老大帮帮我吧! - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛老大帮帮我吧!

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第四十七次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

老大帮帮我吧!

浪哥初生襁褓狮帖子:11 注册: 2005-10-11 来自:	发表于： 2005-10-11 03:10 \| 只看楼主短消息资料字号：小中大 1楼老大帮帮我吧! 老大，帮我分析分析，我中的是灰鸽子2005!另外我的注册表开不了!说我没有权限! O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: Gray_Pigeon_Server (GrayPigeonServer) - Unknown owner - C:\WINNT\G_Server.exe (file missing) O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Corporation Limited - c:\rising\rfw\rfwsrv.exe O23 - Service: Rising Process Communication Center (RsCCenter) - rising - C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\Ravmond.exe O23 - Service: SB - Unknown owner - C:\WINNT\SB.exe O23 - Service: Windows Helper - Unknown owner - C:\WINNT\Windows Helper.exe 2005-10-11 10:18:03
浪哥初生襁褓狮帖子:11 注册: 2005-10-11 来自:	分享到：

浪哥初生襁褓狮帖子:11 注册: 2005-10-11 来自:	发表于： 2005-10-11 08:17 \| 只看楼主短消息资料字号：小中大 2楼难道没人知道吗？
浪哥初生襁褓狮帖子:11 注册: 2005-10-11 来自:

影子110 叱咤花甲狮帖子:4210 注册: 2005-04-10 来自:怀黯	发表于： 2005-10-11 08:27 \| 短消息资料字号：小中大 3楼 O23 - Service: Gray_Pigeon_Server (GrayPigeonServer) - Unknown owner - C:\WINNT\G_Server.exe (file missing) O23 - Service: SB - Unknown owner - C:\WINNT\SB.exe O23 - Service: Windows Helper - Unknown owner - C:\WINNT\Windows Helper.exe 不是鸽子就是木马，帖个完整的日志上来
影子110 叱咤花甲狮帖子:4210 注册: 2005-04-10 来自:怀黯

浪哥初生襁褓狮帖子:11 注册: 2005-10-11 来自:	发表于： 2005-10-11 08:54 \| 只看楼主短消息资料字号：小中大 4楼 Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\csrss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\MSTask.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\svchost.exe C:\WINNT\Explorer.EXE C:\WINNT\system32\rundll32.exe C:\WINNT\system32\Rundll32.exe C:\Program Files\Ringz Studio\Storm Downloader\StormDownloader.exe C:\Program Files\System Safety Monitor\HA_SSM196b2_CZ.EXE D:\软件备份\155847200541134207\HijackThis.exe R3 - URLSearchHook: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\PROGRA~1\3721\assist\asbar.dll (file missing) R3 - URLSearchHook: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasbar.dll O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINNT\system32\xunleibho_v4.dll O2 - BHO: BeetleSoft - {7D8E174C-6126-4608-A99E-4376969E105C} - C:\PROGRA~1\Beetle\BEETLE~1.DLL O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FLASHGET\jccatch.dll O2 - BHO: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\PROGRA~1\3721\assist\asbar.dll (file missing) O2 - BHO: YiSou - {EF1D17A9-089F-40cc-8D64-7324CDEBA0DB} - C:\PROGRA~1\YiSou\yisoub.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll O3 - Toolbar: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\PROGRA~1\3721\assist\asbar.dll (file missing) O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [helper.dll] C:\WINNT\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32 O4 - HKLM\..\Run: [RavTimer] C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE O4 - HKLM\..\Run: [CnsMin] Rundll32.exe C:\WINNT\downlo~1\CnsMin.dll,Rundll32 O4 - HKLM\..\Run: [MoveSearch] C:\Program Files\wsearch\Search.exe O4 - HKLM\..\Run: [CdnCtr] ; C:\Program Files\CNNIC\Cdn\cdnup.exe O4 - HKLM\..\Run: [renewup] ; C:\Program Files\CNNIC\Cdn\cdnrenew.exe O4 - HKLM\..\Run: [BCUpdate] ; C:\WINNT\system32\BCUP.exe O4 - HKLM\..\Run: [ADShow] ; C:\WINNT\system32\bcsysnote.exe O4 - HKLM\..\Run: [RfwMain] "C:\Rising\Rfw\rfwmain.exe" -Startup O4 - HKLM\..\Run: [StormCodec_Helper] "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti O4 - HKLM\..\Run: [MINI_BFYY] C:\Program Files\Ringz Studio\Storm Downloader\StormDownloader.exe O4 - HKLM\..\Run: [apcm] C:\WINNT\A1_P2_C3\loadqm.exe O4 - HKLM\..\Run: [apsvc] C:\WINNT\A1_P2_C3\svcohost.exe O4 - HKCU\..\Run: [Internat.exe] Internat.exe O4 - Startup: 腾讯QQ.lnk = C:\Program Files\Tencent\QQ\QQ.exe O8 - Extra context menu item: &使用暴风下载器下载 - C:\Program Files\Ringz Studio\Storm Downloader\geturl.htm O8 - Extra context menu item: 使用网际快车下载 - C:\Program Files\FlashGet\jc_link.htm O9 - Extra button: 上网助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://assistant.3721.com/index.htm?fb=Cns (file missing) O9 - Extra button: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://assistant.3721.com/security1.htm?fb=Cns (file missing) O9 - Extra 'Tools' menuitem: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://assistant.3721.com/security1.htm?fb=Cns (file missing) O9 - Extra button: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://assistant.3721.com/clean1.htm?fb=Cns (file missing) O9 - Extra 'Tools' menuitem: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://assistant.3721.com/clean1.htm?fb=Cns (file missing) O10 - Unknown file in Winsock LSP: c:\winnt\system32\cdnns.dll O11 - Options group: [!CNS] 网络实名 O14 - IERESET.INF: SEARCH_PAGE_URL= O14 - IERESET.INF: START_PAGE_URL= O16 - DPF: {DA984A6D-508E-11D6-AA49-0050FF3C628D} (Ravonline) - http://download.rising.com.cn/QQ/QQkill/rsonline.cab O16 - DPF: {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (Rising Web Scan Object) - http://download.rising.com.cn/register/pcver/autoupgradepad/Ver2005/OL2005.cab O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: Gray_Pigeon_Server (GrayPigeonServer) - Unknown owner - C:\WINNT\G_Server.exe (file missing) O23 - Service: Rising Personal Firewall Service (RfwService) - Unknown owner - c:\rising\rfw\rfwsrv.exe (file missing) O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\Ravmond.exe O23 - Service: SB - Unknown owner - C:\WINNT\SB.exe O23 - Service: Windows Helper - Unknown owner - C:\WINNT\Windows Helper.exe
浪哥初生襁褓狮帖子:11 注册: 2005-10-11 来自:

浪哥初生襁褓狮帖子:11 注册: 2005-10-11 来自:	发表于： 2005-10-11 08:55 \| 只看楼主短消息资料字号：小中大 5楼谢谢了
浪哥初生襁褓狮帖子:11 注册: 2005-10-11 来自:

影子110 叱咤花甲狮帖子:4210 注册: 2005-04-10 来自:怀黯	发表于： 2005-10-11 10:18 \| 短消息资料字号：小中大 6楼 Search.exe 这个是网络猪，看添加删除程序里有没有它的卸载项，或进入C:\Program Files\wsearch文件夹关于它的问题可参阅http://forum.ikaka.com/topic.asp?board=36&artid=6770535 C:\WINNT\system32\BCUP.exe（博客文摘，一个自动安装的插件，参阅下帖，如果你觉得无所谓的话也可以不管） http://go.meetchinese.com/forum/ultimatebb.cgi?ubb=get_topic;f=10;t=006121;p= http://blog.xjtu.edu.cn/user1/743/archives/2005/38477.shtml 下面三项（是鸽子参阅此帖），http://forum.ikaka.com/topic.asp?board=28&artid=7156227 O23 - Service: Gray_Pigeon_Server (GrayPigeonServer) - Unknown owner - C:\WINNT\G_Server.exe (file missing) O23 - Service: SB - Unknown owner - C:\WINNT\SB.exe O23 - Service: Windows Helper - Unknown owner - C:\WINNT\Windows Helper.exe
影子110 叱咤花甲狮帖子:4210 注册: 2005-04-10 来自:怀黯

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT