微点交流论坛
» 游客:  注册 | 登录 | 帮助

 微点交流论坛 » 微点软件使用交流 » 我中了5y5毒,不知微点的能不能杀  

作者:
标题: 我中了5y5毒,不知微点的能不能杀
yiyi123456
新手上路





积分 12
发帖 12
注册 2007-6-12
#1  我中了5y5毒,不知微点的能不能杀

2007-06-29,12:42:23



Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <!AVG Anti-Spyware><"E:\Program Files\AVG Anti-Spyware 7.5\avgas.exe" /minimized>  [(Verified)GRISOFT LTD]
    <Bbclock><E:\Program Files\笨笨钟\BBClock.exe>  []
    <nod32kui><"C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE>  [Eset ]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\SYSTEM32\USERINIT.EXE,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{57B86673-276A-48B2-BAE7-C6DBB3020EB8}><e:\Program Files\AVG Anti-Spyware 7.5\shellexecutehook.dll>  [(Verified)GRISOFT LTD]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
    <WinlogonNotify: NavLogon><C:\WINDOWS\System32\NavLogon.dll>  []

==================================
启动文件夹
N/A

==================================
服务
[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
  <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[AVG Anti-Spyware Guard / AVG Anti-Spyware Guard][Running/Auto Start]
  <F:\杀毒\AVG Anti-Spyware 7.5\guard.exe><Anti-Malware Development a.s.>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[MPSVC Service / MPSVCService][Running/Auto Start]
  <e:\Program Files\Micropoint\MPSVC.exe><Micropoint Corporation>
[NOD32 Kernel Service / NOD32krn][Running/Auto Start]
  <"C:\Program Files\Eset\nod32krn.exe"><Eset>

==================================
驱动程序
[Service for WDM 3D Audio Driver / ALCXSENS][Running/Manual Start]
  <system32\drivers\ALCXSENS.SYS><Sensaura Ltd>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AMON / AMON][Running/Auto Start]
  <\SystemRoot\system32\drivers\amon.sys><Eset>
[AVG Anti-Spyware Driver / AVG Anti-Spyware Driver][Running/System Start]
  <\??\F:\杀毒\AVG Anti-Spyware 7.5\guard.sys><N/A>
[AVG Anti-Spyware Clean Driver / AvgAsCln][Running/System Start]
  <System32\DRIVERS\AvgAsCln.sys><GRISOFT, s.r.o.>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[Cdsys / Cdsys][Stopped/Manual Start]
  <\??\C:\WINDOWS\System32\cdcd.sys><N/A>
[HOOKAPI / HOOKAPI][Stopped/Manual Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\HOOKAPI.SYS><N/A>
[ialm / ialm][Running/Manual Start]
  <System32\DRIVERS\ialmnt5.sys><Intel Corporation>
[mp110001 / mp110001][Running/Auto Start]
  <system32\drivers\mp110001.sys><MicroPoint Corporation>
[mp110002 / mp110002][Running/Auto Start]
  <system32\drivers\mp110002.sys><Micropoint Corporation>
[mp110003 / mp110003][Running/Boot Start]
  <\SystemRoot\system32\drivers\mp110003.sys><Micropoint Corporation>
[mp110004 / mp110004][Running/Auto Start]
  <system32\drivers\mp110004.sys><Micropoint Corporation>
[mp110005 / mp110005][Running/Manual Start]
  <system32\drivers\mp110005.sys><Micropoint Corporation>
[mp110006 / mp110006][Running/System Start]
  <system32\drivers\mp110006.sys><Micropoint Corporation>
[mp110007 / mp110007][Running/System Start]
  <system32\drivers\mp110007.sys><Micropoint Corporation>
[mp110008 / mp110008][Running/Auto Start]
  <system32\drivers\mp110008.sys><Micropoint Corporation>
[mp110009 / mp110009][Running/System Start]
  <system32\drivers\mp110009.sys><Micropoint Corporation>
[mp110010 / mp110010][Running/Boot Start]
  <\SystemRoot\system32\drivers\mp110010.sys><Micropoint Corporation>
[mp110011 / mp110011][Running/System Start]
  <system32\drivers\mp110011.sys><Micropoint Corporation>
[mp110012 / mp110012][Stopped/Manual Start]
  <system32\drivers\mp110012.sys><Micropoint Corporation>
[mp110013 / mp110013][Running/Boot Start]
  <\SystemRoot\system32\drivers\mp110013.sys><Micropoint Corporation>
[nod32drv / nod32drv][Running/System Start]
  <\SystemRoot\system32\drivers\nod32drv.sys><N/A>
[npkycryp / npkycryp][Stopped/Manual Start]
  <\??\E:\Program Files\AresQQ\QQ\npkycryp.sys><N/A>
[Ps2 / Ps2][Running/Manual Start]
  <System32\DRIVERS\PS2.sys><Hewlett-Packard Company>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Feitian ROCKEY4 Device Service / ROCKEYNT][Running/Manual Start]
  <system32\DRIVERS\Rockey4.sys><Feitian Technologies Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
  <System32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <System32\DRIVERS\secdrv.sys><N/A>
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1][Stopped/Manual Start]
  <System32\DRIVERS\SONYPVU1.SYS><Sony Corporation>

==================================
浏览器加载项
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <e:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <e:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[Microsoft Office Template and Media Control]
  {02BCC737-B171-4746-94C9-0D8A0B2C0089} <C:\PROGRA~1\MICROS~2\OFFICE11\IEAWSDC.DLL, >
[MMCPlayer Class]
  {05C1004E-2596-48E5-8E26-39362985EEB9} <C:\WINDOWS\Downloaded Program Files\MMCShell.dll, Sohu.com Inc.>
[Edit Class]
  {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINDOWS\system32\CMBEdit.dll, >
[Shockwave ActiveX Control]
  {166B1BCA-3F9C-11CF-8075-444553540000} <C:\WINDOWS\System32\macromed\Shockwave 10\Download.dll, Macromedia, Inc.>
[PowerPlr Control]
  {2354A44B-3CEB-4829-9940-545B03103538} <C:\PROGRA~1\创智数~1\PowerPlr.ocx, Powerise Digital>
[PhotoDraw Class]
  {2375BEE5-F175-4F1C-81EC-8E4E2E72E2DD} <C:\WINDOWS\system32\QQPhotoDraw.dll, TENCENT>
[Nexon Package Manager Control]
  {2931566C-B8A6-46C5-BF4D-E6AB9251E953} <C:\WINDOWS\nxpm.ocx, (c) Nexon>
[GUpdate Class]
  {3C38DEE8-BE1A-4DEC-B232-2C78706CC7EA} <C:\WINDOWS\Downloaded Program Files\gupdate.dll, >
[WebActivater Control]
  {3D8F74EE-8692-4F8F-B8D2-7522E732519E} <C:\WINDOWS\system32\WEBACT~1.OCX, QQ>
[CEditCtrl Object]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\System32\aliedit\AliEdit.dll, www.alipay.com>
[CMCBooter Object]
  {53AF6E02-F18F-4228-AC13-3E79773FBE50} <C:\WINDOWS\system32\Booter.ocx, 北京高维视讯科技有限公司>
[Downloader Class]
  {5932517A-3326-4439-A708-1C98EDB5C549} <, N/A>
[AxInputControl Class]
  {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\system32\INPUTC~1.DLL, >
[BoBo P2P多媒体网络点播/广播/直播系统 V2]
  {A8C3B40D-5384-44AD-ACC4-504B4D8A85F5} <C:\WINDOWS\DOWNLO~1\BOBO_A~1.OCX, 广州易播信息科技有限公司>
[Chaos Filter]
  {AB89C9BF-9250-473B-BE49-D34F615CB678} <C:\WINDOWS\system32\chaos.ax, Gaov Info Tech Co, LTD.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[Ravonline]
  {DA984A6D-508E-11D6-AA49-0050FF3C628D} <C:\WINDOWS\Downloaded Program Files\RsOnline.dll, Beijing Rising Tech. Co., Ltd.>
[Rising Web Scan Object]
  {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <C:\WINDOWS\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[dddolsp Class]
  {FCEFD5DD-7152-4317-ABC1-16682376EE7A} <C:\WINDOWS\Downloaded Program Files\dddol.dll, >
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <e:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[UserCpuCard Control]
  {16F2448E-8C16-11D1-9A11-0080C8E1561F} <C:\WINDOWS\system32\USERCP~1.OCX, EPort>
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <e:\Program Files\Thunder\ComDlls\ThunderAgent_Now.dll, Thunder Networking Technologies,LTD>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <e:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[使用迅雷下载]
  <e:\Program Files\Thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <e:\Program Files\Thunder\Program\getallurl.htm, N/A>

※ ※ ※ 本文纯属【yiyi123456】个人意见,与【 微点交流论坛 】立场无关※ ※ ※
2007-6-29 14:12
查看资料  发送邮件  发短消息   编辑帖子
yiyi123456
新手上路





积分 12
发帖 12
注册 2007-6-12
#2  

==================================
正在运行的进程
[PID: 448][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 508][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 532][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [e:\Program Files\Micropoint\mp110031.dll]  [Micropoint Corporation, 1.2.10034]
    [C:\WINDOWS\System32\NavLogon.dll]  [N/A, ]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 576][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [e:\Program Files\Micropoint\mp110031.dll]  [Micropoint Corporation, 1.2.10034]
[PID: 588][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [e:\Program Files\Micropoint\mp110031.dll]  [Micropoint Corporation, 1.2.10034]
[PID: 752][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [e:\Program Files\Micropoint\mp110031.dll]  [Micropoint Corporation, 1.2.10034]
[PID: 940][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [e:\Program Files\Micropoint\mp110031.dll]  [Micropoint Corporation, 1.2.10034]
[PID: 1676][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [e:\Program Files\Micropoint\mp110031.dll]  [Micropoint Corporation, 1.2.10034]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\igfxpph.dll]  [Intel Corporation, 3.0.0.3818]
    [C:\WINDOWS\system32\hccutils.DLL]  [Intel Corporation, 3.0.0.3818]
    [C:\WINDOWS\system32\igfxres.dll]  [Intel Corporation, 3.0.0.3818]
    [C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.3818]
    [C:\WINDOWS\system32\igfxdev.dll]  [Intel Corporation, 3.0.0.3818]
    [e:\Program Files\AVG Anti-Spyware 7.5\shellexecutehook.dll]  [GRISOFT s.r.o., 7, 5, 1, 36]
    [e:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
[PID: 1204][E:\Program Files\笨笨钟\BBClock.exe]  [, 2.7.2.3]
    [e:\Program Files\Micropoint\mp110031.dll]  [Micropoint Corporation, 1.2.10034]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1276][C:\Program Files\Eset\nod32kui.exe]  [Eset , 2, 70, 39 ]
    [C:\Program Files\Eset\nod32rui.dll]  [N/A, ]
    [C:\Program Files\Eset\pu_amon.dll]  [Eset , 2, 70, 39 ]
    [C:\Program Files\Eset\pr_amon.dll]  [Eset , 2, 70, 16 ]
    [C:\Program Files\Eset\pu_dmon.dll]  [Eset , 2, 70, 39 ]
    [C:\Program Files\Eset\pr_dmon.dll]  [N/A, ]
    [C:\Program Files\Eset\pu_emon.dll]  [Eset , 2, 70, 39 ]
    [C:\Program Files\Eset\pr_emon.dll]  [N/A, ]
    [C:\Program Files\Eset\pu_imon.dll]  [Eset , 2, 70, 39 ]
    [C:\Program Files\Eset\pr_imon.dll]  [N/A, ]
    [C:\Program Files\Eset\pu_nod32.dll]  [Eset , 2, 70, 39 ]
    [C:\Program Files\Eset\pr_nod32.dll]  [Eset , 2, 70, 16 ]
    [C:\Program Files\Eset\pu_upd.dll]  [Eset , 2, 70, 39 ]
    [C:\Program Files\Eset\pr_upd.dll]  [N/A, ]
    [e:\Program Files\Micropoint\mp110031.dll]  [Micropoint Corporation, 1.2.10034]
[PID: 696][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2888][E:\Program Files\Maxthon2\Maxthon.exe]  [Maxthon International ltd., 2, 0, 2, 1360]
    [E:\Program Files\Maxthon2\mxpp.dll]  [Maxthon, 1, 0, 0, 50]
    [E:\Program Files\Maxthon2\MxSk.dll]  [Maxthon, 1, 0, 0, 119]
    [E:\Program Files\Maxthon2\MxProxy2.dll]  [, 1, 0, 0, 3356]
    [E:\Program Files\Maxthon2\MxFav.dll]  [Maxthon, 1, 0, 0, 200]
    [E:\Program Files\Maxthon2\maxzlib.dll]  [, 1.2.3]
    [e:\Program Files\Micropoint\mp110031.dll]  [Micropoint Corporation, 1.2.10034]
    [E:\Program Files\Maxthon2\mxtool.dll]  [, 1, 0, 0, 1]
    [E:\Program Files\Maxthon2\mxfeedU.dll]  [, 1, 0, 45, 62]
    [C:\WINDOWS\system32\msxml4.dll]  [Microsoft Corporation, 4.20.9841.0]
    [C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL]  [Microsoft Corporation, 11.0.5510]
    [C:\WINDOWS\system32\imon.dll]  [Eset , 2, 70, 39 ]
    [C:\Program Files\Eset\pr_imon.dll]  [N/A, ]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\mscoree.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorie.dll]  [Microsoft Corporation, 1.1.4322.573]
    [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorld.dll]  [Microsoft Corporation, 1.1.4322.2032]
[PID: 2128][e:\Program Files\Thunder\Program\Thunder5.exe]  [Thunder Networking Technologies,LTD, 5, 6, 5, 318]
    [e:\Program Files\Thunder\Program\ThunderEx.dll]  [, 1, 1, 4, 8]
    [e:\Program Files\Thunder\Program\TaskManager.dll]  [Thunder Networking Technologies,LTD, 1, 1, 2, 26]
    [e:\Program Files\Thunder\Program\download_interface.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 42]
    [e:\Program Files\Thunder\Program\stlport_vc646.dll]  [STLport Consulting, Inc., 4.6.2003.1031]
    [e:\Program Files\Thunder\Program\asyn_dns.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 42]
    [C:\WINDOWS\system32\imon.dll]  [Eset , 2, 70, 39 ]
    [C:\Program Files\Eset\pr_imon.dll]  [N/A, ]
    [e:\Program Files\Micropoint\mp110031.dll]  [Micropoint Corporation, 1.2.10034]
    [e:\Program Files\Thunder\Program\BHOStub.dll]  [Thunder Networking Technologies,LTD, 1, 1, 0, 8]
    [e:\Program Files\Thunder\Components\DownAndPlay\DownAndPlay.dll]  [, 1, 0, 0, 17]
    [e:\Program Files\Thunder\Program\iTargetAD.dll]  [N/A, ]
    [e:\Program Files\Thunder\Components\Security\ThunderSafe.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 2, 17]
    [e:\Program Files\Thunder\Components\ExplorerHelper\ExplorerHelper.dll]  [Thunder Networking Technologies,LTD, 1, 0, 4, 15]
    [e:\Program Files\Thunder\Program\XLNet.Dll]  [Thunder Networking Technologies,LTD, 1, 2, 0, 8]
    [e:\Program Files\Thunder\Plugins\BhoAdv\bho_adv.dll]  [深圳市迅雷网络技术有限公司, 1.0.1.0]
[PID: 2752][C:\Documents and Settings\Administrator\桌面\NOD32ID\NOD32ID.exe]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\E_4\krnln.fnr]  [, 1, 0, 0, 1]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\E_4\internet.fne]  [, 1, 0, 0, 1]
    [e:\Program Files\Micropoint\mp110031.dll]  [Micropoint Corporation, 1.2.10034]
    [C:\WINDOWS\system32\imon.dll]  [Eset , 2, 70, 39 ]
    [C:\Program Files\Eset\pr_imon.dll]  [N/A, ]
[PID: 3544][C:\Program Files\Eset\nod32.exe]  [Eset , 2, 70, 39 ]
    [C:\Program Files\Eset\nod32r.dll]  [N/A, ]
    [C:\WINDOWS\system32\MAPI32.DLL]  [Microsoft Corporation, 1.0.2536.0 (XPClient.010817-1148)]
    [e:\Program Files\Micropoint\mp110031.dll]  [Micropoint Corporation, 1.2.10034]
[PID: 3888][F:\杀毒\sreng2\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]
    [e:\Program Files\Micropoint\mp110031.dll]  [Micropoint Corporation, 1.2.10034]
    [C:\WINDOWS\system32\imon.dll]  [Eset , 2, 70, 39 ]
    [C:\Program Files\Eset\pr_imon.dll]  [N/A, ]
==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
NOD32 protected [MSAFD Tcpip [TCP/IP]]
    C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [MSAFD Tcpip [UDP/IP]]
    C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [MSAFD Tcpip [RAW/IP]]
    C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [RSVP UDP Service Provider]
    C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [RSVP TCP Service Provider]
    C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32
    C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1       localhost
127.0.0.1       5y5.us
127.0.0.1       www.5y5.us
127.0.0.1       www.7y7.us
127.0.0.1       7y7.us
127.0.0.1       ws91.com
127.0.0.1       www.ws91.com

用kill-arp杀,avg杀,nod32杀,都不行,打开网页还是会这样:
我是做电子口岸的,打开电子口岸会出现链接到5y5.us然后网页一片空白,什么也不能操作。

※ ※ ※ 本文纯属【yiyi123456】个人意见,与【 微点交流论坛 】立场无关※ ※ ※
2007-6-29 14:13
查看资料  发送邮件  发短消息   编辑帖子
一个人的旅行
中级用户

新手上路


积分 379
发帖 365
注册 2005-11-2
#3  

微点应该可以查杀,安装下试试。

※ ※ ※ 本文纯属【一个人的旅行】个人意见,与【 微点交流论坛 】立场无关※ ※ ※

纯属个人意见,欢迎参考
2007-6-29 14:36
查看资料  发短消息   编辑帖子
yiyi123456
新手上路





积分 12
发帖 12
注册 2007-6-12
#4  

我早用微点了,但没有发现有这样的日志,用其他的杀毒软件杀没毒,但是,我打开电子口岸的网页,点击子网页进入输用户名的网页,就会在左下角出现5y5.us的链接,之后就空白网页,什么都没有,什么也不能操作,,后来上网一查才知道中了5y5病毒,可是一直解决不了,

※ ※ ※ 本文纯属【yiyi123456】个人意见,与【 微点交流论坛 】立场无关※ ※ ※
2007-6-29 15:14
查看资料  发送邮件  发短消息   编辑帖子
Legend
超级版主

超级版主



积分 77171
发帖 70170
注册 2005-10-29
#5  

请将微点安装目录下的mp6目录复制到桌面后压缩,连同微点的”系统自启动信息“(系统分析--系统自启动信息,右键导出)发送到:support@micropoint.com.cn,我们具体分析下,发送邮件时请复制本帖链接,便于我们跟踪分析您的问题。
方便请加入微点的技术交流群 QQ;16998902,直接照管理员帮您分析处理。

※文章所有权归【Legend】与【东方微点论坛】共同所有,转载请注明出处!※

微点官方认证新浪微博:欢迎进入 微点新浪微博
微点技术支持邮箱: support@micropoint.com.cn
给Legend发短消息
2007-6-29 15:25
查看资料  发短消息   编辑帖子
treesp
注册用户





积分 67
发帖 67
注册 2007-5-2
#6  

用opera能正常上网吗
出于安全考虑,尽量不要用IE上网,用opera吧

另:
懂用winPE吗
在winPE下运行绿色卡巴斯基来查毒,比在安全模式下查毒还要彻底

出于版规,不好贴winPE与绿色卡巴6的下载地址,要就密我
你可以考虑去360安全卫士或别的网站下载个专杀
最后再修复下你的IE

我没中过这毒,只能这样出招了 嘿嘿

※ ※ ※ 本文纯属【treesp】个人意见,与【 微点交流论坛 】立场无关※ ※ ※

永久免费网络硬盘
[url]http://www.mikebox.com/register.php?id=134564[/url]
2007-6-29 16:19
查看资料  发送邮件  发短消息   编辑帖子



论坛跳转:

可打印版本 | 推荐 | 订阅 | 收藏


[ 联系我们 - 东方微点 ]

北京东方微点信息技术有限责任公司 福建东方微点信息安全有限责任公司

闽ICP备05030815号