瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 中了www.200266.com怎么办?。在线等。。。。

12   2  /  2  页   跳转

中了www.200266.com怎么办?。在线等。。。。

收藏
04aclr
头像
初生襁褓狮
  • 帖子:68
  • 注册: 2006-04-17
  • 来自:
发表于: 2006-11-29 15:14 | 只看楼主 短消息 资料
字号: 11楼

PID: 628][C:\windows\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.10.8185]
[PID: 900][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 1020][F:\vmware\1\vmware-authd.exe]  [VMware, Inc., 5.5.1 build-19175]
[PID: 1212][C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe]  [VMware, Inc., 5.5.1 build-19175]
    [C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmxScsiLib.dll]  [VMware, Inc., 5.5.1 build-19175]
[PID: 1276][C:\windows\system32\vmnat.exe]  [VMware, Inc., 5.5.1 build-19175]
[PID: 1328][C:\windows\system32\vmnetdhcp.exe]  [VMware, Inc., 5.5.1 build-19175]
[PID: 1520][D:\usr\local\httpd\bin\Apache.exe]  [Apache Software Foundation, 2.0.55]
    [D:\usr\local\httpd\bin\libapr.dll]  [Apache Software Foundation, 0.9.7]
    [D:\usr\local\httpd\bin\libaprutil.dll]  [Apache Software Foundation, 0.9.7]
    [D:\usr\local\httpd\bin\libapriconv.dll]  [Apache Software Foundation, 0.9.7]
    [D:\usr\local\httpd\bin\libhttpd.dll]  [Apache Software Foundation, 2.0.55]
    [D:\usr\local\httpd\modules\mod_access.so]  [Apache Software Foundation, 2.0.55]
    [D:\usr\local\httpd\modules\mod_actions.so]  [Apache Software Foundation, 2.0.55]
    [D:\usr\local\httpd\modules\mod_alias.so]  [Apache Software Foundation, 2.0.55]
    [D:\usr\local\httpd\modules\mod_asis.so]  [Apache Software Foundation, 2.0.55]
    [D:\usr\local\httpd\modules\mod_auth.so]  [Apache Software Foundation, 2.0.55]
    [D:\usr\local\httpd\modules\mod_autoindex.so]  [Apache Software Foundation, 2.0.55]
    [D:\usr\local\httpd\modules\mod_cgi.so]  [Apache Software Foundation, 2.0.55]
    [D:\usr\local\httpd\modules\mod_dir.so]  [Apache Software Foundation, 2.0.55]
    [D:\usr\local\httpd\modules\mod_env.so]  [Apache Software Foundation, 2.0.55]
    [D:\usr\local\httpd\modules\mod_imap.so]  [Apache Software Foundation, 2.0.55]
    [D:\usr\local\httpd\modules\mod_include.so]  [Apache Software Foundation, 2.0.55]
    [D:\usr\local\httpd\modules\mod_isapi.so]  [Apache Software Foundation, 2.0.55]
    [D:\usr\local\httpd\modules\mod_log_config.so]  [Apache Software Foundation, 2.0.55]
    [D:\usr\local\httpd\modules\mod_mime.so]  [Apache Software Foundation, 2.0.55]
    [D:\usr\local\httpd\modules\mod_negotiation.so]  [Apache Software Foundation, 2.0.55]
    [D:\usr\local\httpd\modules\mod_rewrite.so]  [Apache Software Foundation, 2.0.55]
    [D:\usr\local\httpd\modules\mod_setenvif.so]  [Apache Software Foundation, 2.0.55]
    [D:\usr\local\httpd\modules\mod_status.so]  [Apache Software Foundation, 2.0.55]
    [D:\usr\local\httpd\modules\php5apache2.dll]  [The PHP Group, 5.0.5.5]
    [C:\windows\system32\php5ts.dll]  [The PHP Group, 5.0.5.5]
    [D:\usr\local\httpd\modules\mod_deflate.so]  [Apache Software Foundation, 2.0.55]
    [D:\usr\local\zend\ZendExtensionManager.dll]  [N/A, N/A]
    [D:\usr\local\php\ext\php_mbstring.dll]  [The PHP Group, 5.0.5.5]
    [D:\usr\local\php\ext\php_cpdf.dll]  [The PHP Group, 5.0.5.5]
    [D:\usr\local\php\ext\php_curl.dll]  [The PHP Group, 5.0.5.5]
    [C:\windows\system32\SSLEAY32.dll]  [The OpenSSL Project, http://www.openssl.org/, 0.9.8]
    [C:\windows\system32\LIBEAY32.dll]  [The OpenSSL Project, http://www.openssl.org/, 0.9.8]
    [D:\usr\local\php\ext\php_exif.dll]  [The PHP Group, 5.0.5.5]
    [D:\usr\local\php\ext\php_fdf.dll]  [The PHP Group, 5.0.5.5]
    [C:\windows\system32\FdfTk.dll]  [Adobe Systems Incorporated, 5.0.0.2001060800]
    [D:\usr\local\php\ext\php_gd2.dll]  [The PHP Group, 5.0.5.5]
    [D:\usr\local\php\ext\php_imap.dll]  [The PHP Group, 5.0.5.5]
    [D:\usr\local\php\ext\php_mhash.dll]  [The PHP Group, 5.0.5.5]
    [C:\windows\system32\libmhash.dll]  [N/A, N/A]
    [D:\usr\local\php\ext\php_mime_magic.dll]  [The PHP Group, 5.0.5.5]
    [D:\usr\local\php\ext\php_mysql.dll]  [The PHP Group, 5.0.5.5]
    [C:\windows\system32\LIBMYSQL.dll]  [N/A, N/A]
    [D:\usr\local\php\ext\php_pgsql.dll]  [The PHP Group, 5.0.5.5]
    [D:\usr\local\zend\php-5.0.x\ZendOptimizer.dll]  [N/A, N/A]
[PID: 3848][C:\windows\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3332][E:\Maxthon\Max.exe]  [Maxthon International Ltd., 1, 5, 3, 18]
    [E:\Maxthon\maxzlib.dll]  [ , 1, 0, 0, 2]
    [F:\迅雷\WebThunderBHO_015.dll]  [Thunder Networking Technologies,LTD, 6, 0, 0, 5]
    [F:\vmware\1\vmPerfmon.dll]  [VMware, Inc., 5.5.1 build-19175]
    [E:\Maxthon\Services\RealTime\real_time.dll]  [, 1, 0, 0, 1]
    [C:\windows\system32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
[PID: 4068][F:\杀毒\Sreng\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

================================
gototop
 
04aclr
头像
初生襁褓狮
  • 帖子:68
  • 注册: 2006-04-17
  • 来自:
发表于: 2006-11-29 15:15 | 只看楼主 短消息 资料
字号: 12楼

有高手帮忙看看日志还有什么问题吗
gototop
 
不言放弃
头像
社区嘉宾
  • 帖子:30678
  • 注册: 2004-09-17
  • 来自:蓝色星球
发表于: 2006-11-29 15:20 | 短消息 资料
字号: 13楼

【回复“04aclr”的帖子】
修复如下服务项:
[DCOM Server Process Launcd. / DCOM Server Process Launcd]
<C:\Program Files\WindowsUpdate\Internen><N/A>

[E772FBD9 / E772FBD9]
<C:\windows\system32\E772FBD9.EXE -service><N/A>

===========

开始--运行
输入regedit
确定
进入注册表
依次展开
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet00X\Services](X代表1,2,3,4....)
找到后删除如下文件夹:
DCOM Server Process Launcd
E772FBD9

依次展开
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet00X\Enum\Root\](X代表1,2,3,4....)
删除如下文件夹:
LEGACY_DCOM Server Process Launcd
LEGACY_E772FBD9

=============

删除
C:\Program Files\WindowsUpdate\
C:\windows\system32\E772FBD9.EXE
gototop
 
04aclr
头像
初生襁褓狮
  • 帖子:68
  • 注册: 2006-04-17
  • 来自:
发表于: 2006-11-29 15:45 | 只看楼主 短消息 资料
字号: 14楼

谢谢你们的帮助 啊,感觉不尽
gototop
 
<<上一主题|下一主题>>
12   2  /  2  页   跳转
页面顶部
Powered by Discuz!NT