瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 中了病毒,按提示扫描上传日志,SOS

1   1  /  1  页   跳转

[求助] 中了病毒,按提示扫描上传日志,SOS

收藏
本主题由 版主 天月来了 于 2008-8-10 16:57:01 执行 关闭主题/取消 操作
砸自己的脚
头像
初生襁褓狮
  • 帖子:15
  • 注册: 2008-08-10
  • 来自:
发表于: 2008-08-10 16:34 | 只看楼主 短消息 资料
字号: 1楼

中了病毒,按提示扫描上传日志,SOS

==================================
启动文件夹
[Adobe Gamma Loader]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Gamma Loader.lnk --> C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [Adobe Systems, Inc.]><N>
[绿鹰PC万能精灵]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\绿鹰PC万能精灵.lnk --> G:\PROGRA~1\绿鹰PC~1\alg.exe [绿鹰网络]><N>
[QQ游戏启动加速程序]
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\QQ游戏启动加速程序.lnk --> G:\PROGRA~1\Tencent\QQGAME\Accel.exe [深圳市腾讯计算机系统有限公司]><N>
==================================
服务
[C-DillaSrv / C-DillaSrv][Running/Auto Start]
  <C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE><C-Dilla Ltd>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[McAfee Framework Service / McAfeeFramework][Running/Auto Start]
  <"C:\Program Files\McAfee\Common Framework\FrameworkService.exe" /ServiceStart><McAfee, Inc.>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Rising Process Communication Center / RsCCenter][Stopped/Auto Start]
  <"g:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Information Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
  <"G:\PROGRAM FILES\RISING\RAV\Ravmond.exe"><Beijing Rising Information Technology Co., Ltd.>
==================================
驱动程序
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[C-Dilla / C-Dilla][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\CDANT.SYS><Macrovision>
[VIA Rhine-Family Fast-Ethernet Adapter Driver Service / FET5X86V][Stopped/Manual Start]
  <system32\DRIVERS\fetnd5bv.sys><VIA Technologies, Inc.>
[HookCont / HookCont][Running/System Start]
  <\SystemRoot\system32\drivers\HookCont.sys><Beijing Rising Information Technology Co., Ltd.>
[HookNtos / HookNtos][Running/System Start]
  <\SystemRoot\system32\drivers\HookNtos.sys><Beijing Rising Information Technology Co., Ltd.>
[HookReg / HookReg][Running/System Start]
  <\SystemRoot\system32\drivers\HookReg.sys><Beijing Rising Information Technology Co., Ltd.>
[HookSys / HookSys][Running/System Start]
  <\SystemRoot\system32\drivers\HookSys.sys><Beijing Rising Information Technology Co., Ltd.>
[InCD File System / InCDFs][Stopped/Disabled]
  <system32\drivers\InCDFs.sys><N/A>
[InCDPass / InCDPass][Stopped/System Start]
  <system32\drivers\InCDPass.sys><N/A>
[InCD Reader / InCDRm][Stopped/System Start]
  <system32\drivers\InCDRm.sys><N/A>
[VSCore mferkdk / mferkdk][Stopped/System Start]
  <\??\C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys><N/A>
[npkcrypt / npkcrypt][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\npkcrypt.sys><N/A>
[npkycryp / npkycryp][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\npkycryp.sys><N/A>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[NVIDIA nForce AGP Bus Filter / nv_agp][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\nv_agp.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[pwd32 / pwd32][Stopped/Manual Start]
  <\??\G:\Program Files\飞雪\烈焰飞雪\pwd32.ahc><N/A>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Information Technology Co., Ltd.>
[Realtek 10/100/1000 PCI NIC Family NDIS XP Driver / RTL8023xp][Running/Manual Start]
  <system32\DRIVERS\Rtnicxp.sys><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[sptd / sptd][Running/Boot Start]
  <\SystemRoot\System32\Drivers\sptd.sys><N/A>
[sysHostSvc / sysHostSvc][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\GuiHelp.sys><Microsoft Corporation>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[TesSafe / TesSafe][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
[VIMICRO USB PC Camera (ZC030X) / ZSMC303][Stopped/Manual Start]
  <System32\Drivers\usbVM303.sys><VM>

用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; QQDownload 1.7)
分享到:
gototop
 
aaccbbdd
头像
卡卡巡查
  • 帖子:45933
  • 注册: 2007-11-17
  • 来自:蜀山仙剑派
论坛8周年活动礼物卡卡名人堂祖国六十华诞09欢乐圣诞吃货勋章2012我眼中的你们幸福玫瑰
发表于: 2008-08-10 16:35 | 短消息 资料
字号: 2楼

回复:中了病毒,按提示扫描上传日志,SOS

大哥
点右下角的回复按钮

日志放附件里

不完整的日志=没用的日志
gototop
 
砸自己的脚
头像
初生襁褓狮
  • 帖子:15
  • 注册: 2008-08-10
  • 来自:
发表于: 2008-08-10 16:48 | 只看楼主 短消息 资料
字号: 3楼

日志

日志放到符件里了

附件附件:

文件名:SREngLOG.log
下载次数:73
文件类型:application/octet-stream
文件大小:
上传时间:2008-8-10 16:47:34
描述:log
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT