请各位大虾进来看一下！！谢谢 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛请各位大虾进来看一下！！谢谢

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

请各位大虾进来看一下！！谢谢

龙十一初生襁褓狮帖子:17 注册: 2005-07-21 来自:	发表于： 2006-04-22 21:32 \| 显示全部短消息资料字号：小中大 1楼请各位大虾进来看一下！！谢谢电脑打开网页后，网页会自动的跳出来，而且是很多很多，关也关不完，不知道是中了什么病毒。 2006-04-23 11:42:06
龙十一初生襁褓狮帖子:17 注册: 2005-07-21 来自:	分享到：

龙十一初生襁褓狮帖子:17 注册: 2005-07-21 来自:	发表于： 2006-04-22 21:58 \| 显示全部短消息资料字号：小中大 2楼 HijackThis@Qoo的扫描日志 V1.97.7 Scan saved at 21:56:08, on 2006-4-22 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS.0\System32\smss.exe C:\WINDOWS.0\system32\winlogon.exe C:\WINDOWS.0\system32\services.exe C:\WINDOWS.0\system32\lsass.exe C:\WINDOWS.0\system32\svchost.exe C:\Program Files\Rising\Rav\CCenter.exe C:\WINDOWS.0\System32\svchost.exe C:\Program Files\Rising\Rav\Ravmond.exe C:\WINDOWS.0\system32\spoolsv.exe C:\Program Files\Rising\Rav\RavStub.exe C:\WINDOWS.0\SYSTEM32\RUNDLL32.EXE C:\WINDOWS.0\System32\nvsvc32.exe C:\WINDOWS.0\Explorer.EXE C:\WINDOWS.0\SOUNDMAN.EXE C:\Program Files\Rising\Rav\RavTask.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Rising\Rav\Ravmon.exe C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe C:\PROGRA~2\Yahoo!\ASSIST~1\YLive.exe C:\PROGRA~2\Yahoo!\Assistant\yassistse.exe C:\WINDOWS.0\System32\ctfmon.exe C:\Program Files\广州城市热点资讯有限公司\Dr.COM 客户端软件\ishare_user.exe C:\Documents and Settings\quamtunlo.BILLGATES\桌面\HijackThis.exe C:\WINDOWS.0\System32\wuauclt.exe C:\WINDOWS.0\System32\wuauclt.exe R3 - URLSearchHook: O2 - BHO: wmpdrm - {0E674588-66B7-4E19-9D0E-2053B800F69F} - C:\WINDOWS.0\System32\wmpdrm.dll O2 - BHO: O2 - BHO: (no name) - {AE22AFE5-1EF4-4D25-9E23-D2825FB17DA1} - (no file) O2 - BHO: DownloadBHO T2BHO - {B1D147E7-873E-4909-8127-695D9BB78728} - C:\WINDOWS.0\Downloaded Program Files\barhelp24.0.dll O3 - Toolbar: ????? - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS.0\System32\msdxm.ocx O3 - Toolbar: ????? - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~2\Yahoo!\ASSIST~1\Assist\yasbar.dll O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS.0\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS.0\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS.0\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [Ins3DT] G:\INSTALL4\INS3DT.EXE O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [MS-4011 Memory Patch] E:\ O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [WinsSystem] C:\Program Files\Internet Explorer\syssmss.exe O4 - HKLM\..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe O4 - HKLM\..\Run: [bdupdate] C:\WINDOWS.0\System32\pqtt02.exe O4 - HKLM\..\Run: [KUCO] D:\ O4 - HKLM\..\Run: [spoolsv] C:\WINDOWS.0\System32\spoolsv\spoolsv.exe -printer O4 - HKLM\..\Run: [YLive.exe] C:\PROGRA~2\Yahoo!\ASSIST~1\YLive.exe O4 - HKLM\..\Run: [yassistse] "C:\PROGRA~2\Yahoo!\Assistant\yassistse.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS.0\System32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Startup: NTUSER.DAT O4 - Startup: ntuser.dat.LOG O4 - Startup: ntuser.ini O4 - Startup: gsview32.ini O4 - Startup: Maple9.ini O4 - Global Startup: ntuser.dat O4 - Global Startup: ntuser.dat.LOG O9 - Extra button: Related (HKLM) O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM) O16 - DPF: {2EA6D939-4445-43F1-A12B-8CB3DDA8B855} (BlueskyVideo Control) - http://www.bluesky.cn/download/v2_60.cab O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB O16 - DPF: {56A7DC70-E102-4408-A34A-AE06FEF01586} ( O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - http://fpdownload.macromedia.com/get/shockwave/cabs/flash/ultrashim.cab O16 - DPF: {991481A7-4669-4E15-8C24-100404E1F5CB} (Blueskyvoice Control) - http://www.bluesky.cn/download/blueskyvoice_60.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object*) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{3168A833-078C-4914-83EA-FF1232787D2E}: NameServer = 202.96.104.17,210.33.16.2 O17 - HKLM\System\CS1\Services\Tcpip\..\{3168A833-078C-4914-83EA-FF1232787D2E}: NameServer = 202.96.104.17,210.33.16.2 O17 - HKLM\System\CS2\Services\Tcpip\..\{3168A833-078C-4914-83EA-FF1232787D2E}: NameServer = 202.96.104.17,210.33.16.2 O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - %SystemRoot%\System32\mshtml.dll
龙十一初生襁褓狮帖子:17 注册: 2005-07-21 来自:

龙十一初生襁褓狮帖子:17 注册: 2005-07-21 来自:	发表于： 2006-04-22 21:58 \| 显示全部短消息资料字号：小中大 3楼 HijackThis@Qoo的扫描日志 V1.97.7 Scan saved at 21:56:08, on 2006-4-22 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS.0\System32\smss.exe C:\WINDOWS.0\system32\winlogon.exe C:\WINDOWS.0\system32\services.exe C:\WINDOWS.0\system32\lsass.exe C:\WINDOWS.0\system32\svchost.exe C:\Program Files\Rising\Rav\CCenter.exe C:\WINDOWS.0\System32\svchost.exe C:\Program Files\Rising\Rav\Ravmond.exe C:\WINDOWS.0\system32\spoolsv.exe C:\Program Files\Rising\Rav\RavStub.exe C:\WINDOWS.0\SYSTEM32\RUNDLL32.EXE C:\WINDOWS.0\System32\nvsvc32.exe C:\WINDOWS.0\Explorer.EXE C:\WINDOWS.0\SOUNDMAN.EXE C:\Program Files\Rising\Rav\RavTask.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Rising\Rav\Ravmon.exe C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe C:\PROGRA~2\Yahoo!\ASSIST~1\YLive.exe C:\PROGRA~2\Yahoo!\Assistant\yassistse.exe C:\WINDOWS.0\System32\ctfmon.exe C:\Program Files\广州城市热点资讯有限公司\Dr.COM 客户端软件\ishare_user.exe C:\Documents and Settings\quamtunlo.BILLGATES\桌面\HijackThis.exe C:\WINDOWS.0\System32\wuauclt.exe C:\WINDOWS.0\System32\wuauclt.exe R3 - URLSearchHook: O2 - BHO: wmpdrm - {0E674588-66B7-4E19-9D0E-2053B800F69F} - C:\WINDOWS.0\System32\wmpdrm.dll O2 - BHO: O2 - BHO: (no name) - {AE22AFE5-1EF4-4D25-9E23-D2825FB17DA1} - (no file) O2 - BHO: DownloadBHO T2BHO - {B1D147E7-873E-4909-8127-695D9BB78728} - C:\WINDOWS.0\Downloaded Program Files\barhelp24.0.dll O3 - Toolbar: ????? - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS.0\System32\msdxm.ocx O3 - Toolbar: ????? - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~2\Yahoo!\ASSIST~1\Assist\yasbar.dll O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS.0\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS.0\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS.0\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [Ins3DT] G:\INSTALL4\INS3DT.EXE O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [MS-4011 Memory Patch] E:\ O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [WinsSystem] C:\Program Files\Internet Explorer\syssmss.exe O4 - HKLM\..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe O4 - HKLM\..\Run: [bdupdate] C:\WINDOWS.0\System32\pqtt02.exe O4 - HKLM\..\Run: [KUCO] D:\ O4 - HKLM\..\Run: [spoolsv] C:\WINDOWS.0\System32\spoolsv\spoolsv.exe -printer O4 - HKLM\..\Run: [YLive.exe] C:\PROGRA~2\Yahoo!\ASSIST~1\YLive.exe O4 - HKLM\..\Run: [yassistse] "C:\PROGRA~2\Yahoo!\Assistant\yassistse.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS.0\System32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Startup: NTUSER.DAT O4 - Startup: ntuser.dat.LOG O4 - Startup: ntuser.ini O4 - Startup: gsview32.ini O4 - Startup: Maple9.ini O4 - Global Startup: ntuser.dat O4 - Global Startup: ntuser.dat.LOG O9 - Extra button: Related (HKLM) O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM) O16 - DPF: {2EA6D939-4445-43F1-A12B-8CB3DDA8B855} (BlueskyVideo Control) - http://www.bluesky.cn/download/v2_60.cab O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB O16 - DPF: {56A7DC70-E102-4408-A34A-AE06FEF01586} ( O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - http://fpdownload.macromedia.com/get/shockwave/cabs/flash/ultrashim.cab O16 - DPF: {991481A7-4669-4E15-8C24-100404E1F5CB} (Blueskyvoice Control) - http://www.bluesky.cn/download/blueskyvoice_60.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object*) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{3168A833-078C-4914-83EA-FF1232787D2E}: NameServer = 202.96.104.17,210.33.16.2 O17 - HKLM\System\CS1\Services\Tcpip\..\{3168A833-078C-4914-83EA-FF1232787D2E}: NameServer = 202.96.104.17,210.33.16.2 O17 - HKLM\System\CS2\Services\Tcpip\..\{3168A833-078C-4914-83EA-FF1232787D2E}: NameServer = 202.96.104.17,210.33.16.2 O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - %SystemRoot%\System32\mshtml.dll
龙十一初生襁褓狮帖子:17 注册: 2005-07-21 来自:

龙十一初生襁褓狮帖子:17 注册: 2005-07-21 来自:	发表于： 2006-04-23 10:07 \| 显示全部短消息资料字号：小中大 4楼谢谢，自己先搞一下，如果还不行，就把报告上传。
龙十一初生襁褓狮帖子:17 注册: 2005-07-21 来自:

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT