网页被劫持 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛网页被劫持

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第四十五次通过VB100测评		瑞星推出“1+2”全新解决方案建立网端协同智能防御体系		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

[求助] 网页被劫持

本主题由在线技术支持工程师 RisingCSC 于 2009-2-2 15:36:57 执行合并主题操作

ajx20001 初生襁褓狮帖子:5 注册: 2009-02-02 来自:	发表于： 2009-02-02 14:29 \| 只看楼主短消息资料字号：小中大 1楼网页被劫持主页被劫持为http://www.google.com.sohu.com.baidu.com.bibipv.cn/ren0w1la0lly0so1baidubaidubaidubaidubaidubaidubaidubaidubaidu.htm 运用了卡巴斯基，卡卡，瑞星，兔子，兵刃，网页保护神，注册表修改等数十种方法统统的不好使。主页可以修改，但是改过关闭后，再启动还是上述地址。扫描日志：瑞星卡卡电脑诊断日志 v1.30 (2009-2-2 14:30:4) 北京瑞星信息技术有限公司注释: [A]表示该文件存在自启动关联; [M]表示该文件在内存中; + 注册表自运行项目 + 系统服务 + HKLM\System\CurrentControlSet\Services aspnet_state [A ] 1. c:\windows\microsoft.net\framework\v1.1.4322\aspnet_state.exe aswUpdSv [AM] 2. c:\program files\alwil software\avast4\aswupdsv.exe Ati HotKey Poller [AM] 3. c:\windows\system32\ati2evxx.exe avast! Antivirus [AM] 4. c:\program files\alwil software\avast4\ashserv.exe avast! Mail Scanner [AM] 5. c:\program files\alwil software\avast4\ashmaisv.exe avast! Web Scanner [AM] 6. c:\program files\alwil software\avast4\ashwebsv.exe hpqcxs08 [A ] 7. c:\program files\hp\digital imaging\bin\hpqcxs08.dll MDM [AM] 8. c:\program files\common files\microsoft shared\vs7debug\mdm.exe Net Driver HPZ12 [AM] 9. c:\windows\system32\hpzinw12.dll ose [A ] 10. c:\program files\common files\microsoft shared\source engine\ose.exe Pml Driver HPZ12 [AM] 11. c:\windows\system32\hpzipm12.dll RegSrvc [AM] 12. c:\windows\system32\regsrvc.exe S24EventMonitor [AM] 13. c:\windows\system32\s24evmon.exe ServiceLayer [A ] 14. c:\program files\pc connectivity solution\servicelayer.exe WudfSvc [AM] 15. c:\windows\system32\wudfsvc.dll + 内核驱动 + HKLM\System\CurrentControlSet\Services a320raid [A ] 16. c:\windows\system32\drivers\a320raid.sys aar1210 [A ] 17. c:\windows\system32\drivers\aar1210.sys Aavmker4 [A ] 18. c:\windows\system32\drivers\aavmker4.sys adpu320 [A ] 19. c:\windows\system32\drivers\adpu320.sys aec6210 [A ] 20. c:\windows\system32\drivers\aec6210.sys aec6260 [A ] 21. c:\windows\system32\drivers\aec6260.sys aec6280 [A ] 22. c:\windows\system32\drivers\aec6280.sys AEC6890 [A ] 23. c:\windows\system32\drivers\aec6890.sys aec68x5 [A ] 24. c:\windows\system32\drivers\aec68x5.sys aswRdr [A ] 25. c:\windows\system32\drivers\aswrdr.sys aswSP [A ] 26. c:\windows\system32\drivers\aswsp.sys aswTdi [A ] 27. c:\windows\system32\drivers\aswtdi.sys fasttrak [A ] 28. c:\windows\system32\drivers\fasttrak.sys fasttx2k [A ] 29. c:\windows\system32\drivers\fasttx2k.sys fasttx2k2 [A ] 30. c:\windows\system32\drivers\fasttx2k2.sys Hpt366 [A ] 31. c:\windows\system32\drivers\hpt366.sys HPT371 [A ] 32. c:\windows\system32\drivers\hpt371.sys hpt374 [A ] 33. c:\windows\system32\drivers\hpt374.sys hpt3xx [A ] 34. c:\windows\system32\drivers\hpt3xx.sys hptmv [A ] 35. c:\windows\system32\drivers\hptmv.sys hptpro [A ] 36. c:\windows\system32\drivers\hptpro.sys HPZid412 [A ] 37. c:\windows\system32\drivers\hpzid412.sys HPZipr12 [A ] 38. c:\windows\system32\drivers\hpzipr12.sys HPZius12 [A ] 39. c:\windows\system32\drivers\hpzius12.sys HSFHWICH [A ] 40. c:\windows\system32\drivers\hsfhwich.sys HSF_DP [A ] 41. c:\windows\system32\drivers\hsf_dp.sys iaStor [A ] 42. c:\windows\system32\drivers\iastor.sys iteraid [A ] 43. c:\windows\system32\drivers\iteraid.sys L8042Kbd [A ] 44. c:\windows\system32\drivers\l8042kbd.sys L8042mou [A ] 45. c:\windows\system32\drivers\l8042mou.sys LHidFilt [A ] 46. c:\windows\system32\drivers\lhidfilt.sys LMouFilt [A ] 47. c:\windows\system32\drivers\lmoufilt.sys LMouKE [A ] 48. c:\windows\system32\drivers\lmouke.sys LUsbFilt [A ] 49. c:\windows\system32\drivers\lusbfilt.sys m5228 [A ] 50. c:\windows\system32\drivers\m5228.sys m5281 [A ] 51. c:\windows\system32\drivers\m5281.sys MDC8021X [A ] 52. c:\windows\system32\drivers\mdc8021x.sys mdmxsdk [A ] 53. c:\windows\system32\drivers\mdmxsdk.sys MegaIDE [A ] 54. c:\windows\system32\drivers\megaide.sys mraid2k [A ] 55. c:\windows\system32\drivers\mraid2k.sys nmwcd [A ] 56. c:\windows\system32\drivers\ccdcmb.sys nmwcdc [A ] 57. c:\windows\system32\drivers\ccdcmbo.sys npkcrypt [A ] 58. c:\windows\system32\npkcrypt.sys npkycryp [A ] 59. c:\windows\system32\npkycryp.sys O2SCBUS [A ] 60. c:\windows\system32\drivers\ozscr.sys OMCI [A ] 61. c:\windows\system32\drivers\omci.sys pccsmcfd [A ] 62. c:\windows\system32\drivers\pccsmcfd.sys Pnp680 [A ] 63. c:\windows\system32\drivers\pnp680.sys Pnp680r [A ] 64. c:\windows\system32\drivers\pnp680r.sys s24trans [A ] 65. c:\windows\system32\drivers\s24trans.sys Secdrv [A ] 66. c:\windows\system32\drivers\secdrv.sys SI3112 [A ] 67. c:\windows\system32\drivers\si3112.sys SI3112r [A ] 68. c:\windows\system32\drivers\si3112r.sys SI3114 [A ] 69. c:\windows\system32\drivers\si3114.sys SI3114r [A ] 70. c:\windows\system32\drivers\si3114r.sys SI3124 [A ] 71. c:\windows\system32\drivers\si3124.sys SI3124r [A ] 72. c:\windows\system32\drivers\si3124r.sys SiFilter [A ] 73. c:\windows\system32\drivers\siwinacc.sys SiSRaid [A ] 74. c:\windows\system32\drivers\sisraid.sys SiSRaid1 [A ] 75. c:\windows\system32\drivers\sisraid1.sys sptrak [A ] 76. c:\windows\system32\drivers\sptrak.sys STAC97 [A ] 77. c:\windows\system32\drivers\stac97.sys SVKP [A ] 78. c:\windows\system32\svkp.sys UlSata [A ] 79. c:\windows\system32\drivers\ulsata.sys upperdev [A ] 80. c:\windows\system32\drivers\usbser_lowerflt.sys UsbserFilt [A ] 81. c:\windows\system32\drivers\usbser_lowerfltj.sys VCOM_WirelessMgr [A ] 82. c:\windows\system32\drivers\vcom_a2000p.sys viamraid [A ] 83. c:\windows\system32\drivers\viamraid.sys viapdsk [A ] 84. c:\windows\system32\drivers\viapdsk.sys viaraid [A ] 85. c:\windows\system32\drivers\viaraid.sys viasraid [A ] 86. c:\windows\system32\drivers\viasraid.sys vmscsi [A ] 87. c:\windows\system32\drivers\vmscsi.sys w22n51 [A ] 88. c:\windows\system32\drivers\w22n51.sys Wdf01000 [A ] 89. c:\windows\system32\drivers\wdf01000.sys winachsf [A ] 90. c:\windows\system32\drivers\hsf_cnxt.sys WudfPf [A ] 91. c:\windows\system32\drivers\wudfpf.sys WudfRd [A ] 92. c:\windows\system32\drivers\wudfrd.sys zusbdemo [A ] 93. c:\windows\system32\drivers\zusbdemo.sys + 文件系统驱动 + HKLM\System\CurrentControlSet\Services aswFsBlk [A ] 94. c:\windows\system32\drivers\aswfsblk.sys aswMon2 [A ] 95. c:\windows\system32\drivers\aswmon2.sys + 系统登陆自运行 + HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify AtiExtEvent [AM] 96. c:\windows\system32\ati2evxx.dll Sebring [AM] 97. c:\windows\system32\lgnotify.dll + IE浏览器加载模块 + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects {889D2FEB-5411-4565-8998-1DD2C5261283} [AM] 98. d:\迅雷\comdlls\xunleibho_now.dll + 资源管理器加载模块 + HKLM\SOFTWARE\Classes\PROTOCOLS\Filter application/octet-stream [A ] 99. c:\windows\system32\mscoree.dll application/x-complus [A ] 99. c:\windows\system32\mscoree.dll application/x-msdownload [A ] 99. c:\windows\system32\mscoree.dll text/xml [A ] 100. c:\program files\common files\microsoft shared\office11\msoxmlmf.dll + HKLM\SOFTWARE\Classes\PROTOCOLS\Handler ic32pp [A ] 101. c:\windows\wc98pp.dll ms-itss [A ] 102. c:\program files\common files\microsoft shared\information retrieval\msitss.dll mso-offdap11 [A ] 103. c:\program files\common files\microsoft shared\web components\11\owc11.dll + HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers {0561EC90-CE54-4f0c-9C55-E226110A740C} [AM] 104. c:\program files\haali\matroskasplitter\mmfinfo.dll {F9DB5320-233E-11D1-9F84-707F02C10627} [AM] 105. c:\program files\common files\adobe\acrobat\activex\pdfshell.dll + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved HyperTerminal Icon Ext [A ] 106. c:\windows\system32\hticons.dll Fusion Cache [A ] 99. c:\windows\system32\mscoree.dll Web Folders [A ] 107. c:\program files\common files\microsoft shared\web folders\msonsext.dll Microsoft Office HTML Icon Handler [AM] 108. c:\program files\microsoft office\office11\msohev.dll avast [AM] 109. c:\program files\alwil software\avast4\ashshell.dll WinRAR shell extension [AM] 110. d:\解压\rarext.dll PicaView [A ] 111. d:\acdsee3.1\acdsee\picaview.dll UnlockerShellExtension [AM] 112. d:\删除软件\unlocker\unlockercom.dll Portable Media Devices [A ] 113. c:\windows\system32\audiodev.dll Portable Media Devices Menu [A ] 113. c:\windows\system32\audiodev.dll Portable Devices [A ] 114. c:\windows\system32\wpdshext.dll Portable Devices Menu [A ] 114. c:\windows\system32\wpdshext.dll 诺基亚手机浏览器 [AM] 115. d:\pcn81\nokia pc suite 7\phonebrowser.dll Haali Column Provider [AM] 104. c:\program files\haali\matroskasplitter\mmfinfo.dll + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad WPDShServiceObj [AM] 116. c:\windows\system32\wpdshserviceobj.dll + 开机执行 + HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order BootExecute [A ] 117. c:\windows\system32\kknative.exe + 映像劫持 + HKCR\.html htmlfile\Edit\Command [A ] 118. c:\program files\microsoft office\office11\msohtmed.exe htmlfile\Print\Command [A ] 118. c:\program files\microsoft office\office11\msohtmed.exe + HKCR\.htm htmlfile\Edit\Command [A ] 118. c:\program files\microsoft office\office11\msohtmed.exe htmlfile\Print\Command [A ] 118. c:\program files\microsoft office\office11\msohtmed.exe + HKCR\.log UltraEdit.log\open\Command [A ] 119. c:\program files\idm computer solutions\ultraedit\uedit32.exe UltraEdit.log\print\Command [A ] 119. c:\program files\idm computer solutions\ultraedit\uedit32.exe + HKCR\.js UltraEdit.js\open\Command [A ] 119. c:\program files\idm computer solutions\ultraedit\uedit32.exe UltraEdit.js\print\Command [A ] 119. c:\program files\idm computer solutions\ultraedit\uedit32.exe + HKCR\.mp3 QQMusic.mp3\QQMusic.1.Play\Command [A ] 120. d:\qqmusic\qqmusic.exe QQMusic.mp3\QQMusic.2.Add\Command [A ] 120. d:\qqmusic\qqmusic.exe + HKCR\.ini UltraEdit.ini\open\Command [A ] 119. c:\program files\idm computer solutions\ultraedit\uedit32.exe UltraEdit.ini\print\Command [A ] 119. c:\program files\idm computer solutions\ultraedit\uedit32.exe + 程序初始化和已知动态连接库 + HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows AppInit_DLLs [AM] 121. c:\windows\system32\kmon.dll + 打印机监控 + HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors Microsoft Document Imaging Writer Monitor [AM] 122. c:\windows\system32\mdimon.dll PCL hpz3l4x6 [AM] 123. c:\windows\system32\hpz3l4x6.dll + 其他自启动项目 + C:\Documents and Settings\Administrator\「开始」菜单\程序\启动 qq.exe [A ] 124. c:\documents and settings\administrator\「开始」菜单\程序\启动\qq.exe + C:\WINDOWS\Tasks SogouImeMgr.job [A ] 125. c:\program files\sogouinput\4.0.0.2088\pinyinrepair.exe + 正在运行的进程 + 000000e0(224) SCardSvr.exe 60000000[00074000] [AM] 121. c:\windows\system32\kmon.dll + 0000010c(268) svchost.exe + 00000150(336) ZCfgSvc.exe 00400000[00061000] [ M] 126. c:\windows\system32\zcfgsvc.exe 10000000[0003A000] [ M] 127. c:\windows\system32\pfmgrapi.dll 00380000[0002D000] [ M] 128. c:\windows\system32\psregapi.dll 00470000[0008D000] [ M] 129. c:\windows\system32\wconfig.dll 003B0000[0001C000] [ M] 130. c:\windows\system32\wifiadap.dll 00500000[000DF000] [ M] 131. c:\windows\system32\psguimgr.dll 005E0000[00037000] [ M] 132. c:\windows\system32\c1xstngs.dll 60000000[00074000] [AM] 121. c:\windows\system32\kmon.dll 01030000[00008000] [ M] 133. c:\program files\intel\prosetwireless\proset\chs\zcsvcchs.dll 01050000[00005000] [ M] 134. c:\program files\intel\prosetwireless\proset\chs\pmapichs.dll 01180000[00012000] [ M] 135. c:\windows\system32\s24mudll.dll 65780000[00023000] [ M] 136. c:\program files\alwil software\avast4\ahjsctns.dll 018F0000[00010000] [ M] 137. c:\program files\intel\prosetwireless\proset\chs\c1xstchs.dll + 0000018c(396) smss.exe + 000001d0(464) rundll32.exe 60000000[00074000] [AM] 121. c:\windows\system32\kmon.dll 65780000[00023000] [ M] 136. c:\program files\alwil software\avast4\ahjsctns.dll + 0000020c(524) Ati2evxx.exe 00400000[00062000] [AM] 3. c:\windows\system32\ati2evxx.exe 60000000[00074000] [AM] 121. c:\windows\system32\kmon.dll + 00000250(592) 1XConfig.exe 00400000[00030000] [ M] 138. c:\windows\system32\1xconfig.exe 10000000[000FF000] [ M] 139. c:\windows\system32\intelae5.dll 00370000[00024000] [ M] 140. c:\windows\system32\ssleay32.dll 00430000[000A1000] [ M] 141. c:\windows\system32\libeay32.dll 003A0000[0002D000] [ M] 128. c:\windows\system32\psregapi.dll 60000000[00074000] [AM] 121. c:\windows\system32\kmon.dll 65780000[00023000] [ M] 136. c:\program files\alwil software\avast4\ahjsctns.dll + 000002ac(684) Explorer.EXE 60000000[00074000] [AM] 121. c:\windows\system32\kmon.dll 65780000[00023000] [ M] 136. c:\program files\alwil software\avast4\ahjsctns.dll 164A0000[00023000] [AM] 116. c:\windows\system32\wpdshserviceobj.dll 72C80000[00008000] [ M] 142. c:\windows\system32\msacm32.drv 10000000[00099000] [AM] 115. d:\pcn81\nokia pc suite 7\phonebrowser.dll 01CB0000[000CA000] [ M] 143. d:\pcn81\nokia pc suite 7\ngscm.dll 01B80000[00006000] [ M] 144. d:\pcn81\nokia pc suite 7\lang\phonebrowser_chi-sc.nlr 02030000[0008E000] [ M] 145. d:\pcn81\nokia pc suite 7\resource\phonebrowser_nokia.ngr 109C0000[0002C000] [ M] 146. c:\windows\system32\portabledevicetypes.dll 10930000[00049000] [ M] 147. c:\windows\system32\portabledeviceapi.dll 014E0000[00006000] [AM] 112. d:\删除软件\unlocker\unlockercom.dll 01500000[0002E000] [AM] 110. d:\解压\rarext.dll 01530000[00019000] [ M] 148. c:\program files\idm computer solutions\ultraedit\ue32ctmn.dll 64F00000[00012000] [AM] 109. c:\program files\alwil software\avast4\ashshell.dll 02FE0000[0000F000] [AM] 104. c:\program files\haali\matroskasplitter\mmfinfo.dll 030D0000[0000B000] [ M] 149. c:\program files\haali\matroskasplitter\mkunicode.dll 03450000[0005B000] [AM] 105. c:\program files\common files\adobe\acrobat\activex\pdfshell.dll 037C0000[0004C000] [ M] 150. c:\program files\common files\adobe\acrobat\activex\pdfshell.chs 032A0000[00031000] [AM] 98. d:\迅雷\comdlls\xunleibho_now.dll 24240000[0000E000] [ M] 151. d:\迅雷\components\resworker\dsbho_01.dll 用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
ajx20001 初生襁褓狮帖子:5 注册: 2009-02-02 来自:	分享到：

ajx20001 初生襁褓狮帖子:5 注册: 2009-02-02 来自:	发表于： 2009-02-02 14:30 \| 只看楼主短消息资料字号：小中大 2楼网页被劫持（续） 241F0000[0001E000] [ M] 152. d:\迅雷\components\resworker\dataprocessor_01.dll 325C0000[00012000] [AM] 108. c:\program files\microsoft office\office11\msohev.dll + 000002b4(692) MDM.EXE 00400000[0004D000] [AM] 8. c:\program files\common files\microsoft shared\vs7debug\mdm.exe 60000000[00074000] [AM] 121. c:\windows\system32\kmon.dll 51810000[00006000] [ M] 153. c:\program files\common files\microsoft shared\vs7debug\2052\mdmui.dll + 00000350(848) svchost.exe 007B0000[00010000] [AM] 11. c:\windows\system32\hpzipm12.dll + 00000360(864) RegSrvc.exe 00400000[00021000] [AM] 12. c:\windows\system32\regsrvc.exe 60000000[00074000] [AM] 121. c:\windows\system32\kmon.dll + 00000374(884) csrss.exe + 0000039c(924) WScript.exe 60000000[00074000] [AM] 121. c:\windows\system32\kmon.dll 65780000[00023000] [ M] 136. c:\program files\alwil software\avast4\ahjsctns.dll 65700000[00018000] [ M] 154. c:\program files\alwil software\avast4\ahascr.dll 65000000[00038000] [ M] 155. c:\program files\alwil software\avast4\aavm4h.dll 65100000[00009000] [ M] 156. c:\program files\alwil software\avast4\aavmrpch.dll 7C340000[00056000] [ M] 157. c:\windows\system32\msvcr71.dll 64500000[00038000] [ M] 158. c:\program files\alwil software\avast4\ashbase.dll 7C3A0000[0007B000] [ M] 159. c:\windows\system32\msvcp71.dll 64000000[00016000] [ M] 160. c:\program files\alwil software\avast4\aswcmnos.dll 64080000[00020000] [ M] 161. c:\program files\alwil software\avast4\aswcmnb.dll 64100000[0002F000] [ M] 162. c:\program files\alwil software\avast4\aswcmns.dll 64800000[0001D000] [ M] 163. c:\program files\alwil software\avast4\ashtask.dll 64580000[000A2000] [ M] 164. c:\program files\alwil software\avast4\aswaux.dll 36D30000[0001B000] [ M] 165. c:\program files\microsoft office\office11\mcps.dll + 000003ac(940) aswUpdSv.exe 00400000[00006000] [AM] 2. c:\program files\alwil software\avast4\aswupdsv.exe 64100000[0002F000] [ M] 162. c:\program files\alwil software\avast4\aswcmns.dll 64000000[00016000] [ M] 160. c:\program files\alwil software\avast4\aswcmnos.dll 7C3A0000[0007B000] [ M] 159. c:\windows\system32\msvcp71.dll 7C340000[00056000] [ M] 157. c:\windows\system32\msvcr71.dll 64080000[00020000] [ M] 161. c:\program files\alwil software\avast4\aswcmnb.dll 60000000[00074000] [AM] 121. c:\windows\system32\kmon.dll + 0000040c(1036) winlogon.exe 10000000[00017000] [AM] 96. c:\windows\system32\ati2evxx.dll 015A0000[0001E000] [AM] 97. c:\windows\system32\lgnotify.dll 72C80000[00008000] [ M] 142. c:\windows\system32\msacm32.drv + 0000041c(1052) ashServ.exe 00400000[00026000] [AM] 4. c:\program files\alwil software\avast4\ashserv.exe 64580000[000A2000] [ M] 164. c:\program files\alwil software\avast4\aswaux.dll 7C3A0000[0007B000] [ M] 159. c:\windows\system32\msvcp71.dll 7C340000[00056000] [ M] 157. c:\windows\system32\msvcr71.dll 64080000[00020000] [ M] 161. c:\program files\alwil software\avast4\aswcmnb.dll 64000000[00016000] [ M] 160. c:\program files\alwil software\avast4\aswcmnos.dll 64280000[00136000] [ M] 166. c:\program files\alwil software\avast4\aswengin.dll 64200000[00015000] [ M] 167. c:\program files\alwil software\avast4\aswscan.dll 64100000[0002F000] [ M] 162. c:\program files\alwil software\avast4\aswcmns.dll 64500000[00038000] [ M] 158. c:\program files\alwil software\avast4\ashbase.dll 64800000[0001D000] [ M] 163. c:\program files\alwil software\avast4\ashtask.dll 64400000[00009000] [ M] 168. c:\program files\alwil software\avast4\aswinteg.dll 64A00000[00007000] [ M] 169. c:\program files\alwil software\avast4\aswidle.dll 65000000[00038000] [ M] 155. c:\program files\alwil software\avast4\aavm4h.dll 65100000[00009000] [ M] 156. c:\program files\alwil software\avast4\aavmrpch.dll 60000000[00074000] [AM] 121. c:\windows\system32\kmon.dll 66080000[0000B000] [ M] 170. c:\program files\alwil software\avast4\chineses\base.dll 65380000[0000C000] [ M] 171. c:\program files\alwil software\avast4\ahresmai.dll 65880000[0000C000] [ M] 172. c:\program files\alwil software\avast4\ahresmes.dll 65980000[0000D000] [ M] 173. c:\program files\alwil software\avast4\ahresns.dll 65280000[0000B000] [ M] 174. c:\program files\alwil software\avast4\ahresout.dll 658C0000[0000C000] [ M] 175. c:\program files\alwil software\avast4\ahresp2p.dll 65180000[0000E000] [ M] 176. c:\program files\alwil software\avast4\ahresstd.dll 65A00000[0000F000] [ M] 177. c:\program files\alwil software\avast4\ahresws.dll 65480000[00009000] [ M] 178. c:\program files\alwil software\avast4\ahresjs.dll 64880000[00039000] [ M] 179. c:\program files\alwil software\avast4\ashssqlt.dll 65780000[00023000] [ M] 136. c:\program files\alwil software\avast4\ahjsctns.dll 66000000[00024000] [ M] 180. c:\program files\alwil software\avast4\aswres.dll + 00000450(1104) alg.exe 60000000[00074000] [AM] 121. c:\windows\system32\kmon.dll + 000004d8(1240) services.exe + 000004e4(1252) lsass.exe + 0000056c(1388) spoolsv.exe 00AE0000[00008000] [AM] 122. c:\windows\system32\mdimon.dll 00AF0000[00021000] [AM] 123. c:\windows\system32\hpz3l4x6.dll 00E30000[00048000] [ M] 181. c:\windows\system32\spool\prtprocs\w32x86\hpzpp4x6.dll 00E90000[00008000] [ M] 182. c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll + 0000059c(1436) IEXPLORE.EXE 60000000[00074000] [AM] 121. c:\windows\system32\kmon.dll 65780000[00023000] [ M] 136. c:\program files\alwil software\avast4\ahjsctns.dll 10000000[00031000] [AM] 98. d:\迅雷\comdlls\xunleibho_now.dll 24240000[0000E000] [ M] 151. d:\迅雷\components\resworker\dsbho_01.dll 241F0000[0001E000] [ M] 152. d:\迅雷\components\resworker\dataprocessor_01.dll 02580000[00002000] [ M] 183. c:\program files\common files\microsoft shared\ink\penchs.dll 325C0000[00012000] [AM] 108. c:\program files\microsoft office\office11\msohev.dll 65700000[00018000] [ M] 154. c:\program files\alwil software\avast4\ahascr.dll 65000000[00038000] [ M] 155. c:\program files\alwil software\avast4\aavm4h.dll 65100000[00009000] [ M] 156. c:\program files\alwil software\avast4\aavmrpch.dll 7C340000[00056000] [ M] 157. c:\windows\system32\msvcr71.dll 64500000[00038000] [ M] 158. c:\program files\alwil software\avast4\ashbase.dll 7C3A0000[0007B000] [ M] 159. c:\windows\system32\msvcp71.dll 64000000[00016000] [ M] 160. c:\program files\alwil software\avast4\aswcmnos.dll 64080000[00020000] [ M] 161. c:\program files\alwil software\avast4\aswcmnb.dll 64100000[0002F000] [ M] 162. c:\program files\alwil software\avast4\aswcmns.dll 64800000[0001D000] [ M] 163. c:\program files\alwil software\avast4\ashtask.dll 64580000[000A2000] [ M] 164. c:\program files\alwil software\avast4\aswaux.dll 72C80000[00008000] [ M] 142. c:\windows\system32\msacm32.drv 30000000[003AF000] [ M] 184. c:\windows\system32\macromed\flash\flash9f.ocx 0AF80000[001E8000] [ M] 185. c:\windows\system32\sogoupy.ime + 000005bc(1468) Ati2evxx.exe 00400000[00062000] [AM] 3. c:\windows\system32\ati2evxx.exe 60000000[00074000] [AM] 121. c:\windows\system32\kmon.dll + 000005ec(1516) svchost.exe + 0000065c(1628) svchost.exe + 000006d4(1748) svchost.exe 50E60000[0000C000] [ M] 186. c:\windows\system32\wups2.dll + 00000730(1840) svchost.exe 20D40000[00010000] [AM] 15. c:\windows\system32\wudfsvc.dll 007B0000[0002B000] [ M] 187. c:\windows\system32\wudfplatform.dll + 0000079c(1948) S24EvMon.exe 00400000[0007F000] [AM] 13. c:\windows\system32\s24evmon.exe 60000000[00074000] [AM] 121. c:\windows\system32\kmon.dll + 000007b8(1976) svchost.exe 007B0000[0000E000] [AM] 9. c:\windows\system32\hpzinw12.dll + 000007f8(2040) svchost.exe + 00000958(2392) knownsvr.exe 00400000[00072000] [ M] 188. c:\program files\rising\antispyware\knownsvr.exe 10000000[00034000] [ M] 189. c:\program files\rising\antispyware\ncomm.dll 60000000[00074000] [AM] 121. c:\windows\system32\kmon.dll 00A90000[0002E000] [ M] 190. c:\program files\rising\antispyware\comx3.dll 00AC0000[00019000] [ M] 191. c:\program files\rising\antispyware\syslay.dll 65780000[00023000] [ M] 136. c:\program files\alwil software\avast4\ahjsctns.dll + 00000a04(2564) ashSimpl.exe 00400000[00025000] [ M] 192. c:\program files\alwil software\avast4\ashsimpl.exe 64500000[00038000] [ M] 158. c:\program files\alwil software\avast4\ashbase.dll 7C3A0000[0007B000] [ M] 159. c:\windows\system32\msvcp71.dll 7C340000[00056000] [ M] 157. c:\windows\system32\msvcr71.dll 64000000[00016000] [ M] 160. c:\program files\alwil software\avast4\aswcmnos.dll 64080000[00020000] [ M] 161. c:\program files\alwil software\avast4\aswcmnb.dll 64100000[0002F000] [ M] 162. c:\program files\alwil software\avast4\aswcmns.dll 64B00000[00051000] [ M] 193. c:\program files\alwil software\avast4\ashuint.dll 64C80000[000E0000] [ M] 194. c:\program files\alwil software\avast4\xt1922.dll 7C140000[00103000] [ M] 195. c:\windows\system32\mfc71.dll 64280000[00136000] [ M] 166. c:\program files\alwil software\avast4\aswengin.dll 64200000[00015000] [ M] 167. c:\program files\alwil software\avast4\aswscan.dll 64A00000[00007000] [ M] 169. c:\program files\alwil software\avast4\aswidle.dll 64800000[0001D000] [ M] 163. c:\program files\alwil software\avast4\ashtask.dll 64580000[000A2000] [ M] 164. c:\program files\alwil software\avast4\aswaux.dll 60000000[00074000] [AM] 121. c:\windows\system32\kmon.dll 65780000[00023000] [ M] 136. c:\program files\alwil software\avast4\ahjsctns.dll 66080000[0000B000] [ M] 170. c:\program files\alwil software\avast4\chineses\base.dll 66100000[00250000] [ M] 196. c:\program files\alwil software\avast4\chineses\lang.dll 10000000[0005D000] [ M] 197. c:\windows\system32\actskin4.ocx 64880000[00039000] [ M] 179. c:\program files\alwil software\avast4\ashssqlt.dll 65000000[00038000] [ M] 155. c:\program files\alwil software\avast4\aavm4h.dll 65100000[00009000] [ M] 156. c:\program files\alwil software\avast4\aavmrpch.dll 65400000[00011000] [ M] 198. c:\program files\alwil software\avast4\ahruimai.dll 65900000[0000A000] [ M] 199. c:\program files\alwil software\avast4\ahruimes.dll 659C0000[0000A000] [ M] 200. c:\program files\alwil software\avast4\ahruins.dll 65300000[00017000] [ M] 201. c:\program files\alwil software\avast4\ahruiout.dll 62060000[0001F000] [ M] 202. c:\windows\system32\mapi32.dll 65940000[0000A000] [ M] 203. c:\program files\alwil software\avast4\ahruip2p.dll 65200000[00011000] [ M] 204. c:\program files\alwil software\avast4\ahruistd.dll 65A40000[00012000] [ M] 205. c:\program files\alwil software\avast4\ahruiws.dll 65500000[00009000] [ M] 206. c:\program files\alwil software\avast4\ahruijs.dll 65700000[00018000] [ M] 154. c:\program files\alwil software\avast4\ahascr.dll 02620000[00002000] [ M] 183. c:\program files\common files\microsoft shared\ink\penchs.dll 72C80000[00008000] [ M] 142. c:\windows\system32\msacm32.drv 020D0000[00099000] [AM] 115. d:\pcn81\nokia pc suite 7\phonebrowser.dll 02220000[000CA000] [ M] 143. d:\pcn81\nokia pc suite 7\ngscm.dll 021B0000[00006000] [ M] 144. d:\pcn81\nokia pc suite 7\lang\phonebrowser_chi-sc.nlr 022F0000[0008E000] [ M] 145. d:\pcn81\nokia pc suite 7\resource\phonebrowser_nokia.ngr 66000000[00024000] [ M] 180. c:\program files\alwil software\avast4\aswres.dll + 00000a74(2676) conime.exe 60000000[00074000] [AM] 121. c:\windows\system32\kmon.dll 65780000[00023000] [ M] 136. c:\program files\alwil software\avast4\ahjsctns.dll + 00000b50(2896) ashMaiSv.exe 00400000[0003E000] [AM] 5. c:\program files\alwil software\avast4\ashmaisv.exe 64500000[00038000] [ M] 158. c:\program files\alwil software\avast4\ashbase.dll 7C3A0000[0007B000] [ M] 159. c:\windows\system32\msvcp71.dll 7C340000[00056000] [ M] 157. c:\windows\system32\msvcr71.dll 64000000[00016000] [ M] 160. c:\program files\alwil software\avast4\aswcmnos.dll 64080000[00020000] [ M] 161. c:\program files\alwil software\avast4\aswcmnb.dll 64100000[0002F000] [ M] 162. c:\program files\alwil software\avast4\aswcmns.dll 64800000[0001D000] [ M] 163. c:\program files\alwil software\avast4\ashtask.dll 64580000[000A2000] [ M] 164. c:\program files\alwil software\avast4\aswaux.dll 65000000[00038000] [ M] 155. c:\program files\alwil software\avast4\aavm4h.dll 65100000[00009000] [ M] 156. c:\program files\alwil software\avast4\aavmrpch.dll 65380000[0000C000] [ M] 171. c:\program files\alwil software\avast4\ahresmai.dll 60000000[00074000] [AM] 121. c:\windows\system32\kmon.dll 66080000[0000B000] [ M] 170. c:\program files\alwil software\avast4\chineses\base.dll 64280000[00136000] [ M] 166. c:\program files\alwil software\avast4\aswengin.dll 64200000[00015000] [ M] 167. c:\program files\alwil software\avast4\aswscan.dll 66100000[00250000] [ M] 196. c:\program files\alwil software\avast4\chineses\lang.dll 7C140000[00103000] [ M] 195. c:\windows\system32\mfc71.dll 66500000[0000B000] [ M] 207. c:\program files\alwil software\avast4\chineses\langmai.dll 65780000[00023000] [ M] 136. c:\program files\alwil software\avast4\ahjsctns.dll + 00000c00(3072) Ras.exe 00400000[0000B000] [ M] 208. c:\program files\rising\antispyware\ras.exe 7C140000[00103000] [ M] 209. c:\program files\rising\antispyware\mfc71.dll 7C340000[00056000] [ M] 210. c:\program files\rising\antispyware\msvcr71.dll 60000000[00074000] [AM] 121. c:\windows\system32\kmon.dll 65780000[00023000] [ M] 136. c:\program files\alwil software\avast4\ahjsctns.dll 10000000[00047000] [ M] 211. c:\program files\rising\antispyware\kakamgr.dll 7C3A0000[0007B000] [ M] 212. c:\program files\rising\antispyware\msvcp71.dll 00B80000[00019000] [ M] 191. c:\program files\rising\antispyware\syslay.dll 00BB0000[0001F000] [ M] 213. c:\program files\rising\antispyware\proccom.dll 00BD0000[00024000] [ M] 214. c:\program files\rising\antispyware\rscommx2.dll 00D20000[0002E000] [ M] 190. c:\program files\rising\antispyware\comx3.dll 00F90000[00058000] [ M] 215. c:\program files\rising\antispyware\dbmgr.dll 23800000[00022000] [ M] 216. c:\program files\rising\antispyware\rsxml.dll 010F0000[0002D000] [ M] 217. c:\program files\rising\antispyware\pweb.dll 01120000[000C1000] [ M] 218. c:\program files\rising\antispyware\pscan.dll 011F0000[00034000] [ M] 189. c:\program files\rising\antispyware\ncomm.dll 01250000[00070000] [ M] 219. c:\program files\rising\antispyware\pset.dll 012E0000[0002A000] [ M] 220. c:\program files\rising\antispyware\pdefend.dll 013A0000[000B6000] [ M] 221. c:\program files\rising\antispyware\ptools.dll 01560000[0008D000] [ M] 222. c:\program files\rising\antispyware\psysinfo.dll 23900000[00040000] [ M] 223. c:\program files\rising\antispyware\pngdll.dll 03410000[00002000] [ M] 183. c:\program files\common files\microsoft shared\ink\penchs.dll 65700000[00018000] [ M] 154. c:\program files\alwil software\avast4\ahascr.dll 65000000[00038000] [ M] 155. c:\program files\alwil software\avast4\aavm4h.dll 65100000[00009000] [ M] 156. c:\program files\alwil software\avast4\aavmrpch.dll 64500000[00038000] [ M] 158. c:\program files\alwil software\avast4\ashbase.dll 64000000[00016000] [ M] 160. c:\program files\alwil software\avast4\aswcmnos.dll 64080000[00020000] [ M] 161. c:\program files\alwil software\avast4\aswcmnb.dll 64100000[0002F000] [ M] 162. c:\program files\alwil software\avast4\aswcmns.dll 64800000[0001D000] [ M] 163. c:\program files\alwil software\avast4\ashtask.dll 64580000[000A2000] [ M] 164. c:\program files\alwil software\avast4\aswaux.dll 30000000[003AF000] [ M] 184. c:\windows\system32\macromed\flash\flash9f.ocx 72C80000[00008000] [ M] 142. c:\windows\system32\msacm32.drv 05450000[00085000] [ M] 224. c:\program files\rising\antispyware\kengine.dll 054E0000[00045000] [ M] 225. c:\program files\rising\antispyware\posttrt.dll 05730000[00010000] [ M] 226. c:\program files\rising\antispyware\kscanex.dll 05750000[0002F000] [ M] 227. c:\program files\rising\antispyware\engine.dll 05790000[00033000] [ M] 228. c:\program files\rising\antispyware\rsdialog.dll 03580000[00024000] [ M] 229. c:\program files\rising\antispyware\secscan.dll 035B0000[00018000] [ M] 230. c:\program files\rising\antispyware\secex.dll + 00000d2c(3372) ashWebSv.exe 00400000[00055000] [AM] 6. c:\program files\alwil software\avast4\ashwebsv.exe 64500000[00038000] [ M] 158. c:\program files\alwil software\avast4\ashbase.dll 7C3A0000[0007B000] [ M] 159. c:\windows\system32\msvcp71.dll 7C340000[00056000] [ M] 157. c:\windows\system32\msvcr71.dll 64000000[00016000] [ M] 160. c:\program files\alwil software\avast4\aswcmnos.dll 64080000[00020000] [ M] 161. c:\program files\alwil software\avast4\aswcmnb.dll 64100000[0002F000] [ M] 162. c:\program files\alwil software\avast4\aswcmns.dll 65000000[00038000] [ M] 155. c:\program files\alwil software\avast4\aavm4h.dll 65100000[00009000] [ M] 156. c:\program files\alwil software\avast4\aavmrpch.dll 64800000[0001D000] [ M] 163. c:\program files\alwil software\avast4\ashtask.dll 64580000[000A2000] [ M] 164. c:\program files\alwil software\avast4\aswaux.dll 60000000[00074000] [AM] 121. c:\windows\system32\kmon.dll 66080000[0000B000] [ M] 170. c:\program files\alwil software\avast4\chineses\base.dll 64280000[00136000] [ M] 166. c:\program files\alwil software\avast4\aswengin.dll 64200000[00015000] [ M] 167. c:\program files\alwil software\avast4\aswscan.dll 68300000[00013000] [ M] 231. c:\program files\alwil software\avast4\ashwsftr.dll 用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
ajx20001 初生襁褓狮帖子:5 注册: 2009-02-02 来自:

ajx20001 初生襁褓狮帖子:5 注册: 2009-02-02 来自:	发表于： 2009-02-02 14:31 \| 只看楼主短消息资料字号：小中大 3楼主页被劫持3 65A00000[0000F000] [ M] 177. c:\program files\alwil software\avast4\ahresws.dll + 00000f4c(3916) ctfmon.exe 60000000[00074000] [AM] 121. c:\windows\system32\kmon.dll 65780000[00023000] [ M] 136. c:\program files\alwil software\avast4\ahjsctns.dll + 00000f9c(3996) wuauclt.exe 60000000[00074000] [AM] 121. c:\windows\system32\kmon.dll 65780000[00023000] [ M] 136. c:\program files\alwil software\avast4\ahjsctns.dll 50E60000[0000C000] [ M] 186. c:\windows\system32\wups2.dll 用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
ajx20001 初生襁褓狮帖子:5 注册: 2009-02-02 来自:

银色灰烬瑞星客户俱乐部会员帖子:3212 注册: 2004-07-21 来自:	发表于： 2009-02-02 14:43 \| 短消息资料字号：小中大 4楼回复：网页被劫持楼主大哥，您能不能将日志发个TXT上来啊~~这让人怎么看啊使用System Repair Engineer扫描日志，将日志作为附件上传到反病毒/反流氓软件论坛上来。下载页面：http://www.kztechs.com/sreng/download.html 操作方法： 1、下载后解压缩，运行SREngPS.EXE； 2、如果无法打开尝试把SREngPS.EXE改名为123.com，并复制到c:\windows目录下运行； 3、依次点击【智能扫描】-【扫描】，耐心等待，扫描结束后点击【保存报告】； 4、选择保存路径，文件名保持默认，直接点击【保存】； 5、打开保存的日志文件SREngLOG.log，完整复制全部内容，新建一个文本文档，将日志中的全部内容粘贴到“新建文本文档.txt”中； 6、将“新建文本文档.txt”作为附件上传，同时务必详细描述问题现象，如果有查杀不净的病毒务必提供病毒名和路径。注意：扫描前请尽量关闭QQ、游戏、下载工具、媒体播放器等应用程序。
银色灰烬瑞星客户俱乐部会员帖子:3212 注册: 2004-07-21 来自:

ajx20001 初生襁褓狮帖子:5 注册: 2009-02-02 来自:	发表于： 2009-02-02 15:36 \| 只看楼主短消息资料字号：小中大 5楼主页被劫持，按照网友的说法发了日志网页被劫持主页被劫持为http://www.google.com.sohu.com.baidu.com.bibipv.cn/ren0w1la0lly0so1baidubaidubaidubaidubaidubaidubaidubaidubaidu.htm 运用了卡巴斯基，卡卡，瑞星，兔子，兵刃，网页保护神，注册表修改等数十种方法统统的不好使。主页可以修改，但是改过关闭后，再启动还是上述地址。附件: rslog.txt (2009-2-2 15:36:01, 50.01 K) 该附件被下载次数 349 用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
ajx20001 初生襁褓狮帖子:5 注册: 2009-02-02 来自:

backway 卡卡反病毒小组帖子:2473 注册: 2008-11-20 来自:	发表于： 2009-02-02 16:02 \| 短消息资料字号：小中大 6楼回复：网页被劫持下载sreng：http://download.kztechs.com/files/sreng2.zip 解压sreng2.zip-->打开SREngLdr.EXE-->勾选智能扫描、检查进程的数字签名-->扫描-->保存报告-->以附件形式上传扫描前请尽量关闭QQ、游戏、下载工具、媒体播放器等应用程序
backway 卡卡反病毒小组帖子:2473 注册: 2008-11-20 来自:

文物2 横据古稀狮帖子:9389 注册: 2004-04-07 来自:	发表于： 2009-02-02 17:04 \| 短消息资料字号：小中大 7楼回复：网页被劫持您可以下载SREng 打开后点智能扫描．勾选检查进程模块的数字签名，点扫描．把日志以log日志导出并作为附件贴到论坛里．第二楼见SREng操作方法如果SREng因病毒的干扰不能运行或扫描日志，您可以将SREng.exe改名为我爱小狮子.bat,我爱小狮子.com,我爱小狮子.scr. 对个人来讲，统计，仪器，高速的计算机可以让人们得到大量充裕的时间。这个社会中，更不可缺的是具备现代化的管理经验。
文物2 横据古稀狮帖子:9389 注册: 2004-04-07 来自:

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT