瑞星卡卡安全论坛

首页 » 技术交流区 » 系统软件 » 【求助】一按键盘就重起
女校男生 - 2007-1-25 14:46:00
我同学昨晚从百度下了一个QQ 解压后昨天没事
今天突然一碰键盘就重起机器 而且瑞星提示 有中搜木马
Trojan.zhongsou.a
Trojan.spy.Agent.xx
Trojan.spy.Agent.anj
瑞星无法删除
到进入该软件(中搜)的安装目录(C:\Program Files\SearchNet),找到卸载程序(类似uninstall.exe),运行后将该软件卸载。这个方法也不行 瑞星会阻止

晕 有解决方法吗
奇迹创造者 - 2007-1-25 14:52:00
瑞星阻止?
女校男生 - 2007-1-25 14:56:00
引用:
【奇迹创造者的贴子】瑞星阻止?
………………

是啊 没办法卸载
奇迹创造者 - 2007-1-25 14:59:00
怎么个阻止?是无法打开卸载程序还是别的?
女校男生 - 2007-1-25 15:02:00
能打开卸载 但是开始卸载的时候 瑞星会提示 发现病毒
卸载进程被打断
已成过去 - 2007-1-25 15:02:00
......肯定你自己调的不对吧..
奇迹创造者 - 2007-1-25 15:05:00
那用卡卡的“流氓软件清理”试试
女校男生 - 2007-1-25 15:09:00
中搜是木马用卡卡的“流氓软件清理”能行吗
奇迹创造者 - 2007-1-25 15:10:00
【回复“女校男生”的帖子】应该能行的,记得我同学就是这样的
魔刀镇天 - 2007-1-25 17:26:00
F8进去安全模式,瑞星就不运行了,在这下面卸载
Japig - 2007-1-25 17:28:00
监控全关了再卸
女校男生 - 2007-1-25 19:46:00
好象中了冲击波
女校男生 - 2007-1-25 19:46:00
引用:
【奇迹创造者的贴子】那用卡卡的“流氓软件清理”试试
………………

清了 但是还是不能卸载
叶·幽思 - 2007-1-25 19:53:00
应该到反病毒版问

转:

发求助帖的必要内容:

中毒症状
相关的病毒报告(专业反病毒软件处理的结果)
病毒/可疑文件所在目录的位置(完整路径)
病毒名称
扫描日志(log)等作为辅助。
ADL - 2007-1-25 19:54:00
安全模式下全盘杀,再用360清一下流氓!
女校男生 - 2007-1-25 20:26:00
引用:
【叶·幽思的贴子】应该到反病毒版问

转:

发求助帖的必要内容:

中毒症状
相关的病毒报告(专业反病毒软件处理的结果)
病毒/可疑文件所在目录的位置(完整路径)
病毒名称
扫描日志(log)等作为辅助。
………………

我知道 但是我同学上不了QQ 一碰键盘就重起没法输如密码 网站
他打电话跟我说了一下症状 我也不知道怎么办了 希望大家能根据提供的线索判断一下
ADL - 2007-1-25 20:35:00
14
女校男生 - 2007-1-25 20:41:00
引用:
【ADL的贴子】安全模式下全盘杀,再用360清一下流氓!
………………

我让他试过
瑞星全盘杀 出现3个文件
Trojan.zhongsou.a
Trojan.spy.Agent.xx
Trojan.spy.Agent.anj

不过我让他用卡卡助手 杀流氓软件 一碰键盘还是重起

我感觉要重装系统了
ADL - 2007-1-25 20:45:00
不动键盘,用老鼠操作呢?

换键盘试!
Japig - 2007-1-25 20:51:00
引用:
【ADL的贴子】不动键盘,用老鼠操作呢?

换键盘试!
………………



!!!  顶ADL  应该先换键盘的
Japig - 2007-1-25 20:54:00
换个USB口的键盘试
叶·幽思 - 2007-1-25 21:03:00
引用:
【女校男生的贴子】
我知道 但是我同学上不了QQ 一碰键盘就重起没法输如密码 网站
他打电话跟我说了一下症状 我也不知道怎么办了 希望大家能根据提供的线索判断一下
………………



偶今天帮一个人弄电脑弄了一天
女校男生 - 2007-1-25 21:05:00
在此谢谢大家的意见了
ADL - 2007-1-25 21:06:00
厉害
女校男生 - 2007-1-25 21:06:00
引用:
【叶·幽思的贴子】


偶今天帮一个人弄电脑弄了一天
………………

我也是眼睛都痛 我关键和我同学不在一起他又没法上网
远程指挥好累 话费也多
叶·幽思 - 2007-1-25 21:27:00
引用:
【女校男生的贴子】
我也是眼睛都痛 我关键和我同学不在一起他又没法上网
远程指挥好累 话费也多
………………



就是远程,

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at:    20:41:50 2007-1-25

+ Scan result:   



C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\67QRSTUV\liveexup[1].cab/alliveex.dll -> Adware.Cdn : Ignored.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6LW3YX65\keepmainM[1].cab/cns1.exe -> Adware.Cdn : Ignored.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BV9FJLOW\scrblkup[1].cab/ScrBlock.dll -> Adware.Cdn : Ignored.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\CBB7IOTT\keepmainM[1].cab/cns1.exe -> Adware.Cdn : Ignored.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\CBB7IOTT\liveexup[1].cab/alliveex.dll -> Adware.Cdn : Ignored.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\QHR0DK7I\keepmainM[1].cab/cns1.exe -> Adware.Cdn : Ignored.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\QHR0DK7I\liveexup[1].cab/alliveex.dll -> Adware.Cdn : Ignored.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\R9CYLDAZ\liveexup[1].cab/alliveex.dll -> Adware.Cdn : Ignored.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\R9CYLDAZ\scrblkup[1].cab/ScrBlock.dll -> Adware.Cdn : Ignored.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\S18V4BGV\keepmainM[1].cab/cns1.exe -> Adware.Cdn : Ignored.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\UJKAMX76\keepmainM[1].cab/cns1.exe -> Adware.Cdn : Ignored.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\W9YBC1EF\liveexup[1].cab/alliveex.dll -> Adware.Cdn : Ignored.
C:\System Volume Information\_restore{51C4E32F-FF1B-4D1F-86C8-9256010ABE6A}\RP42\A0032610.exe -> Adware.Cdn : Ignored.
C:\System Volume Information\_restore{51C4E32F-FF1B-4D1F-86C8-9256010ABE6A}\RP42\A0032669.exe -> Adware.Cdn : Ignored.
C:\System Volume Information\_restore{51C4E32F-FF1B-4D1F-86C8-9256010ABE6A}\RP43\A0034788.exe -> Adware.Cdn : Ignored.
C:\System Volume Information\_restore{51C4E32F-FF1B-4D1F-86C8-9256010ABE6A}\RP43\A0034906.exe -> Adware.Cdn : Ignored.
C:\System Volume Information\_restore{51C4E32F-FF1B-4D1F-86C8-9256010ABE6A}\RP43\A0034949.exe -> Adware.Cdn : Ignored.
C:\System Volume Information\_restore{51C4E32F-FF1B-4D1F-86C8-9256010ABE6A}\RP44\A0034996.dll -> Adware.Cdn : Ignored.
C:\System Volume Information\_restore{51C4E32F-FF1B-4D1F-86C8-9256010ABE6A}\RP44\A0034998.dll -> Adware.Cdn : Ignored.
C:\System Volume Information\_restore{51C4E32F-FF1B-4D1F-86C8-9256010ABE6A}\RP44\A0035042.exe -> Adware.Cdn : Ignored.
C:\System Volume Information\_restore{51C4E32F-FF1B-4D1F-86C8-9256010ABE6A}\RP44\A0035068.exe -> Adware.Cdn : Ignored.
C:\System Volume Information\_restore{51C4E32F-FF1B-4D1F-86C8-9256010ABE6A}\RP44\A0035104.dll -> Adware.Cdn : Ignored.
C:\System Volume Information\_restore{51C4E32F-FF1B-4D1F-86C8-9256010ABE6A}\RP44\A0035106.dll -> Adware.Cdn : Ignored.
C:\System Volume Information\_restore{51C4E32F-FF1B-4D1F-86C8-9256010ABE6A}\RP44\A0035138.exe -> Adware.Cdn : Ignored.
C:\System Volume Information\_restore{51C4E32F-FF1B-4D1F-86C8-9256010ABE6A}\RP45\A0035174.exe -> Adware.Cdn : Ignored.
C:\System Volume Information\_restore{51C4E32F-FF1B-4D1F-86C8-9256010ABE6A}\RP45\A0035285.exe -> Adware.Cdn : Ignored.
C:\System Volume Information\_restore{51C4E32F-FF1B-4D1F-86C8-9256010ABE6A}\RP45\A0035318.exe -> Adware.Cdn : Ignored.
C:\System Volume Information\_restore{51C4E32F-FF1B-4D1F-86C8-9256010ABE6A}\RP45\A0035356.dll -> Adware.Cdn : Ignored.
C:\System Volume Information\_restore{51C4E32F-FF1B-4D1F-86C8-9256010ABE6A}\RP45\A0035366.dll -> Adware.Cdn : Ignored.
C:\boot\ghos\ghost_p.exe -> Downloader.VB.aem : Ignored.
C:\Documents and Settings\Administrator\Cookies\administrator@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\Administrator\Cookies\administrator@adbrite[1].txt -> TrackingCookie.Adbrite : Ignored.
C:\Documents and Settings\Administrator\Cookies\administrator@adbrite[3].txt -> TrackingCookie.Adbrite : Ignored.
C:\Documents and Settings\Administrator\Cookies\administrator@adrevolver[3].txt -> TrackingCookie.Adrevolver : Ignored.
C:\Documents and Settings\Administrator\Cookies\administrator@advertising[1].txt -> TrackingCookie.Advertising : Ignored.
C:\Documents and Settings\Administrator\Cookies\administrator@atdmt[2].txt -> TrackingCookie.Atdmt : Ignored.
C:\Documents and Settings\Administrator\Cookies\administrator@doubleclick[1].txt -> TrackingCookie.Doubleclick : Ignored.
C:\Documents and Settings\Administrator\Cookies\administrator@fastclick[2].txt -> TrackingCookie.Fastclick : Ignored.
C:\Documents and Settings\Administrator\Cookies\administrator@media.fastclick[2].txt -> TrackingCookie.Fastclick : Ignored.
C:\Documents and Settings\Administrator\Cookies\administrator@ehg-nokiafin.hitbox[1].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\Administrator\Cookies\administrator@hitbox[2].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\Administrator\Cookies\administrator@mediaplex[1].txt -> TrackingCookie.Mediaplex : Ignored.
C:\Documents and Settings\Administrator\Cookies\administrator@stat.onestat[2].txt -> TrackingCookie.Onestat : Ignored.
C:\Documents and Settings\Administrator\Cookies\administrator@serving-sys[1].txt -> TrackingCookie.Serving-sys : Ignored.
C:\Documents and Settings\Administrator\Cookies\administrator@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Ignored.

Ad-Aware SE Personal:

ArchiveData(auto-quarantine- 2007-01-25 21-06-43.bckp)
Referencefile : SE1R146 22.01.2007
======================================================

MRU LIST
换换换换换换换换换换换换换换换换换换换
obj[0]=MRU FileReference : C:\Documents and Settings\Administrator\Application Data\microsoft\office\recent\Templates.LNK
obj[1]=MRU FileReference : C:\Documents and Settings\Administrator\recent\Desktop.ini
obj[2]=MRU FileReference : C:\Documents and Settings\Administrator\Application Data\microsoft\office\recent\新建 Microsoft Excel 工作表.LNK
obj[3]=MRU RegReference : S-1-5-21-433110363-1252414035-2978987668-500\software\microsoft\direct3d\mostrecentapplication name
obj[4]=MRU RegReference : software\microsoft\direct3d\mostrecentapplication name
obj[5]=MRU RegReference : S-1-5-21-433110363-1252414035-2978987668-500\software\microsoft\direct3d\mostrecentapplication name
obj[6]=MRU RegReference : software\microsoft\direct3d\mostrecentapplication name
obj[7]=MRU RegReference : software\microsoft\directdraw\mostrecentapplication name
obj[8]=MRU RegReference : S-1-5-21-433110363-1252414035-2978987668-500\software\microsoft\directinput\mostrecentapplication name
obj[9]=MRU RegReference : S-1-5-21-433110363-1252414035-2978987668-500\software\microsoft\directinput\mostrecentapplication id
obj[10]=MRU RegReference : S-1-5-21-433110363-1252414035-2978987668-500\software\microsoft\mediaplayer\medialibraryui mllastselectednode
obj[11]=MRU RegReference : S-1-5-21-433110363-1252414035-2978987668-500\software\microsoft\mediaplayer\player\settings opendir
obj[12]=MRU RegReference : S-1-5-21-433110363-1252414035-2978987668-500\software\microsoft\mediaplayer\preferences lastplaylistindex
obj[13]=MRU RegReference : S-1-5-21-433110363-1252414035-2978987668-500\software\microsoft\mediaplayer\preferences lastplaylist
obj[14]=MRU RegReference : S-1-5-21-433110363-1252414035-2978987668-500\software\microsoft\mediaplayer\preferences searchpath
obj[15]=MRU RegReference : S-1-5-21-433110363-1252414035-2978987668-500\software\microsoft\search assistant\acmru\5603
obj[16]=MRU RegReference : S-1-5-21-433110363-1252414035-2978987668-500\software\microsoft\search assistant\acmru\5604
obj[18]=MRU RegReference : S-1-5-21-433110363-1252414035-2978987668-500\software\microsoft\windows\currentversion\applets\regedit lastkey
obj[19]=MRU RegReference : S-1-5-21-433110363-1252414035-2978987668-500\software\microsoft\windows\currentversion\applets\wordpad\recent file list
obj[20]=MRU RegReference : S-1-5-21-433110363-1252414035-2978987668-500\software\microsoft\windows\currentversion\explorer\runmru
obj[21]=MRU RegReference : .DEFAULT\software\microsoft\windows media\wmsdk\general computername
obj[22]=MRU RegReference : S-1-5-18\software\microsoft\windows media\wmsdk\general computername
obj[23]=MRU RegReference : S-1-5-21-433110363-1252414035-2978987668-500\software\microsoft\windows media\wmsdk\general computername
obj[24]=MRU RegReference : S-1-5-21-433110363-1252414035-2978987668-500\software\winrar\dialogedithistory\extrpath

TRACKING COOKIE
换换换换换换换换换换换换换换换换换换换
obj[23]=IECache Entry : C:\Documents and Settings\Administrator\Cookies\administrator@adserver[1].txt
obj[24]=IECache Entry : C:\Documents and Settings\Administrator\Cookies\administrator@adrevolver[2].txt
obj[25]=IECache Entry : C:\Documents and Settings\Administrator\Cookies\administrator@0[1].txt
obj[26]=IECache Entry : C:\Documents and Settings\Administrator\Cookies\administrator@list[2].txt

POSSIBLE BROWSER HIJACK ATTEMPT
换换换换换换换换换换换换换换换换换换换
obj[27]=File : D:\Administrator文档和收藏夹\Favorites\免费在线翻译.url

SREng 日志里给他删了2个驱动
1
查看完整版本: 【求助】一按键盘就重起
© 2000 - 2026 Rising Corp. Ltd.