请问～～ - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛请问～～

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

12

1 / 2 页

跳转页

请问～～

guohui1111 初生襁褓狮帖子:12 注册: 2005-12-19 来自:	发表于： 2006-01-07 21:28 \| 只看楼主短消息资料字号：小中大 1楼请问～～这是不是病毒？？一直跳出来～附件: 文件名:639611200617212849.jpg 下载次数:235 文件类型:image/pjpeg 文件大小: 上传时间:2006-1-7 21:28:49 描述: 2006-01-09 14:24:30
guohui1111 初生襁褓狮帖子:12 注册: 2005-12-19 来自:	分享到：

天天网强壮不惑狮帖子:782 注册: 2005-03-12 来自:	发表于： 2006-01-07 21:45 \| 短消息资料字号：小中大 2楼瑞星邮件监控提示
天天网强壮不惑狮帖子:782 注册: 2005-03-12 来自:

guohui1111 初生襁褓狮帖子:12 注册: 2005-12-19 来自:	发表于： 2006-01-09 12:28 \| 只看楼主短消息资料字号：小中大 3楼这可不可以关掉啊~~ 以前都没有~
guohui1111 初生襁褓狮帖子:12 注册: 2005-12-19 来自:

BlackStone 叱咤花甲狮帖子:2616 注册: 2005-09-27 来自:	发表于： 2006-01-09 12:33 \| 短消息资料字号：小中大 4楼如果你没有发送邮件，那就有问题了
BlackStone 叱咤花甲狮帖子:2616 注册: 2005-09-27 来自:

guohui1111 初生襁褓狮帖子:12 注册: 2005-12-19 来自:	发表于： 2006-01-09 12:56 \| 只看楼主短消息资料字号：小中大 5楼就是嘛,我都没有发邮件~~是不是病毒?
guohui1111 初生襁褓狮帖子:12 注册: 2005-12-19 来自:

BlackStone 叱咤花甲狮帖子:2616 注册: 2005-09-27 来自:	发表于： 2006-01-09 13:22 \| 短消息资料字号：小中大 6楼用Autoruns保存一个日志发上来日志保存方法:选择File->Save菜单项保存日志时注意选择Options->Hide Microsoft Entries菜单项(设置了这项后点工具栏的刷新按钮) 工具的下载、使用参考http://forum.ikaka.com/topic.asp?board=28&artid=7318038
BlackStone 叱咤花甲狮帖子:2616 注册: 2005-09-27 来自:

guohui1111 初生襁褓狮帖子:12 注册: 2005-12-19 来自:	发表于： 2006-01-09 13:36 \| 只看楼主短消息资料字号：小中大 7楼保存那一个啊？？
guohui1111 初生襁褓狮帖子:12 注册: 2005-12-19 来自:

guohui1111 初生襁褓狮帖子:12 注册: 2005-12-19 来自:	发表于： 2006-01-09 13:48 \| 只看楼主短消息资料字号：小中大 8楼 ProcessPIDCPUDescriptionCompany Name System Idle Process090.71 Interruptsn/a0.71Hardware Interrupts DPCsn/a0.71Deferred Procedure Calls System4 smss.exe600 csrss.exe660 winlogon.exe684 SERVICES.EXE736 SVCHOST.EXE904 TIMPlatform.exe3184 IEXPLORE.EXE3064 SVCHOST.EXE980 CCenter.exe1076 SVCHOST.EXE1092 SVCHOST.EXE1172 SVCHOST.EXE1256 RavMonD.exe1268 RavStub.exe2020 spoolsv.exe1632 SMAgent.exe1832 wdfmgr.exe1868 uphclean.exe1912 alg.exe1060 SVCHOST.EXE1924 LSASS.EXE748 Explorer.EXE15840.71 Rundll32.exe1420 realsched.exe1160 SMax4PNP.exe1336 SMax4.exe1564 RavTask.exe2192 RavMon.exe2276 sfx.exe2284 YLive.exe2300 yassistse.exe2408 daemon.exe2452 CTFMON.EXE2472 QQ.exe2684 QQPet.exe2708 QQ.exe3640.71 QQPet.exe2800 QQ.exe3320 QQPet.exe31360.71 BitSpirit.exe3316 Rav.exe7976 TTraveler.exe60120.71 IEXPLORE.EXE1812 procexp.exe86645.00 Process: RavMonD.exe Pid: 1268
guohui1111 初生襁褓狮帖子:12 注册: 2005-12-19 来自:

guohui1111 初生襁褓狮帖子:12 注册: 2005-12-19 来自:	发表于： 2006-01-09 13:48 \| 只看楼主短消息资料字号：小中大 9楼 TypeName Desktop\Default Directory\Windows Directory\BaseNamedObjects Directory\KnownDlls Event\BaseNamedObjects\RSWRITEEVT-2006-PROID10a00006 Event\BaseNamedObjects\Dispinfo Event\BaseNamedObjects\Protect Event\BaseNamedObjects\WaitProc Event\BaseNamedObjects\YOOKP99 Event\BaseNamedObjects\YOOKP99 Event\BaseNamedObjects\RSWRITEEVT-2006-PROID10b00006 Event\BaseNamedObjects\Rising+RAVMOND.EXE+0 File\Device\HOOKREG File\Device\ExploitScaner File\Device\Tcp File\Device\Tcp File\Device\Ip File\Device\Ip File\Device\Ip FileC:\WINDOWS\Temp\Perflib_Perfdata_4f4.dat File\Device\Tcp File\Device\Afd\Endpoint File\Device\HOOKCONT File\Device\MEMSCAN File\Device\Afd\AsyncConnectHlp File\Device\Tcp FileC:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9 File\Device\KsecDD File\Device\Tcp File\Device\Tcp File\Device\Tcp File\Device\Afd\Endpoint File\Device\NamedPipe\net\NtControlPipe8 File\Device\Tcp File\Device\Afd\Endpoint File\Device\Afd\Endpoint File\Device\Afd\Endpoint File\Device\Tcp File\Device\Tcp File\Device\Tcp File\Device\Afd\Endpoint File\Device\Tcp File\Device\Tcp File\Device\Afd\Endpoint File\Device\Afd\Endpoint File\Device\Tcp File\Device\Tcp File\Device\Afd\Endpoint File\Device\Tcp File\Device\Afd\Endpoint FileC:\WINDOWS\system32\ File\Device\Afd\Endpoint File\Device\Tcp File\Device\hooksys
guohui1111 初生襁褓狮帖子:12 注册: 2005-12-19 来自:

guohui1111 初生襁褓狮帖子:12 注册: 2005-12-19 来自:	发表于： 2006-01-09 13:49 \| 只看楼主短消息资料字号：小中大 10楼 KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Services\Tcpip\Linkage KeyHKLM\SYSTEM\ControlSet001\Services\Tcpip\Parameters KeyHKLM\SYSTEM\ControlSet001\Services\NetBT\Parameters\Interfaces KeyHKLM\SYSTEM\ControlSet001\Services\NetBT\Parameters KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Nls\Locale\Alternate Sorts KeyHKU\.DEFAULT KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Nls\Language Groups KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Nls\CodePage KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Services\ContentFilter\Performance KeyHKLM\SYSTEM\ControlSet001\Services\ContentIndex\Performance KeyHKLM\SYSTEM\ControlSet001\Services\ISAPISearch\Performance KeyHKLM\SYSTEM\ControlSet001\Services\PerfDisk\Performance KeyHKLM\SYSTEM\ControlSet001\Services\PerfNet\Performance KeyHKLM\SYSTEM\ControlSet001\Services\PerfOS\Performance KeyHKLM\SYSTEM\ControlSet001\Services\PerfProc\Performance KeyHKLM\SYSTEM\ControlSet001\Services\PSched\Performance KeyHKLM\SYSTEM\ControlSet001\Services\RemoteAccess\Performance KeyHKLM\SYSTEM\ControlSet001\Services\RSVP\Performance KeyHKLM\SYSTEM\ControlSet001\Services\Spooler\Performance KeyHKLM\SYSTEM\ControlSet001\Services\TapiSrv\Performance KeyHKLM\SYSTEM\ControlSet001\Services\Tcpip\Performance KeyHKLM\SYSTEM\ControlSet001\Services\TermService\Performance KeyHKLM\SYSTEM\ControlSet001\Services\WmiApRpl\Performance KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Nls\Locale KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9 KeyHKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\NameSpace_Catalog5 KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKCR KeyHKLM\SYSTEM\ControlSet001\Control\Session Manager KeyHKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib KeyedEvent\KernelObjects\CritSecOutOfMemoryEvent Mutant\BaseNamedObjects\RSDBMUTEX-2006-PROID10a00006 Mutant\BaseNamedObjects\ShimCacheMutex Mutant\BaseNamedObjects\RSDBSYLIBMUTEX Mutant\BaseNamedObjects\DBWinMutex Mutant\BaseNamedObjects\RSDBMUTEX-2006-PROID10b00006 Mutant\BaseNamedObjects\RSSTORE-AD436956-5F56-4ce8-A0E4-CD6086DD9646 Mutant\BaseNamedObjects\ContentFilter_Perf_Library_Lock_PID_4f4 Mutant\BaseNamedObjects\ContentIndex_Perf_Library_Lock_PID_4f4 Mutant\BaseNamedObjects\ISAPISearch_Perf_Library_Lock_PID_4f4 Mutant\BaseNamedObjects\PerfDisk_Perf_Library_Lock_PID_4f4 Mutant\BaseNamedObjects\PerfNet_Perf_Library_Lock_PID_4f4 Mutant\BaseNamedObjects\PerfOS_Perf_Library_Lock_PID_4f4 Mutant\BaseNamedObjects\PerfProc_Perf_Library_Lock_PID_4f4 Mutant\BaseNamedObjects\PSched_Perf_Library_Lock_PID_4f4 Mutant\BaseNamedObjects\RemoteAccess_Perf_Library_Lock_PID_4f4 Mutant\BaseNamedObjects\RSVP_Perf_Library_Lock_PID_4f4 Mutant\BaseNamedObjects\Spooler_Perf_Library_Lock_PID_4f4 Mutant\BaseNamedObjects\TapiSrv_Perf_Library_Lock_PID_4f4 Mutant\BaseNamedObjects\Tcpip_Perf_Library_Lock_PID_4f4 Mutant\BaseNamedObjects\TermService_Perf_Library_Lock_PID_4f4 Mutant\BaseNamedObjects\WmiApRpl_Perf_Library_Lock_PID_4f4 Mutant\BaseNamedObjects\{CB508F94-4FFA-4fa7-A4BC-CFC2A25A564A-2005} Mutant\BaseNamedObjects\CfgDll.dll_MUTEX_WRITE_MEM_Rav_Formal06 Mutant\BaseNamedObjects\Load_Shared_Memory Mutant\BaseNamedObjects\RSFMAF Mutant\BaseNamedObjects\RSDBSYLIBMUTEX
guohui1111 初生襁褓狮帖子:12 注册: 2005-12-19 来自:

<<上一主题|下一主题>>

12

1 / 2 页

跳转页

页面顶部

Powered by Discuz!NT