|
|
|||||||
| 論壇說明 |
|
歡迎您來到『史萊姆論壇』 ^___^ 您目前正以訪客的身份瀏覽本論壇,訪客所擁有的權限將受到限制,您可以瀏覽本論壇大部份的版區與文章,但您將無法參與任何討論或是使用私人訊息與其他會員交流。若您希望擁有完整的使用權限,請註冊成為我們的一份子,註冊的程序十分簡單、快速,而且最重要的是--註冊是完全免費的! 請點擊這裡:『註冊成為我們的一份子!』 |
|
|
主題工具 | 顯示模式 |
2007-05-16, 03:22 PM
|
#1 |
|
註冊會員
|
求助 - 很毒ㄚ!
最近同事中了一個特洛伊病毒,實在有夠毒,狀況是:
不停複製不知名的檔案,將c槽無限擴大,導致硬碟空間不足,只要用防毒軟體掃玩後(安全模式下),會刪除病毒,但重開機後又一直無限複製,c槽磁碟空間又不足了,哪一位高手能解毒,這個連我們公司OP、工程師都沒辦法解決ㄟ! 附上檔案內容!(很長一段,希望大大門有耐心看完) 第一頁 Load Damage Cleanup Template (DCT) "E:\trend\TMRDCT.ptn" (version ) [fail] Load Damage Cleanup Template (DCT) "E:\trend\tsc.ptn" (version 862) [success] Complete time : 星期二 五月 15 2007 18:15:54 Execute pattern count(3086), Virus found count(0), Virus clean count(0), Clean failed count(0) 2007-05-15, 18:16:15, An error was detected on "C:\RRUbackups\*.*": 存取被拒。 2007-05-15, 18:16:15, An error was detected on "C:\System Volume Information\*.*": 存取被拒。 2007-05-15, 18:16:20, An error was detected on "E:\System Volume Information\*.*": 存取被拒。 2007-05-15, 18:30:38, Files Detected: Copyright (c) 1990 - 2004 Trend Micro Inc. Report Date : 5/15/2007 18:16:21 VSAPI Engine Version : 8.000-1001 VSCANTM Version : 1.1-1001 Virus Pattern Version : 467 (187786 Patterns) (2007/05/14) (446700) Command Line: E:\trend\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=E:\trend C:\Documents and Settings\OFC\桌面\新資料夾 (2)\Ckmp2.8.1.1020超強播放器.exe [PE_LUDER.CH] C:\Documents and Settings\OFC\桌面\新資料夾 (2)\vobsub_2.23.exe [PE_LUDER.CH] C:\DRIVERS\MODEM\HXFSETUP.EXE [PE_LUDER.CH] C:\DRIVERS\NETWORK\PROUNSTL.EXE [PE_LUDER.CH] C:\DRIVERS\OTHER\IBMPMSVC.EXE [PE_LUDER.CH] C:\DRIVERS\OTHER\PROUNSTL.EXE [PE_LUDER.CH] C:\DRIVERS\OTHER\SETUP.EXE [PE_LUDER.CH] C:\DRIVERS\OTHER\SETUPW2K.EXE [PE_LUDER.CH] C:\DRIVERS\OTHER\TP4SERV.EXE [PE_LUDER.CH] C:\DRIVERS\OTHER\TP4UNINS.EXE [PE_LUDER.CH] C:\DRIVERS\OTHER\_ISDEL.EXE [PE_LUDER.CH] C:\I386\DRW\DWWIN.EXE [PE_LUDER.CH] C:\I386\EXPAND.EXE [PE_LUDER.CH] C:\I386\faxpatch.exe [PE_LUDER.CH] C:\I386\NETSETUP.EXE [PE_LUDER.CH] C:\I386\NTSD.EXE [PE_LUDER.CH] C:\I386\REGEDIT.EXE [PE_LUDER.CH] C:\I386\SYSPARSE.EXE [PE_LUDER.CH] C:\I386\TELNET.EXE [PE_LUDER.CH] C:\I386\WIN9XMIG\FAX\AWDVSTUB.EXE [PE_LUDER.CH] C:\I386\WIN9XMIG\MAPI\DLL\MKNTFR~1.EXE [PE_LUDER.CH] C:\IBMTOOLS\APPS\access\program files\IBM\Access IBM\aibm.exe [PE_LUDER.CH] C:\IBMTOOLS\APPS\access\program files\IBM\Access IBM\ERTS0576.exe [PE_LUDER.CH] C:\IBMTOOLS\APPS\access\program files\IBM\Access IBM\sd.exe [PE_LUDER.CH] C:\IBMTOOLS\APPS\access\program files\IBM\Access IBM\service-info.exe [PE_LUDER.CH] C:\IBMTOOLS\APPS\access\setup.exe [PE_LUDER.CH] C:\IBMTOOLS\APPS\access\Temp\hhupd.exe [PE_LUDER.CH] C:\IBMTOOLS\APPS\access\Temp\Silent Install Flash Player 7 AX.exe [PE_LUDER.CH] C:\IBMTOOLS\APPS\access\Windows\aibmrun.exe [PE_LUDER.CH] C:\IBMTOOLS\APPS\Acrobat\adobe.exe [PE_LUDER.CH] C:\IBMTOOLS\APPS\Acrobat\MakeLink.exe [PE_LUDER.CH] C:\IBMTOOLS\APPS\AIBMMsgCtr\program files\IBM\Messages By IBM\Acpcu.exe [PE_LUDER.CH] C:\IBMTOOLS\APPS\AIBMMsgCtr\program files\IBM\Messages By IBM\ibmmessages.exe [PE_LUDER.CH] C:\IBMTOOLS\APPS\AIBMMsgCtr\setup.exe [PE_LUDER.CH] C:\IBMTOOLS\APPS\AIBMMsgCtr\System32\AIBMRUN.exe [PE_LUDER.CH] C:\IBMTOOLS\APPS\AIBMMsgCtr\Temp\ERTS0921.exe [PE_LUDER.CH] C:\IBMTOOLS\APPS\AIBMMsgCtr\Temp\launchBrowser.exe [PE_LUDER.CH] C:\IBMTOOLS\APPS\DVDPlay\3rdParty\aspiinst.exe [PE_LUDER.CH] C:\IBMTOOLS\APPS\DVDPlay\3rdParty\HHUPD.EXE [PE_LUDER.CH] C:\IBMTOOLS\APPS\DVDPlay\selfDel.exe [PE_LUDER.CH] C:\IBMTOOLS\APPS\HVISION\SETUP.EXE [PE_LUDER.CH] C:\IBMTOOLS\APPS\IBMRNR\IBMRNR.EXE [PE_LUDER.CH] C:\IBMTOOLS\APPS\IBM_JRE\MAKELINK.EXE [PE_LUDER.CH] C:\IBMTOOLS\APPS\IBM_JRE\setup.exe [PE_LUDER.CH] C:\IBMTOOLS\APPS\NORTONAV\CDSTART.EXE [PE_LUDER.CH] C:\IBMTOOLS\APPS\NORTONAV\LURegWMI.exe [PE_LUDER.CH] C:\IBMTOOLS\APPS\NORTONAV\NAV\EXTERNAL\COMMONFI\SYMSHARE\SMNLNCH.EXE [PE_LUDER.CH] C:\IBMTOOLS\APPS\NORTONAV\NAV\EXTERNAL\NORTON\APP\CCIMSCN.EXE [PE_LUDER.CH] C:\IBMTOOLS\APPS\NORTONAV\NAV\EXTERNAL\NORTON\APP\NAVAPSVC.EXE [PE_LUDER.CH] C:\IBMTOOLS\APPS\NORTONAV\NAV\EXTERNAL\NORTON\APP\NAVSTUB.EXE [PE_LUDER.CH] C:\IBMTOOLS\APPS\NORTONAV\NAV\EXTERNAL\NORTON\APP\NAVW32.EXE [PE_LUDER.CH] C:\IBMTOOLS\APPS\NORTONAV\NAV\EXTERNAL\NORTON\APP\NAVWNT.EXE [PE_LUDER.CH] C:\IBMTOOLS\APPS\NORTONAV\NAV\EXTERNAL\NORTON\APP\OPSCAN.EXE [PE_LUDER.CH] C:\IBMTOOLS\APPS\NORTONAV\NAV\EXTERNAL\NORTON\APP\SAVSCAN.EXE [PE_LUDER.CH] C:\IBMTOOLS\APPS\NORTONAV\NAV\EXTERNAL\NORTON\BOOTWARN.EXE [PE_LUDER.CH] C:\IBMTOOLS\APPS\NORTONAV\NAV\EXTERNAL\NORTON\CFGWIZ.EXE [PE_LUDER.CH] C:\IBMTOOLS\APPS\NORTONAV\NAV\IWP\APP\ALEUPDAT.EXE [PE_LUDER.CH] C:\IBMTOOLS\APPS\NORTONAV\NAV\IWP\APP\NPFMNTOR.EXE [PE_LUDER.CH] C:\IBMTOOLS\APPS\NORTONAV\NAV\OMIGRATE.EXE [PE_LUDER.CH] C:\IBMTOOLS\APPS\NORTONAV\NAVSETUP.EXE [PE_LUDER.CH] C:\IBMTOOLS\APPS\NORTONAV\SUPPORT\CCCOMMON\CCCOMMON\CCAPP.EXE [PE_LUDER.CH] C:\IBMTOOLS\APPS\NORTONAV\SUPPORT\CCCOMMON\CCCOMMON\CCEVTMGR.EXE [PE_LUDER.CH] C:\IBMTOOLS\APPS\NORTONAV\SUPPORT\CCCOMMON\CCCOMMON\CCLGVIEW.EXE [PE_LUDER.CH] C:\IBMTOOLS\APPS\NORTONAV\SUPPORT\CCCOMMON\CCCOMMON\CCPWDSVC.EXE [PE_LUDER.CH] C:\IBMTOOLS\APPS\NORTONAV\SUPPORT\CCCOMMON\CCCOMMON\CCSETMGR.EXE [PE_LUDER.CH] C:\IBMTOOLS\APPS\NORTONAV\SUPPORT\CCCOMMON\CCCOMMON\NMAIN.EXE [PE_LUDER.CH] C:\IBMTOOLS\APPS\NORTONAV\SUPPORT\EDISK\NED.EXE [PE_LUDER.CH] C:\IBMTOOLS\APPS\NORTONAV\SUPPORT\LIVEREG\SYMCSUB.EXE [PE_LUDER.CH] C:\IBMTOOLS\APPS\NORTONAV\SUPPORT\LIVEREG\VCCLNUP.EXE [PE_LUDER.CH] C:\IBMTOOLS\APPS\NORTONAV\SUPPORT\LIVEREG\VCSETUP.EXE [PE_LUDER.CH] C:\IBMTOOLS\APPS\NORTONAV\SUPPORT\SEVINST\SEVINST.EXE [PE_LUDER.CH] C:\IBMTOOLS\APPS\NORTONAV\SUPPORT\SPBBC\COMMON\SYMSHARE\SPBBC\SPBBCSVC.EXE [PE_LUDER.CH] C:\IBMTOOLS\APPS\NORTONAV\SUPPORT\SPBBC\COMMON\SYMSHARE\SPBBC\UPDMGR.EXE [PE_LUDER.CH] C:\IBMTOOLS\APPS\NORTONAV\SUPPORT\SYMLNCH\SYMLNCH.EXE [PE_LUDER.CH] C:\IBMTOOLS\APPS\NORTONAV\SUPPORT\SYMNET\SYMNET\SYMSHARE\IDS\IDSINST.EXE [PE_LUDER.CH] C:\IBMTOOLS\APPS\NORTONAV\SUPPORT\SYMNET\SYMNET\SYMSHARE\SNDINST.EXE [PE_LUDER.CH] C:\IBMTOOLS\APPS\NORTONAV\SUPPORT\SYMNET\SYMNET\SYMSHARE\SNDSRVC.EXE [PE_LUDER.CH] C:\IBMTOOLS\APPS\NORTONAV\SUPPORT\SYMSC\SYMWMIAV\SYMSC\USRPRMPT.EXE [PE_LUDER.CH] C:\IBMTOOLS\APPS\PCDRWIN\CUI\Setup.exe [PE_LUDER.CH] C:\IBMTOOLS\APPS\PCDRWIN\Diagnostics\Custom\PCDrDvdMinusRw.exe [PE_LUDER.CH] C:\IBMTOOLS\APPS\PCDRWIN\Diagnostics\Setup.exe [PE_LUDER.CH] C:\IBMTOOLS\APPS\PCDRWIN\Services\Setup.exe [PE_LUDER.CH] C:\IBMTOOLS\APPS\PCDRWIN\Setup.exe [PE_LUDER.CH] C:\IBMTOOLS\DRIVERS\AUDIO\AEENABLE.EXE [PE_LUDER.CH] C:\IBMTOOLS\DRIVERS\AUDIO\SETUP.EXE [PE_LUDER.CH] C:\IBMTOOLS\DRIVERS\AUDIO\SM_MICRO\WIZARDS\SMWIZARD.EXE [PE_LUDER.CH] C:\IBMTOOLS\DRIVERS\AUDIO\SM_PANEL\SYS\SMAGENT.EXE [PE_LUDER.CH] C:\IBMTOOLS\DRIVERS\AUDIO\SM_PANEL\SYS\SMAGENTI.EXE [PE_LUDER.CH] C:\IBMTOOLS\DRIVERS\AUDIO\SM_PANEL\SYS\SMAGENTX.EXE [PE_LUDER.CH] C:\IBMTOOLS\DRIVERS\AUDIO\SM_PANEL\SYS\SMAX4.EXE [PE_LUDER.CH] C:\IBMTOOLS\DRIVERS\AUDIO\SM_PNP\SYS\SMAX4PNP.EXE [PE_LUDER.CH] C:\IBMTOOLS\DRIVERS\AUDIO\SYS\CLEANUP.EXE [PE_LUDER.CH] C:\IBMTOOLS\DRIVERS\AUDIO\SYS\DSNDUP.EXE [PE_LUDER.CH] C:\IBMTOOLS\DRIVERS\CONWIZ\SETUP.EXE [PE_LUDER.CH] C:\IBMTOOLS\DRIVERS\ETHINTMT\APPS\PROSET\W2KWS03\PROSET.EXE [PE_LUDER.CH] C:\IBMTOOLS\DRIVERS\ETHINTMT\APPS\SETUP\SETUPBD\W98-WS32\SETUPBD.EXE [PE_LUDER.CH] C:\IBMTOOLS\DRIVERS\ETHINTMT\APPS\SNMP\AGENT\W2K-WS32\SETUP.EXE [PE_LUDER.CH] C:\IBMTOOLS\DRIVERS\ETHINTMT\PRO100\WIN2K\PROUNSTL.EXE [PE_LUDER.CH] C:\IBMTOOLS\DRIVERS\ETHINTMT\PRO100\WS03XP32\PROUNSTL.EXE [PE_LUDER.CH] C:\IBMTOOLS\DRIVERS\ETHINTMT\PRO1000\WIN2K\PROUNSTL.EXE [PE_LUDER.CH] C:\IBMTOOLS\DRIVERS\ETHINTMT\PRO1000\WS03XP32\PROUNSTL.EXE [PE_LUDER.CH] C:\IBMTOOLS\DRIVERS\EZEJECT\EZEJAPP.EXE [PE_LUDER.CH] C:\IBMTOOLS\DRIVERS\EZEJECT\EZEJTRAY.EXE [PE_LUDER.CH] C:\IBMTOOLS\DRIVERS\EZEJECT\SETUP.EXE [PE_LUDER.CH] C:\IBMTOOLS\DRIVERS\HOTKEY\EKEYAGT\TPWEBKEY.EXE [PE_LUDER.CH] C:\IBMTOOLS\DRIVERS\HOTKEY\EZBTNS\JP\EZICON.EXE [PE_LUDER.CH] C:\IBMTOOLS\DRIVERS\HOTKEY\EZBTNS\JP\EZINIT.EXE [PE_LUDER.CH] C:\IBMTOOLS\DRIVERS\HOTKEY\EZBTNS\JP\EZKEY.EXE [PE_LUDER.CH] C:\IBMTOOLS\DRIVERS\HOTKEY\FLPTOUCH\WPHKEY.EXE [PE_LUDER.CH] C:\IBMTOOLS\DRIVERS\HOTKEY\OSD\COMMON\IBMMRK.EXE [PE_LUDER.CH] C:\IBMTOOLS\DRIVERS\HOTKEY\OSD\COMMON\TPFNF5.EXE [PE_LUDER.CH] C:\IBMTOOLS\DRIVERS\HOTKEY\OSD\COMMON\TPFNF9.EXE [PE_LUDER.CH] C:\IBMTOOLS\DRIVERS\HOTKEY\OSD\COMMON\TPHKMGR.EXE [PE_LUDER.CH] C:\IBMTOOLS\DRIVERS\HOTKEY\OSD\COMMON\TPMSGAGT.EXE [PE_LUDER.CH] C:\IBMTOOLS\DRIVERS\HOTKEY\OSD\COMMON\TPONSCR.EXE [PE_LUDER.CH] C:\IBMTOOLS\DRIVERS\HOTKEY\SETUP.EXE [PE_LUDER.CH] C:\IBMTOOLS\DRIVERS\HOTKEY\ZOOM\TPSCREX.EXE [PE_LUDER.CH] C:\IBMTOOLS\DRIVERS\IBMPM\IBMPMSVC.EXE [PE_LUDER.CH] C:\IBMTOOLS\DRIVERS\IBMPM\SETUP.EXE [PE_LUDER.CH] C:\IBMTOOLS\DRIVERS\IBMPM\_ISDEL.EXE [PE_LUDER.CH] C:\IBMTOOLS\DRIVERS\KEYCUSTM\SETUP.EXE [PE_LUDER.CH] |
|
送花文章: 56,
|
樹形模式