瑞星卡卡安全论坛

首页 » 技术交流区 » 反病毒/反流氓软件论坛 » 紧急求助!
wadhq - 2005-11-30 13:38:00
今天本公司内网里计算机爆发性出现重起、复制粘贴失效、浏览器失效、和微软相关的软件出现异常!着是什么病毒呀?急盼解答!谢谢!
ztq506 - 2005-11-30 13:39:00
重启系统时提示文件错误吗?
wadhq - 2005-11-30 14:01:00
前辈,不提示呀。是不是什么新病毒。
BlackStone - 2005-11-30 14:02:00
用Autoruns保存一个日志发上来
日志保存方法:选择File->Save菜单项
保存日志时注意选择Options->Hide Microsoft Entries菜单项(设置了这项后点工具栏的刷新按钮)

工具的下载、使用参考http://forum.ikaka.com/topic.asp?board=28&artid=7318038第14楼
wadhq - 2005-11-30 15:25:00
是不是这个日志?
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit

+ C:\WINNT\system32\userinit.exeUserinit Logon ApplicationMicrosoft Corporationc:\winnt\system32\userinit.exe

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell

+ Explorer.exeWindows ExplorerMicrosoft Corporationc:\winnt\explorer.exe

+ Explorer.exeWindows ExplorerMicrosoft Corporationc:\winnt\explorer.exe

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

+ AHQInitAHQInitCreative Technology Ltdc:\program files\creative\sblive2k\program\ahqinit.exe

+ ATIPTAATI Desktop Control PanelATI Technologies, Inc.c:\winnt\system32\atiptaxx.exe

+ CnsMin3721北京三七二一科技有限公司c:\winnt\downloaded program files\cnsmin.dll

+ Synchronization ManagerMicrosoft Synchronization ManagerMicrosoft Corporationc:\winnt\system32\mobsync.exe

+ vptraySymantec AntiVirusSymantec Corporationc:\program files\symantec_client_security\symantec antivirus\vptray.exe

+ yassistseAssistSettingYahoo!c:\program files\yahoo!\assistant\yassistse.exe

+ YLive.exeYLive c:\program files\yahoo!\assistant\ylive.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run

+ Internat.exeKeyboard Language Indicator AppletMicrosoft Corporationc:\winnt\system32\internat.exe

HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components

+ Address Book 5Outlook Express Setup LibraryMicrosoft Corporationc:\program files\outlook express\setup50.exe

+ CRLUpdateUPDCRLMicrosoft Corporationc:\winnt\system32\updcrl.exe

+ EnableRevocationMicrosoft(C) Register ServerMicrosoft Corporationc:\winnt\system32\regsvr32.exe

+ Internet Explorer 6IE 5.0 Per-User Install UtilityMicrosoft Corporationc:\winnt\system32\ie4uinit.exe

+ Internet Explorer 访问Windows NT User Data Migration ToolMicrosoft Corporationc:\winnt\system32\shmgrate.exe

+ Microsoft Outlook Express 6Outlook Express Setup LibraryMicrosoft Corporationc:\program files\outlook express\setup50.exe

+ Microsoft Windows Media Player 6.4ADVPACKMicrosoft Corporationc:\winnt\system32\advpack.dll

+ Microsoft Windows Media Player 7ADVPACKMicrosoft Corporationc:\winnt\system32\advpack.dll

+ NetMeeting 3.01ADVPACKMicrosoft Corporationc:\winnt\system32\advpack.dll

+ Outlook Express 访问Windows NT User Data Migration ToolMicrosoft Corporationc:\winnt\system32\shmgrate.exe

+ Windows 桌面更新Microsoft(C) Register ServerMicrosoft Corporationc:\winnt\system32\regsvr32.exe

+ 自定义浏览器Microsoft Internet Explorer Customization DLLMicrosoft Corporationc:\winnt\system32\iedkcs32.dll

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler

+ Browseui 预加载程序Shell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll

+ 组件类别缓存程序Shell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad

+ Network.ConnectionTrayNetwork Connections ShellMicrosoft Corporationc:\winnt\system32\netshell.dll

+ SysTraySystray shell service objectMicrosoft Corporationc:\winnt\system32\stobject.dll

+ WebCheckWeb Site MonitorMicrosoft Corporationc:\winnt\system32\webcheck.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks

+ shell32.dllWindows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved

+ .CAB file viewerCabinet File Viewer Shell ExtensionMicrosoft Corporationc:\winnt\system32\cabview.dll

+ ActiveDesktopWindows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll

+ ActiveX 高速缓存文件夹Object Control ViewerMicrosoft Corporationc:\winnt\system32\occache.dll

+ BandProxyShell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll

+ Briefcase FolderWindows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll

+ CDF Extension Copy HookShell Doc Object and Control LibraryMicrosoft Corporationc:\winnt\system32\shdocvw.dll

+ Channel MenuChannel Definition File ViewerMicrosoft Corporationc:\winnt\system32\cdfview.dll

+ Channel PropertiesChannel Definition File ViewerMicrosoft Corporationc:\winnt\system32\cdfview.dll

+ CmdFileIconWindows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll

+ Code Download AgentWeb Site MonitorMicrosoft Corporationc:\winnt\system32\webcheck.dll

+ ConnectionAgentWeb Site MonitorMicrosoft Corporationc:\winnt\system32\webcheck.dll

+ Crypto PKO ExtensionCrypto Shell ExtensionsMicrosoft Corporationc:\winnt\system32\cryptext.dll

+ Crypto Sign ExtensionCrypto Shell ExtensionsMicrosoft Corporationc:\winnt\system32\cryptext.dll

+ Darwin App PublisherShell Application ManagerMicrosoft Corporationc:\winnt\system32\appwiz.cpl

+ Directory Context Menu VerbsDirectory Service Common UIMicrosoft Corporationc:\winnt\system32\dsuiext.dll

+ Directory NamespaceDirectory Service UIMicrosoft Corporationc:\winnt\system32\dsfolder.dll

+ Directory Object FindDirectory Service FindMicrosoft Corporationc:\winnt\system32\dsquery.dll

+ Directory Property UIDirectory Service Common UIMicrosoft Corporationc:\winnt\system32\dsuiext.dll

+ Directory Query UIDirectory Service FindMicrosoft Corporationc:\winnt\system32\dsquery.dll

+ Directory Start/Search FindDirectory Service FindMicrosoft Corporationc:\winnt\system32\dsquery.dll

+ Disk Copy ExtensionWindows DiskCopyMicrosoft Corporationc:\winnt\system32\diskcopy.dll

+ Disk Quota UIWindows Shell Disk Quota UI DLLMicrosoft Corporationc:\winnt\system32\dskquoui.dll

+ Display Adapter CPL ExtensionAdvanced display adapter propertiesMicrosoft Corporationc:\winnt\system32\deskadp.dll

+ Display Control Panel HTML ExtensionsWindows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll

+ Display Monitor CPL ExtensionAdvanced display monitor propertiesMicrosoft Corporationc:\winnt\system32\deskmon.dll

+ Display Panning CPL ExtensionFile not found: deskpan.dll

+ Display TroubleShoot CPL ExtensionAdvanced display performance propertiesMicrosoft Corporationc:\winnt\system32\deskperf.dll

+ DS Security PageDirectory Service Security UIMicrosoft Corporationc:\winnt\system32\dssec.dll

+ Favorites BandShell Doc Object and Control LibraryMicrosoft Corporationc:\winnt\system32\shdocvw.dll

+ File Property Page ExtensionWindows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll

+ File Types PageWindows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll

+ Folder Options Property Page ExtensionWindows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll

+ HTML 缩略图的解压缩程序Thumbnail View ExtensionMicrosoft Corporationc:\winnt\system32\thumbvw.dll

+ HyperTerminal Icon ExtHyperTerminal Applet LibraryHilgraeve, Inc.c:\winnt\system32\hticons.dll

+ ICC 配置文件Microsoft Color Matching System User Interface DLLMicrosoft Corporationc:\winnt\system32\icmui.dll

+ ICM 打印机管理Microsoft Color Matching System User Interface DLLMicrosoft Corporationc:\winnt\system32\icmui.dll

+ ICM 监视器管理Microsoft Color Matching System User Interface DLLMicrosoft Corporationc:\winnt\system32\icmui.dll

+ ICM 扫描仪管理Microsoft Color Matching System User Interface DLLMicrosoft Corporationc:\winnt\system32\icmui.dll

+ IE4 套件初始屏幕Shell Doc Object and Control LibraryMicrosoft Corporationc:\winnt\system32\shdocvw.dll

+ Installed Apps EnumeratorShell Application ManagerMicrosoft Corporationc:\winnt\system32\appwiz.cpl

+ InternetShell Doc Object and Control LibraryMicrosoft Corporationc:\winnt\system32\shdocvw.dll

+ Internet Name SpaceShell Doc Object and Control LibraryMicrosoft Corporationc:\winnt\system32\shdocvw.dll

+ Internet 临时文件Shell Doc Object and Control LibraryMicrosoft Corporationc:\winnt\system32\shdocvw.dll

+ Internet 临时文件Shell Doc Object and Control LibraryMicrosoft Corporationc:\winnt\system32\shdocvw.dll

+ InternetShortcutShell Doc Object and Control LibraryMicrosoft Corporationc:\winnt\system32\shdocvw.dll

+ ISFBand OCShell Doc Object and Control LibraryMicrosoft Corporationc:\winnt\system32\shdocvw.dll

+ IShellFolderBandShell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll

+ LDVP Shell ExtensionsSymantec AntiVirusSymantec Corporationc:\program files\common files\symantec shared\ssc\vpshell2.dll

+ LNK 文件缩略图接口代理程序Thumbnail View ExtensionMicrosoft Corporationc:\winnt\system32\thumbvw.dll

+ Microsoft AutoCompleteShell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll

+ Microsoft Browser ArchitectureShell Doc Object and Control LibraryMicrosoft Corporationc:\winnt\system32\shdocvw.dll

+ Microsoft BrowserBandShell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll

+ Microsoft CopyTo ServiceWindows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll

+ Microsoft Internet 工具栏Shell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll

+ Microsoft MoveTo ServiceWindows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll

+ Microsoft New Object ServiceWindows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll

+ Microsoft Office HTML Icon HandlerMicrosoft Office XP componentMicrosoft Corporationc:\program files\microsoft office\office10\msohev.dll

+ Microsoft SendTo ServiceWindows Shell Common Dll
wadhq - 2005-11-30 15:26:00
go on
Microsoft Corporationc:\winnt\system32\shell32.dll

+ Microsoft Url History 服务Shell Doc Object and Control LibraryMicrosoft Corporationc:\winnt\system32\shdocvw.dll

+ Microsoft Url 搜索挂接Shell Doc Object and Control LibraryMicrosoft Corporationc:\winnt\system32\shdocvw.dll

+ Microsoft 多个自动完成列表容器Shell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll

+ Microsoft 历史自动完成列表Shell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll

+ Microsoft 外壳文件夹自动完成列表Shell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll

+ MIME File Types HookWindows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll

+ MMC Icon HandlerMMC Shell Extension DLLMicrosoft Corporationc:\winnt\system32\mmcshext.dll

+ MRU 自动完成列表Shell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll

+ Multimedia File Property SheetControl Panel Drivers AppletMicrosoft Corporationc:\winnt\system32\mmsys.cpl

+ MyDocs Copy HookMy Documents Folder UIMicrosoft Corporationc:\winnt\system32\mydocs.dll

+ MyDocs Drop TargetMy Documents Folder UIMicrosoft Corporationc:\winnt\system32\mydocs.dll

+ MyDocs FolderMy Documents Folder UIMicrosoft Corporationc:\winnt\system32\mydocs.dll

+ MyDocs PropertiesMy Documents Folder UIMicrosoft Corporationc:\winnt\system32\mydocs.dll

+ NTFS Security PageSecurity Shell ExtensionMicrosoft Corporationc:\winnt\system32\rshx32.dll

+ Office 图形筛选器缩略图的解压缩程序Thumbnail View ExtensionMicrosoft Corporationc:\winnt\system32\thumbvw.dll

+ Offline Files Folder OptionsClient Side Caching UIMicrosoft Corporationc:\winnt\system32\cscui.dll

+ Offline Files MenuClient Side Caching UIMicrosoft Corporationc:\winnt\system32\cscui.dll

+ OLE Docfile Property PageOLE DocFile Property PageMicrosoft Corporationc:\winnt\system32\docprop.dll

+ Open With Context Menu HandlerWindows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll

+ PlusPack CPL ExtensionEffects Control Panel extensionMicrosoft Corporationc:\winnt\system32\plustab.dll

+ PostAgentWeb Site MonitorMicrosoft Corporationc:\winnt\system32\webcheck.dll

+ Printers Security PageSecurity Shell ExtensionMicrosoft Corporationc:\winnt\system32\rshx32.dll

+ Search Assistant OCShell Doc Object and Control LibraryMicrosoft Corporationc:\winnt\system32\shdocvw.dll

+ Sendmail serviceSend MailMicrosoft Corporationc:\winnt\system32\sendmail.dll

+ Sendmail serviceSend MailMicrosoft Corporationc:\winnt\system32\sendmail.dll

+ Shell Application ManagerShell Application ManagerMicrosoft Corporationc:\winnt\system32\appwiz.cpl

+ Shell Automation Folder ViewWindows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll

+ Shell Automation Inproc ServiceShell Doc Object and Control LibraryMicrosoft Corporationc:\winnt\system32\shdocvw.dll

+ Shell Automation ServiceWindows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll

+ Shell Band Site MenuShell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll

+ Shell DocObject ViewerShell Doc Object and Control LibraryMicrosoft Corporationc:\winnt\system32\shdocvw.dll

+ Shell Drag and Drop helperWindows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll

+ Shell extensions for Microsoft Windows Network objectsNetwork object shell UIMicrosoft Corporationc:\winnt\system32\ntlanui2.dll

+ Shell extensions for sharingShell extensions for sharingMicrosoft Corporationc:\winnt\system32\ntshrui.dll

+ Shell extensions for sharingShell extensions for sharingMicrosoft Corporationc:\winnt\system32\ntshrui.dll

+ Shell Favorite FolderWindows Shell Common DllMicrosoft Corporationc:\winnt\system32\shell32.dll

+ Shell properties for a DS objectDirectory Service UIMicrosoft Corporationc:\winnt\system32\dsfolder.dll

+ Shell Scrap DataHandlerShell scrap object handlerMicrosoft Corporationc:\winnt\system32\shscrap.dll

+ Subscription MgrWeb Site MonitorMicrosoft Corporationc:\winnt\system32\webcheck.dll

+ Tasks Folder Icon HandlerTask Scheduler interface DLLMicrosoft Corporationc:\winnt\system32\mstask.dll

+ Tasks Folder Shell ExtensionTask Scheduler interface DLLMicrosoft Corporationc:\winnt\system32\mstask.dll

+ TrayAgentWeb Site MonitorMicrosoft Corporationc:\winnt\system32\webcheck.dll

+ TridentImageExtractorShell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll

+ Web FoldersMicrosoft Web FoldersMicrosoft Corporationc:\program files\common files\microsoft shared\web folders\msonsext.dll

+ Web Printer Shell ExtensionPrint UI DLLMicrosoft Corporationc:\winnt\system32\printui.dll

+ Web 搜索Shell Browser UI LibraryMicrosoft Corporationc:\winnt\system32\browseui.dll

+ WebCheckWeb Site MonitorMicrosoft Corporationc:\winnt\system32\webcheck.dll

+ WebCheck SyncMgr HandlerWeb Site MonitorMicrosoft Corporationc:\winnt\system32\webcheck.dll

+ WebCheckChannelAgentWeb Site MonitorMicrosoft Corporationc:\winnt\system32\webcheck.dll

+ WebCheckWebCrawlerWeb Site MonitorMicrosoft Corporationc:\winnt\system32\webcheck.dll
BlackStone - 2005-11-30 15:57:00
保存日志时注意选择Options->Hide Microsoft Entries菜单项(设置了这项后点工具栏的刷新按钮)
1
查看完整版本: 紧急求助!
© 2000 - 2026 Rising Corp. Ltd.