每次开机瑞星监控就提示ctfmon.exe修改注册表,高手帮忙【求助】 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛每次开机瑞星监控就提示ctfmon.exe修改注册表,高手帮忙【求助】

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

12

2 / 2 页

跳转页

每次开机瑞星监控就提示ctfmon.exe修改注册表,高手帮忙【求助】

langbao2 初生襁褓狮帖子:11 注册: 2007-04-17 来自:	发表于： 2007-04-17 21:09 \| 短消息资料字号：小中大 11楼 C:\WINDOWS\system32\dumprep.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN KernelFaultCheck 2007-04-01 22:33 删除同意修改 C:\Program Files\AresMaX\Max.exe HKEY_CLASSES_ROOT\TXTFILE\SHELL\OPEN\COMMAND C:\WINDOWS\notepad.exe %1 2007-04-01 22:41 修改同意修改 C:\WINDOWS\system32\Restore\rstrui.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE *Restore C:\WINDOWS\system32\restore\rstrui.exe -i 2007-04-01 22:48 修改同意修改 E:\临时下载文件夹\SREng.EXE HKEY_CLASSES_ROOT\INIFILE\SHELL\OPEN\COMMAND 2007-04-01 23:12 修改同意修改 E:\临时下载文件夹\SREng.EXE HKEY_CLASSES_ROOT\INFFILE\SHELL\OPEN\COMMAND 2007-04-01 23:12 修改同意修改 E:\临时下载文件夹\SREng.EXE HKEY_CLASSES_ROOT\.VBS vbsfile 2007-04-01 23:12 修改同意修改 D:\超级巡警\ast\ast.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN Anti-Spy Tools D:\超级巡警\ast\ast.exe -min 2007-04-02 13:10 修改同意修改 D:\超级巡警\ast\ast.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN Anti-Spy Tools 2007-04-02 13:54 删除同意修改 D:\Windows优化大师\WoptiUtilities.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN NvCplDaemon 2007-04-07 21:45 删除同意修改 D:\Windows优化大师\WoptiUtilities.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN NvMediaCenter 2007-04-07 21:45 删除同意修改 D:\Windows优化大师\WoptiUtilities.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN !AVG Anti-Spyware 2007-04-07 21:45 删除同意修改 D:\Windows优化大师\WoptiUtilities.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN VMSnap1 2007-04-07 21:45 删除同意修改 D:\Windows优化大师\WoptiUtilities.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN 360Safetray 2007-04-07 21:45 删除同意修改 D:\AVG Anti-Spyware 7.5\avgas.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN !AVG Anti-Spyware "D:\AVG Anti-Spyware 7.5\avgas.exe" /minimized 2007-04-14 12:37 修改同意修改 D:\黄山IE修复专家\hsreg.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN !AVG Anti-Spyware 2007-04-14 12:42 删除拒绝修改 D:\黄山IE修复专家\hsreg.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN 360Safetray 2007-04-14 12:42 删除拒绝修改 D:\黄山IE修复专家\hsreg.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN NvCplDaemon 2007-04-14 12:42 删除拒绝修改 C:\WINDOWS\regedit.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM DisableRegistryTools 2007-04-14 12:42 修改拒绝修改
langbao2 初生襁褓狮帖子:11 注册: 2007-04-17 来自:

langbao2 初生襁褓狮帖子:11 注册: 2007-04-17 来自:	发表于： 2007-04-17 21:09 \| 短消息资料字号：小中大 12楼 C:\WINDOWS\regedit.exe HKEY_CLASSES_ROOT\.VBS vbsfile 2007-04-14 12:42 修改拒绝修改 C:\WINDOWS\regedit.exe HKEY_CURRENT_USER\SOFTWARE\POLICIES\MICROSOFT\INTERNET EXPLORER\CONTROL PANEL HomePage 2007-04-14 12:42 修改拒绝修改 C:\WINDOWS\regedit.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER searchurl about:blank 2007-04-14 12:42 修改拒绝修改 C:\WINDOWS\regedit.exe HKEY_CURRENT_USER\SOFTWARE\POLICIES\MICROSOFT\INTERNET EXPLORER\RESTRICTIONS NoViewSource 2007-04-14 12:42 修改拒绝修改 C:\WINDOWS\regedit.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\INTERNET EXPLORER searchurl about:blank 2007-04-14 12:42 修改拒绝修改 C:\WINDOWS\regedit.exe HKEY_LOCAL_MACHINE\SOFTWARE\POLICIES\MICROSOFT\INTERNET EXPLORER\RESTRICTIONS NoViewSource 2007-04-14 12:42 修改拒绝修改 C:\WINDOWS\regedit.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\URL\DEFAULTPREFIX default 2007-04-14 12:42 删除拒绝修改 C:\WINDOWS\regedit.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\URL\PREFIXES www http:// 2007-04-14 12:42 修改拒绝修改 C:\WINDOWS\regedit.exe HKEY_CURRENT_USER\SOFTWARE\POLICIES\MICROSOFT\INTERNET EXPLORER\RESTRICTIONS NoBrowserContextMenu 2007-04-14 12:42 修改拒绝修改 C:\WINDOWS\regedit.exe HKEY_CURRENT_USER\SOFTWARE\POLICIES\MICROSOFT\INTERNET EXPLORER\RESTRICTIONS NoViewSource 2007-04-14 12:42 修改拒绝修改 C:\WINDOWS\regedit.exe HKEY_LOCAL_MACHINE\SOFTWARE\POLICIES\MICROSOFT\INTERNET EXPLORER\RESTRICTIONS NoViewSource 2007-04-14 12:42 修改拒绝修改 C:\WINDOWS\regedit.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN default 2007-04-14 12:42 删除拒绝修改 C:\WINDOWS\regedit.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNSERVICES default 2007-04-14 12:42 删除拒绝修改 C:\WINDOWS\regedit.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE default 2007-04-14 12:42 删除拒绝修改 C:\WINDOWS\system32\ctfmon.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN default 2007-04-14 12:42 添加拒绝修改 C:\WINDOWS\system32\ctfmon.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN default 2007-04-14 12:42 添加拒绝修改 C:\WINDOWS\regedit.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN default 2007-04-14 12:42 添加拒绝修改 C:\WINDOWS\regedit.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN default 2007-04-14 12:42 添加拒绝修改 C:\WINDOWS\regedit.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE default 2007-04-14 12:42 添加拒绝修改 C:\WINDOWS\regedit.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE default 2007-04-14 12:42 添加拒绝修改 C:\WINDOWS\regedit.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNSERVICES default 2007-04-14 12:42 添加拒绝修改 C:\WINDOWS\regedit.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNSERVICES default 2007-04-14 12:42 添加拒绝修改 D:\黄山IE修复专家\hsreg.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS load 2007-04-14 12:42 修改拒绝修改
langbao2 初生襁褓狮帖子:11 注册: 2007-04-17 来自:

langbao2 初生襁褓狮帖子:11 注册: 2007-04-17 来自:	发表于： 2007-04-17 21:10 \| 短消息资料字号：小中大 13楼 D:\黄山IE修复专家\hsreg.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS run 2007-04-14 12:42 修改拒绝修改 D:\黄山IE修复专家\hsreg.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS load 2007-04-14 12:42 删除拒绝修改 D:\黄山IE修复专家\hsreg.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS load 2007-04-14 12:42 修改拒绝修改 D:\黄山IE修复专家\hsreg.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS run 2007-04-14 12:42 修改拒绝修改 D:\黄山IE修复专家\hsreg.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS load 2007-04-14 12:42 删除拒绝修改 C:\WINDOWS\system32\ctfmon.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN default 2007-04-14 13:44 添加拒绝修改 C:\WINDOWS\system32\ctfmon.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN default 2007-04-14 13:45 添加拒绝修改 D:\Bitcomet\BitComet.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN default 2007-04-14 15:20 添加同意修改 C:\WINDOWS\system32\ctfmon.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN default 2007-04-14 15:22 添加同意修改 E:\临时下载文件夹\setup.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN 360Safetray D:\360安全卫士\safemon\360tray.exe 2007-04-14 15:48 修改同意修改 D:\Bitcomet\BitComet.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN default 2007-04-14 20:03 添加同意修改 C:\WINDOWS\system32\ctfmon.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN default 2007-04-14 20:08 添加同意修改 C:\WINDOWS\system32\ctfmon.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN default 2007-04-14 20:18 添加同意修改 D:\Bitcomet\BitComet.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN default 2007-04-14 23:34 添加同意修改 C:\WINDOWS\system32\ctfmon.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN default 2007-04-15 10:56 添加同意修改 C:\WINDOWS\system32\ctfmon.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN default 2007-04-16 18:29 添加同意修改 C:\WINDOWS\system32\ctfmon.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN default 2007-04-17 17:25 添加同意修改 C:\WINDOWS\system32\ctfmon.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN default 2007-04-17 17:36 添加同意修改 D:\360安全卫士\360safe.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS load 2007-04-17 19:05 删除同意修改 D:\360安全卫士\360safe.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH CustomizeSearch http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm 2007-04-17 19:05 修改同意修改 D:\360安全卫士\360safe.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH SearchAssistant http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm 2007-04-17 19:05 修改同意修改 D:\360安全卫士\360safe.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS load 2007-04-17 19:06 删除同意修改 D:\360安全卫士\safemon\360tray.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN 360Safetray D:\360安全卫士\safemon\360tray.exe /start 2007-04-17 19:18 修改同意修改以上是问题1的日志
langbao2 初生襁褓狮帖子:11 注册: 2007-04-17 来自:

langbao2 初生襁褓狮帖子:11 注册: 2007-04-17 来自:	发表于： 2007-04-17 21:13 \| 短消息资料字号：小中大 14楼病毒名称发现日期扫描方式路径文件病毒来源 Trojan.DL.MnLess.ej 2007-04-12 19:46 手动扫描 C: 112.exe>>$WINDIR\temp\host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 19:46 手动扫描 C: 112.exe>>$WINDIR\temp\host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 19:46 手动扫描 C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\QS94V6XB 1260[1].exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 19:46 手动扫描 C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\QS94V6XB 1260[1].exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.IMMSG.TBMSG.dn 2007-04-12 19:46 手动扫描 C:\Documents and Settings\xxx\Local Settings\Temp c1273.exe>>$TEMP\yaku0051.exe 本机 Trojan.DL.MnLess.ej 2007-04-12 19:46 手动扫描 C:\Documents and Settings\xxx\Local Settings\Temporary Internet Files\Content.IE5\H8G9RU1D 109[1].exe>>$WINDIR\temp\host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 19:46 手动扫描 C:\Documents and Settings\xxx\Local Settings\Temporary Internet Files\Content.IE5\H8G9RU1D 109[1].exe>>$WINDIR\temp\host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.IMMSG.TBMSG.dn 2007-04-12 19:47 手动扫描 C:\Documents and Settings\xxx\Local Settings\Temporary Internet Files\Content.IE5\L7MHE42G c1273[1].exe>>$TEMP\yaku0051.exe 本机 Trojan.Clicker.Agent.bdk 2007-04-12 19:48 手动扫描 C:\Program Files\Common Files ad2180.exe>>$COMMONFILES\CPUSH\cpush.tmp 本机 Trojan.DL.MnLess.ej 2007-04-12 19:48 手动扫描 C:\WINDOWS 109.exe>>$WINDIR\temp\host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 19:48 手动扫描 C:\WINDOWS 109.exe>>$WINDIR\temp\host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 19:48 手动扫描 C:\WINDOWS 1260.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 19:48 手动扫描 C:\WINDOWS 1260.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 19:53 手动扫描 C:\WINDOWS\Temp host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 19:53 手动扫描 C:\WINDOWS\Temp host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 19:58 手动扫描 C: 112.exe>>$WINDIR\temp\host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 19:58 手动扫描 C: 112.exe>>$WINDIR\temp\host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 19:58 手动扫描 C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\QS94V6XB 1260[1].exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 19:58 手动扫描 C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\QS94V6XB 1260[1].exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.IMMSG.TBMSG.dn 2007-04-12 19:58 手动扫描 C:\Documents and Settings\xxx\Local Settings\Temp c1273.exe>>$TEMP\yaku0051.exe 本机 Trojan.DL.MnLess.ej 2007-04-12 19:58 手动扫描 C:\Documents and Settings\xxx\Local Settings\Temporary Internet Files\Content.IE5\H8G9RU1D 109[1].exe>>$WINDIR\temp\host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 19:58 手动扫描 C:\Documents and Settings\xxx\Local Settings\Temporary Internet Files\Content.IE5\H8G9RU1D 109[1].exe>>$WINDIR\temp\host.exe>>$TEMP\china-so.exe>>upx_b 本机
langbao2 初生襁褓狮帖子:11 注册: 2007-04-17 来自:

langbao2 初生襁褓狮帖子:11 注册: 2007-04-17 来自:	发表于： 2007-04-17 21:14 \| 短消息资料字号：小中大 15楼 Trojan.IMMSG.TBMSG.dn 2007-04-12 19:58 手动扫描 C:\Documents and Settings\xxx\Local Settings\Temporary Internet Files\Content.IE5\L7MHE42G c1273[1].exe>>$TEMP\yaku0051.exe 本机 Trojan.Clicker.Agent.bdk 2007-04-12 19:58 手动扫描 C:\Program Files\Common Files ad2180.exe>>$COMMONFILES\CPUSH\cpush.tmp 本机 Trojan.DL.MnLess.ej 2007-04-12 19:58 手动扫描 C:\WINDOWS 109.exe>>$WINDIR\temp\host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 19:58 手动扫描 C:\WINDOWS 109.exe>>$WINDIR\temp\host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 19:58 手动扫描 C:\WINDOWS 1260.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 19:58 手动扫描 C:\WINDOWS 1260.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 19:58 手动扫描 C:\WINDOWS\Temp host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 19:58 手动扫描 C:\WINDOWS\Temp host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 20:00 手动扫描 C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\QS94V6XB 1260[1].exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 20:00 手动扫描 C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\QS94V6XB 1260[1].exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.IMMSG.TBMSG.dn 2007-04-12 20:00 手动扫描 C:\Documents and Settings\xxx\Local Settings\Temp c1273.exe>>$TEMP\yaku0051.exe 本机 Trojan.DL.MnLess.ej 2007-04-12 20:01 手动扫描 C:\Documents and Settings\xxx\Local Settings\Temporary Internet Files\Content.IE5\H8G9RU1D 109[1].exe>>$WINDIR\temp\host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 20:01 手动扫描 C:\Documents and Settings\xxx\Local Settings\Temporary Internet Files\Content.IE5\H8G9RU1D 109[1].exe>>$WINDIR\temp\host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.IMMSG.TBMSG.dn 2007-04-12 20:01 手动扫描 C:\Documents and Settings\xxx\Local Settings\Temporary Internet Files\Content.IE5\L7MHE42G c1273[1].exe>>$TEMP\yaku0051.exe 本机 Trojan.Clicker.Agent.bdk 2007-04-12 20:01 手动扫描 C:\Program Files\Common Files ad2180.exe>>$COMMONFILES\CPUSH\cpush.tmp 本机 Trojan.DL.MnLess.ej 2007-04-12 20:02 手动扫描 C:\WINDOWS 109.exe>>$WINDIR\temp\host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 20:02 手动扫描 C:\WINDOWS 109.exe>>$WINDIR\temp\host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 20:02 手动扫描 C:\WINDOWS 1260.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 20:02 手动扫描 C:\WINDOWS 1260.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 20:03 手动扫描 C:\WINDOWS\Temp host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 20:03 手动扫描 C:\WINDOWS\Temp host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 20:20 手动扫描 C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\QS94V6XB 1260[1].exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 20:20 手动扫描 C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\QS94V6XB 1260[1].exe>>$TEMP\china-so.exe>>upx_b 本机
langbao2 初生襁褓狮帖子:11 注册: 2007-04-17 来自:

langbao2 初生襁褓狮帖子:11 注册: 2007-04-17 来自:	发表于： 2007-04-17 21:16 \| 短消息资料字号：小中大 16楼 Trojan.IMMSG.TBMSG.dn 2007-04-12 20:20 手动扫描 C:\Documents and Settings\xxx\Local Settings\Temp c1273.exe>>$TEMP\yaku0051.exe 本机 Trojan.DL.MnLess.ej 2007-04-12 20:20 手动扫描 C:\Documents and Settings\xxx\Local Settings\Temporary Internet Files\Content.IE5\H8G9RU1D 109[1].exe>>$WINDIR\temp\host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 20:20 手动扫描 C:\Documents and Settings\xxx\Local Settings\Temporary Internet Files\Content.IE5\H8G9RU1D 109[1].exe>>$WINDIR\temp\host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.IMMSG.TBMSG.dn 2007-04-12 20:20 手动扫描 C:\Documents and Settings\xxx\Local Settings\Temporary Internet Files\Content.IE5\L7MHE42G c1273[1].exe>>$TEMP\yaku0051.exe 本机 Trojan.Clicker.Agent.bdk 2007-04-12 20:20 手动扫描 C:\Program Files\Common Files ad2180.exe>>$COMMONFILES\CPUSH\cpush.tmp 本机 Trojan.DL.MnLess.ej 2007-04-12 20:20 手动扫描 C:\WINDOWS 109.exe>>$WINDIR\temp\host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 20:20 手动扫描 C:\WINDOWS 109.exe>>$WINDIR\temp\host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 20:20 手动扫描 C:\WINDOWS 1260.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 20:20 手动扫描 C:\WINDOWS 1260.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 20:20 手动扫描 C:\WINDOWS\Temp host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 20:20 手动扫描 C:\WINDOWS\Temp host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 20:21 手动扫描 C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\QS94V6XB 1260[1].exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 20:21 手动扫描 C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\QS94V6XB 1260[1].exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.IMMSG.TBMSG.dn 2007-04-12 20:21 手动扫描 C:\Documents and Settings\xxx\Local Settings\Temp c1273.exe>>$TEMP\yaku0051.exe 本机 Trojan.DL.MnLess.ej 2007-04-12 20:21 手动扫描 C:\Documents and Settings\xxx\Local Settings\Temporary Internet Files\Content.IE5\H8G9RU1D 109[1].exe>>$WINDIR\temp\host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 20:21 手动扫描 C:\Documents and Settings\xxx\Local Settings\Temporary Internet Files\Content.IE5\H8G9RU1D 109[1].exe>>$WINDIR\temp\host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.IMMSG.TBMSG.dn 2007-04-12 20:21 手动扫描 C:\Documents and Settings\xxx\Local Settings\Temporary Internet Files\Content.IE5\L7MHE42G c1273[1].exe>>$TEMP\yaku0051.exe 本机 Trojan.Clicker.Agent.bdk 2007-04-12 20:21 手动扫描 C:\Program Files\Common Files ad2180.exe>>$COMMONFILES\CPUSH\cpush.tmp 本机 Trojan.DL.MnLess.ej 2007-04-12 20:21 手动扫描 C:\WINDOWS 109.exe>>$WINDIR\temp\host.exe>>$TEMP\china-so.exe>>upx_b 本机
langbao2 初生襁褓狮帖子:11 注册: 2007-04-17 来自:

勇闯猪罗纪健康舞勺狮帖子:256 注册: 2007-03-18 来自:	发表于： 2007-04-17 21:16 \| 短消息资料字号：小中大 17楼这是什么东东扫出来的日志? 看着真不习惯哈哈下载 System Repair Engineer， http://www.kztechs.com/sreng/download.html 1 解压缩sreng2.zip (在正常模式下不要在安全模式下扫描) 2 关闭一切多余的程序。不然扫出来的日志太乱。 3 运行SREng.exe 4 智能扫描=》扫描=》保存报告 5 把日志中的报告完整拷贝贴上来，不要修改
勇闯猪罗纪健康舞勺狮帖子:256 注册: 2007-03-18 来自:

langbao2 初生襁褓狮帖子:11 注册: 2007-04-17 来自:	发表于： 2007-04-17 21:17 \| 短消息资料字号：小中大 18楼 Trojan.DL.MnLess.ej 2007-04-12 20:21 手动扫描 C:\WINDOWS 109.exe>>$WINDIR\temp\host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 20:21 手动扫描 C:\WINDOWS 1260.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 20:21 手动扫描 C:\WINDOWS 1260.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 20:21 手动扫描 C:\WINDOWS\Temp host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 20:21 手动扫描 C:\WINDOWS\Temp host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.IMMSG.TBMSG.dn 2007-04-12 20:22 手动扫描 C:\Documents and Settings\xxx\Local Settings\Temp c1273.exe>>$TEMP\yaku0051.exe 本机 Trojan.DL.MnLess.ej 2007-04-12 20:23 手动扫描 C:\Documents and Settings\xxx\Local Settings\Temporary Internet Files\Content.IE5\H8G9RU1D 109[1].exe>>$WINDIR\temp\host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 20:23 手动扫描 C:\Documents and Settings\xxx\Local Settings\Temporary Internet Files\Content.IE5\H8G9RU1D 109[1].exe>>$WINDIR\temp\host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 20:23 手动扫描 C:\Documents and Settings\xxx\Local Settings\Temporary Internet Files\Content.IE5\H8G9RU1D 109[1].exe>>$WINDIR\temp\host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 20:23 手动扫描 C:\Documents and Settings\xxx\Local Settings\Temporary Internet Files\Content.IE5\H8G9RU1D 109[1].exe>>$WINDIR\temp\host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.IMMSG.TBMSG.dn 2007-04-12 20:24 手动扫描 C:\Documents and Settings\xxx\Local Settings\Temporary Internet Files\Content.IE5\L7MHE42G c1273[1].exe>>$TEMP\yaku0051.exe 本机 Trojan.Clicker.Agent.bdk 2007-04-12 20:25 手动扫描 C:\Program Files\Common Files ad2180.exe>>$COMMONFILES\CPUSH\cpush.tmp 本机 Trojan.DL.MnLess.ej 2007-04-12 20:26 手动扫描 C:\WINDOWS 109.exe>>$WINDIR\temp\host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 20:26 手动扫描 C:\WINDOWS 109.exe>>$WINDIR\temp\host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 20:26 手动扫描 C:\WINDOWS 1260.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 20:26 手动扫描 C:\WINDOWS 1260.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 20:27 手动扫描 C:\WINDOWS 1260.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 20:27 手动扫描 C:\WINDOWS 1260.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 20:29 手动扫描 C:\WINDOWS\Temp host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.MnLess.ej 2007-04-12 20:29 手动扫描 C:\WINDOWS\Temp host.exe>>$TEMP\china-so.exe>>upx_b 本机 Trojan.DL.Small.uua 2007-04-13 19:07 手动扫描 C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MTZDFHMX eb10[1].exe>>$SYSDIR\drivers\drwtsm32.exe 本机 Trojan.DL.Small.uua 2007-04-13 19:10 手动扫描 C:\WINDOWS eb10.exe>>$SYSDIR\drivers\drwtsm32.exe 本机 Trojan.DL.MNLess.oq 2007-04-14 15:29 文件监控 C:\System Volume Information\_restore{B3BD4BE9-F09E-40CD-9902-890FC0244E3A}\RP109\A0034063.exe>>$TEMP\$TEMP\574.exe>>$TEMPDoSSSetup.dll Trojan.DL.Small.uua 2007-04-14 15:29 文件监控 C:\System Volume Information\_restore{B3BD4BE9-F09E-40CD-9902-890FC0244E3A}\RP114\A0036107.exe>>$SYSDIR\drivers drwtsm32.exe Trojan.DL.MNLess.oq 2007-04-14 20:43 文件监控 C:\System Volume Information\_restore{B3BD4BE9-F09E-40CD-9902-890FC0244E3A}\RP109\A0034063.exe>>$TEMP\$TEMP\574.exe>>$TEMPDoSSSetup.dll Trojan.DL.Small.uua 2007-04-14 20:43 文件监控 C:\System Volume Information\_restore{B3BD4BE9-F09E-40CD-9902-890FC0244E3A}\RP114\A0036107.exe>>$SYSDIR\drivers drwtsm32.exe Trojan.DL.MNLess.oq 2007-04-14 21:01 文件监控 C:\System Volume Information\_restore{B3BD4BE9-F09E-40CD-9902-890FC0244E3A}\RP109\A0034063.exe>>$TEMP\$TEMP\574.exe>>$TEMPDoSSSetup.dll Trojan.DL.Small.uua 2007-04-14 21:01 文件监控 C:\System Volume Information\_restore{B3BD4BE9-F09E-40CD-9902-890FC0244E3A}\RP114\A0036107.exe>>$SYSDIR\drivers drwtsm32.exe Trojan.DL.MNLess.oq 2007-04-15 13:57 文件监控 C:\System Volume Information\_restore{B3BD4BE9-F09E-40CD-9902-890FC0244E3A}\RP109\A0034063.exe>>$TEMP\$TEMP\574.exe>>$TEMPDoSSSetup.dll Trojan.DL.Small.uua 2007-04-15 13:57 文件监控 C:\System Volume Information\_restore{B3BD4BE9-F09E-40CD-9902-890FC0244E3A}\RP114\A0036107.exe>>$SYSDIR\drivers drwtsm32.exe
langbao2 初生襁褓狮帖子:11 注册: 2007-04-17 来自:

langbao2 初生襁褓狮帖子:11 注册: 2007-04-17 来自:	发表于： 2007-04-17 21:19 \| 短消息资料字号：小中大 19楼以上是问题2的日志至16楼。不好意，我不太会，我直接用的瑞星日志查看然后点的导出日志。。
langbao2 初生襁褓狮帖子:11 注册: 2007-04-17 来自:

<<上一主题|下一主题>>

12

2 / 2 页

跳转页

页面顶部

Powered by Discuz!NT