发现病毒：svch00st.exe 〔此帖应该已经成为闲聊安全信息贴，By xoplewa〕

显示全部楼层 · 发表于 2006-12-13 23:03:35

系統突然多出這各程式 CPU就會滿載然後會出現一各網站的IE小視窗但是去點又會消失 svch00st這各程式還是在跑把檔案殺掉之後沒多久又會出現
這各檔案在windows/system32底下檔名跟svchost.exe 很類似..
用卡巴掃毒又掃不出來請問有人有這各問題嗎

怎么解决阿？

[ 本帖最后由 xoplewa 于 12-17 13:08 编辑 ]

dafeitu · 发表于 2006-12-13 23:05:02

重装电脑吧～～

网记 · 发表于 2006-12-13 23:10:01

等待专家

dafeitu · 发表于 2006-12-13 23:11:56

哈，除了我，看谁搭理你，肥肚～～～

Robin · 发表于 2006-12-13 23:15:15

跟我一样啊！！！！！！！！！！！！！！！！！！！！！！！！！！！！！！

Robin · 发表于 2006-12-13 23:15:39

卡巴斯基都没用，搞不掉

chengle · 发表于 2006-12-13 23:23:10

我也是，重装了后还有。不知啥时候就没了。重装了几次。

DOLE · 发表于 2006-12-13 23:25:26

把电脑放进烤箱，高温消毒

dafeitu · 发表于 2006-12-13 23:32:43

原帖由 DOLE 于 12-13 22:25 发表
把电脑放进烤箱，高温消毒

网记 · 发表于 2006-12-13 23:36:19

新发现：
[svch00st.exe]
PID = 0x588
CommandLine = \"C:\\Documents and Settings\\Jin Xu\\Desktop\\svch00st.exe\"
svch00st.exe
0x400000
C:\\Documents and Settings\\Jin Xu\\Desktop\\svch00st.exe
1.00

2006-12-13 21:23:07

ntdll.dll
0x77f50000
C:\\WINDOWS\\system32\\ntdll.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
NT Layer DLL
2002-08-29 06:00:00

kernel32.dll
0x77e60000
C:\\WINDOWS\\system32\\kernel32.dll
5.1.2600.1869 (xpsp2.060704-0019)
Microsoft Corporation
Windows NT BASE API Client DLL
2006-07-05 04:46:36

MSVBVM60.DLL
0x66000000
C:\\WINDOWS\\system32\\msvbvm60.dll
6.00.9782
Microsoft Corporation
Visual Basic Virtual Machine
2004-02-22 14:00:00

USER32.dll
0x77d40000
C:\\WINDOWS\\system32\\user32.dll
5.1.2600.1634 (xpsp2.050301-1526)
Microsoft Corporation
Windows XP USER API Client DLL
2005-03-02 12:20:03

GDI32.dll
0x7f000000
C:\\WINDOWS\\system32\\gdi32.dll
5.1.2600.1789 (xpsp2.051228-1438)
Microsoft Corporation
GDI Client DLL
2006-01-02 16:38:03

ADVAPI32.dll
0x77dd0000
C:\\WINDOWS\\system32\\advapi32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Advanced Windows 32 Base API
2002-08-29 06:00:00

RPCRT4.dll
0x78000000
C:\\WINDOWS\\system32\\rpcrt4.dll
5.1.2600.1361 (xpsp2.040109-1800)
Microsoft Corporation
Remote Procedure Call Runtime
2004-03-05 20:16:11

ole32.dll
0x4fec0000
C:\\WINDOWS\\system32\\ole32.dll
5.1.2600.1720 (xpsp2.050722-1526)
Microsoft Corporation
Microsoft OLE for Windows
2005-07-25 22:31:13

OLEAUT32.dll
0x77120000
C:\\WINDOWS\\system32\\oleaut32.dll
3.50.5016.0
Microsoft Corporation
Microsoft OLE 3.50 for Windows NT(TM) and Windows 95(TM) Operating Systems
2002-08-29 06:00:00

MSVCRT.DLL
0x77c10000
C:\\WINDOWS\\system32\\msvcrt.dll
7.0.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows NT CRT DLL
2002-08-29 06:00:00

IMM32.DLL
0x76390000
C:\\WINDOWS\\system32\\imm32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows XP IMM32 API Client DLL
2002-08-29 06:00:00

LPK.DLL
0x629c0000
C:\\WINDOWS\\system32\\lpk.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Language Pack
2002-08-29 06:00:00

USP10.dll
0x72fa0000
C:\\WINDOWS\\system32\\usp10.dll
1.0409.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Uniscribe Unicode script processor
2002-08-29 06:00:00

uxtheme.dll
0x5ad70000
C:\\WINDOWS\\system32\\uxtheme.dll
6.00.2800.1106 (xpsp1.020828-1920)
Microsoft Corporation
Microsoft UxTheme Library
2002-08-29 06:00:00

MSCTF.dll
0x74720000
C:\\WINDOWS\\system32\\MSCTF.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
MSCTF Server DLL
2002-08-29 06:00:00

TMEEJMD.DLL
0x10000000
C:\\Program Files\\Toshiba\\TME3\\TMEEJMD.dll
1, 0, 0, 5
TOSHIBA
TMEEJMD
2002-09-12 19:06:12

SXS.DLL
0x75e90000
C:\\WINDOWS\\system32\\sxs.dll
5.1.2600.1579 (xpsp2.040720-1705)
Microsoft Corporation
Fusion 2.5
2004-08-20 16:01:15

msctfime.ime
0xe40000
C:\\WINDOWS\\system32\\MSCTFIME.IME
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Microsoft Text Frame Work Service IME
2002-08-29 06:00:00

CLBCATQ.DLL
0x7c890000
C:\\WINDOWS\\system32\\clbcatq.dll
2001.12.4414.62
Microsoft Corporation

2005-07-25 22:30:41

COMRes.dll
0x77050000
C:\\WINDOWS\\system32\\comres.dll
2001.12.4414.42
Microsoft Corporation

2002-08-29 06:00:00

VERSION.dll
0x77c00000
C:\\WINDOWS\\system32\\version.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Version Checking and File Installation Libraries
2002-08-29 06:00:00

shdocvw.dll
0x71700000
C:\\WINDOWS\\system32\\SHDOCVW.DLL
6.00.2800.1849 (xpsp2.060519-1300)
Microsoft Corporation
Shell Doc Object and Control Library
2006-05-26 14:40:58

SHLWAPI.dll
0x70a70000
C:\\WINDOWS\\system32\\SHLWAPI.DLL
6.00.2800.1740 (xpsp2.050831-1533)
Microsoft Corporation
Shell Light-weight Utility Library
2005-08-31 19:49:30

comctl32.dll
0x71950000
C:\\WINDOWS\\WinSxS\\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1873_x-ww_7d39bb85\\comctl32.dll
6.0 (xpsp2.060713-0016)
Microsoft Corporation
User Experience Controls Library
2006-07-13 07:46:53

SHELL32.dll
0x7cd00000
C:\\WINDOWS\\system32\\shell32.dll
6.00.2800.1873 (xpsp2.060713-0016)
Microsoft Corporation
Windows Shell Common Dll
2006-07-13 07:46:56

comctl32.dll
0x77340000
C:\\WINDOWS\\system32\\comctl32.dll
5.82 (xpsp1.020828-1920)
Microsoft Corporation
Common Controls Library
2002-08-29 06:00:00

WININET.dll
0x63000000
C:\\WINDOWS\\system32\\WININET.DLL
6.00.2800.1559
Microsoft Corporation
Internet Extensions for Win32
2006-06-23 10:33:58

CRYPT32.dll
0x762c0000
C:\\WINDOWS\\system32\\crypt32.dll
5.131.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Crypto API32
2002-08-29 06:00:00

MSASN1.dll
0x762a0000
C:\\WINDOWS\\system32\\msasn1.dll
5.1.2600.1362 (xpsp2.040109-1800)
Microsoft Corporation
ASN.1 Runtime APIs
2004-03-29 19:48:36

Secur32.dll
0x76f90000
C:\\WINDOWS\\system32\\secur32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Security Support Provider Interface
2002-08-29 06:00:00

appHelp.dll
0x75f40000
C:\\WINDOWS\\system32\\apphelp.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Application Compatibility Client Library
2002-08-29 06:00:00

Msimtf.dll
0x746f0000
C:\\WINDOWS\\system32\\MSIMTF.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Active IMM Server DLL
2002-08-29 06:00:00

ieprot.dll
0x1410000
C:\\Program Files\\Rising\\AntiSpyware\\ieprot.dll
1, 0, 0, 3
Beijing Rising Technology Co., Ltd.
IE Protector
2006-12-13 22:27:13

shdoclc.dll
0x76170000
C:\\WINDOWS\\system32\\shdoclc.dll
6.00.2600.0000 (xpclient.010817-1148)
Microsoft Corporation
Shell Doc Object and Control Library
2002-08-29 06:00:00

urlmon.dll
0x1a400000
C:\\WINDOWS\\system32\\URLMON.DLL
6.00.2800.1572
Microsoft Corporation
OLE32 Extensions for Win32
2006-08-30 19:42:56

mlang.dll
0x74770000
C:\\WINDOWS\\system32\\mlang.dll
6.00.2600.0000 (xpclient.010817-1148)
Microsoft Corporation
Multi Language Support DLL
2002-08-29 06:00:00

wsock32.dll
0x71ad0000
C:\\WINDOWS\\system32\\wsock32.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Windows Socket 32-Bit DLL
2002-08-29 06:00:00

WS2_32.dll
0x71ab0000
C:\\WINDOWS\\system32\\ws2_32.dll
5.1.2600.1847 (xpsp2.060519-0009)
Microsoft Corporation
Windows Socket 2.0 32-Bit DLL
2006-05-19 06:15:33

WS2HELP.dll
0x71aa0000
C:\\WINDOWS\\system32\\ws2help.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Windows Socket 2.0 Helper for Windows NT
2002-08-29 06:00:00

mswsock.dll
0x71a50000
C:\\WINDOWS\\system32\\mswsock.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Microsoft Windows Sockets 2.0 Service Provider
2002-08-29 06:00:00

wshtcpip.dll
0x71a90000
C:\\WINDOWS\\system32\\wshtcpip.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Windows Sockets Helper DLL
2002-08-29 06:00:00

mshtml.dll
0x63580000
C:\\WINDOWS\\system32\\MSHTML.DLL
6.00.2800.1561
Microsoft Corporation
Microsoft (R) HTML Viewer
2006-06-30 09:28:26

RASAPI32.DLL
0x76ee0000
C:\\WINDOWS\\system32\\rasapi32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Remote Access API
2002-08-29 06:00:00

rasman.dll
0x76e90000
C:\\WINDOWS\\system32\\rasman.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Remote Access Connection Manager
2002-08-29 06:00:00

NETAPI32.dll
0x71c20000
C:\\WINDOWS\\system32\\netapi32.dll
5.1.2600.1874 (xpsp2.060714-0446)
Microsoft Corporation
Net Win32 API DLL
2006-07-14 09:53:28

TAPI32.dll
0x76eb0000
C:\\WINDOWS\\system32\\tapi32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Microsoft? Windows(TM) Telephony API Client DLL
2002-08-29 06:00:00

rtutils.dll
0x76e80000
C:\\WINDOWS\\system32\\rtutils.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
Routing Utilities
2002-08-29 06:00:00

WINMM.dll
0x76b40000
C:\\WINDOWS\\system32\\winmm.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
MCI API DLL
2002-08-29 06:00:00

sensapi.dll
0x722b0000
C:\\WINDOWS\\system32\\sensapi.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
SENS Connectivity API DLL
2002-08-29 06:00:00

SETUPAPI.dll
0x76670000
C:\\WINDOWS\\system32\\setupapi.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Windows Setup API
2002-08-29 06:00:00

USERENV.dll
0x75a70000
C:\\WINDOWS\\system32\\userenv.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Userenv
2002-08-29 06:00:00

DNSAPI.dll
0x76f20000
C:\\WINDOWS\\system32\\dnsapi.dll
5.1.2600.1863 (xpsp2.060626-0027)
Microsoft Corporation
DNS Client API DLL
2006-06-26 11:47:50

winrnr.dll
0x76fb0000
C:\\WINDOWS\\system32\\winrnr.dll
5.1.2600.0 (xpclient.010817-1148)
Microsoft Corporation
LDAP RnR Provider DLL
2002-08-29 06:00:00

WLDAP32.dll
0x76f60000
C:\\WINDOWS\\system32\\wldap32.dll
5.1.2600.1106 (xpsp1.020828-1920)
Microsoft Corporation
Win32 LDAP API DLL
2002-08-29 06:00:00

rasadhlp.dll
0x76fc0000
C:\\WINDOWS\\system32\\rasadhlp.dll
5.1.2600.1863 (xpsp2.060626-0027)
Microsoft Corporation
Remote Access AutoDial Helper
2006-06-26 11:47:50

jscript.dll
0x75c50000
C:\\WINDOWS\\system32\\jscript.dll
5.6.0.8831
Microsoft Corporation
Microsoft (r) JScript
2006-05-17 23:58:56

MSLS31.DLL
0x746c0000
C:\\WINDOWS\\system32\\msls31.dll
3.10.349.0
Microsoft Corporation
Microsoft Line Services library file
2002-08-29 06:00:00

imgutil.dll
0x66880000
C:\\WINDOWS\\system32\\imgutil.dll
6.00.2800.1106 (xpsp1.020828-1920)
Microsoft Corporation
IE plugin image decoder support DLL
2002-08-29 06:00:00