电脑弹出广告框关机的时候蓝屏但瑞星检测不到有毒~~~~~ - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛电脑弹出广告框关机的时候蓝屏但瑞星检测不到有毒~~~~~

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

12

1 / 2 页

跳转页

电脑弹出广告框关机的时候蓝屏但瑞星检测不到有毒~~~~~

anqijjyy 初生襁褓狮帖子:11 注册: 2006-04-11 来自:	发表于： 2006-08-16 23:00 \| 只看楼主短消息资料字号：小中大 1楼电脑弹出广告框关机的时候蓝屏但瑞星检测不到有毒~~~~~ HijackThis@Qoo的扫描日志 V1.97.7 Scan saved at 22:47:46, on 2006-8-16 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe E:\Rising\Rav\CCenter.exe C:\WINDOWS\System32\svchost.exe E:\Rising\Rav\Ravmond.exe e:\rising\rfw\rfwsrv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe E:\Rising\Rfw\rfwmain.exe E:\Rising\Rav\RavTask.exe C:\WINDOWS\VM_STI.EXE E:\Rising\Rav\Ravmon.exe C:\WINDOWS\system32\ctfmon.exe E:\Rising\Rav\RavStub.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\taskmgr.exe C:\WINDOWS\regedit.exe C:\Program Files\Internet Explorer\iexplore.exe D:\Hihackthis\HijackThis.exe O2 - BHO: WebThunderBHO - {00000AAA-A363-466E-BEF5-9BB68697AA7F} - E:\ O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - e:\QQ2006\QQIEHelper.dll O2 - BHO: (no name) - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\PROGRA~1\baidu\bar\BaiduBar.dll O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - E:\ O2 - BHO: (no name) - {A9930D97-9CF0-42A0-A10D-4F28836579D5} - E:\ O3 - Toolbar: ????? - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\PROGRA~1\baidu\bar\BaiduBar.dll O3 - Toolbar: ????? - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\KakaTool.dll O3 - Toolbar: ????? - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - D:\ O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RfwMain] "E:\Rising\Rfw\rfwmain.exe" -Startup O4 - HKLM\..\Run: [RavTask] "E:\Rising\Rav\RavTask.exe" -system O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Vimicro USB PC Camera (ZC0301PL) O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [Systray] c:\windows\system32\Systray.exe O4 - HKLM\..\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: NTUSER.DAT O4 - Startup: NTUSER.DAT.LOG O4 - Startup: ntuser.ini O4 - Global Startup: ntuser.dat O4 - Global Startup: ntuser.dat.LOG O8 - Extra context menu item: &使用迅雷下载 - E:\ O8 - Extra context menu item: &使用迅雷下载全部链接 - E:\ O8 - Extra context menu item: 上传到QQ网络硬盘 - E:\QQ2006\AddToNetDisk.htm O8 - Extra context menu item: 使用KuGoo3下载(&K) - E:\ O8 - Extra context menu item: 使用Web迅雷下载 - E:\ O8 - Extra context menu item: 使用Web迅雷下载全部链接 - E:\ O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: 添加到QQ自定义面板 - E:\QQ2006\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - E:\QQ2006\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - E:\QQ2006\SendMMS.htm O8 - Extra context menu item: 百度--MP3搜索 - RES://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUMP3.HTM O8 - Extra context menu item: 百度--网页搜索 - RES://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUSEARCH.HTM O9 - Extra button: QQ (HKLM) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O17 - HKLM\System\CCS\Services\Tcpip\..\{1B5317A5-7A06-4896-87AE-628A6F9666D2}: NameServer = 220.170.0.18,220.170.0.38 O17 - HKLM\System\CCS\Services\Tcpip\..\{A7416399-38FC-4328-9534-0DF5687D3B65}: NameServer = 220.170.0.38,220.170.0.18 O17 - HKLM\System\CS1\Services\Tcpip\..\{1B5317A5-7A06-4896-87AE-628A6F9666D2}: NameServer = 220.170.0.18,220.170.0.38 将扫描日志发上，希望各位论坛的高手帮小弟解决此问题。关机时显示蓝屏，我这几次次都是直接关的电源/~~~~~~~ 2006-08-17 23:22:55
anqijjyy 初生襁褓狮帖子:11 注册: 2006-04-11 来自:	分享到：

琰璎初生襁褓狮帖子:58 注册: 2004-12-17 来自:	发表于： 2006-08-16 23:02 \| 短消息资料字号：小中大 2楼哭死~~~~~~~~ 跟我的一样,谁能救救我们~~~~~~~
琰璎初生襁褓狮帖子:58 注册: 2004-12-17 来自:

anqijjyy 初生襁褓狮帖子:11 注册: 2006-04-11 来自:	发表于： 2006-08-16 23:08 \| 只看楼主短消息资料字号：小中大 3楼啊？你也不能关机拉？我是装了一下什么精美主题，然后就出现问题了。在网上查我的进程有spoolsv.exe csrss.exe deskipn.dll 等都像是木马病毒，可我却不知道到底中了哪个
anqijjyy 初生襁褓狮帖子:11 注册: 2006-04-11 来自:

琰璎初生襁褓狮帖子:58 注册: 2004-12-17 来自:	发表于： 2006-08-16 23:11 \| 短消息资料字号：小中大 4楼我都不知道我是中了什么,卡巴斯基根本就查不出来,头痛啊~~~ 乱七八糟的弹广告,但是稍微好点的是电脑还能关得掉~~~~ 哎~~~~
琰璎初生襁褓狮帖子:58 注册: 2004-12-17 来自:

anqijjyy 初生襁褓狮帖子:11 注册: 2006-04-11 来自:	发表于： 2006-08-16 23:25 \| 只看楼主短消息资料字号：小中大 5楼 A problem has been detected and windows has been shut down to prevent damage to your conputer IRQL_NOT_LESS_RO_EQUAL If this the first time you'er seen this stop error screen restart your computer.If this screen appers again,fllow these steps. Check to make sure any new hardware or sftware is properly installed.If this is a new installation,ask your hardware or software manufacturer for any windows update you might need. If problems continue,disable or remove any newly installed hardware or sfteware.Disable BIOS memory options such as caching or shadowing. Technical information: STOP:0X0000000A (0xB79B2000, 0x00000002,0x00000001,0x80829B46) 这个是蓝屏的提示，stop:位置出现了几种情况还有个好像是 0FFFFFFFX0 反正我就看到很多F
anqijjyy 初生襁褓狮帖子:11 注册: 2006-04-11 来自:

希望快乐初生襁褓狮帖子:178 注册: 2004-10-04 来自:	发表于： 2006-08-17 00:18 \| 短消息资料字号：小中大 6楼你用下TT试试会不会再跳出来`` 你前一种情况应该是电脑中有恶意代码``
希望快乐初生襁褓狮帖子:178 注册: 2004-10-04 来自:

anqijjyy 初生襁褓狮帖子:11 注册: 2006-04-11 来自:	发表于： 2006-08-17 09:19 \| 只看楼主短消息资料字号：小中大 7楼问题仍然存在，有时弹出个框说我中奖了，有时弹个框又大部分是英语重新扫个日志上来 Logfile of HijackThis v1.99.1 Scan saved at 9:07:10, on 2006-8-17 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe E:\Rising\Rav\CCenter.exe C:\WINDOWS\System32\svchost.exe E:\Rising\Rav\Ravmond.exe e:\rising\rfw\rfwsrv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe E:\Rising\Rav\RavTask.exe e:\rising\rfw\RfwMain.exe C:\WINDOWS\VM_STI.EXE E:\Rising\Rav\Ravmon.exe C:\WINDOWS\system32\ctfmon.exe E:\Rising\Rav\RavStub.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\taskmgr.exe E:\讯雷5\web\WebThunder.exe C:\WINDOWS\system32\rundll32.exe D:\Hihackthis\HijackThis.exe C:\Program Files\Internet Explorer\iexplore.exe R3 - Default URLSearchHook is missing O2 - BHO: WebThunderBHO - {00000AAA-A363-466E-BEF5-9BB68697AA7F} - E:\讯雷5\web\WebThunderBHO_011.dll O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\PROGRA~1\baidu\bar\BaiduBar.dll O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - E:\讯雷5\ComDlls\XunLeiBHO_001.dll O2 - BHO: (no name) - {A9930D97-9CF0-42A0-A10D-4F28836579D5} - E:\酷狗\KuGoo3DownXControl.ocx O3 - Toolbar: 百度超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\PROGRA~1\baidu\bar\BaiduBar.dll O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\KakaTool.dll O3 - Toolbar: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - D:\金山快译\IEBand.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RfwMain] "E:\Rising\Rfw\rfwmain.exe" -Startup O4 - HKLM\..\Run: [RavTask] "E:\Rising\Rav\RavTask.exe" -system O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Vimicro USB PC Camera (ZC0301PL) O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [Systray] c:\windows\system32\Systray.exe O4 - HKLM\..\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: &使用迅雷下载 - E:\讯雷5\Program\GetUrl.htm O8 - Extra context menu item: &使用迅雷下载全部链接 - E:\讯雷5\Program\GetAllUrl.htm O8 - Extra context menu item: 上传到QQ网络硬盘 - E:\QQ2006\AddToNetDisk.htm O8 - Extra context menu item: 使用KuGoo3下载(&K) - E:\酷狗\KuGoo3DownX.htm O8 - Extra context menu item: 使用Web迅雷下载 - E:\讯雷5\web\GetUrl.htm O8 - Extra context menu item: 使用Web迅雷下载全部链接 - E:\讯雷5\web\GetAllUrl.htm O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: 添加到QQ自定义面板 - E:\QQ2006\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - E:\QQ2006\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - E:\QQ2006\SendMMS.htm O8 - Extra context menu item: 百度--MP3搜索 - RES://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUMP3.HTM O8 - Extra context menu item: 百度--网页搜索 - RES://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUSEARCH.HTM O9 - Extra button: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-E800A446447A} - E:\浩方对战平台\GameClient.exe O9 - Extra button: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-E800A446447A}? - E:\浩方对战平台\GameClient.exe O9 - Extra button: 新浪UC - {2253922F-1B26-4C74-8B57-E3AEE748DBB8} - E:\新浪uc\uc.exe O9 - Extra button: 微软 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.microsoft.com/china/index.htm (file missing) O9 - Extra button: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\MICROS~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: 启动Web迅雷 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - http://my.xunlei.com (file missing) O9 - Extra 'Tools' menuitem: 启动Web迅雷 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - http://my.xunlei.com (file missing) O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - e:\QQ2006\QQ.EXE O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - e:\QQ2006\QQ.EXE O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O17 - HKLM\System\CCS\Services\Tcpip\..\{1B5317A5-7A06-4896-87AE-628A6F9666D2}: NameServer = 220.170.0.18,220.170.0.38 O17 - HKLM\System\CCS\Services\Tcpip\..\{A7416399-38FC-4328-9534-0DF5687D3B65}: NameServer = 220.170.0.38,220.170.0.18 O17 - HKLM\System\CS1\Services\Tcpip\..\{1B5317A5-7A06-4896-87AE-628A6F9666D2}: NameServer = 220.170.0.18,220.170.0.38 O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: LogicalDisk Manave - Unknown owner - C:\WINDOWS\svhost.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Rising Proxy Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - e:\rising\rfw\rfwproxy.exe O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - e:\rising\rfw\rfwsrv.exe O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - E:\Rising\Rav\CCenter.exe O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - E:\Rising\Rav\Ravmond.exe 杀毒高手帮帮忙啊
anqijjyy 初生襁褓狮帖子:11 注册: 2006-04-11 来自:

反日货主义初生襁褓狮帖子:38 注册: 2006-08-15 来自:	发表于： 2006-08-17 10:14 \| 短消息资料字号：小中大 8楼找瑞星客服吧,电话:010-82678866
反日货主义初生襁褓狮帖子:38 注册: 2006-08-15 来自:

anqijjyy 初生襁褓狮帖子:11 注册: 2006-04-11 来自:	发表于： 2006-08-17 14:54 \| 只看楼主短消息资料字号：小中大 9楼 R3 - Default URLSearchHook is missing 这个要删除码？
anqijjyy 初生襁褓狮帖子:11 注册: 2006-04-11 来自:

anqijjyy 初生襁褓狮帖子:11 注册: 2006-04-11 来自:	发表于： 2006-08-17 20:10 \| 只看楼主短消息资料字号：小中大 10楼 O17 - HKLM\System\CCS\Services\Tcpip\..\{1B5317A5-7A06-4896-87AE-628A6F9666D2}: NameServer = 220.170.0.18,220.170.0.38 O17 - HKLM\System\CCS\Services\Tcpip\..\{A7416399-38FC-4328-9534-0DF5687D3B65}: NameServer = 220.170.0.38,220.170.0.18 问题仍然没解决啊~ 这两项是不是有问题啊？
anqijjyy 初生襁褓狮帖子:11 注册: 2006-04-11 来自:

<<上一主题|下一主题>>

12

1 / 2 页

跳转页

页面顶部

Powered by Discuz!NT