瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 C:\CONFIG.EXE 电脑咚咚 声 如何删除啊 急

123   2  /  3  页   跳转

C:\CONFIG.EXE 电脑咚咚 声 如何删除啊 急

收藏
yangin
头像
初生襁褓狮
  • 帖子:13
  • 注册: 2007-03-31
  • 来自:
发表于: 2007-04-01 09:49 | 只看楼主 短消息 资料
字号: 11楼

[C:\Program Files\Windows Live Toolbar\msntb.dll]  [Microsoft Corporation, 03.00.0000.1615]
    [C:\Program Files\Windows Live Toolbar\zh-hk\mtbres.dll.mui]  [Microsoft Corporation, 03.00.0000.1615]
    [C:\Program Files\Windows Live Toolbar\mtbres.dll]  [Microsoft Corporation, 03.00.0000.1615]
    [C:\Program Files\Windows Live Toolbar\Tem.dll]  [Microsoft Corporation, 03.00.0000.1615]
    [C:\Program Files\Windows Live Toolbar\zh-hk\CMRes.dll.mui]  [Microsoft Corporation, 03.00.0000.1615]
    [C:\Program Files\Windows Live Toolbar\CMRes.dll]  [Microsoft Corporation, 03.00.0000.1615]
    [C:\Program Files\Windows Live Toolbar\zh-hk\msn_slrs.DLL.mui]  [Microsoft Corporation, 03.00.0000.1615]
    [C:\Program Files\Windows Live Toolbar\msn_slrs.DLL]  [Microsoft Corporation, 03.00.0000.1615]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_007.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.7.2006011200]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll]  [Microsoft Corporation, 4.000.249.1]
    [C:\Program Files\Common Files\Microsoft Shared\Windows Live\msidcrl40.dll]  [Microsoft Corporation, 4.000.249.1]
    [C:\Program Files\Windows Live Toolbar\stmain.dll]  [Microsoft Corporation, 03.00.0000.1615]
    [C:\Program Files\Windows Live Toolbar\cm.dll]  [Microsoft Corporation, 03.00.0000.1615]
    [C:\Program Files\Windows Live Toolbar\msn_slps.dll]  [Microsoft Corporation, 03.00.0000.1615]
    [C:\WINDOWS\system32\nview.dll]  [, ]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [c:\Syswm1i\Ghook.dll]  [N/A, ]
    [c:\SysWsj7\Ghook.dll]  [N/A, ]
[PID: 2376][C:\WINDOWS\system32\5D851B22.exe]  [N/A, ]
    [C:\WINDOWS\system32\MSVBVM60.DLL]  [Microsoft Corporation, 6.00.9690]
    [C:\WINDOWS\system32\nview.dll]  [, ]
    [c:\Syswm1i\Ghook.dll]  [N/A, ]
    [c:\SysWsj7\Ghook.dll]  [N/A, ]
[PID: 2384][C:\WINDOWS\ATK0100\ATKOSD.exe]  [, 1043, 2, 15, 57]
    [C:\WINDOWS\system32\nview.dll]  [, ]
    [c:\SysWsj7\Ghook.dll]  [N/A, ]
    [c:\Syswm1i\Ghook.dll]  [N/A, ]
[PID: 2432][C:\Program Files\Common Files\Teleca Shared\Generic.exe]  [Teleca Software Solutions, 1, 0, 3, 2]
    [C:\Program Files\Common Files\Teleca Shared\Telecalib_logging.dll]  [Teleca/Popwire AB, 1, 0, 2, 3]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\Teleca Shared\boost_log-vc71-mt-1_32.dll]  [N/A, ]
    [C:\WINDOWS\system32\msxml4.dll]  [Microsoft Corporation, 4.20.9841.0]
    [C:\Program Files\Common Files\Teleca Shared\TC Device Mgmt.dll]  [Teleca Software Solutions, 1, 0, 1, 1]
    [C:\WINDOWS\system32\nview.dll]  [, ]
    [C:\WINDOWS\system32\nvwddi.dll]  [NVIDIA Corporation, 6.14.10.8426]
    [C:\Program Files\Sony Ericsson\Mobile2\Device Manager\SpecificMPM.dll]  [SonyEricsson, 1, 0, 2, 1]
    [C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\anubisps.dll]  [N/A, ]
    [C:\Program Files\Common Files\Teleca Shared\SpecificUSB.dll]  [Popwire AB, 1, 2, 1, 1]
    [C:\Program Files\Common Files\Teleca Shared\tlib_log.dll]  [Popwire AB, 1, 0, 3, 3]
    [C:\Program Files\Common Files\Teleca Shared\boost_log-vc71-mt-1_33.dll]  [N/A, ]
    [c:\SysWsj7\Ghook.dll]  [N/A, ]
    [c:\Syswm1i\Ghook.dll]  [N/A, ]
[PID: 2528][C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe]  [Sony Ericsson Mobile Communications AB, 1, 2, 0,1186]
    [C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\ShowMfcDialog.dll]  [Sony Ericsson Mobile Communications AB, 1, 0, 0,118]
    [C:\WINDOWS\system32\nview.dll]  [, ]
    [C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\Capires0804.DLL]  [Popwire AB, 1, 0, 0,2013]
    [C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\anubisps.dll]  [N/A, ]
    [C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\cabmain.dll]  [Sony Ericsson Mobile Communications AB, 1, 0, 0,1222]
    [C:\WINDOWS\system32\msxml4.dll]  [Microsoft Corporation, 4.20.9841.0]
    [C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\msmeirsock_object.dll]  [Sony Ericsson Mobile Communications AB, 1, 0, 0,941]
    [C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\ms98irsock_object.dll]  [Sony Ericsson Mobile Communications AB, 1, 0, 0,986]
    [C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\msirsock_object.dll]  [Sony Ericsson Mobile Communications AB, 1, 0, 0,998]
    [c:\SysWsj7\Ghook.dll]  [N/A, ]
    [c:\Syswm1i\Ghook.dll]  [N/A, ]
[PID: 3936][C:\WINDOWS\system32\ntvdm.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3952][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\nview.dll]  [, ]
    [c:\SysWsj7\Ghook.dll]  [N/A, ]
    [c:\Syswm1i\Ghook.dll]  [N/A, ]
[PID: 3096][F:\War3\VS竞技游戏平台\VSClient.exe]  [广州唯思软件有限公司, 1, 1, 0, 1]
    [F:\War3\VS竞技游戏平台\CSDT.dll]  [N/A, ]
    [F:\War3\VS竞技游戏平台\WYClientDataAPI.dll]  [N/A, ]
    [F:\War3\VS竞技游戏平台\VSFace.dll]  [N/A, ]
    [F:\War3\VS竞技游戏平台\VSIPC.dll]  [N/A, ]
    [F:\War3\VS竞技游戏平台\MSVCP60.dll]  [Microsoft Corporation, 6.00.8972.0]
    [F:\War3\VS竞技游戏平台\dbghelp.dll]  [Microsoft Corporation, 5.00.2195.6613]
    [F:\War3\VS竞技游戏平台\WARDT.dll]  [N/A, ]
    [F:\War3\VS竞技游戏平台\WEDT.dll]  [N/A, ]
    [F:\War3\VS竞技游戏平台\scscdt.dll]  [N/A, ]
    [F:\War3\VS竞技游戏平台\MapSource.dll]  [N/A, ]
    [F:\War3\VS竞技游戏平台\LiveCtrl.dll]  [N/A, ]
    [F:\War3\VS竞技游戏平台\SCLiveDT.dll]  [N/A, ]
    [F:\War3\VS竞技游戏平台\VSRes.dll]  [N/A, ]
    [C:\WINDOWS\system32\nview.dll]  [, ]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\nvwddi.dll]  [NVIDIA Corporation, 6.14.10.8426]
    [c:\Syswm1i\Ghook.dll]  [N/A, ]
    [c:\SysWsj7\Ghook.dll]  [N/A, ]
gototop
 
yangin
头像
初生襁褓狮
  • 帖子:13
  • 注册: 2007-03-31
  • 来自:
发表于: 2007-04-01 09:50 | 只看楼主 短消息 资料
字号: 12楼

[PID: 2064][C:\Program Files\Tencent\TT\TTraveler.exe]  [腾讯公司, 3.2.200.275]
    [C:\WINDOWS\system32\nview.dll]  [, ]
    [C:\Program Files\Tencent\TT\Plugins\QQFloatBar\QQFloatBar4TT2.dll]  [腾讯公司, 1, 1, 0, 5]
    [C:\Program Files\Tencent\TT\Plugins\TWeather\TWeather.dll]  [, 1, 0, 0, 3]
    [C:\Program Files\Tencent\TT\PersonalDesktop.dll]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 4]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [C:\WINDOWS\system32\nvwddi.dll]  [NVIDIA Corporation, 6.14.10.8426]
    [C:\WINDOWS\system32\PNCRT.dll]  [Real Networks, Inc, 6.0.0.0]
    [C:\Program Files\Common Files\Real\Common\pnrs3260.dll]  [RealNetworks, Inc., 6.0.9.4317]
    [C:\Program Files\Common Files\Microsoft Shared\INK\PENCHS.DLL]  [Microsoft Corporation, 1.0.1038.0]
    [c:\Syswm1i\Ghook.dll]  [N/A, ]
    [c:\SysWsj7\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
[PID: 3784][C:\Program Files\Tencent\QQ\QQ.EXE]  [TENCENT, 0, 0, 0, 0]
    [C:\Program Files\Tencent\QQ\QQBaseClassInDll.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQHelperDll.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\BasicCtrlDll.dll]  [Tencent, 7, 0, 101, 80]
    [C:\Program Files\Tencent\QQ\MFC42.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [C:\WINDOWS\system32\nview.dll]  [, ]
    [C:\Program Files\Tencent\QQ\RICHED32.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [C:\Program Files\Tencent\QQ\RICHED20.dll]  [Microsoft Corporation, 5.31.23.1218]
    [C:\Program Files\Tencent\QQ\QQAPI.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
    [C:\Program Files\Tencent\QQ\LoginCtrl.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\npkcntc.dll]  [INCA Internet Co., Ltd., 2006, 6, 27, 1]
    [C:\Program Files\Tencent\QQ\npkpdb.dll]  [INCA Internet Co., Ltd., 2003, 10, 1, 1]
    [C:\Program Files\Tencent\QQ\LoginCtrlRes.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQRes.dll]  [tencent, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQMainFrame.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\CQQApplication.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\NewSkin.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\HostingMgr.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\CameraDll.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\MailSummary.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQKnowledgeSearch.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQAllInOne.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\GroupLive.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\SCCore.dll]  [TENCENT, 2, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\gdiplus.dll]  [Microsoft Corporation, 5.1.3102.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Tencent\QQ\QQSpace.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\vbscript.dll]  [Microsoft Corporation, 5.6.0.7426]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [C:\Program Files\Tencent\QQ\QQGroupMng.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\Tencent\QQ\UserDefinedHead.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQPlugin.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\QQConfigPlugin.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QRingMng.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\LongConnection.dll]  [tencent, 5, 0, 200, 160]
    [C:\Program Files\Tencent\QQ\QQAvatar.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [C:\Program Files\Tencent\QQ\QQPet.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\PhoneAPI.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\DialerAllinOne.dll]  [tencent, 1, 4, 0, 0]
    [C:\WINDOWS\system32\nvwddi.dll]  [NVIDIA Corporation, 6.14.10.8426]
    [C:\Program Files\Tencent\QQ\QQSysMsgMng.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\BQQApplication.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\CommercesMng.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\PersonalDesktop.dll]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
    [C:\Program Files\Tencent\QQ\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 280]
    [C:\Program Files\Tencent\QQ\QQSceneMng.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\QQPhoneHelper.dll]  [腾讯科技(深圳)有限公司, 2, 1, 6, 60]
    [C:\Program Files\Tencent\QQ\QQCustomFace.dll]  [N/A, ]
    [C:\WINDOWS\system32\msadp32.acm]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Tencent\QQ\ImageOle.dll]  [TODO: <Company name>, 1.0.0.1]
    [C:\Program Files\Tencent\QQ\GroupConnection.dll]  [Tencent, 0, 3, 3, 5]
    [C:\Program Files\Tencent\QQ\QQZip.dll]  [tencent, 0, 3, 2, 4]
    [c:\Syswm1i\Ghook.dll]  [N/A, ]
    [c:\SysWsj7\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
[PID: 1428][C:\Program Files\Tencent\QQ\TIMPlatform.exe]  [tencent, 0, 3, 1, 8]
    [C:\WINDOWS\system32\nview.dll]  [, ]
    [C:\Program Files\Tencent\QQ\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
[PID: 2056][C:\Program Files\360safe\safelive.exe]  [qihoo.com, 1, 0, 0, 1001]
    [C:\WINDOWS\system32\nview.dll]  [, ]
    [C:\Program Files\360safe\live.dll]  [Qihoo.Com, 1, 0, 0, 1002]
    [c:\SysWsj7\Ghook.dll]  [N/A, ]
    [c:\Syswm1i\Ghook.dll]  [N/A, ]
[PID: 2260][C:\WINDOWS\nortonq.exe]  [N/A, ]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\nortonq.dll]  [N/A, ]
[PID: 412][c:\Syswm1i\svchost.exe]  [N/A, ]
    [c:\Syswm1i\Ghook.dll]  [N/A, ]
[PID: 3868][c:\SysWsj7\svchost.exe]  [N/A, ]
    [c:\SysWsj7\Ghook.dll]  [N/A, ]
[PID: 3260][C:\Program Files\Tencent\QQ\QZone\Qzone.exe]  [腾讯公司, 1, 7, 101, 14]
    [C:\Program Files\Tencent\QQ\QZone\MFC42.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [C:\WINDOWS\system32\nview.dll]  [, ]
    [c:\SysWsj7\Ghook.dll]  [N/A, ]
    [c:\Syswm1i\Ghook.dll]  [N/A, ]
[PID: 3488][C:\WINDOWS\explorer.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\nview.dll]  [, ]
    [C:\WINDOWS\system32\nvwddi.dll]  [NVIDIA Corporation, 6.14.10.8426]
    [C:\WINDOWS\system32\7F5DA206.DLL]  [Microsoft Corporation, ]
    [c:\SysWsj7\Ghook.dll]  [N/A, ]
    [c:\Syswm1i\Ghook.dll]  [N/A, ]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_007.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.7.2006011200]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [C:\WINDOWS\system32\winform.dll]  [N/A, ]
    [C:\WINDOWS\system32\msccrt.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
    [C:\DOCUME~1\SUECHE~1\LOCALS~1\Temp\upxdnd.dll]  [N/A, ]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
[PID: 3604][C:\WINDOWS\system32\5D851B22.exe]  [N/A, ]
    [C:\WINDOWS\system32\MSVBVM60.DLL]  [Microsoft Corporation, 6.00.9690]
    [C:\WINDOWS\system32\nview.dll]  [, ]
    [c:\SysWsj7\Ghook.dll]  [N/A, ]
    [c:\Syswm1i\Ghook.dll]  [N/A, ]
[PID: 1416][C:\Documents and Settings\sue chen\桌面\新建文件夹 (2)\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]
    [C:\WINDOWS\system32\nview.dll]  [, ]
    [c:\SysWsj7\Ghook.dll]  [N/A, ]
    [c:\Syswm1i\Ghook.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
    [C:\WINDOWS\system32\nvwddi.dll]  [NVIDIA Corporation, 6.14.10.8426]

==================================
????
.TXT  Error. [C:\WINDOWS\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  Error. [C:\WINDOWS\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock ???
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS ??
127.0.0.1      localhost

==================================
API HOOK
N/A

==================================
????
N/A

==================================


[/CODE]
gototop
 
吾虾米
头像
无畏鲐背狮
  • 帖子:61064
  • 注册: 2003-06-09
  • 来自:彩云之南
卡卡名人堂
发表于: 2007-04-01 09:59 | 短消息 资料
字号: 13楼

C:\CONFIG.EXE 不知道是啥东东,一开机就把瑞星小绿伞给关了,我在手动删除CONFIG.EXE后,没再作怪了。
gototop
 
yangin
头像
初生襁褓狮
  • 帖子:13
  • 注册: 2007-03-31
  • 来自:
发表于: 2007-04-01 10:01 | 只看楼主 短消息 资料
字号: 14楼

可是重起后还是在的哦
gototop
 
赤日炎炎
头像
快乐黄口狮
  • 帖子:222
  • 注册: 2006-09-12
  • 来自:
发表于: 2007-04-01 10:01 | 短消息 资料
字号: 15楼

机器染了一大堆毒,不是单一的CONFIG.EXE。要删除C:\CONFIG.EXE首先要先结束进程C:\CONFIG.EXE,再将[TomDemoService / TomDemoService][Stopped/Auto Start]干掉,并将注册表里所有CONFIG.EXE键值干掉。
另外启动项
<333><C:\Syswm1i\svchost.exe> []
<4><C:\SysWsj7\svchost.exe> []
<POP><C:\Program Files\WindowsUpdate\3.exe> []
<Jiangmin KVFW><C:\Program Files\JiangMin\KVFW\KvfwMcl.exe> [N/A]
<norton><C:\WINDOWS\norton.exe> []
<winform><C:\WINDOWS\winform.exe> []
<nortonq><C:\WINDOWS\nortonq.exe> []
<mppds><C:\WINDOWS\mppds.exe> []
<msccrt><C:\WINDOWS\msccrt.exe> []
<cmdbcs><C:\WINDOWS\cmdbcs.exe> []
<upxdnd><C:\DOCUME~1\SUECHE~1\LOCALS~1\Temp\upxdnd.exe> []
服务项里
[7F5DA206 / 7F5DA206][Stopped/Auto Start]
<C:\WINDOWS\system32\7F5DA206.EXE -service><Microsoft Corporation>
[hpdj / hpdj][Stopped/Auto Start]
<C:\DOCUME~1\SUECHE~1\LOCALS~1\Temp\hpdj.exe -servicerunning=true -uninstall=hp deskjet 3500 series -product=><N/A>
也十之八九是病毒,按干掉[TomDemoService / TomDemoService][Stopped/Auto Start]的方法干掉
没仔细看,还有其他病毒
gototop
 
jmbt
头像
横据古稀狮
  • 帖子:8345
  • 注册: 2006-01-18
  • 来自:
瑞星金牌用户
发表于: 2007-04-01 10:09 | 短消息 资料
字号: 16楼

天哪,这么多病毒呀
gototop
 
spiritfire
头像
锋芒艾服狮
  • 帖子:1266
  • 注册: 2006-10-22
  • 来自:
发表于: 2007-04-01 10:11 | 短消息 资料
字号: 17楼

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<333><C:\Syswm1i\svchost.exe> []
<4><C:\SysWsj7\svchost.exe> []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

<POP><C:\Program Files\WindowsUpdate\3.exe> []
<norton><C:\WINDOWS\norton.exe> []
<winform><C:\WINDOWS\winform.exe> []
<nortonq><C:\WINDOWS\nortonq.exe> []
<mppds><C:\WINDOWS\mppds.exe> []
<msccrt><C:\WINDOWS\msccrt.exe> []
<cmdbcs><C:\WINDOWS\cmdbcs.exe> []
<upxdnd><C:\DOCUME~1\SUECHE~1\LOCALS~1\Temp\upxdnd.exe> []


[7F5DA206 / 7F5DA206][Stopped/Auto Start]
<C:\WINDOWS\system32\7F5DA206.EXE -service><Microsoft Corporation>

[TomDemoService / TomDemoService][Stopped/Auto Start]
<C:\CONFIG.EXE><N/A>


[Netgroup Packet Filter / NPF][Stopped/Manual Start]
<system32\DRIVERS\npf.sys><CACE Technologies>

用SREng删除以上启动项目及服务,安全模式下清空C:\DOCUME~1\SUECHE~1\LOCALS~1\Temp,并删除如下

文件:

C:\WINDOWS\system32\DRIVERS\npf.sys
C:\CONFIG.EXE
C:\WINDOWS\system32\7F5DA206.EXE
C:\Program Files\WindowsUpdate\3.exe
C:\WINDOWS\norton.exe
C:\WINDOWS\winform.exe
C:\WINDOWS\nortonq.exe
C:\WINDOWS\mppds.exe
C:\WINDOWS\msccrt.exe
C:\WINDOWS\cmdbcs.exe
C:\Syswm1i\svchost.exe
C:\SysWsj7\svchost.exe
c:\Syswm1i\Ghook.dll
c:\SysWsj7\Ghook.dll
C:\WINDOWS\system32\norton.dll
C:\WINDOWS\system32\5D851B22.exe
C:\WINDOWS\system32\nview.dll
C:\WINDOWS\system32\cmdbcs.dll
C:\WINDOWS\nortonq.exe
C:\WINDOWS\system32\nortonq.dll
C:\WINDOWS\system32\mppds.dll
[C:\WINDOWS\system32\winform.dll
[C:\WINDOWS\system32\msccrt.dll
[C:\WINDOWS\system32\cmdbcs.dll

置顶的工具帖子中下载,killbox,运行后,填入下面文件路径,勾选“替换后重启”处理!
C:\WINDOWS\system32\7F5DA206.DLL

卸载掉QQ,删除整个tencent文件夹,重新安装QQ,兔子完整清理系统!

PS:最好用农夫的威金专杀断网杀一遍!
gototop
 
spiritfire
头像
锋芒艾服狮
  • 帖子:1266
  • 注册: 2006-10-22
  • 来自:
发表于: 2007-04-01 10:14 | 短消息 资料
字号: 18楼

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<333><C:\Syswm1i\svchost.exe> []
<4><C:\SysWsj7\svchost.exe> []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

<POP><C:\Program Files\WindowsUpdate\3.exe> []
<norton><C:\WINDOWS\norton.exe> []
<winform><C:\WINDOWS\winform.exe> []
<nortonq><C:\WINDOWS\nortonq.exe> []
<mppds><C:\WINDOWS\mppds.exe> []
<msccrt><C:\WINDOWS\msccrt.exe> []
<cmdbcs><C:\WINDOWS\cmdbcs.exe> []
<upxdnd><C:\DOCUME~1\SUECHE~1\LOCALS~1\Temp\upxdnd.exe> []


[7F5DA206 / 7F5DA206][Stopped/Auto Start]
<C:\WINDOWS\system32\7F5DA206.EXE -service><Microsoft Corporation>

[TomDemoService / TomDemoService][Stopped/Auto Start]
<C:\CONFIG.EXE><N/A>


[Netgroup Packet Filter / NPF][Stopped/Manual Start]
<system32\DRIVERS\npf.sys><CACE Technologies>

用SREng删除以上启动项目及服务,安全模式下清空C:\DOCUME~1\SUECHE~1\LOCALS~1\Temp,并删除如下

文件:

C:\WINDOWS\system32\DRIVERS\npf.sys
C:\CONFIG.EXE
C:\WINDOWS\system32\7F5DA206.EXE
C:\Program Files\WindowsUpdate\3.exe
C:\WINDOWS\norton.exe
C:\WINDOWS\winform.exe
C:\WINDOWS\nortonq.exe
C:\WINDOWS\mppds.exe
C:\WINDOWS\msccrt.exe
C:\WINDOWS\cmdbcs.exe
C:\Syswm1i\svchost.exe
C:\SysWsj7\svchost.exe
c:\Syswm1i\Ghook.dll
c:\SysWsj7\Ghook.dll
C:\WINDOWS\system32\norton.dll
C:\WINDOWS\system32\5D851B22.exe
C:\WINDOWS\system32\nview.dll
C:\WINDOWS\system32\cmdbcs.dll
C:\WINDOWS\nortonq.exe
C:\WINDOWS\system32\nortonq.dll
C:\WINDOWS\system32\mppds.dll
[C:\WINDOWS\system32\winform.dll
[C:\WINDOWS\system32\msccrt.dll
[C:\WINDOWS\system32\cmdbcs.dll

置顶的工具帖子中下载,killbox,运行后,填入下面文件路径,勾选“替换后重启”处理!
C:\WINDOWS\system32\7F5DA206.DLL

卸载掉QQ,删除整个tencent文件夹,重新安装QQ,兔子完整清理系统!

PS:最好用农夫的威金专杀断网杀一遍!
gototop
 
newcenturymoon
头像
社区嘉宾
  • 帖子:15158
  • 注册: 2005-08-03
  • 来自:
论坛8周年活动礼物幸运草
发表于: 2007-04-01 10:17 | 短消息 资料
字号: 19楼

C:\CONFIG.EXE是最新的蠕虫病毒
gototop
 
竹林ぁ风
头像
健康舞勺狮
  • 帖子:260
  • 注册: 2007-01-03
  • 来自:
发表于: 2007-04-01 10:27 | 短消息 资料
字号: 20楼

引用:
【spiritfire的贴子】[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<333><C:\Syswm1i\svchost.exe> []
<4><C:\SysWsj7\svchost.exe> []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

<POP><C:\Program Files\WindowsUpdate\3.exe> []
<norton><C:\WINDOWS\norton.exe> []
<winform><C:\WINDOWS\winform.exe> []
<nortonq><C:\WINDOWS\nortonq.exe> []
<mppds><C:\WINDOWS\mppds.exe> []
<msccrt><C:\WINDOWS\msccrt.exe> []
<cmdbcs><C:\WINDOWS\cmdbcs.exe> []
<upxdnd><C:\DOCUME~1\SUECHE~1\LOCALS~1\Temp\upxdnd.exe> []


[7F5DA206 / 7F5DA206][Stopped/Auto Start]
<C:\WINDOWS\system32\7F5DA206.EXE -service><Microsoft Corporation>

[TomDemoService / TomDemoService][Stopped/Auto Start]
<C:\CONFIG.EXE><N/A>


[Netgroup Packet Filter / NPF][Stopped/Manual Start]
<system32\DRIVERS\npf.sys><CACE Technologies>

用SREng删除以上启动项目及服务,安全模式下清空C:\DOCUME~1\SUECHE~1\LOCALS~1\Temp,并删除如下

文件:

C:\WINDOWS\system32\DRIVERS\npf.sys
C:\CONFIG.EXE
C:\WINDOWS\system32\7F5DA206.EXE
C:\Program Files\WindowsUpdate\3.exe
C:\WINDOWS\norton.exe
C:\WINDOWS\winform.exe
C:\WINDOWS\nortonq.exe
C:\WINDOWS\mppds.exe
C:\WINDOWS\msccrt.exe
C:\WINDOWS\cmdbcs.exe
C:\Syswm1i\svchost.exe
C:\SysWsj7\svchost.exe
c:\Syswm1i\Ghook.dll
c:\SysWsj7\Ghook.dll
C:\WINDOWS\system32\norton.dll
C:\WINDOWS\system32\5D851B22.exe
C:\WINDOWS\system32\nview.dll
C:\WINDOWS\system32\cmdbcs.dll
C:\WINDOWS\nortonq.exe
C:\WINDOWS\system32\nortonq.dll
C:\WINDOWS\system32\mppds.dll
[C:\WINDOWS\system32\winform.dll
[C:\WINDOWS\system32\msccrt.dll
[C:\WINDOWS\system32\cmdbcs.dll

置顶的工具帖子中下载,killbox,运行后,填入下面文件路径,勾选“替换后重启”处理!
C:\WINDOWS\system32\7F5DA206.DLL

卸载掉QQ,删除整个tencent文件夹,重新安装QQ,兔子完整清理系统!

PS:最好用农夫的威金专杀断网杀一遍!
………………

好多,我都看不下去~!~!楼上的真厉害~!
gototop
 
<<上一主题|下一主题>>
123   2  /  3  页   跳转
页面顶部
Powered by Discuz!NT