瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 c8cb.dll是什么病毒? 7830A.exe又是什么病毒啊?

12   1  /  2  页   跳转

c8cb.dll是什么病毒? 7830A.exe又是什么病毒啊?

c8cb.dll是什么病毒? 7830A.exe又是什么病毒啊?

最近一段时间老是弹出“C8CB.dll文件出错,系统找不到指定的模块”,请问这是什么病毒啊?QQKav可以查出这个文件,但只是怀疑,经过查杀过重新启动电脑再查杀,显示没有,但有时还会弹出C8CB.dll这个提示,请问如何解决?谢谢。

另外,系统进程里老是有个7830A.exe,这个应该也是病毒吧?
用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; MAXTHON 2.0)
最后编辑家乐宝 最后编辑于 2008-07-15 09:01:14
分享到:
gototop
 

回复:c8cb.dll是什么病毒? 7830A.exe又是什么病毒啊?

注册表早搜索并删除啦,但还是会弹出来啊
gototop
 

回复: c8cb.dll是什么病毒? 7830A.exe又是什么病毒啊?

[code]2008-07-15,12:08:18

System Repair Engineer 2.6.11.992
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows Publisher]
    <McAfeeUpdaterUI><"D:\Common Framework\UdaterUI.exe" /StartedFromRunKey>  [(Verified)"McAfee, Inc."]
    <ShareAssistant><E:\ShareAssistant\ShareAssistant.exe>  []
    <!!QQKav><G:\qqkav.exe>  [Jsing.Net & QQKav.Com]
    <AVP><"D:\Kaspersky\avp.exe">  [(Verified)Kaspersky Lab]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><D:\KASPER~1\adialhk.dll,D:\KASPER~1\kloehk.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
    <WinlogonNotify: klogon><C:\WINDOWS\system32\klogon.dll>  [(Verified)Kaspersky Lab]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [Microsoft Corporation]

==================================
启动文件夹
[AutoCAD 启动加速器]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\AutoCAD 启动加速器.lnk --> C:\PROGRA~1\COMMON~1\AUTODE~1\ACSTAR~1.EXE [Autodesk, Inc]><N>
[腾讯QQ]
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\腾讯QQ.lnk --> G:\QQ\QQ.exe [TENCENT]><N>

==================================
服务
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
  <C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[ATI Smart / ATI Smart][Stopped/Auto Start]
  <C:\WINDOWS\system32\ati2sgag.exe><>
[Autodesk Licensing Service / Autodesk Licensing Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"><Autodesk>
[Contrl Center of Storm Media / ccosm][Running/Auto Start]
  <g:\StormII\stormliv.exe /asservice><北京暴风网际科技有限公司>
[COM+ System Application / COMSysApp][Stopped/Auto Start]
  <C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}><(File is missing)>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[McAfee Framework Service / McAfeeFramework][Running/Auto Start]
  <"D:\Common Framework\FrameworkService.exe" /ServiceStart><McAfee, Inc.>
[McAfee McShield / McShield][Stopped/Auto Start]
  <"D:\VirusScan\Mcshield.exe"><(File is missing)>
[McAfee Task Manager / McTaskManager][Stopped/Auto Start]
  <"D:\VirusScan\VsTskMgr.exe"><(File is missing)>
[DCOM Service Process Manager / MSCOManager05][Stopped/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->c:\windows\inf\dev06.inf><N/A>
[MS Software Shadow Copy Provider / SwPrv][Stopped/Manual Start]
  <C:\WINDOWS\system32\dllhost.exe /Processid:{7C3072AE-AAE0-4B47-A503-8E179720CF1F}><(File is missing)>
[WindowsRPUD / WindowsRPUD][Stopped/Auto Start]
  <2 - 系统找不到指定的文件。
><(File is missing)>
[Kaspersky Internet Security / AVP][Running/Auto Start]
  <D:\Kaspersky\avp.exe -r><Kaspersky Lab>

==================================
驱动程序
[AMD Processor Driver / AmdK8][Stopped/System Start]
  <system32\DRIVERS\AmdK8.sys><N/A>
[AMD HwPState Processor Driver / AmdPPM][Stopped/System Start]
  <system32\DRIVERS\AmdPPM.sys><N/A>
[ati2mtag / ati2mtag][Running/Manual Start]
  <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[Diag69xp / Diag69xp][Stopped/Manual Start]
  <System32\Drivers\Diag69xp.sys><N/A>
[FTCkillfile / FTCkillfile][Stopped/Manual Start]
  <System32\Drivers\FTCkillfile.sys><N/A>
[FTCProtect / FTCProtect][Stopped/Manual Start]
  <System32\Drivers\FTCProtect.sys><N/A>
[FTCProTime / FTCProTime][Stopped/Manual Start]
  <System32\Drivers\FTCProTime.sys><N/A>
[gdrv / gdrv][Stopped/Manual Start]
  <\??\C:\WINDOWS\gdrv.sys><Windows (R) 2000 DDK provider>
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
  <system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[KAVBootC / KAVBootC][Running/Boot Start]
  <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
[m0tm / m0tm][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\m0tm.sys><N/A>
[McAfee Inc. / mfeapfk][Stopped/Manual Start]
  <system32\drivers\mfeapfk.sys><N/A>
[McAfee Inc. / mfeavfk][Stopped/Manual Start]
  <system32\drivers\mfeavfk.sys><N/A>
[McAfee Inc. / mfebopk][Stopped/Manual Start]
  <system32\drivers\mfebopk.sys><N/A>
[McAfee Inc. / mfehidk][Running/Manual Start]
  <system32\drivers\mfehidk.sys><N/A>
[VSCore mferkdk / mferkdk][Stopped/System Start]
  <\??\D:\VirusScan Enterprise\mferkdk.sys><N/A>
[McAfee Inc. / mfetdik][Running/System Start]
  <system32\drivers\mfetdik.sys><N/A>
[ptfs / ptfs][Stopped/Auto Start]
  <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp4A.tmp><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Service for HDMI / RTHDMIAzAudService][Running/Manual Start]
  <system32\drivers\RtHDMI.sys><Realtek Semiconductor Corp.>
[Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver / RTLE8023xp][Running/Manual Start]
  <system32\DRIVERS\Rtenicxp.sys><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[TesSafe / TesSafe][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
[XNGAnti / XNGAnti][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\ReloadAnti.sys><N/A>
[yshield / yshield][Running/Boot Start]
  <\SystemRoot\system32\drivers\yshield.sys><BEIJING YAHOO! INFORMATION AND TECHNOLOGY CO.,LTD.>
[Kaspersky Lab Driver / KLIF][Running/System Start]
  <system32\DRIVERS\klif.sys><Kaspersky Lab>
[kl1 / kl1][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab>
[Kaspersky Lab KLFltDev / KLFLTDEV][Stopped/Manual Start]
  <system32\DRIVERS\klfltdev.sys><Kaspersky Lab>
[Kaspersky Lab Boot Guard Driver / KLBG][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\klbg.sys><Kaspersky Lab>
[Kaspersky Anti-Virus NDIS Filter / klim5][Running/Manual Start]
  <system32\DRIVERS\klim5.sys><Kaspersky Lab>

==================================
浏览器加载项
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <g:\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[FG2CatchUrl]
  {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} <G:\Flashget\ComDlls\bhoCATCH.dll_1.dll, FlashGet>
[IEVkbdBHO Class]
  {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} <D:\Kaspersky\ievkbd.dll, Kaspersky Lab>
[Invoke Class]
  {6CF01129-89E4-41a2-81B7-4406B84FE6B6} <C:\WINDOWS\system32\f78a.dll, >
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <G:\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <g:\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[网络通信防护统计]
  {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <D:\Kaspersky\SCIEPlgn.dll, Kaspersky Lab>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <g:\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[FG2CatchUrl]
  {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} <G:\Flashget\ComDlls\bhoCATCH.dll_1.dll, FlashGet>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[IEVkbdBHO Class]
  {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} <D:\Kaspersky\ievkbd.dll, Kaspersky Lab>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Invoke Class]
  {6CF01129-89E4-41A2-81B7-4406B84FE6B6} <C:\WINDOWS\system32\f78a.dll, >
[360SafeLive]
  {87515F61-A66C-4319-A0E0-D416CB8059E3} <G:\360safe\live.dll, 360.cn>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <G:\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
[PlayerCtrl Class]
  {E05BC2A3-9A46-4A32-80C9-023A473F5B23} <g:\QQMusic\QzoneMusic.dll, 深圳腾讯科技>
[FG2CatchUrl]
  {FB5DA724-162B-11D3-8B9B-AA70B4B0B525} <G:\Flashget\ComDlls\bhoCATCH.dll_1.dll, FlashGet>
["添加到反横幅广告"]
  <D:\Kaspersky\ie_banner_deny.htm, N/A>
[&V使用Vagaa哇嘎下载]
  <G:\Vagaa\Data\vg.htm, N/A>
[使用UUSee下载]
  <f:\uusee\geturltodown.htm, N/A>
[使用UUSee加速播放]
  <f:\uusee\geturltoplay.htm, N/A>
[使用快车(Flas&hGet)下载]
  <G:\Flashget\ComDlls\Bholink.htm, N/A>
[使用快车(Flash&Get)下载全部链接]
  <G:\Flashget\ComDlls\Bhoall.htm, N/A>
[使用迅雷下载]
  <G:\Thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <G:\Thunder\Program\getallurl.htm, N/A>
[添加到QQ表情]
  <g:\QQ\AddEmotion.htm, N/A>

附件附件:

文件名:SREngLOG.log
下载次数:140
文件类型:application/octet-stream
文件大小:
上传时间:2008-7-15 12:22:12
描述:log

附件附件:

文件名:70aa.rar
下载次数:202
文件类型:application/octet-stream
文件大小:
上传时间:2008-7-15 12:22:12
描述:rar

附件附件:

文件名:7830a.rar
下载次数:151
文件类型:application/octet-stream
文件大小:
上传时间:2008-7-15 12:22:12
描述:rar

附件附件:

文件名:c8cb.rar
下载次数:118
文件类型:application/octet-stream
文件大小:
上传时间:2008-7-15 12:22:12
描述:rar

gototop
 

回复:c8cb.dll是什么病毒? 7830A.exe又是什么病毒啊?

==================================
正在运行的进程
[PID: 660 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 724 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 756 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Ati2evxx.dll]  [ATI Technologies Inc., 6.14.10.4176]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 800 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 812 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 968 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4190]
    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2513]
    [C:\WINDOWS\system32\atipdlxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2530]
[PID: 1008 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1092 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1180 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1268 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1336 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1472 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4190]
    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2513]
    [C:\WINDOWS\system32\atipdlxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2530]
    [C:\WINDOWS\system32\ati2evxx.dll]  [ATI Technologies Inc., 6.14.10.4176]
[PID: 1512 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 1944 / SYSTEM][C:\WINDOWS\system32\netdde.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2004 / NETWORK SERVICE][C:\WINDOWS\system32\msdtc.exe]  [Microsoft Corporation, 2001.12.4414.258]
[PID: 152 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 188 / SYSTEM][g:\StormII\stormliv.exe]  [北京暴风网际科技有限公司, 3, 8, 6, 20]
    [g:\StormII\MSVCP60.dll]  [Microsoft Corporation, 6.02.3104.0]
[PID: 268 / Administrator][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\AcSignIcon.dll]  [Autodesk, 17.0.54.0]
    [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]  [Autodesk, 17.0.54.110]
    [D:\Common Framework\JrMac.dll]  [McAfee, Inc., 1.0.0.125]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [g:\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.29]
    [G:\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 96]
    [G:\Thunder\Components\ResWorker\DsBho_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 19]
    [G:\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [C:\WINDOWS\system32\dfshim.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\system32\mscoree.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Shfusion.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Fusion.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\culture.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\zh-CHS\ShFusRes.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll]  [, 2, 0, 0, 0]
    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiamCHS.dll]  [Advanced Micro Devices, Inc., 6.14.10.2001]
    [C:\WINDOWS\system32\f78a.dll]  [, 1, 1, 0, 2]
    [g:\StormII\spfa.dll]  [北京暴风网际科技有限公司, 2, 7, 4, 2]
    [D:\Kaspersky\shellex.dll]  [Kaspersky Lab, 8.0.0.268]
    [C:\Program Files\Common Files\Autodesk shared\dwf common\DWFShellExtension.dll]  [Autodesk, Inc., 1.1.0.278]
    [C:\Program Files\Common Files\Autodesk shared\dwf common\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Common Files\Autodesk shared\dwf common\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\Audiodev.dll]  [Microsoft Corporation, 5.2.3802.3802 built by: dnsrv(bld4act)]
[PID: 284 / SYSTEM][C:\WINDOWS\system32\clipsrv.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 448 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 468 / SYSTEM][D:\Common Framework\FrameworkService.exe]  [McAfee, Inc., 3.6.0.453]
    [D:\Common Framework\nailog.dll]  [McAfee, Inc., 3.6.0.453]
    [D:\Common Framework\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [D:\Common Framework\naXML71.dll]  [N/A, ]
    [D:\Common Framework\NaiSign.DLL]  [N/A, ]
    [C:\WINDOWS\system32\epoPGPSDK.dll]  [PGP Corporation, 3.5.3]
    [D:\Common Framework\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [D:\Common Framework\naCmnLib71.dll]  [McAfee, Inc., 3.6.0.453]
    [D:\Common Framework\applib.dll]  [McAfee, Inc., 3.6.0.453]
    [D:\Common Framework\0409\AgentRes.dll]  [McAfee, Inc., 3.6.0.453]
    [D:\Common Framework\Logging.dll]  [McAfee, Inc., 3.6.0.453]
    [D:\Common Framework\InternetManager.dll]  [McAfee, Inc., 3.6.0.453]
    [D:\Common Framework\naInet.dll]  [McAfee, Inc., 3.6.0.453]
    [D:\Common Framework\UserSpace.dll]  [McAfee, Inc., 3.6.0.453]
    [D:\Common Framework\SecureFrameworkFactory.dll]  [McAfee, Inc., 3.6.0.453]
    [D:\Common Framework\Management.dll]  [McAfee, Inc., 3.6.0.453]
    [D:\Common Framework\cmalib.dll]  [McAfee, Inc., 3.6.0.453]
    [D:\Common Framework\naPolicyManager.dll]  [McAfee, Inc., 3.6.0.453]
    [D:\Common Framework\ScriptSubSys.dll]  [McAfee, Inc., 3.6.0.453]
    [D:\Common Framework\UpdateSubSys.dll]  [McAfee, Inc., 3.6.0.453]
    [D:\Common Framework\Scheduler.dll]  [McAfee, Inc., 3.6.0.453]
    [D:\Common Framework\TCSubSys.dll]  [McAfee, Inc., 3.6.0.453]
[PID: 1024 / SYSTEM][D:\Common Framework\naPrdMgr.exe]  [McAfee, Inc., 3.6.0.453]
    [D:\Common Framework\NaiSign.DLL]  [N/A, ]
    [C:\WINDOWS\system32\epoPGPSDK.dll]  [PGP Corporation, 3.5.3]
    [D:\Common Framework\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [D:\Common Framework\naXML71.dll]  [N/A, ]
    [D:\Common Framework\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [D:\Common Framework\nailog.dll]  [McAfee, Inc., 3.6.0.453]
    [D:\Common Framework\naCmnLib71.dll]  [McAfee, Inc., 3.6.0.453]
    [D:\Common Framework\applib.dll]  [McAfee, Inc., 3.6.0.453]
    [D:\Common Framework\0409\AgentRes.dll]  [McAfee, Inc., 3.6.0.453]
[PID: 1372 / NETWORK SERVICE][C:\WINDOWS\system32\locator.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1596 / Administrator][D:\Common Framework\UdaterUI.exe]  [McAfee, Inc., 3.6.0.453]
    [D:\Common Framework\nailog.dll]  [McAfee, Inc., 3.6.0.453]
    [D:\Common Framework\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [D:\Common Framework\naCmnLib71.dll]  [McAfee, Inc., 3.6.0.453]
    [D:\Common Framework\naXML71.dll]  [N/A, ]
    [D:\Common Framework\NaiSign.DLL]  [N/A, ]
    [C:\WINDOWS\system32\epoPGPSDK.dll]  [PGP Corporation, 3.5.3]
    [D:\Common Framework\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [D:\Common Framework\applib.dll]  [McAfee, Inc., 3.6.0.453]
    [D:\Common Framework\cmalib.dll]  [McAfee, Inc., 3.6.0.453]
    [D:\Common Framework\0409\UpdRes.dll]  [McAfee, Inc., 3.6.0.453]
    [D:\Common Framework\0409\AgentRes.dll]  [McAfee, Inc., 3.6.0.453]
gototop
 

回复:c8cb.dll是什么病毒? 7830A.exe又是什么病毒啊?

[D:\Common Framework\SecureFrameworkFactory.dll]  [McAfee, Inc., 3.6.0.453]
[PID: 1788 / Administrator][E:\ShareAssistant\ShareAssistant.exe]  [N/A, ]
[PID: 1840 / Administrator][G:\qqkav.exe]  [Jsing.Net & QQKav.Com, 2008.7.1.1]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx]  [Adobe Systems, Inc., 9,0,124,0]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\AcSignIcon.dll]  [Autodesk, 17.0.54.0]
[PID: 1856 / SYSTEM][C:\WINDOWS\system32\tlntsvr.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1864 / Administrator][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1880 / Administrator][D:\Common Framework\McTray.exe]  [McAfee, Inc., 1.0.0.125]
    [D:\Common Framework\JrMac.dll]  [McAfee, Inc., 1.0.0.125]
[PID: 2212 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 2332 / SYSTEM][C:\WINDOWS\system32\wbem\wmiapsrv.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3568 / Administrator][C:\WINDOWS\System32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\Downlo~1\c8cdc.dll]  [  , 1, 0, 0, 3]
[PID: 3668 / Administrator][E:\中信证券\internet\hypwise.exe]  [大智慧, 1, 0, 0, 1]
    [E:\中信证券\internet\MFC42.DLL]  [Microsoft Corporation, 6.00.8447.0]
[PID: 3624 / Administrator][E:\中信证券\internet\hypwise.exe]  [大智慧, 1, 0, 0, 1]
    [E:\中信证券\internet\MFC42.DLL]  [Microsoft Corporation, 6.00.8447.0]
[PID: 1900 / Administrator][G:\QQ\QQ.exe]  [TENCENT, 8,0,830,1811]
    [G:\QQ\QQBaseClassInDll.dll]  [TENCENT, 8,0,830,1811]
    [G:\QQ\QQHelperDll.dll]  [TENCENT, 8,0,830,1811]
    [G:\QQ\BasicCtrlDll.dll]  [TENCENT, 8,0,830,1811]
    [G:\QQ\MFC42.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [G:\QQ\RICHED32.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [G:\QQ\RICHED20.dll]  [Microsoft Corporation, 5.31.23.1218]
    [G:\QQ\QQAPI.dll]  [TENCENT, 8,0,830,1811]
    [G:\QQ\LoginCtrl.dll]  [TENCENT, 8,0,830,1811]
    [G:\QQ\LoginCtrlRes.dll]  [TENCENT, 8,0,830,1811]
    [G:\QQ\QQRes.dll]  [TENCENT, 8, 0, 830, 1811]
    [G:\QQ\QQMainFrame.dll]  [N/A, ]
    [G:\QQ\gdiplus.dll]  [Microsoft Corporation, 5.1.3102.2180 (xpsp_sp2_rtm.040803-2158)]
    [G:\QQ\QQPlugin.dll]  [N/A, ]
    [G:\QQ\UnReadMsgMgr.dll]  [N/A, ]
    [G:\QQ\CQQApplication.dll]  [N/A, ]
    [G:\QQ\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [G:\QQ\NewSkin.dll]  [TENCENT, 8,0,830,1811]
    [G:\QQ\MailSummary.dll]  [TENCENT, 8,0,773,1801]
    [G:\QQ\QQSpace.dll]  [TENCENT, 8,0,830,1811]
    [G:\QQ\vbscript.dll]  [Microsoft Corporation, 5.6.0.7426]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [G:\QQ\QQKnowledgeSearch.dll]  [TENCENT, 8,0,830,1811]
    [G:\QQ\OEMApplication.dll]  [TENCENT, 8,0,830,1811]
    [G:\QQ\QQGroupMng.dll]  [TENCENT, 8,0,830,1811]
    [G:\QQ\QQAllInOne.dll]  [TENCENT, 8,0,830,1811]
    [G:\QQ\SCCore.dll]  [TENCENT, 1, 6, 0, 2]
    [G:\QQ\CameraDll.dll]  [TENCENT, 8,0,830,1811]
    [G:\QQ\QQPet.dll]  [TENCENT, 8,0,830,1811]
    [G:\QQ\QQSysMsgMng.dll]  [N/A, ]
    [G:\QQ\UserDefinedHead.dll]  [TENCENT, 8,0,830,1811]
    [G:\QQ\QQConfigPlugin.dll]  [TENCENT, 8,0,830,1811]
    [G:\QQ\QQCustomFace.dll]  [N/A, ]
    [G:\QQ\QRingMng.dll]  [N/A, ]
    [G:\QQ\QQAvatar.dll]  [N/A, ]
    [G:\QQ\LongConnection.dll]  [TENCENT, 8,0,830,1811]
    [G:\QQ\PhoneAPI.dll]  [TENCENT, 8,0,830,1811]
    [G:\QQ\DialerAllinOne.dll]  [tencent, 1, 4, 0, 0]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [G:\QQ\BQQApplication.dll]  [N/A, ]
    [G:\QQ\GroupConnection.dll]  [TENCENT, 8,0,830,1811]
    [G:\QQ\CommercesMng.dll]  [TENCENT, 8,0,830,1811]
    [G:\QQ\PersonalDesktop.dll]  [TENCENT, 8,0,830,1811]
    [G:\QQ\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 330]
    [G:\QQ\QQSceneMng.dll]  [N/A, ]
    [G:\QQ\AddrSearch.dll]  [腾讯科技(深圳)有限公司, 2, 2, 1, 15]
    [C:\WINDOWS\system32\msadp32.acm]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [G:\QQ\ImageOle.dll]  [TENCENT, 8,0,830,1811]
    [D:\Kaspersky\scrchpg.dll]  [Kaspersky Lab, 8.0.0.268]
    [D:\Kaspersky\klscav.dll]  [Kaspersky Lab, 8.0.0.268]
    [G:\QQ\QQLiveQMng.dll]  [TENCENT, 8,0,830,1811]
[PID: 904 / Administrator][g:\QQ\TXPlatform.exe]  [Tencent, 1, 5, 225, 0]
[PID: 1048 / Administrator][D:\Foxit\Foxit Reader.exe]  [福昕软件公司, 2, 2, 2007, 2405]
[PID: 2204 / Administrator][G:\Maxthon\Maxthon.exe]  [Maxthon International ltd., 2, 1, 0, 1870]
    [G:\Maxthon\mxpp.dll]  [Maxthon International ltd., 1, 0, 0, 107]
    [G:\Maxthon\MxSk.dll]  [Maxthon, 1, 0, 0, 351]
    [G:\Maxthon\MxProxy2.dll]  [Maxthon International ltd., 1, 0, 0, 4030]
    [G:\Maxthon\MxExt.dll]  [N/A, ]
    [G:\Maxthon\mxtool.dll]  [, 1, 0, 0, 1]
    [G:\Maxthon\maxzlib.dll]  [, 1.2.3]
    [G:\Maxthon\mxfeedU.dll]  [, 1, 0, 45, 92]
    [C:\WINDOWS\system32\AcSignIcon.dll]  [Autodesk, 17.0.54.0]
    [G:\Maxthon\Modules\MxWebBoost\MxWebBoost.dll]  [Maxthon, 1,0,2,1187]
    [G:\Maxthon\mxdb.dll]  [Max, 3, 5, 3, 125]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [G:\Maxthon\MxFav.dll]  [Maxthon International ltd., 1, 0, 0, 251]
    [C:\WINDOWS\system32\WBJJU.IME]  [北京六合源软件技术有限公司, 2, 5, 0, 0]
    [C:\WINDOWS\system32\WbCodeU.dll]  [, 2, 5, 0, 0]
    [C:\WINDOWS\system32\wbjju.dll]  [N/A, ]
    [C:\WINDOWS\system32\mscoree.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll]  [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
    [D:\Kaspersky\scrchpg.dll]  [Kaspersky Lab, 8.0.0.268]
    [D:\Kaspersky\klscav.dll]  [Kaspersky Lab, 8.0.0.268]
    [G:\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 96]
    [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]  [Autodesk, 17.0.54.110]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx]  [Adobe Systems, Inc., 9,0,124,0]
[PID: 3492 / Administrator][D:\Kaspersky\avp.exe]  [Kaspersky Lab, 8.0.0.268]
    [D:\Kaspersky\prremote.dll]  [Kaspersky Lab, 8.0.0.268]
    [D:\Kaspersky\fssync.dll]  [Kaspersky Lab, 8.0.5.268]
    [D:\KASPER~1\adialhk.dll]  [Kaspersky Lab, 8.0.0.268]
    [D:\KASPER~1\kloehk.dll]  [Kaspersky Lab, 8.0.0.268]
    [D:\Kaspersky\Ushata.dll]  [Kaspersky Lab, 8.0.0.268]
    [D:\Kaspersky\CLLDR.DLL]  [Kaspersky Lab, 8.0.0.268]
    [D:\Kaspersky\prloader.dll]  [Kaspersky Lab, 8.0.0.268]
    [D:\Kaspersky\prkernel.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\pxstub.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\params.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\winreg.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\mkavio.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\tempfile.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\avpgui.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\nfio.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\fsdrvplg.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\basegui.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\thpimpl.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\dtreg.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\uniarc.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\avlib.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\minizip.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\prseqio.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\inflate.ppl]  [Kaspersky Lab, 8.0.0.268]
[PID: 2936 / SYSTEM][D:\Kaspersky\avp.exe]  [Kaspersky Lab, 8.0.0.268]
    [D:\Kaspersky\prremote.dll]  [Kaspersky Lab, 8.0.0.268]
    [D:\Kaspersky\fssync.dll]  [Kaspersky Lab, 8.0.5.268]
    [D:\KASPER~1\adialhk.dll]  [Kaspersky Lab, 8.0.0.268]
    [D:\KASPER~1\kloehk.dll]  [Kaspersky Lab, 8.0.0.268]
    [D:\Kaspersky\Ushata.dll]  [Kaspersky Lab, 8.0.0.268]
    [D:\Kaspersky\CLLDR.DLL]  [Kaspersky Lab, 8.0.0.268]
    [D:\Kaspersky\prloader.dll]  [Kaspersky Lab, 8.0.0.268]
    [D:\Kaspersky\prkernel.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\pxstub.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\params.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\winreg.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\mkavio.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\tempfile.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\tm.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\nfio.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\fsdrvplg.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\bl.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\wmihlpr.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\regmap.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\ndetect.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\crpthlpr.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\dtreg.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\sfdb.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\schedule.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\timer.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\thpimpl.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\lic.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\hashmd5.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\report.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\reportdb.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\basegui.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\qb.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\avs.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\vmarea.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\avlib.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\avspm.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\avp3info.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\procmon.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\propmap.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\filemap.ppl]  [Kaspersky Lab, 8.0.0.268]
    [C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Bases\kavbase.kdl]  [Kaspersky Lab, 1.4.1.1]
    [C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Bases\vlns.kdl]  [Kaspersky Lab, 1.4.0.0]
    [C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Bases\klavemu.kdl]  [Kaspersky Lab, 1.45.10.30]
    [D:\Kaspersky\avzkrnl.dll]  [, 4.29.0.59]
    [d:\kaspersky\ichk2.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\ichksa.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\uniarc.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\minizip.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\cab.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\arj.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\rar.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\lha.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\mdb.ppl]  [Kaspersky Lab, 8.0.0.268]
    [C:\WINDOWS\system32\MAPI32.dll]  [Microsoft Corporation, 1.0.2536.0 (XPClient.010817-1148)]
    [d:\kaspersky\msoe.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\mailmsg.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\dmap.ppl]  [Kaspersky Lab, 8.0.0.268]
[PID: 2420 / SYSTEM][D:\Kaspersky\avp.exe]  [Kaspersky Lab, 8.0.0.268]
    [D:\Kaspersky\prremote.dll]  [Kaspersky Lab, 8.0.0.268]
    [D:\Kaspersky\fssync.dll]  [Kaspersky Lab, 8.0.5.268]
    [D:\KASPER~1\adialhk.dll]  [Kaspersky Lab, 8.0.0.268]
    [D:\KASPER~1\kloehk.dll]  [Kaspersky Lab, 8.0.0.268]
    [D:\Kaspersky\Ushata.dll]  [Kaspersky Lab, 8.0.0.268]
    [D:\Kaspersky\CLLDR.DLL]  [Kaspersky Lab, 8.0.0.268]
    [D:\Kaspersky\prloader.dll]  [Kaspersky Lab, 8.0.0.268]
    [D:\Kaspersky\prkernel.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\pxstub.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\params.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\winreg.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\tm.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\nfio.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\mkavio.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\fsdrvplg.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\tempfile.ppl]  [Kaspersky Lab, 8.0.0.268]
    [d:\kaspersky\prupdate.ppl]  [Kaspersky Lab, 1.6.0.6]
    [d:\kaspersky\Updater.dll]  [Kaspersky Lab, 1.6.0.6]
    [d:\kaspersky\thpimpl.ppl]  [Kaspersky Lab, 8.0.0.268]
[PID: 3840 / Administrator][G:\Vagaa\vagaa.exe]  [Vagaa Development Team, 2.6.5.10]
    [G:\Vagaa\TouDll.dll]  [Vagaa Development Team, 2.6.4.4]
    [D:\KASPER~1\adialhk.dll]  [Kaspersky Lab, 8.0.0.268]
    [D:\KASPER~1\kloehk.dll]  [Kaspersky Lab, 8.0.0.268]
    [G:\Vagaa\UPnPDll.dll]  [Vagaa.com, 2, 6, 4, 0]
    [C:\WINDOWS\system32\WBJJU.IME]  [北京六合源软件技术有限公司, 2, 5, 0, 0]
    [C:\WINDOWS\system32\WbCodeU.dll]  [, 2, 5, 0, 0]
    [C:\WINDOWS\system32\wbjju.dll]  [N/A, ]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3144 / Administrator][G:\Vagaa\VExplorer.exe]  [www.vagaa.com, 2.6.4.0]
    [D:\KASPER~1\adialhk.dll]  [Kaspersky Lab, 8.0.0.268]
    [D:\KASPER~1\kloehk.dll]  [Kaspersky Lab, 8.0.0.268]
    [D:\Kaspersky\scrchpg.dll]  [Kaspersky Lab, 8.0.0.268]
    [D:\Kaspersky\klscav.dll]  [Kaspersky Lab, 8.0.0.268]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2460 / Administrator][G:\sreng2\SREngLdr.EXE]  [Smallfrogs Studio, 2.6.11.992]
[PID: 3924 / Administrator][G:\sreng2\SREd937b48b.EXE]  [Smallfrogs Studio, 2.6.11.992]
    [G:\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]

==================================
文件关联
.TXT  Error. [NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 1788, E:\SHAREASSISTANT\SHAREASSISTANT.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 1840, G:\QQKAV.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1840, G:\QQKAV.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3668, E:\中信证券\INTERNET\HYPWISE.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3624, E:\中信证券\INTERNET\HYPWISE.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1048, D:\FOXIT\FOXIT READER.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3840, G:\VAGAA\VAGAA.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3144, G:\VAGAA\VEXPLORER.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2460, G:\SRENG2\SRENGLDR.EXE]

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]
gototop
 

回复:c8cb.dll是什么病毒? 7830A.exe又是什么病毒啊?

看不太懂啊?能用通俗的方式解说下吗?
gototop
 

回复:c8cb.dll是什么病毒? 7830A.exe又是什么病毒啊?

还是没用啊?还是会弹出C8CB.dll错误哦,那家伙够狠。
gototop
 

回复: c8cb.dll是什么病毒? 7830A.exe又是什么病毒啊?



引用:
原帖由 天云一剑 于 2008-7-15 15:10:00 发表
楼主,不要粘贴报告
将报告存为TXT格式,上传为附件,我们再看看


我上传了。

附件附件:

文件名:SREngLOG.log
下载次数:112
文件类型:application/octet-stream
文件大小:
上传时间:2008-7-15 15:33:17
描述:log

gototop
 

回复:c8cb.dll是什么病毒? 7830A.exe又是什么病毒啊?

我全删除啦,现在装了ESET
gototop
 

回复: c8cb.dll是什么病毒? 7830A.exe又是什么病毒啊?



引用:
原帖由 没有眼泪 于 2008-7-15 16:21:00 发表
动作好快,还有问题没哇
再上传下日志学习下。。
咖啡和卡巴卸了没?


按楼上朋友的操作做了,同时用ESET扫描,发现了是一种变种木马病毒,

2008-7-15 16:06:07 启动扫描程序 文件 C:\WINDOWS\Downlo~1\c8cac.dll Win32/Adware.WSearch 应用程序 的变种 通过删除清除 (下次重新启动后) - 已隔离 YX21\Administrator

重新启动后结果弹出“C8CSC.dll出错”“C8CB.dll出错”两个对话框啦,郁闷。

附件附件:

文件名:SREngLOG.log
下载次数:114
文件类型:application/octet-stream
文件大小:
上传时间:2008-7-15 17:42:39
描述:log

gototop
 
12   1  /  2  页   跳转
页面顶部
Powered by Discuz!NT