急救～！帮忙看下日志．谢谢啦！！！ - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛急救～！帮忙看下日志．谢谢啦！！！

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

12

2 / 2 页

跳转页

急救～！帮忙看下日志．谢谢啦！！！

PINK裳初生襁褓狮帖子:177 注册: 2006-06-09 来自:	发表于： 2007-07-25 22:00 \| 只看楼主短消息资料字号：小中大 11楼 [D:\迅雷文件夹\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 3, 11] [D:\迅雷文件夹\Components\ResWorker\DsBho_01.dll] [, 1, 0, 0, 4] [D:\迅雷文件夹\Components\ResWorker\DataProcessor_01.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 6] [D:\迅雷文件夹\QQIEHelper01.dll] [腾讯公司, 1, 1, 0, 5] [D:\迅雷文件夹\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.2.9] [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510] [D:\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\macromed\flash\Flash85.ocx] [Macromedia, Inc., 8,5,0,133] [C:\WINDOWS\system32\xpsp3res.dll] [Microsoft Corporation, 5.1.2600.3121 (xpsp_sp2_gdr.070418-0032)] [D:\迅雷文件夹\ComDlls\ThunderAgent_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 3, 20] [PID: 1864 / new][D:\Program Files\WinRAR.exe] [N/A, ] [D:\Program Files\riched32.dll] [Microsoft Corporation, 5.00.2134.1] [D:\Program Files\RICHED20.dll] [Microsoft Corporation, 5.31.23.1218] [C:\WINDOWS\system32\wpdshext.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)] [C:\WINDOWS\system32\PortableDeviceApi.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)] [C:\WINDOWS\system32\Audiodev.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)] [PID: 1356 / new][C:\DOCUME~1\new\LOCALS~1\Temp\Rar$EX00.109\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900] [C:\DOCUME~1\new\LOCALS~1\Temp\Rar$EX00.109\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15] ================================== 文件关联 .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .EXE OK. ["%1" %] .COM OK. ["%1" %] .PIF OK. ["%1" %] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %] .SCR OK. ["%1" /S] .CHM OK. ["C:\WINDOWS\hh.exe" %1] .HLP OK. [%SystemRoot%\system32\winhlp32.exe %1] .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock 提供者 N/A ================================== Autorun.inf [D:\] [AutoRun] open=A1D29050.exe shell\open=打开(&O) shell\open\Command=A1D29050.exe shell\open\Default=1 shell\explore=资源管理器(&X) shell\explore\Command=A1D29050.exe [E:\] [AutoRun] open=A1D29050.exe shell\open=打开(&O) shell\open\Command=A1D29050.exe shell\open\Default=1 shell\explore=资源管理器(&X) shell\explore\Command=A1D29050.exe ================================== HOSTS 文件 127.0.0.1 localhost 127.0.0.1 008.cn 127.0.0.1 ultimate-best-hgh.0my.net 127.0.0.1 www.139500.com 127.0.0.1 www.1yin.net 127.0.0.1 ****cn 127.0.0.1 www.37021.com 127.0.0.1 www.47555.net 127.0.0.1 www.511ring.com 127.0.0.1 me.5e163.com 127.0.0.1 www.777888.com 127.0.0.1 www.77ttt.com 127.0.0.1 www.9p.cn 127.0.0.1 abcdesign.ru 127.0.0.1 gutemine.wu-wien.ac.at 127.0.0.1 math.kobe-u.ac.jp 127.0.0.1 www.aifind.info 127.0.0.1 www.allyes.com 127.0.0.1 www.aogo.net 127.0.0.1 baltnet.ru 127.0.0.1 quotes.barchart.com 127.0.0.1 free.bestialityhost.com 127.0.0.1 cctv1.net 127.0.0.1 cctv8.net 127.0.0.1 www.cctv8.net 127.0.0.1 ciachoo.pl 127.0.0.1 www.play.cn.gs 127.0.0.1 www.cnqb.net 127.0.0.1 www.feixue.net 127.0.0.1 www.xiliao.com.cn 127.0.0.1 alexey.pioneers.com.ru 127.0.0.1 www.coolcdrom.com 127.0.0.1 www.coolseach.com 127.0.0.1 puldk490gj.da.ru 127.0.0.1 dicto.ru 127.0.0.1 www.dj3344.com 127.0.0.1 www.donttrip.org 127.0.0.1 www.ehomeday.com 127.0.0.1 elemental.ru 127.0.0.1 errorguard.com 127.0.0.1 friendlygreeting.com 127.0.0.1 zhp.gdynia.pl 127.0.0.1 www.gg888.net 127.0.0.1 gin.ru 127.0.0.1 www.girlchinese.com 127.0.0.1 glass-master.ru 127.0.0.1 photo.gornet.ru 127.0.0.1 relay.great.ru 127.0.0.1 hack-gegen-rechts.com 127.0.0.1 hgrstrailer.com 127.0.0.1 www.homepage.com 127.0.0.1 hotbar.com 127.0.0.1 intellect.lvc 127.0.0.1 interfoodtd.ru 127.0.0.1 jewishgen.org 127.0.0.1 www.jixian.net 127.0.0.1 k2kapital.com 127.0.0.1 security.kolla.de 127.0.0.1 www.kuliao.com 127.0.0.1 laugh-mail.net 127.0.0.1 7b.com.cn 127.0.0.1 9505.com 127.0.0.1 www.piaoxue.com 127.0.0.1 marketscore.com 127.0.0.1 www.mir0.com 127.0.0.1 momentum.ru 127.0.0.1 www.mtv51.com 127.0.0.1 www.mydj2005.com 127.0.0.1 nefkom.net 127.0.0.1 no-abi2003.de 127.0.0.1 tdi-router.opola.pl 127.0.0.1 packages.debian.or.jp 127.0.0.1 perfectgirls.net 127.0.0.1 peterstar.ru 127.0.0.1 pgipearls.com 127.0.0.1 phg.pl 127.0.0.1 vip.pnet.pl 127.0.0.1 sec.polbox.pl 127.0.0.1 polobeer.de 127.0.0.1 porno-mania.net 127.0.0.1 home.profootball.ru 127.0.0.1 qianbai.com 127.0.0.1 ad.qingyule.com 127.0.0.1 www.qq168.net 127.0.0.1 www.qq3344.com 127.0.0.1 www.qq92.com 127.0.0.1 www.qqwz.com 127.0.0.1 www.qu123.com 127.0.0.1 republika.pl 127.0.0.1 www.richfind.com 127.0.0.1 rollenspielzirkel.de 127.0.0.1 safer-networking.org 127.0.0.1 sdsauto.ru 127.0.0.1 www.searchpage.cc 127.0.0.1 www.seekeasysoft.net 127.0.0.1 shadkhan.ru 127.0.0.1 slavarik.ru 127.0.0.1 sovea.de 127.0.0.1 spybot.info 127.0.0.1 www.start-page.info 127.0.0.1 lars-s.privat.t-online.de 127.0.0.1 u.t2cn.com 127.0.0.1 www.7939.com 127.0.0.1 www.4199.com 127.0.0.1 www.3448.com 127.0.0.1 www.6781.com 127.0.0.1 it.trendmicro-europe.com 127.0.0.1 trendmicro.it 127.0.0.1 truefriends.net 127.0.0.1 www.tthao.com 127.0.0.1 www.ttrx.net 127.0.0.1 tuhart.net 127.0.0.1 www.unionsky.cn 127.0.0.1 www.unionsky.com 127.0.0.1 www.unionsky.net 127.0.0.1 vconsole.net 127.0.0.1 virtumonde.com 127.0.0.1 gamma.vyborg.ru 127.0.0.1 financial.washingtonpost.com 127.0.0.1 webpark.pl 127.0.0.1 wishken.com 127.0.0.1 www.yeapple.com 127.0.0.1 www.yibinren.com 127.0.0.1 www.youmiss.com 127.0.0.1 www.yysky.net 127.0.0.1 zelnet.ru 127.0.0.1 www.zhengdian.com 127.0.0.1 abc.265.com 127.0.0.1 555.265.com 127.0.0.1 www.baidu345.com 127.0.0.1 www.37ss.com 127.0.0.1 my123.com 127.0.0.1 http://dm91.kulong8.com/120shop.htm 127.0.0.1 http://888.sooe.net.cn/?=ibcdm 127.0.0.1 http://files.henbang.net/aced/201/133.htm?unionownerid=14 127.0.0.1 http://www.pcarm.com/ ================================== 进程特权扫描特殊特权被允许： SeLoadDriverPrivilege [PID = 1908, C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 1916, C:\WINDOWS\VSNPSTD3.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 1324, C:\PROGRAM FILES\RACER-HAN-CNC\RACER.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 372, D:\迅雷文件夹\PROGRAM\THUNDER5.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2480, D:\PROGRAM FILES\QQ.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2440, D:\PROGRAM FILES\TIMPLATFORM.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 3996, D:\PROGRAM FILES\WINRAR.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 1864, D:\PROGRAM FILES\WINRAR.EXE] ==================================
PINK裳初生襁褓狮帖子:177 注册: 2006-06-09 来自:

PINK裳初生襁褓狮帖子:177 注册: 2006-06-09 来自:	发表于： 2007-07-25 22:00 \| 只看楼主短消息资料字号：小中大 12楼 [D:\迅雷文件夹\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 3, 11] [D:\迅雷文件夹\Components\ResWorker\DsBho_01.dll] [, 1, 0, 0, 4] [D:\迅雷文件夹\Components\ResWorker\DataProcessor_01.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 6] [D:\迅雷文件夹\QQIEHelper01.dll] [腾讯公司, 1, 1, 0, 5] [D:\迅雷文件夹\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.2.9] [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510] [D:\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\macromed\flash\Flash85.ocx] [Macromedia, Inc., 8,5,0,133] [C:\WINDOWS\system32\xpsp3res.dll] [Microsoft Corporation, 5.1.2600.3121 (xpsp_sp2_gdr.070418-0032)] [D:\迅雷文件夹\ComDlls\ThunderAgent_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 3, 20] [PID: 1864 / new][D:\Program Files\WinRAR.exe] [N/A, ] [D:\Program Files\riched32.dll] [Microsoft Corporation, 5.00.2134.1] [D:\Program Files\RICHED20.dll] [Microsoft Corporation, 5.31.23.1218] [C:\WINDOWS\system32\wpdshext.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)] [C:\WINDOWS\system32\PortableDeviceApi.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)] [C:\WINDOWS\system32\Audiodev.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)] [PID: 1356 / new][C:\DOCUME~1\new\LOCALS~1\Temp\Rar$EX00.109\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900] [C:\DOCUME~1\new\LOCALS~1\Temp\Rar$EX00.109\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15] ================================== 文件关联 .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .EXE OK. ["%1" %] .COM OK. ["%1" %] .PIF OK. ["%1" %] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %] .SCR OK. ["%1" /S] .CHM OK. ["C:\WINDOWS\hh.exe" %1] .HLP OK. [%SystemRoot%\system32\winhlp32.exe %1] .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock 提供者 N/A ================================== Autorun.inf [D:\] [AutoRun] open=A1D29050.exe shell\open=打开(&O) shell\open\Command=A1D29050.exe shell\open\Default=1 shell\explore=资源管理器(&X) shell\explore\Command=A1D29050.exe [E:\] [AutoRun] open=A1D29050.exe shell\open=打开(&O) shell\open\Command=A1D29050.exe shell\open\Default=1 shell\explore=资源管理器(&X) shell\explore\Command=A1D29050.exe ================================== HOSTS 文件 127.0.0.1 localhost 127.0.0.1 008.cn 127.0.0.1 ultimate-best-hgh.0my.net 127.0.0.1 www.139500.com 127.0.0.1 www.1yin.net 127.0.0.1 ****cn 127.0.0.1 www.37021.com 127.0.0.1 www.47555.net 127.0.0.1 www.511ring.com 127.0.0.1 me.5e163.com 127.0.0.1 www.777888.com 127.0.0.1 www.77ttt.com 127.0.0.1 www.9p.cn 127.0.0.1 abcdesign.ru 127.0.0.1 gutemine.wu-wien.ac.at 127.0.0.1 math.kobe-u.ac.jp 127.0.0.1 www.aifind.info 127.0.0.1 www.allyes.com 127.0.0.1 www.aogo.net 127.0.0.1 baltnet.ru 127.0.0.1 quotes.barchart.com 127.0.0.1 free.bestialityhost.com 127.0.0.1 cctv1.net 127.0.0.1 cctv8.net 127.0.0.1 www.cctv8.net 127.0.0.1 ciachoo.pl 127.0.0.1 www.play.cn.gs 127.0.0.1 www.cnqb.net 127.0.0.1 www.feixue.net 127.0.0.1 www.xiliao.com.cn 127.0.0.1 alexey.pioneers.com.ru 127.0.0.1 www.coolcdrom.com 127.0.0.1 www.coolseach.com 127.0.0.1 puldk490gj.da.ru 127.0.0.1 dicto.ru 127.0.0.1 www.dj3344.com 127.0.0.1 www.donttrip.org 127.0.0.1 www.ehomeday.com 127.0.0.1 elemental.ru 127.0.0.1 errorguard.com 127.0.0.1 friendlygreeting.com 127.0.0.1 zhp.gdynia.pl 127.0.0.1 www.gg888.net 127.0.0.1 gin.ru 127.0.0.1 www.girlchinese.com 127.0.0.1 glass-master.ru 127.0.0.1 photo.gornet.ru 127.0.0.1 relay.great.ru 127.0.0.1 hack-gegen-rechts.com 127.0.0.1 hgrstrailer.com 127.0.0.1 www.homepage.com 127.0.0.1 hotbar.com 127.0.0.1 intellect.lvc 127.0.0.1 interfoodtd.ru 127.0.0.1 jewishgen.org 127.0.0.1 www.jixian.net 127.0.0.1 k2kapital.com 127.0.0.1 security.kolla.de 127.0.0.1 www.kuliao.com 127.0.0.1 laugh-mail.net 127.0.0.1 7b.com.cn 127.0.0.1 9505.com 127.0.0.1 www.piaoxue.com 127.0.0.1 marketscore.com 127.0.0.1 www.mir0.com 127.0.0.1 momentum.ru 127.0.0.1 www.mtv51.com 127.0.0.1 www.mydj2005.com 127.0.0.1 nefkom.net 127.0.0.1 no-abi2003.de 127.0.0.1 tdi-router.opola.pl 127.0.0.1 packages.debian.or.jp 127.0.0.1 perfectgirls.net 127.0.0.1 peterstar.ru 127.0.0.1 pgipearls.com 127.0.0.1 phg.pl 127.0.0.1 vip.pnet.pl 127.0.0.1 sec.polbox.pl 127.0.0.1 polobeer.de 127.0.0.1 porno-mania.net 127.0.0.1 home.profootball.ru 127.0.0.1 qianbai.com 127.0.0.1 ad.qingyule.com 127.0.0.1 www.qq168.net 127.0.0.1 www.qq3344.com 127.0.0.1 www.qq92.com 127.0.0.1 www.qqwz.com 127.0.0.1 www.qu123.com 127.0.0.1 republika.pl 127.0.0.1 www.richfind.com 127.0.0.1 rollenspielzirkel.de 127.0.0.1 safer-networking.org 127.0.0.1 sdsauto.ru 127.0.0.1 www.searchpage.cc 127.0.0.1 www.seekeasysoft.net 127.0.0.1 shadkhan.ru 127.0.0.1 slavarik.ru 127.0.0.1 sovea.de 127.0.0.1 spybot.info 127.0.0.1 www.start-page.info 127.0.0.1 lars-s.privat.t-online.de 127.0.0.1 u.t2cn.com 127.0.0.1 www.7939.com 127.0.0.1 www.4199.com 127.0.0.1 www.3448.com 127.0.0.1 www.6781.com 127.0.0.1 it.trendmicro-europe.com 127.0.0.1 trendmicro.it 127.0.0.1 truefriends.net 127.0.0.1 www.tthao.com 127.0.0.1 www.ttrx.net 127.0.0.1 tuhart.net 127.0.0.1 www.unionsky.cn 127.0.0.1 www.unionsky.com 127.0.0.1 www.unionsky.net 127.0.0.1 vconsole.net 127.0.0.1 virtumonde.com 127.0.0.1 gamma.vyborg.ru 127.0.0.1 financial.washingtonpost.com 127.0.0.1 webpark.pl 127.0.0.1 wishken.com 127.0.0.1 www.yeapple.com 127.0.0.1 www.yibinren.com 127.0.0.1 www.youmiss.com 127.0.0.1 www.yysky.net 127.0.0.1 zelnet.ru 127.0.0.1 www.zhengdian.com 127.0.0.1 abc.265.com 127.0.0.1 555.265.com 127.0.0.1 www.baidu345.com 127.0.0.1 www.37ss.com 127.0.0.1 my123.com 127.0.0.1 http://dm91.kulong8.com/120shop.htm 127.0.0.1 http://888.sooe.net.cn/?=ibcdm 127.0.0.1 http://files.henbang.net/aced/201/133.htm?unionownerid=14 127.0.0.1 http://www.pcarm.com/ ================================== 进程特权扫描特殊特权被允许： SeLoadDriverPrivilege [PID = 1908, C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 1916, C:\WINDOWS\VSNPSTD3.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 1324, C:\PROGRAM FILES\RACER-HAN-CNC\RACER.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 372, D:\迅雷文件夹\PROGRAM\THUNDER5.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2480, D:\PROGRAM FILES\QQ.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2440, D:\PROGRAM FILES\TIMPLATFORM.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 3996, D:\PROGRAM FILES\WINRAR.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 1864, D:\PROGRAM FILES\WINRAR.EXE] ==================================
PINK裳初生襁褓狮帖子:177 注册: 2006-06-09 来自:

PINK裳初生襁褓狮帖子:177 注册: 2006-06-09 来自:	发表于： 2007-07-25 22:05 \| 只看楼主短消息资料字号：小中大 13楼这病毒也太汹涌了．．．
PINK裳初生襁褓狮帖子:177 注册: 2006-06-09 来自:

<<上一主题|下一主题>>

12

2 / 2 页

跳转页

页面顶部

Powered by Discuz!NT