| 引用: |
| 【xp123的贴子】威金,用专杀吧,一种不行再换别的 ……………… |
| 引用: |
| 【xp123的贴子】威金,用专杀吧,一种不行再换别的 ……………… |
| 引用: |
| 【subomaoming的贴子】 威金是viking,搂主的不是,不过可能也有文件被感染了 ……………… |
| 引用: |
| 【jesselynn的贴子】感谢silencek ,subomaoming,★【正气大侠】★,xp123 对我的问题的关注 特别感谢subomaoming提供的方法,杀了那些木马后,打开文件不会关闭瑞星监控。现在用瑞星打开网络查杀毒已经20分钟还没有出现在黑屏的问题。 不过黑屏的问题是不是因为这个病毒引起我还不敢下定论,到明天我测试过才能确定。 还有一个问题是:有一些exe文件被感染后,图标变了,然后启动时弹出Dos那个窗口一闪而过,是否有办法把它们还原呢? 如果还原不了,也相当于重装系统了。 看来任务小毒都不能小看呀 ……………… |
| 引用: |
| 【sanjingshou的贴子】 EXE被感染的话,应该是威金所为 被感染的文件不要运行,否则前面的努力都是白费 ……………… |
| 引用: |
| 【jesselynn的贴子】 晕了,那些文件是还原不了的吗?我刚才运行了一个。不过那些威金用瑞星杀过了。 正在运行的进程 [PID: 196][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.00.2195.6601] [PID: 220][\??\C:\WINNT\system32\csrss.exe] [Microsoft Corporation, 5.00.2195.6601] [PID: 216][\??\C:\WINNT\system32\winlogon.exe] [Microsoft Corporation, 5.00.2195.6997] [C:\WINNT\system32\wdmaud.drv] [Microsoft Corporation, 5.00.2195.6673] [C:\WINNT\system32\msacm32.drv] [Microsoft Corporation, 5.00.2134.1] [PID: 272][C:\WINNT\system32\services.exe] [Microsoft Corporation, 5.00.2195.7035] [C:\WINNT\system32\dmserver.dll] [VERITAS Software Corp., 2195.6605.297.3] [PID: 976][C:\WINNT\Explorer.EXE] [Microsoft Corporation, 5.00.3700.6690] [C:\WINNT\AppPatch\AcLayers.DLL] [Microsoft Corporation, 5.00.2195.6717] [C:\WINNT\system32\wdmaud.drv] [Microsoft Corporation, 5.00.2195.6673] [C:\WINNT\system32\msacm32.drv] [Microsoft Corporation, 5.00.2134.1] [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20] [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0] [C:\Program Files\WinRAR\rarext.dll] [N/A, ] [C:\WINNT\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9] [C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5] [C:\Program Files\EditPlus 2\eppshell.dll] [N/A, ] [C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_007.dll] [Thunder Networking Technologies,LTD, 5, 0, 1, 4] [C:\WINNT\system32\xunleibho_v4.dll] [, 4, 3, 2, 29] [C:\PROGRA~1\MMSASS~1\Mmsass~1.dll] [, 1, 2, 0, 2] [C:\WINNT\system32\SBHOPlin.dll] [, 1, 0, 0, 1] [C:\WINNT\system32\msadp32.acm] [Microsoft Corporation, 5.00.2134.1] [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 7.0.0.0] [C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4] [PID: 1096][C:\Program Files\SkyNet\FireWall\PFW.exe] [天网, 2.7.2.1229] [C:\Program Files\SkyNet\FireWall\SKYMISC.DLL] [N/A, ] [PID: 924][C:\Program Files\Maxthon\Maxthon.exe] [Maxthon International Ltd., 1, 5, 9, 30] [C:\Program Files\Maxthon\maxzlib.dll] [ , 1, 0, 0, 2] [C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_007.dll] [Thunder Networking Technologies,LTD, 5, 0, 1, 4] [C:\PROGRA~1\MICROS~4\MSSQL\BINN\SQLCTR80.DLL] [Microsoft Corporation, 2000.080.0194.00] [C:\Program Files\Maxthon\Services\RealTime\real_time.dll] [, 1, 0, 0, 1] [C:\WINNT\system32\wdmaud.drv] [Microsoft Corporation, 5.00.2195.6673] [C:\WINNT\system32\msacm32.drv] [Microsoft Corporation, 5.00.2134.1] [C:\WINNT\system32\msadp32.acm] [Microsoft Corporation, 5.00.2134.1] [C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4] [C:\WINNT\system32\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0] [PID: 800][C:\Program Files\Rising\Rav\RsAgent.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 12] [C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1] [PID: 460][C:\WINNT\msagent\AgentSvr.exe] [Microsoft Corporation, 2.00.0.3424] [C:\WINNT\system32\wdmaud.drv] [Microsoft Corporation, 5.00.2195.6673] [C:\WINNT\system32\msacm32.drv] [Microsoft Corporation, 5.00.2134.1] [PID: 900][C:\Program Files\WinRAR\WinRAR.exe] [N/A, ] [PID: 1028][C:\DOCUME~1\ACHILL~1\LOCALS~1\Temp\Rar$EX00.313\SREng.EXE] [Smallfrogs Studio, 2.4.12.806] ……………… |