /RunStoreAsComServer Local\[3dc]SUSDS24e81ca3a9a4b74fa812d617eecd2756

[IEXPLORE.EXE]
CommandLine = "C:\Program Files\Internet Explorer\iexplore.exe"

[wuauclt.exe]
CommandLine = "C:\WINDOWS\system32\wuauclt.exe"

[KkScan.exe]
CommandLine = "D:\Program Files\kaka\KkScan.exe"

R3 - Default URLSearchHook is missing
O1 - Hosts: 222.73.250.189 patch.ali213.net
O1 - Hosts: 203.95.1.201 www.cmplayer.com
O1 - Hosts: 221.231.129.30 ac.sdo.com
O1 - Hosts: 59.49.17.158 www.sxkszx.cn
O1 - Hosts: 211.154.222.56 bbs.cctv.com
O1 - Hosts: 61.152.117.72 sso.myrice.com
O1 - Hosts: 221.1.204.250 wstatic.xunlei.com
O1 - Hosts: 222.168.8.195 bbs.ccit365.com
O1 - Hosts: 60.195.252.238 game.tkgame.com
O1 - Hosts: 218.244.47.22 www.coc.cc
O1 - Hosts: 64.111.103.171 www.worldfax.net
O1 - Hosts: 205.196.214.24 www.download.com.ph
O1 - Hosts: 64.202.163.2 pop.dl530.com
O1 - Hosts: 219.238.233.252 forum.ikaka.com
O1 - Hosts: 222.222.65.71 www.2ndspace.com
O1 - Hosts: 131.107.102.120 www.betaplace.com
O2 - BHO: QQBrowserHelperObject Class - {54EBD53A-9BC1-480B-966A-843A333CA162} - D:\QQ\QQIEHelper.dll
O2 - BHO: Thunder Browser Helper - {889D2FEB-5411-4565-8998-1DD2C5261283} - D:\xunlei\ComDlls\XunLeiBHO_002.dll
O2 - BHO: AlxTB BHO Class - {F1FABE79-25FC-46de-8C5A-2C6DB9D64333} - C:\WINDOWS\system32\AlxTB1.dll (file missing)
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\kakatool.dll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SiSUSBRG] rem C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [Thunderupdater] D:\新建文件夹 (2)\xunlei\Thunder\TDUpdate.exe
O4 - HKLM\..\Run: [CnxDslTaskBar] C:\Program Files\OEM\AccessRunner ADSL\CnxDslTb.exe
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - Startup: desktop.ini =
O4 - Startup: 腾讯QQ珊瑚虫版.lnk = D:\QQ\CoralQQ.exe
O4 - Global Startup: desktop.ini =
O8 - Extra context menu item: &使用迅雷下载 - D:\xunlei\Program\GetUrl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - D:\xunlei\Program\GetAllUrl.htm
O8 - Extra context menu item: Mail to a Friend... - http://client.alexa.com/holiday/script/actions/mailto.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\QQ\SendMMS.htm
O9 - Extra Button: @shdoclc.dll,-866 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: @shdoclc.dll,-864 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\System32\shdocvw.dll
O14 - IERESET.INF: START_PAGE_URL=about:blank
O16 - DPF: DirectAnimation Java Classes - file://C:\WINDOWS\Java\classes\dajava.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2FDB3626-979A-48FC-BF29-5EA73666752D}: NameServer = 202.97.132.100 202.99.192.66
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ipp - (no CLSID) - (no file)
O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\System32\inetcomm.dll
O18 - Protocol: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll
O18 - Protocol: msdaipp - (no CLSID) - (no file)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll"
O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\System32\wiascr.dll
O23 - Service: Gray_Pigeon_Server2.0 (GrayPigeonServer2.0) -  - C:\Program Files\HgzServer\WindowsUpdate\rundll32.exe
O23 - Service: GrayX (GrayX) -  - C:\WINDOWS\Grow.exe
O23 - Service: Human Interface Device Access (HidServ) -  - C:\WINDOWS\system32\svchost.exe -k netsvcs
O23 - Service: PsShutdown (PsShutdownSvc) -  - C:\WINDOWS\system32\pssdnsvc.exe
O23 - Service: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - "C:\Program Files\rising\Rav\CCenter.exe"
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - "C:\Program Files\rising\Rav\Ravmond.exe"
O23 - Service: SmartLinkService (SLService) -  - slserv.exe
最后编辑2006-08-10 22:22:03.060000000
分享到:
gototop
 
龙卧
头像
健康舞勺狮
  • 帖子:227
  • 注册: 2004-07-30
  • 来自:
发表于: 2006-08-09 10:08 | 显示全部 短消息 资料
字号: 2楼

[SMSS.EXE]
PID = 0x240
CommandLine =
smss.exe
0x48580000
C:\WINDOWS\system32\smss.exe
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows NT Session Manager
2004-08-17 07:39:24

ntdll.dll
0x7c920000
C:\WINDOWS\system32\ntdll.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
NT Layer DLL
2004-08-17 07:38:36




[CSRSS.EXE]
PID = 0x290
CommandLine = C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
csrss.exe
0x4a680000
c:\windows\system32\csrss.exe
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Client Server Runtime Process
2004-08-17 07:39:12

ntdll.dll
0x7c920000
C:\WINDOWS\system32\ntdll.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
NT Layer DLL
2004-08-17 07:38:36

CSRSRV.dll
0x75aa0000
C:\WINDOWS\system32\csrsrv.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Client Server Runtime Process
2004-08-17 07:38:44

basesrv.dll
0x75ab0000
C:\WINDOWS\system32\basesrv.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows NT BASE API Server DLL
2004-08-17 07:38:42

winsrv.dll
0x764e0000
C:\WINDOWS\system32\winsrv.dll
5.1.2600.2751 (xpsp_sp2_gdr.050831-1520)
Microsoft Corporation
Windows Server DLL
2005-09-01 09:45:34

GDI32.dll
0x77ef0000
C:\WINDOWS\system32\gdi32.dll
5.1.2600.2818 (xpsp_sp2_gdr.051228-1427)
Microsoft Corporation
GDI Client DLL
2005-12-29 10:56:04

KERNEL32.dll
0x7c800000
C:\WINDOWS\system32\kernel32.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows NT BASE API Client DLL
2004-08-17 07:38:52

USER32.dll
0x77d10000
C:\WINDOWS\system32\USER32.DLL
5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)
Microsoft Corporation
Windows XP USER API Client DLL
2005-03-03 02:10:06

LPK.DLL
0x62c20000
C:\WINDOWS\system32\lpk.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Language Pack
2004-08-17 07:38:52

USP10.dll
0x73fa0000
C:\WINDOWS\system32\usp10.dll
1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Uniscribe Unicode script processor
2004-08-17 07:39:06

msvcrt.dll
0x77be0000
C:\WINDOWS\system32\msvcrt.dll
7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows NT CRT DLL
2004-08-17 07:38:58

ADVAPI32.dll
0x77da0000
C:\WINDOWS\system32\advapi32.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Advanced Windows 32 Base API
2004-08-17 07:38:42

RPCRT4.dll
0x77e50000
C:\WINDOWS\system32\rpcrt4.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Remote Procedure Call Runtime
2004-08-17 07:39:02

sxs.dll
0x75e00000
C:\WINDOWS\system32\sxs.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Fusion 2.5
2004-08-17 07:39:06




[WINLOGON.EXE]
PID = 0x2a8
CommandLine = winlogon.exe
winlogon.exe
0x1000000
c:\windows\system32\winlogon.exe
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows NT Logon Application
2004-08-17 07:39:24

ntdll.dll
0x7c920000
C:\WINDOWS\system32\ntdll.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
NT Layer DLL
2004-08-17 07:38:36

kernel32.dll
0x7c800000
C:\WINDOWS\system32\kernel32.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows NT BASE API Client DLL
2004-08-17 07:38:52

ADVAPI32.dll
0x77da0000
C:\WINDOWS\system32\advapi32.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Advanced Windows 32 Base API
2004-08-17 07:38:42

RPCRT4.dll
0x77e50000
C:\WINDOWS\system32\rpcrt4.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Remote Procedure Call Runtime
2004-08-17 07:39:02

AUTHZ.dll
0x77fe0000
C:\WINDOWS\system32\AUTHZ.DLL
5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)
Microsoft Corporation
Authorization Framework
2005-03-03 02:10:06

msvcrt.dll
0x77be0000
C:\WINDOWS\system32\msvcrt.dll
7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows NT CRT DLL
2004-08-17 07:38:58

CRYPT32.dll
0x765e0000
C:\WINDOWS\system32\crypt32.dll
5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Crypto API32
2004-08-17 07:38:44

USER32.dll
0x77d10000
C:\WINDOWS\system32\USER32.DLL
5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)
Microsoft Corporation
Windows XP USER API Client DLL
2005-03-03 02:10:06

GDI32.dll
0x77ef0000
C:\WINDOWS\system32\gdi32.dll
5.1.2600.2818 (xpsp_sp2_gdr.051228-1427)
Microsoft Corporation
GDI Client DLL
2005-12-29 10:56:04

MSASN1.dll
0x76db0000
C:\WINDOWS\system32\msasn1.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
ASN.1 Runtime APIs
2004-08-17 07:38:54

NDdeApi.dll
0x758a0000
C:\WINDOWS\system32\nddeapi.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Network DDE Share Management APIs
2004-08-17 07:38:58

PROFMAP.dll
0x75890000
C:\WINDOWS\system32\profmap.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Userenv
2004-08-17 07:39:00

NETAPI32.dll
0x5fdd0000
C:\WINDOWS\system32\netapi32.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Net Win32 API DLL
2004-08-17 07:38:58

USERENV.dll
0x759d0000
C:\WINDOWS\system32\userenv.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Userenv
2004-08-17 07:39:06

PSAPI.DLL
0x76bc0000
C:\WINDOWS\system32\psapi.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Process Status Helper
2004-08-17 07:39:00

REGAPI.dll
0x76b90000
C:\WINDOWS\system32\regapi.dll
gototop
 
龙卧
头像
健康舞勺狮
  • 帖子:227
  • 注册: 2004-07-30
  • 来自:
发表于: 2006-08-09 10:09 | 显示全部 短消息 资料
字号: 3楼

5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Registry Configuration APIs
2004-08-17 07:39:00

Secur32.dll
0x77fc0000
C:\WINDOWS\system32\secur32.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Security Support Provider Interface
2004-08-17 07:39:04

SETUPAPI.dll
0x76060000
C:\WINDOWS\system32\setupapi.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows Setup API
2004-08-16 16:39:04

VERSION.dll
0x77bd0000
C:\WINDOWS\system32\version.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Version Checking and File Installation Libraries
2004-08-17 07:39:06

WINSTA.dll
0x762d0000
C:\WINDOWS\system32\winsta.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Winstation Library
2004-08-17 07:39:10

WINTRUST.dll
0x76c00000
C:\WINDOWS\system32\wintrust.dll
5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Microsoft Trust Verification APIs
2004-08-17 07:39:10

IMAGEHLP.dll
0x76c60000
C:\WINDOWS\system32\imagehlp.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows NT Image Helper
2004-08-17 07:38:50

WS2_32.dll
0x71a20000
C:\WINDOWS\system32\ws2_32.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows Socket 2.0 32-Bit DLL
2004-08-17 07:39:10

WS2HELP.dll
0x71a10000
C:\WINDOWS\system32\ws2help.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows Socket 2.0 Helper for Windows NT
2004-08-17 07:39:10

IMM32.DLL
0x76300000
C:\WINDOWS\system32\imm32.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows XP IMM32 API Client DLL
2004-08-17 07:38:50

LPK.DLL
0x62c20000
C:\WINDOWS\system32\lpk.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Language Pack
2004-08-17 07:38:52

USP10.dll
0x73fa0000
C:\WINDOWS\system32\usp10.dll
1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Uniscribe Unicode script processor
2004-08-17 07:39:06

MSGINA.dll
0x758d0000
C:\WINDOWS\system32\msgina.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows NT Logon GINA DLL
2004-08-17 07:38:56

SHELL32.dll
0x7d590000
C:\WINDOWS\system32\shell32.dll
6.00.2900.2869 (xpsp_sp2_gdr.060316-1512)
Microsoft Corporation
Windows Shell Common Dll
2006-03-17 12:04:42

SHLWAPI.dll
0x77f40000
C:\WINDOWS\system32\shlwapi.dll
6.00.2900.2904 (xpsp_sp2_gdr.060509-0218)
Microsoft Corporation
Shell Light-weight Utility Library
2006-05-10 13:25:08

COMCTL32.dll
0x5d170000
C:\WINDOWS\system32\comctl32.dll
5.82 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Common Controls Library
2004-08-17 07:38:44

ODBC32.dll
0x73540000
C:\WINDOWS\system32\odbc32.dll
3.525.1117.0 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Microsoft Data Access - ODBC Driver Manager
2004-08-17 07:39:00

comdlg32.dll
0x76320000
C:\WINDOWS\system32\comdlg32.dll
6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Common Dialogs DLL
2004-08-17 07:38:44

comctl32.dll
0x77180000
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
6.0 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
User Experience Controls Library
2004-08-17 07:37:22

odbcint.dll
0x20000000
C:\WINDOWS\system32\odbcint.dll
3.525.1117.0 built by: (_sqlbld)
Microsoft Corporation
Microsoft Data Access - ODBC Resources
2004-08-17 07:38:06

SHSVCS.dll
0x76e10000
C:\WINDOWS\system32\shsvcs.dll
6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows Shell Services Dll
2004-08-17 07:39:04

sfc.dll
0x76b80000
C:\WINDOWS\system32\sfc.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows File Protection
2004-08-17 07:39:04

sfc_os.dll
0x76c30000
C:\WINDOWS\system32\sfc_os.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows 文件保护
2004-08-17 07:39:04

ole32.dll
0x76990000
C:\WINDOWS\system32\ole32.dll
5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)
Microsoft Corporation
Microsoft OLE for Windows
2005-07-26 12:39:50

Apphelp.dll
0x76d70000
C:\WINDOWS\system32\apphelp.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Application Compatibility Client Library
2004-08-17 07:38:42

msctfime.ime
0x73640000
C:\WINDOWS\system32\msctfime.ime
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Microsoft Text Frame Work Service IME
2004-08-17 07:37:46

WINSCARD.DLL
0x72360000
C:\WINDOWS\system32\winscard.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Microsoft Smart Card API
2004-08-17 07:39:10

WTSAPI32.dll
0x76f20000
C:\WINDOWS\system32\wtsapi32.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows Terminal Server SDK APIs
2004-08-17 07:39:10

uxtheme.dll
0x5adc0000
C:\WINDOWS\system32\uxtheme.dll
6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Microsoft UxTheme Library
2004-08-17 07:39:06

WINMM.dll
0x76b10000
C:\WINDOWS\system32\winmm.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
MCI API DLL
2004-08-17 07:39:08

serwvdrv.dll
0x5ce30000
C:\WINDOWS\system32\serwvdrv.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Unimodem Serial Wave driver
2002-10-07 12:00:00

umdmxfrm.dll
0x5b0f0000
C:\WINDOWS\system32\umdmxfrm.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Unimodem Tranform Module
2002-10-07 12:00:00

cscdll.dll
0x76570000
C:\WINDOWS\system32\cscdll.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Offline Network Agent
2004-08-17 07:38:44

WlNotify.dll
0x758b0000
C:\WINDOWS\system32\wlnotify.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Common DLL to receive Winlogon notifications
2004-08-17 07:39:10

WINSPOOL.DRV
0x72f70000
C:\WINDOWS\system32\winspool.drv
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows Spooler Driver
2004-08-17 07:39:28

MPR.dll
0x71a90000
C:\WINDOWS\system32\mpr.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Multiple Provider Router DLL
2004-08-17 07:38:54

rsaenh.dll
0xffd0000
C:\WINDOWS\system32\rsaenh.dll
5.1.2600.2161 (xpsp.040706-1629)
Microsoft Corporation
Microsoft Enhanced Cryptographic Provider
2004-08-04 13:31:44

msv1_0.dll
0x77c40000
C:\WINDOWS\system32\msv1_0.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Microsoft Authentication Package v1.0
2004-08-17 07:38:56

iphlpapi.dll
0x76d30000
C:\WINDOWS\system32\iphlpapi.dll
5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)
Microsoft Corporation
IP Helper API
2006-05-19 21:14:08

SAMLIB.dll
0x71b70000
C:\WINDOWS\system32\samlib.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
SAM Library DLL
2004-08-17 07:39:02

sxs.dll
0x75e00000
C:\WINDOWS\system32\sxs.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Fusion 2.5
2004-08-17 07:39:06

cscui.dll
0x76590000
C:\WINDOWS\system32\cscui.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Client Side Caching UI
2004-08-17 07:38:44

xpsp2res.dll
0x15b0000
C:\WINDOWS\system32\xpsp2res.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Service Pack 2 Messages
2004-08-17 07:38:22
gototop
 
龙卧
头像
健康舞勺狮
  • 帖子:227
  • 注册: 2004-07-30
  • 来自:
发表于: 2006-08-09 10:10 | 显示全部 短消息 资料
字号: 4楼

MSACM32.dll
0x77bb0000
C:\WINDOWS\system32\msacm32.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Microsoft ACM Audio Filter
2004-08-17 07:38:54

midimap.dll
0x77ba0000
C:\WINDOWS\system32\midimap.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Microsoft MIDI Mapper
2004-08-17 07:38:54

COMRes.dll
0x77020000
C:\WINDOWS\system32\comres.dll
2001.12.4414.258
Microsoft Corporation

2004-08-17 07:38:44

OLEAUT32.dll
0x770f0000
C:\WINDOWS\system32\oleaut32.dll
5.1.2600.2180
Microsoft Corporation

2004-08-17 07:39:00

CLBCATQ.DLL
0x76fa0000
C:\WINDOWS\system32\clbcatq.dll
2001.12.4414.308
Microsoft Corporation

2005-07-26 12:39:46




[SERVICES.EXE]
PID = 0x2d4
CommandLine = C:\WINDOWS\system32\services.exe
services.exe
0x1000000
C:\WINDOWS\system32\services.exe
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Services and Controller app
2004-08-17 07:39:24

ntdll.dll
0x7c920000
C:\WINDOWS\system32\ntdll.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
NT Layer DLL
2004-08-17 07:38:36

kernel32.dll
0x7c800000
C:\WINDOWS\system32\kernel32.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows NT BASE API Client DLL
2004-08-17 07:38:52

msvcrt.dll
0x77be0000
C:\WINDOWS\system32\msvcrt.dll
7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows NT CRT DLL
2004-08-17 07:38:58

ADVAPI32.dll
0x77da0000
C:\WINDOWS\system32\advapi32.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Advanced Windows 32 Base API
2004-08-17 07:38:42

RPCRT4.dll
0x77e50000
C:\WINDOWS\system32\rpcrt4.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Remote Procedure Call Runtime
2004-08-17 07:39:02

USER32.dll
0x77d10000
C:\WINDOWS\system32\USER32.DLL
5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)
Microsoft Corporation
Windows XP USER API Client DLL
2005-03-03 02:10:06

GDI32.dll
0x77ef0000
C:\WINDOWS\system32\gdi32.dll
5.1.2600.2818 (xpsp_sp2_gdr.051228-1427)
Microsoft Corporation
GDI Client DLL
2005-12-29 10:56:04

USERENV.dll
0x759d0000
C:\WINDOWS\system32\userenv.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Userenv
2004-08-17 07:39:06

SCESRV.dll
0x75840000
C:\WINDOWS\system32\scesrv.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows Security Configuration Editor Engine
2004-08-17 07:39:02

AUTHZ.dll
0x77fe0000
C:\WINDOWS\system32\AUTHZ.DLL
5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)
Microsoft Corporation
Authorization Framework
2005-03-03 02:10:06

umpnpmgr.dll
0x7e1e0000
C:\WINDOWS\system32\umpnpmgr.dll
5.1.2600.2744 (xpsp_sp2_gdr.050822-1647)
Microsoft Corporation
User-mode Plug-and-Play Service
2005-08-23 11:39:56

WINSTA.dll
0x762d0000
C:\WINDOWS\system32\winsta.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Winstation Library
2004-08-17 07:39:10

NETAPI32.dll
0x5fdd0000
C:\WINDOWS\system32\netapi32.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Net Win32 API DLL
2004-08-17 07:38:58

NCObjAPI.DLL
0x5f9a0000
C:\WINDOWS\system32\ncobjapi.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation

2004-08-17 07:38:58

MSVCP60.dll
0x75ff0000
C:\WINDOWS\system32\msvcp60.dll
6.02.3104.0
Microsoft Corporation
Microsoft (R) C++ Runtime Library
2004-08-17 07:38:56

ShimEng.dll
0x5cc30000
C:\WINDOWS\system32\shimeng.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Shim Engine DLL
2004-08-17 07:39:04

AcGenral.DLL
0x58fb0000
C:\WINDOWS\AppPatch\AcGenral.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows Compatibility DLL
2004-08-17 07:38:42

WINMM.dll
0x76b10000
C:\WINDOWS\system32\winmm.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
MCI API DLL
2004-08-17 07:39:08

ole32.dll
0x76990000
C:\WINDOWS\system32\ole32.dll
5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)
Microsoft Corporation
Microsoft OLE for Windows
2005-07-26 12:39:50

OLEAUT32.dll
0x770f0000
C:\WINDOWS\system32\oleaut32.dll
5.1.2600.2180
Microsoft Corporation

2004-08-17 07:39:00

MSACM32.dll
0x77bb0000
C:\WINDOWS\system32\msacm32.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Microsoft ACM Audio Filter
2004-08-17 07:38:54

VERSION.dll
0x77bd0000
C:\WINDOWS\system32\version.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Version Checking and File Installation Libraries
2004-08-17 07:39:06

SHELL32.dll
0x7d590000
C:\WINDOWS\system32\shell32.dll
6.00.2900.2869 (xpsp_sp2_gdr.060316-1512)
Microsoft Corporation
Windows Shell Common Dll
2006-03-17 12:04:42

SHLWAPI.dll
0x77f40000
C:\WINDOWS\system32\shlwapi.dll
6.00.2900.2904 (xpsp_sp2_gdr.060509-0218)
Microsoft Corporation
Shell Light-weight Utility Library
2006-05-10 13:25:08

UxTheme.dll
0x5adc0000
C:\WINDOWS\system32\uxtheme.dll
6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Microsoft UxTheme Library
2004-08-17 07:39:06

IMM32.DLL
0x76300000
C:\WINDOWS\system32\imm32.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows XP IMM32 API Client DLL
2004-08-17 07:38:50

LPK.DLL
0x62c20000
C:\WINDOWS\system32\lpk.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Language Pack
2004-08-17 07:38:52

USP10.dll
0x73fa0000
C:\WINDOWS\system32\usp10.dll
1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Uniscribe Unicode script processor
2004-08-17 07:39:06

serwvdrv.dll
0x5ce30000
C:\WINDOWS\system32\serwvdrv.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Unimodem Serial Wave driver
2002-10-07 12:00:00

umdmxfrm.dll
0x5b0f0000
C:\WINDOWS\system32\umdmxfrm.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Unimodem Tranform Module
2002-10-07 12:00:00

comctl32.dll
0x77180000
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
6.0 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
User Experience Controls Library
2004-08-17 07:37:22

comctl32.dll
0x5d170000
C:\WINDOWS\system32\comctl32.dll
5.82 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Common Controls Library
2004-08-17 07:38:44

secur32.dll
0x77fc0000
C:\WINDOWS\system32\secur32.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Security Support Provider Interface
2004-08-17 07:39:04

Apphelp.dll
0x76d70000
C:\WINDOWS\system32\apphelp.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Application Compatibility Client Library
2004-08-17 07:38:42

eventlog.dll
0x76ce0000
C:\WINDOWS\system32\eventlog.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Event Logging Service
2004-08-17 07:38:48

WS2_32.dll
0x71a20000
C:\WINDOWS\system32\ws2_32.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows Socket 2.0 32-Bit DLL
2004-08-17 07:39:10

WS2HELP.dll
0x71a10000
C:\WINDOWS\system32\ws2help.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows Socket 2.0 Helper for Windows NT
2004-08-17 07:39:10

PSAPI.DLL
0x76bc0000
C:\WINDOWS\system32\psapi.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Process Status Helper
2004-08-17 07:39:00

wtsapi32.dll
0x76f20000
C:\WINDOWS\system32\wtsapi32.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows Terminal Server SDK APIs
2004-08-17 07:39:10




[LSASS.EXE]
PID = 0x2e0
CommandLine = C:\WINDOWS\system32\lsass.exe
lsass.exe
gototop
 
龙卧
头像
健康舞勺狮
  • 帖子:227
  • 注册: 2004-07-30
  • 来自:
发表于: 2006-08-09 10:11 | 显示全部 短消息 资料
字号: 5楼

0x1000000
C:\WINDOWS\system32\lsass.exe
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
LSA Shell (Export Version)
2004-08-17 07:39:16

ntdll.dll
0x7c920000
C:\WINDOWS\system32\ntdll.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
NT Layer DLL
2004-08-17 07:38:36

kernel32.dll
0x7c800000
C:\WINDOWS\system32\kernel32.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows NT BASE API Client DLL
2004-08-17 07:38:52

ADVAPI32.dll
0x77da0000
C:\WINDOWS\system32\advapi32.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Advanced Windows 32 Base API
2004-08-17 07:38:42

RPCRT4.dll
0x77e50000
C:\WINDOWS\system32\rpcrt4.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Remote Procedure Call Runtime
2004-08-17 07:39:02

LSASRV.dll
0x74480000
C:\WINDOWS\system32\lsasrv.dll
5.1.2600.2525 (xpsp_sp2_gdr.040919-1056)
Microsoft Corporation
LSA Server DLL
2004-10-28 09:27:58

MPR.dll
0x71a90000
C:\WINDOWS\system32\mpr.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Multiple Provider Router DLL
2004-08-17 07:38:54

USER32.dll
0x77d10000
C:\WINDOWS\system32\USER32.DLL
5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)
Microsoft Corporation
Windows XP USER API Client DLL
2005-03-03 02:10:06

GDI32.dll
0x77ef0000
C:\WINDOWS\system32\gdi32.dll
5.1.2600.2818 (xpsp_sp2_gdr.051228-1427)
Microsoft Corporation
GDI Client DLL
2005-12-29 10:56:04

MSASN1.dll
0x76db0000
C:\WINDOWS\system32\msasn1.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
ASN.1 Runtime APIs
2004-08-17 07:38:54

msvcrt.dll
0x77be0000
C:\WINDOWS\system32\msvcrt.dll
7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows NT CRT DLL
2004-08-17 07:38:58

NETAPI32.dll
0x5fdd0000
C:\WINDOWS\system32\netapi32.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Net Win32 API DLL
2004-08-17 07:38:58

NTDSAPI.dll
0x76770000
C:\WINDOWS\system32\ntdsapi.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
NT5DS
2004-08-17 07:38:58

DNSAPI.dll
0x76ef0000
C:\WINDOWS\system32\dnsapi.dll
5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)
Microsoft Corporation
DNS Client API DLL
2006-05-19 21:14:08

WS2_32.dll
0x71a20000
C:\WINDOWS\system32\ws2_32.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows Socket 2.0 32-Bit DLL
2004-08-17 07:39:10

WS2HELP.dll
0x71a10000
C:\WINDOWS\system32\ws2help.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows Socket 2.0 Helper for Windows NT
2004-08-17 07:39:10

WLDAP32.dll
0x76f30000
C:\WINDOWS\system32\wldap32.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Win32 LDAP API DLL
2004-08-17 07:39:10

Secur32.dll
0x77fc0000
C:\WINDOWS\system32\secur32.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Security Support Provider Interface
2004-08-17 07:39:04

SAMLIB.dll
0x71b70000
C:\WINDOWS\system32\samlib.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
SAM Library DLL
2004-08-17 07:39:02

SAMSRV.dll
0x743a0000
C:\WINDOWS\system32\samsrv.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
SAM Server DLL
2004-08-17 07:39:02

cryptdll.dll
0x76760000
C:\WINDOWS\system32\cryptdll.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Cryptography Manager
2004-08-17 07:38:44

ShimEng.dll
0x5cc30000
C:\WINDOWS\system32\shimeng.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Shim Engine DLL
2004-08-17 07:39:04

AcGenral.DLL
0x58fb0000
C:\WINDOWS\AppPatch\AcGenral.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows Compatibility DLL
2004-08-17 07:38:42

WINMM.dll
0x76b10000
C:\WINDOWS\system32\winmm.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
MCI API DLL
2004-08-17 07:39:08

ole32.dll
0x76990000
C:\WINDOWS\system32\ole32.dll
5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)
Microsoft Corporation
Microsoft OLE for Windows
2005-07-26 12:39:50

OLEAUT32.dll
0x770f0000
C:\WINDOWS\system32\oleaut32.dll
5.1.2600.2180
Microsoft Corporation

2004-08-17 07:39:00

MSACM32.dll
0x77bb0000
C:\WINDOWS\system32\msacm32.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Microsoft ACM Audio Filter
2004-08-17 07:38:54

VERSION.dll
0x77bd0000
C:\WINDOWS\system32\version.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Version Checking and File Installation Libraries
2004-08-17 07:39:06

SHELL32.dll
0x7d590000
C:\WINDOWS\system32\shell32.dll
6.00.2900.2869 (xpsp_sp2_gdr.060316-1512)
Microsoft Corporation
Windows Shell Common Dll
2006-03-17 12:04:42

SHLWAPI.dll
0x77f40000
C:\WINDOWS\system32\shlwapi.dll
6.00.2900.2904 (xpsp_sp2_gdr.060509-0218)
Microsoft Corporation
Shell Light-weight Utility Library
2006-05-10 13:25:08

USERENV.dll
0x759d0000
C:\WINDOWS\system32\userenv.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Userenv
2004-08-17 07:39:06

UxTheme.dll
0x5adc0000
C:\WINDOWS\system32\uxtheme.dll
6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Microsoft UxTheme Library
2004-08-17 07:39:06

IMM32.DLL
0x76300000
C:\WINDOWS\system32\imm32.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows XP IMM32 API Client DLL
2004-08-17 07:38:50

LPK.DLL
0x62c20000
C:\WINDOWS\system32\lpk.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Language Pack
2004-08-17 07:38:52

USP10.dll
0x73fa0000
C:\WINDOWS\system32\usp10.dll
1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Uniscribe Unicode script processor
2004-08-17 07:39:06

serwvdrv.dll
0x5ce30000
C:\WINDOWS\system32\serwvdrv.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Unimodem Serial Wave driver
2002-10-07 12:00:00

umdmxfrm.dll
0x5b0f0000
C:\WINDOWS\system32\umdmxfrm.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Unimodem Tranform Module
2002-10-07 12:00:00

comctl32.dll
0x77180000
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
6.0 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
User Experience Controls Library
2004-08-17 07:37:22

comctl32.dll
0x5d170000
C:\WINDOWS\system32\comctl32.dll
5.82 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Common Controls Library
2004-08-17 07:38:44

msprivs.dll
0x20000000
C:\WINDOWS\system32\msprivs.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Microsoft Privilege Translations
2004-08-17 07:37:56

kerberos.dll
0x71c70000
C:\WINDOWS\system32\kerberos.dll
5.1.2600.2698 (xpsp_sp2_gdr.050614-1522)
Microsoft Corporation
Kerberos Security Package
2005-06-16 01:50:14

msv1_0.dll
0x77c40000
C:\WINDOWS\system32\msv1_0.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Microsoft Authentication Package v1.0
2004-08-17 07:38:56

iphlpapi.dll
0x76d30000
C:\WINDOWS\system32\iphlpapi.dll
5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)
Microsoft Corporation
IP Helper API
2006-05-19 21:14:08

netlogon.dll
0x74410000
C:\WINDOWS\system32\netlogon.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Net Logon Services DLL
2004-08-17 07:38:58

w32time.dll
0x76790000
C:\WINDOWS\system32\w32time.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows Time Service
2004-08-17 07:39:06

MSVCP60.dll
0x75ff0000
C:\WINDOWS\system32\msvcp60.dll
6.02.3104.0
Microsoft Corporation
Microsoft (R) C++ Runtime Library
2004-08-17 07:38:56

schannel.dll
0x767c0000
C:\WINDOWS\system32\schannel.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
TLS / SSL Security Provider
2004-08-17 07:39:04

CRYPT32.dll
0x765e0000
C:\WINDOWS\system32\crypt32.dll
5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Crypto API32
2004-08-17 07:38:44

wdigest.dll
0x742e0000
C:\WINDOWS\system32\wdigest.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Microsoft Digest Access
2004-08-17 07:39:08

rsaenh.dll
0xffd0000
C:\WINDOWS\system32\rsaenh.dll
5.1.2600.2161 (xpsp.040706-1629)
Microsoft Corporation
Microsoft Enhanced Cryptographic Provider
2004-08-04 13:31:44

scecli.dll
0x74370000
C:\WINDOWS\system32\scecli.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows Security Configuration Editor Client Engine
2004-08-17 07:39:02

SETUPAPI.dll
0x76060000
C:\WINDOWS\system32\setupapi.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows Setup API
2004-08-16 16:39:04

ipsecsvc.dll
0x74340000
C:\WINDOWS\system32\ipsecsvc.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows IPSec SPD Server DLL
2004-08-17 07:38:52

AUTHZ.dll
0x77fe0000
C:\WINDOWS\system32\AUTHZ.DLL
5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)
Microsoft Corporation
Authorization Framework
2005-03-03 02:10:06

oakley.DLL
0x73ed0000
C:\WINDOWS\system32\oakley.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Oakley Key Manager
2004-08-17 07:39:00

WINIPSEC.DLL
0x742d0000
C:\WINDOWS\system32\winipsec.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows IPSec SPD Client DLL
2004-08-17 07:39:08

pstorsvc.dll
0x74300000
gototop
 
龙卧
头像
健康舞勺狮
  • 帖子:227
  • 注册: 2004-07-30
  • 来自:
发表于: 2006-08-09 10:11 | 显示全部 短消息 资料
字号: 6楼

C:\WINDOWS\system32\pstorsvc.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Protected storage server
2004-08-17 07:39:00

mswsock.dll
0x719c0000
C:\WINDOWS\system32\mswsock.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Microsoft Windows Sockets 2.0 Service Provider
2004-08-17 07:38:58

hnetcfg.dll
0x60fd0000
C:\WINDOWS\system32\hnetcfg.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Home Networking Configuration Manager
2004-08-17 07:38:50

wshtcpip.dll
0x71a00000
C:\WINDOWS\system32\wshtcpip.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows Sockets Helper DLL
2004-08-17 07:39:10

psbase.dll
0x74320000
C:\WINDOWS\system32\psbase.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Protected Storage default provider
2004-08-17 07:39:00

dssenh.dll
0x68100000
C:\WINDOWS\system32\dssenh.dll
5.1.2600.2133 (xpsp.040514-1639)
Microsoft Corporation
Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider
2004-08-04 13:31:44




[SVCHOST.EXE]
PID = 0x374
CommandLine = C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
0x1000000
C:\WINDOWS\system32\svchost.exe
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Generic Host Process for Win32 Services
2004-08-17 07:39:24

ntdll.dll
0x7c920000
C:\WINDOWS\system32\ntdll.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
NT Layer DLL
2004-08-17 07:38:36

kernel32.dll
0x7c800000
C:\WINDOWS\system32\kernel32.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows NT BASE API Client DLL
2004-08-17 07:38:52

ADVAPI32.dll
0x77da0000
C:\WINDOWS\system32\advapi32.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Advanced Windows 32 Base API
2004-08-17 07:38:42

RPCRT4.dll
0x77e50000
C:\WINDOWS\system32\rpcrt4.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Remote Procedure Call Runtime
2004-08-17 07:39:02

ShimEng.dll
0x5cc30000
C:\WINDOWS\system32\shimeng.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Shim Engine DLL
2004-08-17 07:39:04

AcGenral.DLL
0x58fb0000
C:\WINDOWS\AppPatch\AcGenral.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows Compatibility DLL
2004-08-17 07:38:42

USER32.dll
0x77d10000
C:\WINDOWS\system32\USER32.DLL
5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)
Microsoft Corporation
Windows XP USER API Client DLL
2005-03-03 02:10:06

GDI32.dll
0x77ef0000
C:\WINDOWS\system32\gdi32.dll
5.1.2600.2818 (xpsp_sp2_gdr.051228-1427)
Microsoft Corporation
GDI Client DLL
2005-12-29 10:56:04

WINMM.dll
0x76b10000
C:\WINDOWS\system32\winmm.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
MCI API DLL
2004-08-17 07:39:08

ole32.dll
0x76990000
C:\WINDOWS\system32\ole32.dll
5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)
Microsoft Corporation
Microsoft OLE for Windows
2005-07-26 12:39:50

msvcrt.dll
0x77be0000
C:\WINDOWS\system32\msvcrt.dll
7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows NT CRT DLL
2004-08-17 07:38:58

OLEAUT32.dll
0x770f0000
C:\WINDOWS\system32\oleaut32.dll
5.1.2600.2180
Microsoft Corporation

2004-08-17 07:39:00

MSACM32.dll
0x77bb0000
C:\WINDOWS\system32\msacm32.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Microsoft ACM Audio Filter
2004-08-17 07:38:54

VERSION.dll
0x77bd0000
C:\WINDOWS\system32\version.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Version Checking and File Installation Libraries
2004-08-17 07:39:06

SHELL32.dll
0x7d590000
C:\WINDOWS\system32\shell32.dll
6.00.2900.2869 (xpsp_sp2_gdr.060316-1512)
Microsoft Corporation
Windows Shell Common Dll
2006-03-17 12:04:42

SHLWAPI.dll
0x77f40000
C:\WINDOWS\system32\shlwapi.dll
6.00.2900.2904 (xpsp_sp2_gdr.060509-0218)
Microsoft Corporation
Shell Light-weight Utility Library
2006-05-10 13:25:08

USERENV.dll
0x759d0000
C:\WINDOWS\system32\userenv.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Userenv
2004-08-17 07:39:06

UxTheme.dll
0x5adc0000
C:\WINDOWS\system32\uxtheme.dll
6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Microsoft UxTheme Library
2004-08-17 07:39:06

IMM32.DLL
0x76300000
C:\WINDOWS\system32\imm32.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows XP IMM32 API Client DLL
2004-08-17 07:38:50

LPK.DLL
0x62c20000
C:\WINDOWS\system32\lpk.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Language Pack
2004-08-17 07:38:52

USP10.dll
0x73fa0000
C:\WINDOWS\system32\usp10.dll
1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Uniscribe Unicode script processor
2004-08-17 07:39:06

serwvdrv.dll
0x5ce30000
C:\WINDOWS\system32\serwvdrv.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Unimodem Serial Wave driver
2002-10-07 12:00:00

umdmxfrm.dll
0x5b0f0000
C:\WINDOWS\system32\umdmxfrm.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Unimodem Tranform Module
2002-10-07 12:00:00

comctl32.dll
0x77180000
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
6.0 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
User Experience Controls Library
2004-08-17 07:37:22

comctl32.dll
0x5d170000
C:\WINDOWS\system32\comctl32.dll
5.82 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Common Controls Library
2004-08-17 07:38:44

NTMARTA.DLL
0x76cb0000
C:\WINDOWS\system32\ntmarta.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows NT MARTA provider
2004-08-17 07:38:58

WLDAP32.dll
0x76f30000
C:\WINDOWS\system32\wldap32.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Win32 LDAP API DLL
2004-08-17 07:39:10

SAMLIB.dll
0x71b70000
C:\WINDOWS\system32\samlib.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
SAM Library DLL
2004-08-17 07:39:02

rpcss.dll
0x76230000
c:\WINDOWS\system32\rpcss.dll
5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)
Microsoft Corporation
Distributed COM Services
2005-07-26 12:39:50

Secur32.dll
0x77fc0000
c:\WINDOWS\system32\secur32.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Security Support Provider Interface
2004-08-17 07:39:04

WS2_32.dll
0x71a20000
c:\WINDOWS\system32\ws2_32.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows Socket 2.0 32-Bit DLL
2004-08-17 07:39:10

WS2HELP.dll
0x71a10000
c:\WINDOWS\system32\ws2help.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows Socket 2.0 Helper for Windows NT
2004-08-17 07:39:10

xpsp2res.dll
0x20000000
C:\WINDOWS\system32\xpsp2res.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Service Pack 2 Messages
2004-08-17 07:38:22

CLBCATQ.DLL
0x76fa0000
C:\WINDOWS\system32\clbcatq.dll
2001.12.4414.308
Microsoft Corporation

2005-07-26 12:39:46

COMRes.dll
0x77020000
C:\WINDOWS\system32\comres.dll
2001.12.4414.258
Microsoft Corporation

2004-08-17 07:38:44

Apphelp.dll
0x76d70000
C:\WINDOWS\system32\apphelp.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Application Compatibility Client Library
2004-08-17 07:38:42




[SVCHOST.EXE]
PID = 0x3a4
gototop
 
龙卧
头像
健康舞勺狮
  • 帖子:227
  • 注册: 2004-07-30
  • 来自:
发表于: 2006-08-09 10:12 | 显示全部 短消息 资料
字号: 7楼

er.exe]
PID = 0x3cc
CommandLine = "C:\Program Files\rising\Rav\CCenter.exe"
CCenter.exe
0x400000
C:\Program Files\rising\rav\CCenter.exe
18, 0, 0, 3
Beijing Rising Technology Co., Ltd.
CCenter
2006-06-12 20:46:16

ntdll.dll
0x7c920000
C:\WINDOWS\system32\ntdll.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
NT Layer DLL
2004-08-17 07:38:36

kernel32.dll
0x7c800000
C:\WINDOWS\system32\kernel32.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows NT BASE API Client DLL
2004-08-17 07:38:52

USER32.dll
0x77d10000
C:\WINDOWS\system32\USER32.DLL
5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)
Microsoft Corporation
Windows XP USER API Client DLL
2005-03-03 02:10:06

GDI32.dll
0x77ef0000
C:\WINDOWS\system32\gdi32.dll
5.1.2600.2818 (xpsp_sp2_gdr.051228-1427)
Microsoft Corporation
GDI Client DLL
2005-12-29 10:56:04

ADVAPI32.dll
0x77da0000
C:\WINDOWS\system32\advapi32.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Advanced Windows 32 Base API
2004-08-17 07:38:42

RPCRT4.dll
0x77e50000
C:\WINDOWS\system32\rpcrt4.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Remote Procedure Call Runtime
2004-08-17 07:39:02

IMM32.DLL
0x76300000
C:\WINDOWS\system32\imm32.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows XP IMM32 API Client DLL
2004-08-17 07:38:50

LPK.DLL
0x62c20000
C:\WINDOWS\system32\lpk.dll
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Language Pack
2004-08-17 07:38:52

USP10.dll
0x73fa0000
C:\WINDOWS\system32\usp10.dll
1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Uniscribe Unicode script processor
2004-08-17 07:39:06

msvcrt.dll
0x77be0000
C:\WINDOWS\system32\msvcrt.dll
7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Windows NT CRT DLL
2004-08-17 07:38:58

uxtheme.dll
0x5adc0000
C:\WINDOWS\system32\uxtheme.dll
6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
Microsoft Corporation
Microsoft UxTheme Library
2004-08-17 07:39:06
gototop
 
龙卧
头像
健康舞勺狮
  • 帖子:227
  • 注册: 2004-07-30
  • 来自:
发表于: 2006-08-09 10:40 | 显示全部 短消息 资料
字号: 8楼

Logfile of HijackThis v1.99.1
Scan saved at 10:27:45, on 2006-8-9
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\rising\Rav\Ravmond.exe
c:\program files\rising\rfw\rfwsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\rising\Rav\RavStub.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\OEM\AccessRunner ADSL\CnxDslTb.exe
C:\Program Files\rising\Rav\RavTask.exe
C:\Program Files\Rising\Rfw\rfwmain.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\rising\Rav\Ravmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\skeys.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\rising\rav\Rav.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\xunlei\Program\Thunder5.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX03.744\HijackThis.exe

R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,SKEYS /I
O1 - Hosts: 222.73.250.189 patch.ali213.net
O1 - Hosts: 203.95.1.201 www.cmplayer.com
O1 - Hosts: 221.231.129.30 ac.sdo.com
O1 - Hosts: 59.49.17.158 www.sxkszx.cn
O1 - Hosts: 211.154.222.56 bbs.cctv.com
O1 - Hosts: 61.152.117.72 sso.myrice.com
O1 - Hosts: 221.1.204.250 wstatic.xunlei.com
O1 - Hosts: 222.168.8.195 bbs.ccit365.com
O1 - Hosts: 60.195.252.238 game.tkgame.com
O1 - Hosts: 218.244.47.22 www.coc.cc
O1 - Hosts: 64.111.103.171 www.worldfax.net
O1 - Hosts: 205.196.214.24 www.download.com.ph
O1 - Hosts: 64.202.163.2 pop.dl530.com
O1 - Hosts: 219.238.233.252 forum.ikaka.com
O1 - Hosts: 222.222.65.71 www.2ndspace.com
O1 - Hosts: 131.107.102.120 www.betaplace.com
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - D:\QQ\QQIEHelper.dll
O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - D:\xunlei\ComDlls\XunLeiBHO_002.dll
O2 - BHO: AlxTB BHO - {F1FABE79-25FC-46de-8C5A-2C6DB9D64333} - C:\WINDOWS\system32\AlxTB1.dll (file missing)
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\kakatool.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SiSUSBRG] rem C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [Thunderupdater] D:\新建文件夹 (2)\xunlei\Thunder\TDUpdate.exe
O4 - HKLM\..\Run: [CnxDslTaskBar] C:\Program Files\OEM\AccessRunner ADSL\CnxDslTb.exe
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: 腾讯QQ珊瑚虫版.lnk = D:\QQ\CoralQQ.exe
O8 - Extra context menu item: &使用迅雷下载 - D:\xunlei\Program\GetUrl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - D:\xunlei\Program\GetAllUrl.htm
O8 - Extra context menu item: Mail to a Friend... - http://client.alexa.com/holiday/script/actions/mailto.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\QQ\SendMMS.htm
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\System32\shdocvw.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=about:blank
O17 - HKLM\System\CCS\Services\Tcpip\..\{2FDB3626-979A-48FC-BF29-5EA73666752D}: NameServer = 202.97.132.100 202.99.192.66
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Gray_Pigeon_Server2.0 (GrayPigeonServer2.0) - Unknown owner - C:\Program Files\HgzServer\WindowsUpdate\rundll32.exe
O23 - Service: GrayX - Unknown owner - C:\WINDOWS\Grow.exe
O23 - Service: PsShutdown (PsShutdownSvc) - Unknown owner - C:\WINDOWS\System32\PSSDNSVC.EXE
O23 - Service: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\rising\Rav\CCenter.exe
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\rising\Rav\Ravmond.exe
O23 - Service: SmartLinkService (SLService) -  - C:\WINDOWS\SYSTEM32\slserv.exe
gototop
 
龙卧
头像
健康舞勺狮
  • 帖子:227
  • 注册: 2004-07-30
  • 来自:
发表于: 2006-08-09 13:11 | 显示全部 短消息 资料
字号: 9楼

附件附件:

下载次数:250
文件类型:image/pjpeg
文件大小:
上传时间:2006-8-9 13:11:48
描述:
gototop
 
龙卧
头像
健康舞勺狮
  • 帖子:227
  • 注册: 2004-07-30
  • 来自:
发表于: 2006-08-09 13:12 | 显示全部 短消息 资料
字号: 10楼

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,SKEYS /I
没法修复啊
gototop
 
<<上一主题|下一主题>>
12   1  /  2  页   跳转
页面顶部
Powered by Discuz!NT