skype 在windows 下反跟踪分析续2
在softice可以看到这些你在windows里看不到的信息
(!) DisableFirewall: 没有注册类别ListControl.FocusChanged handler took 13 msPERF
NTICE: Load32 START=773D0000 SIZE=13000 KPEB=85BE2960 MOD=msacm32
NTICE: Load32 START=B8E0000 SIZE=13000 KPEB=85BE2960 MOD=IPHLPAPI
NTICE: Load32 START=77320000 SIZE=19000 KPEB=85BE2960 MOD=DHCPCSVC
(!) DisableFirewall: 没有注册类别ListControl.FocusChanged handler took 13 msPERF
NTICE: Load32 START=773D0000 SIZE=13000 KPEB=85BE2960 MOD=msacm32
NTICE: Load32 START=B8E0000 SIZE=13000 KPEB=85BE2960 MOD=IPHLPAPI
NTICE: Load32 START=77320000 SIZE=19000 KPEB=85BE2960 MOD=DHCPCSVC
NTICE: Load32 START=777A0000 SIZE=8000 KPEB=85BE2960 MOD=winrnr
NTICE: Load32 START=777B0000 SIZE=5000 KPEB=85BE2960 MOD=rasadhlp
_WARNING: Login took 1 s[08:46:20] Invoking CheckAPIClient[08:46:20] Client atta
ched, hwnd = 918102, name = E:\临时杂的目录\Phone\ContentFilter.exe[08:46:20] In
voking CheckAPIClient[08:46:20] Client attached, hwnd = 67726, name = E:\临时杂?
哪柯糪Phone\ContentFilter.exe[08:46:20] OUT>CONNSTATUS CONNECTING (0 ms)[08:46:2
0] OUT>CURRENTUSERHANDLE ridehm_tom (0 ms)[08:46:20] OUT>USERSTATUS OFFLINE (0 m
s)[08:46:20] IN>PROTOCOL 5[08:46:20] Invoking CheckAPIClient[08:46:20] Client at
tached, hwnd = 262996, name = E:\临时杂的目录\Phone\ContentFilter.exe[08:46:20]
OUT>USERSTATUS OFFLINE (0 ms)[08:46:20] IN>PROTOCOL 5[08:46:20] OUT>PROTOCOL 5 (
62 ms)[08:46:20] IN>FILTERING ON[08:46:20] OUT>FILTERING ON (16 ms)[08:46:20] IN
>PROTOCOL 5[08:46:20] OUT>PROTOCOL 5 (16 ms)[08:46:20] IN>FILTERING ON[08:46:20]
OUT>FILTERING ON (0 ms)[08:46:20] OUT>PROTOCOL 5 (0 ms)[08:46:20] IN>FILTERING
ON[08:46:20] OUT>FILTERING ON (0 ms)[08:46:20] IN>PROTOCOL 5[08:46:20] IN>PROTOC
OL 5[08:46:20] OUT>PROTOCOL 5 (0 ms)[08:46:20] IN>FILTERING ON[08:46:20] OUT>FIL
TERING ON (0 ms)[08:46:20] OUT>PROTOCOL 5 (0 ms)[08:46:20] IN>FILTERING ON[08:46
:20] OUT>FILTERING ON (0 ms)[08:46:20] IN>PROTOCOL 5[08:46:20] OUT>PROTOCOL 5 (0
NTICE: Load32 START=63580000 SIZE=29E000 KPEB=85BE2960 MOD=MSHTML
