Trojan.DL.Agent.iqx怎么删???【求助】 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛 Trojan.DL.Agent.iqx怎么删???【求助】

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

2 / 4 页

跳转页

Trojan.DL.Agent.iqx怎么删???【求助】

極鍍魅儷初生襁褓狮帖子:81 注册: 2006-06-18 来自:	发表于： 2006-06-18 18:32 \| 只看楼主短消息资料字号：小中大 11楼是。不会是没复制上吧，
極鍍魅儷初生襁褓狮帖子:81 注册: 2006-06-18 来自:

極鍍魅儷初生襁褓狮帖子:81 注册: 2006-06-18 来自:	发表于： 2006-06-18 18:33 \| 只看楼主短消息资料字号：小中大 12楼 Logfile of HijackThis v1.99.1 Scan saved at 18:21:59, on 2006-6-18 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe d:\Program Files\Rising\Rav\CCenter.exe C:\WINDOWS\System32\svchost.exe d:\Program Files\Rising\Rav\Ravmond.exe d:\program files\rising\rfw\rfwsrv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe d:\Program Files\Rising\Rav\RavStub.exe D:\Program Files\Rising\Rav\RavTask.exe D:\Program Files\Rising\Rav\Ravmon.exe d:\program files\rising\rfw\RfwMain.exe C:\Program Files\racer-han-cnc\racer.exe C:\WINDOWS\System32\Rundll32.exe C:\WINDOWS\System32\Internat.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\conime.exe C:\Program Files\racer-han-cnc\RacerKp.exe C:\Program Files\Internet Explorer\iexplore.exe E:\浩方对战平台\GameClient.exe D:\Program Files\WellGet\WellGet.exe C:\Documents and Settings\Owner\桌面\ha_hijackthis_1991\HijackThis.exe R3 - URLSearchHook: (no name) - {C49DD894-C6DE-4910-8C41-BA20F852D8BC} - (no file) O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\FLASHGET\jccatch.dll O2 - BHO: HBObject Class - {AE22AFE5-1EF4-4D25-9E23-D2825FB17DA1} - C:\PROGRA~1\hbclient\HBHelper.dll O2 - BHO: SafeIE Utility - {B5D4581D-ED6A-4905-A267-25BAF7BE79C1} - D:\Program Files\WellGet\safeie.dll O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\fgiebar.dll O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\System32\KakaTool.dll O4 - HKLM\..\Run: [RavTask] "d:\Program Files\Rising\Rav\RavTask.exe" -system O4 - HKLM\..\Run: [RfwMain] "d:\Program Files\Rising\Rfw\rfwmain.exe" -Startup O4 - HKLM\..\Run: [racer] C:\Program Files\racer-han-cnc\racer.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [RichMedia] C:\WINDOWS\System32\Rundll32.exe "C:\PROGRA~1\hbclient\HBHelper.dll",WaitWindows O4 - HKCU\..\Run: [Internat.exe] Internat.exe O4 - HKCU\..\Run: [sys1] Rundll32.exe C:\WINDOWS\System32\Upsrv.dll,Run O8 - Extra context menu item: 使用WellGet下载(&W) - D:\Program Files\WellGet\nxcatch.htm O8 - Extra context menu item: 使用WellGet下载全部链接(&D) - D:\Program Files\WellGet\nxall.htm O8 - Extra context menu item: 使用网际快车下载 - D:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: 使用网际快车下载全部链接 - D:\Program Files\FlashGet\jc_all.htm
極鍍魅儷初生襁褓狮帖子:81 注册: 2006-06-18 来自:

極鍍魅儷初生襁褓狮帖子:81 注册: 2006-06-18 来自:	发表于： 2006-06-18 18:33 \| 只看楼主短消息资料字号：小中大 13楼 O9 - Extra button: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-E800A446447A} - E:\浩方对战平台\GameClient.exe O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing) O9 - Extra 'Tools' menuitem: @shdoclc.dll,-866 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing) O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\flashget.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\upfdll.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\upfdll.dll O14 - IERESET.INF: START_PAGE_URL=about:blank O16 - DPF: {20C2C286-BDE8-441B-B73D-AFA22D914DA5} (PowerList Control) - http://download.ppstream.com/bin/powerplayer.cab O16 - DPF: {444689BB-651F-4087-8F30-CBF21CD2DC82} (MyP2T Control) - http://dial.koocall.com/new_activeX/p2t2.cab O16 - DPF: {71DA2A4E-ACB3-4065-9E41-8BC42EABE427} - http://scripts.dlv4.com/binaries/IA/svcia32_EN_XP.cab O16 - DPF: {87CCFDB0-C4BE-4BC2-A78C-9EAA7CF96667} - http://www.1000n.com/1000np2p/vodupdate_1.0.0.8.cab O16 - DPF: {88734439-46D0-42C0-A13F-7E881EE550CF} (Filetran Control) - http://www.bluesky.cn/download/filetran.cab O16 - DPF: {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} (AxSubmitControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab O16 - DPF: {C661F36D-DF85-4EF4-83C7-E107B83D04B1} (WebActivater Control) - http://dl_dir.qq.com/3dshow/3DShowVM.cab O16 - DPF: {CF85459D-DFA7-4028-A065-3C6D1356DCC8} (CertInstall Control) - http://gd.chinavnet.com/CertInstall.cab O16 - DPF: {E787FD25-8D7C-4693-AE67-9406BC6E22DF} (CPasswordEditCtrl Object) - https://www.tenpay.com/download/qqedit.cab O23 - Service: COM+ Event - Unknown owner - C:\Program Files\HgzServer\G_Server2006.exe (file missing) O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Rising Proxy Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - d:\program files\rising\rfw\rfwproxy.exe O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - d:\program files\rising\rfw\rfwsrv.exe O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - d:\Program Files\Rising\Rav\CCenter.exe O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - d:\Program Files\Rising\Rav\Ravmond.exe O23 - Service: Windows Video (VideoService) - Unknown owner - C:\WINDOWS\svchost.exe (file missing) O23 - Service: winaua - Unknown owner - C:\DOCUME~1\Owner\LOCALS~1\Temp\aua1\aua1.exe O23 - Service: VNC Server (winvnc) - Unknown owner - d:\winsock\winvnc\winvnc.exe" -service (file missing)
極鍍魅儷初生襁褓狮帖子:81 注册: 2006-06-18 来自:

阿拉伯伯初生襁褓狮帖子:1233 注册: 2006-01-19 来自:	发表于： 2006-06-18 18:35 \| 短消息资料字号：小中大 14楼修复: O10 - Unknown file in Winsock LSP: c:\windows\system32\upfdll.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\upfdll.dll O23 - Service: COM+ Event - Unknown owner - C:\Program Files\HgzServer\G_Server2006.exe (file missing) O23 - Service: Windows Video (VideoService) - Unknown owner - C:\WINDOWS\svchost.exe (file missing) O23 - Service: winaua - Unknown owner - C:\DOCUME~1\Owner\LOCALS~1\Temp\aua1\aua1.exe O23 - Service: VNC Server (winvnc) - Unknown owner - d:\winsock\winvnc\winvnc.exe" -service (file missing) 查找G_Server2006.DLL ,G_Server2006.exe ,G_Server2006hook.dll ,G_Server2006key.dll 这四个文件,找到后删除. 进入注册表查找C:\Program Files\HgzServer\G_Server2006.exe,找到后删除!
阿拉伯伯初生襁褓狮帖子:1233 注册: 2006-01-19 来自:

極鍍魅儷初生襁褓狮帖子:81 注册: 2006-06-18 来自:	发表于： 2006-06-18 18:38 \| 只看楼主短消息资料字号：小中大 15楼哦。。。。。谢谢。正在进行中..
極鍍魅儷初生襁褓狮帖子:81 注册: 2006-06-18 来自:

阿拉伯伯初生襁褓狮帖子:1233 注册: 2006-01-19 来自:	发表于： 2006-06-18 18:39 \| 短消息资料字号：小中大 16楼查找的时候记得显示隐藏的受保护的系统文件!
阿拉伯伯初生襁褓狮帖子:1233 注册: 2006-01-19 来自:

極鍍魅儷初生襁褓狮帖子:81 注册: 2006-06-18 来自:	发表于： 2006-06-18 18:40 \| 只看楼主短消息资料字号：小中大 17楼显示隐藏的受保护的系统文件还是找不到
極鍍魅儷初生襁褓狮帖子:81 注册: 2006-06-18 来自:

阿拉伯伯初生襁褓狮帖子:1233 注册: 2006-01-19 来自:	发表于： 2006-06-18 18:45 \| 短消息资料字号：小中大 18楼那就是没有了,应该没问题了吧!
阿拉伯伯初生襁褓狮帖子:1233 注册: 2006-01-19 来自:

極鍍魅儷初生襁褓狮帖子:81 注册: 2006-06-18 来自:	发表于： 2006-06-18 18:56 \| 只看楼主短消息资料字号：小中大 19楼打开网页照样有....晕.. 这是怎么回事在注册表里找到已经删了
極鍍魅儷初生襁褓狮帖子:81 注册: 2006-06-18 来自:

阿拉伯伯初生襁褓狮帖子:1233 注册: 2006-01-19 来自:	发表于： 2006-06-18 18:58 \| 短消息资料字号：小中大 20楼修复: O4 - HKCU\..\Run: [sys1] Rundll32.exe C:\WINDOWS\System32\Upsrv.dll,Run
阿拉伯伯初生襁褓狮帖子:1233 注册: 2006-01-19 来自:

<<上一主题|下一主题>>

2 / 4 页

跳转页

页面顶部

Powered by Discuz!NT