【求助】诸位仁兄请帮忙.....! - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛【求助】诸位仁兄请帮忙.....!

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第四十七次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

【求助】诸位仁兄请帮忙.....!

荒野传说初生襁褓狮帖子:7 注册: 2005-08-15 来自:	发表于： 2005-08-15 21:52 \| 只看楼主短消息资料字号：小中大 1楼【求助】诸位仁兄请帮忙.....! 在下C盘根目录里有一个名为 Record.dat(注:现在是4345KB,并不断增长) 东西,怎么删也删不掉.以下是刚刚的log.拜托了,各位. HijackThis@Qoo的扫描日志 V1.97.7 Scan saved at 21:37:54, on 05-8-15 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v5.00 (5.00.2614.3500) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\MSTASK.EXE E:\PROGRAM FILES\RISING\RAV\CCENTER.EXE E:\PROGRAM FILES\RISING\RAV\RAVMOND.EXE E:\PROGRAM FILES\RISING\RAV\RAVMON.EXE D:\PROGRAM FILES\RISING\RFW\RFWSRV.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\SYSTEM\RPCSS.EXE D:\PROGRAM FILES\RISING\RFW\RFWMAIN.EXE C:\WINDOWS\RUNDLL32.EXE C:\WINDOWS\SYSTEM\INTERNAT.EXE C:\WINDOWS\TASKMON.EXE C:\WINDOWS\SYSTEM\STIMON.EXE C:\HEROSOFT\HERO2001\SYSEXPLR.EXE C:\WINDOWS\RUNDLL32.EXE E:\PROGRAM FILES\RISING\RAV\RAVTIMER.EXE C:\PROGRAM FILES\3721\ASSISTSE.EXE C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE C:\PROGRAM FILES\DUDU\DDDCLIENT\DUDUACC.EXE C:\PROGRAM FILES\DUDU\DDDCLIENT\DUDUPROS.EXE D:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE C:\PROGRAM FILES\3721\SKE\TROJANASSISTANT.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE C:\WINDOWS\TEMP\RAR$EX01.418\HIJACKTHIS.EXE R3 - URLSearchHook: O2 - BHO: (no name) - {6BDE1669-B490-48E3-B668-456314F2D6C3} - C:\PROGRAM FILES\DUDU\DDDCLIENT\DDDIEMON.DLL O2 - BHO: AssistII - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\PROGRAM FILES\3721\ASSIST\ASBAR.DLL O2 - BHO: Anti Fish - {38928D50-8A48-44C2-945F-D2F23F771410} - C:\PROGRAM FILES\3721\ASSIST\ANGLING.DLL O2 - BHO: 360 O3 - Toolbar: ????? - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O3 - Toolbar: ????? - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\PROGRAM FILES\3721\ASSIST\ASBAR.DLL O4 - HKLM\..\Run: [internat.exe] internat.exe O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE O4 - HKLM\..\Run: [SysExplr] C:\HEROSOFT\HERO2001\SYSEXPLR.EXE O4 - HKLM\..\Run: [CnsMin] Rundll32.exe C:\WINDOWS\DOWNLO~1\CNSMIN.DLL,Rundll32 O4 - HKLM\..\Run: [helper.dll] C:\WINDOWS\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32 O4 - HKLM\..\Run: [RavTimer] E:\PROGRA~1\RISING\RAV\RAVTIMER.EXE O4 - HKLM\..\Run: [RavMon] E:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM O4 - HKLM\..\Run: [assistse] "C:\PROGRAM FILES\3721\ASSISTSE.EXE" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [RfwMain] "D:\Program Files\Rising\Rfw\rfwmain.exe" -Startup O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [SchedulingAgent] C:\WINDOWS\SYSTEM\mstask.exe O4 - HKLM\..\RunServices: [RsCcenter] E:\PROGRA~1\RISING\RAV\CCENTER.EXE O4 - HKLM\..\RunServices: [RavMond] E:\PROGRA~1\RISING\RAV\RAVMOND.EXE O4 - HKLM\..\RunServices: [RavMon] E:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM O4 - HKLM\..\RunServices: [RfwService] "D:\PROGRAM FILES\RISING\RFW\RFWSRV.EXE" -service O4 - Startup: Windows 资源管理器.lnk O4 - Startup: MS-DOS 方式.pif O4 - Startup: Outlook Express.lnk O4 - Startup: Internet Explorer.lnk O4 - Startup: Microsoft Access.lnk O4 - Startup: Microsoft Excel.lnk O4 - Startup: Microsoft FrontPage.lnk O4 - Startup: Microsoft Outlook.lnk O4 - Startup: Microsoft PowerPoint.lnk O4 - Startup: Microsoft Word.lnk O4 - Startup: Windows Media Player.lnk O4 - Startup: DuDu加速器.lnk O4 - Startup: RealPlayer.lnk O8 - Extra context menu item: 添加到QQ自定义面板 - E:\PROGRAM FILES\TENCENT\QQ\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - E:\PROGRAM FILES\TENCENT\QQ\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - E:\PROGRAM FILES\TENCENT\QQ\SendMMS.htm O8 - Extra context menu item: &使用DuDu 加速器下载 - res://C:\PROGRAM FILES\DUDU\DDDCLIENT\dddmext.dll/202 O9 - Extra button: Related (HKLM) O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM) O9 - Extra button: QQ (HKLM) O9 - Extra button: Start spyware remover (HKCU) O9 - Extra 'Tools' menuitem: Start spyware remover (HKCU) O11 - Options group: [!CNS] O14 - IERESET.INF: SEARCH_PAGE_URL= O14 - IERESET.INF: START_PAGE_URL= O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeupdate/content/opuc2.cab O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?38577.0446180556 O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 69.50.176.198,85.255.112.12 2005-08-15 22:37:03
荒野传说初生襁褓狮帖子:7 注册: 2005-08-15 来自:	分享到：

天天泡泡卡卡技术团队帖子:17486 注册: 2004-01-21 来自:安徽安庆	发表于： 2005-08-15 21:57 \| 短消息资料字号：小中大 2楼用HijackThis1.99.1版重新扫描日志上来
天天泡泡卡卡技术团队帖子:17486 注册: 2004-01-21 来自:安徽安庆

bobo无极限初生襁褓狮帖子:12325 注册: 2005-07-08 来自:	发表于： 2005-08-15 22:37 \| 短消息资料字号：小中大 3楼同上版本号是旧的
bobo无极限初生襁褓狮帖子:12325 注册: 2005-07-08 来自:

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT