查看: 4159|回复: 12
收起左侧

我中了Trojan.Win32.Pakes.c病毒,怎么办?

[复制链接]
cjx3159
发表于 2007-6-7 17:56:22 | 显示全部楼层 |阅读模式
我中了Trojan.Win32.Pakes.c病毒,怎么办?exe文件全崩溃了!!
zhaonimm
发表于 2007-6-7 19:16:21 | 显示全部楼层
楼主 先关闭系统还原 清理临时文件!!!
然后下载个SRENG  改名 扫描个报告打包发上来!!!
cjx3159
 楼主| 发表于 2007-6-7 19:32:09 | 显示全部楼层

我试试吧~!先谢了!

cjx3159
 楼主| 发表于 2007-6-8 14:49:07 | 显示全部楼层

不好意思,我想自己搞定,但还是不行!!郁呀!下面是扫描报告!!



  1. 2007-06-07,20:48:20

  2. System Repair Engineer 2.3.13.690
  3. Smallfrogs ([url]http://www.KZTechs.com[/url])

  4. Windows XP Professional Service Pack 2 (Build 2600)
  5. - 管理权限用户 - 完整功能

  6. 以下内容被选中:
  7.     所有的启动项目(包括注册表、启动文件夹、服务等)
  8.     浏览器加载项
  9.     正在运行的进程(包括进程模块信息)
  10.     文件关联
  11.     Winsock 提供者
  12.     Autorun.inf
  13.     HOSTS 文件


  14. 启动项目
  15. 注册表
  16. [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  17.     <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
  18.     <XDeskShow2><; D:\应用程序\鱼鱼桌面秀2\XDeskShow2.exe>  [N/A]
  19.     <swg><C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe>  [(Verified)Google Inc.]
  20. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  21.     <switch><c:\windows\system32\壁纸自动换.exe>  [N/A]
  22.     <RTHDCPL><RTHDCPL.EXE>  [(Verified)Realtek Semiconductor Corp.]
  23.     <SkyTel><SkyTel.EXE>  [(Verified)Realtek Semiconductor Corp.]
  24.     <Alcmtr><ALCMTR.EXE>  [(Verified)Realtek Semiconductor Corp.]
  25.     <NvCplDaemon><; RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)NVIDIA Corporation]
  26.     <nwiz><; nwiz.exe /install>  [N/A]
  27.     <NvMediaCenter><; RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)NVIDIA Corporation]
  28.     <SystemSafer.exe><F:\工具\软件\杀毒\SystemSafer\SystemSafer.exe -Hide>  [N/A]
  29.     <WebThunder><D:\软件\WebThunder.exe>  [N/A]
  30.     <TkBellExe><; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [N/A]
  31.     <XDeskCal><F:\工具\应用程序\XDeskCal\XDeskCal.exe>  [CFishSoft]
  32.     <AVP><"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe">  [Kaspersky Lab]
  33.     <AVG7_CC><C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP>  [GRISOFT, s.r.o.]
  34.     <TrojanScanner><F:\工具\软件\杀毒\Trojan Remover\Trjscan.exe>  [(Verified)Simply Super Software]
  35. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  36.     <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
  37.     <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
  38.     <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
  39. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
  40.     <WinlogonNotify: klogon><C:\WINDOWS\system32\klogon.dll>  [Kaspersky Lab]
  41. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
  42.     <WinlogonNotify: WgaLogon><WgaLogon.dll>  [(Verified)Microsoft Corporation]
  43. [HKEY_CURRENT_USER\Control Panel\Desktop]
  44.     <SCRNSAVE.EXE><C:\WINDOWS\system32\星夜焰火.SCR>  [N/A]

  45. ==================================
  46. 启动文件夹
  47. [QQ游戏启动加速程序]
  48.   <C:\Documents and Settings\Administrator\「开始」菜单\程序\备用工具\启动\QQ游戏启动加速程序.lnk --> C:\PROGRA~1\Tencent\QQGame\Accel.exe [深圳市腾讯计算机系统有限公司]><H>
  49. [新编全医药学大词典]
  50.   <C:\Documents and Settings\Administrator\「开始」菜单\程序\备用工具\启动\新编全医药学大词典.lnk --> E:\小工具\保存的\MedDic\MedDic.exe [Kingyee]><N>

  51. ==================================
  52. 服务
  53. [Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
  54.   <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
  55. [AVG7 Alert Manager Server / Avg7Alrt][Running/Auto Start]
  56.   <C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe><GRISOFT, s.r.o.>
  57. [AVG7 Update Service / Avg7UpdSvc][Running/Auto Start]
  58.   <C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe><GRISOFT, s.r.o.>
  59. [AVG E-mail Scanner / AVGEMS][Running/Auto Start]
  60.   <C:\PROGRA~1\Grisoft\AVG7\avgemc.exe><GRISOFT, s.r.o.>
  61. [卡巴斯基互联网安全套装6.0个人版 / AVP][Running/Auto Start]
  62.   <"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r><Kaspersky Lab>
  63. [Human Interface Device Access / HidServ][Stopped/Disabled]
  64.   <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
  65. [MazeSvr / MazeSvr][Running/Auto Start]
  66.   <F:\影视\天网Maze\MazeSvr.exe><N/A>
  67. [NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  68.   <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
  69. [SolidPDFConverterReadSpool / ScReadSpool][Running/Auto Start]
  70.   <E:\小工具\保存的\pdf转word\SCPDF\SolidPdfService.exe><VoyagerSoft, LLC>
  71. [TupCaptureService / TupCaptureService][Running/Auto Start]
  72.   <C:\Program Files\Tupsoft\BigMother\Engine\ArServerDaemon.exe><N/A>

  73. ==================================
  74. 驱动程序
  75. [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
  76.   <system32\drivers\ac97intc.sys><Intel Corporation>
  77. [AliIde / AliIde][Running/Boot Start]
  78.   <\SystemRoot\System32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
  79. [AMD K8 Processor Driver / AmdK8][Stopped/Manual Start]
  80.   <System32\DRIVERS\amdk8.sys><Advanced Micro Devices>
  81. [AVG7 Kernel / Avg7Core][Running/System Start]
  82.   <\SystemRoot\System32\Drivers\avg7core.sys><GRISOFT, s.r.o.>
  83. [AVG7 Wrap Driver / Avg7RsW][Running/System Start]
  84.   <\SystemRoot\System32\Drivers\avg7rsw.sys><GRISOFT, s.r.o.>
  85. [AVG7 Resident Driver XP / Avg7RsXP][Running/System Start]
  86.   <\SystemRoot\System32\Drivers\avg7rsxp.sys><GRISOFT, s.r.o.>
  87. [AVG7 Clean Driver / AvgClean][Running/System Start]
  88.   <\SystemRoot\System32\Drivers\avgclean.sys><GRISOFT, s.r.o.>
  89. [AVG Network Redirector / AvgTdi][Running/Auto Start]
  90.   <\SystemRoot\System32\Drivers\avgtdi.sys><GRISOFT, s.r.o.>
  91. [CmdIde / CmdIde][Running/Boot Start]
  92.   <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
  93. [VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
  94.   <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
  95. [Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
  96.   <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
  97. [Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
  98.   <system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
  99. [kl1 / kl1][Running/Boot Start]
  100.   <\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab>
  101. [klif / klif][Running/System Start]
  102.   <\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>
  103. [npkcrypt / npkcrypt][Running/Auto Start]
  104.   <\??\C:\Program Files\QIP\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
  105. [nv / nv][Running/Manual Start]
  106.   <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
  107. [nvata / nvata][Running/Boot Start]
  108.   <\SystemRoot\system32\DRIVERS\nvata.sys><NVIDIA Corporation>
  109. [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  110.   <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
  111. [Realtek 10/100/1000 PCI NIC Family NDIS XP Driver / RTL8023xp][Running/Manual Start]
  112.   <system32\DRIVERS\Rtnicxp.sys><Realtek Semiconductor Corporation>
  113. [Secdrv / Secdrv][Stopped/Manual Start]
  114.   <system32\DRIVERS\secdrv.sys><N/A>
  115. [TCP/IP Protocol Driver / Tcpip][Running/System Start]
  116.   <system32\DRIVERS\tcpip.sys><Microsoft Corporation>

  117. ==================================
  118. 浏览器加载项
  119. [Solid Converter PDF]
  120.   {259F616C-A300-44F5-B04A-ED001A26C85C} <E:\小工具\保存的\pdf转word\SCPDF\ExploreExtPDF.dll, VoyagerSoft, LLC>
  121. [Google Toolbar Helper]
  122.   {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar1.dll, Google Inc.>
  123. [Google Toolbar Notifier BHO]
  124.   {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
  125. [浩方对战平台]
  126.   {0A155D3C-68E2-4215-A47A-E800A446447A} <F:\工具\软件\浩方\GameClient.exe, 上海浩方在线信息技术有限公司>
  127. [Web反病毒统计]
  128.   {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll, Kaspersky Lab>
  129. [启动Web迅雷]
  130.   {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} <[url]http://my.xunlei.com[/url], N/A>
  131. [QQ]
  132.   {c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, N/A>
  133. [QQIEFloatBarCfgCmd Class]
  134.   {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <D:\games\QQ-IP\珊瑚虫\QQ\QQIEHelper.dll, N/A>
  135. [百度超级搜霸]
  136.   {B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\PROGRA~1\baidu\bar\baidubar.dll, N/A>
  137. [BitCometBar]
  138.   {3F1ABCDB-A875-46c1-8345-B72A4567E486} <D:\软件\BitComet\BitCometBar\BitCometBar0.3.dll, N/A>
  139. [Solid Converter PDF]
  140.   {259F616C-A300-44F5-B04A-ED001A26C85C} <E:\小工具\保存的\pdf转word\SCPDF\ExploreExtPDF.dll, VoyagerSoft, LLC>
  141. [&Google]
  142.   {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar1.dll, Google Inc.>
  143. [WebThunder Browser Helper]
  144.   {00000AAA-A363-466E-BEF5-9BB68697AA7F} <D:\软件\WebThunderBHO_016.dll, N/A>
  145. [AcroIEHlprObj Class]
  146.   {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx, >
  147. [&Google]
  148.   {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar1.dll, Google Inc.>
  149. [Solid Converter PDF]
  150.   {259F616C-A300-44F5-B04A-ED001A26C85C} <E:\小工具\保存的\pdf转word\SCPDF\ExploreExtPDF.dll, VoyagerSoft, LLC>
  151. [BitCometBar]
  152.   {3F1ABCDB-A875-46C1-8345-B72A4567E486} <D:\软件\BitComet\BitCometBar\BitCometBar0.3.dll, N/A>
  153. [Microsoft 外壳 UI 帮助程序]
  154.   {64AB4BB7-111E-11D1-8F79-00C04FC2FBE1} <%SystemRoot%\system32\shdocvw.dll, N/A>
  155. [Active Desktop Mover]
  156.   {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
  157. [Google Toolbar Helper]
  158.   {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar1.dll, Google Inc.>
  159. [Google Toolbar Notifier BHO]
  160.   {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
  161. [SearchAssistantOC]
  162.   {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
  163. [百度超级搜霸]
  164.   {B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\PROGRA~1\baidu\bar\baidubar.dll, N/A>
  165. [BDHlprObj Class]
  166.   {CA92B524-BC8A-4610-BD2C-6BD3E28155D0} <C:\WINDOWS\DOWNLO~1\BDHelper.dll, >
  167. [Shockwave Flash Object]
  168.   {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
  169. [上传到QQ网络硬盘]
  170.   <C:\Program Files\QQ2007\AddToNetDisk.htm, N/A>
  171. [使用Web迅雷下载]
  172.   <D:\软件\GetUrl.htm, N/A>
  173. [使用Web迅雷下载全部链接]
  174.   <D:\软件\GetAllUrl.htm, N/A>
  175. [使用迅雷下载]
  176.   <C:\Program Files\Thunder\Program\GetUrl.htm, N/A>
  177. [使用迅雷下载全部链接]
  178.   <C:\Program Files\Thunder\Program\GetAllUrl.htm, N/A>
  179. [导出到 Microsoft Office Excel(&X)]
  180.   <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
  181. [添加到QQ自定义面板]
  182.   <C:\Program Files\QQ2007\AddPanel.htm, N/A>
  183. [添加到QQ表情]
  184.   <C:\Program Files\QQ2007\AddEmotion.htm, N/A>
  185. [添加到反广告黑名单]
  186.   <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ie_banner_deny.htm, N/A>
  187. [用QQ彩信发送该图片]
  188.   <C:\Program Files\QQ2007\SendMMS.htm, N/A>

