高手来帮忙看看.我机子有没有问题哦? - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛高手来帮忙看看.我机子有没有问题哦?

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

12 3

1 / 3 页

跳转页

高手来帮忙看看.我机子有没有问题哦?

菜鸟飞飞219 初生襁褓狮帖子:88 注册: 2006-04-13 来自:	发表于： 2006-04-13 19:23 \| 只看楼主短消息资料字号：小中大 1楼高手来帮忙看看.我机子有没有问题哦? HijackThis@Qoo的扫描日志 V1.97.7 Scan saved at 19:01:19, on 2006-4-13 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\csrss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\Program Files\Rising\Rav\CCenter.exe C:\Program Files\Rising\Rav\Ravmond.exe C:\WINNT\system32\spoolsv.exe C:\WINNT\system32\svchost.exe C:\WINNT\System32\llssrv.exe C:\WINNT\SYSTEM32\RUNDLL32.EXE C:\WINNT\system32\oodag.exe C:\WINNT\system32\MSTask.exe C:\Program Files\Rainbow Technologies\SPN Combo Installer\1.0.5\Server\WinNT\spnsrvnt.exe C:\Program Files\Rising\Rav\RavStub.exe C:\WINNT\System32\svchost.exe C:\Program Files\Common Files\COMM\Network.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\Dfssvc.exe C:\WINNT\system32\inetsrv\inetinfo.exe C:\WINNT\system32\msdtc.exe C:\WINNT\Explorer.EXE C:\WINNT\wt\updater\wcmdmgr.exe C:\Program Files\Rising\Rav\RavTask.exe C:\Program Files\Rising\Rav\Ravmon.exe C:\Program Files\Common Files\UPDAT\Update.exe C:\WINNT\system32\internat.exe E:\Program Files\Netease\popo2004\popo.exe C:\WINNT\system32\dllhost.exe E:\Program Files\Tencent\qq\TIMPlatform.exe C:\WINNT\system32\res.exe C:\WINNT\system32\conime.exe C:\WINNT\system32\taskmgr.exe C:\WINNT\explorer.exe E:\Program Files\Tencent\qq\QQ.exe C:\WINNT\system32\Rundll32.exe D:\WuSoft\Wumis\wumis.exe C:\WINNT\system32\rundll32.exe E:\Program Files\Tencent\qq\QQ.exe C:\Program Files\Internet Explorer\iexplore.exe F:\HijackThis.exe C:\WINNT\system32\Notepad.exe O1 - Hosts: 59.34.216.223 www.paodian.net O1 - Hosts: 59.34.216.223 paodian.net O1 - Hosts: 59.34.216.223 369q.com O1 - Hosts: 59.34.216.223 www.369q.com O1 - Hosts: 59.34.216.223 www.30ok.com O1 - Hosts: 59.34.216.223 cq.30ok.com O1 - Hosts: 59.34.216.223 www.176g.com O1 - Hosts: 59.34.216.223 www.guacq.com O1 - Hosts: 59.34.216.223 guacq.com O1 - Hosts: 59.34.216.223 guagame.com O1 - Hosts: 59.34.216.223 baigua.com O1 - Hosts: 59.34.216.223 www.baigua.com O1 - Hosts: 59.34.216.223 www.paogame.com O1 - Hosts: 59.34.216.223 www.guagame.com O1 - Hosts: 59.34.216.223 paogame.com O1 - Hosts: 59.34.216.223 bbs.91530.com O2 - BHO: ThunderIEHelper - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINNT\system32\xunleibho_v14.dll O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\Progra~1\Baidu\bar\BaiDuBar.dll (file missing) O3 - Toolbar: ????? - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\Progra~1\Baidu\bar\BaiDuBar.dll (file missing) O3 - Toolbar: ????? - {F43BD772-ABDD-43b7-A96A-3E9E61946EC0} - C:\WINNT\WORLD2\TOOLBAR\hmtoolbar.dll O4 - HKLM\..\Run: [WuLink] D:\WuSoft\Wulink\wulink.exe O4 - HKLM\..\Run: [Network Statistics] C:\Program Files\Network Statistics\nstat.exe O4 - HKLM\..\Run: [wcmdmgr] C:\WINNT\wt\updater\wcmdmgrl.exe -launch O4 - HKLM\..\Run: [POPO2004] E:\Program Files\Netease\popo2004\Start.exe O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system O4 - HKLM\..\Run: [Update] C:\Program Files\Common Files\UPDAT\Update.exe O4 - HKLM\..\Run: [res] C:\WINNT\system32\res.exe O4 - HKCU\..\Run: [internat.exe] internat.exe O4 - Startup: bang.ini O4 - Startup: bang.ini.1 O4 - Startup: ErrorLog.txt O4 - Startup: iplay.tmp O4 - Startup: KakaScan.log O4 - Startup: NTUSER.DAT O4 - Startup: ntuser.dat.LOG O4 - Startup: ntuser.ini O4 - Startup: ntuser.pol O4 - Startup: Plus!.bmp O4 - Startup: QQProxy.Dat O4 - Startup: scaleaddress.ini O4 - Startup: sqlerror.log O4 - Startup: sys_log_146266937.upt O4 - Startup: TempUpdate.txt O4 - Startup: tld_plu.txt O4 - Startup: Transscale.ini O4 - Startup: uninstalldrv.exe O4 - Startup: zdb O4 - Global Startup: ntuser.dat O4 - Global Startup: ntuser.dat.LOG O4 - Global Startup: ntuser.pol O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: &使用迅雷下载 - F:\kavas\geturl.htm O8 - Extra context menu item: &使用迅雷下载全部链接 - F:\kavas\getallurl.htm O8 - Extra context menu item: 上传到QQ网络硬盘 - E:\Program Files\Tencent\qq\AddToNetDisk.htm O8 - Extra context menu item: 使用网际快车下载 - E:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: 使用网际快车下载全部链接 - E:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: 添加到QQ自定义面板 - E:\Program Files\Tencent\qq\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - E:\Program Files\Tencent\qq\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - E:\Program Files\Tencent\qq\SendMMS.htm O8 - Extra context menu item: 百度-搜索新闻 - res://C:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDUNEWS.HTM O9 - Extra button: QQ (HKLM) O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB O16 - DPF: {52DF16E3-6C4F-4B22-8BAF-09263E463B48} ( O16 - DPF: {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (AxInputControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AXSafeControls.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O16 - DPF: {E787FD25-8D7C-4693-AE67-9406BC6E22DF} (CPasswordEditCtrl Object) - https://www.tenpay.com/download/qqedit.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{559412F5-51AB-4D46-AFF7-4CE3E3A9B96B}: NameServer = 61.139.2.69 O17 - HKLM\System\CCS\Services\Tcpip\..\{E92BEAFD-5349-490E-858B-19BE6F2496A9}: NameServer = 61.139.2.69 202.98.96.68 2006-04-25 17:46:27
菜鸟飞飞219 初生襁褓狮帖子:88 注册: 2006-04-13 来自:	分享到：

不言放弃社区嘉宾帖子:30678 注册: 2004-09-17 来自:蓝色星球	发表于： 2006-04-13 19:28 \| 短消息资料字号：小中大 2楼【回复“菜鸟飞飞219”的帖子】 http://forum.ikaka.com/topic.asp?board=28&artid=6979213 (1楼附件) 下载HIJACKTHIS 导出全部日志
不言放弃社区嘉宾帖子:30678 注册: 2004-09-17 来自:蓝色星球

菜鸟飞飞219 初生襁褓狮帖子:88 注册: 2006-04-13 来自:	发表于： 2006-04-14 19:36 \| 只看楼主短消息资料字号：小中大 3楼我这个就是全部日志了啊!!!!
菜鸟飞飞219 初生襁褓狮帖子:88 注册: 2006-04-13 来自:

轩辕小聪卡卡技术团队帖子:8368 注册: 2006-01-09 来自:	发表于： 2006-04-14 19:40 \| 短消息资料字号：小中大 4楼晕，你的HijackThis版本太低了，照1楼提供的地址再下一个，那个是1.99.1版的
轩辕小聪卡卡技术团队帖子:8368 注册: 2006-01-09 来自:

菜鸟飞飞219 初生襁褓狮帖子:88 注册: 2006-04-13 来自:	发表于： 2006-04-14 20:17 \| 只看楼主短消息资料字号：小中大 5楼没法,,进迷宫了,,找不到地方下,这个应该是一样的哦,我昨天才下载的.
菜鸟飞飞219 初生襁褓狮帖子:88 注册: 2006-04-13 来自:

轩辕小聪卡卡技术团队帖子:8368 注册: 2006-01-09 来自:	发表于： 2006-04-14 20:29 \| 短消息资料字号：小中大 6楼昨天就是在那里下的吗？！
轩辕小聪卡卡技术团队帖子:8368 注册: 2006-01-09 来自:

菜鸟飞飞219 初生襁褓狮帖子:88 注册: 2006-04-13 来自:	发表于： 2006-04-14 20:34 \| 只看楼主短消息资料字号：小中大 7楼记不得了,,别个推荐的.我可能把其中那些运行的东西删了, 我重整个日志出来嘛
菜鸟飞飞219 初生襁褓狮帖子:88 注册: 2006-04-13 来自:

菜鸟飞飞219 初生襁褓狮帖子:88 注册: 2006-04-13 来自:	发表于： 2006-04-14 20:36 \| 只看楼主短消息资料字号：小中大 8楼 HijackThis@Qoo的扫描日志 V1.97.7 Scan saved at 20:36:11, on 2006-4-14 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\csrss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\Program Files\Rising\Rav\CCenter.exe C:\Program Files\Rising\Rav\Ravmond.exe C:\WINNT\system32\spoolsv.exe C:\WINNT\system32\svchost.exe C:\WINNT\System32\llssrv.exe C:\WINNT\system32\MSTask.exe C:\Program Files\Rainbow Technologies\SPN Combo Installer\1.0.5\Server\WinNT\spnsrvnt.exe C:\Program Files\Rising\Rav\RavStub.exe C:\WINNT\System32\svchost.exe C:\Program Files\Common Files\COMM\Network.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\Dfssvc.exe C:\WINNT\system32\inetsrv\inetinfo.exe C:\WINNT\system32\msdtc.exe C:\WINNT\Explorer.EXE C:\WINNT\wt\updater\wcmdmgr.exe C:\Program Files\Rising\Rav\RavTask.exe C:\Program Files\Rising\Rav\Ravmon.exe C:\Program Files\Common Files\UPDAT\Update.exe C:\WINNT\system32\internat.exe E:\Program Files\Netease\popo2004\popo.exe C:\WINNT\system32\dllhost.exe E:\Program Files\Tencent\qq\TIMPlatform.exe C:\WINNT\system32\res.exe C:\WINNT\system32\conime.exe C:\WINNT\explorer.exe C:\WINNT\system32\Rundll32.exe D:\WuSoft\Wumis\wumis.exe E:\Program Files\Tencent\qq\QQ.exe D:\WuSoft\Wumis\wumis.exe C:\WINNT\system32\taskmgr.exe C:\Program Files\Internet Explorer\iexplore.exe E:\Program Files\Tencent\qq\QQ.exe F:\HijackThis.exe O1 - Hosts: 59.34.216.223 www.paodian.net O1 - Hosts: 59.34.216.223 paodian.net O1 - Hosts: 59.34.216.223 369q.com O1 - Hosts: 59.34.216.223 www.369q.com O1 - Hosts: 59.34.216.223 www.30ok.com O1 - Hosts: 59.34.216.223 cq.30ok.com O1 - Hosts: 59.34.216.223 www.176g.com O1 - Hosts: 59.34.216.223 www.guacq.com O1 - Hosts: 59.34.216.223 guacq.com O1 - Hosts: 59.34.216.223 guagame.com O1 - Hosts: 59.34.216.223 baigua.com O1 - Hosts: 59.34.216.223 www.baigua.com O1 - Hosts: 59.34.216.223 www.paogame.com O1 - Hosts: 59.34.216.223 www.guagame.com O1 - Hosts: 59.34.216.223 paogame.com O1 - Hosts: 59.34.216.223 bbs.91530.com O2 - BHO: ThunderIEHelper - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINNT\system32\xunleibho_v14.dll O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\Progra~1\Baidu\bar\BaiDuBar.dll (file missing) O3 - Toolbar: ????? - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\Progra~1\Baidu\bar\BaiDuBar.dll (file missing) O3 - Toolbar: ????? - {F43BD772-ABDD-43b7-A96A-3E9E61946EC0} - C:\WINNT\WORLD2\TOOLBAR\hmtoolbar.dll O4 - HKLM\..\Run: [WuLink] D:\WuSoft\Wulink\wulink.exe O4 - HKLM\..\Run: [Network Statistics] C:\Program Files\Network Statistics\nstat.exe O4 - HKLM\..\Run: [wcmdmgr] C:\WINNT\wt\updater\wcmdmgrl.exe -launch O4 - HKLM\..\Run: [POPO2004] E:\Program Files\Netease\popo2004\Start.exe O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system O4 - HKLM\..\Run: [Update] C:\Program Files\Common Files\UPDAT\Update.exe O4 - HKLM\..\Run: [res] C:\WINNT\system32\res.exe O4 - HKCU\..\Run: [internat.exe] internat.exe O4 - Startup: bang.ini O4 - Startup: bang.ini.1 O4 - Startup: ErrorLog.txt O4 - Startup: iplay.tmp O4 - Startup: KakaScan.log O4 - Startup: NTUSER.DAT O4 - Startup: ntuser.dat.LOG O4 - Startup: ntuser.ini O4 - Startup: ntuser.pol O4 - Startup: Plus!.bmp O4 - Startup: QQProxy.Dat O4 - Startup: scaleaddress.ini O4 - Startup: sqlerror.log O4 - Startup: sys_log_146266937.upt O4 - Startup: TempUpdate.txt O4 - Startup: tld_plu.txt O4 - Startup: Transscale.ini O4 - Startup: uninstalldrv.exe O4 - Startup: zdb O4 - Global Startup: ntuser.dat O4 - Global Startup: ntuser.dat.LOG O4 - Global Startup: ntuser.pol O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: &使用迅雷下载 - F:\kavas\geturl.htm O8 - Extra context menu item: &使用迅雷下载全部链接 - F:\kavas\getallurl.htm O8 - Extra context menu item: 上传到QQ网络硬盘 - E:\Program Files\Tencent\qq\AddToNetDisk.htm O8 - Extra context menu item: 使用网际快车下载 - E:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: 使用网际快车下载全部链接 - E:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: 添加到QQ自定义面板 - E:\Program Files\Tencent\qq\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - E:\Program Files\Tencent\qq\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - E:\Program Files\Tencent\qq\SendMMS.htm O8 - Extra context menu item: 百度-搜索新闻 - res://C:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDUNEWS.HTM O9 - Extra button: QQ (HKLM) O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB O16 - DPF: {52DF16E3-6C4F-4B22-8BAF-09263E463B48} ( O16 - DPF: {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (AxInputControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AXSafeControls.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O16 - DPF: {E787FD25-8D7C-4693-AE67-9406BC6E22DF} (CPasswordEditCtrl Object) - https://www.tenpay.com/download/qqedit.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{559412F5-51AB-4D46-AFF7-4CE3E3A9B96B}: NameServer = 61.139.2.69 O17 - HKLM\System\CCS\Services\Tcpip\..\{E92BEAFD-5349-490E-858B-19BE6F2496A9}: NameServer = 61.139.2.69 202.98.96.68
菜鸟飞飞219 初生襁褓狮帖子:88 注册: 2006-04-13 来自:

轩辕小聪卡卡技术团队帖子:8368 注册: 2006-01-09 来自:	发表于： 2006-04-14 20:42 \| 短消息资料字号：小中大 9楼我晕，真的是版本太低，在1楼的那个网址重新下一个。
轩辕小聪卡卡技术团队帖子:8368 注册: 2006-01-09 来自:

菜鸟飞飞219 初生襁褓狮帖子:88 注册: 2006-04-13 来自:	发表于： 2006-04-14 20:47 \| 只看楼主短消息资料字号：小中大 10楼哪里才是下载的哦? 也不说清楚在哪下
菜鸟飞飞219 初生襁褓狮帖子:88 注册: 2006-04-13 来自:

<<上一主题|下一主题>>

12 3

1 / 3 页

跳转页

页面顶部

Powered by Discuz!NT