为什么进程里有10个RUNDLL32，瑞星检测还是正常啊？ bbs.ikaka.com

sky_wl - 2009-8-31 20:30:00

刚开机，只有一个RUNDLL32进程的，慢慢就多了n个相同的RUNDLL32进程,而且都是调用的相同的c:\winnt\system32\里的dll文件，感觉有病毒，可是瑞星扫描什么也没发现~，哪位大侠可以帮我解解疑惑！谢谢啦！

用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)

漫天飘雪 - 2009-8-31 20:40:00

http://bbs.ikaka.com/showtopic-8442813.aspx
用这个帖子的方法扫描下,发个扫描日志上来!

sky_wl - 2009-9-1 8:30:00

我发个日志上来，帮我看看
2009-09-01,08:15:26

System Repair Engineer 2.8.1.1279
Smallfrogs (http://www.KZTechs.com)

Windows 2000 Advanced Server Service Pack 4 (Build 2195) - 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描
计划任务
Windows 安全更新检查
API HOOK
隐藏进程

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<Internat.exe><internat.exe> [(Verified)Microsoft Windows 2000 Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<fix><C:\Program Files\360\360safe\fix.exe> [360安全中心]
<360Safetray><C:\Program Files\360\360safe\safemon\360Tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
<RavTray><"C:\Program Files\Rising\Rav\RsTray.exe" -system> [(Verified)Beijing Rising Information Technology Corporation Limited]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [N/A]
<Userinit><C:\WINNT\system32\userinit.exe,> [(Verified)Microsoft Windows 2000 Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<Network.ConnectionTray><C:\WINNT\system32\NETSHELL.dll> [(Verified)Microsoft Windows 2000 Publisher]
<WebCheck><%SystemRoot%\system32\webcheck.dll> [(Verified)Microsoft Windows 2000 Publisher]
<SysTray><stobject.dll> [(Verified)Microsoft Windows 2000 Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
<WinlogonNotify: crypt32chain><crypt32.dll> [(Verified)Microsoft Windows 2000 Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
<WinlogonNotify: cryptnet><cryptnet.dll> [(Verified)Microsoft Windows 2000 Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
<WinlogonNotify: cscdll><cscdll.dll> [(Verified)Microsoft Windows 2000 Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
<WinlogonNotify: sclgntfy><sclgntfy.dll> [(Verified)Microsoft Windows 2000 Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
<WinlogonNotify: SensLogn><WlNotify.dll> [(Verified)Microsoft Windows 2000 Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
<WinlogonNotify: termsrv><wlnotify.dll> [(Verified)Microsoft Windows 2000 Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wzcnotif]
<WinlogonNotify: wzcnotif><wzcdlg.dll> [(Verified)Microsoft Windows 2000 Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
<{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
<浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP> [(Verified)Microsoft Windows 2000 Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
<Microsoft Windows Media Player 6.4><rundll32.exe advpack.dll,LaunchINFSection C:\WINNT\INF\mplayer2.inf,PerUserStub.NT> [(Verified)Microsoft Windows 2000 Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 5><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINNT\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows 2000 Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6A5110B5-E14B-4268-A065-EF89FF33C325}]
<EnableRevocation><regsvr32.exe /s /n /i:"S 2 true 3 true 4 true 5 true 6 true 7 true" initpki.dll> [(Verified)Microsoft Windows 2000 Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<通讯簿 5><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
<Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll> [(Verified)Microsoft Windows 2000 Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
<Internet Explorer 5><%SystemRoot%\system32\ie4uinit.exe> [(Verified)Microsoft Windows 2000 Publisher]
[HKEY_CURRENT_USER\Control Panel\Desktop]
<SCRNSAVE.EXE><(无)> [N/A]

==================================
启动文件夹
N/A

==================================
服务
[Logical Disk Manager Administrative Service / dmadmin][Stopped/Manual Start]
<C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[OracleOraHome81Agent / OracleOraHome81Agent][Running/Auto Start]
<C:\oracle\ora81\bin\dbsnmp.exe><Oracle Corporation>
[OracleOraHome81ClientCache / OracleOraHome81ClientCache][Stopped/Manual Start]
<C:\oracle\ora81\BIN\ONRSD.EXE><N/A>
[OracleOraHome81DataGatherer / OracleOraHome81DataGatherer][Running/Auto Start]
<C:\oracle\ora81\bin\vppdc.exe><Oracle Corporation>
[OracleOraHome81HTTPServer / OracleOraHome81HTTPServer][Running/Auto Start]
<C:\oracle\ora81\Apache\Apache\Apache.exe><N/A>
[OracleOraHome81PagingServer / OracleOraHome81PagingServer][Stopped/Manual Start]
<C:\oracle\ora81/bin/pagntsrv.exe><N/A>
[OracleOraHome81TNSListener / OracleOraHome81TNSListener][Running/Auto Start]
<C:\oracle\ora81\BIN\TNSLSNR ><N/A>
[OracleServiceO8I / OracleServiceO8I][Running/Auto Start]
<c:\oracle\ora81\bin\ORACLE.EXE O8I><Oracle Corporation>
[Rav Process Communication Center / RavCCenter][Stopped/Auto Start]
<C:\Program Files\Rising\Rav\CCENTER.EXE><Beijing Rising Information Technology Co., Ltd.>
[Rising RavTask Manager / RavTask][Running/Auto Start]
<"C:\Program Files\Rising\Rav\RavTask.exe" RavTask><Beijing Rising Information Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
<C:\Program Files\Rising\Rav\RavMonD.exe><Beijing Rising Information Technology Co., Ltd.>
[Rising Scan Service / RsScanSrv][Stopped/Auto Start]
<C:\Program Files\Rising\Rav\ScanFrm.exe><Beijing Rising Information Technology Co., Ltd.>

==================================
驱动程序
[360AntiArp / 360AntiArp][Running/System Start]
<\??\C:\WINNT\system32\drivers\360AntiArp.sys><360安全中心>
[Microsoft ACPI Driver / ACPI][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\ACPI.sys><N/A>
[AFD 网络支持环境 / AFD][Running/Auto Start]
<\SystemRoot\System32\drivers\afd.sys><N/A>
[aic78xx / aic78xx][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\aic78xx.sys><N/A>
[AppleTalk Protocol / AppleTalk][Running/Auto Start]
<system32\DRIVERS\sfmatalk.sys><N/A>
[RAS Asynchronous Media Driver / AsyncMac][Stopped/Manual Start]
<system32\DRIVERS\asyncmac.sys><N/A>
[Standard IDE/ESDI Hard Disk Controller / atapi][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\atapi.sys><N/A>
[atirage / atirage][Running/Manual Start]
<system32\DRIVERS\atiragem.sys><N/A>
[ATM ARP Client Protocol / Atmarpc][Stopped/Manual Start]
<system32\DRIVERS\atmarpc.sys><N/A>
[Audio Stub Driver / audstub][Running/Manual Start]
<system32\DRIVERS\audstub.sys><N/A>
[BREGDRV / BREGDRV][Stopped/Manual Start]
<\??\C:\WINNT\system32\drivers\bregdrv.sys><360安全中心>
[CD-ROM Driver / Cdrom][Running/System Start]
<system32\DRIVERS\cdrom.sys><N/A>
[DfsDriver / DfsDriver][Running/Boot Start]
<\SystemRoot\system32\drivers\Dfs.sys><N/A>
[Disk Driver / Disk][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\disk.sys><N/A>
[dmboot / dmboot][Stopped/Disabled]
<System32\drivers\dmboot.sys><N/A>
[Logical Disk Manager Driver / dmio][Running/Boot Start]
<\SystemRoot\System32\drivers\dmio.sys><N/A>
[dmload / dmload][Running/Boot Start]
<\SystemRoot\System32\drivers\dmload.sys><N/A>
[Floppy Disk Controller Driver / Fdc][Running/Manual Start]
<system32\DRIVERS\fdc.sys><N/A>
[Floppy Disk Driver / Flpydisk][Running/Manual Start]
<system32\DRIVERS\flpydisk.sys><N/A>
[FltMgr / FltMgr][Running/Boot Start]
<\SystemRoot\system32\drivers\fltmgr.sys><N/A>
[FsVga / FsVga][Running/System Start]
<system32\DRIVERS\fsvga.sys><N/A>
[Volume Manager Driver / Ftdisk][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\ftdisk.sys><N/A>
[Generic Packet Classifier / Gpc][Running/Manual Start]
<system32\DRIVERS\msgpc.sys><N/A>
[hookcont / hookcont][Running/System Start]
<system32\drivers\HookCont.sys><N/A>
[hooksys / hooksys][Running/System Start]
<system32\drivers\HookSys.sys><N/A>
[HP 10/100TX PCI LAN Adapter NT Driver / HPTX][Running/Manual Start]
<system32\DRIVERS\hptxnt5.sys><N/A>
[i8042 Keyboard and PS/2 Mouse Port Driver / i8042prt][Running/System Start]
<system32\DRIVERS\i8042prt.sys><N/A>
[IP Traffic Filter Driver / IpFilterDriver][Stopped/Manual Start]
<system32\DRIVERS\ipfltdrv.sys><N/A>
[IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start]
<system32\DRIVERS\ipinip.sys><N/A>
[IP Network Address Translator / IpNat][Stopped/Manual Start]
<system32\DRIVERS\ipnat.sys><N/A>
[IPSEC driver / IPSEC][Running/Manual Start]
<system32\DRIVERS\ipsec.sys><N/A>
[IR Enumerator Service / IRENUM][Stopped/Manual Start]
<System32\DRIVERS\irenum.sys><N/A>
[PnP ISA/EISA Bus Driver / isapnp][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\isapnp.sys><N/A>
[Keyboard Class Driver / Kbdclass][Running/System Start]
<system32\DRIVERS\kbdclass.sys><N/A>
[SFM Kernel Driver / MACSRV][Running/Manual Start]
<system32\DRIVERS\sfmsrv.sys><N/A>
[Mouse Class Driver / Mouclass][Running/System Start]
<system32\DRIVERS\mouclass.sys><N/A>
[mraid35x / mraid35x][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\mraid35x.sys><N/A>
[MRxSmb / MRxSmb][Running/System Start]
<system32\DRIVERS\mrxsmb.sys><N/A>
[Microsoft Streaming Service Proxy / MSKSSRV][Stopped/Manual Start]
<system32\drivers\MSKSSRV.sys><N/A>
[Microsoft Streaming Clock Proxy / MSPCLOCK][Stopped/Manual Start]
<system32\drivers\MSPCLOCK.sys><N/A>
[Microsoft Streaming Quality Manager Proxy / MSPQM][Stopped/Manual Start]
<system32\drivers\MSPQM.sys><N/A>
[Remote Access NDIS TAPI Driver / NdisTapi][Running/Manual Start]
<system32\DRIVERS\ndistapi.sys><N/A>
[NDIS 用户模式 I/O 协议 / Ndisuio][Stopped/Manual Start]
<system32\DRIVERS\ndisuio.sys><N/A>
[Remote Access NDIS WAN Driver / NdisWan][Running/Manual Start]
<system32\DRIVERS\ndiswan.sys><N/A>
[NetBIOS Interface / NetBIOS][Running/System Start]
<system32\DRIVERS\netbios.sys><N/A>
[NetBios over Tcpip / NetBT][Running/System Start]
<system32\DRIVERS\netbt.sys><N/A>
[NetDetect / NetDetect][Stopped/Manual Start]
<\SystemRoot\system32\drivers\netdtect.sys><N/A>
[Network Monitor Driver / nm][Stopped/Manual Start]
<system32\DRIVERS\NMnt.sys><N/A>
[IPX Traffic Filter Driver / NwlnkFlt][Stopped/Manual Start]
<system32\DRIVERS\nwlnkflt.sys><N/A>
[IPX Traffic Forwarder Driver / NwlnkFwd][Stopped/Manual Start]
<system32\DRIVERS\nwlnkfwd.sys><N/A>
[DDK PACKET Protocol / Packet][Running/Manual Start]
<system32\DRIVERS\ProtoDrv.sys><N/A>
[Parallel class driver / Parallel][Running/Manual Start]
<system32\DRIVERS\parallel.sys><N/A>
[Parallel port driver / Parport][Running/System Start]
<system32\DRIVERS\parport.sys><N/A>
[PCI Bus Driver / PCI][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\pci.sys><N/A>
[PCIIde / PCIIde][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\pciide.sys><N/A>
[WAN Miniport (PPTP) / PptpMiniport][Running/Manual Start]
<system32\DRIVERS\raspptp.sys><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><N/A>
[Remote Access Auto Connection Driver / RasAcd][Running/System Start]
<system32\DRIVERS\rasacd.sys><N/A>
[WAN Miniport (L2TP) / Rasl2tp][Running/Manual Start]
<system32\DRIVERS\rasl2tp.sys><N/A>
[Direct Parallel / Raspti][Running/Manual Start]
<system32\DRIVERS\raspti.sys><N/A>
[Microsoft Streaming Network Raw Channel Access / RCA][Stopped/Manual Start]
<system32\drivers\RCA.sys><N/A>
[Rdbss / Rdbss][Running/System Start]
<system32\DRIVERS\rdbss.sys><N/A>
[Terminal Server Device Redirector Driver / rdpdr][Running/Manual Start]
<system32\DRIVERS\rdpdr.sys><N/A>
[Digital CD Audio Playback Filter Driver / redbook][Stopped/System Start]
<system32\DRIVERS\redbook.sys><N/A>
[RsNTGDI / RsNTGDI][Running/Boot Start]
<\SystemRoot\system32\Drivers\RsNTGdi.sys><N/A>
[SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
<\??\C:\WINNT\system32\Drivers\safeboxkrnl.sys><360安全中心>
[Serenum Filter Driver / serenum][Running/Manual Start]
<system32\DRIVERS\serenum.sys><N/A>
[Serial port driver / Serial][Running/System Start]
<system32\DRIVERS\serial.sys><N/A>
[特殊目的工具驱动程序 / spud][Running/Manual Start]
<\SystemRoot\System32\drivers\spud.sys><N/A>
[Srv / Srv][Running/Manual Start]
<system32\DRIVERS\srv.sys><N/A>
[Software Bus Driver / swenum][Running/Manual Start]
<system32\DRIVERS\swenum.sys><N/A>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
<system32\DRIVERS\tcpip.sys><N/A>
[Terminal Device Driver / TermDD][Running/Auto Start]
<\SystemRoot\System32\drivers\termdd.sys><N/A>
[Microcode Update Driver / Update][Running/Manual Start]
<system32\DRIVERS\update.sys><N/A>
[VgaSave / VgaSave][Running/System Start]
<\SystemRoot\System32\drivers\vga.sys><N/A>
[Remote Access IP ARP Driver / Wanarp][Running/Manual Start]
<system32\DRIVERS\wanarp.sys><N/A>

sky_wl - 2009-9-1 8:31:00

=================================
浏览器加载项
[SafeMon Class]
{B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360\360safe\safemon\safemon.dll, (Signed) 360.CN>
[@shdoclc.dll,-866]
{c95fe080-8f5d-11d2-a20b-00aa003c157a} <, >
[@msdxmLC.dll,-1@2052,电台(&R)]
{8E718888-423F-11D2-876E-00A0C9082467} <C:\WINNT\system32\msdxm.ocx, (Signed) Microsoft Corporation>
[WebBasedClientInstall Class]
{D30CA0FD-1CA0-11D4-AC78-006008A9A8BC} <C:\WINNT\Downloaded Program Files\WebInst.Dll, Symantec Corporation>
[360SafeLive]
{87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360\360safe\live.dll, (Signed) 360.cn>

==================================
正在运行的进程
[PID: 180 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.00.2195.6601]
[PID: 204 / SYSTEM][\??\C:\WINNT\system32\csrss.exe] [(Verified) Microsoft Corporation, 5.00.2195.6601]
[PID: 228 / SYSTEM][\??\C:\WINNT\system32\winlogon.exe] [(Verified) Microsoft Corporation, 5.00.2195.6997]
[PID: 256 / SYSTEM][C:\WINNT\system32\services.exe] [(Verified) Microsoft Corporation, 5.00.2195.7035]
[C:\WINNT\system32\dmserver.dll] [VERITAS Software Corp., 2195.6605.297.3]
[PID: 268 / SYSTEM][C:\WINNT\system32\lsass.exe] [(Verified) Microsoft Corporation, 5.00.2195.7011]
[PID: 380 / SYSTEM][C:\WINNT\System32\termsrv.exe] [(Verified) Microsoft Corporation, 5.00.2195.6696]
[PID: 516 / SYSTEM][C:\WINNT\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.00.2134.1]
[C:\WINNT\system32\nap32.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 1]
[PID: 556 / SYSTEM][C:\WINNT\system32\spoolsv.exe] [(Verified) Microsoft Corporation, 5.00.2195.7059]
[PID: 612 / SYSTEM][C:\WINNT\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.00.2134.1]
[C:\WINNT\system32\msjetoledb40.dll] [, ]
[C:\WINNT\system32\nap32.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 1]
[PID: 640 / SYSTEM][C:\WINNT\System32\llssrv.exe] [(Verified) Microsoft Corporation, 5.00.2195.7021]
[PID: 672 / SYSTEM][C:\WINNT\system32\tcpsvcs.exe] [(Verified) Microsoft Corporation, 5.00.2134.1]
[PID: 696 / SYSTEM][C:\WINNT\system32\sfmprint.exe] [(Verified) Microsoft Corporation, 5.00.2157.1]
[PID: 764 / SYSTEM][C:\oracle\ora81\bin\dbsnmp.exe] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oranmi.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oraclient8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oracore8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oranls8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oravsn8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oracommon8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\orageneric8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oranl8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oran8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\orancrypt8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oranro8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\orannzsbb8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oranldap8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oraldapclnt8.dll] [Oracle Corporation, 8.1.5.0.0]
[C:\oracle\ora81\bin\oranhost8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oranoname8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\orancds8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\orantns8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\orannds8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oranms.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oranmsp.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\ORATRACE8.dll] [N/A, ]
[C:\oracle\ora81\bin\orapls8.dll] [Oracle Corporation, 8]
[C:\oracle\ora81\bin\oraslax8.dll] [Oracle Corporation, 8]
[C:\oracle\ora81\bin\orawtc8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\orasql8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oravppdc.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oranmd.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\tcl75.dll] [N/A, ]
[C:\oracle\ora81\bin\oranbeq8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\orantcp8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\orannts8.dll] [Oracle Corporation, 8.1.7.0.0]
[PID: 828 / SYSTEM][C:\Program Files\Rising\Rav\rsnetsvr.exe] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 15]
[C:\Program Files\Rising\Rav\NComm.dll] [Beijing Rising Information Technology Co., Ltd., 6.0.0.12]
[C:\Program Files\Rising\Rav\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
[C:\Program Files\Rising\Rav\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
[C:\Program Files\Rising\Rav\ProcComm.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
[C:\WINNT\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINNT\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[PID: 888 / SYSTEM][C:\oracle\ora81\bin\vppdc.exe] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oravppdc.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oraclient8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oracore8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oranls8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oravsn8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oracommon8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\orageneric8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oranl8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oran8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\orancrypt8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oranro8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\orannzsbb8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oranldap8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oraldapclnt8.dll] [Oracle Corporation, 8.1.5.0.0]
