中了这个木马`Backdoor.Gpigeon.uql`有日志` - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛中了这个木马`Backdoor.Gpigeon.uql`有日志`

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

12

2 / 2 页

跳转页

中了这个木马`Backdoor.Gpigeon.uql`有日志`

混沌时空初生襁褓狮帖子:14 注册: 2008-09-05 来自:	发表于： 2008-09-05 17:57 \| 短消息资料字号：小中大 11楼回复：中了这个木马`Backdoor.Gpigeon.uql`有日志` 18, 0, 0, 4] [D:\RISING\RAV\mPorts.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3] [C:\WINDOWS\system32\iphlpapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [D:\RISING\RAV\HookCont.dll] [Rising, 19, 0, 0, 0] [D:\Rising\Rav\SpamEng.dll] [, 18, 0, 0, 6] [D:\Rising\Rav\engine.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 30] [C:\WINDOWS\system32\mswsock.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [D:\Rising\Rav\PostTrt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 17] [C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [D:\Rising\Rav\UnExe.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10] [D:\Rising\Rav\ScanExec.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19] [D:\Rising\Rav\ScanEx.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 90] [D:\Rising\Rav\ExtFile.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 38] [D:\Rising\Rav\NvFile.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11] [D:\Rising\Rav\ScanMac.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 17] [D:\Rising\Rav\ScanSct.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 22] [D:\Rising\Rav\ScanPack.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 25] [D:\Rising\Rav\RsVM.dll] [, 19, 0, 0, 22] [D:\Rising\Rav\Uroutine.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 61] [D:\Rising\Rav\Uscript.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19] [C:\WINDOWS\system32\perfproc.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [D:\Rising\Rav\ExtOLE.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 14] [C:\WINDOWS\system32\ODBC32.dll] [Microsoft Corporation, 3.525.1132.0 (xpsp.080413-0852)] [C:\WINDOWS\system32\comdlg32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\odbcint.dll] [Microsoft Corporation, 3.525.1117.0 built by: (_sqlbld)] [C:\WINDOWS\system32\odbcjt32.dll] [Microsoft Corporation, 4.0.6305.0] [C:\WINDOWS\system32\msjet40.dll] [Microsoft Corporation, 4.00.9511.0] [C:\WINDOWS\system32\mswstr10.dll] [Microsoft Corporation, 4.00.9502.0] [C:\WINDOWS\system32\odbcji32.dll] [Microsoft Corporation, 4.0.6305.0] [C:\WINDOWS\system32\msjter40.dll] [Microsoft Corporation, 4.00.9502.0] [C:\WINDOWS\system32\MSJINT40.DLL] [Microsoft Corporation, 4.00.9502.0] [C:\WINDOWS\system32\odbccp32.dll] [Microsoft Corporation, 3.525.1132.0 (xpsp.080413-0852)] [C:\WINDOWS\system32\VBAJET32.DLL] [Microsoft Corporation, 6.1.9431] [PID: 1704 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ShimEng.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\AppPatch\AcGenral.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\MSACM32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [C:\WINDOWS\system32\SPOOLSS.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\DNSAPI.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\rasadhlp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\localspl.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\winspool.drv] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\netapi32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\cnbjmon.dll] [Microsoft Corporation, 5.1.2600.2082 (xpsp(skatari).040213-0952)] [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2] [C:\WINDOWS\system32\msi.dll] [Microsoft Corporation, 3.1.4001.5512] [C:\WINDOWS\system32\pjlmon.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\tcpmon.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\usbmon.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2] [C:\WINDOWS\System32\mswsock.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\winrnr.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\win32spl.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\NETRAP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\NTDSAPI.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\inetpp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [PID: 1876 / SYSTEM][D:\RISING\RAV\RavStub.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 4] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\COMCTL32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [D:\RISING\RAV\RsCommX.dll] [rising, 18, 0, 0, 1] [D:\RISING\RAV\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 540 / SYSTEM][C:\Program Files\Common Files\GoldenSoft\ChannelRg.exe] [, 1, 0, 0, 1] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ATL.DLL] [Microsoft Corporation, 3.05.2284] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\Program Files\Common Files\GoldenSoft\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MFC42LOC.DLL] [Microsoft Corporation, 6.00.8665.0] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SXS.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 1140 / SYSTEM][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\USER32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\wsock32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\AVICAP32.dll] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MSVFW32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\COMCTL32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [C:\WINDOWS\system32\oleaut32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\wininet.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\msacm32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\mpr.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\mswsock.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\DNSAPI.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\System32\winrnr.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\rasadhlp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [PID: 1936 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\System32\ATL.DLL] [Microsoft Corporation, 3.05.2284] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\System32\WSOCK32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
混沌时空初生襁褓狮帖子:14 注册: 2008-09-05 来自:

混沌时空初生襁褓狮帖子:14 注册: 2008-09-05 来自:	发表于： 2008-09-05 17:58 \| 短消息资料字号：小中大 12楼回复：中了这个木马`Backdoor.Gpigeon.uql`有日志` [C:\WINDOWS\System32\MSWSOCK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\ShimEng.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\AppPatch\AcGenral.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\System32\WINMM.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\System32\MSACM32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\System32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\System32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [C:\WINDOWS\System32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\System32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\System32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [PID: 276 / Administrator][C:\Program Files\Rising\AntiSpyware\runiep.exe] [Beijing Rising Technology Co., Ltd., 4.0.0.18] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\MFC42.DLL] [Microsoft Corporation, 6.02.4131.0] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MFC42LOC.DLL] [Microsoft Corporation, 6.00.8665.0] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12] [C:\WINDOWS\system32\MSCTF.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [PID: 304 / Administrator][D:\Rising\Rav\RavTask.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\COMCTL32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [D:\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5] [D:\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2] [D:\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [D:\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\Apphelp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MSCTF.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ODBC32.dll] [Microsoft Corporation, 3.525.1132.0 (xpsp.080413-0852)] [C:\WINDOWS\system32\comdlg32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\odbcint.dll] [Microsoft Corporation, 3.525.1117.0 built by: (_sqlbld)] [C:\WINDOWS\system32\odbccp32.dll] [Microsoft Corporation, 3.525.1132.0 (xpsp.080413-0852)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\VBAJET32.DLL] [Microsoft Corporation, 6.1.9431] [PID: 312 / Administrator][C:\Program Files\GoldenSoft\Recovery Genius\WinNT\HDDGMon.exe] [, 6, 1, 0, 150] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\user32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\Program Files\GoldenSoft\Recovery Genius\WinNT\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0] [C:\WINDOWS\system32\MSVCRT.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\MFC42LOC.DLL] [Microsoft Corporation, 6.00.8665.0] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\OLEPRO32.DLL] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\Program Files\GoldenSoft\Recovery Genius\WinNT\Apple.dll] [, 2, 1, 0, 0] [C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\Program Files\GoldenSoft\Recovery Genius\WinNT\HMRes.dll] [, 6, 1, 0, 150] [C:\WINDOWS\system32\MSCTF.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\SXS.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12] [PID: 328 / Administrator][D:\Rising\Rav\Ravmon.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 45] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [D:\Rising\Rav\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33] [C:\WINDOWS\system32\MFC42.DLL] [Microsoft Corporation, 6.02.4131.0] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\COMCTL32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [C:\WINDOWS\system32\MSVCP60.dll] [Microsoft Corporation, 6.02.3104.0] [D:\Rising\Rav\BWList.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WSOCK32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MFC42LOC.DLL] [Microsoft Corporation, 6.00.8665.0] [D:\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2] [D:\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [D:\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5] [D:\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1] [D:\Rising\Rav\RsXML.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2] [D:\Rising\Rav\PngDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\perfproc.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\wtsapi32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\WINSTA.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12] [C:\WINDOWS\system32\MSCTF.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [PID: 476 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MSCTF.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MSUTB.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ShimEng.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\AppPatch\AcGenral.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\MSACM32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12] [PID: 2128 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\SHDOCVW.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\CRYPTUI.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
混沌时空初生襁褓狮帖子:14 注册: 2008-09-05 来自:

混沌时空初生襁褓狮帖子:14 注册: 2008-09-05 来自:	发表于： 2008-09-05 17:59 \| 短消息资料字号：小中大 13楼回复：中了这个木马`Backdoor.Gpigeon.uql`有日志` [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MSCTF.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\BROWSEUI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\browselc.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\appHelp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\System32\cscui.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\System32\CSCDLL.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\SETUPAPI.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.5.29] [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 96] [C:\WINDOWS\system32\OLEACC.dll] [Microsoft Corporation, 4.2.5406.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\MSVCP60.dll] [Microsoft Corporation, 6.02.3104.0] [C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 19] [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 16] [C:\WINDOWS\system32\SXS.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\wsock32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\mlang.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\mswsock.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\RASAPI32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\rasman.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\TAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\rtutils.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\msv1_0.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\iphlpapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12] [C:\WINDOWS\system32\sensapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\DNSAPI.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\rasadhlp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\mshtml.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msls31.dll] [Microsoft Corporation, 3.10.349.0] [C:\WINDOWS\system32\PSAPI.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msimtf.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510] [D:\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4] [C:\WINDOWS\system32\vbscript.dll] [Microsoft Corporation, 5.7.0.16599] [C:\WINDOWS\system32\jscript.dll] [Microsoft Corporation, 5.7.0.16599] [C:\WINDOWS\system32\iepeers.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WINSPOOL.DRV] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\dxtrans.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ATL.DLL] [Microsoft Corporation, 3.05.2284] [C:\WINDOWS\system32\ddrawex.dll] [Microsoft Corporation, 5.03.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\DDRAW.dll] [Microsoft Corporation, 5.03.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\DCIMAN32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\dxtmsft.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\mshtmled.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\PSTOREC.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950] [C:\WINDOWS\system32\comdlg32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0] [C:\WINDOWS\system32\MSIMG32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\NTMARTA.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\Program Files\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0] [C:\WINDOWS\system32\actxprxy.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\MSACM32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\midimap.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\schannel.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx] [Adobe Systems, Inc., 9,0,124,0] [C:\WINDOWS\system32\rsaenh.dll] [Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711)] [C:\WINDOWS\system32\dssenh.dll] [Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711)] [C:\WINDOWS\system32\ImgUtil.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\pngfilt.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MSRATING.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msratelc.dll] [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)] [C:\WINDOWS\system32\hlink.dll] [Microsoft Corporation, 5.2.3790.2748 (srv03_sp1_qfe.060717-0810)] [C:\WINDOWS\system32\xpsp3res.dll] [Microsoft Corporation, 5.1.2600.5512 (WinXP.080413-2113)] [C:\WINDOWS\system32\msxml3.dll] [Microsoft Corporation, 8.90.1101.0] [C:\WINDOWS\system32\msxml6.dll] [Microsoft Corporation, 6.20.1076.0] [C:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 4, 23] [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9] [C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9] [C:\WINDOWS\system32\wmp.dll] [Microsoft Corporation, 10.00.00.4058] [C:\WINDOWS\system32\MSVFW32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\wmploc.dll] [Microsoft Corporation, 10.00.00.3802] [C:\WINDOWS\system32\wmvcore.dll] [Microsoft Corporation, 10.00.00.4054 built by: dnsrv(bld4act)] [C:\WINDOWS\system32\WMASF.DLL] [Microsoft Corporation, 10.00.00.4060 built by: Microsoft] [PID: 3528 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\SHDOCVW.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\CRYPTUI.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MSCTF.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\BROWSEUI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\browselc.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\appHelp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\System32\cscui.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\System32\CSCDLL.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\SETUPAPI.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.5.29] [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 96] [C:\WINDOWS\system32\OLEACC.dll] [Microsoft Corporation, 4.2.5406.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\MSVCP60.dll] [Microsoft Corporation, 6.02.3104.0] [C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 19] [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 16] [C:\WINDOWS\system32\SXS.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\mlang.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\wsock32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\mswsock.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\RASAPI32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\rasman.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\TAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\rtutils.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\msv1_0.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\iphlpapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\sensapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12] [C:\WINDOWS\system32\DNSAPI.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\rasadhlp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\mshtml.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msls31.dll] [Microsoft Corporation, 3.10.349.0] [C:\WINDOWS\system32\PSAPI.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msimtf.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510] [D:\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4] [C:\WINDOWS\system32\vbscript.dll] [Microsoft Corporation, 5.7.0.16599] [C:\WINDOWS\system32\jscript.dll] [Microsoft Corporation, 5.7.0.16599] [C:\WINDOWS\system32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\MSACM32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\midimap.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\mshtmled.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\actxprxy.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\schannel.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\ddrawex.dll] [Microsoft Corporation, 5.03.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\DDRAW.dll] [Microsoft Corporation, 5.03.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\DCIMAN32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\dxtrans.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ATL.DLL] [Microsoft Corporation, 3.05.2284] [C:\WINDOWS\system32\dxtmsft.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx] [Adobe Systems, Inc., 9,0,124,0] [C:\WINDOWS\system32\comdlg32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 3100 / Administrator][C:\Program Files\Thunder Network\Thunder\Program\Thunder5.exe] [Thunder Networking Technologies,LTD, 5.7.12.493] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\Program Files\Thunder Network\Thunder\Program\BugReport.dll] [Thunder Networking Technologies,LTD, 1, 4, 1, 20] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MSVCRT.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
混沌时空初生襁褓狮帖子:14 注册: 2008-09-05 来自:

混沌时空初生襁褓狮帖子:14 注册: 2008-09-05 来自:	发表于： 2008-09-05 17:59 \| 短消息资料字号：小中大 14楼回复：中了这个木马`Backdoor.Gpigeon.uql`有日志` [C:\WINDOWS\system32\MFC42.DLL] [Microsoft Corporation, 6.02.4131.0] [C:\WINDOWS\system32\comdlg32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\COMCTL32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MSVCP60.dll] [Microsoft Corporation, 6.02.3104.0] [C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\Program Files\Thunder Network\Thunder\Program\ThunderEx.dll] [, 1, 2, 4, 23] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MFC42LOC.DLL] [Microsoft Corporation, 6.00.8665.0] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MSCTF.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\RICHED32.DLL] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\RICHED20.dll] [Microsoft Corporation, 5.30.23.1230] [C:\Program Files\Thunder Network\Thunder\Program\TaskManager.dll] [Thunder Networking Technologies,LTD, 1, 3, 6, 66] [C:\Program Files\Thunder Network\Thunder\Program\download_interface.dll] [Thunder Networking Technologies,LTD, 3, 1, 2, 311] [C:\Program Files\Thunder Network\Thunder\Program\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Thunder Network\Thunder\Program\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\mlang.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\Program Files\Thunder Network\Thunder\Program\asyn_frame.dll] [Thunder Networking Technologies,LTD, 1, 1, 2, 13] [C:\WINDOWS\system32\MSWSOCK.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\iphlpapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\Program Files\Thunder Network\Thunder\Program\ATL71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\Program Files\Thunder Network\Thunder\Program\emule_id.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 7] [C:\Program Files\Thunder Network\Thunder\Program\backend_agent.dll] [Thunder Networking Technologies,LTD, 1, 1, 2, 17] [C:\Program Files\Thunder Network\Thunder\Program\ptl.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 18] [C:\Program Files\Thunder Network\Thunder\Program\xl_stat.dll] [Thunder Networking Technologies,LTD, 1, 1, 2, 3] [C:\Program Files\Thunder Network\Thunder\Program\fs.dll] [Thunder Networking Technologies,LTD, 1, 1, 2, 9] [C:\Program Files\Thunder Network\Thunder\Program\XLNet.Dll] [Thunder Networking Technologies,LTD, 1, 5, 1, 24] [C:\WINDOWS\system32\RASAPI32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\rasman.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\TAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\rtutils.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\msv1_0.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\Program Files\Thunder Network\Thunder\Program\BHOStub.dll] [Thunder Networking Technologies,LTD, 1, 1, 1, 10] [C:\Program Files\Thunder Network\Thunder\Components\DownAndPlay\DownAndPlay.dll] [, 1, 0, 8, 26] [C:\WINDOWS\system32\ATL.DLL] [Microsoft Corporation, 3.05.2284] [C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12] [C:\WINDOWS\system32\shdocvw.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\CRYPTUI.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\appHelp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SXS.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\wsock32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\Program Files\Thunder Network\Thunder\Program\p2sp.dll] [Thunder Networking Technologies,LTD, 1, 1, 2, 18] [C:\Program Files\Thunder Network\Thunder\Program\down_dispatcher.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 17] [C:\WINDOWS\system32\sensapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\Program Files\Thunder Network\Thunder\Program\iTargetAD.dll] [N/A, ] [C:\WINDOWS\system32\DNSAPI.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\System32\winrnr.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\rasadhlp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\Program Files\Thunder Network\Thunder\Program\p2p_upload.dll] [Thunder Networking Technologies,LTD, 1, 1, 2, 8] [C:\Program Files\Thunder Network\Thunder\Program\p2p.dll] [Thunder Networking Technologies,LTD, 1,1,2,20] [C:\WINDOWS\system32\msimg32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\Program Files\Thunder Network\Thunder\Program\xldc.dll] [Thunder Networking Technologies,LTD, 2, 6, 2, 12] [C:\Program Files\Thunder Network\Thunder\Program\stream.dll] [Thunder Networking Technologies,LTD, 2, 1, 2, 359] [C:\Program Files\Thunder Network\Thunder\Program\p2p_local_res.dll] [Thunder Networking Technologies,LTD, 1, 1, 2, 8] [C:\Program Files\Thunder Network\Thunder\Program\al.dll] [Thunder Networking Technologies,LTD, 1,1,2,15] [C:\Program Files\Thunder Network\Thunder\Components\Community\XLCommunity.dll] [Thunder Networking Technologies,LTD, 2, 1, 0, 38] [C:\WINDOWS\system32\DBGHELP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\Program Files\Thunder Network\Thunder\Program\XLCommunityEx.dll] [N/A, ] [C:\Program Files\Thunder Network\Thunder\Program\RegisterDll.dll] [Thunder Networking Technologies,LTD, 2, 17, 0, 67] [C:\Program Files\Thunder Network\Thunder\Program\MSVCIRT.dll] [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Thunder Network\Thunder\Components\Search\XLSearch.dll] [Thunder Networking Technologies,LTD, 1, 1, 6, 21] [C:\Program Files\Thunder Network\Thunder\Plugins\GouGouTop\GouGouTop.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 5] [C:\Program Files\Thunder Network\Thunder\Plugins\TingTing\TingTing.dll] [Thunder Networking Technologies,LTD, 1, 1, 1, 12] [C:\Program Files\Thunder Network\Thunder\Components\ExplorerHelper\ExplorerHelper.dll] [Thunder Networking Technologies,LTD, 1, 0, 4, 19] [C:\Program Files\Thunder Network\Thunder\Components\DownloadStat\DownloadStat.dll] [Thunder Networking Technologies,LTD, 1, 4, 1, 6] [C:\WINDOWS\system32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\MSACM32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\midimap.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\Program Files\Thunder Network\Thunder\Program\bd.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 17] [C:\WINDOWS\system32\SETUPAPI.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 1736 / Administrator][C:\WINDOWS\explorer.exe] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
混沌时空初生襁褓狮帖子:14 注册: 2008-09-05 来自:

混沌时空初生襁褓狮帖子:14 注册: 2008-09-05 来自:	发表于： 2008-09-05 18:01 \| 短消息资料字号：小中大 15楼回复：中了这个木马`Backdoor.Gpigeon.uql`有日志` [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\BROWSEUI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\SHDOCVW.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\CRYPTUI.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ShimEng.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\AppPatch\AcGenral.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\MSACM32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\comctl32.dll] [Microsoft Corporation, 5.82 (xpsp.080413-2105)] [C:\WINDOWS\system32\MSCTF.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\appHelp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\System32\cscui.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\System32\CSCDLL.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\themeui.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MSIMG32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\actxprxy.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\msutb.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LINKINFO.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ntshrui.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ATL.DLL] [Microsoft Corporation, 3.05.2284] [C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12] [C:\WINDOWS\system32\msi.dll] [Microsoft Corporation, 3.1.4001.5512] [C:\WINDOWS\system32\SETUPAPI.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
混沌时空初生襁褓狮帖子:14 注册: 2008-09-05 来自:

混沌时空初生襁褓狮帖子:14 注册: 2008-09-05 来自:	发表于： 2008-09-05 18:01 \| 短消息资料字号：小中大 16楼回复：中了这个木马`Backdoor.Gpigeon.uql`有日志` [C:\WINDOWS\system32\WINSTA.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\webcheck.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WSOCK32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\stobject.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\BatMeter.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\POWRPROF.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WTSAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\midimap.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\NETSHELL.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\credui.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\dot3api.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\rtutils.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\dot3dlg.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\OneX.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\eappcfg.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\MSVCP60.dll] [Microsoft Corporation, 6.02.3104.0] [C:\WINDOWS\system32\eappprxy.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\iphlpapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\SXS.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 2688 / Administrator][C:\Program Files\WinRAR\WinRAR.exe] [Alexander Roshal, 3.71] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ADVAPI32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\COMDLG32.DLL] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\OLE32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MSCTF.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SETUPAPI.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\riched32.dll] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\RICHED20.dll] [Microsoft Corporation, 5.30.23.1230] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\appHelp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\System32\cscui.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\System32\CSCDLL.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\browseui.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\netapi32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MPR.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\drprov.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\System32\ntlanman.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\System32\NETUI0.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\System32\NETUI1.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\System32\NETRAP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\System32\SAMLIB.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\System32\davclnt.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\shgina.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MSGINA.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\ODBC32.dll] [Microsoft Corporation, 3.525.1132.0 (xpsp.080413-0852)] [C:\WINDOWS\system32\WINSTA.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\odbcint.dll] [Microsoft Corporation, 3.525.1117.0 built by: (_sqlbld)] [C:\WINDOWS\system32\Audiodev.dll] [Microsoft Corporation, 5.2.3802.3802 built by: dnsrv(bld4act)] [C:\WINDOWS\system32\WMVCore.DLL] [Microsoft Corporation, 10.00.00.4054 built by: dnsrv(bld4act)] [C:\WINDOWS\system32\WMASF.DLL] [Microsoft Corporation, 10.00.00.4060 built by: Microsoft] [C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12] [PID: 2760 / Administrator][C:\Program Files\WinRAR\WinRAR.exe] [Alexander Roshal, 3.71] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ADVAPI32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\COMDLG32.DLL] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\OLE32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MSCTF.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SETUPAPI.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\riched32.dll] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\RICHED20.dll] [Microsoft Corporation, 5.30.23.1230] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\appHelp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\System32\cscui.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\System32\CSCDLL.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\browseui.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\netapi32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MPR.dll] [Microsoft Corporation,
混沌时空初生襁褓狮帖子:14 注册: 2008-09-05 来自:

混沌时空初生襁褓狮帖子:14 注册: 2008-09-05 来自:	发表于： 2008-09-05 18:01 \| 短消息资料字号：小中大 17楼回复：中了这个木马`Backdoor.Gpigeon.uql`有日志` 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\drprov.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\System32\ntlanman.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\System32\NETUI0.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\System32\NETUI1.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\System32\NETRAP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\System32\SAMLIB.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\System32\davclnt.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\shgina.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\MSGINA.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\ODBC32.dll] [Microsoft Corporation, 3.525.1132.0 (xpsp.080413-0852)] [C:\WINDOWS\system32\WINSTA.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\odbcint.dll] [Microsoft Corporation, 3.525.1117.0 built by: (_sqlbld)] [C:\WINDOWS\system32\Audiodev.dll] [Microsoft Corporation, 5.2.3802.3802 built by: dnsrv(bld4act)] [C:\WINDOWS\system32\WMVCore.DLL] [Microsoft Corporation, 10.00.00.4054 built by: dnsrv(bld4act)] [C:\WINDOWS\system32\WMASF.DLL] [Microsoft Corporation, 10.00.00.4060 built by: Microsoft] [C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12] [C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHDOCVW.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\CRYPTUI.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [PID: 3908 / Administrator][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX01.328\SREngLdr.EXE] [Smallfrogs Studio, 2.6.12.1018] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\user32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\Apphelp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [PID: 2360 / Administrator][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX01.328\SRE7f32c210.EXE] [Smallfrogs Studio, 2.6.12.1018] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\comdlg32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\msvcrt.dll] [Microsoft Corporation, 7.0.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\WINSPOOL.DRV] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\oledlg.dll] [Microsoft Corporation, 1.0 (xpsp.080413-2108)] [C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\OLEAUT32.dll] [Microsoft Corporation, 5.1.2600.5512] [C:\WINDOWS\system32\VERSION.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\CRYPT32.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSASN1.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WINMM.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0845)] [C:\WINDOWS\system32\WS2_32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WS2HELP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\LPK.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\USP10.dll] [Microsoft Corporation, 1.0420.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\RICHED20.DLL] [Microsoft Corporation, 5.30.23.1230] [C:\WINDOWS\system32\NTMARTA.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\SAMLIB.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\WLDAP32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSCTF.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12] [C:\WINDOWS\system32\sfc.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\WINTRUST.dll] [Microsoft Corporation, 5.131.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\IMAGEHLP.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX01.328\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15] [C:\WINDOWS\system32\wsock32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\RASAPI32.DLL] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\rasman.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\NETAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\TAPI32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\rtutils.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\msv1_0.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\iphlpapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\sensapi.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\USERENV.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\System32\mswsock.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\DNSAPI.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\rasadhlp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\hnetcfg.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\wshtcpip.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\appHelp.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\COMRes.dll] [Microsoft Corporation, 2001.12.4414.700] [C:\WINDOWS\system32\xpsp2res.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\rsaenh.dll] [Microsoft Corporation, 5.1.2600.5507 (xpsp.080318-1711)] [C:\WINDOWS\system32\Winsta.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\utildll.dll] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\SETUPAPI.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\MSISIP.DLL] [Microsoft Corporation, 3.1.4001.5512] [C:\WINDOWS\system32\wshext.dll] [Microsoft Corporation, 5.7.0.16599] [C:\WINDOWS\system32\LINKINFO.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ntshrui.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ATL.DLL] [Microsoft Corporation, 3.05.2284] ================================== 文件关联 .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .EXE OK. ["%1" %] .COM OK. ["%1" %] .PIF OK. ["%1" %] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %] .SCR OK. ["%1" /S] .CHM OK. ["C:\WINDOWS\hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock 提供者 N/A ================================== Autorun.inf N/A ================================== HOSTS 文件 127.0.0.1 localhost 127.0.0.1 858656.com 127.0.0.1 my123.com 127.0.0.1 8749.com 127.0.0.1 4199.com 127.0.0.1 7379.com 127.0.0.1 7255.com 127.0.0.1 3448.com 127.0.0.1 7939.com 127.0.0.1 8009.com 127.0.0.1 piaoxue.com 127.0.0.1 kzdh.com 127.0.0.1 about.blank.la 127.0.0.1 6781.com 127.0.0.1 7322.com 127.0.0.1 9991.com ================================== 进程特权扫描特殊特权被允许： SeLoadDriverPrivilege [PID = 276, C:\PROGRAM FILES\RISING\ANTISPYWARE\RUNIEP.EXE]
混沌时空初生襁褓狮帖子:14 注册: 2008-09-05 来自:

<<上一主题|下一主题>>

12

2 / 2 页

跳转页

页面顶部

Powered by Discuz!NT