最后一页日志 bbs.ikaka.com

小菜008 - 2007-5-10 17:15:00

[PID: 1892][C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe] [, 2.0.6.50]
[C:\WINDOWS\system32\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Common Files\Teleca Shared\tlib_log.dll] [Popwire AB, 1.1.0.67]
[C:\Program Files\Common Files\Teleca Shared\boost_log-vc71-mt-1_33.dll] [N/A, ]
[C:\Program Files\Common Files\Teleca Shared\tlib_cmndlgs.dll] [Popwire AB, 1.1.0.19]
[C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application LauncherLg.dll] [, 2.0.4.47]
[C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application LauncherBmp.dll] [, 2.0.4.31]
[C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application LauncherMainDlg.dll] [Sony Ericsson Mobile Communications AB, 2.0.4.33]
[C:\PROGRA~1\COMMON~1\vjjvpc\whbdrb.nls] [, 3, 6, 0, 5]
[c:\progra~1\guej\thrw.dll] [, 1, 0, 0, 6]
[c:\progra~1\guej\ymwb.dll] [ , 1, 0, 0, 6]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\WINDOWS\system32\FREEWB.IME] [Delphi Fan Studio, 5.1]
[E:\Program Files\freewb\plugin\date.plg] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\icm32.dll] [Microsoft Corporation, 5.1.2600.2709 (xpsp_sp2_gdr.050628-1518)]
[C:\Program Files\Common Files\Teleca Shared\TC Device Mgmt.dll] [Popwire AB, 1.4.7.14]
[PID: 1916][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\FREEWB.IME] [Delphi Fan Studio, 5.1]
[E:\Program Files\freewb\plugin\date.plg] [, 1, 0, 0, 1]
[c:\progra~1\guej\thrw.dll] [, 1, 0, 0, 6]
[c:\progra~1\guej\ymwb.dll] [ , 1, 0, 0, 6]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\PROGRA~1\COMMON~1\vjjvpc\whbdrb.nls] [, 3, 6, 0, 5]
[PID: 1924][C:\Program Files\Messenger\msmsgs.exe] [Microsoft Corporation, 4.7.3001]
[C:\WINDOWS\system32\FREEWB.IME] [Delphi Fan Studio, 5.1]
[E:\Program Files\freewb\plugin\date.plg] [, 1, 0, 0, 1]
[C:\PROGRA~1\COMMON~1\vjjvpc\whbdrb.nls] [, 3, 6, 0, 5]
[c:\progra~1\guej\thrw.dll] [, 1, 0, 0, 6]
[c:\progra~1\guej\ymwb.dll] [ , 1, 0, 0, 6]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[PID: 3580][C:\Program Files\Common Files\Teleca Shared\Generic.exe] [Obigo AB, 1, 4, 12, 0]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Common Files\Teleca Shared\tlib_log.dll] [Popwire AB, 1.1.0.67]
[C:\Program Files\Common Files\Teleca Shared\boost_log-vc71-mt-1_33.dll] [N/A, ]
[C:\Program Files\Common Files\Teleca Shared\TC Device Mgmt.dll] [Popwire AB, 1.4.7.14]
[C:\WINDOWS\system32\msxml4.dll] [Microsoft Corporation, 4.20.9841.0]
[c:\progra~1\guej\thrw.dll] [, 1, 0, 0, 6]
[c:\progra~1\guej\ymwb.dll] [ , 1, 0, 0, 6]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\PROGRA~1\COMMON~1\vjjvpc\whbdrb.nls] [, 3, 6, 0, 5]
[C:\Program Files\Common Files\Teleca Shared\HookStarter.dll] [Popwire AB, 1.0.3.11]
[C:\Program Files\Common Files\Teleca Shared\SpecificUSB.dll] [Popwire AB, 1, 2, 1, 1]
[C:\Program Files\Common Files\Sony Ericsson Shared\SpecificMPM.dll] [Sony Ericsson Mobile Communications AB, 1, 3, 0, 0]
[C:\WINDOWS\system32\FREEWB.IME] [Delphi Fan Studio, 5.1]
[E:\Program Files\freewb\plugin\date.plg] [, 1, 0, 0, 1]
[PID: 4040][C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe] [Sony Ericsson Mobile Communications AB, 1, 2, 0,1219]
[C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\ShowMfcDialog.dll] [Sony Ericsson Mobile Communications AB, 1, 0, 0,151]
[c:\progra~1\guej\thrw.dll] [, 1, 0, 0, 6]
[c:\progra~1\guej\ymwb.dll] [ , 1, 0, 0, 6]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\PROGRA~1\COMMON~1\vjjvpc\whbdrb.nls] [, 3, 6, 0, 5]
[C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\cellphone_object.dll] [Sony Ericsson Mobile Communications AB, 1, 0, 0,1223]
[C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\ecsmoddata.dll] [Sony Ericsson Mobile Communications AB, 1, 2, 0,338]
[C:\WINDOWS\system32\msxml4.dll] [Microsoft Corporation, 4.20.9841.0]
[C:\WINDOWS\system32\FREEWB.IME] [Delphi Fan Studio, 5.1]
[E:\Program Files\freewb\plugin\date.plg] [, 1, 0, 0, 1]
[C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\Capires0804.DLL] [Popwire AB, 1, 0, 0,2018]
[C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\cabmain.dll] [Sony Ericsson Mobile Communications AB, 1, 0, 0,1256]
[C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\msirsock_object.dll] [Sony Ericsson Mobile Communications AB, 1, 0, 0,1039]
[PID: 3680][D:\Program Files\Tencent\TT\TTraveler.exe] [腾讯公司, 3.2.200.275]
[c:\progra~1\guej\thrw.dll] [, 1, 0, 0, 6]
[c:\progra~1\guej\ymwb.dll] [ , 1, 0, 0, 6]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\PROGRA~1\COMMON~1\vjjvpc\whbdrb.nls] [, 3, 6, 0, 5]
[C:\WINDOWS\system32\FREEWB.IME] [Delphi Fan Studio, 5.1]
[E:\Program Files\freewb\plugin\date.plg] [, 1, 0, 0, 1]
[D:\Program Files\Tencent\TT\Plugins\QQFloatBar\QQFloatBar4TT2.dll] [腾讯公司, 1, 1, 0, 5]
[D:\Program Files\Tencent\TT\Plugins\TWeather\TWeather.dll] [, 1, 0, 0, 3]
[D:\Program Files\Tencent\TT\PersonalDesktop.dll] [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 4]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpscrch.dll] [Kaspersky Lab, 1.0.227.342]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\concl.dll] [Kaspersky Lab, 1.0.227.3]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\FSSync.dll] [Kaspersky Lab, 5.0.227.0]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\ipc.dll] [Kaspersky Lab, 5.0.227.0]
[c:\PROGRA~1\iesnap\navpref.dll] [, 1, 0, 1, 2]
[D:\Program Files\Tencent\TT\dbghelp.dll] [Microsoft Corporation, 6.3.0005.1 (DbgBuild.030922-1449)]
[c:\PROGRA~1\iesnap\navseg.dll] [, 1, 0, 1, 1]
[c:\PROGRA~1\iesnap\navneg.dll] [, 1, 0, 1, 2]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\system32\msdmo.dll] [, ]
[d:\Program Files\Ringz Studio\Storm Codec\Codecs\VSFilter.dll] [Gabest, 1, 0, 1, 3]
[d:\Program Files\Ringz Studio\Storm Codec\Codecs\PmpSplt.ax] [cooleyes, 1, 0, 0, 7]
[C:\Program Files\BitSpirit\Codec\RealMediaSplitter.ax] [Gabest, 1, 0, 1, 1]
[C:\WINDOWS\system32\ffdshow.ax] [, 1.0.2.2028]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\Macromed\Flash\Flash9c.ocx] [Adobe Systems, Inc., 9,0,45,0]
[C:\WINDOWS\system32\IMSC40A.IME] [Microsoft Corporation, 6.0.0.2527]
[C:\PROGRA~1\COMMON~1\MICROS~1\IME\SHARED2.0\MSCAND20.DLL] [Microsoft Corporation, 9.0.5510.0]
[PID: 608][C:\WINDOWS\system32\rundll32.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\COMMON~1\vjjvpc\whbdrb.nls] [, 3, 6, 0, 5]
[c:\progra~1\guej\thrw.dll] [, 1, 0, 0, 6]
[c:\progra~1\guej\ymwb.dll] [ , 1, 0, 0, 6]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\WINDOWS\system32\FREEWB.IME] [Delphi Fan Studio, 5.1]
[E:\Program Files\freewb\plugin\date.plg] [, 1, 0, 0, 1]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpscrch.dll] [Kaspersky Lab, 1.0.227.342]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\concl.dll] [Kaspersky Lab, 1.0.227.3]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\FSSync.dll] [Kaspersky Lab, 5.0.227.0]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\ipc.dll] [Kaspersky Lab, 5.0.227.0]
[PID: 3460][F:\xjp\sreng2\SREng.EXE] [Smallfrogs Studio, 2.4.12.806]
[c:\progra~1\guej\thrw.dll] [, 1, 0, 0, 6]
[c:\progra~1\guej\ymwb.dll] [ , 1, 0, 0, 6]
[c:\PROGRA~1\iesnap\navstub.dll] [, 1, 0, 1, 2]
[C:\PROGRA~1\COMMON~1\vjjvpc\whbdrb.nls] [, 3, 6, 0, 5]
[C:\WINDOWS\system32\FREEWB.IME] [Delphi Fan Studio, 5.1]
[E:\Program Files\freewb\plugin\date.plg] [, 1, 0, 0, 1]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpscrch.dll] [Kaspersky Lab, 1.0.227.342]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\concl.dll] [Kaspersky Lab, 1.0.227.3]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\FSSync.dll] [Kaspersky Lab, 5.0.227.0]
[d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\ipc.dll] [Kaspersky Lab, 5.0.227.0]

==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1 localhost

==================================
API HOOK
RVA 错误： LoadLibraryA (危险等级: 一般, 被下面模块所HOOK: Dest Addr: 0xF5C91FE1)
RVA 错误： LoadLibraryExA (危险等级: 一般, 被下面模块所HOOK: Dest Addr: 0xF5C92155)
RVA 错误： LoadLibraryExW (危险等级: 一般, 被下面模块所HOOK: Dest Addr: 0xF5C92222)
RVA 错误： LoadLibraryW (危险等级: 一般, 被下面模块所HOOK: Dest Addr: 0xF5C9209E)

==================================
隐藏进程
[197] d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
[1877] D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe

瑞星卡卡安全论坛