廣告廣告
  加入我的最愛 設為首頁 風格修改
首頁 首尾
 手機版   訂閱   地圖  簡體 
您是第 13565 個閱讀者
 
發表文章 發表投票 回覆文章
  可列印版   加為IE收藏   收藏主題   上一主題 | 下一主題   
julie9104
數位造型
個人文章 個人相簿 個人日記 個人地圖
路人甲
級別: 路人甲 該用戶目前不上站
推文 x0 鮮花 x0
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片
推文 x0
[問題討論] 電腦中毒,d,e槽打不開,出現湖義字樣
dear:
    各位大大,我電腦一直遭受攻擊,出現w32.mamawow.d的病毒,後來,c槽format重灌,再用ghost還原,也還是遭受攻擊,現在重灌後,D.E槽均無法打開,按右鍵出現"湖義"字樣,用別的方式打開,,諾頓就出現病毒攻擊.
懇求幫忙,以下是我的報告..

複製程式

2007-07-06,11:41:38

System Repair Engineer 2.5.16.900
Smallfrogs ([url]http://www.KZTechs.com[/url])

Windows XP Professional Service Pack 2 (Build 2600) - 管理許可權用戶 - 完整功能

以下內容被選中:
    所有的啟動項目(包括註冊表、開機檔案夾、服務等)
    流覽器載入項
    正在運行的進程(包括進程模組資訊)
    文件關聯
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    進程特權掃描


啟動專案
註冊表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002ASync><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002A><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows Publisher]
    <IgfxTray><C:\WINDOWS\System32\igfxtray.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <HotKeysCmds><C:\WINDOWS\System32\hkcmd.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <SoundMan><SOUNDMAN.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher, E=""]
    <Client Access Service><"C:\Program Files\IBM\Client Access\cwbsvstr.exe">  [IBM Corporation]
    <Client Access Help Update><"C:\Program Files\IBM\Client Access\cwbinhlp.exe">  [IBM Corporation]
    <Client Access Check Version><"C:\Program Files\IBM\Client Access\cwbckver.exe" LOGIN>  [N/A]
    <Client Access Express Welcome><"C:\Program Files\IBM\Client Access\cwbwlwiz.exe">  [IBM Corporation]
    <NeroFilterCheck><C:\WINDOWS\system32\NeroCheck.exe>  [Ahead Software Gmbh]
    <GhostStartTrayApp><C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe>  [Symantec Corporation]
    <Super Rabbit SRRestore><C:\PROGRA~1\SUPERR~1\magicset\SRRest.exe /FIRST>  [Super Rabbit Soft]
    <ccApp><"C:\Program Files\Common Files\Symantec Shared\ccApp.exe">  [(Verified)Symantec Corporation]
    <vptray><C:\PROGRA~1\SYMANT~1\VPTray.exe>  [(Verified)Symantec Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
    <WinlogonNotify: NavLogon><C:\WINDOWS\system32\NavLogon.dll>  [(Verified)Symantec Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <Address Book 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]

==================================
開機檔案夾
[Microsoft Office]
  <C:\Documents and Settings\All Users\「開始」功能表\程式集\啟動\Microsoft Office.lnk --> C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [Microsoft Corporation]><N>
[Service Manager]
  <C:\Documents and Settings\All Users\「開始」功能表\程式集\啟動\Service Manager.lnk --> C:\MSSQL7\Binn\sqlmangr.exe [Microsoft Corporation]><N>

==================================
服務
[iSeries Access for Windows 遠端指令 / Cwbrxd][Stopped/Manual Start]
  <C:\WINDOWS\CWBRXD.EXE><IBM Corporation>
[GhostStartService / GhostStartService][Running/Auto Start]
  <C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe><Symantec Corporation>
[MSSQLServer / MSSQLServer][Running/Auto Start]
  <C:\MSSQL7\binn\sqlservr.exe><Microsoft Corporation>
[SQLServerAgent / SQLServerAgent][Stopped/Manual Start]
  <C:\MSSQL7\binn\sqlagent.exe><Microsoft Corporation>
[Windows Driver Foundation - User-mode Driver Framework / WudfSvc][Stopped/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup-->%SystemRoot%\System32\WUDFSvc.dll><Microsoft Corporation>
[Symantec Network Drivers Service / SNDSrvc][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"><Symantec Corporation>
[Symantec Event Manager / ccEvtMgr][Running/Auto Start]
  <"C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"><Symantec Corporation>
[Symantec Password Validation / ccPwdSvc][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe"><Symantec Corporation>
[Symantec Settings Manager / ccSetMgr][Running/Auto Start]
  <"C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"><Symantec Corporation>
[Symantec AntiVirus Definition Watcher / DefWatch][Running/Auto Start]
  <"C:\Program Files\Symantec AntiVirus\DefWatch.exe"><Symantec Corporation>
[SavRoam / SavRoam][Running/Auto Start]
  <"C:\Program Files\Symantec AntiVirus\SavRoam.exe"><symantec>
[Symantec SPBBCSvc / SPBBCSvc][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe"><Symantec Corporation>
[Symantec AntiVirus / Symantec AntiVirus][Running/Auto Start]
  <"C:\Program Files\Symantec AntiVirus\Rtvscan.exe"><Symantec Corporation>

==================================
驅動程式
[Service for Avance AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Avance Logic, Inc.>
[GhostPciScanner / GhPciScan][Running/System Start]
  <\??\C:\Program Files\Symantec\Norton Ghost 2003\ghpciscan.sys><Symantec Corporation>
[ialm / ialm][Running/Manual Start]
  <System32\DRIVERS\ialmnt5.sys><Intel Corporation>
[直接平行連接埠連結驅動程式 / Ptilink][Running/Manual Start]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
  <System32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <System32\DRIVERS\secdrv.sys><N/A>
[Windows Driver Foundation - User-mode Driver Framework Platform Driver / WudfPf][Stopped/Manual Start]
  <system32\DRIVERS\WudfPf.sys><Microsoft Corporation>
[Windows Driver Foundation - User-mode Driver Framework Reflector / WudfRd][Stopped/Manual Start]
  <system32\DRIVERS\wudfrd.sys><Microsoft Corporation>
[Intel(R) Graphics Platform (SoftBIOS) Driver / {6080A529-897E-4629-A488-ABA0C29B635E}][Running/System Start]
  <system32\drivers\ialmsbw.sys><Intel Corporation>
[Intel(R) Graphics Chipset (KCH) Driver / {D31A0762-0CEB-444e-ACFF-B049A1F6FE91}][Running/Manual Start]
  <system32\drivers\ialmkchw.sys><Intel Corporation>
[SymEvent / SymEvent][Running/Manual Start]
  <\??\C:\Program Files\Symantec\SYMEVENT.SYS><Symantec Corporation>
[SPBBCDrv / SPBBCDrv][Stopped/Manual Start]
  <\??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys><Symantec Corporation>
[SAVRT / SAVRT][Running/System Start]
  <\??\C:\Program Files\Symantec AntiVirus\savrt.sys><Symantec Corporation>
[SAVRTPEL / SAVRTPEL][Running/System Start]
  <\??\C:\Program Files\Symantec AntiVirus\Savrtpel.sys><Symantec Corporation>
[SYMTDI / SYMTDI][Running/System Start]
  <\SystemRoot\System32\Drivers\SYMTDI.SYS><Symantec Corporation>
[NAVEX15 / NAVEX15][Running/Manual Start]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070704.024\navex15.sys><Symantec Corporation>
[NAVENG / NAVENG][Running/Manual Start]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070704.024\naveng.sys><Symantec Corporation>
[Symantec Eraser Control driver / eeCtrl][Running/System Start]
  <\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys><Symantec Corporation>

==================================
流覽器載入項
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Windows Live Toolbar Helper]
  {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[Windows Live Toolbar]
  {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
[&Translator Internet]
  {8E4AA109-7239-4B85-8196-7377A53DDEFF} <C:\PROGRA~1\Antadis\TRANSL~1\DELPHI~1.DLL, N/A>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\System32\wuweb.dll, Microsoft Corporation>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\System32\legitcheckcontrol.dll, Microsoft Corporation>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\System32\wuweb.dll, Microsoft Corporation>
[&Translator Internet]
  {8E4AA109-7239-4B85-8196-7377A53DDEFF} <C:\PROGRA~1\Antadis\TRANSL~1\DELPHI~1.DLL, N/A>
[Windows Live Toolbar]
  {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
[Windows Live Toolbar Helper]
  {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>

==================================
正在運行的進程
[PID: 440 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 740 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 800 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 860 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 908 / NETWORK SERVICE][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 976 / LOCAL SERVICE][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1136 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 1636 / JulieLee][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 6.0.0.2003051500]
    [C:\WINDOWS\System32\igfxpph.dll]  [Intel Corporation, 3,0,0,1545]
    [C:\WINDOWS\System32\hccutils.DLL]  [Intel Corporation, 3,0,0,1545]
    [C:\Program Files\IBM\Client Access\Shared\cwbunddh.dll]  [IBM Corporation, 09.000]
[PID: 1788 / JulieLee][C:\WINDOWS\System32\igfxtray.exe]  [Intel Corporation, 3,0,0,1545]
    [C:\WINDOWS\System32\hccutils.DLL]  [Intel Corporation, 3,0,0,1545]
    [C:\WINDOWS\System32\igfxdev.dll]  [Intel Corporation, 3,0,0,1545]
    [C:\WINDOWS\System32\igfxsrvc.dll]  [Intel Corporation, 3,0,0,1545]
    [C:\WINDOWS\System32\igfxres.dll]  [Intel Corporation, 3,0,0,1545]
    [C:\WINDOWS\System32\igfxress.dll]  [Intel Corporation, 3,0,0,1545]
[PID: 1796 / JulieLee][C:\WINDOWS\System32\hkcmd.exe]  [Intel Corporation, 3,0,0,1545]
    [C:\WINDOWS\System32\hccutils.DLL]  [Intel Corporation, 3,0,0,1545]
    [C:\WINDOWS\System32\igfxdev.dll]  [Intel Corporation, 3,0,0,1545]
    [C:\WINDOWS\System32\igfxsrvc.dll]  [Intel Corporation, 3,0,0,1545]
    [C:\WINDOWS\System32\igfxhk.dll]  [Intel Corporation, 3,0,0,1545]
    [C:\WINDOWS\System32\igfxres.dll]  [Intel Corporation, 3,0,0,1545]
[PID: 1824 / JulieLee][C:\WINDOWS\SOUNDMAN.EXE]  [Avance Logic, Inc., 5, 0, 0, 0]
[PID: 1916 / JulieLee][C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe]  [Symantec Corporation, 2003.775]
[PID: 1936 / JulieLee][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 208 / SYSTEM][C:\MSSQL7\binn\sqlservr.exe]  [Microsoft Corporation, 1998.11.13]
    [C:\MSSQL7\binn\opends60.dll]  [Microsoft Corporation, 1998.11.13]
    [C:\MSSQL7\binn\ums.dll]  [Microsoft Corporation, 1998.11.13]
    [C:\MSSQL7\binn\sqlevn70.dll]  [Microsoft Corporation, 1998.11.13]
    [C:\MSSQL7\binn\COMNEVNT.DLL]  [Microsoft Corporation, 1998.11.13]
    [C:\MSSQL7\binn\SQLTrace.DLL]  [Microsoft Corporation, 1998.11.13]
    [C:\MSSQL7\binn\SSNMPN70.dll]  [Microsoft Corporation, 1998.11.13]
    [C:\MSSQL7\binn\SSMSSO70.dll]  [Microsoft Corporation, 1998.11.13]
    [C:\MSSQL7\binn\SSMSRP70.dll]  [Microsoft Corporation, 1998.11.13]
    [C:\MSSQL7\binn\SQLRGSTR.DLL]  [N/A, ]
[PID: 1556 / SYSTEM][C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe]  [Symantec Corporation, 2003.775]
[PID: 1844 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 224 / SYSTEM][C:\Program Files\Symantec AntiVirus\DefWatch.exe]  [Symantec Corporation, 10.0.0.359]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[PID: 188 / SYSTEM][C:\Program Files\Symantec AntiVirus\Rtvscan.exe]  [Symantec Corporation, 10.0.0.359]
    [C:\WINDOWS\system32\CBA.DLL]  [IntelR Corporation, 6.12.0.130 E]
    [C:\WINDOWS\system32\MsgSys.dll]  [IntelR Corporation, 6.12.0.130 E]
    [C:\WINDOWS\system32\NTS.dll]  [IntelR Corporation, 6.12.0.130 E]
    [C:\WINDOWS\system32\PDS.DLL]  [IntelR Corporation, 6.12.0.130 E]
    [C:\Program Files\Symantec AntiVirus\NAVLU.dll]  [Symantec Corporation, 10.0.0.359]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Symantec AntiVirus\NAVNTUTL.DLL]  [Symantec Corporation, 10.0.0.359]
    [c:\program files\common files\symantec shared\ssc\ScsComms.dll]  [Symantec Corporation, 10.0.0.359]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Symantec AntiVirus\I2ldvp3.dll]  [Symantec Corporation, 10.0.0.359]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 103.5.1.9]
    [C:\Program Files\Common Files\Symantec Shared\ccL35.dll]  [Symantec Corporation, 103.5.1.9]
    [C:\Program Files\Common Files\Symantec Shared\ccDec.dll]  [Symantec Corporation, 103.5.1.9]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\decsdk.dll]  [Symantec Corporation, 3.02.12.35]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2.dll]  [Symantec Corporation, 3.02.12.35]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ID.dll]  [Symantec Corporation, 3.02.12.35]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Zip.dll]  [Symantec Corporation, 3.02.12.35]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2SS.dll]  [Symantec Corporation, 3.02.12.35]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2GZIP.dll]  [Symantec Corporation, 3.02.12.35]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2CAB.dll]  [Symantec Corporation, 3.02.12.35]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LHA.dll]  [Symantec Corporation, 3.02.12.35]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ARJ.dll]  [Symantec Corporation, 3.02.12.35]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TNEF.dll]  [Symantec Corporation, 3.02.12.35]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LZ.dll]  [Symantec Corporation, 3.02.12.35]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2AMG.dll]  [Symantec Corporation, 3.02.12.35]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RAR.dll]  [Symantec Corporation, 3.02.12.35]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TAR.dll]  [Symantec Corporation, 3.02.12.35]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RTF.dll]  [Symantec Corporation, 3.02.12.35]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Text.dll]  [Symantec Corporation, 3.02.12.35]
    [C:\Program Files\Common Files\Symantec Shared\ccScan.dll]  [Symantec Corporation, 103.5.1.9]
    [C:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL]  [Symantec Corporation, 1.4.0.11]
    [C:\Program Files\Symantec AntiVirus\DefUtDCD.dll]  [Symantec Corporation, 3.1.13a.0]
    [C:\Program Files\Symantec AntiVirus\SAVRT32.DLL]  [Symantec Corporation, 9.5.0.44]
    [C:\Program Files\Symantec AntiVirus\IMail.dll]  [Symantec Corporation, 10.0.0.359]
    [C:\Program Files\Symantec AntiVirus\NotesExt.dll]  [Symantec Corporation, 10.0.0.359]
    [C:\Program Files\Symantec AntiVirus\vpmsece3.dll]  [Symantec Corporation, 10.0.0.359]
    [C:\Program Files\Symantec AntiVirus\SymProtectStorage.dll]  [Symantec Corporation, 10.0.0.359]
    [C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCEvt.dll]  [Symantec Corporation, 1,5,1,3]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070704.024\ccEraser.dll]  [Symantec Corporation, 107.2.1.6]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070704.024\ecmsvr32.dll]  [Symantec Corporation, 71.2.0.12]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070704.024\NAVEX32a.DLL]  [Symantec Corporation, 20071.2.0.18]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070704.024\NAVENG32.DLL]  [Symantec Corporation, 20071.2.0.18]
    [C:\Program Files\Symantec AntiVirus\NAVAP32.DLL]  [Symantec Corporation, 9.5.0.44]
    [C:\Program Files\Common Files\Symantec Shared\SSC\scandlgs.dll]  [Symantec Corporation, 10.0.0.359]
    [C:\Program Files\Symantec AntiVirus\Cliscan.dll]  [Symantec Corporation, 10.0.0.359]
[PID: 1436 / SYSTEM][C:\Program Files\Symantec AntiVirus\SavRoam.exe]  [symantec, 10.0.0.359]
    [C:\Program Files\Common Files\Symantec Shared\SSC\Transman.dll]  [Symantec Corporation, 10.0.0.359]
    [C:\WINDOWS\system32\CBA.DLL]  [IntelR Corporation, 6.12.0.130 E]
    [C:\WINDOWS\system32\MsgSys.dll]  [IntelR Corporation, 6.12.0.130 E]
    [C:\WINDOWS\system32\NTS.dll]  [IntelR Corporation, 6.12.0.130 E]
    [C:\WINDOWS\system32\PDS.DLL]  [IntelR Corporation, 6.12.0.130 E]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [c:\program files\common files\symantec shared\ssc\ScsComms.dll]  [Symantec Corporation, 10.0.0.359]
[PID: 884 / SYSTEM][C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe]  [Symantec Corporation, 103.5.1.9]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\Symantec Shared\ccL35.dll]  [Symantec Corporation, 103.5.1.9]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 103.5.1.9]
    [C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll]  [Symantec Corporation, 103.5.1.9]
[PID: 468 / SYSTEM][C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe]  [Symantec Corporation, 103.5.1.9]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\Symantec Shared\ccL35.dll]  [Symantec Corporation, 103.5.1.9]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 103.5.1.9]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\BB.DLL]  [Symantec Corporation, 1,5,1,3]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\SPBBCEVT.DLL]  [Symantec Corporation, 1,5,1,3]
    [C:\Program Files\Common Files\Symantec Shared\ccSet.dll]  [Symantec Corporation, 103.5.1.9]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETEVT.DLL]  [Symantec Corporation, 103.5.1.9]
[PID: 2160 / JulieLee][C:\Program Files\Common Files\Symantec Shared\ccApp.exe]  [Symantec Corporation, 103.5.1.9]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\Symantec Shared\ccL35.dll]  [Symantec Corporation, 103.5.1.9]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 103.5.1.9]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL]  [Symantec Corporation, 103.5.1.9]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL]  [Symantec Corporation, 103.5.1.9]
    [C:\WINDOWS\system32\SYMREDIR.DLL]  [Symantec Corporation, 5.5.1.6]
    [C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll]  [Symantec Corporation, 103.5.1.9]
    [C:\Program Files\Common Files\Symantec Shared\ccProSub.dll]  [Symantec Corporation, 103.5.1.9]
    [C:\Program Files\Symantec AntiVirus\SavEmail.dll]  [Symantec Corporation, 10.0.0.359]
[PID: 2340 / JulieLee][C:\Program Files\Symantec AntiVirus\vptray.exe]  [Symantec Corporation, 10.0.0.359]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Symantec AntiVirus\SAVRT32.DLL]  [Symantec Corporation, 9.5.0.44]
    [C:\Program Files\Symantec AntiVirus\Cliproxy.dll]  [Symantec Corporation, 10.0.0.359]
    [C:\Program Files\Symantec AntiVirus\NAVNTUTL.DLL]  [Symantec Corporation, 10.0.0.359]
    [c:\program files\common files\symantec shared\ssc\ScsComms.dll]  [Symantec Corporation, 10.0.0.359]
    [C:\WINDOWS\system32\nts.dll]  [IntelR Corporation, 6.12.0.130 E]
    [C:\WINDOWS\system32\cba.dll]  [IntelR Corporation, 6.12.0.130 E]
    [C:\WINDOWS\system32\MsgSys.dll]  [IntelR Corporation, 6.12.0.130 E]
    [C:\WINDOWS\system32\PDS.DLL]  [IntelR Corporation, 6.12.0.130 E]
[PID: 3420 / JulieLee][C:\sreng2\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [C:\sreng2\Lang\1028.DLL]  [System Repair Engineer, 2.5.16.900]
    [C:\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
[PID: 3920 / JulieLee][C:\sreng2\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [C:\sreng2\Lang\1028.DLL]  [System Repair Engineer, 2.5.16.900]
    [C:\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]

==================================
文件關聯
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1       localhost

==================================
進程特權掃描
特殊特權被允許: SeLoadDriverPrivilege [PID = 1916, C:\PROGRAM FILES\SYMANTEC\NORTON GHOST 2003\GHOSTSTARTTRAYAPP.EXE]

==================================
API HOOK
N/A

==================================
隱藏進程 
N/A

==================================





獻花 x0 回到頂端 [樓 主] From:臺灣 | Posted:2007-07-06 12:00 |
upside 手機 葫蘆墩家族
個人頭像
個人文章 個人相簿 個人日記 個人地圖
特殊貢獻獎 社區建設獎 優秀管理員勳章
頭銜:反病毒 反詐騙 反虐犬   反病毒 反詐騙 反虐犬  
版主
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片

下載底下這個程式解壓後按兩下執行,應該就解決你問題了
http://raes.myweb.hine...auto.rar

如果不行 可以下載此套軟體
http://www.easysofts.com....Killer.rar

另外如果你有隨身碟那可能也中毒了,先掃毒再來插電腦,否則下次還是會發生這情形

http://raes.myweb.hine...auto.bat


[ 此文章被upside在2007-07-07 15:49重新編輯 ]


爸爸 你一路好走
獻花 x0 回到頂端 [1 樓] From:臺灣和信超媒體寬帶網 | Posted:2007-07-06 14:16 |
bv03j0u1
數位造型
個人文章 個人相簿 個人日記 個人地圖
路人甲
級別: 路人甲 該用戶目前不上站
推文 x0 鮮花 x0
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片

我也是這個問題、C、D槽打不開
又鍵出現怪字。
之前首頁還被綁、現在免強弄到勝這個問題了。
大大可以上傳已經解壓縮的檔案嗎?
因為C槽、D槽打不開、全部的程式都無法使用、所以不能解壓縮、謝謝了


獻花 x0 回到頂端 [2 樓] From:臺灣 | Posted:2007-07-07 15:04 |
BadDevil
數位造型
個人文章 個人相簿 個人日記 個人地圖
小人物
級別: 小人物 該用戶目前不上站
推文 x0 鮮花 x21
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片

之前有遇過一次~
殺很久 結果是一個AUTO在搞怪~


[url] http://gphonefans.net/?fromuid=77957[/url]
獻花 x0 回到頂端 [3 樓] From:臺灣 | Posted:2007-07-07 15:20 |
xyz813462
數位造型
個人文章 個人相簿 個人日記 個人地圖
路人甲
級別: 路人甲 該用戶目前不上站
推文 x0 鮮花 x0
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片

哇   大大提供的二道軟體都成功的幫了小弟的忙 真是感激不盡


獻花 x0 回到頂端 [4 樓] From:臺灣中華HiNet | Posted:2007-08-18 22:22 |

首頁  發表文章 發表投票 回覆文章
Powered by PHPWind v1.3.6
Copyright © 2003-04 PHPWind
Processed in 0.089275 second(s),query:16 Gzip disabled
本站由 瀛睿律師事務所 擔任常年法律顧問 | 免責聲明 | 本網站已依台灣網站內容分級規定處理 | 連絡我們 | 訪客留言