帮我看下报告...感觉电脑有点问题了 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛帮我看下报告...感觉电脑有点问题了

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

12

1 / 2 页

跳转页

帮我看下报告...感觉电脑有点问题了

嘿嘿臭蛋初生襁褓狮帖子:216 注册: 2005-10-07 来自:	发表于： 2006-02-05 17:59 \| 只看楼主短消息资料字号：小中大 1楼帮我看下报告...感觉电脑有点问题了 Logfile of HijackThis v1.99.1 Scan saved at 17:51:53, on 2006-2-5 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\internat.exe C:\WINDOWS\system32\mspps.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\ServiceP.exe D:\QQ资料包\QQ.exe D:\QQ资料包\TIMPlatform.exe F:\超级兔子\winspeed.exe F:\HijackThis.exe O2 - BHO: 超级兔子上网精灵 - {FEDF637B-F631-4583-A210-33CC828D42DB} - F:\超级兔子\HaokanBar.dll O3 - Toolbar: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - C:\PROGRA~1\Kingsoft\FASTAI~1\IEBand.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O3 - Toolbar: 超级兔子上网精灵 - {FEDF637B-F631-4583-A210-33CC828D42DB} - F:\超级兔子\HaokanBar.dll O4 - HKLM\..\Run: [NvCplDaemon] ; RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Thunder] ; "F:\上网助手\新建文件夹\ThunderShell.exe" /s O4 - HKLM\..\Run: [internat.exe] internat.exe O4 - HKLM\..\Run: [mspps.exe] C:\WINDOWS\system32\mspps.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] ; "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Startup: 腾讯QQ.lnk = ? O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\QQ资料包\AddToNetDisk.htm O8 - Extra context menu item: 添加到QQ自定义面板 - D:\QQ资料包\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - D:\QQ资料包\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\QQ资料包\SendMMS.htm O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\QQ资料包\QQ.EXE O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\QQ资料包\QQ.EXE O16 - DPF: {DA984A6D-508E-11D6-AA49-0050FF3C628D} (Ravonline) - http://download.rising.com.cn/QQ/QQkill/rsonline.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{1DE511C7-8E44-422B-AEBD-686E87B4DD0C}: NameServer = 211.98.4.1 211.98.2.4 O17 - HKLM\System\CCS\Services\Tcpip\..\{D510E58D-5B91-4BC3-82BC-0C6466589E16}: NameServer = 202.103.176.22,202.103.176.28 O17 - HKLM\System\CS1\Services\Tcpip\..\{1DE511C7-8E44-422B-AEBD-686E87B4DD0C}: NameServer = 211.98.4.1 211.98.2.4 O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ServiceP - Unknown owner - C:\WINDOWS\system32\ServiceP.exe 2006-02-10 21:29:35
嘿嘿臭蛋初生襁褓狮帖子:216 注册: 2005-10-07 来自:	分享到：

天使之剑社区嘉宾帖子:2961 注册: 2005-09-15 来自:	发表于： 2006-02-05 19:45 \| 短消息资料字号：小中大 2楼【回复“嘿嘿臭蛋”的帖子】请楼主使用下面的两个多引擎扫描器扫描下列文件： C:\WINDOWS\system32\mspps.exe C:\WINDOWS\system32\ServiceP.exe 多引擎扫描之Virustotal： http://www.virustotal.com/ 多引擎扫描之Jotti： http://virusscan.jotti.org/ 请务必将报告贴全。
天使之剑社区嘉宾帖子:2961 注册: 2005-09-15 来自:

嘿嘿臭蛋初生襁褓狮帖子:216 注册: 2005-10-07 来自:	发表于： 2006-02-06 20:18 \| 只看楼主短消息资料字号：小中大 3楼 This is a report processed by VirusTotal on 02/06/2006 at 13:17:41 (CET) after scanning the file "ServiceP.exe" file. Antivirus Version Update Result AntiVir 6.33.0.81 02.06.2006 no virus found Avast 4.6.695.0 02.04.2006 no virus found AVG 718 02.04.2006 no virus found Avira 6.33.0.81 02.06.2006 no virus found BitDefender 7.2 02.06.2006 no virus found CAT-QuickHeal 8.00 02.04.2006 no virus found ClamAV devel-20060126 02.06.2006 no virus found DrWeb 4.33 02.06.2006 no virus found eTrust-InoculateIT 23.71.69 02.05.2006 no virus found eTrust-Vet 12.4.2066 02.06.2006 no virus found Ewido 3.5 02.06.2006 Trojan.Agent.jv Fortinet 2.54.0.0 02.06.2006 no virus found F-Prot 3.16c 02.04.2006 no virus found Ikarus 0.2.59.0 02.06.2006 no virus found Kaspersky 4.0.2.24 02.06.2006 no virus found McAfee 4689 02.03.2006 no virus found NOD32v2 1.1394 02.05.2006 no virus found Norman 5.70.10 02.06.2006 no virus found Panda 9.0.0.4 02.06.2006 Suspicious file Sophos 4.02.0 02.06.2006 no virus found Symantec 8.0 02.06.2006 no virus found TheHacker 5.9.3.091 02.06.2006 no virus found UNA 1.83 02.03.2006 no virus found VBA32 3.10.5 02.06.2006 no virus found VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.
嘿嘿臭蛋初生襁褓狮帖子:216 注册: 2005-10-07 来自:

嘿嘿臭蛋初生襁褓狮帖子:216 注册: 2005-10-07 来自:	发表于： 2006-02-06 20:22 \| 只看楼主短消息资料字号：小中大 4楼 a This is a report processed by VirusTotal on 02/06/2006 at 13:22:40 (CET) after scanning the file "mspps.exe" file. Antivirus Version Update Result AntiVir 6.33.0.81 02.06.2006 no virus found Avast 4.6.695.0 02.04.2006 no virus found AVG 718 02.04.2006 Generic.OIM Avira 6.33.0.81 02.06.2006 no virus found BitDefender 7.2 02.06.2006 no virus found CAT-QuickHeal 8.00 02.04.2006 no virus found ClamAV devel-20060126 02.06.2006 no virus found DrWeb 4.33 02.06.2006 no virus found eTrust-InoculateIT 23.71.69 02.05.2006 no virus found eTrust-Vet 12.4.2066 02.06.2006 no virus found Ewido 3.5 02.06.2006 Trojan.Agent.jv Fortinet 2.54.0.0 02.06.2006 W32/Delf.QC!tr F-Prot 3.16c 02.04.2006 no virus found Ikarus 0.2.59.0 02.06.2006 Trojan.Win32.Delf.QC Kaspersky 4.0.2.24 02.06.2006 Trojan.Win32.Delf.qc McAfee 4689 02.03.2006 no virus found NOD32v2 1.1394 02.05.2006 no virus found Norman 5.70.10 02.06.2006 no virus found Panda 9.0.0.4 02.06.2006 no virus found Sophos 4.02.0 02.06.2006 no virus found Symantec 8.0 02.06.2006 no virus found TheHacker 5.9.3.091 02.06.2006 Trojan/Delf.qc UNA 1.83 02.03.2006 Trojan.Win32.Delf VBA32 3.10.5 02.06.2006 suspected of Trojan.Agent.38 VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.
嘿嘿臭蛋初生襁褓狮帖子:216 注册: 2005-10-07 来自:

嘿嘿臭蛋初生襁褓狮帖子:216 注册: 2005-10-07 来自:	发表于： 2006-02-06 20:28 \| 只看楼主短消息资料字号：小中大 5楼 Service load: 0% 100% File: mspps.exe Status: INFECTED/MALWARE MD5 47bad69428d0b8fd4b7e341a967827a1 Packers detected: - Scanner results AntiVir Found nothing ArcaVir Found nothing Avast Found nothing AVG Antivirus Found Generic.OIM BitDefender Found nothing ClamAV Found nothing Dr.Web Found nothing F-Prot Antivirus Found nothing Fortinet Found W32/Delf.QC!tr Kaspersky Anti-Virus Found Trojan.Win32.Delf.qc NOD32 Found nothing Norman Virus Control Found nothing UNA Found Trojan.Win32.Delf VBA32 Found Trojan.Agent.38 (probable variant)
嘿嘿臭蛋初生襁褓狮帖子:216 注册: 2005-10-07 来自:

嘿嘿臭蛋初生襁褓狮帖子:216 注册: 2005-10-07 来自:	发表于： 2006-02-06 20:32 \| 只看楼主短消息资料字号：小中大 6楼 File: ServiceP.exe Status: INCONCLUSIVE (scan still in progress) MD5 ace84ab61e4b665ff488af4a2e84f47e Packers detected: Analyzing... Scanner results AntiVir Found nothing ArcaVir Found nothing Avast Found nothing AVG Antivirus Found nothing BitDefender Scanning, please wait... ClamAV Scanning, please wait... Dr.Web Scanning, please wait... F-Prot Antivirus Scanning, please wait... Fortinet Scanning, please wait... Kaspersky Anti-Virus Scanning, please wait... NOD32 Scanning, please wait... Norman Virus Control Scanning, please wait... UNA Scanning, please wait... VBA32 Scanning, please wait...
嘿嘿臭蛋初生襁褓狮帖子:216 注册: 2005-10-07 来自:

魔法学徒卡卡技术团队帖子:11465 注册: 2004-10-03 来自:	发表于： 2006-02-07 00:17 \| 短消息资料字号：小中大 7楼开始→控制面板→性能和维护→管理工具→服务→查找ServiceP→右击→属性→启动类型→禁止→应用→停止→确定。重新启动电脑, 开机检测完后, 按[F8]键(可以一直按到启动菜单出来为止), 选择安全模式进入Windows 运行Hijackthis，扫描结束后在下列选项前打上勾，然后选修复“Fix Checked”： O4 - HKLM\..\Run: [mspps.exe] C:\WINDOWS\system32\mspps.exe 显示隐藏文件双击我的电脑--工具---文件夹选项--查看选项卡--单击选取"显示隐藏文件或文件夹"--清除"隐藏受保护的操作系统文件（推荐）"复选框。在提示您确定更改时，单击“是”--单击“确定”。然后找到如下文件并删除（如果有的话）。 C:\WINDOWS\system32\mspps.exe C:\WINDOWS\system32\ServiceP.exe
魔法学徒卡卡技术团队帖子:11465 注册: 2004-10-03 来自:

嘿嘿臭蛋初生襁褓狮帖子:216 注册: 2005-10-07 来自:	发表于： 2006-02-08 19:21 \| 只看楼主短消息资料字号：小中大 8楼我把它按停止的时候出现了一个框说无法终止这个服务那我还在不在安全模式那里删它啊??
嘿嘿臭蛋初生襁褓狮帖子:216 注册: 2005-10-07 来自:

魔法学徒卡卡技术团队帖子:11465 注册: 2004-10-03 来自:	发表于： 2006-02-09 00:03 \| 短消息资料字号：小中大 9楼那就在安全模式下中止服务试试
魔法学徒卡卡技术团队帖子:11465 注册: 2004-10-03 来自:

嘿嘿臭蛋初生襁褓狮帖子:216 注册: 2005-10-07 来自:	发表于： 2006-02-09 18:24 \| 只看楼主短消息资料字号：小中大 10楼我已经把它在安全模式那里删了为什么在服务那里还看见它啊它说已禁用了是不是没问题了??
嘿嘿臭蛋初生襁褓狮帖子:216 注册: 2005-10-07 来自:

<<上一主题|下一主题>>

12

1 / 2 页

跳转页

页面顶部

Powered by Discuz!NT