[C:\oracle\ora81\bin\oranhost8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oranoname8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\orancds8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\orantns8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\orannds8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oranms.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oranmsp.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\ORATRACE8.dll] [N/A, ]
[C:\oracle\ora81\bin\orapls8.dll] [Oracle Corporation, 8]
[C:\oracle\ora81\bin\oraslax8.dll] [Oracle Corporation, 8]
[C:\oracle\ora81\bin\orawtc8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\orasql8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oranmi.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oranmd.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\tcl75.dll] [N/A, ]
[C:\oracle\ora81\bin\oravpnt.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oravpxdba.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oravpsqlsrv.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oravpxoafnd.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oravpxeap.dll] [Oracle Corporation, 8.1.7.0.0]
[PID: 900 / SYSTEM][C:\oracle\ora81\Apache\Apache\Apache.exe] [N/A, ]
[C:\oracle\ora81\Apache\Apache\ApacheCore.dll] [N/A, ]
[c:\oracle\ora81\apache\apache\modules\ApacheModuleMimeMagic.dll] [N/A, ]
[c:\oracle\ora81\apache\apache\modules\ApacheModuleAuthAnon.dll] [N/A, ]
[c:\oracle\ora81\apache\apache\modules\ApacheModuleCERNMeta.dll] [N/A, ]
[c:\oracle\ora81\apache\apache\modules\ApacheModuleDigest.dll] [N/A, ]
[c:\oracle\ora81\apache\apache\modules\ApacheModuleExpires.dll] [N/A, ]
[c:\oracle\ora81\apache\apache\modules\ApacheModuleHeaders.dll] [N/A, ]
[c:\oracle\ora81\apache\apache\modules\ApacheModuleProxy.dll] [N/A, ]
[c:\oracle\ora81\apache\apache\modules\ApacheModuleRewrite.dll] [N/A, ]
[c:\oracle\ora81\apache\apache\modules\ApacheModuleSpeling.dll] [N/A, ]
[c:\oracle\ora81\apache\apache\modules\ApacheModuleStatus.dll] [N/A, ]
[c:\oracle\ora81\apache\apache\modules\ApacheModuleUserTrack.dll] [N/A, ]
[c:\oracle\ora81\apache\apache\modules\ApacheModulePerl.DLL] [N/A, ]
[C:\oracle\ora81\Apache\Perl\5.00503\bin\mswin32-x86\Perl.dll] [N/A, ]
[c:\oracle\ora81\apache\apache\modules\ApacheModuleSSL.DLL] [N/A, ]
[C:\oracle\ora81\Apache\Jserv\ApacheModuleJServ.dll] [N/A, ]
[c:\oracle\ora81\apache\apache\modules\orajipa8i.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oran8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oranl8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oranldap8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\orannzsbb8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oracore8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oranls8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\orageneric8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oracommon8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oraclient8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oravsn8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\orawtc8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oranro8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\orapls8.dll] [Oracle Corporation, 8]
[C:\oracle\ora81\bin\oraslax8.dll] [Oracle Corporation, 8]
[C:\oracle\ora81\bin\orasql8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oraldapclnt8.dll] [Oracle Corporation, 8.1.5.0.0]
[C:\oracle\ora81\bin\ORATRACE8.dll] [N/A, ]
[C:\oracle\ora81\bin\orancrypt8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oranhost8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oranoname8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\orancds8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\orantns8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\orannds8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oranms.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oranmsp.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\modplsql.dll] [N/A, ]
[C:\oracle\ora81\bin\OCI.dll] [Oracle Corporation, 8.1.7.0.0]
[PID: 956 / SYSTEM][C:\oracle\ora81\BIN\TNSLSNR.exe] [N/A, ]
[C:\oracle\ora81\BIN\oransgr8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\BIN\oran8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\BIN\oranl8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\BIN\oranldap8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\BIN\orannzsbb8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\BIN\oracore8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\BIN\oranls8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\BIN\orageneric8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\BIN\oracommon8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\BIN\oraclient8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\BIN\oravsn8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\BIN\orawtc8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\BIN\oranro8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\BIN\orapls8.dll] [Oracle Corporation, 8]
[C:\oracle\ora81\BIN\oraslax8.dll] [Oracle Corporation, 8]
[C:\oracle\ora81\BIN\orasql8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\BIN\oraldapclnt8.dll] [Oracle Corporation, 8.1.5.0.0]
[C:\oracle\ora81\BIN\ORATRACE8.dll] [N/A, ]
[C:\oracle\ora81\BIN\orancrypt8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\BIN\oranhost8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\BIN\oranoname8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\BIN\orancds8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\BIN\orantns8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\BIN\orannds8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\BIN\oranms.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\BIN\oranmsp.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oranipc8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\orantcp8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oranbeq8.dll] [Oracle Corporation, 8.1.7.0.0]
[PID: 1008 / SYSTEM][c:\oracle\ora81\bin\ORACLE.EXE] [Oracle Corporation, 8.1.7.0.0]
[c:\oracle\ora81\bin\oraclient8.dll] [Oracle Corporation, 8.1.7.0.0]
[c:\oracle\ora81\bin\oracore8.dll] [Oracle Corporation, 8.1.7.0.0]
[c:\oracle\ora81\bin\oranls8.dll] [Oracle Corporation, 8.1.7.0.0]
[c:\oracle\ora81\bin\oravsn8.dll] [Oracle Corporation, 8.1.7.0.0]
[c:\oracle\ora81\bin\oracommon8.dll] [Oracle Corporation, 8.1.7.0.0]
[c:\oracle\ora81\bin\orageneric8.dll] [Oracle Corporation, 8.1.7.0.0]
[c:\oracle\ora81\bin\oranl8.dll] [Oracle Corporation, 8.1.7.0.0]
[c:\oracle\ora81\bin\oran8.dll] [Oracle Corporation, 8.1.7.0.0]
[c:\oracle\ora81\bin\orancrypt8.dll] [Oracle Corporation, 8.1.7.0.0]
[c:\oracle\ora81\bin\oranro8.dll] [Oracle Corporation, 8.1.7.0.0]
[c:\oracle\ora81\bin\orannzsbb8.dll] [Oracle Corporation, 8.1.7.0.0]
[c:\oracle\ora81\bin\oranldap8.dll] [Oracle Corporation, 8.1.7.0.0]
[c:\oracle\ora81\bin\oraldapclnt8.dll] [Oracle Corporation, 8.1.5.0.0]
[c:\oracle\ora81\bin\oranhost8.dll] [Oracle Corporation, 8.1.7.0.0]
[c:\oracle\ora81\bin\oranoname8.dll] [Oracle Corporation, 8.1.7.0.0]
[c:\oracle\ora81\bin\orancds8.dll] [Oracle Corporation, 8.1.7.0.0]
[c:\oracle\ora81\bin\orantns8.dll] [Oracle Corporation, 8.1.7.0.0]
[c:\oracle\ora81\bin\orannds8.dll] [Oracle Corporation, 8.1.7.0.0]
[c:\oracle\ora81\bin\oranms.dll] [Oracle Corporation, 8.1.7.0.0]
[c:\oracle\ora81\bin\oranmsp.dll] [Oracle Corporation, 8.1.7.0.0]
[c:\oracle\ora81\bin\ORATRACE8.dll] [N/A, ]
[c:\oracle\ora81\bin\orapls8.dll] [Oracle Corporation, 8]
[c:\oracle\ora81\bin\oraslax8.dll] [Oracle Corporation, 8]
[c:\oracle\ora81\bin\orawtc8.dll] [Oracle Corporation, 8.1.7.0.0]
[c:\oracle\ora81\bin\orasql8.dll] [Oracle Corporation, 8.1.7.0.0]
[c:\oracle\ora81\bin\oraplp8.dll] [Oracle Corporation, 8]
[c:\oracle\ora81\bin\oradbicx8.dll] [Oracle Corporation, 8]
[c:\oracle\ora81\bin\orajox8.dll] [N/A, ]
[c:\oracle\ora81\bin\orawwg8.dll] [Oracle Corporation, 8.1.7.0.0]
[c:\oracle\ora81\bin\oransgr8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\BIN\ORAIMR8.Dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oranbeq8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\orannts8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\orantcp8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8oracle_aurora_rdbms.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8java_lang.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8java_io.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8java_util.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8oracle_aurora_vm.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8java_security.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8java_lang_reflect.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8oracle_gss_util.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8sun_io.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8java_lang_ref.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8sun_security_action.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8sun_misc.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8oracle_sql.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8java_sql.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8sun_security_provider.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8oracle_jdbc_driver.dll] [N/A, ]
[C:\oracle\ora81\BIN\corejava.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8java_math.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8oracle_aurora_rdbms_security.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8oracle_aurora_realm.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8oracle_jdbc_kprb.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8oracle_jdbc_dbaccess.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8oracle_aurora_memoryManager.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8oracle_aurora_net.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8_e2d26a7a79_internal_oracle_aurora_mts_http_admin.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8_e2d25a092e_internal_oracle_aurora_namespace_shell.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8java_net.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8oracle_aurora_security.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8java_security_acl.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8javax_naming.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8_e2d25a092e_internal_oracle_aurora_namespace.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8javax_naming_directory.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8oracle_aurora_util.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8_e2d25a092e_internal_oracle_aurora_namespace_rdbms.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8_e2d25a092e_internal_oracle_aurora_mts_session.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8sun_security_util.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8java_applet.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8oracle_aurora_rdbms_url_jserver.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8javax_naming_spi.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8_e2d25a092e_internal_oracle_aurora_mts_session_rdbms.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8_e2d25a092e_internal_oracle_aurora_mts.dll] [N/A, ]
[C:\ORACLE\ORA81\JAVAVM\ADMIN\orajox8java_text.dll] [N/A, ]

sky_wl - 2009-9-1 8:32:00

[PID: 1080 / SYSTEM][C:\WINNT\system32\regsvc.exe] [(Verified) Microsoft Corporation, 5.00.2195.6701]
[PID: 1276 / SYSTEM][C:\WINNT\system32\MSTask.exe] [(Verified) Microsoft Corporation, 4.71.2195.6972]
[PID: 1340 / SYSTEM][C:\WINNT\System32\snmp.exe] [(Verified) Microsoft Corporation, 5.00.2195.7112]
[PID: 1356 / SYSTEM][C:\WINNT\system32\lserver.exe] [(Verified) Microsoft Corporation, 5.00.2195.6701]
[PID: 1416 / SYSTEM][C:\WINNT\System32\WBEM\WinMgmt.exe] [(Verified) Microsoft Corporation, 1.50.1085.0100]
[PID: 1428 / SYSTEM][C:\WINNT\System32\wins.exe] [(Verified) Microsoft Corporation, 5.00.2195.7155]
[PID: 1452 / SYSTEM][C:\WINNT\system32\Dfssvc.exe] [(Verified) Microsoft Corporation, 5.00.2195.6664]
[PID: 1488 / SYSTEM][C:\WINNT\System32\dns.exe] [(Verified) Microsoft Corporation, 5.00.2195.6715]
[PID: 1536 / SYSTEM][C:\WINNT\system32\inetsrv\inetinfo.exe] [(Verified) Microsoft Corporation, 5.00.0984]
[PID: 1596 / SYSTEM][C:\WINNT\system32\sfmsvc.exe] [(Verified) Microsoft Corporation, 5.00.2195.6684]
[PID: 1676 / SYSTEM][C:\WINNT\system32\msdtc.exe] [(Verified) Microsoft Corporation, 1999.9.3421.3]
[C:\oracle\ora81\bin\ociw32.dll] [Oracle Corporation, 8.1.7.0.0]
[PID: 1996 / SYSTEM][C:\oracle\ora81\Apache\jdk\bin\java.exe] [N/A, ]
[C:\oracle\ora81\Apache\jdk\jre\bin\classic\jvm.dll] [N/A, ]
[C:\oracle\ora81\Apache\jdk\jre\bin\hpi.dll] [N/A, ]
[C:\oracle\ora81\Apache\jdk\jre\bin\java.dll] [N/A, ]
[C:\oracle\ora81\Apache\jdk\jre\bin\zip.dll] [N/A, ]
[C:\oracle\ora81\Apache\jdk\jre\bin\symcjit.dll] [Symantec Corporation http://www.symantec.com, 3.10.107]
[C:\oracle\ora81\Apache\jdk\jre\bin\net.dll] [N/A, ]
[PID: 2008 / SYSTEM][C:\oracle\ora81\Apache\Apache\Apache.exe] [N/A, ]
[C:\oracle\ora81\Apache\Apache\ApacheCore.dll] [N/A, ]
[c:\oracle\ora81\apache\apache\modules\ApacheModuleMimeMagic.dll] [N/A, ]
[c:\oracle\ora81\apache\apache\modules\ApacheModuleAuthAnon.dll] [N/A, ]
[c:\oracle\ora81\apache\apache\modules\ApacheModuleCERNMeta.dll] [N/A, ]
[c:\oracle\ora81\apache\apache\modules\ApacheModuleDigest.dll] [N/A, ]
[c:\oracle\ora81\apache\apache\modules\ApacheModuleExpires.dll] [N/A, ]
[c:\oracle\ora81\apache\apache\modules\ApacheModuleHeaders.dll] [N/A, ]
[c:\oracle\ora81\apache\apache\modules\ApacheModuleProxy.dll] [N/A, ]
[c:\oracle\ora81\apache\apache\modules\ApacheModuleRewrite.dll] [N/A, ]
[c:\oracle\ora81\apache\apache\modules\ApacheModuleSpeling.dll] [N/A, ]
[c:\oracle\ora81\apache\apache\modules\ApacheModuleStatus.dll] [N/A, ]
[c:\oracle\ora81\apache\apache\modules\ApacheModuleUserTrack.dll] [N/A, ]
[c:\oracle\ora81\apache\apache\modules\ApacheModulePerl.DLL] [N/A, ]
[C:\oracle\ora81\Apache\Perl\5.00503\bin\mswin32-x86\Perl.dll] [N/A, ]
[c:\oracle\ora81\apache\apache\modules\ApacheModuleSSL.DLL] [N/A, ]
[C:\oracle\ora81\Apache\Jserv\ApacheModuleJServ.dll] [N/A, ]
[c:\oracle\ora81\apache\apache\modules\orajipa8i.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oran8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oranl8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oranldap8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\orannzsbb8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oracore8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oranls8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\orageneric8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oracommon8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oraclient8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oravsn8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\orawtc8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oranro8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\orapls8.dll] [Oracle Corporation, 8]
[C:\oracle\ora81\bin\oraslax8.dll] [Oracle Corporation, 8]
[C:\oracle\ora81\bin\orasql8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oraldapclnt8.dll] [Oracle Corporation, 8.1.5.0.0]
[C:\oracle\ora81\bin\ORATRACE8.dll] [N/A, ]
[C:\oracle\ora81\bin\orancrypt8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oranhost8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oranoname8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\orancds8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\orantns8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\orannds8.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oranms.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\oranmsp.dll] [Oracle Corporation, 8.1.7.0.0]
[C:\oracle\ora81\bin\modplsql.dll] [N/A, ]
[C:\oracle\ora81\bin\OCI.dll] [Oracle Corporation, 8.1.7.0.0]
[PID: 464 / SYSTEM][\??\C:\WINNT\system32\csrss.exe] [(Verified) Microsoft Corporation, 5.00.2195.6601]
[PID: 1504 / SYSTEM][\??\C:\WINNT\system32\winlogon.exe] [(Verified) Microsoft Corporation, 5.00.2195.6997]
[PID: 1092 / SYSTEM][\??\C:\WINNT\system32\csrss.exe] [(Verified) Microsoft Corporation, 5.00.2195.6601]
[PID: 2352 / SYSTEM][\??\C:\WINNT\system32\winlogon.exe] [(Verified) Microsoft Corporation, 5.00.2195.6997]
[PID: 2656 / SYSTEM][C:\WINNT\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.00.2134.1]
[C:\WINNT\system32\nap32.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 1]
[PID: 2692 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 1044 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 2420 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 1268 / Administrator][C:\WINNT\system32\conime.exe] [(Verified) Microsoft Corporation, 5.00.2195.6655]
[PID: 1400 / Administrator][C:\WINNT\Explorer.EXE] [(Verified) Microsoft Corporation, 5.00.3700.6690]
[C:\Program Files\360\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1021]
[C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.77]
[C:\WINNT\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINNT\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\WinRAR\rarext.dll] [N/A, ]
[C:\WINNT\system32\RavExt.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
[PID: 2640 / Administrator][C:\WINNT\system32\internat.exe] [(Verified) Microsoft Corporation, 5.00.2920.0000]
[PID: 348 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 1016 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 2624 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 2376 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 2676 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 2852 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 2844 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 2560 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 160 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 2464 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 1924 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 2920 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 2596 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 1220 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 2408 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 2380 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 2412 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 388 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 3012 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 2628 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 3068 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 2564 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 2976 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 2988 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 2860 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 3040 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 2832 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 3044 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 2908 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 2896 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 2356 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 3056 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 2372 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 2404 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 3000 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 2884 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 2956 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 2392 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 2972 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 1256 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 2980 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 524 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 2872 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 2992 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 2984 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 3084 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 3080 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 3092 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 3124 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 3108 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 3032 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 3024 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 3096 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 3100 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 3172 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 2900 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 3132 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 3196 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 3136 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 3208 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 3148 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 3156 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 3152 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 3076 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 3256 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 3220 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 3240 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 3268 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 3244 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 1248 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 3288 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 3104 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 3308 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 3276 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 820 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 3228 / SYSTEM][C:\WINNT\system32\rundll32.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 3348 / Administrator][C:\WINNT\system32\mdm.exe] [Microsoft Corporation, 6.00.8424]
[C:\Program Files\360\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1021]
[PID: 3392 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 5.00.2920.0000]
[C:\Program Files\360\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1021]
[C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.77]
[C:\WINNT\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINNT\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[PID: 3376 / Administrator][D:\sreng2[1].8.1.1279版\sr-engldr.EXE] [Smallfrogs Studio, 2.8.1.1279]
[PID: 3316 / Administrator][D:\sreng2[1].8.1.1279版\SREa9ec57a5.EXE] [Smallfrogs Studio, 2.8.1.1279]
[C:\Program Files\360\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1021]
[D:\sreng2[1].8.1.1279版\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]

==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM Error. ["C:\WINNT\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
N/A

==================================
进程特权扫描
特殊特权被允许： SeLoadDriverPrivilege [PID = 764, C:\ORACLE\ORA81\BIN\DBSNMP.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 888, C:\ORACLE\ORA81\BIN\VPPDC.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 900, C:\ORACLE\ORA81\APACHE\APACHE\APACHE.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 956, C:\ORACLE\ORA81\BIN\TNSLSNR.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1008, C:\ORACLE\ORA81\BIN\ORACLE.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1996, C:\ORACLE\ORA81\APACHE\JDK\BIN\JAVA.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2008, C:\ORACLE\ORA81\APACHE\APACHE\APACHE.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 3376, D:\SRENG2[1].8.1.1279版\SR-ENGLDR.EXE]

sky_wl - 2009-9-1 8:32:00

==================================
计划任务
[已启用] At13.job
rundll32.exe
[已启用] At12.job
rundll32.exe
[已启用] At11.job
rundll32.exe
[已启用] At10.job
rundll32.exe
[已启用] At1.job
rundll32.exe
[已启用] At18.job
rundll32.exe
[已启用] At17.job
rundll32.exe
[已启用] At16.job
rundll32.exe
[已启用] At15.job
rundll32.exe
[已启用] At14.job
rundll32.exe
[已启用] At22.job
rundll32.exe
[已启用] At21.job
rundll32.exe
[已启用] At20.job
rundll32.exe
[已启用] At2.job
rundll32.exe
[已启用] At19.job
rundll32.exe
[已启用] At27.job
rundll32.exe
[已启用] At26.job
rundll32.exe
[已启用] At25.job
rundll32.exe
[已启用] At24.job
rundll32.exe
[已启用] At23.job
rundll32.exe
[已启用] At31.job
rundll32.exe
[已启用] At30.job
rundll32.exe
[已启用] At3.job
rundll32.exe
[已启用] At29.job
rundll32.exe
[已启用] At28.job
rundll32.exe
[已启用] At36.job
rundll32.exe
[已启用] At35.job
rundll32.exe
[已启用] At34.job
rundll32.exe
[已启用] At33.job
rundll32.exe
[已启用] At32.job
rundll32.exe
[已启用] At40.job
rundll32.exe
[已启用] At4.job
rundll32.exe
[已启用] At39.job
rundll32.exe
[已启用] At38.job
rundll32.exe
[已启用] At37.job
rundll32.exe
[已启用] At45.job
rundll32.exe
[已启用] At44.job
rundll32.exe
[已启用] At43.job
rundll32.exe
[已启用] At42.job
rundll32.exe
[已启用] At41.job
rundll32.exe
[已启用] At5.job
rundll32.exe
[已启用] At49.job
rundll32.exe
[已启用] At48.job
rundll32.exe
[已启用] At47.job
rundll32.exe
[已启用] At46.job
rundll32.exe
[已启用] At54.job
rundll32.exe
[已启用] At53.job
rundll32.exe
[已启用] At52.job
rundll32.exe
[已启用] At51.job
rundll32.exe
[已启用] At50.job
rundll32.exe
[已启用] At59.job
rundll32.exe
[已启用] At58.job
rundll32.exe
[已启用] At57.job
rundll32.exe
[已启用] At56.job
rundll32.exe
[已启用] At55.job
rundll32.exe
[已启用] At63.job
rundll32.exe
[已启用] At62.job
rundll32.exe
[已启用] At61.job
rundll32.exe
[已启用] At60.job
rundll32.exe
[已启用] At6.job
rundll32.exe
[已启用] At68.job
rundll32.exe
[已启用] At67.job
rundll32.exe
[已启用] At66.job
rundll32.exe
[已启用] At65.job
rundll32.exe
[已启用] At64.job
rundll32.exe
[已启用] At72.job
rundll32.exe
[已启用] At71.job
rundll32.exe
[已启用] At70.job
rundll32.exe
[已启用] At7.job
rundll32.exe
[已启用] At69.job
rundll32.exe
[已启用] At77.job
rundll32.exe
[已启用] At76.job
rundll32.exe
[已启用] At75.job
rundll32.exe
[已启用] At74.job
rundll32.exe
[已启用] At73.job
rundll32.exe
[已启用] At81.job
rundll32.exe
[已启用] At80.job
rundll32.exe
[已启用] At8.job
rundll32.exe
[已启用] At79.job
rundll32.exe
[已启用] At78.job
rundll32.exe
[已启用] At86.job
rundll32.exe
[已启用] At85.job
rundll32.exe
[已启用] At84.job
rundll32.exe
[已启用] At83.job
rundll32.exe
[已启用] At82.job
rundll32.exe
[已启用] At9.job
rundll32.exe

==================================
Windows 安全更新检查
N/A

==================================
API HOOK
入口点错误：CreateProcessW (危险等级: 高, 被下面模块所HOOK: C:\Program Files\360\360safe\safemon\safemon.dll)

==================================
隐藏进程
N/A

==================================

networkedition - 2009-9-1 9:42:00

lz查看一下计划任务内容，如不是正常用到的计划任务，建议全部删除，操作系统补打补丁ms08-067,参考此帖：http://bbs.ikaka.com/showtopic-8612678.aspx

瑞星卡卡安全论坛