瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 http://www.zhaomeimei.cn/28943053/ads1998.asp

1   1  /  1  页   跳转

http://www.zhaomeimei.cn/28943053/ads1998.asp

收藏
Dirksen
头像
初生襁褓狮
  • 帖子:1
  • 注册: 2006-12-30
  • 来自:
发表于: 2006-12-30 00:54 | 只看楼主 短消息 资料
字号: 1楼

http://www.zhaomeimei.cn/28943053/ads1998.asp

目前为止在电脑上出现过两次
都是在打开www.newsmth.net首页 然后点击匿名登陆的情况下出现的
自动弹出本贴标题页面
这个页面有木马病毒

第一次是在大约一周前 用safe360与卡卡都没有查出来什么原因
本电脑在出现这个问题前没有中过任何病毒
也没有访问过任何不良页面
本电脑上的杀软为kaspersky  时时更新

贴一下监控到的情况
2006-12-30 0:17:42    C:\Program Files\Internet Explorer\iexplore.exe    HKEY_USERS\S-1-5-21-583907252-2025429265-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser    {0E5CBF21-D15F-11D0-8301-00AA005B4383}    21 bf 5c 0e 5f d1 d0 11 83 01 00 aa 00 5b 43 83 22 00 1c 00 08 00 00 00 06 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 4c 00 00 00 01 14 02 00 00 00 00 00 c0 00 00 00 00 00 00 46 81 00 00 00 10 00 00 00 e0 3c 57 40 66 e1 c5 01 00 40 3a cf 58 e1 c5 01 00 bb cc 40 66 e1 c5 01 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3f 01 14 00 1f 50 e0 4f d0 20 ea 3a 69 10 a2 d8 08 00 2b 30 30 9d 19 00 2f 43 3a 5c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5c 00 31 00 00 00 00 00 64 33 10 8b 10 00 44 4f 43 55 4d 45 7e 31 00 00 44 00 03 00 04 00 ef be 64 33 10 8b 8c 35 00 80 14 00 00 00 44 00 6f 00 63 00 75 00 6d 00 65 00 6e 00 74 00 73 00 20 00 61 00 6e 00 64 00 20 00 53 00 65 00 74 00 74 00 69 00 6e 00 67 00 73 00 00 00 18 00 2e 00 31 00 00 00 00 00 64 33 84 8c 10 00 66 73 00 00 1c 00 03 00 04 00 ef be 64 33 84 8c 9d 35 00 80 14 00 00 00 66 00 73 00 00 00 12 00 56 00 31 00 00 00 00 00 64 33 8c 8c 11 00 46 41 56 4f 52 49 7e 31 00 00 3e 00 03 00 04 00 ef be 64 33 84 8c 64 33 00 80 14 00 28 00 46 00 61 00 76 00 6f 00 72 00 69 00 74 00 65 00 73 00 00 00 40 73 68 65 6c 6c 33 32 2e 64 6c 6c 2c 2d 31 32 36 39 33 00 18 00 30 00 35 00 00 00 00 00 64 33 87 8c 10 00 fe 94 a5 63 00 00 1c 00 03 00 04 00 ef be 64 33 87 8c 64 33 00 80 14 00 00 00 fe 94 a5 63 00 00 14 00 00 00 00 00 00 00    空二进制表格    修改    detected
2006-12-30 0:17:42    C:\Program Files\Internet Explorer\iexplore.exe    HKEY_USERS\S-1-5-21-583907252-2025429265-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser    {0E5CBF21-D15F-11D0-8301-00AA005B4383}    21 bf 5c 0e 5f d1 d0 11 83 01 00 aa 00 5b 43 83 22 00 1c 00 08 00 00 00 06 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 4c 00 00 00 01 14 02 00 00 00 00 00 c0 00 00 00 00 00 00 46 81 00 00 00 10 00 00 00 e0 3c 57 40 66 e1 c5 01 00 40 3a cf 58 e1 c5 01 00 bb cc 40 66 e1 c5 01 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3f 01 14 00 1f 50 e0 4f d0 20 ea 3a 69 10 a2 d8 08 00 2b 30 30 9d 19 00 2f 43 3a 5c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5c 00 31 00 00 00 00 00 64 33 10 8b 10 00 44 4f 43 55 4d 45 7e 31 00 00 44 00 03 00 04 00 ef be 64 33 10 8b 8c 35 00 80 14 00 00 00 44 00 6f 00 63 00 75 00 6d 00 65 00 6e 00 74 00 73 00 20 00 61 00 6e 00 64 00 20 00 53 00 65 00 74 00 74 00 69 00 6e 00 67 00 73 00 00 00 18 00 2e 00 31 00 00 00 00 00 64 33 84 8c 10 00 66 73 00 00 1c 00 03 00 04 00 ef be 64 33 84 8c 9d 35 00 80 14 00 00 00 66 00 73 00 00 00 12 00 56 00 31 00 00 00 00 00 64 33 8c 8c 11 00 46 41 56 4f 52 49 7e 31 00 00 3e 00 03 00 04 00 ef be 64 33 84 8c 64 33 00 80 14 00 28 00 46 00 61 00 76 00 6f 00 72 00 69 00 74 00 65 00 73 00 00 00 40 73 68 65 6c 6c 33 32 2e 64 6c 6c 2c 2d 31 32 36 39 33 00 18 00 30 00 35 00 00 00 00 00 64 33 87 8c 10 00 fe 94 a5 63 00 00 1c 00 03 00 04 00 ef be 64 33 87 8c 64 33 00 80 14 00 00 00 fe 94 a5 63 00 00 14 00 00 00 00 00 00 00    空二进制表格    修改    拒绝
2006-12-30 0:18:38    C:\Program Files\Internet Explorer\iexplore.exe    HKEY_USERS\S-1-5-21-583907252-2025429265-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser    {0E5CBF21-D15F-11D0-8301-00AA005B4383}    21 bf 5c 0e 5f d1 d0 11 83 01 00 aa 00 5b 43 83 22 00 1c 00 08 00 00 00 06 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 4c 00 00 00 01 14 02 00 00 00 00 00 c0 00 00 00 00 00 00 46 81 00 00 00 10 00 00 00 e0 3c 57 40 66 e1 c5 01 00 40 3a cf 58 e1 c5 01 00 bb cc 40 66 e1 c5 01 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3f 01 14 00 1f 50 e0 4f d0 20 ea 3a 69 10 a2 d8 08 00 2b 30 30 9d 19 00 2f 43 3a 5c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5c 00 31 00 00 00 00 00 64 33 10 8b 10 00 44 4f 43 55 4d 45 7e 31 00 00 44 00 03 00 04 00 ef be 64 33 10 8b 8c 35 00 80 14 00 00 00 44 00 6f 00 63 00 75 00 6d 00 65 00 6e 00 74 00 73 00 20 00 61 00 6e 00 64 00 20 00 53 00 65 00 74 00 74 00 69 00 6e 00 67 00 73 00 00 00 18 00 2e 00 31 00 00 00 00 00 64 33 84 8c 10 00 66 73 00 00 1c 00 03 00 04 00 ef be 64 33 84 8c 9d 35 00 80 14 00 00 00 66 00 73 00 00 00 12 00 56 00 31 00 00 00 00 00 64 33 8c 8c 11 00 46 41 56 4f 52 49 7e 31 00 00 3e 00 03 00 04 00 ef be 64 33 84 8c 64 33 00 80 14 00 28 00 46 00 61 00 76 00 6f 00 72 00 69 00 74 00 65 00 73 00 00 00 40 73 68 65 6c 6c 33 32 2e 64 6c 6c 2c 2d 31 32 36 39 33 00 18 00 30 00 35 00 00 00 00 00 64 33 87 8c 10 00 fe 94 a5 63 00 00 1c 00 03 00 04 00 ef be 64 33 87 8c 64 33 00 80 14 00 00 00 fe 94 a5 63 00 00 14 00 00 00 00 00 00 00    空二进制表格    修改    detected
2006-12-30 0:18:38    C:\Program Files\Internet Explorer\iexplore.exe    HKEY_USERS\S-1-5-21-583907252-2025429265-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser    {0E5CBF21-D15F-11D0-8301-00AA005B4383}    21 bf 5c 0e 5f d1 d0 11 83 01 00 aa 00 5b 43 83 22 00 1c 00 08 00 00 00 06 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 4c 00 00 00 01 14 02 00 00 00 00 00 c0 00 00 00 00 00 00 46 81 00 00 00 10 00 00 00 e0 3c 57 40 66 e1 c5 01 00 40 3a cf 58 e1 c5 01 00 bb cc 40 66 e1 c5 01 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3f 01 14 00 1f 50 e0 4f d0 20 ea 3a 69 10 a2 d8 08 00 2b 30 30 9d 19 00 2f 43 3a 5c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5c 00 31 00 00 00 00 00 64 33 10 8b 10 00 44 4f 43 55 4d 45 7e 31 00 00 44 00 03 00 04 00 ef be 64 33 10 8b 8c 35 00 80 14 00 00 00 44 00 6f 00 63 00 75 00 6d 00 65 00 6e 00 74 00 73 00 20 00 61 00 6e 00 64 00 20 00 53 00 65 00 74 00 74 00 69 00 6e 00 67 00 73 00 00 00 18 00 2e 00 31 00 00 00 00 00 64 33 84 8c 10 00 66 73 00 00 1c 00 03 00 04 00 ef be 64 33 84 8c 9d 35 00 80 14 00 00 00 66 00 73 00 00 00 12 00 56 00 31 00 00 00 00 00 64 33 8c 8c 11 00 46 41 56 4f 52 49 7e 31 00 00 3e 00 03 00 04 00 ef be 64 33 84 8c 64 33 00 80 14 00 28 00 46 00 61 00 76 00 6f 00 72 00 69 00 74 00 65 00 73 00 00 00 40 73 68 65 6c 6c 33 32 2e 64 6c 6c 2c 2d 31 32 36 39 33 00 18 00 30 00 35 00 00 00 00 00 64 33 87 8c 10 00 fe 94 a5 63 00 00 1c 00 03 00 04 00 ef be 64 33 87 8c 64 33 00 80 14 00 00 00 fe 94 a5 63 00 00 14 00 00 00 00 00 00 00    空二进制表格    修改    拒绝


这个问题第二次出现的时候
还有一个  撤换到 重试  此服务正在运行 什么的提示框
最后编辑2006-12-30 18:29:00
分享到:
gototop
 
红夜鬼1
头像
横据古稀狮
  • 帖子:8602
  • 注册: 2006-10-18
  • 来自:
发表于: 2006-12-30 18:37 | 短消息 资料
字号: 2楼

请下载SREng2(最新版) ,使用“智能扫描”,按下“扫描”按钮进行扫描,
扫描完成后按下“保存报告”按钮保存报告日志文件(SREng.LOG),把保存的报告
日志文件内容复制-粘贴上来,,日志一次粘不完,分次粘完,请不要修改。

下载地址
http://www.kztechs.com/sreng/sreng2.zip
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT