求助！！中了病毒杀不掉 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛求助！！中了病毒杀不掉

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

求助！！中了病毒杀不掉

小米苏苏初生襁褓狮帖子:3 注册: 2007-02-23 来自:	发表于： 2007-02-23 12:48 \| 只看楼主短消息资料字号：小中大 1楼求助！！中了病毒杀不掉这是扫描的日志，高手帮帮忙！！ 2007-02-23,12:30:18 System Repair Engineer 2.3.13.690 Smallfrogs (http://www.KZTechs.com) Windows XP Home Edition Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能以下内容被选中：所有的启动项目（包括注册表、启动文件夹、服务等）浏览器加载项正在运行的进程（包括进程模块信息）文件关联 Winsock 提供者 Autorun.inf HOSTS 文件启动项目注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Corporation] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] <333><C:\Syswm1a\svchost.exe> [N/A] [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] <load><> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Corporation] <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [(Verified)Microsoft Corporation] <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [(Verified)Microsoft Corporation] <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup> [(Verified)NVIDIA Corporation] <nwiz><nwiz.exe /install> [N/A] <NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit> [(Verified)NVIDIA Corporation] <SoundMan><SOUNDMAN.EXE> [(Verified)Realtek Semiconductor Corp.] <DingolOKS><C:\Program Files\Lenovo\Dinoks\DingolOKS.exe> [Lenovo] <DingolVLR><C:\Program Files\联想（Lenovo）\LenovoDingol\DingolVLR.exe> [Bitland Information Technology Co.,Ltd.] <IMCServerAutoStart><C:\Program Files\Lenovo\IMCSvr\IMCSvr.exe> [InterVideo Inc.] <DMXLauncher><C:\Program Files\Lenovo\dvdburning\DMXLauncher.exe> [N/A] <Mydevice><"C:\Program Files\Common Files\Lenovo\digitalsuit\commondll\MyDevice.exe"> [N/A] <BigDogPath><C:\WINDOWS\VM_STI.EXE USB PC Camera 301x> [N/A] <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.] <StormCodec_Helper><"C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti> [N/A] <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system> [Beijing Rising Technology Co., Ltd.] <LaLaShow><C:\DOCUME~1\lenovo\LOCALS~1\Temp\zz.exe> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] <RavStub><"C:\Program Files\Rising\Rav\ravstub.exe" /RUNONCE> [Beijing Rising Technology Co., Ltd.] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <shell><Explorer.exe> [(Verified)Microsoft Corporation] <Userinit><C:\WINDOWS\system32\userinit.exe> [(Verified)Microsoft Corporation] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] <AppInit_DLLs><> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <UIHost><logonui.exe> [(Verified)Microsoft Corporation] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll> [Beijing Rising Technology Co., Ltd.] <{DEC39E0E-F1F2-41E5-80B8-592A67AB0AA5}><C:\Program Files\Common Files\Microsoft Shared\MSINFO\NewInfo.rxk> [N/A] <{754FB7D8-B8FE-4810-B363-A788CD060F1F}><C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys> [N/A] ================================== 启动文件夹 N/A ================================== 服务 [Application Management / AppMgmt][Stopped/Manual Start] <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A> [ASP.NET State Service / aspnet_state][Stopped/Manual Start] <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation> [Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start] <C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.> [Shanda HidHook Service / HidHook][Stopped/Auto Start] <C:\WINDOWS\system32\hidhook.exe><Shanda Computer (Shanghai) Co., Ltd.> [Human Interface Device Access / HidServ][Stopped/Disabled] <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A> [Shanda Joy2Mouse Service / Joy2Mouse][Stopped/Auto Start] <C:\WINDOWS\system32\Joy2Mouse.exe><N/A> [NVIDIA Display Driver Service / NVSvc][Stopped/Auto Start] <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation> [Rising Process Communication Center / RsCCenter][Running/Auto Start] <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.> [Rising RealTime Monitor / RsRavMon][Running/Auto Start] <"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.> [SCCMonitor / SCCMonitor][Running/Auto Start] <"C:\Program Files\Lenovo\联想智能控制中心\SCC\SCCMonitor.exe"><N/A> [Shanda Update Service / SDUS][Running/Auto Start] <"C:\WINDOWS\system32\sdus\SDUSvc.exe"><Shanda Networking Co.,Ltd> [Ulead Burning Helper / UleadBurningHelper][Running/Auto Start] <C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe><Ulead Systems, Inc.> [Audio Adapter / VGADown][Stopped/Manual Start] <2 - 系统找不到指定的文件。 ><N/A> 2007-02-23 13:25:32
小米苏苏初生襁褓狮帖子:3 注册: 2007-02-23 来自:	分享到：

小米苏苏初生襁褓狮帖子:3 注册: 2007-02-23 来自:	发表于： 2007-02-23 13:02 \| 只看楼主短消息资料字号：小中大 2楼正在运行的进程 [PID: 480][\SystemRoot\System32\smss.exe] [PID: 536][\??\C:\WINDOWS\system32\csrss.exe] [PID: 568][\??\C:\WINDOWS\system32\winlogon.exe] [C:\WINDOWS\system32\Ati2evxx.dll] [PID: 612][C:\WINDOWS\system32\services.exe] [PID: 624][C:\WINDOWS\system32\lsass.exe] [PID: 776][C:\WINDOWS\system32\Ati2evxx.exe] [C:\WINDOWS\system32\Ati2edxx.dll] [C:\WINDOWS\Server.DLL] [N/A, N/A] [PID: 804][C:\WINDOWS\system32\svchost.exe] [PID: 864][C:\WINDOWS\system32\svchost.exe] [C:\WINDOWS\system32\ld7media.dll] [N/A, N/A] [PID: 956][C:\Program Files\Rising\Rav\CCenter.exe] [PID: 972][C:\WINDOWS\System32\svchost.exe] [C:\WINDOWS\system32\ld7media.dll] [N/A, N/A] [PID: 1032][C:\WINDOWS\system32\svchost.exe] [PID: 1072][C:\WINDOWS\system32\svchost.exe] [PID: 1084][C:\Program Files\Rising\Rav\Ravmond.exe] [C:\Program Files\Rising\Rav\BWList.dll] [C:\Program Files\Rising\Rav\RsCommX.dll] [C:\Program Files\Rising\Rav\rfwctrl.dll] [C:\Program Files\Rising\Rav\RsPPsys.dll] [C:\Program Files\Rising\Rav\RSAPPMGR.DLL] [C:\Program Files\Rising\Rav\CfgDll.dll] [C:\Program Files\Rising\Rav\RSCOMMON.DLL] [C:\Program Files\Rising\Rav\RsLog.dll] [C:\Program Files\Rising\Rav\HOOKSYS.dll] [C:\Program Files\Rising\Rav\Scanner.dll] [C:\Program Files\Rising\Rav\libload.dll] [C:\Program Files\Rising\Rav\VirusLib.dll] [C:\Program Files\Rising\Rav\regmon.dll] [C:\Program Files\Rising\Rav\HookWeb.dll] [C:\Program Files\Rising\Rav\MemMon.dll] [C:\Program Files\Rising\Rav\expscan.dll] [C:\Program Files\Rising\Rav\mPorts.dll] [C:\Program Files\Rising\Rav\HookCont.dll] [C:\Program Files\Rising\Rav\SpamEng.dll] [C:\Program Files\Rising\Rav\engine.dll] [C:\WINDOWS\system32\ld7media.dll] [N/A, N/A] [C:\Program Files\Rising\Rav\PostTrt.dll] [C:\Program Files\Rising\Rav\UnExe.dll] [C:\Program Files\Rising\Rav\ScanExec.dll] [C:\Program Files\Rising\Rav\ScanEx.dll] [C:\Program Files\Rising\Rav\ExtFile.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 25] [C:\Program Files\Rising\Rav\NvFile.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11] [C:\Program Files\Rising\Rav\ScanMac.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 13] [C:\Program Files\Rising\Rav\ScanSct.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19] [C:\Program Files\Rising\Rav\Unpacker.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19] [C:\Program Files\Rising\Rav\ScanPack.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 20] [C:\Program Files\Rising\Rav\RsVM.dll] [N/A, 19, 0, 0, 15] [C:\Program Files\Rising\Rav\Uroutine.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 23] [C:\Program Files\Rising\Rav\ExtOLE.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 12] [C:\Program Files\Rising\Rav\Uscript.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 18] [C:\Program Files\Rising\Rav\RsStore.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2] [C:\Program Files\Rising\Rav\ScanNet.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5] [PID: 1260][C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc., 6.14.10.4131] [C:\WINDOWS\system32\Ati2edxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2500] [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys] [N/A, N/A] [c:\Syswm1a\Ghook.dll] [N/A, N/A] [C:\WINDOWS\Server.DLL] [N/A, N/A] [PID: 1332][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9] [C:\Program Files\Common Files\Microsoft Shared\MSINFO\NewInfo.rxk] [N/A, N/A] [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys] [N/A, N/A] [C:\WINDOWS\system32\nvcpl.dll] [NVIDIA Corporation, 6.14.10.7184] [C:\WINDOWS\system32\ld7media.dll] [N/A, N/A] [c:\Syswm1a\Ghook.dll] [N/A, N/A] [C:\WINDOWS\Server.DLL] [N/A, N/A] [PID: 1444][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)] [PID: 1576][C:\Program Files\Rising\Rav\RavStub.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 4] [C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1] [C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5] [PID: 1824][C:\WINDOWS\SOUNDMAN.EXE] [Realtek Semiconductor Corp., 5, 1, 0, 51] [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys] [N/A, N/A] [c:\Syswm1a\Ghook.dll] [N/A, N/A] [C:\WINDOWS\Server.DLL] [N/A, N/A] [PID: 1832][C:\Program Files\Lenovo\Dinoks\DingolOKS.exe] [Lenovo, 1, 2, 1, 0] [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys] [N/A, N/A] [C:\WINDOWS\system32\DingolRemled.dll] [Bitland Information Technology Co.,Ltd., 1, 0, 0, 1] [PID: 1840][C:\Program Files\联想（Lenovo）\LenovoDingol\DingolVLR.exe] [Bitland Information Technology Co.,Ltd., 1, 0, 0, 10] [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys] [N/A, N/A] [PID: 1852][C:\Program Files\Lenovo\IMCSvr\IMCSvr.exe] [InterVideo Inc., 1.0.57.6] [C:\Program Files\Lenovo\IMCSvr\log4cpp.dll] [Bastiaan Bakker, LifeLine Networks bv , 0.3.2rc2] [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys] [N/A, N/A] [C:\Program Files\Lenovo\IMCSvr\IviDvrCtrl.dll] [, 1, 0, 0, 1] [C:\Program Files\Lenovo\IMCSvr\IVIUMA.dll] [InterVideo, 1, 0, 0, 1] [C:\Program Files\Lenovo\IMCSvr\IviAvSrc.dll] [InterVideo Inc., 3.0.88.4] [C:\WINDOWS\system32\msdmo.dll] [N/A, N/A] [C:\WINDOWS\system32\VM31bPrp.Ax] [Vimicro, 1.00.01.00] [c:\Syswm1a\Ghook.dll] [N/A, N/A] [C:\WINDOWS\Server.DLL] [N/A, N/A] [PID: 1872][C:\Program Files\Lenovo\dvdburning\DMXLauncher.exe] [N/A, N/A] [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys] [N/A, N/A] [c:\Syswm1a\Ghook.dll] [N/A, N/A] [C:\WINDOWS\Server.DLL] [N/A, N/A] [PID: 1900][C:\Program Files\Common Files\Lenovo\digitalsuit\commondll\MyDevice.exe] [, 1, 0, 0, 1] [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys] [N/A, N/A] [c:\Syswm1a\Ghook.dll] [N/A, N/A] [C:\WINDOWS\Server.DLL] [N/A, N/A] [PID: 1916][C:\WINDOWS\VM_STI.EXE] [BIGDOG, 4, 2, 610, 4] [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys] [N/A, N/A] [C:\WINDOWS\system32\msdmo.dll] [N/A, N/A] [C:\WINDOWS\system32\VM31bPrp.Ax] [Vimicro, 1.00.01.00] [c:\Syswm1a\Ghook.dll] [N/A, N/A] [C:\WINDOWS\Server.DLL] [N/A, N/A] [PID: 1964][C:\Program Files\Rising\Rav\RavTask.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7] [C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5] [C:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2] [C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13] [C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1] [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys] [N/A, N/A] [c:\Syswm1a\Ghook.dll] [N/A, N/A] [C:\WINDOWS\Server.DLL] [N/A, N/A] [PID: 1980][C:\Program Files\Rising\Rav\Ravmon.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 45] [C:\Program Files\Rising\Rav\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33] [C:\Program Files\Rising\Rav\BWList.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10] [C:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2] [C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13] [C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5] [C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1] [C:\Program Files\Rising\Rav\RsXML.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2] [C:\Program Files\Rising\Rav\PngDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5] [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys] [N/A, N/A] [c:\Syswm1a\Ghook.dll] [N/A, N/A] [C:\WINDOWS\Server.DLL] [N/A, N/A] [C:\WINDOWS\system32\ld7media.dll] [N/A, N/A] [PID: 1988][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys] [N/A, N/A] [c:\Syswm1a\Ghook.dll] [N/A, N/A] [C:\WINDOWS\Server.DLL] [N/A, N/A] [PID: 380][C:\Program Files\Lenovo\联想智能控制中心\SCC\SCCMonitor.exe] [N/A, N/A] [PID: 404][C:\WINDOWS\system32\sdus\SDUSvc.exe] [Shanda Networking Co.,Ltd, 1.6.8.409] [C:\WINDOWS\system32\sdus\SDUCore.dll] [Shanda Networking Co.,Ltd, 1.6.8.409] [C:\WINDOWS\system32\sdus\SDUComm.dll] [上海盛大网络发展有限公司, 1.0.8.335] [C:\WINDOWS\system32\sdus\CrashProcess.dll] [盛大网络发展有限公司, 1.0.8.335] [C:\WINDOWS\Server.DLL] [N/A, N/A] [C:\WINDOWS\system32\ld7media.dll] [N/A, N/A] [PID: 440][C:\Program Files\Lenovo\联想智能控制中心\SCC\LenovoSmartControlCenter.exe] [N/A, N/A] [C:\Program Files\Lenovo\联想智能控制中心\SCC\LxSimpleOsd.dll] [, 1, 0, 0, 1] [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys] [N/A, N/A] [C:\Program Files\Lenovo\联想智能控制中心\SCC\Remled.dll] [N/A, N/A] [c:\Syswm1a\Ghook.dll] [N/A, N/A] [C:\WINDOWS\Server.DLL] [N/A, N/A] [PID: 736][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1128][C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe] [Ulead Systems, Inc., 1, 0, 0, 4] [PID: 1216][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)] [PID: 2700][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ld7media.dll] [N/A, N/A] [PID: 3824][C:\WINDOWS\system32\wuauclt.exe] [Microsoft Corporation, 5.4.3790.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys] [N/A, N/A] [C:\WINDOWS\Server.DLL] [N/A, N/A] [c:\Syswm1a\Ghook.dll] [N/A, N/A] [PID: 2056][c:\Syswm1a\svchost.exe] [N/A, N/A] [c:\Syswm1a\Ghook.dll] [N/A, N/A] [PID: 2076][C:\WINDOWS\system32\conime.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys] [N/A, N/A] [c:\Syswm1a\Ghook.dll] [N/A, N/A] [C:\WINDOWS\Server.DLL] [N/A, N/A] [PID: 7604][D:\Downloads\SREng\SREng.EXE] [Smallfrogs Studio, 2.3.13.690] [C:\WINDOWS\Server.DLL] [N/A, N/A] [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys] [N/A, N/A] [c:\Syswm1a\Ghook.dll] [N/A, N/A] [C:\WINDOWS\system32\ld7media.dll] [N/A, N/A]
小米苏苏初生襁褓狮帖子:3 注册: 2007-02-23 来自:

misaboa 健康舞勺狮帖子:354 注册: 2006-08-31 来自:	发表于： 2007-02-23 13:06 \| 短消息资料字号：小中大 3楼问题很多，
misaboa 健康舞勺狮帖子:354 注册: 2006-08-31 来自:

小米苏苏初生襁褓狮帖子:3 注册: 2007-02-23 来自:	发表于： 2007-02-23 13:21 \| 只看楼主短消息资料字号：小中大 4楼上了网后，瑞星一直提醒发现trojan.PSW.zhengtu.akb，但删不干净
小米苏苏初生襁褓狮帖子:3 注册: 2007-02-23 来自:

misaboa 健康舞勺狮帖子:354 注册: 2006-08-31 来自:	发表于： 2007-02-23 13:21 \| 短消息资料字号：小中大 5楼在看，等下哈
misaboa 健康舞勺狮帖子:354 注册: 2006-08-31 来自:

misaboa 健康舞勺狮帖子:354 注册: 2006-08-31 来自:	发表于： 2007-02-23 13:33 \| 短消息资料字号：小中大 6楼用 IceSword禁止进程创建，然后，强制卸除插入到下列进程中的病毒驱动 c:\Syswm1a\Ghook.dll C:\WINDOWS\Server.DLL C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys C:\Program Files\Common Files\Microsoft Shared\MSINFO\NewInfo.rxk C:\WINDOWS\system32\ld7media.dll（这个，不一定是病毒，但是比较可疑）正在运行的进程 [PID: 776][C:\WINDOWS\system32\Ati2evxx.exe] [C:\WINDOWS\Server.DLL] [N/A, N/A] [PID: 864][C:\WINDOWS\system32\svchost.exe] [C:\WINDOWS\system32\ld7media.dll] [N/A, N/A] [PID: 972][C:\WINDOWS\System32\svchost.exe] [C:\WINDOWS\system32\ld7media.dll] [N/A, N/A] [PID: 1084][C:\Program Files\Rising\Rav\Ravmond.exe] [C:\WINDOWS\system32\ld7media.dll] [N/A, N/A] [PID: 1260][C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc., 6.14.10.4131] [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys] [N/A, N/A] [c:\Syswm1a\Ghook.dll] [N/A, N/A] [C:\WINDOWS\Server.DLL] [N/A, N/A] [PID: 1332][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Common Files\Microsoft Shared\MSINFO\NewInfo.rxk] [N/A, N/A] [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys] [N/A, N/A] [C:\WINDOWS\system32\ld7media.dll] [N/A, N/A] [c:\Syswm1a\Ghook.dll] [N/A, N/A] [C:\WINDOWS\Server.DLL] [N/A, N/A] [PID: 1824][C:\WINDOWS\SOUNDMAN.EXE] [Realtek Semiconductor Corp., 5, 1, 0, 51] [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys] [N/A, N/A] [c:\Syswm1a\Ghook.dll] [N/A, N/A] [C:\WINDOWS\Server.DLL] [N/A, N/A] [PID: 1832][C:\Program Files\Lenovo\Dinoks\DingolOKS.exe] [Lenovo, 1, 2, 1, 0] [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys] [N/A, N/A] [PID: 1840][C:\Program Files\联想（Lenovo）\LenovoDingol\DingolVLR.exe] [Bitland Information Technology Co.,Ltd., 1, 0, 0, 10] [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys] [N/A, N/A] [PID: 1852][C:\Program Files\Lenovo\IMCSvr\IMCSvr.exe] [InterVideo Inc., 1.0.57.6] [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys] [N/A, N/A] [c:\Syswm1a\Ghook.dll] [N/A, N/A] [C:\WINDOWS\Server.DLL] [N/A, N/A] [PID: 1872][C:\Program Files\Lenovo\dvdburning\DMXLauncher.exe] [N/A, N/A] [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys] [N/A, N/A] [c:\Syswm1a\Ghook.dll] [N/A, N/A] [C:\WINDOWS\Server.DLL] [N/A, N/A] [PID: 1900][C:\Program Files\Common Files\Lenovo\digitalsuit\commondll\MyDevice.exe] [, 1, 0, 0, 1] [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys] [N/A, N/A] [c:\Syswm1a\Ghook.dll] [N/A, N/A] [C:\WINDOWS\Server.DLL] [N/A, N/A] [PID: 1916][C:\WINDOWS\VM_STI.EXE] [BIGDOG, 4, 2, 610, 4] [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys] [N/A, N/A] [c:\Syswm1a\Ghook.dll] [N/A, N/A] [C:\WINDOWS\Server.DLL] [N/A, N/A] [PID: 1964][C:\Program Files\Rising\Rav\RavTask.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7] [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys] [N/A, N/A] [c:\Syswm1a\Ghook.dll] [N/A, N/A] [C:\WINDOWS\Server.DLL] [N/A, N/A] [PID: 1980][C:\Program Files\Rising\Rav\Ravmon.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 45] [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys] [N/A, N/A] [c:\Syswm1a\Ghook.dll] [N/A, N/A] [C:\WINDOWS\Server.DLL] [N/A, N/A] [C:\WINDOWS\system32\ld7media.dll] [N/A, N/A] [PID: 1988][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys] [N/A, N/A] [c:\Syswm1a\Ghook.dll] [N/A, N/A] [C:\WINDOWS\Server.DLL] [N/A, N/A] [PID: 404][C:\WINDOWS\system32\sdus\SDUSvc.exe] [Shanda Networking Co.,Ltd, 1.6.8.409] [C:\WINDOWS\Server.DLL] [N/A, N/A] [C:\WINDOWS\system32\ld7media.dll] [N/A, N/A] [PID: 440][C:\Program Files\Lenovo\联想智能控制中心\SCC\LenovoSmartControlCenter.exe] [N/A, N/A] [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys] [N/A, N/A] [c:\Syswm1a\Ghook.dll] [N/A, N/A] [C:\WINDOWS\Server.DLL] [N/A, N/A] [PID: 2700][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\ld7media.dll] [N/A, N/A] [PID: 3824][C:\WINDOWS\system32\wuauclt.exe] [Microsoft Corporation, 5.4.3790.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys] [N/A, N/A] [C:\WINDOWS\Server.DLL] [N/A, N/A] [c:\Syswm1a\Ghook.dll] [N/A, N/A] [PID: 2056][c:\Syswm1a\svchost.exe] [N/A, N/A] [c:\Syswm1a\Ghook.dll] [N/A, N/A] [PID: 2076][C:\WINDOWS\system32\conime.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys] [N/A, N/A] [c:\Syswm1a\Ghook.dll] [N/A, N/A] [C:\WINDOWS\Server.DLL] [N/A, N/A] [PID: 7604][D:\Downloads\SREng\SREng.EXE] [Smallfrogs Studio, 2.3.13.690] [C:\WINDOWS\Server.DLL] [N/A, N/A] [C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys] [N/A, N/A] [c:\Syswm1a\Ghook.dll] [N/A, N/A] [C:\WINDOWS\system32\ld7media.dll] [N/A, N/A] 关闭此进程 [PID: 2056][c:\Syswm1a\svchost.exe] [N/A, N/A] 删除下列注册表项 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] <333><C:\Syswm1a\svchost.exe> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <LaLaShow><C:\DOCUME~1\lenovo\LOCALS~1\Temp\zz.exe> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{DEC39E0E-F1F2-41E5-80B8-592A67AB0AA5}><C:\Program Files\Common Files\Microsoft Shared\MSINFO\NewInfo.rxk> [N/A] <{754FB7D8-B8FE-4810-B363-A788CD060F1F}><C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys> [N/A] 修该下列注册表项 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <Userinit><C:\WINDOWS\system32\userinit.exe> [(Verified)Microsoft Corporation] C:\WINDOWS\system32\userinit.exe 该成 C:\WINDOWS\system32\userinit.exe, 最后删除下列文件 c:\Syswm1a\Ghook.dll C:\WINDOWS\Server.DLL C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys C:\Program Files\Common Files\Microsoft Shared\MSINFO\NewInfo.rxk C:\WINDOWS\system32\ld7media.dll（这个文件建议，保留几天，确保系统正常后在删）
misaboa 健康舞勺狮帖子:354 注册: 2006-08-31 来自:

misaboa 健康舞勺狮帖子:354 注册: 2006-08-31 来自:	发表于： 2007-02-23 13:34 \| 短消息资料字号：小中大 7楼如果不会操作，加偶Q，呵呵
misaboa 健康舞勺狮帖子:354 注册: 2006-08-31 来自:

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT