斑竹进！！！ - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛斑竹进！！！

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

斑竹进！！！

一般那撒拙长孩提狮帖子:63 注册: 2006-09-09 来自:	发表于： 2006-09-11 21:20 \| 显示全部短消息资料字号：小中大 1楼斑竹进！！！ HijackThis_zww汉化版扫描日志 V1.99.1 保存于 21:05:38, 日期 2006-9-11 操作系统： Windows XP SP2 (WinNT 5.01.2600) 浏览器： Internet Explorer v6.00 SP2 (6.00.2900.2180) 当前运行的进程： C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe c:\program files\rising\rfw\rfwsrv.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE c:\program files\rising\rfw\RfwMain.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\command\rundll32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\conime.exe C:\WINDOWS\system32\cmd.exe E:\工具外挂\浩方平台\HFGame3\GameClient.exe D:\辅助工具\扫描工具\HijackThis1991zww.exe F2 - REG:system.ini: UserInit=userinit.exe, O1 - Hosts: 59.34.197.239 www.baidu.com O1 - Hosts: 59.34.197.239 baidu.com O1 - Hosts: 59.34.197.239 www.sohu.com O1 - Hosts: 59.34.197.239 sohu.com O1 - Hosts: 59.34.197.239 www.sina.com O1 - Hosts: 59.34.197.239 sina.com O1 - Hosts: 59.34.197.239 www.sina.com.cn O1 - Hosts: 59.34.197.239 sina.com.cn O1 - Hosts: 59.34.197.239 www.163.com O1 - Hosts: 59.34.197.239 163.com O1 - Hosts: 59.34.197.239 www.google.com O1 - Hosts: 59.34.197.239 google.com O1 - Hosts: 59.34.197.239 www.qq.com O1 - Hosts: 59.34.197.239 qq.com O1 - Hosts: 59.34.197.239 www.hao123.com O1 - Hosts: 59.34.197.239 hao123.com O1 - Hosts: 59.34.197.239 ttlttt.com O1 - Hosts: 59.34.197.239 about:blank O2 - BHO: ThunderIEHelper - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v13.dll O2 - BHO: Ad Engine - {077FD0C3-1291-4104-A356-41E36B252682} - C:\Program Files\Yayad\AdCore.dll O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - D:\Program Files\Tencent\QQ\QQIEHelper.dll O2 - BHO: MAngle Class - {9A556B8F-FD02-420E-A1FD-9DB33808254E} - C:\Program Files\MySec\secmouseaan.dll O3 - IE工具栏增项: My 网蜜(&M) - {102293E4-758B-4483-946B-714EBCEC91B8} - C:\Program Files\MySec\secbaraan.dll O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE O4 - 启动项HKLM\\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - 启动项HKLM\\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - 启动项HKLM\\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup O4 - 启动项HKLM\\Run: [SECUPDATE] C:\Program Files\MySec\secupdateaan.exe -sv O4 - 启动项HKLM\\Run: [Tray] C:\WINDOWS\command\rundll32.exe O4 - 启动项HKLM\\RunOnce: [Rav] "C:\Program Files\Rising\Rav\Update\Setup.exe" /UNINSTALL /S /ONCE O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - IE右键菜单中的新增项目: !直接打开链接 - res://C:\Program Files\MySec\secmouseaan.dll/seopenurl.html O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - D:\Program Files\Tencent\QQ\AddToNetDisk.htm O8 - IE右键菜单中的新增项目: 使用百度搜索 - res://C:\Program Files\MySec\secmouseaan.dll/sesch_bd.html O8 - IE右键菜单中的新增项目: 使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\geturl.htm O8 - IE右键菜单中的新增项目: 使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\getallurl.htm O8 - IE右键菜单中的新增项目: 加入365ＭＹ收藏夹(&U) - http://www.365my.com/rclick/add_url.php O8 - IE右键菜单中的新增项目: 加入365ＭＹ网摘(&N) - http://www.365my.com/rclick/add_net.php O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - D:\Program Files\Tencent\QQ\AddPanel.htm O8 - IE右键菜单中的新增项目: 添加到QQ表情 - D:\Program Files\Tencent\QQ\AddEmotion.htm O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - D:\Program Files\Tencent\QQ\SendMMS.htm O9 - 浏览器额外的按钮: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-E800A446447A} - E:\工具外挂\浩方平台\HFGame3\GameClient.exe O9 - 浏览器额外的按钮: My网蜜 - {102293E4-758B-4483-946B-714EBCEC91B8} - C:\Program Files\MySec\secbaraan.dll O9 - 浏览器额外的“工具”菜单项: My网蜜 - {102293E4-758B-4483-946B-714EBCEC91B8} - C:\Program Files\MySec\secbaraan.dll O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Program 我还用另外个扫描工具扫描过请看斑竹进！！！2 2006-09-11 21:16:58
一般那撒拙长孩提狮帖子:63 注册: 2006-09-09 来自:	分享到：

一般那撒拙长孩提狮帖子:63 注册: 2006-09-09 来自:	发表于： 2006-09-11 21:25 \| 显示全部短消息资料字号：小中大 2楼这个是安装不起后，我取消安装的导出的日志 2006-09-11 16:55:42:859 SaveConfig... 2006-09-11 16:55:42:890 PatchConfig C:\Program Files\Rising\Rav\Update\RavOL.cfi... 2006-09-11 16:55:42:906 SaveConfig OK 2006-09-11 16:55:46:531 PreSetup RSCENTER 1 R=0 2006-09-11 16:55:46:531 PreSetup RAVTIMER 0 R=0 2006-09-11 16:55:46:531 PreSetup RSENGINE 0 R=0 2006-09-11 16:55:46:531 PreSetup RSCOMMON 0 R=0 2006-09-11 16:55:46:531 PreSetup RSMFC 0 R=0 2006-09-11 16:55:46:531 PreSetup RSGUI 0 R=0 2006-09-11 16:55:46:531 PreSetup SCANNER 0 R=0 2006-09-11 16:55:46:531 PreSetup RSSETUP 0 R=0 2006-09-11 16:55:46:531 PreSetup RAVCOPY 0 R=0 2006-09-11 16:55:46:531 PreSetup RSRAV 0 R=0 2006-09-11 16:55:46:531 PreSetup LOGORAV 0 R=0 2006-09-11 16:55:46:531 PreSetup OverOL 0 R=0 2006-09-11 16:55:46:531 PreSetup RSCONFIG 0 R=0 2006-09-11 16:55:46:531 PreSetup VIRUSLOG 1 R=0 2006-09-11 16:55:46:531 PreSetup MENUEXT 0 R=0 2006-09-11 16:55:46:531 PreSetup CFIOL 0 R=0 2006-09-11 16:55:46:531 PreSetup BDENGINE 1 R=0 2006-09-11 16:55:46:531 PreSetup RSPLUGIN 0 R=0 2006-09-11 16:55:46:531 PreSetup INBUILD 1 R=0 2006-09-11 16:55:46:531 PreSetup PLUGGROUP 0 R=0 2006-09-11 16:55:46:531 PreSetup RSSTORE 0 R=0 2006-09-11 16:55:46:531 PreSetup SCANBD 1 R=0 2006-09-11 16:55:46:531 PreSetup RSHDBACK 0 R=0 2006-09-11 16:55:46:531 PreSetup BACKRAV 0 R=0 2006-09-11 16:55:46:531 PreSetup RSREGRPR 0 R=0 2006-09-11 16:55:46:546 PreSetup RSAGENT 1 R=0 2006-09-11 16:55:46:546 PreSetup RSTOOLS 0 R=0 2006-09-11 16:55:46:546 PreSetup VIRSBASE 0 R=0 2006-09-11 16:55:46:562 PreSetup RSVPATCH 1 R=0 2006-09-11 16:55:46:562 PreSetup VIRUSREP 0 R=0 2006-09-11 16:55:46:562 PreSetup RSLAGCHS 0 R=0 2006-09-11 16:55:46:562 PreSetup RSLANGUAGE 0 R=0 2006-09-11 16:55:46:562 PreSetup RSSKIN1 0 R=0 2006-09-11 16:55:46:562 PreSetup RSSKIN2 0 R=0 2006-09-11 16:55:46:562 PreSetup RSSKIN3 0 R=0 2006-09-11 16:55:46:562 PreSetup RSSKIN 0 R=0 2006-09-11 16:55:46:562 PreSetup RSRESOURCE 0 R=0 2006-09-11 16:55:46:562 PreSetup RSWEB 0 R=0 2006-09-11 16:55:46:562 PreSetup RSOTHERS 0 R=0 2006-09-11 16:55:46:593 Install RSCENTER R=0 2006-09-11 16:55:46:593 Install RAVTIMER R=0 2006-09-11 16:55:46:734 Install RSENGINE R=0 2006-09-11 16:55:46:750 Install RSCOMMON R=0 2006-09-11 16:55:46:843 Install RSMFC R=0 2006-09-11 16:55:46:875 Install RSGUI R=0 2006-09-11 16:55:46:890 Install SCANNER R=0 2006-09-11 16:55:47:234 Install RSSETUP R=0 2006-09-11 16:55:47:250 Install RAVCOPY R=0 2006-09-11 16:55:47:343 Install RSRAV R=0 2006-09-11 16:55:47:406 Install LOGORAV R=0 2006-09-11 16:55:47:531 Install OverOL R=0 2006-09-11 16:55:47:578 Install RSCONFIG R=0 2006-09-11 16:55:47:625 Install VIRUSLOG R=0 2006-09-11 16:55:47:781 Install MENUEXT R=0 2006-09-11 16:55:47:796 Install CFIOL R=0 2006-09-11 16:55:47:812 Install BDENGINE R=0 2006-09-11 16:55:47:828 Install RSPLUGIN R=0 2006-09-11 16:55:47:843 Install INBUILD R=0 2006-09-11 16:55:47:843 Install PLUGGROUP R=0 2006-09-11 16:55:47:875 Install RSSTORE R=0 2006-09-11 16:55:47:921 Install SCANBD R=0 2006-09-11 16:55:47:953 Install RSHDBACK R=0 2006-09-11 16:55:47:953 Install BACKRAV R=0 2006-09-11 16:55:47:968 Install RSREGRPR R=0 2006-09-11 16:55:48:093 Install RSAGENT R=0 2006-09-11 16:55:48:093 Install RSTOOLS R=0 2006-09-11 16:55:48:109 Install VIRSBASE R=0 2006-09-11 16:55:48:312 Install RSVPATCH R=0 2006-09-11 16:55:48:343 Install VIRUSREP R=0 2006-09-11 16:55:48:531 Install RSLAGCHS R=0 2006-09-11 16:55:48:531 Install RSLANGUAGE R=0 2006-09-11 16:55:49:187 Install RSSKIN1 R=0 2006-09-11 16:55:49:437 Install RSSKIN2 R=0 2006-09-11 16:55:49:781 Install RSSKIN3 R=0 2006-09-11 16:55:49:781 Install RSSKIN R=0 2006-09-11 16:55:49:796 Install RSRESOURCE R=0 2006-09-11 16:55:49:796 Install RSWEB R=0 2006-09-11 16:55:49:796 Install RSOTHERS R=0 2006-09-11 16:56:03:921 TailSetup RSCENTER 1 R=1 2006-09-11 16:56:03:921 TailSetup RAVTIMER 1 R=0 2006-09-11 16:56:03:921 TailSetup RSENGINE 1 R=0 2006-09-11 16:56:03:921 TailSetup RSCOMMON 1 R=0 2006-09-11 16:56:03:921 TailSetup RSMFC 1 R=0 2006-09-11 16:56:03:921 TailSetup RSGUI 1 R=0 2006-09-11 16:56:03:921 TailSetup SCANNER 1 R=0 2006-09-11 16:56:03:937 TailSetup RSSETUP 1 R=0 2006-09-11 16:56:03:937 TailSetup RAVCOPY 1 R=0 2006-09-11 16:56:03:937 TailSetup RSRAV 1 R=0 2006-09-11 16:56:03:937 TailSetup LOGORAV 1 R=0 2006-09-11 16:56:03:937 TailSetup OverOL 1 R=0 2006-09-11 16:56:03:937 TailSetup RSCONFIG 1 R=0 2006-09-11 16:56:03:968 TailSetup VIRUSLOG 1 R=0 2006-09-11 16:56:03:968 TailSetup MENUEXT 1 R=0 2006-09-11 16:56:03:968 TailSetup CFIOL 1 R=0 2006-09-11 16:56:03:984 TailSetup BDENGINE 1 R=0 2006-09-11 16:56:03:984 TailSetup RSPLUGIN 1 R=0 2006-09-11 16:56:04:062 TailSetup INBUILD 1 R=0 2006-09-11 16:56:04:062 TailSetup PLUGGROUP 1 R=0 2006-09-11 16:56:04:062 TailSetup RSSTORE 1 R=0 2006-09-11 16:56:04:062 TailSetup SCANBD 1 R=0 2006-09-11 16:56:04:062 TailSetup RSHDBACK 1 R=0 2006-09-11 16:56:04:078 TailSetup BACKRAV 1 R=0 2006-09-11 16:56:04:078 TailSetup RSREGRPR 1 R=0 2006-09-11 16:56:04:093 TailSetup RSAGENT 1 R=0 2006-09-11 16:56:04:093 TailSetup RSTOOLS 1 R=0 2006-09-11 16:56:04:093 TailSetup VIRSBASE 1 R=0 2006-09-11 16:56:18:296 TailSetup RSVPATCH 1 R=0 2006-09-11 16:56:18:296 TailSetup VIRUSREP 1 R=0 2006-09-11 16:56:18:312 TailSetup RSLAGCHS 1 R=0 2006-09-11 16:56:18:312 TailSetup RSLANGUAGE 1 R=0 2006-09-11 16:56:18:312 TailSetup RSSKIN1 1 R=0 2006-09-11 16:56:18:312 TailSetup RSSKIN2 1 R=0 2006-09-11 16:56:18:312 TailSetup RSSKIN3 1 R=0 2006-09-11 16:56:18:312 TailSetup RSSKIN 1 R=0 2006-09-11 16:56:18:328 TailSetup RSRESOURCE 1 R=0 2006-09-11 16:56:18:328 TailSetup RSWEB 1 R=0 2006-09-11 16:56:18:328 TailSetup RSOTHERS 1 R=0 2006-09-11 16:56:18:375 OnTailSetup 2006-09-11 16:56:18:375 UpdateVersionInfo 2006-09-11 16:56:18:375 CloseAllXP 2006-09-11 16:56:18:375 4 Result:1 Reboot:1 2006-09-11 16:56:18:390 OnMissionCompleted:1 2006-09-11 16:57:20:421 SaveConfig... 2006-09-11 16:57:20:453 PatchConfig C:\Program Files\Rising\Rav\Update\RavOL.cfi... 2006-09-11 16:57:20:484 SaveConfig OK 2006-09-11 16:57:20:484 RemoveUpFolder 2006-09-11 16:57:20:515 OnTailSetup 2006-09-11 16:57:20:515 UpdateVersionInfo 2006-09-11 16:57:21:015 CloseAllXP 2006-09-11 16:57:21:015 4 Result:1 Reboot:0 2006-09-11 16:57:21:015 OnMissionCompleted:1 2006-09-11 16:58:00:218 PreSetup MCENTER 1 R=0 2006-09-11 16:58:00:218 PreSetup FWBASE2K 1 R=0 2006-09-11 16:58:00:218 PreSetup FWBASENT 1 R=0 2006-09-11 16:58:00:218 PreSetup CRAVSTUB 0 R=0 2006-09-11 16:58:00:218 PreSetup MONFILE 0 R=0 2006-09-11 16:58:00:218 PreSetup MONMAIL 0 R=0 2006-09-11 16:58:00:218 PreSetup MONMEMO 0 R=0 2006-09-11 16:58:00:218 PreSetup MONREG 0 R=0 2006-09-11 16:58:00:218 PreSetup MONLEAK 0 R=0 2006-09-11 16:58:00:218 PreSetup MONWEB 1 R=0 2006-09-11 16:58:00:343 Install MCENTER R=0 2006-09-11 16:58:00:343 Install FWBASE2K R=0 2006-09-11 16:58:00:359 Install FWBASENT R=0 2006-09-11 16:58:00:375 Install CRAVSTUB R=0 2006-09-11 16:58:00:390 Install MONFILE R=0 2006-09-11 16:58:00:406 Install MONMAIL R=0 2006-09-11 16:58:00:421 Install MONMEMO R=0 2006-09-11 16:58:00:437 Install MONREG R=0 2006-09-11 16:58:00:437 Install MONLEAK R=0 2006-09-11 16:58:00:453 Install MONWEB R=0 2006-09-11 16:59:05:140 TailSetup MCENTER 0 R=0 2006-09-11 16:59:05:140 7 Result:0 Reboot:0 2006-09-11 16:59:05:140 OnMissionCompleted:0安全模式下用瑞星查到Trojian.PSW.QQPass 刚才我用橙色八月又查到它了 C：/RPOGRAM FILES/INTERNET EXPLORER/3SY.EXE Trojian.PSW.QQPass(疑似) 已清除 C：/RPOGRAM FILES/INTERNET EXPLORER/PLUGINS/SYS... Trojian.PSW.QQPass(疑似) 已清除 C:/DOCUMENTS AND SETTINGS/YZ/LOCAL SETTINGS/TE... Trojian.PSW.QQPass(疑似) 已清除直接把上3个文件含毒的文件删除行么？会有什么影响？
一般那撒拙长孩提狮帖子:63 注册: 2006-09-09 来自:

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT