斧头大哥 - 2008-1-24 21:10:00
偶是个菜鸟,不慎中招了!!!急呀~~~
请各路英雄、大侠帮帮忙吧~~~~
系统时间被修改到了2004年,不知道中了什么毒!!!
从网上下的工具检测到机器中有无数的木马!本机也有瑞星杀毒软件就是杀不到~~~
帮帮忙吧~~~
以下是导出的木马病毒清单:
C:\WINDOWS\0165.exe
C:\WINDOWS\uusee109027.exe
C:\WINDOWS\system32\ntd.exe
C:\WINDOWS\system32\SkypeClient.exe
C:\WINDOWS\microsoftimm.exe
C:\WINDOWS\system32\drivers\idnaux.sys
C:\Program Files\ocins\srchsp.dll
C:\Program Files\ocins\config.exe
C:\Program Files\hfee\SVOHOST.EXE
C:\WINDOWS\system32\idnreg.dll
C:\Program Files\daemon tools searchbar\whse.exe
C:\WINDOWS\system32\drivers\cnprov.sys
C:\Program Files\Save\ACM.dll
C:\Program Files\Save\ffext.mod
C:\Program Files\Save\save.db
C:\Program Files\Save\Save.exe
C:\Program Files\Save\save.htm
C:\Program Files\Save\SaveUninst.exe
C:\Program Files\Save\store.db
C:\Documents and Settings\All Users\「开始」菜单\易趣购物.lnk
C:\Program Files\AD4All\Install.exe
C:\Program Files\AD4All\install.ini
C:\WINDOWS\system32\msrundll.exe
C:\Documents and Settings\xwd\「开始」菜单\程序\WhenU\Customer Support.lnk
C:\Documents and Settings\xwd\「开始」菜单\程序\WhenU\Learn More About WhenU Save.url
C:\Documents and Settings\xwd\「开始」菜单\程序\WhenU\Learn More About WhenU SaveNow.url
C:\Documents and Settings\xwd\「开始」菜单\程序\WhenU\Uninstall Instructions.lnk
C:\Documents and Settings\xwd\「开始」菜单\程序\WhenU\Uninstall.lnk
C:\Documents and Settings\xwd\「开始」菜单\程序\WhenU\WhenU Help Desk.lnk
C:\Documents and Settings\xwd\「开始」菜单\程序\WhenU\WhenU.com Website.url
C:\Documents and Settings\xwd\「开始」菜单\程序\WhenUSearch\WhenUSearch Desktop Toolbar.lnk
C:\WINDOWS\system32\ebay.ico
C:\WINDOWS\Downloaded Program Files\WinIo.vxd
C:\WINDOWS\Downloaded Program Files\WinIo.sys
C:\WINDOWS\Downloaded Program Files\WINIO.dll
C:\WINDOWS\Downloaded Program Files\VersionNew.ini
C:\WINDOWS\Downloaded Program Files\toolbar.bmp
C:\WINDOWS\Downloaded Program Files\surfhelp.ini
C:\Program Files\Super Rabbit\MagicSet\haokanbar2.dll
C:\WINDOWS\system32\mprmsgse.axz
C:\WINDOWS\system32\mscpx32r.det
C:\Program Files\3721\alLiveEx.dll
C:\Program Files\3721\scrblock.dll
C:\Program Files\super rabbit\magicset\haokanbar.dll
C:\Program Files\3721\notifier.dll
C:\WINDOWS\system32\ssup.dll
C:\Documents and Settings\All Users\Favorites\酷宝图铃·手机图片铃声无限.lnk
C:\Documents and Settings\All Users\Favorites\eBay-易趣购物.url
C:\Documents and Settings\All Users\Favorites\易趣购物.lnk_被屏蔽木马
C:\Documents and Settings\xwd\Favorites\易趣购物.lnk
C:\Documents and Settings\xwd\Favorites\易趣购物.lnk
C:\WINDOWS\Downloaded Program Files\BARHEL~1.DLL
C:\WINDOWS\system32\t3j4up.dll
C:\Program Files\3721\AutoLive.dll
C:\WINDOWS\system32\mstssc.exe
C:\Program Files\save\Save.exe
C:\Program Files\save\SaveUninst.exe
C:\Program Files\save\ACM.dll
c:\1
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\weblive.exe
C:\WINDOWS\system32\wmpcd32.dll_被屏蔽木马
C:\WINDOWS\Downloaded Program Files\keepmain.dll
C:\WINDOWS\Downloaded Program Files\CnsMinIO.dll
C:\WINDOWS\Downloaded Program Files\cnsio.dll
C:\Program Files\save\Save.exe
C:\WINDOWS\wc98pp.dll
C:\WINDOWS\system32\zstatus.exe
[用户系统信息]Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; TencentTraveler )
斧头大哥 - 2008-1-24 21:33:00
各位高人指点一下呀~
豪斯登堡新郎 - 2008-1-24 21:41:00
下载 System Repair Engineer系统扫描工具软件,下载地址如下:
http://www.kztechs.com/sreng/download.html
扫描和上传日志的方法:
1、解压缩所下载的sreng2.zip压缩包;
2、打开已经解压缩的SRENG文件夹,双击运行其中的SREngPS.exe;
3、依次按“智能扫描”、“扫描”、“保存报告”,将日志保存到硬盘上;
4、把日志扩展名改为.txt.然后以附件形式传上来,请不要更改日志内容.
友情提示:
1、扫描日志前请先关闭所有打开的软件(如QQ、迅雷等程序和IE窗口,注意,是关闭而不是最小化窗口)
2、注意在没有进一步提示前,请勿用SRENG工具胡乱修复,否则系统可能变的情况更糟。
未成年不二良 - 2008-1-25 7:41:00
易趣购物明显是插件
© 2000 - 2026 Rising Corp. Ltd.