瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 求助,Hacker.com.cn.exe这个后门病毒。为什么反复出现~

1   1  /  1  页   跳转

求助,Hacker.com.cn.exe这个后门病毒。为什么反复出现~

收藏
flying2000
头像
初生襁褓狮
  • 帖子:3
  • 注册: 2006-07-09
  • 来自:
发表于: 2006-07-12 15:05 | 只看楼主 短消息 资料
字号: 1楼

求助,Hacker.com.cn.exe这个后门病毒。为什么反复出现~

开始扫描Windows系统目录...
系统事件:已发现伪系统木马!
木马名称:灰鸽子.8817
木马路径:C:\WINDOWS\Hacker.com.cn.exe
处理方式:隔离 失败(可能在内存中运行)
处理意见:请进安全模式清除木马
进入方法:计算机启动过程中一直按F8键
发现日期:2006年7月9日
我用此方法删了N次了,可它总是反复出现,请专业人士帮忙诊断一下,谢谢。

Logfile of HijackThis v1.99.1
Scan saved at 14:45:35, on 2006-7-12
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\conime.exe
D:\Program Files\BitComet\BitComet.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Maxthon\Maxthon.exe
D:\ha_hijackthis_1991\HijackThis.exe

R3 - URLSearchHook: assist - {1B0E7716-898E-48cc-9690-4E338E8DE1D3} - C:\PROGRA~1\3721\assist\assist.dll
R3 - URLSearchHook: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\PROGRA~1\3721\assist\asbar.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: IDDTInitObj Class - {15DDE989-CD45-4561-BF99-D22C0D5C2B74} - D:\PROGRA~1\ddt\DDTInit.dll
O2 - BHO: bg - {7BDAF75A-0D6F-4F50-AFE9-333D08DF4005} - C:\Program Files\baigoo\BGooBHO.dll (file missing)
O2 - BHO: (no name) - {81D1B74C-9531-4D2B-9F49-A236F4930609} - C:\Program Files\Common Files\yygamenet\showbar.dll (file missing)
O2 - BHO: AssistII - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\PROGRA~1\3721\assist\asbar.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll
O2 - BHO: Infofo 工具栏 - {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} - C:\Program Files\Infofo Bar\infofobar.dll
O3 - Toolbar: Infofo 工具栏 - {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} - C:\Program Files\Infofo Bar\infofobar.dll
O3 - Toolbar: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - C:\Program Files\Kingsoft\FastAIT 2006\IEBand.dll
O3 - Toolbar: 新浪点点通 - {F60C7D81-8471-4D40-AAFE-56D318F34C2D} - D:\PROGRA~1\ddt\DDTONG~1.DLL
O3 - Toolbar: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\PROGRA~1\3721\assist\asbar.dll
O3 - Toolbar: BitComet工具栏 - {3F1ABCDB-A875-46c1-8345-B72A4567E486} - D:\Program Files\BitComet\BitCometBar\BitCometBar0.6.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] ; rem C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [FinePrint 分配器 v5] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe" /source=HKLM
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: 使用影音传送带下载 - C:\Program Files\Xi\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: 使用影音传送带下载全部链接 - C:\Program Files\Xi\NetTransport 2\NTAddList.html
O8 - Extra context menu item: 使用新浪下载助手下载 - D:\PROGRA~1\ddt\sinadl.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Infofo 工具栏 - {8507326C-B5C1-4559-BB91-0919E753836F} - C:\Program Files\Infofo Bar\infofobar.dll
O9 - Extra 'Tools' menuitem: Infofo 工具栏 - {8507326C-B5C1-4559-BB91-0919E753836F} - C:\Program Files\Infofo Bar\infofobar.dll
O9 - Extra button: 新浪点点通 - {F60C7D81-8471-4D40-AAFE-56D318F34C2D} - D:\PROGRA~1\ddt\DDTONG~1.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {974AD624-EA50-4831-A6C0-3040F6665396} - D:\PROGRA~1\ddt\rssband.dll (HKCU)
O9 - Extra 'Tools' menuitem: 新浪点点通阅读器 - {974AD624-EA50-4831-A6C0-3040F6665396} - D:\PROGRA~1\ddt\rssband.dll (HKCU)
O9 - Extra button: 新浪点点通阅读器 - {F0646DC8-58CD-4C64-8F6B-525043914685} - D:\PROGRA~1\ddt\rssband.dll (HKCU)
O11 - Options group: [!CNS]  上网助手-地址栏搜索
O17 - HKLM\System\CCS\Services\Tcpip\..\{76D50102-92FF-45B7-9241-5040E08141FE}: NameServer = 202.113.96.10,219.146.0.130
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
最后编辑2006-07-12 15:54:14
分享到:
gototop
 
newcenturymoon
头像
社区嘉宾
  • 帖子:15158
  • 注册: 2005-08-03
  • 来自:
论坛8周年活动礼物幸运草
发表于: 2006-07-12 15:13 | 短消息 资料
字号: 2楼

你发的日志里看不出来鸽子
建议再用sreng2 扫个日志上来
gototop
 
flying2000
头像
初生襁褓狮
  • 帖子:3
  • 注册: 2006-07-09
  • 来自:
发表于: 2006-07-12 15:53 | 只看楼主 短消息 资料
字号: 3楼

好的,有劳大家。

2006-07-12,15:40:22

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <SunJavaUpdateSched><; rem C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe>  []
    <vptray><C:\PROGRA~1\SYMANT~1\VPTray.exe>  [Symantec Corporation]
    <FinePrint 分配器 v5><"C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe" /source=HKLM>  [FinePrint Software, LLC]
    <SoundMan><SOUNDMAN.EXE>  [Realtek Semiconductor Corp.]
    <assistse><; rem ; "C:\PROGRA~1\3721\assistse.exe">  []
    <ccApp><; rem ; "C:\Program Files\Common Files\Symantec Shared\ccApp.exe">  []
    <CnsMin><; rem ; Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32>  []
    <helper.dll><; rem ; C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32>  []
    <IMSCMig><; rem ; C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [Microsoft Corporation]
    <NMGameX_AutoRun><; rem ; C:\WINDOWS\system32\Rundll32.exe nmgamex.dll,LiveProcess /aa>  [NMGameX]
    <SoundMam><; rem ; C:\WINDOWS\system32\SVOHOST.exe>  []
    <StormCodec_Helper><; rem ; "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
    <WinlogonNotify: NavLogon><C:\WINDOWS\system32\NavLogon.dll>  [Symantec Corporation]

==================================
启动文件夹
服务
[Ati HotKey Poller / Ati HotKey Poller]
  <C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[ATI Smart / ATI Smart]
  <C:\WINDOWS\system32\ati2sgag.exe><>
[Symantec Event Manager / ccEvtMgr]
  <"C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"><Symantec Corporation>
[Symantec Password Validation / ccPwdSvc]
  <"C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe"><Symantec Corporation>
[Symantec Settings Manager / ccSetMgr]
  <"C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"><Symantec Corporation>
[Symantec AntiVirus Definition Watcher / DefWatch]
  <"C:\Program Files\Symantec AntiVirus\DefWatch.exe"><Symantec Corporation>
[SavRoam / SavRoam]
  <"C:\Program Files\Symantec AntiVirus\SavRoam.exe"><symantec>
[Symantec Network Drivers Service / SNDSrvc]
  <"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"><Symantec Corporation>
[Symantec SPBBCSvc / SPBBCSvc]
  <"C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe"><Symantec Corporation>
[Symantec AntiVirus / Symantec AntiVirus]
  <"C:\Program Files\Symantec AntiVirus\Rtvscan.exe"><Symantec Corporation>

==================================
浏览器加载项
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[IDDTInitObj Class]
  {15DDE989-CD45-4561-BF99-D22C0D5C2B74} <D:\PROGRA~1\ddt\DDTInit.dll, 北京新浪信息技术有限公司>
[Status Class]
  {7BDAF75A-0D6F-4F50-AFE9-333D08DF4005} <C:\Program Files\baigoo\BGooBHO.dll, N/A>
[]
  {81D1B74C-9531-4D2B-9F49-A236F4930609} <C:\Program Files\Common Files\yygamenet\showbar.dll, N/A>
[上网助手]
  {BB936323-19FA-4521-BA29-ECA6A121BC78} <C:\PROGRA~1\3721\assist\asbar.dll, 3721>
[NTIECatcher Class]
  {C56CB6B0-0D96-11D6-8C65-B2868B609932} <C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll, Xi>
[Infofo 工具栏]
  {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} <C:\Program Files\Infofo Bar\infofobar.dll, 珊瑚虫工作室 泰格工作室>
[Infofo 工具栏]
  {8507326C-B5C1-4559-BB91-0919E753836F} <C:\Program Files\Infofo Bar\infofobar.dll, 珊瑚虫工作室 泰格工作室>
[新浪点点通]
  {F60C7D81-8471-4D40-AAFE-56D318F34C2D} <D:\PROGRA~1\ddt\DDTONG~1.DLL, 北京新浪信息技术有限公司>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[]
  {974AD624-EA50-4831-A6C0-3040F6665396} <D:\PROGRA~1\ddt\rssband.dll, 北京新浪信息技术有限公司>
[新浪点点通阅读器]
  {F0646DC8-58CD-4C64-8F6B-525043914685} <D:\PROGRA~1\ddt\rssband.dll, 北京新浪信息技术有限公司>
[Infofo 工具栏]
  {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} <C:\Program Files\Infofo Bar\infofobar.dll, 珊瑚虫工作室 泰格工作室>
[金山快译(&K)]
  {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} <C:\Program Files\Kingsoft\FastAIT 2006\IEBand.dll, 金山软件股份有限公司>
[新浪点点通]
  {F60C7D81-8471-4D40-AAFE-56D318F34C2D} <D:\PROGRA~1\ddt\DDTONG~1.DLL, 北京新浪信息技术有限公司>
[上网助手]
  {BB936323-19FA-4521-BA29-ECA6A121BC78} <C:\PROGRA~1\3721\assist\asbar.dll, 3721>
[BitComet工具栏]
  {3F1ABCDB-A875-46c1-8345-B72A4567E486} <D:\Program Files\BitComet\BitCometBar\BitCometBar0.6.dll, N/A>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[IDDTInitObj Class]
  {15DDE989-CD45-4561-BF99-D22C0D5C2B74} <D:\PROGRA~1\ddt\DDTInit.dll, 北京新浪信息技术有限公司>
[BitComet工具栏]
  {3F1ABCDB-A875-46C1-8345-B72A4567E486} <D:\Program Files\BitComet\BitCometBar\BitCometBar0.6.dll, N/A>
[KillObj Class]
  {66C28884-4E5D-494B-80C9-CAA27528FD6D} <D:\PROGRA~1\ddt\ddtkillw.ocx, 北京新浪信息技术有限公司>
[金山快译(&K)]
  {6C3797D2-3FEF-4CD4-B654-D3AE55B4128C} <C:\Program Files\Kingsoft\FastAIT 2006\IEBand.dll, 金山软件股份有限公司>
[Status Class]
  {7BDAF75A-0D6F-4F50-AFE9-333D08DF4005} <C:\Program Files\baigoo\BGooBHO.dll, N/A>
[]
  {81D1B74C-9531-4D2B-9F49-A236F4930609} <C:\Program Files\Common Files\yygamenet\showbar.dll, N/A>
[上网助手]
  {BB936323-19FA-4521-BA29-ECA6A121BC78} <C:\PROGRA~1\3721\assist\asbar.dll, 3721>
[NTIECatcher Class]
  {C56CB6B0-0D96-11D6-8C65-B2868B609932} <C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll, Xi>
[Infofo 工具栏]
  {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} <C:\Program Files\Infofo Bar\infofobar.dll, 珊瑚虫工作室 泰格工作室>
[新浪点点通]
  {F60C7D81-8471-4D40-AAFE-56D318F34C2D} <D:\PROGRA~1\ddt\DDTONG~1.DLL, 北京新浪信息技术有限公司>
[使用影音传送带下载]
  <C:\Program Files\Xi\NetTransport 2\NTAddLink.html, N/A>
[使用影音传送带下载全部链接]
  <C:\Program Files\Xi\NetTransport 2\NTAddList.html, N/A>
[使用新浪下载助手下载]
  <D:\PROGRA~1\ddt\sinadl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>

==================================
gototop
 
flying2000
头像
初生襁褓狮
  • 帖子:3
  • 注册: 2006-07-09
  • 来自:
发表于: 2006-07-12 15:58 | 只看楼主 短消息 资料
字号: 4楼

有劳了
正在运行的进程
[PID: 724][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 772][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 800][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\NavLogon.dll]  <Symantec Corporation><10.0.1.1000>
[PID: 844][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 856][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1024][C:\WINDOWS\system32\Ati2evxx.exe]  <ATI Technologies Inc.><6.14.10.4118>
    [C:\WINDOWS\system32\Ati2edxx.dll]  <ATI Technologies, Inc.><6, 14, 10, 2497>
[PID: 1040][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1100][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1164][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1220][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1284][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1400][C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe]  <Symantec Corporation><103.5.4.3>
    [C:\Program Files\Common Files\Symantec Shared\ccL35.dll]  <Symantec Corporation><103.5.4.3>
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  <Symantec Corporation><103.5.4.3>
    [C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll]  <Symantec Corporation><103.5.4.3>
[PID: 1464][C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe]  <Symantec Corporation><103.5.4.3>
    [C:\Program Files\Common Files\Symantec Shared\ccL35.dll]  <Symantec Corporation><103.5.4.3>
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  <Symantec Corporation><103.5.4.3>
    [C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\BB.DLL]  <Symantec Corporation><1,5,1,3>
    [C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\SPBBCEVT.DLL]  <Symantec Corporation><1,5,1,3>
    [C:\Program Files\Common Files\Symantec Shared\ccSet.dll]  <Symantec Corporation><103.5.4.3>
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETEVT.DLL]  <Symantec Corporation><103.5.4.3>
[PID: 1608][C:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\fpmon5.dll]  <FinePrint Software, LLC><5.50>
    [C:\WINDOWS\system32\fpres532.dll]  <FinePrint Software, LLC><5.50>
    [C:\WINDOWS\system32\hpzsnt09.dll]  <HP><2.236.4.0>
[PID: 1896][C:\PROGRA~1\SYMANT~1\VPTray.exe]  <Symantec Corporation><10.0.1.1000>
    [C:\Program Files\Symantec AntiVirus\SAVRT32.DLL]  <Symantec Corporation><9.5.0.44>
    [C:\Program Files\Symantec AntiVirus\Cliscan.dll]  <Symantec Corporation><10.0.1.1000>
    [C:\PROGRA~1\SYMANT~1\NAVNTUTL.DLL]  <Symantec Corporation><10.0.1.1000>
    [C:\Program Files\Symantec AntiVirus\Cliproxy.dll]  <Symantec Corporation><10.0.1.1000>
[PID: 1904][C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe]  <FinePrint Software, LLC><5.50>
    [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpres532.dll]  <FinePrint Software, LLC><5.50>
    [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpinter5.dll]  <FinePrint Software, LLC><5.50>
    [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpgraph5.dll]  <FinePrint Software, LLC><5.50>
    [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\ltdis12n.dll]  <LEAD Technologies, Inc.><12.0.0.011>
    [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LTKRN12n.dll]  <LEAD Technologies, Inc.><12.0.0.011>
    [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\ltfil12n.dll]  <LEAD Technologies, Inc.><12.0.0.011>
[PID: 1912][C:\WINDOWS\SOUNDMAN.EXE]  <Realtek Semiconductor Corp.><5, 1, 0, 43>
[PID: 1920][C:\WINDOWS\system32\ctfmon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 228][C:\Program Files\Symantec AntiVirus\DefWatch.exe]  <Symantec Corporation><10.0.1.1000>
[PID: 360][C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE]  <Microsoft Corporation><7.00.9466>
[PID: 544][C:\Program Files\Symantec AntiVirus\Rtvscan.exe]  <Symantec Corporation><10.0.1.1000>
    [C:\WINDOWS\system32\CBA.DLL]  <LANDesk Software Ltd.><6.12.0.137 E>
    [C:\WINDOWS\system32\MsgSys.dll]  <LANDesk Software Ltd.><6.12.0.137 E>
    [C:\WINDOWS\system32\NTS.dll]  <LANDesk Software Ltd.><6.12.0.137 E>
    [C:\WINDOWS\system32\PDS.DLL]  <LANDesk Software Ltd.><6.12.0.137 E>
    [C:\Program Files\Symantec AntiVirus\NAVLU.dll]  <Symantec Corporation><10.0.1.1000>
    [C:\Program Files\Symantec AntiVirus\NAVNTUTL.DLL]  <Symantec Corporation><10.0.1.1000>
    [c:\program files\common files\symantec shared\ssc\ScsComms.dll]  <Symantec Corporation><10.0.1.1000>
    [C:\Program Files\Symantec AntiVirus\I2ldvp3.dll]  <Symantec Corporation><10.0.1.1000>
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  <Symantec Corporation><103.5.4.3>
    [C:\Program Files\Common Files\Symantec Shared\ccL35.dll]  <Symantec Corporation><103.5.4.3>
    [C:\Program Files\Common Files\Symantec Shared\ccDec.dll]  <Symantec Corporation><103.5.4.3>
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\decsdk.dll]  <Symantec Corporation><3.02.12.35>
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2.dll]  <Symantec Corporation><3.02.12.35>
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ID.dll]  <Symantec Corporation><3.02.12.35>
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Zip.dll]  <Symantec Corporation><3.02.12.35>
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2SS.dll]  <Symantec Corporation><3.02.12.35>
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2GZIP.dll]  <Symantec Corporation><3.02.12.35>
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2CAB.dll]  <Symantec Corporation><3.02.12.35>
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LHA.dll]  <Symantec Corporation><3.02.12.35>
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ARJ.dll]  <Symantec Corporation><3.02.12.35>
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TNEF.dll]  <Symantec Corporation><3.02.12.35>
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LZ.dll]  <Symantec Corporation><3.02.12.35>
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2AMG.dll]  <Symantec Corporation><3.02.12.35>
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RAR.dll]  <Symantec Corporation><3.02.12.35>
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TAR.dll]  <Symantec Corporation><3.02.12.35>
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RTF.dll]  <Symantec Corporation><3.02.12.35>
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Text.dll]  <Symantec Corporation><3.02.12.35>
    [C:\Program Files\Common Files\Symantec Shared\ccScan.dll]  <Symantec Corporation><103.5.4.3>
    [C:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL]  <Symantec Corporation><1.4.0.11>
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060710.036\ccEraser.dll]  <Symantec Corporation><106.1.5.2>
    [C:\Program Files\Symantec AntiVirus\DefUtDCD.dll]  <Symantec Corporation><3.1.13a.0>
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060710.036\ecmsvr32.dll]  <Symantec Corporation><61.1.0.11>
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060710.036\NAVEX32a.DLL]  <Symantec Corporation><20061.1.0.14>
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060710.036\NAVENG32.DLL]  <Symantec Corporation><20061.1.0.14>
    [C:\Program Files\Symantec AntiVirus\NAVAP32.DLL]  <Symantec Corporation><9.5.0.44>
    [C:\Program Files\Symantec AntiVirus\SAVRT32.DLL]  <Symantec Corporation><9.5.0.44>
    [C:\Program Files\Symantec AntiVirus\IMail.dll]  <Symantec Corporation><10.0.1.1000>
    [C:\Program Files\Symantec AntiVirus\NotesExt.dll]  <Symantec Corporation><10.0.1.1000>
    [C:\Program Files\Symantec AntiVirus\vpmsece3.dll]  <Symantec Corporation><10.0.1.1000>
    [C:\Program Files\Symantec AntiVirus\SymProtectStorage.dll]  <Symantec Corporation><10.0.1.1000>
    [C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCEvt.dll]  <Symantec Corporation><1,5,1,3>
    [C:\Program Files\Common Files\Symantec Shared\SSC\scandlgs.dll]  <Symantec Corporation><10.0.1.1000>
    [C:\Program Files\Symantec AntiVirus\Cliscan.dll]  <Symantec Corporation><10.0.1.1000>
[PID: 1268][C:\WINDOWS\System32\alg.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 288][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 3600][C:\WINDOWS\system32\conime.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 3892][D:\Program Files\BitComet\BitComet.exe]  <www.BitComet.com><0.70>
[PID: 3124][C:\WINDOWS\explorer.exe]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  <Adobe Systems Incorporated><7.0.0.2004121400>
    [C:\WINDOWS\system32\l3codeca.acm]  <Fraunhofer Institut Integrierte Schaltungen IIS><1, 9, 0, 0305>
    [C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll]  <Symantec Corporation><10.0.1.1000>
    [C:\Program Files\WinRAR\rarext.dll]  <N/A><N/A>
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  <Adobe Systems, Inc.><7.0.0.0>
    [D:\PROGRA~1\ddt\DDTcomm.dll]  <北京新浪信息技术有限公司><1, 1, 0, 3>
    [D:\PROGRA~1\ddt\DDTONG~1.DLL]  <北京新浪信息技术有限公司><1, 2, 1, 5>
    [D:\PROGRA~1\ddt\ddtwea.ocx]  <北京新浪信息技术有限公司><1, 1, 0, 7>
    [D:\PROGRA~1\ddt\ddtnews.ocx]  <北京新浪信息技术有限公司><1, 1, 1, 5>
    [C:\PROGRA~1\3721\assist\asbar.dll]  <3721><1, 0, 1, 1021>
    [C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll]  <Xi><1.94.12>
[PID: 3152][C:\Program Files\Maxthon\Maxthon.exe]  <MY Soft Technology><1, 5, 0, 95>
    [C:\Program Files\Maxthon\maxzlib.dll]  < ><1, 0, 0, 2>
    [D:\PROGRA~1\ddt\DDTONG~1.DLL]  <北京新浪信息技术有限公司><1, 2, 1, 5>
    [D:\PROGRA~1\ddt\DDTInit.dll]  <北京新浪信息技术有限公司><1, 2, 1, 7>
    [D:\PROGRA~1\ddt\DDTUpdate.dll]  <北京新浪信息技术有限公司><1, 2, 1, 1>
    [D:\PROGRA~1\ddt\ddtwea.ocx]  <北京新浪信息技术有限公司><1, 1, 0, 7>
    [D:\PROGRA~1\ddt\DDTcomm.dll]  <北京新浪信息技术有限公司><1, 1, 0, 3>
    [D:\PROGRA~1\ddt\ddtnews.ocx]  <北京新浪信息技术有限公司><1, 1, 1, 5>
    [C:\Program Files\Maxthon\Services\RealTime\real_time.dll]  <><1, 0, 0, 1>
    [C:\WINDOWS\system32\UNISPIM.IME]  <北京清华紫光软件股份有限公司><3.0.0.3045>
    [C:\WINDOWS\system32\macromed\flash\Flash.ocx]  <Macromedia, Inc.><7,0,19,0>
    [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpinter5.dll]  <FinePrint Software, LLC><5.50>
    [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpres532.dll]  <FinePrint Software, LLC><5.50>
    [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpgraph5.dll]  <FinePrint Software, LLC><5.50>
[PID: 2340][D:\Program Files\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>
gototop
 
mopery
头像
卡卡技术团队
  • 帖子:17737
  • 注册: 2005-12-06
  • 来自:New York
卡卡名人堂论坛9周年纪念
发表于: 2006-07-12 16:02 | 短消息 资料
字号: 5楼

没见鸽子..
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT