为什么这个病毒总杀不了呢 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛为什么这个病毒总杀不了呢

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

为什么这个病毒总杀不了呢

zhxbsc 初生襁褓狮帖子:6 注册: 2006-06-07 来自:	发表于： 2006-06-07 09:18 \| 只看楼主短消息资料字号：小中大 1楼为什么这个病毒总杀不了呢今天早上开电脑，自动升级后，就提示有病毒Trojian.Ourxin.a和Trojian.Ourxin.a，但为什么这个病毒总杀不了呢？？？附件: 文件名:69699220066791052.gif 下载次数:163 文件类型:image/pjpeg 文件大小: 上传时间:2006-6-7 9:18:37 描述: 2006-06-07 11:05:08
zhxbsc 初生襁褓狮帖子:6 注册: 2006-06-07 来自:	分享到：

sasade 初生襁褓狮帖子:60 注册: 2006-06-04 来自:	发表于： 2006-06-07 09:18 \| 短消息资料字号：小中大 2楼【回复“zhxbsc”的帖子】贴系统日志
sasade 初生襁褓狮帖子:60 注册: 2006-06-04 来自:

zhxbsc 初生襁褓狮帖子:6 注册: 2006-06-07 来自:	发表于： 2006-06-07 10:12 \| 只看楼主短消息资料字号：小中大 3楼贴系统日志怎么贴呀？？？、
zhxbsc 初生襁褓狮帖子:6 注册: 2006-06-07 来自:

zhxbsc 初生襁褓狮帖子:6 注册: 2006-06-07 来自:	发表于： 2006-06-07 10:30 \| 只看楼主短消息资料字号：小中大 4楼 Logfile of HijackThis v1.99.0 Scan saved at 10:29:32, on 2006-6-7 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\System32\SCardSvr.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\WINNT\System32\svchost.exe C:\Program Files\Rising\Rav\CCenter.exe C:\WINNT\system32\MSTask.exe C:\WINNT\system32\rundll32.exe C:\WINNT\system32\stisvc.exe d:\u8soft\gdp\web\bin\taskservice.exe C:\WINNT\system32\U8SMSSrv.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\aua1\aua1.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\svchost.exe C:\PROGRAM FILES\RISING\RAV\Ravmond.exe C:\PROGRAM FILES\RISING\RAV\RavStub.exe C:\Program Files\Rising\Rav\RavService.exe c:\program files\rising\rfw\rfwsrv.exe C:\WINNT\Explorer.EXE c:\program files\rising\rfw\RfwMain.exe C:\Program Files\Rising\Rav\RavTimer.exe C:\Program Files\Rising\Rav\RavTray.exe C:\Program Files\Rising\Rav\RavMon.exe D:\Documents\TransDesktop153\TransDesktop.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINNT\system32\RUNDLL32.EXE C:\WINNT\system32\internat.exe C:\WINNT\system32\UfSvrMgr.exe C:\Program Files\Tencent\TT\TTraveler.exe C:\Program Files\wnwb2005\wnwb.exe C:\Documents and Settings\Administrator\桌面\hijackthis\HijackThis.exe R3 - URLSearchHook: bho Class - {ED8DFC5C-10EF-45AB-9DC2-0639AFF5A270} - C:\PROGRA~1\COMMON~1\Wnwb\wnwbio.dll F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: ThunderIEHelper - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINNT\system32\xunleibho_v14.dll O2 - BHO: wmpdrm - {0E674588-66B7-4E19-9D0E-2053B800F69F} - C:\WINNT\system32\wmpdrm.dll O2 - BHO: MyIEHelper Class - {16A770A0-0E87-4278-B748-2460D64A8386} - C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper_8215.dll (file missing) O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - C:\Program Files\Tencent\QQ\QQIEHelper.dll O2 - BHO: MMSAssist - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll (file missing) O2 - BHO: std software - {6A512BF7-EC78-4e8d-9841-6C02E8FA9838} - C:\WINNT\SYSTEM32\stdup.dll O2 - BHO: NetXfer - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - C:\Program Files\NetXfer\NXIEHelper.dll O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_001.dll O2 - BHO: NewWeb Controller - {9ACEEE30-143F-471A-AA45-72B061FE7D60} - C:\WINNT\system32\WinSC64.dll O2 - BHO: NewWeb Controller - {9ACEEE31-1440-471B-AA46-72B061FE7D61} - C:\WINNT\system32\WinSC32.dll O2 - BHO: update wnwb - {ED8DFC5C-10EF-45AB-9DC2-0639AFF5A270} - C:\PROGRA~1\COMMON~1\Wnwb\wnwbio.dll O3 - Toolbar: @msdxmLC.dll,-1@2052,电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx O3 - Toolbar: (no name) - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - (no file) O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [RavTimer] C:\Program Files\Rising\Rav\RavTimer.exe O4 - HKLM\..\Run: [RavTray] C:\Program Files\Rising\Rav\RavTray.exe O4 - HKLM\..\Run: [RavMon] C:\Program Files\Rising\Rav\RavMon.exe -system O4 - HKLM\..\Run: [TransDesktop] D:\Documents\TransDesktop153\TransDesktop.exe /AUTOSET O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup O4 - HKLM\..\Run: [spoolsv] C:\WINNT\system32\spoolsv\spoolsv.exe -printer O4 - HKLM\..\Run: [ScannerFinder] C:\Program Files\Microtek\ScanWizard DI\ScannerFinder.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Windir] C:\WINNT\system32\Windir.exe O4 - HKLM\..\Run: [supdate2.dll] RUNDLL32.EXE C:\WINNT\system32\supdate2.dll,Run O4 - HKCU\..\Run: [DrvMon.exe] C:\WINNT\system32\DrvMon.exe O4 - HKCU\..\Run: [internat.exe] internat.exe O4 - Global Startup: U8管理服务.lnk = C:\WINNT\system32\UfSvrMgr.exe O8 - Extra context menu item: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm O8 - Extra context menu item: &使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm O8 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\Tencent\QQ\AddToNetDisk.htm O8 - Extra context menu item: 导出当前页到超星阅览器(&A) - C:\Program Files\SSREADER36\ss_all.htm O8 - Extra context menu item: 导出选中部分到超星阅览器(&S) - C:\Program Files\SSREADER36\ss_select.htm O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm O9 - Extra button: (no name) - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll (file missing) O9 - Extra 'Tools' menuitem: MMSAssist工具条设置 - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll (file missing) O9 - Extra button: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll O16 - DPF: {098A3F72-3110-4004-B954-2F9DC44934B4} (AddSHCARoot Control) - http://www.sheca.com/AddSHCARootCert.cab O16 - DPF: {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} (Edit Class) - https://www.sz1.cmbchina.com/download/CMBEdit.cab O16 - DPF: {2761225D-F0F2-44E8-A2C9-476FB6A3316A} (QQLive TRadio Control) - http://dl_dir.qq.com/qqtools/qqlive2.0forradio.exe O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://cn.download.yahoo.com/dl/install/yinst0401.cab O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (CEditCtrl Object) - https://img.alipay.com/download/1007/aliedit.cab O16 - DPF: {5EC7C511-CD0F-42E6-830C-1BD9882F3458} (PowerPlayer Control) - http://www.ppstream.com/bin/powerplayer.cab O16 - DPF: {62561858-71D1-11D4-B2EC-00105A8340B5} (VITEGPlayerCtrl Class) - http://eclass.idedu.com/control/VTPlayer.cab O16 - DPF: {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (AxInputControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AXSafeControls.cab O16 - DPF: {9242BB35-0DB0-43AC-8DFC-8EA07E63B92A} (LiveMediaOcx Control) - http://dl_dir.qq.com/qqtv/QQLiveOcxSetup.exe O16 - DPF: {B234FF32-3A31-4FBF-BC09-616ED5DE6A78} (Verify Control) - http://cisweb2.sheca.com/cisweb/CabFiles/CertUpdate.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{7E2711DF-561B-4680-854B-335CC1ECE6B2}: NameServer = 202.96.209.5,202.96.209.133 O18 - Protocol: dic - {C21F5C32-F57A-4A0D-8E0A-B672691C52D0} - c:\Program Files\Kingsoft\Powerword 2003\XDictExB.dll O23 - Service: Alerter - Unknown - C:\WINNT\System32\Alerter.exe (file missing) O23 - Service: Logical Disk Manager Administrative Service - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: RavInstallService - Unknown - \\USER1\C$\Program Files\Rising\Rav\RavISvc.exe (file missing) O23 - Service: RavService - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\RavService.exe O23 - Service: Rising Proxy Service - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe O23 - Service: Rising Personal Firewall Service - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) - Unknown - %ProgramFiles%\WinPcap\rpcapd.exe (file missing) O23 - Service: Rising Process Communication Center - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe O23 - Service: RsRavMon Service - Beijing Rising Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\Ravmond.exe O23 - Service: svchost - Unknown - C:\WINNT\Hacker.com.cn.exe O23 - Service: 合并报表队列服务 - - d:\u8soft\gdp\web\bin\taskservice.exe O23 - Service: UFSoft SMS Platform - Unknown - C:\WINNT\system32\U8SMSSrv.exe O23 - Service: 用友U8预警调度服务 - Unknown - C:\WINNT\system32\AlertService.exe O23 - Service: U8管理软件 - Unknown - C:\WINNT\system32\ServerNT.EXE O23 - Service: winaua - Unknown - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\aua1\aua1.exe
zhxbsc 初生襁褓狮帖子:6 注册: 2006-06-07 来自:

zhxbsc 初生襁褓狮帖子:6 注册: 2006-06-07 来自:	发表于： 2006-06-07 10:43 \| 只看楼主短消息资料字号：小中大 5楼版主帮我看看吧？？？？？、、、
zhxbsc 初生襁褓狮帖子:6 注册: 2006-06-07 来自:

羽化9527 初生襁褓狮帖子:29 注册: 2005-10-02 来自:	发表于： 2006-06-07 11:05 \| 短消息资料字号：小中大 6楼 O23 - Service: svchost - Unknown - C:\WINNT\Hacker.com.cn.exe 这项好像是灰鸽子，看置顶帖 O23 - Service: winaua - Unknown - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\aua1\aua1.exe 修复结束进程C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\aua1\aua1.exe，删除文件其他还有问题，等高手吧
羽化9527 初生襁褓狮帖子:29 注册: 2005-10-02 来自:

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT