中毒了!!【求助】 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛中毒了!!【求助】

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

12

1 / 2 页

跳转页

中毒了!!【求助】

muenster 初生襁褓狮帖子:8 注册: 2006-12-23 来自:	发表于： 2006-12-23 07:52 \| 只看楼主短消息资料字号：小中大 1楼中毒了!!【求助】大家好!!我现在电脑中毒了，自己不是特别懂，想请大家帮忙。具体情况是这样的，刚开始只是电脑有点慢，没有太注意，觉得可能是网的问题。后来使用U盘从另一台电脑拷文件，到我的电脑上打开后，突然看到有三个文件多了！！一个好象是autorun.文件，是写字板文档，好奇心下我打开了它，可是打不开，三个都是！！后来没理它，把它删掉了，可后来在用硬件删除时出现了个小小的问题，硬件删除的菜单闪了一下就没了，没多心，直接拔下U盘没多想它，后来再使用U盘时这三个文件又出现了，又删掉，觉得奇怪，没多心想想！后来几次开机时，突然注意到我的金山一直关着的，当时一身冷汗，这好几天一直没有杀毒保护！！后来马上手启动金山杀毒，，可是没毒！！后来从办公室同事那里装了外国版的Avira antivirus，查处了"trojanische horst",开始竟然没反应过来，后来才想明白这是"木马"，后来马上开金山木马专杀，打开了闪一秒就没了！！赶快上网查木马，可是浏览器马上自动关闭！！完了！！赶快装NORTON杀毒，后来又在安全模式下杀了两遍，杀了几个小的，和一个木马，木马藏在一个RAR文件里，木马不能被高级删除，普通删了。我又按路径把所在的整个文件删了，总算送了口气。我的问题：1：我现在安全了么？？我发了份系统报告，希望大仙们指点迷经！！ 2：我拿U盘怎么办，哥们说，扔了吧，都被"马"踩的不成样了，可是我当时还接过我的MP3和新买的手机，难道都扔了？？？？？哭死！！！！ 3：我是双系统，一中文，一外文，病毒是在中文上发现的，外文几个月前死掉了，我现在再中文上把病毒删掉了，如果我下次偶然进入外文系统，可能不可能病毒再次被激活？？请各路神仙帮忙！！！！先谢了！！！！ 2006-12-23 16:30:53
muenster 初生襁褓狮帖子:8 注册: 2006-12-23 来自:	分享到：

鸟儿天上飞叱咤花甲狮帖子:2332 注册: 2006-11-30 来自:	发表于： 2006-12-23 07:55 \| 短消息资料字号：小中大 2楼下个日志看你删干净没有请下载SREng2（最新版），使用“智能扫描”，按下“扫描”按钮进行扫描，扫描完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告日志文件内容复制-粘贴上来,,日志一次粘不完，分次粘完，请不要修改。下载地址 http://www.kztechs.com/sreng/sreng2.zip
鸟儿天上飞叱咤花甲狮帖子:2332 注册: 2006-11-30 来自:

muenster 初生襁褓狮帖子:8 注册: 2006-12-23 来自:	发表于： 2006-12-23 07:55 \| 只看楼主短消息资料字号：小中大 3楼 2006-12-22,23:26:07 System Repair Engineer 2.2.6.605 Smallfrogs (http://www.KZTechs.com) Windows XP Professional Service Pack 1 (Build 2600) - 管理权限用户 - 完整功能以下内容被选中：所有的启动项目（包括注册表、启动文件夹、服务等）浏览器加载项正在运行的进程（包括进程模块信息）文件关联 Winsock 提供者 Autorun.inf HOSTS 文件启动项目注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] <ctfmon.exe><; F:\WINDOWS\System32\ctfmon.exe> [(Verified)Microsoft Corporation] <PcSync><; F:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog> [Time Information Services Ltd.] <Skype><; "F:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized> [(Verified)N/A] [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] <load><> [N/A] <run><> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <TkBellExe><"F:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.] <PCSuiteTrayApplication><; F:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -onlytray> [Nokia] <ccApp><"F:\Program Files\Common Files\Symantec Shared\ccApp.exe"> [(Verified)Symantec Corporation] <osCheck><"F:\Program Files\Norton AntiVirus\osCheck.exe"> [(Verified)Symantec Corporation] <Adobe Photo Downloader><; "F:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"> [Adobe Systems Incorporated] <DataFinder><; "F:\Program Files\National Instruments\Shared\DataFinder\bin\DataFinder.exe" /auto> [National Instruments] <IgfxTray><; F:\WINDOWS\System32\igfxtray.exe> [(Verified)Intel Corporation] <IMJPMIG8.1><; "F:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Corporation] <iTunesHelper><; "F:\Program Files\iTunes\iTunesHelper.exe"> [(Verified)Apple Computer, Inc.] <MINI_BFYY><; F:\Program Files\Ringz Studio\Storm Downloader\StormDownloader.exe> [N/A] <PHIME2002A><; F:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [(Verified)Microsoft Corporation] <PHIME2002ASync><; F:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [(Verified)Microsoft Corporation] <stup.exe><; F:\PROGRA~1\TENCENT\Adplus\stup.exe> [Tencent] <wlovif><; F:\WINDOWS\System32\kernlx.exe> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <shell><Explorer.exe> [(Verified)Microsoft Corporation] <Userinit><F:\WINDOWS\System32\userinit.exe,> [(Verified)Microsoft Corporation] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] <AppInit_DLLs><> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <UIHost><logonui.exe> [(Verified)Microsoft Corporation] [HKEY_CURRENT_USER\Control Panel\Desktop] <SCRNSAVE.EXE><; F:\Program Files\Kingsoft\Kav 6\KaScrScn.scr> [N/A] ================================== 启动文件夹 N/A ================================== 服务 [Automatic LiveUpdate Scheduler / Automatic LiveUpdate Scheduler] <"F:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe"><Symantec Corporation> [Symantec Event Manager / ccEvtMgr] <"F:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon><Symantec Corporation> [Symantec Settings Manager / ccSetMgr] <"F:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon><Symantec Corporation> [Symantec Lic NetConnect service / CLTNetCnService] <"F:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon><Symantec Corporation> [Human Interface Device Access / HidServ] <F:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A> [iPod Service / iPod Service] <"F:\Program Files\iPod\bin\iPodService.exe"><Apple Computer, Inc.> [Symantec IS Password Validation / ISPwdSvc] <"F:\Program Files\Norton AntiVirus\isPwdSvc.exe"><Symantec Corporation> [LiveUpdate / LiveUpdate] <"F:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE"><Symantec Corporation> [Lookout Citadel Server / LkCitadelServer] <F:\WINDOWS\System32\lkcitdl.exe><National Instruments, Inc.> [National Instruments PSP Server Locator / lkClassAds] <F:\WINDOWS\System32\lkads.exe><National Instruments, Inc.> [National Instruments Time Synchronization / lkTimeSync] <F:\WINDOWS\System32\lktsrv.exe><National Instruments, Inc.> [National Instruments Domain Service / NIDomainService] <"F:\Program Files\National Instruments\Shared\Security\nidmsrv.exe"><National Instruments, Inc.> [NILM License Manager / NILM License Manager] <"F:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe"><Macrovision Corporation> [Symantec Core LC / Symantec Core LC] <"F:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe"><Symantec Corporation> [Symantec AppCore Service / SymAppCore] <"F:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe"><Symantec Corporation> ================================== 驱动程序 [408667 / 408667] <\SystemRoot\System32\drivers\408667.sys><N/A> [80522 / 80522] <\SystemRoot\system32\drivers\80522.sys><N/A> [a0 / a0] <\SystemRoot\\SystemRoot\System32\drivers\408667.sys><N/A> [ADProt / ADProt] <system32\drivers\ADProt.sys><腾讯科技（深圳）有限公司> [TOSHIBA V92 Software Modem / AgereSoftModem] <System32\DRIVERS\AGRSM.sys><Agere Systems> [clldrv6 / clldrv6] <\SystemRoot\System32\drivers\clldrv6.SYS><miControl> [Cisco Systems VPN Adapter / CVirtA] <System32\DRIVERS\CVirtA.sys><Cisco Systems, Inc.> [Intel(R) PRO Adapter Driver / E100B] <System32\DRIVERS\e100b325.sys><Intel Corporation> [Symantec Eraser Control driver / eeCtrl] <\??\F:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys><Symantec Corporation> [EraserUtilRebootDrv / EraserUtilRebootDrv] <\??\F:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys><Symantec Corporation> [GfSDev / GfSDev] <\??\F:\PROGRAM FILES\NATIONAL INSTRUMENTS\DIADEM 10.0\GfSDev.sys><National Instruments> [ialm / ialm] <System32\DRIVERS\ialmnt5.sys><Intel Corporation> [NAVENG / NAVENG] <\??\F:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20061222.009\NAVENG.SYS><Symantec Corporation> [NAVEX15 / NAVEX15] <\??\F:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20061222.009\NAVEX15.SYS><Symantec Corporation> [Nokia USB Generic / Nokia USB Generic] <system32\drivers\nmwcdc.sys><Nokia> [Nokia USB Modem / Nokia USB Modem] <system32\drivers\nmwcdcm.sys><Nokia> [Nokia USB Phone Parent / Nokia USB Phone Parent] <system32\drivers\nmwcd.sys><Nokia> [Nokia USB Port / Nokia USB Port] <system32\drivers\nmwcdcj.sys><Nokia> [npkcrypt / npkcrypt] <\??\F:\Program Files\Tencent\QQ\npkcrypt.sys><N/A> [npkycryp / npkycryp] <\??\F:\Program Files\Tencent\QQ\npkycryp.sys><N/A> [Direct Parallel Link Driver / Ptilink] <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.> [Secdrv / Secdrv] <System32\DRIVERS\secdrv.sys><Macrovision Europe Ltd> [SPBBCDrv / SPBBCDrv] <\??\F:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys><Symantec Corporation> [SRTSP / SRTSP] <System32\Drivers\SRTSP.SYS><Symantec Corporation> [SRTSPL / SRTSPL] <System32\Drivers\SRTSPL.SYS><Symantec Corporation> [SRTSPX / SRTSPX] <System32\Drivers\SRTSPX.SYS><Symantec Corporation> [Audio Driver (WDM) - SigmaTel CODEC / STAC97] <system32\drivers\stac97.sys><SigmaTel, Inc.> [SYMDNS / SYMDNS] <\SystemRoot\System32\Drivers\SYMDNS.SYS><Symantec Corporation> [SymEvent / SymEvent] <\??\F:\WINDOWS\System32\Drivers\SYMEVENT.SYS><Symantec Corporation> [SYMFW / SYMFW] <\SystemRoot\System32\Drivers\SYMFW.SYS><Symantec Corporation> [SYMIDS / SYMIDS] <\SystemRoot\System32\Drivers\SYMIDS.SYS><Symantec Corporation> [SYMIDSCO / SYMIDSCO] <\??\F:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\IDS-DI~1\20061216.001\SymIDSCo.sys><Symantec Corporation> [SYMNDIS / SYMNDIS] <\SystemRoot\System32\Drivers\SYMNDIS.SYS><Symantec Corporation> [SYMREDRV / SYMREDRV] <\SystemRoot\System32\Drivers\SYMREDRV.SYS><Symantec Corporation> [SYMTDI / SYMTDI] <\SystemRoot\System32\Drivers\SYMTDI.SYS><Symantec Corporation> [Intel(R) PRO/Wireless 2200 Adapter 驱动程序 / w22n51] <System32\DRIVERS\w22n51.sys><Intel? Corporation> [WinDriver6 / WinDriver6] <system32\drivers\windrvr6.sys><Jungo> [World Standard Teletext Codec / WSTCODEC] <System32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation> [xriqskx / xriqskx] <\SystemRoot\System32\drivers\xriqskx.sys><> [xxgxyhun / xxgxyhun] <\SystemRoot\System32\DRIVERS\xxgxyhun.sys><YAHOO Corporation> [VIMICRO USB PC Camera / ZSMC302] <System32\Drivers\usbVM31b.sys><VM>
muenster 初生襁褓狮帖子:8 注册: 2006-12-23 来自:

muenster 初生襁褓狮帖子:8 注册: 2006-12-23 来自:	发表于： 2006-12-23 07:56 \| 只看楼主短消息资料字号：小中大 4楼浏览器加载项 [&Recherchieren] {92780B25-18CC-41C8-B9BE-3C9C571A8263} <F:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation> [@shdoclc.dll,-866] {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A> [QQ] {c95fe080-8f5d-11d2-a20b-00aa003c157b} <F:\Program Files\Tencent\QQ\QQ.EXE, TENCENT> [易趣购物] {DE607145-AC19-425e-863A-3D70ABDF119A} <http://click2.ad4all.net/url2/urlmanage/url.asp?id=5, N/A> [QQIEFloatBarCfgCmd Class] {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <F:\Program Files\Tencent\QQ\QQIEHelper.dll, N/A> [电台(&R)] {8E718888-423F-11D2-876E-00A0C9082467} <F:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation> [Adobe PDF] {47833539-D0C5-4125-9FA8-0819E2EAAC93} <F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll, N/A> [金山毒霸] {A9BE2902-C447-420A-BB7F-A5DE921E6138} <F:\PROGRA~1\Kingsoft\KAV6~1\KAIEPlus.DLL, N/A> [Windows Live Toolbar] {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <F:\Program Files\Windows Live Toolbar\msntb.dll, N/A> [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} <F:\WINDOWS\System32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.> [上传到QQ网络硬盘] <F:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A> [添加到QQ自定义面板] <F:\Program Files\Tencent\QQ\AddPanel.htm, N/A> [添加到QQ表情] <F:\Program Files\Tencent\QQ\AddEmotion.htm, N/A> [用QQ彩信发送该图片] <F:\Program Files\Tencent\QQ\SendMMS.htm, N/A>
muenster 初生襁褓狮帖子:8 注册: 2006-12-23 来自:

muenster 初生襁褓狮帖子:8 注册: 2006-12-23 来自:	发表于： 2006-12-23 07:59 \| 只看楼主短消息资料字号：小中大 5楼正在运行的进程 [PID: 548][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [PID: 612][\??\F:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [PID: 636][\??\F:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [PID: 680][F:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [PID: 692][F:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [PID: 856][F:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [PID: 900][F:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [PID: 972][F:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [PID: 1048][F:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [PID: 1276][F:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe] [Symantec Corporation, 106.1.3.3] [F:\Program Files\Common Files\Symantec Shared\ccL60U.dll] [Symantec Corporation, 106.1.3.3] [F:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 106.1.3.3] [F:\Program Files\Common Files\Symantec Shared\ccSvc.dll] [Symantec Corporation, 106.1.3.3] [F:\Program Files\Common Files\Symantec Shared\ccSet.dll] [Symantec Corporation, 106.1.3.3] [F:\PROGRA~1\COMMON~1\SYMANT~1\CCSETPLG.DLL] [Symantec Corporation, 106.1.3.3] [F:\PROGRA~1\NORTON~1\AVPSVC32.DLL] [Symantec Corporation, 14.0.0.89] [F:\PROGRA~1\NORTON~1\AVPSVC32.loc] [Symantec Corporation, 14.0.0.89] [F:\Program Files\Norton AntiVirus\AVSubmit.dll] [Symantec Corporation, 14.0.0.89] [F:\Program Files\Norton AntiVirus\AVSubmit.loc] [Symantec Corporation, 14.0.0.89] [F:\PROGRA~1\NORTON~1\ISDATASV.DLL] [Symantec Corporation, 10.0.0.247] [F:\PROGRA~1\COMMON~1\SYMANT~1\NPC\NPCWMIMN.DLL] [Symantec Corporation, 2007.1.00.118] [F:\PROGRA~1\COMMON~1\SYMANT~1\SNDSVC.DLL] [Symantec Corporation, 7.0.0.170] [F:\Program Files\Common Files\Symantec Shared\ccL60.dll] [Symantec Corporation, 106.1.3.3] [F:\PROGRA~1\COMMON~1\SYMANT~1\SUBMIS~1\SUBENG.DLL] [Symantec Corporation, 2.0.0.164] [F:\PROGRA~1\COMMON~1\SYMANT~1\SUBMIS~1\SUBRES.loc] [Symantec Corporation, 2.0.0.164] [F:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\TPROCPLG.DLL] [Symantec Corporation, 3.0.1.10] [F:\PROGRA~1\COMMON~1\SYMANT~1\CCEVTPLG.DLL] [Symantec Corporation, 106.1.3.3] [F:\Program Files\Common Files\Symantec Shared\ccEvtCli.dll] [Symantec Corporation, 106.1.3.3] [F:\PROGRA~1\COMMON~1\SYMANT~1\FIREWALL\FWAGENT.DLL] [Symantec Corporation, 1.0.0.184] [F:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\SPBBCEVT.DLL] [Symantec Corporation, 3.0.1.10] [F:\PROGRA~1\COMMON~1\SYMANT~1\SRTSP\SRTSP32.DLL] [Symantec Corporation, 10.1.3.9] [F:\Program Files\Common Files\Symantec Shared\ccProSub.dll] [Symantec Corporation, 106.1.3.3] [F:\PROGRA~1\COMMON~1\SYMANT~1\CCSETEVT.DLL] [Symantec Corporation, 106.1.3.3] [F:\PROGRA~1\NORTON~1\NAVEVENT.DLL] [Symantec Corporation, 14.0.0.89] [F:\WINDOWS\SYSTEM32\SYMNETI.DLL] [Symantec Corporation, 7.0.0.170] [F:\Program Files\Norton AntiVirus\isDataCl.dll] [Symantec Corporation, 10.0.0.247] [F:\Program Files\Norton AntiVirus\SetEvtHp.dll] [Symantec Corporation, 10.0.0.247] [F:\Program Files\Common Files\Symantec Shared\AntiVirus\AVIfc.dll] [Symantec Corporation, 1.0.00.194] [F:\Program Files\Common Files\Symantec Shared\AppCore\AppMgr32.dll] [Symantec Corporation, 1.0.00.101] [F:\Program Files\Common Files\Symantec Shared\Firewall\FWHelper.dll] [Symantec Corporation, 1.0.0.184] [F:\Program Files\Norton AntiVirus\fwPlugin.dll] [Symantec Corporation, 10.0.0.247] [F:\Program Files\Norton AntiVirus\fwEvent.dll] [Symantec Corporation, 10.0.0.247] [F:\PROGRA~1\COMMON~1\SYMANT~1\OPC\{31011~1\CLTNETCN.DLL] [Symantec Corporation, 7.0.0.108] [F:\Program Files\Common Files\Symantec Shared\ccALEng.dll] [Symantec Corporation, 106.1.3.3] [F:\Program Files\Norton AntiVirus\IMCfg.dll] [Symantec Corporation, 10.0.0.247] [F:\Program Files\Common Files\Symantec Shared\SPBBC\bbRGen.dll] [Symantec Corporation, 3.0.1.10] [F:\PROGRA~1\COMMON~1\SYMANT~1\SUBMIS~1\SubConn.dll] [Symantec Corporation, 2.0.0.164] [PID: 1332][F:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)] [F:\PROGRA~1\COMMON~1\SYMANT~1\NPC\NSCEXT.DLL] [Symantec Corporation, 2007.1.00.118] [F:\Program Files\Common Files\Symantec Shared\ccL60U.dll] [Symantec Corporation, 106.1.3.3] [F:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 7.0.0.0] [F:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.CHS] [Adobe Systems, Inc., 7.0.0.0] [F:\Program Files\WinRAR\rarext.dll] [N/A, N/A] [F:\PROGRA~1\NORTON~1\NavShExt.dll] [Symantec Corporation, 14.0.0.89] [F:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 106.1.3.3] [F:\PROGRA~1\NORTON~1\NavShExt.loc] [N/A, N/A] [F:\Program Files\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll] [Adobe Systems Inc., 7.0.0.2004121400\0] [F:\Program Files\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.chs] [Adobe Systems Inc., 7.0.0.2004121400\0] [PID: 1432][F:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe] [Symantec Corporation, 1.0.00.101] [F:\Program Files\Common Files\Symantec Shared\ccL60U.dll] [Symantec Corporation, 106.1.3.3] [F:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 106.1.3.3] [F:\Program Files\Common Files\Symantec Shared\AppCore\AppMgr32.dll] [Symantec Corporation, 1.0.00.101] [F:\Program Files\Common Files\Symantec Shared\AppCore\AppSet32.dll] [Symantec Corporation, 1.0.00.101] [F:\Program Files\Common Files\Symantec Shared\ccSvc.dll] [Symantec Corporation, 106.1.3.3] [F:\Program Files\Common Files\Symantec Shared\AntiVirus\AVScan.dll] [Symantec Corporation, 1.0.00.194] [F:\Program Files\Common Files\Symantec Shared\AntiVirus\AV.loc] [Symantec Corporation, 1.0.00.194] [F:\Program Files\Common Files\Symantec Shared\AntiVirus\avDefMgr.dll] [Symantec Corporation, 1.0.00.194] [F:\Program Files\Common Files\Symantec Shared\DefUtDCD.dll] [Symantec Corporation, 3.2.10.0] [F:\Program Files\Common Files\Symantec Shared\AntiVirus\avModule.dll] [Symantec Corporation, 1.0.00.194] [F:\Program Files\Common Files\Symantec Shared\QBackup.dll] [Symantec Corporation, 1.0.00.194] [F:\Program Files\Common Files\Symantec Shared\AntiVirus\AVExclu.dll] [Symantec Corporation, 1.0.00.194] [F:\Program Files\Common Files\Symantec Shared\SRTSP\Srtsp32.dll] [Symantec Corporation, 10.1.3.9] [F:\Program Files\Common Files\Symantec Shared\ccProSub.dll] [Symantec Corporation, 106.1.3.3] [F:\PROGRA~1\COMMON~1\SYMANT~1\ccEvtCli.dll] [Symantec Corporation, 106.1.3.3] [F:\Program Files\Common Files\Symantec Shared\ccScanw.dll] [Symantec Corporation, 106.1.3.3]
muenster 初生襁褓狮帖子:8 注册: 2006-12-23 来自:

muenster 初生襁褓狮帖子:8 注册: 2006-12-23 来自:	发表于： 2006-12-23 08:00 \| 只看楼主短消息资料字号：小中大 6楼 [F:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL] [Symantec Corporation, 61.3.0.17] [F:\Program Files\Common Files\Symantec Shared\MSL\msl.dll] [Symantec Corporation, 5.0.071.000] [F:\Program Files\Common Files\Symantec Shared\ccSet.dll] [Symantec Corporation, 106.1.3.3] [F:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20061222.009\ccEraser.dll] [Symantec Corporation, 106.3.3.2] [F:\Program Files\Common Files\Symantec Shared\COH\AHS.dll] [Symantec Corporation, 6,0,1,3] [F:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec\SyKnAppS\SyKnAppS.dll] [Symantec Corporation, 1.1.0.77] [PID: 1496][F:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.1699 (xpsp2.050610-1533)] [F:\WINDOWS\System32\AdobePDF.dll] [Adobe Systems Incorporated., 7.0.0.00] [F:\Program Files\Adobe\Acrobat 7.0\Distillr\AdistRes.CHS] [N/A, N/A] [PID: 192][F:\Program Files\Common Files\Real\Update_OB\realsched.exe] [RealNetworks, Inc., 0.1.0.3536] [PID: 184][F:\Program Files\Common Files\Symantec Shared\ccApp.exe] [Symantec Corporation, 106.1.3.3] [F:\Program Files\Common Files\Symantec Shared\ccL60U.dll] [Symantec Corporation, 106.1.3.3] [F:\WINDOWS\System32\SymNeti.dll] [Symantec Corporation, 7.0.0.170] [F:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 106.1.3.3] [F:\Program Files\Common Files\Symantec Shared\ccSvc.dll] [Symantec Corporation, 106.1.3.3] [F:\Program Files\Common Files\Symantec Shared\ccSet.dll] [Symantec Corporation, 106.1.3.3] [F:\Program Files\Common Files\Symantec Shared\AppCore\AppPlg32.dll] [Symantec Corporation, 1.0.00.101] [F:\Program Files\Common Files\Symantec Shared\AppCore\AppMgr32.dll] [Symantec Corporation, 1.0.00.101] [F:\Program Files\Common Files\Symantec Shared\AppCore\AppSet32.dll] [Symantec Corporation, 1.0.00.101] [F:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL] [Symantec Corporation, 106.1.3.3] [F:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL] [Symantec Corporation, 106.1.3.3] [F:\Program Files\Norton AntiVirus\fwAlert.dll] [Symantec Corporation, 10.0.0.247] [F:\Program Files\Norton AntiVirus\fwAlRes.dll] [Symantec Corporation, 10.0.0.247] [F:\PROGRA~1\NORTON~1\DEFALERT.DLL] [Symantec Corporation, 14.0.0.89] [F:\PROGRA~1\NORTON~1\AVPAPP32.DLL] [Symantec Corporation, 14.0.0.89] [F:\Program Files\Common Files\Symantec Shared\NPC\npcTRAY.dll] [Symantec Corporation, 2007.1.00.118] [F:\Program Files\Common Files\Symantec Shared\CF\PEP2.dll] [Symantec Corporation, 2006.1.00.58] [F:\Program Files\Common Files\Symantec Shared\COH\sesHlp.dll] [Symantec Corporation, 6,0,1,3] [F:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll] [Symantec Corporation, 106.1.3.3] [F:\PROGRA~1\NORTON~1\AVPAPP32.loc] [Symantec Corporation, 14.0.0.89] [F:\Program Files\Common Files\Symantec Shared\ccProSub.dll] [Symantec Corporation, 106.1.3.3] [F:\Program Files\Common Files\Symantec Shared\AntiVirus\AVIfc.dll] [Symantec Corporation, 1.0.00.194] [F:\PROGRA~1\COMMON~1\SYMANT~1\ccEvtCli.dll] [Symantec Corporation, 106.1.3.3] [F:\Program Files\Norton AntiVirus\isDataCl.dll] [Symantec Corporation, 10.0.0.247] [F:\Program Files\Common Files\Symantec Shared\NPC\DataPvdr.dll] [Symantec Corporation, 2007.1.00.118] [F:\Program Files\Common Files\Symantec Shared\NPC\NSCHlpr2.dll] [Symantec Corporation, 2007.1.00.118] [F:\Program Files\Norton AntiVirus\SetEvtHp.dll] [Symantec Corporation, 10.0.0.247] [F:\Program Files\Norton AntiVirus\fwEvent.dll] [Symantec Corporation, 10.0.0.247] [F:\PROGRA~1\COMMON~1\SYMANT~1\rcEmlPxy.dll] [Symantec Corporation, 106.0.1.10] [F:\WINDOWS\System32\SymRedir.dll] [Symantec Corporation, 7.0.0.170] [F:\Program Files\Common Files\Symantec Shared\NPC\pcStatus.dll] [Symantec Corporation, 2007.1.00.118] [F:\Program Files\Common Files\Symantec Shared\NPC\uiLicPlg.dll] [Symantec Corporation, 2007.1.00.118] [F:\Program Files\Common Files\Symantec Shared\NPC\NSCWSCR2.DLL] [Symantec Corporation, 2007.1.00.118] [F:\Program Files\Common Files\Symantec Shared\AntiVirus\AVMail.dll] [Symantec Corporation, 1.0.00.194] [F:\Program Files\Common Files\Symantec Shared\AntiVirus\AVExclu.dll] [Symantec Corporation, 1.0.00.194] [F:\Program Files\Common Files\Symantec Shared\NPC\PEPEvnt.dll] [Symantec Corporation, 2007.1.00.118] [F:\PROGRA~1\COMMON~1\SYMANT~1\rcAlert.dll] [Symantec Corporation, 106.0.1.10] [F:\Program Files\Common Files\Symantec Shared\CF\cfV2Pack.dll] [Symantec Corporation, 2006.1.00.58] [F:\Program Files\Common Files\Symantec Shared\CF\cfEPack.dll] [Symantec Corporation, 2006.1.00.58] [F:\Program Files\Common Files\Symantec Shared\SymTheme\1.0\SymTheme.dll] [Symantec Corporation, 1.0.00.79] [PID: 220][F:\WINDOWS\System32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)] [PID: 1872][F:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe] [Symantec Corporation, 3.1.0.99] [F:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 106.1.3.3] [F:\Program Files\Common Files\Symantec Shared\ccL60U.dll] [Symantec Corporation, 106.1.3.3] [PID: 1956][F:\WINDOWS\System32\lkcitdl.exe] [National Instruments, Inc., 4.5.2.0] [F:\WINDOWS\System32\LKDYNAM.dll] [National Instruments, Inc., 4.6.0.1036] [F:\WINDOWS\System32\LKSOCK.dll] [National Instruments, Inc., 4.6.0.1036] [F:\WINDOWS\System32\LKSEC.dll] [National Instruments, Inc., 4.6.0.1036] [F:\WINDOWS\System32\LKOBENV.dll] [National Instruments, Inc., 4.6.0.1036] [F:\WINDOWS\System32\nidscmem.dll] [National Instruments, Inc., 1.1.0.1036] [F:\Program Files\National Instruments\Shared\Security\nidm_client_thinauth.dll] [National Instruments, Inc., 1.1.0.1036] [PID: 2004][F:\WINDOWS\System32\lkads.exe] [National Instruments, Inc., 4.6.0.1036] [F:\WINDOWS\System32\LKSOCK.dll] [National Instruments, Inc., 4.6.0.1036] [F:\WINDOWS\System32\LKSEC.dll] [National Instruments, Inc., 4.6.0.1036] [F:\WINDOWS\System32\LKDYNAM.dll] [National Instruments, Inc., 4.6.0.1036] [F:\Program Files\National Instruments\Shared\Security\nidm_client_thinauth.dll] [National Instruments, Inc., 1.1.0.1036] [PID: 2020][F:\WINDOWS\System32\lktsrv.exe] [National Instruments, Inc., 4.6.0.1036] [F:\WINDOWS\System32\LKSTIME.dll] [National Instruments, Inc., 4.6.0.1036] [F:\WINDOWS\System32\LKSOCK.dll] [National Instruments, Inc., 4.6.0.1036] [F:\WINDOWS\System32\LKSEC.dll] [National Instruments, Inc., 4.6.0.1036] [F:\WINDOWS\System32\LKDYNAM.dll] [National Instruments, Inc., 4.6.0.1036] [F:\Program Files\National Instruments\Shared\Security\nidm_client_thinauth.dll] [National Instruments, Inc., 1.1.0.1036] [PID: 1564][F:\Program Files\National Instruments\Shared\Security\nidmsrv.exe] [National Instruments, Inc., 1.1.0.1036] [F:\WINDOWS\System32\LKSOCK.dll] [National Instruments, Inc., 4.6.0.1036] [F:\WINDOWS\System32\LKSEC.dll] [National Instruments, Inc., 4.6.0.1036] [F:\WINDOWS\System32\LKDYNAM.dll] [National Instruments, Inc., 4.6.0.1036] [F:\Program Files\National Instruments\Shared\Security\nidm_client_thinauth.dll] [National Instruments, Inc., 1.1.0.1036]
muenster 初生襁褓狮帖子:8 注册: 2006-12-23 来自:

muenster 初生襁褓狮帖子:8 注册: 2006-12-23 来自:	发表于： 2006-12-23 08:01 \| 只看楼主短消息资料字号：小中大 7楼 [PID: 516][F:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [PID: 2124][F:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe] [Symantec Corporation, 1.9.1.1034] [F:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcnet.dll] [Symantec Corporation, 1.9.1.1034] [PID: 2252][F:\WINDOWS\System32\wuauclt.exe] [Microsoft Corporation, 5.8.0.2469 built by: lab01_n(wmbla)] [PID: 1660][F:\Program Files\Mozilla Firefox\firefox.exe] [Mozilla Corporation, 1.8.0.7: 2006091806] [F:\Program Files\Mozilla Firefox\js3250.dll] [Netscape Communications Corporation, 4.0] [F:\Program Files\Mozilla Firefox\nspr4.dll] [Netscape Communications Corporation, 4.6.1] [F:\Program Files\Mozilla Firefox\xpcom_core.dll] [Mozilla Foundation, 1.8.0.7: 2006091806] [F:\Program Files\Mozilla Firefox\plc4.dll] [Netscape Communications Corporation, 4.6.1] [F:\Program Files\Mozilla Firefox\plds4.dll] [Netscape Communications Corporation, 4.6.1] [F:\Program Files\Mozilla Firefox\smime3.dll] [Netscape Communications Corporation, 3.10.2] [F:\Program Files\Mozilla Firefox\nss3.dll] [Netscape Communications Corporation, 3.10.2] [F:\Program Files\Mozilla Firefox\softokn3.dll] [Netscape Communications Corporation, 3.10.2] [F:\Program Files\Mozilla Firefox\ssl3.dll] [Netscape Communications Corporation, 3.10.2] [F:\Program Files\Mozilla Firefox\xpcom_compat.dll] [Mozilla Foundation, 1.8.0.7: 2006091806] [F:\Program Files\Mozilla Firefox\components\jar50.dll] [Mozilla Foundation, 1.8.0.7: 2006091806] [F:\Program Files\Mozilla Firefox\nssckbi.dll] [Netscape Communications Corporation, 1.53] [F:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll] [N/A, N/A] [PID: 2092][F:\Documents and Settings\GaoYang\桌面\sreng2\SREng\SREng.exe] [Smallfrogs Studio, 2.2.6.605] ================================== 文件关联 .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .EXE OK. ["%1" %] .COM OK. ["%1" %] .PIF OK. ["%1" %] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %] .SCR OK. ["%1" /S] .CHM OK. ["F:\WINDOWS\hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] .INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock 提供者 N/A ================================== Autorun.inf N/A ================================== HOSTS 文件 127.0.0.1 localhost ==================================
muenster 初生襁褓狮帖子:8 注册: 2006-12-23 来自:

muenster 初生襁褓狮帖子:8 注册: 2006-12-23 来自:	发表于： 2006-12-23 08:03 \| 只看楼主短消息资料字号：小中大 8楼都传上来了！！等待中！！
muenster 初生襁褓狮帖子:8 注册: 2006-12-23 来自:

鸟儿天上飞叱咤花甲狮帖子:2332 注册: 2006-11-30 来自:	发表于： 2006-12-23 08:04 \| 短消息资料字号：小中大 9楼基本没发现什么呵呵不知道那个系统有没被感染下个360清理一下垃圾吧
鸟儿天上飞叱咤花甲狮帖子:2332 注册: 2006-11-30 来自:

Ahtiman 飘泊而立狮帖子:635 注册: 2006-11-20 来自:	发表于： 2006-12-23 08:19 \| 短消息资料字号：小中大 10楼汗死,太恐怖了吧,从没看见过这么多的~~~~
Ahtiman 飘泊而立狮帖子:635 注册: 2006-11-20 来自:

<<上一主题|下一主题>>

12

1 / 2 页

跳转页

页面顶部

Powered by Discuz!NT