各位大虾帮帮忙，附有扫描日志 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛各位大虾帮帮忙，附有扫描日志

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

各位大虾帮帮忙，附有扫描日志

16588761 初生襁褓狮帖子:4 注册: 2006-04-24 来自:	发表于： 2006-07-20 11:12 \| 只看楼主短消息资料字号：小中大 1楼各位大虾帮帮忙，附有扫描日志最近我的机子一开机，显卡的驱动程序就没了，而且网络快车的帐户里会多了一个SJC。。。。的帐号，瑞星会显示你的机子的IE里有Backdoor.Gpigeon.xpr这个病毒，但已删除，但每次开机后都会再有，，而且机子会无缘无故跳出网页，这是扫描日志，高手帮忙看下 D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\csrss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\Ati2evxx.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\system32\svchost.exe D:\Program Files\Rising\Rav\CCenter.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\system32\svchost.exe d:\program files\rising\rfw\rfwsrv.exe D:\WINDOWS\system32\spoolsv.exe D:\WINDOWS\system32\Ati2evxx.exe D:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe D:\WINDOWS\Explorer.EXE d:\program files\rising\rfw\RfwMain.exe D:\WINDOWS\system32\Rundll32.exe D:\WINDOWS\system32\wdfmgr.exe D:\WINDOWS\System32\alg.exe D:\Program Files\Rising\Rav\RavTask.exe D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe D:\Program Files\Vnet\VnetClient.exe D:\WINDOWS\system32\svchost.exe D:\Program Files\Rising\Rav\Ravmond.exe D:\Program Files\Rising\Rav\RAVMON.EXE D:\Program Files\Rising\Rav\RavStub.exe D:\Program Files\Thunder Network\Thunder\Thunder.exe D:\Documents and Settings\Yang\桌面\HijackThis1991\HijackThis1991zww.exe O2 - BHO: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - (no file) O3 - IE工具栏增项: (no name) - {43869BB3-22FD-4F15-9B46-238106BA2F4E} - (no file) O3 - IE工具栏增项: (no name) - {115F6E46-FCBC-41ed-B3B5-3BDDD4AAB5E5} - (no file) O3 - IE工具栏增项: (no name) - {15ADF205-4C54-4cfe-AC88-1EA0BA6D06A0} - (no file) O4 - 启动项HKLM\\Run: [PHIME2002A] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - 启动项HKLM\\Run: [PHIME2002ASync] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - 启动项HKLM\\Run: [RavTask] "D:\Program Files\Rising\Rav\RavTask.exe" -system O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - 启动项HKLM\\Run: [flmpcLiveUp] D:\Program Files\flmpc\MpcLiveUp.exe O4 - 启动项HKLM\\Run: [IMSCMig] D:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload O4 - 启动项HKLM\\Run: [EPSON Stylus C43 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C43 Series" /O6 "USB001" /M "Stylus C43" O4 - 启动项HKLM\\Run: [ATIPTA] D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - 启动项HKLM\\Run: [IgfxTray] D:\WINDOWS\system32\igfxtray.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O9 - 浏览器额外的按钮: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing) O9 - 浏览器额外的“工具”菜单项: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing) O9 - 浏览器额外的按钮: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing) O9 - 浏览器额外的“工具”菜单项: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing) O11 - Options group: [!CNS] 网络实名 O14 - IERESET.INF: SEARCH_PAGE_URL= O14 - IERESET.INF: START_PAGE_URL= O17 - HKLM\System\CCS\Services\Tcpip\..\{A87D14C9-DA55-4F18-A59C-12CC00CF4FAD}: NameServer = 202.96.128.166 202.96.144.47 O17 - HKLM\System\CCS\Services\Tcpip\..\{F990F864-FD7F-4D21-905D-A1933EBF75D4}: NameServer = 202.96.128.166 202.96.144.47 O20 - Winlogon Notify: igfxcui - igfxsrvc.dll (file missing) O23 - NT 服务: Adobe LM Service - Unknown owner - D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - NT 服务: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe O23 - NT 服务: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe O23 - NT 服务: BlueSoleil Hid Service - Unknown owner - D:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - NT 服务: EPSON Printer Status Agent2 (EPSONStatusAgent2) - Unknown owner - D:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe (file missing) O23 - NT 服务: Office Source Engine (ose) - Unknown owner - D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (file missing) O23 - NT 服务: Rising Proxy Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - d:\program files\rising\rfw\rfwproxy.exe O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - d:\program files\rising\rfw\rfwsrv.exe O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - D:\Program Files\Rising\Rav\CCenter.exe O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\Program Files\Rising\Rav\Ravmond.exe O23 - NT 服务: Windows Install Helper (SHipING) - Unknown owner - C:\WINDOWS\SYSTEM32\RUNDLL32.EXE (file missing) 2006-07-20 11:15:20
16588761 初生襁褓狮帖子:4 注册: 2006-04-24 来自:	分享到：

bamboo84 初生襁褓狮帖子:29 注册: 2005-05-25 来自:	发表于： 2006-07-20 11:16 \| 短消息资料字号：小中大 2楼应该是广告病毒呀！！
bamboo84 初生襁褓狮帖子:29 注册: 2005-05-25 来自:

16588761 初生襁褓狮帖子:4 注册: 2006-04-24 来自:	发表于： 2006-07-20 11:23 \| 只看楼主短消息资料字号：小中大 3楼那该怎么解决呢？
16588761 初生襁褓狮帖子:4 注册: 2006-04-24 来自:

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT