到底是不是中了落血了？？

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛到底是不是中了落血了？？

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1 / 1 页

跳转页

awewef 快乐黄口狮帖子:132 注册: 2005-05-17 来自:	发表于： 2006-09-06 12:06 \| 显示全部短消息资料字号：小中大 1楼到底是不是中了落血了？？ Logfile of HijackThis v1.99.1 Scan saved at 11:46:16, on 2006-9-6 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Unable to get Internet Explorer version! Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\csrss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\WINNT\System32\svchost.exe C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\svchost.exe C:\WINNT\Explorer.EXE C:\WINNT\system32\internat.exe F:\dzh\internet\hypmain.exe D:\ymStock\Stock.exe C:\WINNT\System32\svchost.exe F:\国远\JYCLIENT.EXE F:\国远\JYCLIENT.EXE C:\WINNT\system32\conime.exe c:\program files\internet explorer\iexplore.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE F:\Thunder\program\ThunderMini.exe F:\BitComet\BitComet_0.66\BitComet\BitComet.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Maxthon\Maxthon.exe F:\HijackThis.exe F2 - REG:system.ini: UserInit=C:\WINNT\system32\Userinit.exe O2 - BHO: ThunderMiniBHO - {8E6C1C49-F9CE-4311-9FB4-D70E8B0AEAEB} - F:\Thunder\ComDlls\XunLeiMiniBHO_001.dll O2 - BHO: DownloadBHO T2BHO - {B1D147E7-873E-4909-8127-695D9BB78728} - C:\WINNT\Downloaded Program Files\barhelp24.0.dll O2 - BHO: shdocvwhlp Class - {BE442802-3911-46E0-B227-076B15A4EAD3} - C:\WINNT\system32\mskey16.dll O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx O3 - Toolbar: 天下搜索 - {56A7DC70-E102-4408-A34A-AE06FEF01586} - C:\WINNT\Downloaded Program Files\iebar23.0.dll O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [Torjan Program] C:\WINNT\WINLOGON.EXE O4 - HKLM\..\Run: [Tray] C:\WINNT\command\rundll32.exe O4 - HKLM\..\Run: [zt] C:\Program Files\Intel\rundll32.exe O4 - HKCU\..\Run: [Internat.exe] internat.exe O8 - Extra context menu item: &使用迷你迅雷下载 - F:\Thunder\Program\GetUrl.htm O8 - Extra context menu item: 上传到QQ网络硬盘 - F:\qq\AddToNetDisk.htm O8 - Extra context menu item: 添加到QQ自定义面板 - F:\qq\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - F:\qq\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - F:\qq\SendMMS.htm O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - F:\qq\QQ.EXE (file missing) O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - F:\qq\QQ.EXE (file missing) O10 - Unknown file in Winsock LSP: c:\winnt\system32\yahoo_api60.dll O10 - Unknown file in Winsock LSP: c:\winnt\system32\yahoo_api60.dll O10 - Unknown file in Winsock LSP: c:\winnt\system32\yahoo_api60.dll O10 - Unknown file in Winsock LSP: c:\winnt\system32\yahoo_api60.dll O10 - Unknown file in Winsock LSP: c:\winnt\system32\yahoo_api60.dll O10 - Unknown file in Winsock LSP: c:\winnt\system32\yahoo_api60.dll O10 - Unknown file in Winsock LSP: c:\winnt\system32\yahoo_api60.dll O10 - Unknown file in Winsock LSP: c:\winnt\system32\yahoo_api60.dll O10 - Unknown file in Winsock LSP: c:\winnt\system32\yahoo_api60.dll O10 - Unknown file in Winsock LSP: c:\winnt\system32\yahoo_api60.dll O10 - Unknown file in Winsock LSP: c:\winnt\system32\yahoo_api60.dll O10 - Unknown file in Winsock LSP: c:\winnt\system32\yahoo_api60.dll O10 - Unknown file in Winsock LSP: c:\winnt\system32\yahoo_api60.dll O10 - Unknown file in Winsock LSP: c:\winnt\system32\yahoo_api60.dll O10 - Unknown file in Winsock LSP: c:\winnt\system32\yahoo_api60.dll O16 - DPF: {56A7DC70-E102-4408-A34A-AE06FEF01586} (天下搜索) - http://iebar.t2t2.com/iebar.cab O16 - DPF: {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (Rising Web Scan Object) - http://download.rising.com.cn/register/pcver/autoupgradepad/pcver2006new/OL2006.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{CE2C5932-C033-4766-A0D5-67CAF7AC3272}: NameServer = 202.109.15.135 202.96.209.134 O21 - SSODL: DLMon - {590498A3-4131-4D8F-BA4B-36791A0803B1} - C:\WINNT\system32\DLMain.dll O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: Gray_Pigeon_Server1.23 (GrayPigeonServer1.23) - Unknown owner - C:\WINNT\G_Server1.23.exe O23 - Service: Windows Server - Unknown owner - C:\WINNT\system32\wsi.exe 在c盘下也生成几个叫b8 c4 d5的文件。用江民专杀没查出毒 2006-09-06 16:51:12
awewef 快乐黄口狮帖子:132 注册: 2005-05-17 来自:	分享到：

awewef 快乐黄口狮帖子:132 注册: 2005-05-17 来自:	发表于： 2006-09-06 12:23 \| 显示全部短消息资料字号：小中大 2楼修复程序用什么修复？还有这次杀完之后，是不是不会中灰鸽子和落血了我现在什么防毒工具都没有，是不是能推荐下好的软件
awewef 快乐黄口狮帖子:132 注册: 2005-05-17 来自:

awewef 快乐黄口狮帖子:132 注册: 2005-05-17 来自:	发表于： 2006-09-06 13:29 \| 显示全部短消息资料字号：小中大 3楼现在就差怎么修复了，高手帮忙啊！！！
awewef 快乐黄口狮帖子:132 注册: 2005-05-17 来自:

快乐黄口狮

帖子:132
注册: 2005-05-17
来自:

发表于： 2006-09-06 16:44 | 显示全部 短消息资料

字号：小中大 4楼

引用:

修复
O2 - BHO: shdocvwhlp Class - {BE442802-3911-46E0-B227-076B15A4EAD3} - C:\WINNT\system32\mskey16.dll
O4 - HKLM\..\Run: [Tray] C:\WINNT\command\rundll32.exe
O4 - HKLM\..\Run: [zt] C:\Program Files\Intel\rundll32.exe
O21 - SSODL: DLMon - {590498A3-4131-4D8F-BA4B-36791A0803B1} - C:\WINNT\system32\DLMain.dll
删除
C:\WINNT\system32\mskey16.dll
C:\WINNT\command\rundll32.exe
C:\Program Files\Intel\rundll32.exe
C:\WINNT\system32\DLMain.dll
………………

到底用怎么修复呢？？新手不懂啊！

<<上一主题|下一主题>>

1 / 1 页

跳转页

awewef 快乐黄口狮帖子:132 注册: 2005-05-17 来自:	发表于： 2006-09-06 12:06 \| 显示全部短消息资料字号：小中大 1楼到底是不是中了落血了？？ Logfile of HijackThis v1.99.1 Scan saved at 11:46:16, on 2006-9-6 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Unable to get Internet Explorer version! Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\csrss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\WINNT\System32\svchost.exe C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\svchost.exe C:\WINNT\Explorer.EXE C:\WINNT\system32\internat.exe F:\dzh\internet\hypmain.exe D:\ymStock\Stock.exe C:\WINNT\System32\svchost.exe F:\国远\JYCLIENT.EXE F:\国远\JYCLIENT.EXE C:\WINNT\system32\conime.exe c:\program files\internet explorer\iexplore.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE F:\Thunder\program\ThunderMini.exe F:\BitComet\BitComet_0.66\BitComet\BitComet.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Maxthon\Maxthon.exe F:\HijackThis.exe F2 - REG:system.ini: UserInit=C:\WINNT\system32\Userinit.exe O2 - BHO: ThunderMiniBHO - {8E6C1C49-F9CE-4311-9FB4-D70E8B0AEAEB} - F:\Thunder\ComDlls\XunLeiMiniBHO_001.dll O2 - BHO: DownloadBHO T2BHO - {B1D147E7-873E-4909-8127-695D9BB78728} - C:\WINNT\Downloaded Program Files\barhelp24.0.dll O2 - BHO: shdocvwhlp Class - {BE442802-3911-46E0-B227-076B15A4EAD3} - C:\WINNT\system32\mskey16.dll O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx O3 - Toolbar: 天下搜索 - {56A7DC70-E102-4408-A34A-AE06FEF01586} - C:\WINNT\Downloaded Program Files\iebar23.0.dll O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [Torjan Program] C:\WINNT\WINLOGON.EXE O4 - HKLM\..\Run: [Tray] C:\WINNT\command\rundll32.exe O4 - HKLM\..\Run: [zt] C:\Program Files\Intel\rundll32.exe O4 - HKCU\..\Run: [Internat.exe] internat.exe O8 - Extra context menu item: &使用迷你迅雷下载 - F:\Thunder\Program\GetUrl.htm O8 - Extra context menu item: 上传到QQ网络硬盘 - F:\qq\AddToNetDisk.htm O8 - Extra context menu item: 添加到QQ自定义面板 - F:\qq\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - F:\qq\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - F:\qq\SendMMS.htm O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - F:\qq\QQ.EXE (file missing) O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - F:\qq\QQ.EXE (file missing) O10 - Unknown file in Winsock LSP: c:\winnt\system32\yahoo_api60.dll O10 - Unknown file in Winsock LSP: c:\winnt\system32\yahoo_api60.dll O10 - Unknown file in Winsock LSP: c:\winnt\system32\yahoo_api60.dll O10 - Unknown file in Winsock LSP: c:\winnt\system32\yahoo_api60.dll O10 - Unknown file in Winsock LSP: c:\winnt\system32\yahoo_api60.dll O10 - Unknown file in Winsock LSP: c:\winnt\system32\yahoo_api60.dll O10 - Unknown file in Winsock LSP: c:\winnt\system32\yahoo_api60.dll O10 - Unknown file in Winsock LSP: c:\winnt\system32\yahoo_api60.dll O10 - Unknown file in Winsock LSP: c:\winnt\system32\yahoo_api60.dll O10 - Unknown file in Winsock LSP: c:\winnt\system32\yahoo_api60.dll O10 - Unknown file in Winsock LSP: c:\winnt\system32\yahoo_api60.dll O10 - Unknown file in Winsock LSP: c:\winnt\system32\yahoo_api60.dll O10 - Unknown file in Winsock LSP: c:\winnt\system32\yahoo_api60.dll O10 - Unknown file in Winsock LSP: c:\winnt\system32\yahoo_api60.dll O10 - Unknown file in Winsock LSP: c:\winnt\system32\yahoo_api60.dll O16 - DPF: {56A7DC70-E102-4408-A34A-AE06FEF01586} (天下搜索) - http://iebar.t2t2.com/iebar.cab O16 - DPF: {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (Rising Web Scan Object) - http://download.rising.com.cn/register/pcver/autoupgradepad/pcver2006new/OL2006.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{CE2C5932-C033-4766-A0D5-67CAF7AC3272}: NameServer = 202.109.15.135 202.96.209.134 O21 - SSODL: DLMon - {590498A3-4131-4D8F-BA4B-36791A0803B1} - C:\WINNT\system32\DLMain.dll O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: Gray_Pigeon_Server1.23 (GrayPigeonServer1.23) - Unknown owner - C:\WINNT\G_Server1.23.exe O23 - Service: Windows Server - Unknown owner - C:\WINNT\system32\wsi.exe 在c盘下也生成几个叫b8 c4 d5的文件。用江民专杀没查出毒 2006-09-06 16:51:12
awewef 快乐黄口狮帖子:132 注册: 2005-05-17 来自:	分享到：

瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 到底是不是中了落血了？？

到底是不是中了落血了？？

到底是不是中了落血了？？

瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛到底是不是中了落血了？？