  189. ==================================
  190. 正在运行的进程
  191. [PID: 552][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  192. [PID: 608][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  193. [PID: 632][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  194.     [C:\WINDOWS\system32\klogon.dll]  [Kaspersky Lab, 6.0.2.621]
  195. [PID: 676][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  196. [PID: 688][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  197. [PID: 836][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  198. [PID: 884][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  199. [PID: 948][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  200.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll]  [Kaspersky Lab, 6.0.2.621]
  201. [PID: 1000][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  202. [PID: 1104][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  203. [PID: 1272][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
  204. [PID: 1552][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
  205.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scrchpg.dll]  [Kaspersky Lab, 6.0.2.621]
  206.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll]  [Kaspersky Lab, 6.0.2.621]
  207.     [C:\WINDOWS\system32\nvcpl.dll]  [NVIDIA Corporation, 6.14.10.9371]
  208.     [C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.9371]
  209.     [C:\WINDOWS\system32\nvapi.dll]  [N/A, N/A]
  210.     [C:\WINDOWS\system32\nvshell.dll]  [N/A, N/A]
  211.     [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
  212.     [F:\工具\软件\杀毒\TROJAN~1\Trshlex.dll]  [Simply Super Software, 1.0.8.46]
  213.     [E:\小工具\保存的\pdf转word\SCPDF\ExploreExtPDF.dll]  [VoyagerSoft, LLC, 3.0.268.0]
  214.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ShellEx.dll]  [Kaspersky Lab, 6.0.2.621]
  215.     [C:\Program Files\Grisoft\AVG7\avgse.dll]  [GRISOFT, s.r.o., 7.5.0.409]
  216. [PID: 1600][C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe]  [GRISOFT, s.r.o., 7.5.0.453]
  217.     [C:\PROGRA~1\Grisoft\AVG7\avgklib.dll]  [GRISOFT, s.r.o., 7.5.0.458]
  218.     [C:\PROGRA~1\Grisoft\AVG7\avglog.dll]  [GRISOFT, s.r.o., 7.5.0.429]
  219.     [C:\Program Files\Grisoft\AVG7\avgcfg.dll]  [GRISOFT, s.r.o., 7.5.0.460]
  220.     [C:\Program Files\Grisoft\AVG7\avglng.dll]  [GRISOFT, s.r.o., 7.5.0.429]
  221.     [C:\Program Files\Grisoft\AVG7\avgamint.dll]  [GRISOFT, s.r.o., 7.5.0.435]
  222.     [C:\Program Files\Grisoft\AVG7\avgamsps.dll]  [GRISOFT, s.r.o., 7.5.0.407]
  223. [PID: 1648][C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe]  [GRISOFT, s.r.o., 7.5.0.420]
  224. [PID: 1688][C:\PROGRA~1\Grisoft\AVG7\avgemc.exe]  [GRISOFT, s.r.o., 7.5.0.460]
  225.     [C:\PROGRA~1\Grisoft\AVG7\libsasl.dll]  [GRISOFT, s.r.o., 7.5.0.407]
  226.     [C:\PROGRA~1\Grisoft\AVG7\avglog.dll]  [GRISOFT, s.r.o., 7.5.0.429]
  227.     [C:\Program Files\Grisoft\AVG7\avgcfg.dll]  [GRISOFT, s.r.o., 7.5.0.460]
  228.     [C:\Program Files\Grisoft\AVG7\avgklib.dll]  [GRISOFT, s.r.o., 7.5.0.458]
  229.     [C:\Program Files\Grisoft\AVG7\avglng.dll]  [GRISOFT, s.r.o., 7.5.0.429]
  230.     [C:\Program Files\Grisoft\AVG7\avgscan.dll]  [GRISOFT, s.r.o., 7.5.0.458]
  231.     [C:\Program Files\Grisoft\AVG7\avgunarc.dll]  [GRISOFT, s.r.o., 7.5.0.449]
  232.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll]  [Kaspersky Lab, 6.0.2.621]
  233.     [C:\PROGRA~1\Grisoft\AVG7\sasllogin.dll]  [GRISOFT, s.r.o., 7.5.0.407]
  234.     [C:\PROGRA~1\Grisoft\AVG7\saslplain.dll]  [GRISOFT, s.r.o., 7.5.0.407]
  235.     [C:\PROGRA~1\Grisoft\AVG7\saslcrammd5.dll]  [GRISOFT, s.r.o., 7.5.0.407]
  236.     [C:\PROGRA~1\Grisoft\AVG7\sasldigestmd5.dll]  [GRISOFT, s.r.o., 7.5.0.407]
  237.     [C:\Program Files\Grisoft\AVG7\avgmail.dll]  [GRISOFT, s.r.o., 7.5.0.429]
  238. [PID: 1824][C:\WINDOWS\RTHDCPL.EXE]  [Realtek Semiconductor Corp., 2.0.8.0]
  239. [PID: 1856][F:\工具\应用程序\XDeskCal\XDeskCal.exe]  [CFishSoft, 2.6.1.312]
  240. [PID: 1920][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  241. [PID: 1928][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe]  [Google Inc., 2, 0, 301, 1654]
  242.     [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll]  [Google Inc., 2, 0, 301, 7164]
  243.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll]  [Kaspersky Lab, 6.0.2.621]
  244.     [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll]  [Google Inc., 2, 0, 301, 7164]
  245.     [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll]  [Google Inc., 2, 0, 301, 7164]
  246. [PID: 2020][F:\影视\天网Maze\MazeSvr.exe]  [N/A, N/A]
  247. [PID: 580][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.10.9371]
  248.     [C:\WINDOWS\system32\nvapi.dll]  [N/A, N/A]
  249. [PID: 932][E:\小工具\保存的\pdf转word\SCPDF\SolidPdfService.exe]  [VoyagerSoft, LLC, 3.0.268.0]
  250. [PID: 1072][C:\Program Files\Tupsoft\BigMother\Engine\ArServerDaemon.exe]  [N/A, N/A]
  251. [PID: 1232][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
  252. [PID: 792][C:\Program Files\Tupsoft\BigMother\Engine\ArServer.exe]  [Tup Software Ltd., 1, 0, 0, 1]
  253.     [C:\Program Files\Tupsoft\BigMother\Engine\ArValidate.dll]  [, 1, 0, 0, 1]
  254.     [C:\Program Files\Tupsoft\BigMother\Engine\ArsDbClient.dll]  [, 1, 0, 0, 1]
  255.     [C:\Program Files\Tupsoft\BigMother\Engine\ArComm.dll]  [, 1, 0, 0, 1]
  256.     [C:\Program Files\Tupsoft\BigMother\Engine\ArNet.dll]  [, 1, 0, 0, 1]
  257.     [C:\Program Files\Tupsoft\BigMother\Engine\ArsDb.dll]  [, 1, 0, 0, 1]
  258.     [C:\Program Files\Tupsoft\BigMother\Engine\ArLib.dll]  [, 1, 0, 0, 1]
  259.     [C:\Program Files\Tupsoft\BigMother\Engine\zlib.dll]  [N/A, N/A]
  260.     [C:\Program Files\Tupsoft\BigMother\Engine\WdmAdo.dll]  [, 1, 0, 0, 1]
  261.     [C:\Program Files\Tupsoft\BigMother\Engine\ArsCapture.dll]  [, 1, 0, 0, 1]
  262.     [C:\Program Files\Tupsoft\BigMother\Engine\ArPacket.dll]  [, 1, 0, 0, 1]
  263.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll]  [Kaspersky Lab, 6.0.2.621]
  264.     [C:\Program Files\Tupsoft\BigMother\Engine\ArsFile.dll]  [, 1, 0, 0, 1]
  265. [PID: 2752][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  266. [PID: 2000][C:\WINDOWS\system32\wuauclt.exe]  [Microsoft Corporation, 5.8.0.2469 built by: lab01_n(wmbla)]
  267. [PID: 2848][C:\WINDOWS\system32\msiexec.exe]  [Microsoft Corporation, 3.1.4000.1823]
  268. [PID: 424][F:\工具\软件\杀毒\sreng\SREng.EXE]  [Smallfrogs Studio, 2.3.13.690]
  269.     [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll]  [Kaspersky Lab, 6.0.2.621]

  270. ==================================
  271. 文件关联
  272. .TXT  Error. [C:\WINDOWS\notepad.exe %1]
  273. .EXE  OK. ["%1" %*]
  274. .COM  OK. ["%1" %*]
  275. .PIF  OK. ["%1" %*]
  276. .REG  OK. [regedit.exe "%1"]
  277. .BAT  OK. ["%1" %*]
  278. .SCR  OK. ["%1" /S]
  279. .CHM  Error. ["hh.exe" %1]
  280. .HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
  281. .INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
  282. .INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
  283. .VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
  284. .JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
  285. .LNK  OK. [{00021401-0000-0000-C000-000000000046}]

  286. ==================================
  287. Winsock 提供者
  288. N/A

  289. ==================================
  290. Autorun.inf
  291. N/A

  292. ==================================
  293. HOSTS 文件
  294. 127.0.0.1       localhost

  295. ==================================
  296. API HOOK
  297. 警告!System Repair Engineer 提醒
  298. 你下面的函数内容与预期值不符,他
  299. 们可能被一些恶意的软件所修改:
  300. RVA  错误: LoadLibraryA
  301. RVA  错误: LoadLibraryExA
  302. RVA  错误: LoadLibraryExW
  303. RVA  错误: LoadLibraryW

  304. ==================================


复制代码
cjx3159
 楼主| 发表于 2007-6-8 14:49:59 | 显示全部楼层

回复 #2 zhaonimm 的帖子

大侠帮我看一下吧,先谢了!!
zhaonimm
发表于 2007-6-8 15:08:16 | 显示全部楼层
晕   你的报告没问题啊。。。。。。。。。
除了你的机器上有   百度搜霸 谷歌工具条外 其它没什么啊!!!
你是不是用卡巴扫描病毒然后删除了。。。。。。

我没在你的报告上看出问题 也许是我水平不行。。。。。。。
cjx3159
 楼主| 发表于 2007-6-8 15:19:19 | 显示全部楼层

回复 #6 zhaonimm 的帖子

我的E,F盘的几个exe文件中招了,删不掉!!!
cjx3159
 楼主| 发表于 2007-6-8 15:20:27 | 显示全部楼层

不是删不掉,是清除不了!!

cjx3159
 楼主| 发表于 2007-6-8 15:23:39 | 显示全部楼层

大侠还有没有好办法

大侠还有没有好办法???我好像把c盘的一个删了,
zhaonimm
发表于 2007-6-8 15:41:37 | 显示全部楼层
网上说这个病毒是威金的一个变种 你试试这个可以修复你的EXE文件不!!
要是不能。。。。。。。。

威金熊猫通用终结器.rar

72.8 KB, 下载次数: 51

您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-12-23 16:18 , Processed in 0.138910 second(s), 20 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表