我的IE打开网页后我的系统就变得怎么慢.请看看我的日志谢谢 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛我的IE打开网页后我的系统就变得怎么慢.请看看我的日志谢谢

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

我的IE打开网页后我的系统就变得怎么慢.请看看我的日志谢谢

billgate 初生襁褓狮帖子:47 注册: 2005-01-18 来自:	发表于： 2006-02-25 11:39 \| 只看楼主短消息资料字号：小中大 1楼我的IE打开网页后我的系统就变得怎么慢.请看看我的日志谢谢 Logfile of HijackThis v1.99.1 Scan saved at 11:21:58, on 2006-2-25 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe G:\Rising\Rav\CCenter.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\logonui.exe G:\Rising\Rav\Ravmond.exe g:\rising\rfw\rfwsrv.exe G:\d-tool\daemon.exe C:\WINDOWS\SOUNDMAN.EXE G:\Rising\Rav\RavTask.exe G:\补丁\Clock.exe G:\Rising\Rfw\rfwmain.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\System32\RUNDLL32.EXE C:\WINDOWS\System32\ctfmon.exe C:\WINDOWS\system32\spoolsv.exe G:\Rising\Rav\Ravmon.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\Rmd.exe G:\Rising\Rav\RavStub.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\explorer.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe G:\were\WinRAR.exe C:\DOCUME~1\wcc\LOCALS~1\Temp\Rar$EX00.125\HijackThis.exe O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file) O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - G:\FLASHGET\fgiebar.dll O3 - Toolbar: (no name) - {DBBB7978-AF21-4EF4-9AD1-B2F4BC75696C} - (no file) O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [DAEMON Tools-1033] "G:\d-tool\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [RavTask] "G:\Rising\Rav\RavTask.exe" -system O4 - HKLM\..\Run: [Cartoon Clock] G:\补丁\Clock.exe O4 - HKLM\..\Run: [RfwMain] "G:\Rising\Rfw\rfwmain.exe" -Startup O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - Startup: 腾讯QQ.lnk = G:\qq\QQ.exe O4 - Global Startup: Microsoft Office.lnk = G:\Office\OSA9.EXE O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &Download by NetAnts - G:\PROGRA~1\NETANTS\NAGet.htm O8 - Extra context menu item: Download &All by NetAnts - G:\PROGRA~1\NETANTS\NAGetAll.htm O8 - Extra context menu item: 上传到QQ网络硬盘 - G:\qq\AddToNetDisk.htm O8 - Extra context menu item: 下载页面上的ED2(&K)链接 - G:\新建文件夹 (2)\eMule\ed2k.html O8 - Extra context menu item: 使用网际快车下载 - G:\FLASHGET\jc_link.htm O8 - Extra context menu item: 使用网际快车下载全部链接 - G:\FLASHGET\jc_all.htm O8 - Extra context menu item: 添加到QQ自定义面板 - G:\qq\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - G:\qq\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - G:\qq\SendMMS.htm O9 - Extra button: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-E800A446447A} - G:\浩方\GameClient.exe O9 - Extra button: NetAnts - {57E91B47-F40A-11D1-B792-444553540000} - G:\PROGRA~1\NETANTS\NetAnts.exe (file missing) O9 - Extra 'Tools' menuitem: &NetAnts - {57E91B47-F40A-11D1-B792-444553540000} - G:\PROGRA~1\NETANTS\NetAnts.exe (file missing) O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - G:\qq\QQ.EXE O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - G:\qq\QQ.EXE O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - G:\FLASHGET\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - G:\FLASHGET\flashget.exe O16 - DPF: {AC036CB4-328D-4DB4-A707-4147B6C20266} (YLauncher Class) - http://et.263.net/realplayer/ephTool.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{0AFBC047-D9B6-4EAC-A195-257B6F6FD814}: NameServer = 218.108.248.245 218.108.245.157 O17 - HKLM\System\CS1\Services\Tcpip\..\{0AFBC047-D9B6-4EAC-A195-257B6F6FD814}: NameServer = 218.108.248.245 218.108.245.157 O18 - Protocol: dynascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Rising Proxy Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - g:\rising\rfw\rfwproxy.exe O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - g:\rising\rfw\rfwsrv.exe O23 - Service: Remote Machine Debug (rmd) - Unknown owner - C:\WINDOWS\System32\Rmd.exe O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - G:\Rising\Rav\CCenter.exe O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - G:\Rising\Rav\Ravmond.exe O23 - Service: Security Agent Service (sas) - Unknown owner - C:\WINDOWS\svchost.exe (file missing) 2006-02-25 13:35:23
billgate 初生襁褓狮帖子:47 注册: 2005-01-18 来自:	分享到：

天使之剑社区嘉宾帖子:2961 注册: 2005-09-15 来自:	发表于： 2006-02-25 11:52 \| 短消息资料字号：小中大 2楼【回复“billgate”的帖子】请楼主使用下面的两个多引擎扫描器扫描下列文件： C:\WINDOWS\System32\Rmd.exe 多引擎扫描之Virustotal： http://www.virustotal.com/ 多引擎扫描之Jotti： http://virusscan.jotti.org/ 请务必将报告贴全。
天使之剑社区嘉宾帖子:2961 注册: 2005-09-15 来自:

billgate 初生襁褓狮帖子:47 注册: 2005-01-18 来自:	发表于： 2006-02-25 12:10 \| 只看楼主短消息资料字号：小中大 3楼这两个软件怎么用全部是英文我有点不明白请指教一下可以详细说明一下谢谢
billgate 初生襁褓狮帖子:47 注册: 2005-01-18 来自:

社区嘉宾

帖子:2961
注册: 2005-09-15
来自:

发表于： 2006-02-25 12:14 | 短消息资料

字号：小中大 4楼

引用:

【billgate的贴子】这两个软件怎么用全部是英文我有点不明白请指教一下可以详细说明一下谢谢
...........................

请楼主将C:\WINDOWS\System32\Rmd.exe复制粘贴到上述两个网页的文本框中并按发送，如此扫描将自动开始。

gototop

billgate 初生襁褓狮帖子:47 注册: 2005-01-18 来自:	发表于： 2006-02-25 12:25 \| 只看楼主短消息资料字号：小中大 5楼第一个报告如下 This is a report processed by VirusTotal on 02/25/2006 at 05:19:16 (CET) after scanning the file "Rmd.exe" file. Antivirus Version Update Result AntiVir 6.33.1.50 02.24.2006 no virus found Avast 4.6.695.0 02.20.2006 no virus found AVG 718 02.24.2006 no virus found Avira 6.33.1.50 02.24.2006 no virus found BitDefender 7.2 02.25.2006 no virus found CAT-QuickHeal 8.00 02.24.2006 no virus found ClamAV devel-20060126 02.24.2006 no virus found DrWeb 4.33 02.24.2006 BACKDOOR.Trojan eTrust-InoculateIT 23.71.86 02.25.2006 no virus found eTrust-Vet 12.4.2095 02.24.2006 no virus found Ewido 3.5 02.24.2006 no virus found Fortinet 2.71.0.0 02.25.2006 no virus found F-Prot 3.16c 02.24.2006 could be infected with an unknown virus Ikarus 0.2.59.0 02.24.2006 no virus found Kaspersky 4.0.2.24 02.25.2006 no virus found McAfee 4705 02.24.2006 no virus found NOD32v2 1.1418 02.24.2006 probably unknown NewHeur_PE virus Norman 5.70.10 02.24.2006 no virus found Panda 9.0.0.4 02.25.2006 Suspicious file Sophos 4.02.0 02.25.2006 no virus found Symantec 8.0 02.25.2006 no virus found TheHacker 5.9.4.102 02.24.2006 no virus found UNA 1.83 02.24.2006 no virus found VBA32 3.10.5 02.24.2006 no virus found VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware. 第二份报告如下 Service load: 0% 100% File: Rmd.exe Status: POSSIBLY INFECTED/MALWARE (Note: this file was only flagged as malware by heuristic detection(s). This might be a false positive. Therefore, results of this scan will not be stored in the database) MD5 41eb1e4831763c9e55919df9a3d4405b Packers detected: - Scanner results AntiVir Found nothing ArcaVir Found nothing Avast Found nothing AVG Antivirus Found nothing BitDefender Found nothing ClamAV Found nothing Dr.Web Found BACKDOOR.Trojan (probable variant) F-Prot Antivirus Found unknown virus (probable variant) Fortinet Found nothing Kaspersky Anti-Virus Found nothing NOD32 Found probably unknown NewHeur_PE (probable variant) Norman Virus Control Found nothing UNA Found nothing VBA32 Found nothing Last file scanned at least one scanner reported something about: 劲舞团最新自由模式1.0版.exe, detected by: Scanner Malware name AntiVir X ArcaVir X Avast X AVG Antivirus X BitDefender Generic.Malware.Fdld.3D40B2DF ClamAV X Dr.Web X F-Prot Antivirus X Fortinet X Kaspersky Anti-Virus X NOD32 X Norman Virus Control X UNA X VBA32 Malw 请看看谢谢在线等待
billgate 初生襁褓狮帖子:47 注册: 2005-01-18 来自:

天使之剑社区嘉宾帖子:2961 注册: 2005-09-15 来自:	发表于： 2006-02-25 12:32 \| 短消息资料字号：小中大 6楼【回复“billgate”的帖子】清空IE临时文件，暂时关闭系统还原。重新启动至安全模式，关闭所有不必要的窗口，使用HijackThis扫描后修复（在需要修复的项目前面打对勾，然后按“Fix checked”或“修复”，修复前会询问您是否需要备份，请选择“Yes”或“是”）： O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O23 - Service: Remote Machine Debug (rmd) - Unknown owner - C:\WINDOWS\System32\Rmd.exe 重新启动计算机，显示隐藏文件和系统文件，删除（如果存在的话）： C:\WINDOWS\System32\Rmd.exe 待修复完成，如果问题依旧，请继续跟帖说明情况。以上建议仅供参考，如果您认识其中的一些设置抑或是您的手动设置，就不必执行。
天使之剑社区嘉宾帖子:2961 注册: 2005-09-15 来自:

billgate 初生襁褓狮帖子:47 注册: 2005-01-18 来自:	发表于： 2006-02-25 13:35 \| 只看楼主短消息资料字号：小中大 7楼使用HijackThis扫描是WINDOWS 下还是在安全模式下呀还有我的系统文件下没有这个文件的请大家帮忙
billgate 初生襁褓狮帖子:47 注册: 2005-01-18 来自:

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT