瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 用卡卡助手扫描到流氓软件“恶意程序SVCH0ST”却清除不掉,怎么办啊?

12   1  /  2  页   跳转

[已解决] 用卡卡助手扫描到流氓软件“恶意程序SVCH0ST”却清除不掉,怎么办啊?

收藏
byzch001
头像
初生襁褓狮
  • 帖子:30
  • 注册: 2007-01-20
  • 来自:
发表于: 2009-09-13 10:30 | 只看楼主 短消息 资料
字号: 1楼

用卡卡助手扫描到流氓软件“恶意程序SVCH0ST”却清除不掉,怎么办啊?

各位朋友:
电脑上网不稳定,经常断网,有时虽然显示宽带已连接,但是QQ和网页却都无法连接。
用卡卡助手扫描流氓软件,发现有个恶意程序SVCH0ST,点清除后,重启清除。
重启后,不连接宽带,再扫描没有了,但是宽带连接后,这个东西又出现。
请教各位高手:
1、宽带网络不畅通是与这个流氓程序有关吗?
2、怎么样能彻底删除这个流氓程序?

在此先谢谢各位啦~~



用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
最后编辑byzch001 最后编辑于 2009-09-13 12:20:41
分享到:
gototop
 
aaccbbdd
头像
卡卡巡查
  • 帖子:45933
  • 注册: 2007-11-17
  • 来自:蜀山仙剑派
论坛8周年活动礼物卡卡名人堂祖国六十华诞09欢乐圣诞吃货勋章2012我眼中的你们幸福玫瑰
发表于: 2009-09-13 10:37 | 短消息 资料
字号: 2楼

回复:用卡卡助手扫描到流氓软件“恶意程序SVCH0ST”却清除不掉,怎么办啊?

貌似是一后门。。


Sreng官方下载
SREng/智能扫描(记得勾选“检查进程的数字签名)
等扫描完成,保存日志(LOG格式)
PS:如主程序SREng**.exe无法运行,导致无法扫描日志
将主程序改名为我爱小狮子.bat
或我爱小狮子.scr
日志放入附件
(点击我这贴右下角的“引用”或最右下角的那个较大的“回复”然后就应该知道怎么发了。)
gototop
 
byzch001
头像
初生襁褓狮
  • 帖子:30
  • 注册: 2007-01-20
  • 来自:
发表于: 2009-09-13 10:55 | 只看楼主 短消息 资料
字号: 3楼

回复: 用卡卡助手扫描到流氓软件“恶意程序SVCH0ST”却清除不掉,怎么办啊?

谢谢aa~~
日志上来了。

附件附件:

文件名:SREngLOG.log
下载次数:147
文件类型:application/octet-stream
文件大小:
上传时间:2009-9-13 10:55:18
描述:log
gototop
 
夲號ヱ被ジ盜
头像
叱咤花甲狮
  • 帖子:7083
  • 注册: 2008-08-21
  • 来自:昆仑琼华派
论坛8周年活动礼物就爱不长大论坛9周年纪念冰激凌10温馨圣诞十周年国庆61周年十一周年勋章
发表于: 2009-09-13 10:59 | 短消息 资料
字号: 4楼

回复:用卡卡助手扫描到流氓软件“恶意程序SVCH0ST”却清除不掉,怎么办啊?

C:\WINDOWS\system\ssms.exe
找到后压缩发上来
gototop
 
byzch001
头像
初生襁褓狮
  • 帖子:30
  • 注册: 2007-01-20
  • 来自:
发表于: 2009-09-13 11:02 | 只看楼主 短消息 资料
字号: 5楼

回复: 用卡卡助手扫描到流氓软件“恶意程序SVCH0ST”却清除不掉,怎么办啊?

正在运行的进程
[PID: 568 / SYSTEM][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 640 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 664 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 708 / SYSTEM][C:\WINDOWS\system32\services.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 720 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 872 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 936 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1056 / SYSTEM][C:\Program Files\Rising\Rav\CCENTER.EXE]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\Rav\combase.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
    [C:\Program Files\Rising\Rav\cnt09.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37]
    [C:\Program Files\Rising\Rav\cnt08.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1064 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1108 / SYSTEM][C:\Program Files\Rising\Rav\RavTask.exe]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
    [C:\Program Files\Rising\Rav\proccomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Rising\Rav\rsconf.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\Rav\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.20]
    [C:\Program Files\Rising\Rav\rstask.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 40]
    [C:\Program Files\Rising\Rav\rsstub.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1240 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1420 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1492 / SYSTEM][C:\Program Files\Rising\Rav\RavMonD.exe]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\Rav\combase.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Rising\Rav\moncomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13]
    [C:\Program Files\Rising\Rav\MonBase.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6]
    [C:\Program Files\Rising\Rav\Rslog.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.41]
    [C:\Program Files\Rising\Rav\mondrv.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9]
    [C:\Program Files\Rising\Rav\defmon.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 31]
    [C:\Program Files\Rising\Rav\moncom08.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
    [C:\Program Files\Rising\Rav\MonRule.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9]
    [C:\Program Files\Rising\Rav\FileMon.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28]
    [C:\Program Files\Rising\Rav\MailMon.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24]
    [C:\Program Files\Rising\Rav\HookWeb.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [C:\Program Files\Rising\Rav\proccomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [C:\Program Files\Rising\Rav\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.20]
    [C:\Program Files\Rising\Rav\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\Rav\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\Program Files\Rising\Rav\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [C:\Program Files\Rising\Rav\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [C:\Program Files\Rising\Rav\HookCont.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 12]
    [C:\Program Files\Rising\Rav\rsnetsvr.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14]
    [C:\Program Files\Rising\Rav\ScanAdd.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.19]
    [C:\Program Files\Rising\Rav\Scanner.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.39]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\Rav\recomp.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\Rav\refs.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5]
    [C:\Program Files\Rising\Rav\viruslib.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5]
    [C:\Program Files\Rising\Rav\relibldr.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6]
[PID: 1488 / Administrator][C:\WINDOWS\Explorer.EXE]  [(Verified) Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
    [c:\documents and settings\administrator\application data\ppstream\bin\1.0.0.2\vodrc.dll]  [ppstream.com, 1.0.0.2]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [腾讯, 5, 0, 4, 15]
    [C:\WINDOWS\system32\shdoclc.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\browselc.dll]  [Microsoft Corporation, 6.00.2600.0000]
    [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll]  [Microsoft Corporation, 5.1.3102.5581 (xpsp_sp3_qfe.080415-1416)]
    [C:\Program Files\TENCENT\SSPlus\SAddr1.dll]  [腾讯, 5, 1, 10, 10]
    [C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.16]
    [C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 44]
[PID: 1552 / SYSTEM][C:\Program Files\Rising\Rav\rsnetsvr.exe]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 15]
    [C:\Program Files\Rising\Rav\NComm.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.12]
    [C:\Program Files\Rising\Rav\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
    [C:\Program Files\Rising\Rav\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\Rav\ProcComm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1816 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1876 / Administrator][C:\WINDOWS\system32\hkcmd.exe]  [Intel Corporation, 3.0.0.4396]
    [C:\WINDOWS\system32\hccutils.DLL]  [Intel Corporation, 3.0.0.4396]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.4396]
    [C:\WINDOWS\system32\igfxres.dll]  [Intel Corporation, 3.0.0.4396]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [腾讯, 5, 0, 4, 15]
[PID: 1928 / Administrator][C:\WINDOWS\system32\igfxpers.exe]  [Intel Corporation, 3.0.0.4396]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.4396]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [腾讯, 5, 0, 4, 15]
[PID: 1956 / Administrator][C:\WINDOWS\SOUNDMAN.EXE]  [Realtek Semiconductor Corp., 5, 1, 0, 59]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [腾讯, 5, 0, 4, 15]
[PID: 1984 / Administrator][C:\Program Files\Rising\Rav\RsTray.exe]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.22]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\Rav\ComServ.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.49]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Rising\Rav\rslang.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28]
    [C:\Program Files\Rising\Rav\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\Rav\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [腾讯, 5, 0, 4, 15]
    [C:\Program Files\Rising\Rav\rsxml.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\Rav\ProcComm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [C:\Program Files\Rising\Rav\MonState.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7]
    [C:\Program Files\Rising\Rav\ScanEvnt.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.14]
    [C:\Program Files\Rising\Rav\rsguilib.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 75]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Rising\Rav\rsconf.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\Rav\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.20]
    [C:\Program Files\Rising\Rav\rspalvd.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.26]
    [C:\Program Files\Rising\Rav\ravbintl.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 29]
    [C:\Program Files\Rising\Rav\mruleui.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10]
    [C:\Program Files\Rising\Rav\MonTray.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.1.4]
    [C:\Program Files\Rising\Rav\PngDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\Rav\RavITray.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23]
    [C:\Program Files\Rising\Rav\ScanPrxy.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.17]
    [C:\Program Files\Rising\Rav\rsmginfo.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
[PID: 2032 / Administrator][C:\WINDOWS\system32\Rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [腾讯, 5, 0, 4, 15]
[PID: 2044 / Administrator][C:\Program Files\Rising\AntiSpyware\rstray.exe]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.17]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
    [C:\Program Files\Rising\AntiSpyware\rsmginfo.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [腾讯, 5, 0, 4, 15]
    [C:\Program Files\Rising\AntiSpyware\RsXML.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2]
    [C:\Program Files\Rising\AntiSpyware\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Rising\AntiSpyware\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Rising\AntiSpyware\ComServ.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.31]
    [C:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\Program Files\Rising\AntiSpyware\rscommon.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.1.1]
    [C:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\AntiSpyware\pngdll.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5]
    [C:\Program Files\Rising\AntiSpyware\runiep.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.43]
    [C:\Program Files\Rising\AntiSpyware\NComm.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.11]
    [C:\Program Files\Rising\Rav\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [C:\Program Files\Rising\AntiSpyware\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
[PID: 160 / Administrator][C:\WINDOWS\system32\ctfmon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [腾讯, 5, 0, 4, 15]
[PID: 1164 / Administrator][C:\Program Files\Rising\AntiSpyware\knownsvr.exe]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.14]
    [C:\Program Files\Rising\AntiSpyware\NComm.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.11]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
    [C:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
[PID: 1140 / SYSTEM][C:\WINDOWS\system\ssms.exe]  [N/A, ]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
    [C:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
[PID: 624 / SYSTEM][C:\Program Files\Rising\Rav\ScanFrm.exe]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.12]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
    [C:\Program Files\Rising\Rav\combase.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [C:\Program Files\Rising\Rav\moncomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13]
    [C:\Program Files\Rising\Rav\scansrvp.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.13]
    [C:\Program Files\Rising\Rav\proccomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [C:\Program Files\Rising\Rav\ScanSrv.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.10]
    [C:\Program Files\Rising\Rav\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\Rav\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3732 / NETWORK SERVICE][C:\WINDOWS\system32\locator.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
    [C:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
gototop
 
byzch001
头像
初生襁褓狮
  • 帖子:30
  • 注册: 2007-01-20
  • 来自:
发表于: 2009-09-13 11:04 | 只看楼主 短消息 资料
字号: 6楼

回复: 用卡卡助手扫描到流氓软件“恶意程序SVCH0ST”却清除不掉,怎么办啊?

[PID: 1012 / Administrator][D:\Program Files\Tencent\QQ\QQ.exe]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\Tencent\QQ\QQBaseClassInDll.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\Tencent\QQ\QQHelperDll.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\Tencent\QQ\BasicCtrlDll.dll]  [TENCENT, 8,0,978,1833]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [腾讯, 5, 0, 4, 15]
    [C:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [D:\Program Files\Tencent\QQ\QQAPI.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\Tencent\QQ\LoginCtrl.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\Tencent\QQ\LoginCtrlRes.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\Tencent\QQ\QQRes.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\Tencent\QQ\QQMainFrame.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\Tencent\QQ\gdiplus.dll]  [Microsoft Corporation, 5.1.3102.3352 (xpsp_sp2_qfe.080415-1302)]
    [D:\Program Files\Tencent\QQ\QQPlugin.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\Tencent\QQ\UnReadMsgMgr.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\Tencent\QQ\QQAllInOne.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\Tencent\QQ\SCCore.dll]  [TENCENT, 1, 6, 0, 2]
    [D:\Program Files\Tencent\QQ\CameraDll.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\Tencent\QQ\CQQApplication.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\Tencent\QQ\FlashAvatarDll.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Tencent\QQ\NewSkin.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\Tencent\QQ\MailSummary.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\Tencent\QQ\QQSpace.dll]  [TENCENT, 8,0,978,1833]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx]  [Adobe Systems, Inc., 9,0,47,0]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [D:\Program Files\Tencent\QQ\OEMApplication.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\Tencent\QQ\QQAvatar.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\Tencent\QQ\QQKnowledgeSearch.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\Tencent\QQ\QQGroupMng.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\Tencent\QQ\QQPet.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\Tencent\QQ\QQSysMsgMng.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\Tencent\QQ\UserDefinedHead.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\Tencent\QQ\QQConfigPlugin.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\Tencent\QQ\QQCustomFace.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\Tencent\QQ\QRingMng.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\Tencent\QQ\LongConnection.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\Tencent\QQ\PhoneAPI.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\Tencent\QQ\DialerAllinOne.dll]  [tencent, 1, 4, 0, 0]
    [D:\Program Files\Tencent\QQ\BQQApplication.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\Tencent\QQ\CommercesMng.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\Tencent\QQ\PersonalDesktop.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\Tencent\QQ\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 330]
    [D:\Program Files\Tencent\QQ\QQSceneMng.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\Tencent\QQ\AddrSearch.dll]  [Tencent, 2, 3, 14, 10]
    [D:\Program Files\Tencent\QQ\ImageOle.dll]  [TENCENT, 8,0,978,1833]
    [D:\Program Files\Tencent\QQ\QQLiveQMng.dll]  [TENCENT, 8,0,978,1833]
    [c:\documents and settings\administrator\application data\ppstream\bin\1.0.0.2\vodrc.dll]  [ppstream.com, 1.0.0.2]
[PID: 2436 / Administrator][d:\Program Files\Tencent\QQ\TXPlatform.exe]  [Tencent, 1, 5, 225, 0]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
    [C:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [腾讯, 5, 0, 4, 15]
[PID: 1032 / Administrator][C:\Program Files\Rising\AntiSpyware\ras.exe]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.7]
    [C:\Program Files\Rising\AntiSpyware\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Rising\AntiSpyware\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [腾讯, 5, 0, 4, 15]
    [C:\Program Files\Rising\AntiSpyware\KakaMgr.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.29]
    [C:\Program Files\Rising\AntiSpyware\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\Program Files\Rising\Rav\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [C:\Program Files\Rising\AntiSpyware\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [C:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\AntiSpyware\dbmgr.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.4]
    [C:\Program Files\Rising\AntiSpyware\RSXML.DLL]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2]
    [C:\Program Files\Rising\AntiSpyware\pweb.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.23]
    [C:\Program Files\Rising\AntiSpyware\pscan.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.69]
    [C:\Program Files\Rising\AntiSpyware\NComm.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.11]
    [C:\Program Files\Rising\AntiSpyware\pset.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.12]
    [C:\Program Files\Rising\AntiSpyware\pdefend.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.14]
    [C:\Program Files\Rising\AntiSpyware\ptools.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.17]
    [C:\Program Files\Rising\AntiSpyware\psysinfo.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.57]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
    [C:\Program Files\Rising\AntiSpyware\PngDll.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5]
    [C:\WINDOWS\system32\shdoclc.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.78]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx]  [Adobe Systems, Inc., 9,0,47,0]
    [C:\Program Files\Rising\AntiSpyware\engine.dll]  [Beijing Rising Information Technology Co., Ltd., 19, 0, 0, 26]
    [C:\Program Files\Rising\AntiSpyware\zip.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 0]
[PID: 3888 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
    [C:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [腾讯, 5, 0, 4, 15]
    [C:\Program Files\TENCENT\SSPlus\SAddr1.dll]  [腾讯, 5, 1, 10, 10]
    [C:\WINDOWS\system32\browselc.dll]  [Microsoft Corporation, 6.00.2600.0000]
    [c:\documents and settings\administrator\application data\ppstream\bin\1.0.0.2\vodrc.dll]  [ppstream.com, 1.0.0.2]
    [C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.16]
    [C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 44]
    [C:\WINDOWS\system32\UrlFilter.dll]  [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15]
    [C:\Program Files\Rising\AntiSpyware\UrlRule.dll]  [Beijing Rising Information Technology Co., Ltd., 1.0.0.15]
    [C:\WINDOWS\system32\shdoclc.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.78]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx]  [Adobe Systems, Inc., 9,0,47,0]
    [C:\WINDOWS\SYSTEM\msxml3.dll]  [Microsoft Corporation, 8.20.8730.1]
    [C:\WINDOWS\system32\SOGOUPY.IME]  [Sogou.com Inc., 4.2.3.2813]
    [C:\Program Files\SogouInput\4.2.3.2813\Resource.dll]  [Sogou.com Inc., 4.2.3.2813]
    [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll]  [Microsoft Corporation, 5.1.3102.5581 (xpsp_sp3_qfe.080415-1416)]
    [C:\Program Files\Thunder\ComDlls\ThunderAgent_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 4, 23]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
[PID: 10148 / Administrator][C:\Program Files\Thunder\Program\Thunder5.exe]  [Thunder Networking Technologies,LTD, 5.7.4.401]
    [C:\Program Files\Thunder\Program\ThunderEx.dll]  [, 1, 2, 1, 17]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [腾讯, 5, 0, 4, 15]
    [C:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\Program Files\Thunder\Program\TaskManager.dll]  [Thunder Networking Technologies,LTD, 1, 2, 4, 38]
    [C:\Program Files\Thunder\Program\download_interface.dll]  [Thunder Networking Technologies,LTD, 2, 19, 2, 180]
    [C:\Program Files\Thunder\Program\stlport_vc646.dll]  [STLport Consulting, Inc., 4.6.2003.1031]
    [C:\Program Files\Thunder\Program\asyn_dns.dll]  [Thunder Networking Technologies,LTD, 2, 19, 2, 180]
    [C:\Program Files\Thunder\Program\streammedialib.dll]  [, 1, 2, 0, 78]
    [C:\Program Files\Thunder\Program\al.dll]  [, 1, 0, 1, 1]
    [C:\Program Files\Thunder\Program\XLNet.Dll]  [Thunder Networking Technologies,LTD, 1, 2, 1, 9]
    [C:\Program Files\Thunder\Program\BHOStub.dll]  [Thunder Networking Technologies,LTD, 1, 1, 0, 8]
    [C:\Program Files\Thunder\Program\iTargetAD.dll]  [N/A, ]
    [c:\documents and settings\administrator\application data\ppstream\bin\1.0.0.2\vodrc.dll]  [ppstream.com, 1.0.0.2]
    [C:\Program Files\Thunder\Components\Community\XLCommunity.dll]  [Thunder Networking Technologies,LTD, 1, 4, 2, 0]
    [C:\Program Files\Thunder\Program\XLCommunityEx.dll]  [N/A, ]
    [C:\Program Files\Thunder\Program\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 2, 16, 5, 61]
    [C:\Program Files\Thunder\Program\MSVCIRT.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Thunder\Plugins\BhoAdv\bho_adv.dll]  [深圳市迅雷网络技术有限公司, 1.0.1.0]
    [C:\WINDOWS\SYSTEM\msxml3.dll]  [Microsoft Corporation, 8.20.8730.1]
    [C:\Program Files\Thunder\Components\ExplorerHelper\ExplorerHelper.dll]  [Thunder Networking Technologies,LTD, 1, 0, 4, 16]
    [C:\Program Files\Thunder\Components\DownloadStat\DownloadStat.dll]  [深圳市迅雷网络技术有限公司, 1, 3, 1, 4]
[PID: 9892 / Administrator][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, ]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
    [C:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [腾讯, 5, 0, 4, 15]
    [c:\documents and settings\administrator\application data\ppstream\bin\1.0.0.2\vodrc.dll]  [ppstream.com, 1.0.0.2]
    [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll]  [Microsoft Corporation, 5.1.3102.5581 (xpsp_sp3_qfe.080415-1416)]
[PID: 9480 / Administrator][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX13.360\SREngLdr.EXE]  [Smallfrogs Studio, 2.8.1.1279]
[PID: 9512 / Administrator][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX13.360\SRE9b4eb966.EXE]  [Smallfrogs Studio, 2.8.1.1279]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [腾讯, 5, 0, 4, 15]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX13.360\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
[PID: 9612 / SYSTEM][C:\WINDOWS\system32\svch0st.exe]  [N/A, ]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 39]
    [C:\Program Files\Rising\AntiSpyware\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\AntiSpyware\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
gototop
 
天月来了
头像
版主
  • 帖子:76900
  • 注册: 2007-02-06
  • 来自:
发表于: 2009-09-13 11:06 | 短消息 资料
字号: 7楼

回复:用卡卡助手扫描到流氓软件“恶意程序SVCH0ST”却清除不掉,怎么办啊?

是要你找C:\WINDOWS\system\ssms.exe这个实际文件压缩发上来

不是要你去SRENG日志里找什么ssms.exe那一行的内容发上来
百年以后,你的墓碑旁 刻着的名字不是我
gototop
 
天月来了
头像
版主
  • 帖子:76900
  • 注册: 2007-02-06
  • 来自:
发表于: 2009-09-13 11:08 | 短消息 资料
字号: 8楼

回复:用卡卡助手扫描到流氓软件“恶意程序SVCH0ST”却清除不掉,怎么办啊?

这里下载费尔木马强力清除助手,点选“抑制文件再生”删除下面文件。
附件: 费 尔.rar(内附说明)(右键选择“目标另存为”下载)本链接不支持迅雷等下载工具下载

删除:
C:\WINDOWS\system\ssms.exe
C:\WINDOWS\system32\svch0st.exe

不论删除结果如何立即重启电脑,看情况如何。

注意svch0st.exe文件,病毒的是数字0,不是你以为的字母O

弄错了,你就死定了
百年以后,你的墓碑旁 刻着的名字不是我
gototop
 
byzch001
头像
初生襁褓狮
  • 帖子:30
  • 注册: 2007-01-20
  • 来自:
发表于: 2009-09-13 11:09 | 只看楼主 短消息 资料
字号: 9楼

回复: 用卡卡助手扫描到流氓软件“恶意程序SVCH0ST”却清除不掉,怎么办啊?



引用:
原帖由 夲號ヱ被ジ盜 于 2009-9-13 10:59:00 发表
C:\WINDOWS\system\ssms.exe
找到后压缩发上来


怎么压缩呢?我不会呀。上边那样的行不行啊?
gototop
 
夲號ヱ被ジ盜
头像
叱咤花甲狮
  • 帖子:7083
  • 注册: 2008-08-21
  • 来自:昆仑琼华派
论坛8周年活动礼物就爱不长大论坛9周年纪念冰激凌10温馨圣诞十周年国庆61周年十一周年勋章
发表于: 2009-09-13 11:10 | 短消息 资料
字号: 10楼

回复: 用卡卡助手扫描到流氓软件“恶意程序SVCH0ST”却清除不掉,怎么办啊?

文件提取处理器.rar
右键-目标另存为
下载后解压缩提取以下文件
【压缩包内有截图说明】

C:\WINDOWS\system32\svch0st.exe
C:\WINDOWS\system\ssms.exe

不会的话,QQ号拿来【有风险的啊...】
最后编辑夲號ヱ被ジ盜 最后编辑于 2009-09-13 11:11:03
gototop
 
<<上一主题|下一主题>>
12   1  /  2  页   跳转
页面顶部
Powered by Discuz!NT