【求助】有关Detected SPYware! System error #384问题!!! - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛【求助】有关Detected SPYware! System error #384问题!!!

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第四十七次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

【求助】有关Detected SPYware! System error #384问题!!!

alkray 初生襁褓狮帖子:2 注册: 2007-02-03 来自:	发表于： 2007-02-03 21:06 \| 只看楼主短消息资料字号：小中大 1楼【求助】有关Detected SPYware! System error #384问题!!! 今天打开电脑跳出来Your computer is infected打开IE就出现了蓝底白字的英文 Detected SPYware! System error #384 __________________________________________________________________________ Your IP address is 60.163... Using this address a remote computer has gained anaccess to your computer and probably is collecting the information about the sites you've visited and the files contained in the folder Temporary Internet Files. Attention! Ask for help or install the software for deleting secret information about the sites you visited. __________________________________________________________________________ Your computer is full of evidences! Your IP address: 60.163..** They know you're using: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)ver4 Risk status for further investigation: VERY HIGH RISK To protect from the Spyware - click here To prevent information transmission - click here To delete the history of your activity, click here 怎么解决,这到底是什么啊!! 另附: HijackThis_zww汉化版扫描日志 V1.99.1 保存于 20:53:01, 日期 2007-2-3 操作系统： Windows XP SP2 (WinNT 5.01.2600) 浏览器： Internet Explorer v6.00 SP2 (6.00.2900.2180) 当前运行的进程： C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe D:\KAV2007\KWatch.EXE C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\ctfmon.exe D:\KAV2007\KPfwSvc.EXE C:\WINDOWS\system32\rundll32.exe D:\KAV2007\KAVStart.exe C:\winstall.exe D:\KAV2007\KMailMon.EXE E:\Program Files\Maxthon\Maxthon.exe C:\Program Files\Thunder Network\Thunder\Program\Thunder5.exe F:\HijackThis1[1].99.1\HijackThis1991zww.exe F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe O2 - BHO: QQCycloneHelper - {00000000-12C9-4305-82F9-43058F20E8D2} - F:\Program Files\Tencent\QQDownload\QQIEHelper01.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: AdPopup - {11F09AFD-75AD-4E51-AB43-E09E9351CE16} - C:\Program Files\Common Files\CPUSH\cpush0.dll O2 - BHO: Info cache - {385AB8C6-FB22-4D17-8834-064E2BA0A6F0} - C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll O2 - BHO: KAVAntiFishing - {55302805-482E-470E-8A57-6795A1487F90} - D:\KAV2007\KAVAFish.DLL O2 - BHO: (no name) - {A9930D97-9CF0-42A0-A10D-4F28836579D5} - E:\PROGRA~1\KuGoo3\KUGOO3~1.OCX O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: njwn - {B31E7157-6DFD-4F20-BC03-11F38DB964EC} - C:\PROGRA~1\wsfw\xwja.dll O2 - BHO: (no name) - {EB16D2B9-8AA5-4CD7-A9F2-72A4D3078327} - C:\WINDOWS\system32\njabdbqvnnhxs.dll O3 - IE工具栏增项: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - 启动项HKLM\\Run: [StormCodec_Helper] "E:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti O4 - 启动项HKLM\\Run: [File32] C:\WINDOWS\system32\File32.exe O4 - 启动项HKLM\\Run: [hxgame-update] C:\Program Files\hxupdate\hxgame-update.exe O4 - 启动项HKLM\\Run: [KavStart] "D:\KAV2007\KAVStart.exe" -startup O4 - 启动项HKLM\\Run: [SpyHunter] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - IE右键菜单中的新增项目: &使用超级旋风下载 - F:\Program Files\Tencent\QQDownload\geturl.htm O8 - IE右键菜单中的新增项目: &使用超级旋风下载全部链接 - F:\Program Files\Tencent\QQDownload\getAllurl.htm O8 - IE右键菜单中的新增项目: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm O8 - IE右键菜单中的新增项目: &使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - F:\Program Files\Tencent\QQ\AddToNetDisk.htm O8 - IE右键菜单中的新增项目: 使用KuGoo3下载(&K) - E:\Program Files\KuGoo3\KuGoo3DownX.htm O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - F:\Program Files\Tencent\QQ\AddPanel.htm O8 - IE右键菜单中的新增项目: 添加到QQ表情 - F:\Program Files\Tencent\QQ\AddEmotion.htm O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - F:\Program Files\Tencent\QQ\SendMMS.htm O8 - IE右键菜单中的新增项目: 金山毒霸反钓鱼... - D:\KAV2007\KAF\ShowSet.htm O9 - 浏览器额外的按钮: 启动迅雷 - {0062C9BD-B349-40DE-91A0-755F37ACD559} - C:\Program Files\Thunder Network\Thunder\Thunder.exe O9 - 浏览器额外的“工具”菜单项: 启动迅雷 - {0062C9BD-B349-40DE-91A0-755F37ACD559} - C:\Program Files\Thunder Network\Thunder\Thunder.exe O9 - 浏览器额外的按钮: 易得优播放器 - {009541A0-3B81-101C-92F3-040224009C04} - D:\Program Files\edusoft\SWFBROWER\swfbrowse.exe O9 - 浏览器额外的“工具”菜单项: 易得优播放器 - {009541A0-3B81-101C-92F3-040224009C04} - D:\Program Files\edusoft\SWFBROWER\swfbrowse.exe O9 - 浏览器额外的按钮: 番茄花园 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.tomatolei.com (file missing) O9 - 浏览器额外的“工具”菜单项: 番茄花园 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.tomatolei.com (file missing) O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - F:\Program Files\Tencent\QQ\QQ.EXE O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - F:\Program Files\Tencent\QQ\QQ.EXE O10 - 未知的文件在 Winsock LSP: c:\windows\system32\espi11.dll O10 - 未知的文件在 Winsock LSP: c:\windows\system32\espi11.dll O10 - 未知的文件在 Winsock LSP: c:\windows\system32\espi11.dll O10 - 未知的文件在 Winsock LSP: c:\windows\system32\espi11.dll O10 - 未知的文件在 Winsock LSP: c:\windows\system32\espi11.dll O14 - IERESET.INF: START_PAGE_URL=http://www.microsoft.com/ O17 - HKLM\System\CCS\Services\Tcpip\..\{7935CA0C-0653-4C0A-8AC2-3F1524962F42}: NameServer = 220.189.127.108 220.189.127.107 O20 - Winlogon Notify: cryptimg - C:\WINDOWS\SYSTEM32\cryptimg.dll O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - NT 服务: Computer Storage (BKMARKS) - Unknown owner - C:\WINDOWS\SYSTEM32\RUNDLLFROMWIN2000.EXE (file missing) O23 - NT 服务: Client IP-IPX - Unknown owner - C:\WINDOWS\system32\svchosts.exe" -e te-110-12-0000333 (file missing) O23 - NT 服务: Kingsoft Personal Firewall Service (KPfwSvc) - Kingsoft Corporation - D:\KAV2007\KPfwSvc.EXE O23 - NT 服务: Kingsoft Antivirus KWatch Service (KWatchSvc) - Kingsoft Corporation - D:\KAV2007\KWatch.EXE O23 - NT 服务: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe 2007-02-03 21:15:49
alkray 初生襁褓狮帖子:2 注册: 2007-02-03 来自:	分享到：

安全防卫飘泊而立狮帖子:699 注册: 2006-01-14 来自:	发表于： 2007-02-03 21:25 \| 短消息资料字号：小中大 2楼 C:\winstall.exe O23 - NT 服务: Computer Storage (BKMARKS) - Unknown owner - C:\WINDOWS\SYSTEM32\RUNDLLFROMWIN2000.EXE (file missing) 有问题？删除
安全防卫飘泊而立狮帖子:699 注册: 2006-01-14 来自:

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT