SOS 电脑中毒了,软驱狂读.有人知道中了什么毒吗?

SOS 电脑中毒了,软驱狂读.有人知道中了什么毒吗? - 故障解答 - 电脑教程网
站点导航
相关链接

SOS 电脑中毒了,软驱狂读.有人知道中了什么毒吗?

日期:2007-07-11   荐:
.Knh422 电脑中毒了,软驱狂读.有人知道中了什么毒吗? 在线等,

具体是什么情况,有什么进程和表现.你都不打出来..没有办法回答你呀

扫描一个sreng的报告看看,,

打开用户 软驱狂读..

不会停止, 不管你放没有放软盘进去

楼主的情况说了半天,大家依然一头雾水,,参考俺的签名,

版主,我扫出来了帮我看一下 [CODE] 2007-01-05,11:54:54 System Repair Engineer 2.3.13.690 Smallfrogs (http://www.KZTechs.com) Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能 以下内容被选中:     所有的启动项目(包括注册表、启动文件夹、服务等)     浏览器加载项     正在运行的进程(包括进程模块信息)     文件关联     Winsock 提供者     Autorun.inf     HOSTS 文件 启动项目 注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]     <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Corporation] [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]     <load><C:\WINDOWS\system32\dllcache\rund1132.exe> [广州大学华软软件学院05软件开发05班 By Amoeba] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]     <jmekey><C:\Program Files\jmesoft\hotkey.exe> [JME Co., Ltd.]     <SoundMan><SOUNDMAN.EXE> [(Verified)Realtek Semiconductor Corp.]     <StormCodec_Helper><"C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti> [N/A]     <IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload> [(Verified)Microsoft Corporation]     <ShStatEXE><"C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE> [Network Associates, Inc.]     <McAfeeUpdaterUI><"C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey> [Network Associates, Inc.]

dngz.net

    <Network Associates Error Reporting Service><"C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"> [Network Associates, Inc.]     <!ewido><"C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized> [Anti-Malware Development a.s.]     <doc><; c:\windows\doc.exe> [N/A]     <Synchronization Manager><; %SystemRoot%\system32\mobsync.exe /logon> [(Verified)N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]     <shell><Explorer.exe> [(Verified)Microsoft Corporation]     <Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Corporation] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]     <AppInit_DLLs><> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]     <UIHost><logonui.exe> [(Verified)Microsoft Corporation] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]     <{57B86673-276A-48B2-BAE7-C6DBB3020EB8}><C:\Program Files\ewido anti-spyware 4.0\shellexecutehook.dll> [Anti-Malware Development a.s.] ================================== 启动文件夹 N/A ================================== 服务 [Macromedia Licensing Service / Macromedia Licensing Service][Stopped/Manual Start]  <"C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe"><N/A> [McAfee Framework 服务 / McAfeeFramework][Running/Auto Start]  <C:\Program Files\Network Associates\Common Framework\FrameworkService.exe /ServiceStart><Network Associates, Inc.> [Network Associates McShield / McShield][Running/Auto Start]  <"C:\Program Files\Network Associates\VirusScan\Mcshield.exe"><Network Associates, Inc.> [Network Associates Task Manager / McTaskManager][Running/Auto Start]

本文来自 www.dngz.net

 <"C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe"><Network Associates, Inc.> [Portable Media Serial Number Service / WmdmPmSN][Stopped/Manual Start]  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\mspmsnsv.dll><Microsoft Corporation> [ewido anti-spyware 4.0 guard / ewido anti-spyware 4.0 guard][Running/Auto Start]  <C:\Program Files\ewido anti-spyware 4.0\guard.exe><Anti-Malware Development a.s.> ================================== 驱动程序 [Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.> [JME Smart Keyboard / kbfiltr][Running/Manual Start]  <system32\DRIVERS\kbfiltr.sys><JME Co., Ltd.> [NaiAvFilter1 / NaiAvFilter1][Running/Manual Start]  <system32\drivers\naiavf5x.sys><Network Associates, Inc.> [NaiAvTdi1 / NaiAvTdi1][Running/System Start]

 <system32\drivers\mvstdi5x.sys><Network Associates, Inc.> [nv / nv][Running/Manual Start]  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation> [Direct Parallel Link Driver / Ptilink][Running/Manual Start]  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.> [Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver / RTL8023xp][Stopped/Manual Start]  <system32\DRIVERS\Rtlnicxp.sys><Realtek Semiconductor Corporation> [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation> [Secdrv / Secdrv][Stopped/Manual Start]  <system32\DRIVERS\secdrv.sys><N/A> [Sentinel / Sentinel][Running/Auto Start]  <\SystemRoot\System32\Drivers\SENTINEL.SYS><N/A> [SiS315 / SiS315][Stopped/Manual Start]  <system32\DRIVERS\sisgrp.sys><Silicon Integrated Systems Corporation>

本文来自 www.dngz.net

[SiS AGP Filter / SISAGP][Running/Boot Start]  <\SystemRoot\system32\DRIVERS\SISAGPX.sys><Silicon Integrated Systems Corporation> [SiSide / SiSide][Running/Boot Start]  <\SystemRoot\system32\DRIVERS\siside.sys><Silicon Integrated Systems Corp.> [sisidex / sisidex][Running/Boot Start]  <\SystemRoot\system32\drivers\sisidex.sys><Windows (R) 2000 DDK provider> [SiSkp / SiSkp][Running/System Start]  <system32\DRIVERS\srvkp.sys><Silicon Integrated Systems Corporation> [Add Performance Filter Driver / sisperf][Running/Boot Start]  <\SystemRoot\system32\drivers\sisperf.sys><Silicon Integrated Systems Corp.> [Sony USB Filter Driver (SONYPVU1) / SONYPVU1][Stopped/Manual Start]  <system32\DRIVERS\SONYPVU1.SYS><Sony Corporation> [TCP/IP Protocol Driver / Tcpip][Running/System Start]  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>

[EntDrv51 / EntDrv51][Running/Manual Start]  <\?\C:\WINDOWS\system32\drivers\EntDrv51.sys><Network Associates, Inc> [ewido anti-spyware 4.0 driver / ewido anti-spyware 4.0 driver][Running/System Start]  <\?\C:\Program Files\ewido anti-spyware 4.0\guard.sys><N/A> ================================== 浏览器加载项 [AcroIEHlprObj Class]  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated> [IeCatch2 Class]  {A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft> [信息检索(&R)]  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation> [QQ]  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, TENCENT> [FlashGet]  {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\flashget.exe, Amaze Soft>

;

[易趣购物]  {DE60714F-AC17-427e-861A-FD60CBDF119A} <http://click2.ad4all.net/url2/urlmanage/url.asp?id=1, N/A> [Messenger]  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation> [FlashGet Bar]  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft> [Shockwave Flash Object]  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\macromed\flash\Flash.ocx, Macromedia, Inc.> [AcroIEHlprObj Class]  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated> [IeCatch2 Class]  {A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft> [Shockwave Flash Object]  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\macromed\flash\Flash.ocx, Macromedia, Inc.> ================================== 正在运行的进程 [PID: 444][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 508][\?\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 532][\?\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 576][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]     [C:\WINDOWS\system32\EntApi.dll] [Network Associates, Inc, 8.0.0.240] [PID: 588][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]     [C:\WINDOWS\system32\EntApi.dll] [Network Associates, Inc, 8.0.0.240] [PID: 736][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]     [C:\WINDOWS\system32\EntApi.dll] [Network Associates, Inc, 8.0.0.240] (www.dngz.net) [PID: 784][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]     [C:\WINDOWS\system32\EntApi.dll] [Network Associates, Inc, 8.0.0.240] [PID: 848][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]     [C:\WINDOWS\system32\EntApi.dll] [Network Associates, Inc, 8.0.0.240] [PID: 888][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]     [C:\WINDOWS\system32\EntApi.dll] [Network Associates, Inc, 8.0.0.240] [PID: 964][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]     [C:\WINDOWS\system32\EntApi.dll] [Network Associates, Inc, 8.0.0.240] [PID: 1104][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)] [PID: 1340][C:\Program Files\Network Associates\Common Framework\FrameworkService.exe] [Network Associates, Inc., 3.5.0.412]     [C:\Program Files\Network Associates\Common Framework\nailog.dll] [Network Associates, Inc., 3.5.0.474]     [C:\Program Files\Network Associates\Common Framework\naXML.dll] [Network Associates, Inc., 3.5.0.474]     [C:\Program Files\Network Associates\Common Framework\naCmnLib.dll] [Network Associates, Inc., 3.5.0.474]     [C:\Program Files\Network Associates\Common Framework\applib.dll] [Network Associates, Inc., 3.5.0.412]     [C:\Program Files\Network Associates\Common Framework\0804\AgentRes.dll] [Network Associates, Inc., 3.5.0.412]     [C:\Program Files\Network Associates\Common Framework\Logging.dll] [Network Associates, Inc., 3.5.0.412]     [C:\Program Files\Network Associates\Common Framework\InternetManager.dll] [Network Associates, Inc., 3.5.0.412]     [C:\Program Files\Network Associates\Common Framework\naInet.dll] [Network Associates, Inc., 3.5.0.474] (www.dngz.net)版权所有     [C:\Program Files\Network Associates\Common Framework\UserSpace.dll] [Network Associates, Inc., 3.5.0.412]     [C:\Program Files\Network Associates\Common Framework\SecureFrameworkFactory.dll] [Network Associates, Inc., 3.5.0.412]     [C:\Program Files\Network Associates\Common Framework\Management.dll] [Network Associates, Inc., 3.5.0.412]     [C:\Program Files\Network Associates\Common Framework\cmalib.dll] [Network Associates, Inc., 3.5.0.412]     [C:\Program Files\Network Associates\Common Framework\naPolicyManager.dll] [Network Associates, Inc., 3.5.0.412]     [C:\Program Files\Network Associates\Common Framework\ScriptSubSys.dll] [Network Associates, Inc., 3.5.0.412]     [C:\Program Files\Network Associates\Common Framework\UpdateSubSys.dll] [Network Associates, Inc., 3.5.0.412]     [C:\Program Files\Network Associates\Common Framework\Scheduler.dll] [Network Associates, Inc., 3.5.0.412]     [C:\Program Files\Network Associates\Common Framework\TCSubSys.dll] [Network Associates, Inc., 3.5.0.412]

    [C:\WINDOWS\system32\EntApi.dll] [Network Associates, Inc, 8.0.0.240] [PID: 1376][C:\Program Files\Network Associates\VirusScan\Mcshield.exe] [Network Associates, Inc., 8.0.0.251]     [C:\Program Files\Network Associates\VirusScan\Res04\McShield.DLL] [Network Associates, Inc., 8.0.0.251]     [C:\Program Files\Network Associates\VirusScan\FTL.Dll] [Network Associates, Inc., 8.0.0.133]     [C:\Program Files\Network Associates\VirusScan\naiann.dll] [Network Associates, Inc., 8.0.0.251]     [C:\Program Files\Network Associates\VirusScan\mytilus.dll] [Network Associates, Inc., 8.0.0.251]     [C:\Program Files\Network Associates\Common Framework\GenEvtInf.dll] [Network Associates, Inc., 3.5.0.412]     [C:\Program Files\Network Associates\VirusScan\NaEventU.DLL] [Network Associates, Inc., 8.0.0.342] (www.dngz.net)为您排除一切电脑故障     [C:\Program Files\Network Associates\VirusScan\Res04\naEvtRes.dll] [Network Associates, Inc., 8.0.0.342]     [C:\Program Files\Network Associates\VirusScan\VSIDSvr.dll] [Network Associates, Inc., 8.0.0.251]     [C:\Program Files\Common Files\Network Associates\Engine\MCSCAN32.DLL] [McAfee, Inc., 5.1.00]     [C:\Program Files\Network Associates\Common Framework\SecureFrameworkFactory.dll] [Network Associates, Inc., 3.5.0.412]     [C:\Program Files\Network Associates\VirusScan\EntSrv.Dll] [Network Associates, Inc, 8.0.0.240] [PID: 1404][C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe] [Network Associates, Inc., 8.0.0.912]     [C:\Program Files\Network Associates\VirusScan\SHUTIL.dll] [Network Associates, Inc., 8.0.0.912]     [C:\Program Files\Network Associates\VirusScan\naiwmain.dll] [Network Associates, Inc., 8.0.0.912]     [C:\Program Files\Network Associates\VirusScan\naicondl.dll] [Network Associates, Inc., 8.0.0.912]     [C:\Program Files\Network Associates\VirusScan\RES04\VsTskMgr.dll] [Network Associates, Inc., 8.0.0.912]     [C:\Program Files\Network Associates\VirusScan\MIDUtil.Dll] [Network Associates, Inc., 8.0.0.145]     [C:\Program Files\Network Associates\VirusScan\BBCpl.dll] [Network Associates, Inc., 8.0.0.912]     [C:\Program Files\Network Associates\VirusScan\coptcpl.dll] [Network Associates, Inc., 8.0.0.912]     [C:\Program Files\Network Associates\VirusScan\EmCfgCpl.dll] [Network Associates, Inc., 8.0.0.912]     [C:\Program Files\Network Associates\VirusScan\RES04\SEmalRes.dll] [Network Associates, Inc., 8.0.0.912]     [C:\Program Files\Network Associates\VirusScan\RES04\Product.dll] [Network Associates, Inc., 8.0.0.912]     [C:\Program Files\Network Associates\VirusScan\nvpcpl.dll] [Network Associates, Inc., 8.0.0.912]     [C:\Program Files\Network Associates\VirusScan\ftcfg.dll] [Network Associates, Inc., 8.0.0.912] dngz.net     [C:\Program Files\Network Associates\VirusScan\mytilus.dll] [Network Associates, Inc., 8.0.0.251]

    [C:\Program Files\Network Associates\VirusScan\Res04\McShield.dll] [Network Associates, Inc., 8.0.0.251]     [C:\Program Files\Network Associates\VirusScan\OASCpl.dll] [Network Associates, Inc., 8.0.0.912]     [C:\Program Files\Network Associates\VirusScan\vsodscpl.dll] [Network Associates, Inc., 8.0.0.912]     [C:\Program Files\Network Associates\VirusScan\ftl.dll] [Network Associates, Inc., 8.0.0.133]     [C:\Program Files\Network Associates\VirusScan\vsupdcpl.dll] [Network Associates, Inc., 8.0.0.912] [PID: 1428][C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe] [Network Associates, Inc., 3.5.0.412]     [C:\PROGRA~1\NETWOR~1\COMMON~1\nailog.dll] [Network Associates, Inc., 3.5.0.474]     [C:\PROGRA~1\NETWOR~1\COMMON~1\naCmnLib.dll] [Network Associates, Inc., 3.5.0.474]     [C:\PROGRA~1\NETWOR~1\COMMON~1\naXML.dll] [Network Associates, Inc., 3.5.0.474]     [C:\PROGRA~1\NETWOR~1\COMMON~1\0804\AgentRes.dll] [Network Associates, Inc., 3.5.0.412]

    [C:\Program Files\Network Associates\VirusScan\VsPlugin.dll] [Network Associates, Inc., 8.0.0.912]     [C:\WINDOWS\system32\EntApi.dll] [Network Associates, Inc, 8.0.0.240] [PID: 496][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]     [C:\WINDOWS\system32\EntApi.dll] [Network Associates, Inc, 8.0.0.240]     [C:\Program Files\ewido anti-spyware 4.0\shellexecutehook.dll] [Anti-Malware Development a.s., 4, 0, 0, 172]     [C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 6.0.1.2003110300]     [C:\Program Files\Network Associates\VirusScan\scriptproxy.dll] [Network Associates, Inc., 8.0.0.912]     [C:\Program Files\Network Associates\VirusScan\mytilus.dll] [Network Associates, Inc., 8.0.0.251]

dngz.net版权所有

    [C:\Program Files\Network Associates\VirusScan\Res04\McShield.dll] [Network Associates, Inc., 8.0.0.251]     [C:\Program Files\Common Files\Network Associates\Engine\mcscan32.dll] [McAfee, Inc., 5.1.00]     [C:\PROGRA~1\FLASHGET\jccatch.dll] [Amaze Soft, 1, 1, 4, 0] [PID: 1244][C:\WINDOWS\system32\dllcache\rund1132.exe] [广州大学华软软件学院05软件开发05班 By Amoeba, 1.00] [PID: 2888][C:\Program Files\jmesoft\hotkey.exe] [JME Co., Ltd., 1.0.0.0]     [C:\Program Files\ewido anti-spyware 4.0\shellexecutehook.dll] [Anti-Malware Development a.s., 4, 0, 0, 172] [PID: 2204][C:\WINDOWS\system32\conime.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 2004][C:\WINDOWS\SOUNDMAN.EXE] [Realtek Semiconductor Corp., 5.1.0.40] [PID: 3208][C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE] [Network Associates, Inc., 8.0.0.912]     [C:\Program Files\Network Associates\VirusScan\SHUTIL.dll] [Network Associates, Inc., 8.0.0.912]     [C:\Program Files\Network Associates\VirusScan\naiwmain.dll] [Network Associates, Inc., 8.0.0.912]     [C:\Program Files\Network Associates\VirusScan\RES04\shstat.dll] [Network Associates, Inc., 8.0.0.912]     [C:\Program Files\Network Associates\VirusScan\RES04\Product.dll] [Network Associates, Inc., 8.0.0.912]     [C:\Program Files\Network Associates\VirusScan\RES04\McShield.dll] [Network Associates, Inc., 8.0.0.251]     [C:\Program Files\Network Associates\VirusScan\RES04\Shutilrc.dll] [Network Associates, Inc., 8.0.0.912]     [C:\Program Files\Network Associates\VirusScan\Graphics.dll] [Network Associates, Inc., 8.0.0.912] [PID: 3928][C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe] [Network Associates, Inc., 3.5.0.412]     [C:\Program Files\Network Associates\Common Framework\nailog.dll] [Network Associates, Inc., 3.5.0.474] dngz.net您的电脑医生

    [C:\Program Files\Network Associates\Common Framework\naCmnLib.dll] [Network Associates, Inc., 3.5.0.474]     [C:\Program Files\Network Associates\Common Framework\naXML.dll] [Network Associates, Inc., 3.5.0.474]     [C:\Program Files\Network Associates\Common Framework\0804\UpdRes.dll] [Network Associates, Inc., 3.5.0.412]     [C:\Program Files\Network Associates\Common Framework\0804\AgentRes.dll] [Network Associates, Inc., 3.5.0.412]     [C:\Program Files\Network Associates\Common Framework\SecureFrameworkFactory.dll] [Network Associates, Inc., 3.5.0.412] [PID: 3400][C:\PROGRA~1\jmesoft\hkload.exe] [N/A, N/A] [PID: 3316][C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe] [Network Associates, Inc., 2.0.275.0] [PID: 1788][C:\WINDOWS\system32\tlntsvr.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1848][C:\Program Files\ewido anti-spyware 4.0\ewido.exe] [Anti-Malware Development a.s., 4, 0, 0, 172]     [C:\Program Files\ewido anti-spyware 4.0\engine.dll] [Anti-Malware Development a.s., 4, 0, 0, 172] [PID: 3916][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 3308][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]     [C:\WINDOWS\system32\EntApi.dll] [Network Associates, Inc, 8.0.0.240]     [C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 6.0.1.2003110300]     [C:\PROGRA~1\FLASHGET\jccatch.dll] [Amaze Soft, 1, 1, 4, 0]     [C:\Program Files\Network Associates\VirusScan\scriptproxy.dll] [Network Associates, Inc., 8.0.0.912]     [C:\Program Files\Network Associates\VirusScan\mytilus.dll] [Network Associates, Inc., 8.0.0.251]     [C:\Program Files\Network Associates\VirusScan\Res04\McShield.dll] [Network Associates, Inc., 8.0.0.251] ~     [C:\Program Files\Common Files\Network Associates\Engine\mcscan32.dll] [McAfee, Inc., 5.1.00]     [C:\WINDOWS\system32\macromed\flash\Flash.ocx] [Macromedia, Inc., 7,0,14,0] [PID: 1988][C:\Documents and Settings\administrator.NANWU\桌面\sreng2\SREng.EXE] [Smallfrogs Studio, 2.3.13.690] ================================== 文件关联 .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .EXE OK. ["%1" %*] .COM OK. ["%1" %*] .PIF OK. ["%1" %*] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %*] .SCR OK. ["%1" /S] .CHM OK. ["C:\WINDOWS\hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] .INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .VBS Error. [超级解霸3000] .JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .LNK OK. [{00021401-0000-0000-C000-000000000046}]

================================== Winsock 提供者 N/A ================================== Autorun.inf [C:\] [AutoRun] open=svchost.exe /start shellexecute=svchost.exe /start shell\打开(&O)\command=svchost.exe /start [D:\] [AutoRun] open=svchost.exe /start shellexecute=svchost.exe /start shell\打开(&O)\command=svchost.exe /start [E:\] [AutoRun] open=svchost.exe /start shellexecute=svchost.exe /start shell\打开(&O)\command=svchost.exe /start [F:\] [AutoRun] open=svchost.exe /start shellexecute=svchost.exe /start shell\打开(&O)\command=svchost.exe /start [G:\] [AutoRun] open=svchost.exe /start shellexecute=svchost.exe /start shell\打开(&O)\command=svchost.exe /start

================================== HOSTS 文件

~

218.201.94.20 localhost 218.201.94.20 www.5566.net 218.201.94.20 www.gjj.cc 218.201.94.20 www.hao123.com 218.201.94.20 www.hao222.com 218.201.94.20 www.9991.com 218.201.94.20 www.2345.com 218.201.94.20 www.7939.com 218.201.94.20 forum.ikaka.com 218.201.94.20 bbs.360safe.com 218.201.94.20 www.360safe.com 218.201.94.20 www.piaoxue.com 218.201.94.20 61.129.58.12 218.201.94.20 forum.jiangmin.com 218.201.94.20 luosoft.com 218.201.94.20 post.baidu.com 218.201.94.20 cn.zs.yahoo.com 218.201.94.20 www.znmq.com 218.201.94.20 auto.search.msn.com 218.201.94.20 www.pcav.cn 218.201.94.20 www.cnhx.com.cn 218.201.94.20 btbaicai.com 218.201.94.20 219.239.102.77 218.201.94.20 hz.mop-hz.com 218.201.94.20 www.jacai.com 218.201.94.20 bbs.168safe.com 218.201.94.20 ok.mop-hz.com 218.201.94.20 s46.cnzz.com ================================== API HOOK N/A ================================== [/CODE]

<doc><; c:\windows\doc.exe> [N/A] 启动项,注册表,,修复,找到这文件,,看看时间/版本/公司,搜索相关文件,鉴别删除 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]     <AppInit_DLLs><> [N/A] 修复掉 Autorun.inf [C:\] [AutoRun] open=svchost.exe /start shellexecute=svchost.exe /start shell\打开(&O)\command=svchost.exe /start [D:\] [AutoRun] open=svchost.exe /start shellexecute=svchost.exe /start shell\打开(&O)\command=svchost.exe /start [E:\] [AutoRun] open=svchost.exe /start shellexecute=svchost.exe /start shell\打开(&O)\command=svchost.exe /start [F:\] [AutoRun] open=svchost.exe /start 本文来自 www.dngz.net shellexecute=svchost.exe /start shell\打开(&O)\command=svchost.exe /start [G:\] [AutoRun] open=svchost.exe /start shellexecute=svchost.exe /start shell\打开(&O)\command=svchost.exe /start 明显中毒,每个盘符根目录下面二隐含文件,都删除掉//本板块有朋友发帖子,autorun病毒的解决方法,建议参考 autorun.inf  svchost.exe 这文件在c:/win/system32里面 HOSTS 文件 218.201.94.20 localhost 218.201.94.20 www.5566.net 218.201.94.20 www.gjj.cc 218.201.94.20 www.hao123.com 218.201.94.20 www.hao222.com 218.201.94.20 www.9991.com 218.201.94.20 www.2345.com 218.201.94.20 www.7939.com 218.201.94.20 forum.ikaka.com 218.201.94.20 bbs.360safe.com 218.201.94.20 www.360safe.com 218.201.94.20 www.piaoxue.com 218.201.94.20 61.129.58.12 218.201.94.20 forum.jiangmin.com 218.201.94.20 luosoft.com 218.201.94.20 post.baidu.com 218.201.94.20 cn.zs.yahoo.com 218.201.94.20 www.znmq.com 218.201.94.20 auto.search.msn.com 218.201.94.20 www.pcav.cn 218.201.94.20 www.cnhx.com.cn 218.201.94.20 btbaicai.com 218.201.94.20 219.239.102.77 218.201.94.20 hz.mop-hz.com 218.201.94.20 www.jacai.com 218.201.94.20 bbs.168safe.com 218.201.94.20 ok.mop-hz.com 218.201.94.20 s46.cnzz.com 修复掉 进程中: [PID: 3400][C:\PROGRA~1\jmesoft\hkload.exe] [N/A, N/A]  可能有遗漏,请其他朋友补充

可以参考 http://bbs.dngz.net/thread-134034-1-1.html 完美解决双击盘符无法打开分区的问题!

江民发布“WORD文档杀手”病毒技术分析报告

谢谢版主 用autorun病毒的解决方法 杀掉了以后软盘就不会读了..

。。。汗``把软区禁止掉好了`省得麻烦

WORD文档杀手解决了没有?建议重新发个报告俺看看。

标签:

Powered by 电脑教程网 © 2004-2015 pc.ximizi.com Inc.