12   2  /  2  页   跳转

求救怎么消除清除变种木马

收藏
cxlymb
头像
初生襁褓狮
  • 帖子:115
  • 注册: 2006-06-18
  • 来自:
发表于: 2006-08-14 17:38 | 只看楼主 短消息 资料
字号: 11楼

[C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 0, 1013>
[PID: 4024][C:\WINDOWS\system32\rundll32.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 1, 0, 1325>
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 1>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 0, 1013>
    [C:\PROGRA~1\3721\autolive.dll]  <><1, 1, 7, 1326>
    [C:\PROGRA~1\3721\alLiveEx.dll]  < ><1, 0, 3, 1006>
[PID: 1700][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 1, 0, 1325>
    [C:\PROGRA~1\3721\scrblock.dll]  <3721><1, 0, 1, 1000>
    [C:\PROGRA~1\3721\alrex.dll]  <><1, 0, 1, 1001>
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 1>
    [C:\WINDOWS\DOWNLO~1\CnsHint.dll]  <3721><1, 0, 0, 9>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 0, 1013>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\yscrblock.dll]  <Yahoo><1, 0, 2, 1002>
    [C:\PROGRA~1\3721\autolive.dll]  <><1, 1, 7, 1326>
    [C:\PROGRA~1\3721\alLiveEx.dll]  < ><1, 0, 3, 1006>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\YAlive.dll]  <><2, 1, 5, 1045>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll]  < ><2, 0, 1, 1007>
    [C:\WINDOWS\DOWNLO~1\cnsplus.dll]  <3721><1, 0, 0, 2>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll]  <Yahoo!><2, 1, 8, 1048>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yaswiper.dll]  <Yahoo><1, 0, 1, 1004>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasiesec.dll]  <Yahoo><1, 0, 2, 1003>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasnoad.dll]  <><1, 1, 4, 1006>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yzsNetProto.dll]  <Yahoo><1, 0, 0, 1>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll]  <Yahoo! China><1, 1, 3, 1035>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrss.dll]  <Yahoo! China><1, 0, 1, 1015>
    [C:\WINDOWS\DOWNLO~1\CnsHook.dll]  <北京三七二一科技有限公司><1, 0, 2, 7>
    [C:\WINDOWS\system32\xunleibho_v8.dll]  <Thunder Networking Technologies,LTD><4, 5, 1, 33>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll]  <Yahoo.><1, 0, 2, 1002>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL]  <><1, 2, 7, 1006>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\scrchpg.dll]  <Kaspersky Lab><5.0.1.18>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\scrch_ag.dll]  <Kaspersky Lab><5.0.372.1>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\FSSync.dll]  <Kaspersky Lab><5.0.372.0>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\pr_rmt.dll]  <Kaspersky Lab><5.0.372.0>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\ccclient.dll]  <Kaspersky Lab><5.0.372.1>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\klipc.dll]  <Kaspersky Lab><5.0.372.0>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\KLUtil.dll]  <Kaspersky Lab><5.0.372.1>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\rpt.dll]  <Kaspersky Lab><5.0.372.2>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\CCIFACE.dll]  <Kaspersky Lab><5.0.372.1>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\prloader.dll]  <Kaspersky Lab><5.0.372.0>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\prkernel.ppl]  <Kaspersky Lab><5.0.372.0>
    [c:\program files\kaspersky lab\kaspersky anti-virus personal pro\prstring.ppl]  <Kaspersky Lab><5.0.372.0>
    [c:\program files\kaspersky lab\kaspersky anti-virus personal pro\pr_srv.ppl]  <Kaspersky Lab><5.0.372.0>
gototop
 
cxlymb
头像
初生襁褓狮
  • 帖子:115
  • 注册: 2006-06-18
  • 来自:
发表于: 2006-08-14 17:39 | 只看楼主 短消息 资料
字号: 12楼

[c:\program files\kaspersky lab\kaspersky anti-virus personal pro\pr_clnt.ppl]  <Kaspersky Lab><5.0.372.0>
    [c:\program files\kaspersky lab\kaspersky anti-virus personal pro\tempfile.ppl]  <Kaspersky Lab><5.0.372.0>
    [C:\WINDOWS\system32\macromed\flash\flash.ocx]  <Macromedia, Inc.><6,0,79,0>
[PID: 3648][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 1, 0, 1325>
    [C:\PROGRA~1\3721\scrblock.dll]  <3721><1, 0, 1, 1000>
    [C:\PROGRA~1\3721\alrex.dll]  <><1, 0, 1, 1001>
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 1>
    [C:\WINDOWS\DOWNLO~1\CnsHint.dll]  <3721><1, 0, 0, 9>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 0, 1013>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\yscrblock.dll]  <Yahoo><1, 0, 2, 1002>
    [C:\PROGRA~1\3721\autolive.dll]  <><1, 1, 7, 1326>
    [C:\PROGRA~1\3721\alLiveEx.dll]  < ><1, 0, 3, 1006>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\YAlive.dll]  <><2, 1, 5, 1045>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll]  < ><2, 0, 1, 1007>
    [C:\WINDOWS\DOWNLO~1\cnsplus.dll]  <3721><1, 0, 0, 2>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll]  <Yahoo!><2, 1, 8, 1048>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yaswiper.dll]  <Yahoo><1, 0, 1, 1004>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasiesec.dll]  <Yahoo><1, 0, 2, 1003>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasnoad.dll]  <><1, 1, 4, 1006>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yzsNetProto.dll]  <Yahoo><1, 0, 0, 1>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll]  <Yahoo! China><1, 1, 3, 1035>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrss.dll]  <Yahoo! China><1, 0, 1, 1015>
    [C:\WINDOWS\DOWNLO~1\CnsHook.dll]  <北京三七二一科技有限公司><1, 0, 2, 7>
    [C:\WINDOWS\system32\xunleibho_v8.dll]  <Thunder Networking Technologies,LTD><4, 5, 1, 33>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll]  <Yahoo.><1, 0, 2, 1002>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL]  <><1, 2, 7, 1006>
    [C:\WINDOWS\DOWNLO~1\CnsMinIO.dll]  <北京三七二一科技有限公司><1, 0, 3, 7>
    [C:\WINDOWS\DOWNLO~1\cnsio.dll]  <北京三七二一科技有限公司><1, 0, 2, 8>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\scrchpg.dll]  <Kaspersky Lab><5.0.1.18>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\scrch_ag.dll]  <Kaspersky Lab><5.0.372.1>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\FSSync.dll]  <Kaspersky Lab><5.0.372.0>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\pr_rmt.dll]  <Kaspersky Lab><5.0.372.0>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\ccclient.dll]  <Kaspersky Lab><5.0.372.1>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\klipc.dll]  <Kaspersky Lab><5.0.372.0>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\KLUtil.dll]  <Kaspersky Lab><5.0.372.1>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\rpt.dll]  <Kaspersky Lab><5.0.372.2>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\CCIFACE.dll]  <Kaspersky Lab><5.0.372.1>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\prloader.dll]  <Kaspersky Lab><5.0.372.0>
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\prkernel.ppl]  <Kaspersky Lab><5.0.372.0>
    [c:\program files\kaspersky lab\kaspersky anti-virus personal pro\prstring.ppl]  <Kaspersky Lab><5.0.372.0>
    [c:\program files\kaspersky lab\kaspersky anti-virus personal pro\pr_srv.ppl]  <Kaspersky Lab><5.0.372.0>
    [c:\program files\kaspersky lab\kaspersky anti-virus personal pro\pr_clnt.ppl]  <Kaspersky Lab><5.0.372.0>
gototop
 
cxlymb
头像
初生襁褓狮
  • 帖子:115
  • 注册: 2006-06-18
  • 来自:
发表于: 2006-08-14 17:39 | 只看楼主 短消息 资料
字号: 13楼

[c:\program files\kaspersky lab\kaspersky anti-virus personal pro\tempfile.ppl]  <Kaspersky Lab><5.0.372.0>
    [C:\WINDOWS\system32\UNISPIM.IME]  <北京清华紫光软件股份有限公司><3.0.0.3045>
    [C:\PROGRA~1\yahoo!\assistant\Shell\yAssecblk.dll]  <Yahoo><1, 0, 2, 1002>
    [c:\progra~1\yahoo!\assist~1\assist\yadfil~1.dll]  < ><1, 0, 3, 1002>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrepair.dll]  <Yahoo><1, 0, 8, 1321>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasfsks.dll]  <3721.com><2, 1, 1, 87>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yoptimum.dll]  <Yahoo><1, 0, 1, 1001>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yXPStyle.dll]  <Yahoo><1, 0, 2, 1309>
[PID: 2908][C:\DOCUME~1\aaa\LOCALS~1\Temp\Rar$EX00.062\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 1, 0, 1325>
    [C:\WINDOWS\DOWNLO~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 1>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 0, 1013>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
gototop
 
mopery
头像
卡卡技术团队
  • 帖子:17737
  • 注册: 2005-12-06
  • 来自:New York
卡卡名人堂论坛9周年纪念
发表于: 2006-08-14 17:46 | 短消息 资料
字号: 14楼

http://www.pctutu.com/srmsdown.asp
下载超级兔子..用超级兔子清理王卸载流氓软件...(安全模式...)
gototop
 
cxlymb
头像
初生襁褓狮
  • 帖子:115
  • 注册: 2006-06-18
  • 来自:
发表于: 2006-08-15 16:50 | 只看楼主 短消息 资料
字号: 15楼

请问,我按你的方法下了超级兔子,可是还是存在变种木马
gototop
 
<<上一主题|下一主题>>
12   2  /  2  页   跳转
页面顶部
Powered by Discuz!NT