我电脑不知道为什么居然中这种病毒了。求高手帮忙!今天下载了SRENG,我现在把报告贴出来。(不知道我步骤对了没有)我下载Sreng后,就点击它的“智能扫描”。
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><; C:\WINDOWS\System32\ctfmon.exe> [(Verified)Microsoft Corporation]
<NvMediaCenter><; RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit> [(Verified)NVIDIA Corporation]
<svchost><; C:\DOCUME~1\liu_yang\LOCALS~1\Temp\mcrar.exe> [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<ShStatEXE><"C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE> [Network Associates, Inc.]
<McAfeeUpdaterUI><"C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey> [Network Associates, Inc.]
<Network Associates Error Reporting Service><"C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"> [Network Associates, Inc.]
<WangWang><"F:\童猪猪的文件夹\淘宝旺旺\WangWang.EXE"> [N/A]
<NvCplDaemon><; RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup> [(Verified)NVIDIA Corporation]
<IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Corporation]
<nwiz><; nwiz.exe /install> [(Verified)NVIDIA Corporation]
<PHIME2002A><; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [(Verified)Microsoft Corporation]
<PHIME2002ASync><; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [(Verified)Microsoft Corporation]
<r><; C:\WINDOWS\down\rundll32.exe> [N/A]
<rzt><; C:\WINDOWS\Intel\rundll32.exe> [N/A]
<Smapp><; C:\Program Files\Analog Devices\SoundMAX\SMTray.exe> [Analog Devices, Inc.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Corporation]
==================================
启动文件夹
[腾讯QQ]
<C:\Documents and Settings\liu_yang\「开始」菜单\程序\启动\腾讯QQ.lnk --> F:\童猪猪的文件夹\qq\QQ.exe [N/A]><N>
==================================
服务
[Human Interface Device Access / HidServ]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[McAfee Framework 服务 / McAfeeFramework]
<C:\Program Files\Network Associates\Common Framework\FrameworkService.exe /ServiceStart><Network Associates, Inc.>
[Network Associates McShield / McShield]
<"C:\Program Files\Network Associates\VirusScan\Mcshield.exe"><Network Associates, Inc.>
[Network Associates Task Manager / McTaskManager]
<"C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe"><Network Associates, Inc.>
[NVIDIA Display Driver Service / NVSvc]
<C:\WINDOWS\System32\nvsvc32.exe><NVIDIA Corporation>
[SoundMAX Agent Service / SoundMAX Agent Service (default)]
<C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe><Analog Devices, Inc.>
==================================
驱动程序
[aeaudio / aeaudio]
<system32\drivers\aeaudio.sys><Andrea Electronics Corporation>
[EIO / EIO]
<\??\C:\WINDOWS\system32\drivers\EIO.sys><ASUSTeK Computer Inc.>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS]
<System32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[kmsinput / kmsinput]
<\??\C:\WINDOWS\System32\drivers\kmsinput.sys><N/A>
[NaiAvFilter1 / NaiAvFilter1]
<system32\drivers\naiavf5x.sys><Network Associates, Inc.>
[NaiAvTdi1 / NaiAvTdi1]
<system32\drivers\mvstdi5x.sys><Network Associates, Inc.>
[npkycryp / npkycryp]
<\??\F:\童猪猪的文件夹\qq\npkycryp.sys><N/A>
[nv / nv]
<System32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink]
<System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Secdrv / Secdrv]
<System32\DRIVERS\secdrv.sys><N/A>
[smwdm / smwdm]
<system32\drivers\smwdm.sys><Analog Devices, Inc.>
