请问，这个病毒该怎么删除？

显示全部楼层 · 发表于 2007-9-22 10:44:01

今天早上开机就提示了，重启下机子，还是这样～～我该怎么删除这个文件？
禁止滥用原创标题！

[ 本帖最后由 woai_jolin 于 2007-9-23 08:46 编辑 ]

显示全部楼层 · 发表于 2007-9-22 10:47:12

烦大伙帮下忙，该怎么删除？在线等

显示全部楼层 · 发表于 2007-9-22 15:07:46

用SREng扫个报告看看吧！

显示全部楼层 · 发表于 2007-9-22 17:48:08

[CODE]

2007-09-22,17:46:42

System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><>  [N/A]
<run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<SoundMan><SOUNDMAN.EXE>  [(Verified)Realtek Semiconductor Corp.]
<KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  [N/A]
<\\LY001\EPSON Stylus Photo R250 Series><C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHP.EXE /P38 "\\LY001\EPSON Stylus Photo R250 Series" /O6 "USB001" /M "Stylus Photo R250">  [N/A]
<Super Rabbit SafeEdit><F:\超级兔子\SRFC.EXE /Load>  [Super Rabbit Soft]
<NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [NVIDIA Corporation]
<nwiz><nwiz.exe /install>  [N/A]
<NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit>  [NVIDIA Corporation]
<ShStatEXE><"C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE>  [Network Associates, Inc.]
<McAfeeUpdaterUI><"C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey>  [McAfee, Inc.]
<Network Associates Error Reporting Service><"C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe">  [Network Associates, Inc.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe>  [(Verified)Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\Userinit.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll>  [(Verified)Microsoft Corporation]

==================================
启动文件夹
[腾讯QQ2007 Beta3传美版]
  <C:\Documents and Settings\user\「开始」菜单\程序\启动\腾讯QQ2007 Beta3传美版.lnk --> C:\PROGRA~1\Tencent\qq\CoralQQ.exe [珊瑚虫工作室]><N>

==================================
服务
[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[Background Intelligent Transfer Service / BITS][Running/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\KKDownloader.dll><N/A>
[EPSON V3 Service2(03) / EPSON_PM_RPCV2_01][Running/Auto Start]
  <C:\WINDOWS\system32\E_S00RP1.EXE><SEIKO EPSON CORPORATION>
[McAfee Framework 服务 / McAfeeFramework][Running/Auto Start]
  <"C:\Program Files\Network Associates\Common Framework\FrameworkService.exe" /ServiceStart><McAfee, Inc.>
[Network Associates McShield / McShield][Running/Auto Start]
  <"C:\Program Files\Network Associates\VirusScan\Mcshield.exe"><Network Associates, Inc.>
[Network Associates Task Manager / McTaskManager][Running/Auto Start]
  <"C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe"><Network Associates, Inc.>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Windows Accounts Driver / WindowsRemote][Running/Auto Start]
  <C:\WINDOWS\system32\commonds.exe><N/A>

==================================
驱动程序
[aec6710D / aec6710D][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\aec6710d.sys><Microsoft Corporation>
[Service for WDM 3D Audio Driver / ALCXSENS][Running/Manual Start]
  <system32\drivers\ALCXSENS.SYS><Sensaura Ltd>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AliIde / AliIde][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\aliide.sys><N/A>
[CmdIde / CmdIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[EPPSCSIx / EPPSCSIx][Running/System Start]
  <\SystemRoot\System32\drivers\EPPSCSI.SYS><EPPSCSI Miniport Driver>
[FXDRV / FXDRV][Stopped/Manual Start]
  <\??\G:\Fxdrv.sys><N/A>
[KAVBootC / KAVBootC][Running/Boot Start]
  <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
[MegaIDE / MegaIDE][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\MegaIDE.sys><LSI Logic Corporation.>
[NaiAvFilter1 / NaiAvFilter1][Running/Manual Start]
  <system32\drivers\naiavf5x.sys><McAfee Inc.>
[NaiAvTdi1 / NaiAvTdi1][Running/System Start]
  <system32\drivers\mvstdi5x.sys><Network Associates, Inc.>
[npkcrypt / npkcrypt][Stopped/Auto Start]
  <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><N/A>
[npkycryp / npkycryp][Stopped/Manual Start]
  <\??\C:\Program Files\Tencent\qq\npkycryp.sys><N/A>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver / RTL8023][Running/Manual Start]
  <system32\DRIVERS\Rtlnic51.sys><Realtek Semiconductor Corporation>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1][Stopped/Manual Start]
  <system32\DRIVERS\SONYPVU1.SYS><Sony Corporation>
[TesSafe / TesSafe][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\TesSafe.sys><N/A>
[ViaIde / ViaIde][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>
[WINIO / WINIO][Stopped/Manual Start]
  <\??\G:\winio.sys><N/A>
[EntDrv51 / EntDrv51][Running/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\EntDrv51.sys><Network Associates, Inc>

==================================
浏览器加载项
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\qq\QQ.EXE, TENCENT>
[163Uploader Control]
  {8686F2A6-DC01-4E8F-BDE3-DCC7DBBAD6AE} <C:\WINDOWS\system32\163UPL~1.OCX, 广州网易互动娱乐有限公司>
[PasswordEditCtrl Class]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技（深圳）有限公司>
[金山毒霸在线产品升级]
  {E847C78C-C210-4195-8799-FBF3BF89797D} <C:\PROGRA~1\KOS\KOSInit.OCX, 金山软件股份有限公司>
[PeerDraw Class]
  {10072CEC-8CC1-11D1-986E-00A0C955B42E} <C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll, Microsoft Corporation>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[金山毒霸在线杀毒]
  {577A1997-6FD0-4972-B234-885DA583F9CE} <C:\PROGRA~1\KOS\KOSClean.OCX, 金山软件股份有限公司>
[StormPlayer Object]
  {6BE52E1D-E586-474F-A6E2-1A85A9B4D9FB} <C:\Program Files\StormII\mps.dll, Biejing Baofeng Inc.>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx, Adobe Systems, Inc.>
[PasswordEditCtrl Class]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技（深圳）有限公司>
[金山毒霸在线产品升级]
  {E847C78C-C210-4195-8799-FBF3BF89797D} <C:\PROGRA~1\KOS\KOSInit.OCX, 金山软件股份有限公司>
[&使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\geturl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
  <C:\Program Files\Tencent\qq\AddPanel.htm, N/A>

显示全部楼层 · 发表于 2007-9-22 17:48:29

==================================
正在运行的进程
[PID: 436][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 484][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 508][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 552][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\EntApi.dll]  [Network Associates, Inc, 8.0.0.448]
[PID: 564][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\EntApi.dll]  [Network Associates, Inc, 8.0.0.448]
[PID: 716][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\EntApi.dll]  [Network Associates, Inc, 8.0.0.448]
[PID: 760][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\EntApi.dll]  [Network Associates, Inc, 8.0.0.448]
[PID: 852][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\EntApi.dll]  [Network Associates, Inc, 8.0.0.448]
[PID: 908][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\EntApi.dll]  [Network Associates, Inc, 8.0.0.448]
[PID: 988][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\EntApi.dll]  [Network Associates, Inc, 8.0.0.448]
[PID: 1232][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\EntApi.dll]  [Network Associates, Inc, 8.0.0.448]
[C:\WINDOWS\system32\FREEWB.IME]  [Delphi Fan Studio, 5.1]
[C:\Program Files\freewb\plugin\date.plg]  [, 1, 0, 0, 1]
[C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
[C:\Program Files\Network Associates\VirusScan\shext.dll]  [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\RES04\ShExtRes.dll]  [Network Associates, Inc., 8.0.0.912]
[PID: 1300][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[C:\WINDOWS\system32\CNAB4LMK.DLL]  [CANON INC., 1.02.0.004]
[C:\WINDOWS\system32\CNAB4SMK.DLL]  [CANON INC., 1.02.0.004]
[C:\WINDOWS\system32\CNAB4PTU.DLL]  [CANON INC., 1.02.0.004]
[C:\WINDOWS\system32\CNAB4EMU.DLL]  [CANON INC., 1.02.0.004]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FUICAHP.DLL]  [SEIKO EPSON CORP., 0. 3. 40, 50]
[C:\WINDOWS\system32\icm32.dll]  [Microsoft Corporation, 5.1.2600.2709 (xpsp_sp2_gdr.050628-1518)]
[PID: 1504][C:\WINDOWS\SOUNDMAN.EXE]  [Realtek Semiconductor Corp., 5.1.10]
[PID: 1548][F:\超级兔子\SRFC.EXE]  [Super Rabbit Soft, 2.20]
[PID: 1612][C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE]  [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\SHUTIL.dll]  [Network Associates, Inc., 8.0.0.1011]
[C:\Program Files\Network Associates\VirusScan\naiwmain.dll]  [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\RES04\shstat.dll]  [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\RES04\Product.dll]  [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\RES04\McShield.dll]  [Network Associates, Inc., 8.0.0.251]
[C:\Program Files\Network Associates\VirusScan\RES04\Shutilrc.dll]  [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\Graphics.dll]  [Network Associates, Inc., 8.0.0.912]
[PID: 1624][C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe]  [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\nailog.dll]  [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\naCmnLib71.dll]  [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\naXML71.dll]  [N/A, N/A]
[C:\Program Files\Network Associates\Common Framework\cmalib.dll]  [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\applib.dll]  [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\0411\UpdRes.dll]  [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\0411\AgentRes.dll]  [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\SecureFrameworkFactory.dll]  [McAfee, Inc., 3.5.5.438]
[PID: 1636][C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe]  [Network Associates, Inc., 2.0.275.0]
[PID: 1644][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1768][C:\WINDOWS\system32\CNAB4RPK.EXE]  [CANON INC., 1.02.0.004]
[PID: 1796][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[c:\windows\system32\kkdownloader.dll]  [N/A, N/A]
[C:\WINDOWS\system32\EntApi.dll]  [Network Associates, Inc, 8.0.0.448]
[PID: 1816][C:\WINDOWS\system32\E_S00RP1.EXE]  [SEIKO EPSON CORPORATION, 2.03]
[PID: 1868][C:\Program Files\Network Associates\Common Framework\FrameworkService.exe]  [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\nailog.dll]  [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\naXML71.dll]  [N/A, N/A]
[C:\Program Files\Network Associates\Common Framework\naCmnLib71.dll]  [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\applib.dll]  [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\0411\AgentRes.dll]  [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\Logging.dll]  [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\InternetManager.dll]  [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\naInet.dll]  [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\UserSpace.dll]  [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\SecureFrameworkFactory.dll]  [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\Management.dll]  [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\cmalib.dll]  [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\naPolicyManager.dll]  [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\ScriptSubSys.dll]  [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\UpdateSubSys.dll]  [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\Scheduler.dll]  [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\TCSubSys.dll]  [McAfee, Inc., 3.5.5.438]
[C:\WINDOWS\system32\EntApi.dll]  [Network Associates, Inc, 8.0.0.448]
[C:\Program Files\Network Associates\Common Framework\GenEvtInf.dll]  [McAfee, Inc., 3.5.5.438]
[PID: 1912][C:\Program Files\Network Associates\VirusScan\Mcshield.exe]  [Network Associates, Inc., 8.0.0.318]
[C:\Program Files\Network Associates\VirusScan\Res04\McShield.DLL]  [Network Associates, Inc., 8.0.0.251]
[C:\Program Files\Network Associates\VirusScan\FTL.Dll]  [Network Associates, Inc., 8.0.0.135]
[C:\Program Files\Network Associates\VirusScan\naiann.dll]  [Network Associates, Inc., 8.0.0.308]
[C:\Program Files\Network Associates\VirusScan\mytilus.dll]  [Network Associates, Inc., 8.0.0.325]
[C:\Program Files\Network Associates\Common Framework\GenEvtInf.dll]  [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\VirusScan\NaEventU.DLL]  [Network Associates, Inc., 8.0.0.342]
[C:\Program Files\Network Associates\VirusScan\Res04\naEvtRes.dll]  [Network Associates, Inc., 8.0.0.342]
[C:\Program Files\Network Associates\VirusScan\VSIDSvr.dll]  [Network Associates, Inc., 8.0.0.291]
[C:\Program Files\Common Files\Network Associates\Engine\MCSCAN32.DLL]  [McAfee, Inc., 5.2.00]
[C:\Program Files\Network Associates\Common Framework\SecureFrameworkFactory.dll]  [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\VirusScan\EntSrv.Dll]  [Network Associates, Inc, 8.0.0.448]
[PID: 1924][C:\Program Files\Network Associates\Common Framework\naPrdMgr.exe]  [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\naXML71.dll]  [N/A, N/A]
[C:\Program Files\Network Associates\Common Framework\nailog.dll]  [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\naCmnLib71.dll]  [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\applib.dll]  [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\Common Framework\0411\AgentRes.dll]  [McAfee, Inc., 3.5.5.438]
[C:\Program Files\Network Associates\VirusScan\VsPlugin.dll]  [Network Associates, Inc., 8.0.0.1009]
[C:\WINDOWS\system32\EntApi.dll]  [Network Associates, Inc, 8.0.0.448]
[PID: 1992][C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe]  [Network Associates, Inc., 8.0.0.1004]
[C:\Program Files\Network Associates\VirusScan\SHUTIL.dll]  [Network Associates, Inc., 8.0.0.1011]
[C:\Program Files\Network Associates\VirusScan\naiwmain.dll]  [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\naicondl.dll]  [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\RES04\VsTskMgr.dll]  [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\MIDUtil.Dll]  [McAfee, Inc., 8.0.0.155]
[C:\Program Files\Network Associates\VirusScan\BBCpl.dll]  [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\coptcpl.dll]  [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\EmCfgCpl.dll]  [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\RES04\SEmalRes.dll]  [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\RES04\Product.dll]  [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\nvpcpl.dll]  [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\ftcfg.dll]  [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\mytilus.dll]  [Network Associates, Inc., 8.0.0.325]
[C:\Program Files\Network Associates\VirusScan\Res04\McShield.dll]  [Network Associates, Inc., 8.0.0.251]
[C:\Program Files\Network Associates\VirusScan\OASCpl.dll]  [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\vsodscpl.dll]  [Network Associates, Inc., 8.0.0.1011]
[C:\Program Files\Network Associates\VirusScan\ftl.dll]  [Network Associates, Inc., 8.0.0.135]
[C:\Program Files\Network Associates\VirusScan\vsupdcpl.dll]  [Network Associates, Inc., 8.0.0.912]
[PID: 236][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.10.9792]
[C:\WINDOWS\system32\nvapi.dll]  [NVIDIA Corporation, 6.14.10.9792]
[PID: 324][C:\Program Files\Tencent\qq\QQ.exe]  [TENCENT, 7,0,313,1681]
[C:\Program Files\Tencent\qq\CoralAssist.dll]  [Coral Team, 5.0.0 build 20060829]
[C:\Program Files\Tencent\qq\CoralQQ.dll]  [Coral Team, 5.0.1a Build 20070620]
[C:\Program Files\Tencent\qq\kql.dll]  [Coral Team, 5.0.1a build 20070620]
[C:\Program Files\Tencent\qq\ipsearcher.dll]  [, 1.0.0.3]
[C:\Program Files\Tencent\qq\QQBaseClassInDll.dll]  [TENCENT, 7,0,313,1681]
[C:\Program Files\Tencent\qq\QQHelperDll.dll]  [TENCENT, 7,0,313,1681]
[C:\Program Files\Tencent\qq\BasicCtrlDll.dll]  [TENCENT, 7, 0, 225, 1651]
[C:\Program Files\Tencent\qq\NoDisturbFilter.cqx]  [Coral Team, 1.0]
[C:\Program Files\Tencent\qq\ConfigHotkey.cqx]  [Coral Team, 1.0]
[C:\Program Files\Tencent\qq\QQAPI.dll]  [TENCENT, 7,0,313,1681]
[C:\Program Files\Tencent\qq\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
[C:\Program Files\Tencent\qq\AutoReconnect.cqx]  [Coral Team, 1.0.0]
[C:\Program Files\Tencent\qq\LoginCtrl.dll]  [TENCENT, 7,0,313,1681]
[C:\Program Files\Tencent\qq\LoginCtrlRes.dll]  [TENCENT, 7,0,313,1681]
[C:\Program Files\Tencent\qq\QQRes.dll]  [TENCENT, 7,0,313,1681]
[C:\Program Files\Tencent\qq\MailSummary.dll]  [TENCENT, 7,0,313,1681]
[C:\Program Files\Tencent\qq\QQMainFrame.dll]  [N/A, N/A]
[C:\Program Files\Tencent\qq\CQQApplication.dll]  [N/A, N/A]
[C:\Program Files\Tencent\qq\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
[C:\Program Files\Tencent\qq\NewSkin.dll]  [TENCENT, 7,0,313,1681]
[C:\Program Files\Tencent\qq\HostingMgr.dll]  [TENCENT, 7,0,313,1681]
[C:\Program Files\Tencent\qq\CameraDll.dll]  [TENCENT, 7,0,313,1681]
[C:\Program Files\Tencent\qq\CoralHotkey.cqx]  [Coral Team, 1.0]
[C:\Program Files\Tencent\qq\QQKnowledgeSearch.dll]  [TENCENT, 7,0,313,1681]
[C:\Program Files\Tencent\qq\QQAllInOne.dll]  [TENCENT, 7,0,313,1681]
[C:\Program Files\Tencent\qq\SCCore.dll]  [TENCENT, 1, 6, 0, 2]
[C:\Program Files\Tencent\qq\QQSpace.dll]  [TENCENT, 7,0,313,1681]
[C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
[C:\Program Files\Tencent\qq\QQGroupMng.dll]  [TENCENT, 7,0,313,1681]
[C:\Program Files\Tencent\qq\QQAvatar.dll]  [N/A, N/A]
[C:\Program Files\Tencent\qq\UserDefinedHead.dll]  [TENCENT, 7,0,313,1681]
[C:\Program Files\Tencent\qq\QQPlugin.dll]  [N/A, N/A]
[C:\Program Files\Tencent\qq\QQSysMsgMng.dll]  [N/A, N/A]
[C:\Program Files\Tencent\qq\QQConfigPlugin.dll]  [TENCENT, 7,0,313,1681]
[C:\Program Files\Tencent\qq\QRingMng.dll]  [N/A, N/A]
[C:\Program Files\Tencent\qq\LongConnection.dll]  [TENCENT, 7,0,313,1681]
[C:\Program Files\Tencent\qq\QQPet.dll]  [TENCENT, 7,0,313,1681]
[C:\Program Files\Tencent\qq\BQQApplication.dll]  [N/A, N/A]
[C:\Program Files\Tencent\qq\CommercesMng.dll]  [TENCENT, 7,0,313,1681]
[C:\Program Files\Tencent\qq\PersonalDesktop.dll]  [TENCENT, 7,0,313,1681]
[C:\Program Files\Tencent\qq\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 310]
[C:\Program Files\Tencent\qq\QQSceneMng.dll]  [N/A, N/A]
[C:\Program Files\Tencent\qq\AddrSearch.dll]  [腾讯科技（深圳）有限公司, 2, 1, 9, 95]
[C:\WINDOWS\system32\l3codeca.acm]  [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]
[PID: 888][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\CJSTI.dll]  [Windows (R) 2000 DDK provider, 5.00.2195.1620]
[C:\WINDOWS\twain_32\A686\CJ01LLD.dll]  [, 1, 0, 0, 2]
[C:\WINDOWS\twain_32\A686\UniScan.dll]  [, 1, 0, 0, 3]
[C:\WINDOWS\system32\EntApi.dll]  [Network Associates, Inc, 8.0.0.448]
[PID: 976][C:\WINDOWS\system32\commonds.exe]  [N/A, N/A]
[PID: 792][C:\Program Files\Tencent\qq\TIMPlatform.exe]  [TENCENT, 7,0,313,1681]
[C:\Program Files\Tencent\qq\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
[C:\WINDOWS\system32\system]  [N/A, N/A]
[PID: 3260][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2468][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\EntApi.dll]  [Network Associates, Inc, 8.0.0.448]
[C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx]  [Adobe Systems, Inc., 9,0,47,0]
[PID: 2424][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1128][C:\DOCUME~1\user\LOCALS~1\Temp\Rar$EX00.172\SREng.EXE]  [Smallfrogs Studio, 2.3.13.690]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  Error. [winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1    localhost

==================================
API HOOK
N/A

==================================

[/CODE]

显示全部楼层 · 发表于 2007-9-22 17:49:58

以上就是用SREng扫描出来的，烦各位大虾帮忙看下是什么病毒

显示全部楼层 · 发表于 2007-9-22 23:41:01

显示全部楼层 · 发表于 2007-9-23 07:16:09

再帮你移到大区看看

[技术原创] 请问，这个病毒该怎么删除？

本帖子中包含更多资源