有毒必问大哥你要的日志来了不要说你不懂呀！ - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛有毒必问大哥你要的日志来了不要说你不懂呀！

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

有毒必问大哥你要的日志来了不要说你不懂呀！

557680171 初生襁褓狮帖子:17 注册: 2005-02-03 来自:	发表于： 2006-10-21 16:36 \| 只看楼主短消息资料字号：小中大 1楼有毒必问大哥你要的日志来了不要说你不懂呀！ Logfile of HijackThis v1.99.1 Scan saved at 16:24:55, on 2006-10-21 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe E:\Rising\Rav\CCenter.exe C:\WINDOWS\System32\svchost.exe E:\Rising\Rav\Ravmond.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe E:\Rising\Rav\RavStub.exe C:\WINDOWS\system32\nvsvc32.exe d:\app\pppoeservice.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\SOUNDMAN.EXE E:\Rising\Rav\RavTask.exe E:\Rising\Rav\Ravmon.exe C:\WINDOWS\VM_STI.EXE C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe E:\Rising\Rav\Rav.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE D:\新建文件夹 (8)\HijackThis.exe O1 - Hosts: 202.103.67.180 auto.search.msn.com O2 - BHO: Macrosoft Class - {58DB541D-F15A-4e95-A5D9-5DF5EE13920C} - C:\WINDOWS\system32\winlogin.dll (file missing) O2 - BHO: CdnForIE Class - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [RavTask] "E:\Rising\Rav\RavTask.exe" -system O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Vimicro USB PC Camera (ZC0301PL) O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\RunOnce: [RavStub] "E:\Rising\Rav\ravstub.exe" /RUNONCE O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\QQ2005\AddToNetDisk.htm O8 - Extra context menu item: 使用影音传送带下载 - C:\Program Files\Xi\NetTransport 2\NTAddLink.html O8 - Extra context menu item: 使用影音传送带下载全部链接 - C:\Program Files\Xi\NetTransport 2\NTAddList.html O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: 访问通用网址 - C:\Program Files\CNNIC\Cdn\cnnic.htm O9 - Extra button: (no name) - {0062C9BD-B349-40DE-91A0-755F37ACD559} - (no file) O9 - Extra button: 中文上网 - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll O9 - Extra 'Tools' menuitem: 中文上网 - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll O9 - Extra button: 微软 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.microsoft.com/china/index.htm (file missing) O11 - Options group: [CDNCLIENT] 中文上网 O15 - Trusted Zone: easyabc.95599.cn O15 - Trusted Zone: www.95599.cn O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {18F57D30-EF36-4C0E-9343-7BFA6DF79B4A} (XLink Class) - http://active.micr0media.com/swflash.CAB O16 - DPF: {5EC7C511-CD0F-42E6-830C-1BD9882F3458} (PowerPlayer Control) - http://download.ppstream.com/bin/powerplayer.cab O16 - DPF: {6DBB2904-082D-4DB0-944A-21C22BA121F4} (CCtInf Class) - http://www.95599.cn/BankControl.cab O16 - DPF: {74447F9C-5691-4A9A-8BE4-564092E40B03} (VnetAnprIns Class) - http://plugin.vnet.cn/VnetPluginIns.CAB O16 - DPF: {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} (AxSubmitControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{8386AAFC-B14F-4806-BED7-3E663F6F472E}: NameServer = 220.189.127.108 220.189.127.107 O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PPPoE Service (PPPoEService) - Unknown owner - d:\app\pppoeservice.exe O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - E:\Rising\Rav\CCenter.exe O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - E:\Rising\Rav\Ravmond.exe O23 - Service: Routing Protect Access (WIDETS) - Unknown owner - C:\WINDOWS\SYSTEM32\RUN32.EXE (file missing) 2006-10-21 16:36:58.590000000
557680171 初生襁褓狮帖子:17 注册: 2005-02-03 来自:	分享到：

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT