www.6781.com怎么解决！ bbs.ikaka.com

精灵qiuyu - 2006-6-14 22:02:00

当前运行的进程：
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
D:\PROGRAM FILES\RIXING\RISING\RAV\CCENTER.EXE
D:\Program Files\rixing\Rising\Rav\Ravmond.exe
d:\program files\rixing\rising\rfw\rfwsrv.exe
D:\Program Files\rixing\Rising\Rav\RavStub.exe
C:\windows\System32\GEARSec.exe
C:\windows\system32\svchost.exe
C:\windows\Explorer.EXE
d:\program files\rixing\rising\rfw\RfwMain.exe
D:\Program Files\rixing\Rising\Rav\RavTask.exe
C:\Documents and Settings\Administrator\桌面\bverify.exe
D:\Program Files\rixing\Rising\Rav\Ravmon.exe
C:\windows\STI_188.EXE
C:\windows\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\程序\HijackThis1991zww扫描日志\HijackThis1991zww.exe

O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\windows\system32\xunleibho_v8.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: IDDTInitObj Class - {15DDE989-CD45-4561-BF99-D22C0D5C2B74} - C:\WINDOWS\Downlo~1\ddtinit.dll
O2 - BHO: URLMonitor Class - {3ED9FFDA-79DB-4B2D-99B7-16EA3C4A3A92} - C:\windows\system32\hap.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - D:\Program Files\Tencent\qq\QQIEHelper.dll
O2 - BHO: DownloadValue Class - {616D4040-5712-4F0F-BCF1-5C6420A99E14} - C:\windows\system32\winhtp.dll
O2 - BHO: KillObj Class - {66C28884-4E5D-494B-80C9-CAA27528FD6D} - C:\WINDOWS\Downlo~1\ddtkillw.ocx
O2 - BHO: NewWeb Controller - {9ACEEE31-1440-471B-AA46-72B061FE7D61} - C:\WINDOWS\system32\WinSC64.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\FLASHGET\FLASHGET\FLASHGET\jccatch.dll
O2 - BHO: AssistII - {BB936323-19FA-4521-BA29-ECA6A121BC78}? - (no file)
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O2 - BHO: IEHlprObj Class - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - C:\windows\system32\IEHelper.dll
O2 - BHO: QuickBtn - {D1BB7CF4-4463-4e91-88D7-ECC3CE0A13B7} - C:\Program Files\CoolWebsite\QuickLink.dll
O2 - BHO: Subconscious Intruder - {E2218499-2FD4-4EED-A94A-7F0B9C6E300E} - C:\WINDOWS\system32\Inte32.dll
O3 - IE工具栏增项: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\FLASHGET\FLASHGET\fgiebar.dll
O3 - IE工具栏增项: 新浪点点通 - {F60C7D81-8471-4D40-AAFE-56D318F34C2D} - C:\WINDOWS\Downlo~1\DDTONG~1.DLL
O3 - IE工具栏增项: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F}? - (no file)
O3 - IE工具栏增项: (no name) - {82315A18-6CFB-44a7-BDFD-90E36537C252}? - (no file)
O3 - IE工具栏增项: (no name) - {BB936323-19FA-4521-BA29-ECA6A121BC78}? - (no file)
O3 - IE工具栏增项: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\windows\system32\KakaTool.dll
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [RfwMain] "D:\Program Files\rixing\Rising\Rfw\rfwmain.exe" -Startup
O4 - 启动项HKLM\\Run: [NMGameX_AutoRun] C:\windows\system32\Rundll32.exe nmgamex.dll,LiveProcess /aa
O4 - 启动项HKLM\\Run: [YDTMain.exe] rem C:\PROGRA~1\YDT\YDTMain.exe
O4 - 启动项HKLM\\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - 启动项HKLM\\Run: [Update] C:\Program Files\Common Files\UPDAT\Update.exe
O4 - 启动项HKLM\\Run: [RavTask] "D:\Program Files\rixing\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [AC] C:\Documents and Settings\Administrator\桌面\bverify.exe
O4 - 启动项HKLM\\Run: [BigDog188] C:\windows\STI_188.EXE USB PC Camera (188)
O4 - 启动项HKLM\\Run: [Norton Ghost 9.0] ; D:\程序\ghost\HA_Norton_Ghost_9.0\norton ghost9.0\Agent\GhostTray.exe
O4 - 启动项HKLM\\Run: [xSoftAlarm] ; D:\程序\小软件\趣味软件\日记\xDiary\xDiary\Alarm.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [bgswitch] C:\WINDOWS\system32\bgswitch.exe
O4 - HKCU\..\Run: [STYLEXP] ; C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O8 - IE右键菜单中的新增项目: Save豪杰超级解霸V8实时播放 - D:\Program Files\jieba\MPURLGET.HTM
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - D:\Program Files\Tencent\qq\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - D:\PROGRA~1\FLASHGET\FLASHGET\FLASHGET\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - D:\PROGRA~1\FLASHGET\FLASHGET\FLASHGET\jc_all.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - D:\Program Files\Tencent\qq\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - D:\Program Files\Tencent\qq\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - D:\Program Files\Tencent\qq\SendMMS.htm
O8 - IE右键菜单中的新增项目: 豪杰超级解霸V8实时播放 - D:\Program Files\jieba\v8-注册\MPURLGET.HTM
O9 - 浏览器额外的按钮: 手机短信 - {00000000-0000-0001-0001-596BAEDD1289}? - http://sms.3721.com/ie/index.htm?pid=U_flashget_62580 (file missing)
O9 - 浏览器额外的按钮: 实用网址导航 - {1D901067-2529-4A9B-9B6B-7A1DB3A44CB5} - C:\Program Files\CoolWebsite\QuickLink.dll
O9 - 浏览器额外的按钮: 豪杰超级解霸V8 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - D:\Program Files\jieba\v8-注册\STHSDVD.EXE
O9 - 浏览器额外的“工具”菜单项: 豪杰超级解霸V8 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - D:\Program Files\jieba\v8-注册\STHSDVD.EXE
O9 - 浏览器额外的按钮: Yahoo 1G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97}? - http://cn.mail.yahoo.com/promo/rd1 (file missing)
O9 - 浏览器额外的按钮: 寻宝乐趣多 - {59BC54A2-56B3-44a0-93E5-432D58746E26}? - http://hot.3721.com/rd/shop_btn.htm (file missing)
O9 - 浏览器额外的按钮: 上网助手 - {5D73EE86-05F1-49ed-B850-E423120EC338}? - http://assistant.3721.com/index.htm?fb=Cns (file missing)
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Program Files\Tencent\qq\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Program Files\Tencent\qq\QQ.EXE
O9 - 浏览器额外的按钮: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\FLASHGET\FLASHGET\flashget.exe
O9 - 浏览器额外的“工具”菜单项: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\FLASHGET\FLASHGET\flashget.exe
O9 - 浏览器额外的按钮: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\Program Files\Tencent\qq\QQIEHelper.dll
O9 - 浏览器额外的“工具”菜单项: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\Program Files\Tencent\qq\QQIEHelper.dll
O9 - 浏览器额外的按钮: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6}? - D:\Program Files\Tencent\qq\QQIEHelper.dll
O9 - 浏览器额外的“工具”菜单项: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6}? - D:\Program Files\Tencent\qq\QQIEHelper.dll
O9 - 浏览器额外的按钮: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96}? - http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/ (file missing)
O9 - 浏览器额外的按钮: 新浪点点通 - {F60C7D81-8471-4D40-AAFE-56D318F34C2D} - C:\WINDOWS\Downlo~1\DDTONG~1.DLL
O9 - 浏览器额外的按钮: 访问瑞星网站 - {FF2DE7A6-ECB1-4CBC-9C0E-D92A9E66E444} - http://www.rising.com.cn (file missing)
O9 - 浏览器额外的按钮: 访问卡卡社区 - {FF2DE7A6-ECB1-4CBC-9C0E-D92A9E66E445} - http://www.ikaka.com (file missing)
O9 - 浏览器额外的按钮: (no name) - {974AD624-EA50-4831-A6C0-3040F6665396} - C:\WINDOWS\Downlo~1\rssband.dll (HKCU)
O9 - 浏览器额外的“工具”菜单项: 新浪点点通阅读器 - {974AD624-EA50-4831-A6C0-3040F6665396} - C:\WINDOWS\Downlo~1\rssband.dll (HKCU)
O9 - 浏览器额外的按钮: 新浪点点通阅读器 - {F0646DC8-58CD-4C64-8F6B-525043914685} - C:\WINDOWS\Downlo~1\rssband.dll (HKCU)
O16 - DPF: {3D8F74EE-8692-4F8F-B8D2-7522E732519E} (WebActivater Control) - http://game.qq.com/QQGame2.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (Rising Web Scan Object) - http://download.rising.com.cn/register/pcver/autoupgradepad/Ver2005/OL2005.cab
O16 - DPF: {F138084D-84D7-48CD-BEA8-04772457516E} (VqqSpeedDlProxy Class) - http://218.85.138.27/vqqsdl1009.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0C41B944-BE83-4C39-BC9A-04303E3417F5}: NameServer = 10.254.131.253
O17 - HKLM\System\CCS\Services\Tcpip\..\{54513129-ADF0-4E87-A1A7-48FE6E6169CF}: NameServer = 10.254.131.253
O17 - HKLM\System\CS1\Services\Tcpip\..\{0C41B944-BE83-4C39-BC9A-04303E3417F5}: NameServer = 10.254.131.253
O17 - HKLM\System\CS2\Services\Tcpip\..\{0C41B944-BE83-4C39-BC9A-04303E3417F5}: NameServer = 10.254.131.253
O23 - NT 服务: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - NT 服务: Event Client - Unknown owner - C:\Program Files\zsxz\UrlService.exe (file missing)
O23 - NT 服务: GEARSecurity - GEAR Software - C:\windows\System32\GEARSec.exe
O23 - NT 服务: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - NT 服务: Norton Ghost - Symantec Corporation - D:\程序\ghost\HA_Norton_Ghost_9.0\norton ghost9.0\Agent\PQV2iSvc.exe
O23 - NT 服务: Rising Proxy Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - d:\program files\rixing\rising\rfw\rfwproxy.exe
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - d:\program files\rixing\rising\rfw\rfwsrv.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - D:\PROGRAM FILES\RIXING\RISING\RAV\CCENTER.EXE
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\Program Files\rixing\Rising\Rav\Ravmond.exe
O23 - NT 服务: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

精灵qiuyu - 2006-6-14 22:05:00

以上日志，扫描时偶已经把主页改回来了，这一天下来没什么事，并没有再成为＂www.6781.com＂，不知道这日志里还有没有大侠要的线索！

顺便帮偶看看还有什么不妥的地方，今天瑞星杀毒时删掉一个叫＂backdoor.prosti.ex＂，不知道现在是不是没事了！

谢谢！辛苦了！

我无邪 - 2006-6-14 22:17:00

开始→运行→输入services.msc，打开“服务”→查找Event Client →双击→启动类型→禁止→停止→应用→确定。禁止Event Client这个服务
进入控制面版的添加删除程序中卸载酷站导航(CoolWebsite)
重启
关闭所有浏览窗口以及一些不必要的程序
运行Hijackthis，扫描结束后在下列选项前打上勾，然后选"修复""（如果有的话）
O2 - BHO: IDDTInitObj Class - {15DDE989-CD45-4561-BF99-D22C0D5C2B74} - C:\WINDOWS\Downlo~1\ddtinit.dll
O2 - BHO: URLMonitor Class - {3ED9FFDA-79DB-4B2D-99B7-16EA3C4A3A92} - C:\windows\system32\hap.dll
O2 - BHO: DownloadValue Class - {616D4040-5712-4F0F-BCF1-5C6420A99E14} - C:\windows\system32\winhtp.dll
O2 - BHO: KillObj Class - {66C28884-4E5D-494B-80C9-CAA27528FD6D} - C:\WINDOWS\Downlo~1\ddtkillw.ocx
O2 - BHO: NewWeb Controller - {9ACEEE31-1440-471B-AA46-72B061FE7D61} - C:\WINDOWS\system32\WinSC64.dll
O2 - BHO: AssistII - {BB936323-19FA-4521-BA29-ECA6A121BC78}? - (no file)
O2 - BHO: IEHlprObj Class - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - C:\windows\system32\IEHelper.dll
O2 - BHO: QuickBtn - {D1BB7CF4-4463-4e91-88D7-ECC3CE0A13B7} - C:\Program Files\CoolWebsite\QuickLink.dll
O2 - BHO: Subconscious Intruder - {E2218499-2FD4-4EED-A94A-7F0B9C6E300E} - C:\WINDOWS\system32\Inte32.dll
O3 - IE工具栏增项: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F}? - (no file)
O3 - IE工具栏增项: (no name) - {82315A18-6CFB-44a7-BDFD-90E36537C252}? - (no file)
O3 - IE工具栏增项: (no name) - {BB936323-19FA-4521-BA29-ECA6A121BC78}? - (no file
O4 - 启动项HKLM\\Run: [YDTMain.exe] rem C:\PROGRA~1\YDT\YDTMain.exe
O4 - 启动项HKLM\\Run: [Update] C:\Program Files\Common Files\UPDAT\Update.exe
O23 - NT 服务: Event Client - Unknown owner - C:\Program Files\zsxz\UrlService.exe
双击我的电脑，工具，文件夹选项，查看，单击选取"显示隐藏文件或文件夹"清除"隐藏受保护的操作系统文件（推荐）"复选框。在提示确定更改时，单击“是”，清除“隐藏已知文件类型的扩展名
另外提示（C:\DOCUME~1\你的用户名\LOCALS~1\Temp就是C:\Documents and Settings\你的用户名\Local Settings\Temp，C:\PROGRA~1就是C:\Program Files）
删除
C:\Program Files\zsxz
C:\Program Files\Common Files\UPDAT
C:\PROGRA~1\YDT
C:\WINDOWS\system32\Inte32.dll
C:\Program Files\CoolWebsite
C:\windows\system32\IEHelper.dll
C:\WINDOWS\system32\WinSC64.dll
C:\windows\system32\winhtp.dll
C:\windows\system32\hap.dll
C:\WINDOWS\Downlo~1\ddtinit.dll

精灵qiuyu - 2006-6-15 8:20:00

这么多啊！看起来好复杂！偶要好好看明白再动手！
再次谢谢＂我无邪＂的帮助！

小小雪白 - 2006-6-23 0:36:00

我有相同的问题，能不能也帮我一下？

小小雪白 - 2006-6-23 0:36:00

不好意思，贴错了，但又删不掉这个帖子

小小雪白 - 2006-6-23 0:37:00

同上

小小雪白 - 2006-6-23 0:45:00

Running Processes
[PID: 740][\SystemRoot\System32\smss.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 788][\??\C:\WINDOWS\system32\csrss.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 812][\??\C:\WINDOWS\system32\winlogon.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[C:\WINDOWS\System32\LgNotify.dll] <Intel Corporation><4, 1, 0, 0>
[C:\WINDOWS\system32\NavLogon.dll] <Symantec Corporation><10.0.2.2020>
[PID: 856][C:\WINDOWS\system32\services.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[PID: 868][C:\WINDOWS\system32\lsass.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[PID: 1028][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[PID: 1100][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[PID: 1160][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\System32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[PID: 1236][C:\WINDOWS\System32\S24EvMon.exe] <Intel Corporation ><4, 2, 0, 1>
[C:\WINDOWS\System32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[PID: 1284][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\System32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[PID: 1400][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\System32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[PID: 1560][C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe] <Symantec Corporation><103.5.7.3>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[C:\Program Files\Common Files\Symantec Shared\ccL35.dll] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] <Symantec Corporation><103.5.7.3>
[C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\BB.DLL] <Symantec Corporation><1,5,1,3>
[C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\SPBBCEVT.DLL] <Symantec Corporation><1,5,1,3>
[C:\Program Files\Common Files\Symantec Shared\ccSet.dll] <Symantec Corporation><103.5.7.3>
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCLOGIN.DLL] <Symantec Corporation><103.5.7.3>
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCPXYEVT.DLL] <Symantec Corporation><103.5.7.3>
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETEVT.DLL] <Symantec Corporation><103.5.7.3>
[C:\PROGRA~1\SYMANT~3\SYMANT~1\LOGFWDER.DLL] <Symantec Corporation><8.6.2.152>
[C:\WINDOWS\system32\SymNeti.DLL] <Symantec Corporation><6.0.1.105>
[C:\PROGRA~1\SYMANT~3\SYMANT~1\NISEVT.DLL] <Symantec Corporation><8.6.2.152>
[C:\Program Files\Symantec Client Security\Symantec AntiVirus\Cliproxy.dll] <Symantec Corporation><10.0.2.2020>
[C:\Program Files\Symantec Client Security\Symantec AntiVirus\NAVNTUTL.DLL] <Symantec Corporation><10.0.2.2020>
[c:\program files\common files\symantec shared\ssc\ScsComms.dll] <Symantec Corporation><10.0.2.2020>
[C:\WINDOWS\system32\nts.dll] <LANDesk Software Ltd.><6.12.0.141 E>
[C:\WINDOWS\system32\cba.dll] <LANDesk Software Ltd.><6.12.0.140 E>
[C:\WINDOWS\system32\MsgSys.dll] <LANDesk Software Ltd.><6.12.0.140 E>
[C:\WINDOWS\system32\PDS.DLL] <LANDesk Software Ltd.><6.12.0.140 E>
[C:\Program Files\Symantec Client Security\Symantec Client Firewall\SNLog.dll] <Symantec Corporation><8.6.2.152>
[PID: 1588][C:\Program Files\Common Files\Symantec Shared\ccProxy.exe] <Symantec Corporation><103.5.7.3>
[C:\WINDOWS\system32\SYMREDIR.dll] <Symantec Corporation><6.0.1.105>
[C:\WINDOWS\system32\SymNeti.DLL] <Symantec Corporation><6.0.1.105>
[C:\Program Files\Common Files\Symantec Shared\ccL35.dll] <Symantec Corporation><103.5.7.3>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Common Files\Symantec Shared\ccSet.dll] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Common Files\Symantec Shared\DPHTML.dll] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Common Files\Symantec Shared\DPJS.dll] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Common Files\Symantec Shared\DPVBS.dll] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Common Files\Symantec Shared\PFAdBlk.dll] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Common Files\Symantec Shared\PFMisc.dll] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Common Files\Symantec Shared\PFPriv.dll] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Common Files\Symantec Shared\PFSec.dll] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Common Files\Symantec Shared\PxyHTTP.dll] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Common Files\Symantec Shared\DPHTTP.dll] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Common Files\Symantec Shared\PxyIM.dll] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Common Files\Symantec Shared\ccProSub.dll] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Common Files\Symantec Shared\ccPxyEvt.dll] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Common Files\Symantec Shared\ccLogin.dll] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Common Files\Symantec Shared\ccCharCv.dll] <Symantec Corporation><103.5.7.3>
[PID: 1700][C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Common Files\Symantec Shared\ccL35.dll] <Symantec Corporation><103.5.7.3>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll] <Symantec Corporation><103.5.7.3>
[PID: 1712][C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe] <Symantec Corporation><8.6.2.152>
[C:\WINDOWS\system32\SymNeti.DLL] <Symantec Corporation><6.0.1.105>
[C:\Program Files\Symantec Client Security\Symantec Client Firewall\NISRES.DLL] <Symantec Corporation><8.6.2.152>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[C:\Program Files\Common Files\Symantec Shared\ccL35.dll] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Common Files\Symantec Shared\ccSet.dll] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Common Files\Symantec Shared\ccProSub.dll] <Symantec Corporation><103.5.7.3>
[PID: 1792][C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe] <Symantec Corporation><6.0.1.105>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[C:\WINDOWS\system32\SymNeti.dll] <Symantec Corporation><6.0.1.105>

小小雪白 - 2006-6-23 0:45:00

[PID: 176][C:\WINDOWS\system32\spoolsv.exe] <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[PID: 272][C:\WINDOWS\SYSTEM32\RUNDLL32.EXE] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\SYSTEM32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[PID: 312][C:\WINDOWS\system32\cisvc.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[PID: 332][C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe] <Symantec Corporation><10.0.2.2020>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[PID: 372][C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe] <Microsoft Corporation><7.00.9466>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[PID: 420][C:\WINDOWS\System32\RegSrvc.exe] <Intel Corporation><4, 1, 0, 0>
[C:\WINDOWS\System32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[PID: 448][C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe] <Analog Devices, Inc.><3, 2, 6, 0>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[PID: 464][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\System32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[PID: 500][C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe] <Symantec Corporation><10.0.2.2020>
[C:\WINDOWS\system32\CBA.DLL] <LANDesk Software Ltd.><6.12.0.140 E>
[C:\WINDOWS\system32\MsgSys.dll] <LANDesk Software Ltd.><6.12.0.140 E>
[C:\WINDOWS\system32\NTS.dll] <LANDesk Software Ltd.><6.12.0.141 E>
[C:\WINDOWS\system32\PDS.DLL] <LANDesk Software Ltd.><6.12.0.140 E>
[C:\Program Files\Symantec Client Security\Symantec AntiVirus\NAVLU.dll] <Symantec Corporation><10.0.2.2020>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[C:\Program Files\Symantec Client Security\Symantec AntiVirus\NAVNTUTL.DLL] <Symantec Corporation><10.0.2.2020>
[c:\program files\common files\symantec shared\ssc\ScsComms.dll] <Symantec Corporation><10.0.2.2020>
[C:\Program Files\Symantec Client Security\Symantec AntiVirus\I2ldvp3.dll] <Symantec Corporation><10.0.2.2020>
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Common Files\Symantec Shared\ccL35.dll] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Common Files\Symantec Shared\ccDec.dll] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Common Files\Symantec Shared\Decomposers\decsdk.dll] <Symantec Corporation><3.02.14.08>
[C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2.dll] <Symantec Corporation><3.02.14.08>
[C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ID.dll] <Symantec Corporation><3.02.14.08>
[C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Zip.dll] <Symantec Corporation><3.02.14.08>
[C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2SS.dll] <Symantec Corporation><3.02.14.08>
[C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2GZIP.dll] <Symantec Corporation><3.02.14.08>
[C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2CAB.dll] <Symantec Corporation><3.02.14.08>
[C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LHA.dll] <Symantec Corporation><3.02.14.08>
[C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ARJ.dll] <Symantec Corporation><3.02.14.08>
[C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TNEF.dll] <Symantec Corporation><3.02.14.08>
[C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LZ.dll] <Symantec Corporation><3.02.14.08>
[C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2AMG.dll] <Symantec Corporation><3.02.14.08>
[C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RAR.dll] <Symantec Corporation><3.02.14.08>
[C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TAR.dll] <Symantec Corporation><3.02.14.08>
[C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RTF.dll] <Symantec Corporation><3.02.14.08>
[C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Text.dll] <Symantec Corporation><3.02.14.08>
[C:\Program Files\Common Files\Symantec Shared\ccScan.dll] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL] <Symantec Corporation><51.2.0.12>
[C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060617.005\ccEraser.dll] <Symantec Corporation><106.1.5.2>
[C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefUtDCD.dll] <Symantec Corporation><3.1.13a.0>
[C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060617.005\ecmsvr32.dll] <Symantec Corporation><61.1.0.11>
[C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060617.005\NAVEX32a.DLL] <Symantec Corporation><20061.1.0.14>
[C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060617.005\NAVENG32.DLL] <Symantec Corporation><20061.1.0.14>
[C:\Program Files\Symantec Client Security\Symantec AntiVirus\NAVAP32.DLL] <Symantec Corporation><9.7.1.4>
[C:\Program Files\Symantec Client Security\Symantec AntiVirus\SAVRT32.DLL] <Symantec Corporation><9.7.1.4>
[C:\Program Files\Symantec Client Security\Symantec AntiVirus\IMail.dll] <Symantec Corporation><10.0.2.2020>
[C:\Program Files\Symantec Client Security\Symantec AntiVirus\vpmsece3.dll] <Symantec Corporation><10.0.2.2020>
[C:\Program Files\Symantec Client Security\Symantec AntiVirus\SymProtectStorage.dll] <Symantec Corporation><10.0.2.2020>
[C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCEvt.dll] <Symantec Corporation><1,5,1,3>
[C:\Program Files\Common Files\Symantec Shared\SSC\scandlgs.dll] <Symantec Corporation><10.0.2.2020>
[C:\Program Files\Symantec Client Security\Symantec AntiVirus\Cliscan.dll] <Symantec Corporation><10.0.2.2020>
[C:\Program Files\Common Files\Symantec Shared\SSC\LDVPCtls.ocx] <Symantec Corporation><10.0.2.2020>
[PID: 556][C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe] <Symantec Corporation><8.6.2.152>
[C:\WINDOWS\system32\SymNeti.DLL] <Symantec Corporation><6.0.1.105>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[C:\Program Files\Common Files\Symantec Shared\ccL35.dll] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Symantec Client Security\Symantec Client Firewall\NisEvt.dll] <Symantec Corporation><8.6.2.152>
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Common Files\Symantec Shared\ccProSub.dll] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Common Files\Symantec Shared\ccSet.dll] <Symantec Corporation><103.5.7.3>
[PID: 664][C:\WINDOWS\system32\wdfmgr.exe] <Microsoft Corporation><5.2.3790.1230 built by: DNSRV(bld4act)>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[PID: 1060][C:\WINDOWS\System32\alg.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\System32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>

小小雪白 - 2006-6-23 0:46:00

[PID: 2720][C:\WINDOWS\system32\ZCfgSvc.exe] <Intel Corporation><4, 2, 0, 4>
[C:\WINDOWS\system32\PfMgrApi.dll] <Intel Corporation><4, 2, 0, 1>
[C:\WINDOWS\system32\PsRegApi.dll] <Intel Corporation><4, 1, 0, 0>
[C:\WINDOWS\system32\WConfig.DLL] <Intel Corporation><4, 2, 0, 3>
[C:\WINDOWS\system32\WiFiAdap.DLL] <Intel Corporation><4, 1, 0, 0>
[C:\WINDOWS\system32\C1XStngs.dll] <><4, 2, 0, 2>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[C:\Program Files\Intel\PROSetWireless\PROSet\CHS\ZcSvcCHS.dll] <Intel Corporation><4, 2, 0, 4>
[C:\Program Files\Intel\PROSetWireless\PROSet\CHS\PmApiCHS.dll] <Intel Corporation><4, 2, 0, 1>
[C:\WINDOWS\system32\S24MUDLL.dll] <Intel Corporation><4, 1, 0, 0>
[C:\Program Files\Intel\PROSetWireless\PROSet\CHS\C1XStCHS.dll] <><4, 2, 0, 2>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[PID: 2908][C:\WINDOWS\Explorer.EXE] <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\Program Files\zepsoft\Wallpaper Calendar\MHookWC.dll] <Zepsoft><1.0.6.10>
[C:\WINDOWS\downlo~1\cnshook.dll] <北京三七二一科技有限公司><1, 0, 2, 4>
[C:\Program Files\CoolWebsite\QuickLink.dll] <Fengcent><1, 0, 0, 2>
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] <Adobe Systems, Inc.><7.0.0.0>
[C:\Program Files\WinRAR\rarext.dll] <N/A><N/A>
[C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll] <Symantec Corporation><10.0.2.2020>
[PID: 3092][C:\WINDOWS\System32\1XConfig.exe] <Intel><4, 2, 0, 0>
[C:\WINDOWS\System32\IntelAE5.dll] <Meetinghouse Data Communications><1, 42, 19, 1>
[C:\WINDOWS\System32\SSLEAY32.dll] <N/A><N/A>
[C:\WINDOWS\System32\LIBEAY32.dll] <N/A><N/A>
[C:\WINDOWS\System32\PsRegApi.dll] <Intel Corporation><4, 1, 0, 0>
[C:\WINDOWS\System32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[PID: 3204][C:\WINDOWS\system32\Rundll32.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\WINDOWS\downlo~1\CnsMinIO.dll] <北京三七二一科技有限公司><1, 0, 3, 4>
[C:\WINDOWS\downlo~1\cnsio.dll] <北京三七二一科技有限公司><1, 0, 2, 5>
[C:\WINDOWS\downlo~1\CnsMinEx.dll] <国风因特软件(北京)有限公司><1, 0, 3, 1>
[PID: 3728][C:\Program Files\Apoint2K\Apoint.exe] <Alps Electric Co., Ltd.><6.0.1.159>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[C:\WINDOWS\system32\VXDIF.DLL] <Alps Electric Co., Ltd.><6.0.1.59>
[C:\Program Files\Apoint2K\ApMain.DLL] <Alps Electric Co., Ltd.><6.0.1.10>
[C:\Program Files\Apoint2K\ApCommon.dll] <Alps Electric Co., Ltd.><6.0.2.16>
[C:\Program Files\Apoint2K\ApDual.dll] <Alps Electric Co., Ltd.><6.0.1.14>
[C:\Program Files\Apoint2K\ApPad.dll] <Alps Electric Co., Ltd.><6.0.1.35>
[C:\Program Files\Apoint2K\EzCapt.dll] <Alps Electric Co., Ltd.><6.0.1.14>
[C:\Program Files\Apoint2K\EzLaunch.dll] <Alps Electric Co., Ltd.><6.0.1.25>
[C:\Program Files\Apoint2K\ApStick.dll] <ALPS Electric Co., Ltd.><6.0.1.28>
[C:\Program Files\Apoint2K\ApOthers.dll] <Alps Electric Co., Ltd.><6.0.1.15>
[C:\Program Files\Apoint2K\ApMouse.dll] <ALPS Electric Co., Ltd.><6.0.1.25>
[C:\Program Files\Apoint2K\EzAuto.dll] <Alps Electric Co., Ltd.><4.5.1.83>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\Program Files\Apoint2K\ApString.dll] <Alps Electric Co., Ltd.><6.0.301.27>
[PID: 3776][C:\Program Files\TOSHIBA\TME3\TMERzCtl.EXE] <TOSHIBA><1, 0, 2, 9>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[C:\WINDOWS\TMEVALDD.dll] <Tohsiba><1, 0, 0, 3>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[PID: 3808][C:\WINDOWS\system32\TPWRTRAY.EXE] <TOSHIBA Corporation><6.00.21>
[C:\WINDOWS\system32\TPwrReg.dll] <TOSHIBA Corporation><6.00.9>
[C:\WINDOWS\system32\Tdevdetect.dll] <TOSHIBA Corporation><6.00.21>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[C:\WINDOWS\system32\TSCI.DLL] <Toshiba><1.0.0.0>
[C:\WINDOWS\system32\THCI.DLL] <Toshiba><1.0.0.0>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[PID: 3816][C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe] <TOSHIBA CORPORATION><2, 1, 0, 1>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[PID: 3864][C:\Program Files\Analog Devices\SoundMAX\PmProxy.exe] <adi><1, 0, 0, 18>
[C:\Program Files\Analog Devices\SoundMAX\PMCPL.cpl] <Analog Devices><1, 0, 0, 18>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[PID: 232][C:\Program Files\MessengerPlus! 3\MsgPlus.exe] <Patchou><3, 54, 0, 132>
[C:\Program Files\MessengerPlus! 3\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[C:\Program Files\MessengerPlus! 3\MsgPlusLoader1.dll] <Patchou><3, 50, 2, 0>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[PID: 328][C:\Program Files\Apoint2K\Apntex.exe] <Alps Electric Co., Ltd.><5.0.1.13>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[C:\WINDOWS\system32\VXDIF.DLL] <Alps Electric Co., Ltd.><6.0.1.59>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[PID: 1340][C:\WINDOWS\system32\conime.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[PID: 1348][C:\Program Files\Common Files\Symantec Shared\ccApp.exe] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Common Files\Symantec Shared\ccL35.dll] <Symantec Corporation><103.5.7.3>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] <Symantec Corporation><103.5.7.3>
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL] <Symantec Corporation><103.5.7.3>
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL] <Symantec Corporation><103.5.7.3>
[C:\PROGRA~1\SYMANT~3\SYMANT~1\NISPROD.DLL] <Symantec Corporation><8.6.2.152>
[C:\PROGRA~1\SYMANT~3\SYMANT~1\NISRES.DLL] <Symantec Corporation><8.6.2.152>
[C:\PROGRA~1\SYMANT~3\SYMANT~1\NISTRAY.DLL] <Symantec Corporation><8.6.2.152>
[C:\PROGRA~1\SYMANT~3\SYMANT~1\NISALERT.DLL] <Symantec Corporation><8.6.2.152>
[C:\WINDOWS\system32\SymNeti.DLL] <Symantec Corporation><6.0.1.105>
[C:\WINDOWS\system32\SYMREDIR.DLL] <Symantec Corporation><6.0.1.105>
[C:\Program Files\Common Files\Symantec Shared\ccSet.dll] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Common Files\Symantec Shared\ccLogin.dll] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Common Files\Symantec Shared\ccProSub.dll] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Symantec Client Security\Symantec Client Firewall\ccEmlflt.dll] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Symantec Client Security\Symantec Client Firewall\NISLCOM.dll] <Symantec Corporation><8.6.2.152>
[C:\Program Files\Common Files\Symantec Shared\ccPxyEvt.dll] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymFWAgt.dll] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Symantec Client Security\Symantec AntiVirus\SavEmail.dll] <Symantec Corporation><10.0.2.2020>
[C:\Program Files\Symantec Client Security\Symantec Client Firewall\SFWAlert.dll] <Symantec Corporation><8.6.2.152>
[C:\Program Files\Symantec Client Security\Symantec Client Firewall\ccFWSetg.dll] <Symantec Corporation><103.5.7.3>
[C:\Program Files\Symantec Client Security\Symantec Client Firewall\pRSettg.dll] <N/A><N/A>
[C:\Program Files\Symantec Client Security\Symantec Client Firewall\TLevel.dll] <Symantec Corporation><103.5.7.3>
[PID: 1368][C:\PROGRA~1\SYMANT~3\SYMANT~2\VPTray.exe] <Symantec Corporation><10.0.2.2020>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[C:\Program Files\Symantec Client Security\Symantec AntiVirus\SAVRT32.DLL] <Symantec Corporation><9.7.1.4>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\Program Files\Symantec Client Security\Symantec AntiVirus\Cliproxy.dll] <Symantec Corporation><10.0.2.2020>
[C:\PROGRA~1\SYMANT~3\SYMANT~2\NAVNTUTL.DLL] <Symantec Corporation><10.0.2.2020>
[c:\program files\common files\symantec shared\ssc\ScsComms.dll] <Symantec Corporation><10.0.2.2020>
[C:\WINDOWS\system32\nts.dll] <LANDesk Software Ltd.><6.12.0.141 E>
[C:\WINDOWS\system32\cba.dll] <LANDesk Software Ltd.><6.12.0.140 E>
[C:\WINDOWS\system32\MsgSys.dll] <LANDesk Software Ltd.><6.12.0.140 E>
[C:\WINDOWS\system32\PDS.DLL] <LANDesk Software Ltd.><6.12.0.140 E>
[PID: 1052][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] <RealNetworks, Inc.><0.1.0.3510>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>

小小雪白 - 2006-6-23 0:46:00

[PID: 976][C:\WINDOWS\system32\ctfmon.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[PID: 1556][C:\Documents and Settings\xuely\Start Menu\Programs\Startup\FaxCtrl.exe] <RightFAX, Inc.><7, 2, 0, 101>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\Program Files\RightFAX\rfifax32.dll] <RightFAX, Inc.><5.00>
[PID: 2556][C:\Program Files\zepsoft\Wallpaper Calendar\WallCal3.exe] <Zepsoft><3.0.2.87>
[C:\Program Files\zepsoft\Wallpaper Calendar\MHookWC.dll] <Zepsoft><1.0.6.10>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[PID: 2156][C:\WINDOWS\system32\cidaemon.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[PID: 3160][C:\WINDOWS\system32\cidaemon.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[PID: 2800][C:\Documents and Settings\xuely\Application Data\Microsoft\Internet Explorer\Quick Launch\MyIE.exe] <><2, 4, 1, 357>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\WINDOWS\system32\Macromed\Flash\Flash8.ocx] <Macromedia, Inc.><8,0,22,0>
[C:\WINDOWS\Downloaded Program Files\urSuperHost.dll] <F5 Networks><5400, 0, 41222, 1>
[C:\WINDOWS\Downloaded Program Files\urxhost.dll] <F5 Networks><5400, 0, 50316, 1>
[C:\WINDOWS\Downloaded Program Files\urxhostres.dll] <F5 Networks><2004, 8, 4, 1>
[C:\WINDOWS\Downloaded Program Files\urxdialer.dll] <F5 Networks><5400, 0, 50316, 1>
[C:\WINDOWS\Downloaded Program Files\urxdialerres.dll] <F5 Networks><2004, 6, 3, 1>
[C:\WINDOWS\Downloaded Program Files\urTermProxy.dll] <F5 Networks><5400, 0, 50412, 1>
[C:\WINDOWS\Downloaded Program Files\utunres.dll] <uRoam><2004, 6, 4, 1>
[PID: 2052][C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE] <Microsoft Corporation><11.0.6353>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\Program Files\Symantec Client Security\Symantec AntiVirus\vpmsece3.dll] <Symantec Corporation><10.0.2.2020>
[C:\Program Files\Symantec Client Security\Symantec AntiVirus\SAVRT32.DLL] <Symantec Corporation><9.7.1.4>
[C:\WINDOWS\downlo~1\cnshook.dll] <北京三七二一科技有限公司><1, 0, 2, 4>
[PID: 3408][C:\Program Files\Messenger\msmsgs.exe] <Microsoft Corporation><5.1.0639>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\WINDOWS\System32\quartz.dll] <N/A><N/A>
[C:\WINDOWS\System32\devenum.dll] <N/A><N/A>
[C:\WINDOWS\system32\msdmo.dll] <N/A><N/A>
[C:\Program Files\MessengerPlus! 3\MsgPlusH.dll] <Patchou><3, 54, 0, 132>
[C:\Program Files\MessengerPlus! 3\Resources\MsgPlusRes.dll] <Patchou><3, 50, 2, 0>
[PID: 3924][C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE] <Microsoft Corporation><11.0.6359>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPBF042E.DLL] <Hewlett-Packard Company><4.27.4100.441>
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPBF042G.DLL] <Hewlett-Packard Company><4.27.4100.441>
[PID: 3956][C:\WINDOWS\system32\rundll32.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[C:\WINDOWS\DOWNLO~1\URXDIA~2.DLL] <F5 Networks><5400, 0, 50316, 1>
[C:\WINDOWS\DOWNLO~1\urxdialerres.dll] <F5 Networks><2004, 6, 3, 1>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[PID: 1440][C:\Program Files\MSN Messenger\msnmsgr.exe] <Microsoft Corporation><7.5.0324>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\Program Files\MessengerPlus! 3\MsgPlusH.dll] <Patchou><3, 54, 0, 132>
[C:\Program Files\MessengerPlus! 3\Resources\MsgPlusRes.dll] <Patchou><3, 50, 2, 0>
[C:\Program Files\MessengerPlus! 3\RichEdHook.dll] <N/A><N/A>
[C:\WINDOWS\System32\devenum.dll] <N/A><N/A>
[C:\WINDOWS\system32\msdmo.dll] <N/A><N/A>
[C:\Program Files\MessengerPlus! 3\libsndfile.dll] <N/A><N/A>
[C:\Program Files\MessengerPlus! 3\lame_enc.dll] <N/A><N/A>
[PID: 1840][C:\Program Files\Google\Google Talk\googletalk.exe] <Google><1,0,0,92>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\WINDOWS\downlo~1\cnshook.dll] <北京三七二一科技有限公司><1, 0, 2, 4>
[PID: 3300][C:\WINDOWS\system32\mstsc.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\WINDOWS\System32\l3codeca.acm] <Fraunhofer Institut Integrierte Schaltungen IIS><1, 9, 0, 0305>
[C:\WINDOWS\system32\tssoft32.acm] <DSP GROUP, INC.><1.01>
[C:\WINDOWS\system32\tsd32.dll] <N/A><N/A>
[PID: 2728][C:\Program Files\Internet Explorer\iexplore.exe] <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>
[C:\WINDOWS\downlo~1\CnsHint.dll] <3721><1, 0, 0, 4>
[C:\WINDOWS\downlo~1\cnsplus.dll] <3721><1, 0, 0, 2>
[C:\WINDOWS\system32\crc33.dll] <><1, 0, 0, 1>
[C:\Program Files\CoolWebsite\QuickLink.dll] <Fengcent><1, 0, 0, 2>
[C:\WINDOWS\system32\Macromed\Flash\Flash8.ocx] <Macromedia, Inc.><8,0,22,0>
[PID: 492][C:\Downloads\software\SREng2\SREng.exe] <Smallfrogs Studio><2.0.21.505>
[C:\WINDOWS\system32\MsgPlusLoader.dll] <Patchou><3, 50, 2, 0>
[C:\WINDOWS\downlo~1\CnsMin.dll] <北京三七二一科技有限公司><1, 5, 3, 1>

瑞星卡卡安全论坛