【求助】帮忙看下日志，看了半天没看出什么 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛【求助】帮忙看下日志，看了半天没看出什么

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

【求助】帮忙看下日志，看了半天没看出什么

ihaesaes 初生襁褓狮帖子:14 注册: 2007-02-11 来自:	发表于： 2007-02-11 12:38 \| 只看楼主短消息资料字号：小中大 1楼【求助】帮忙看下日志，看了半天没看出什么高手帮忙看下日志，水平太低，看了半天没看出什么 [复制到剪贴板] CODE: 2007-02-11,12:11:03 System Repair Engineer 2.3.13.690 Smallfrogs (http://www.KZTechs.com) Windows 98 SE - 以下内容被选中：所有的启动项目（包括注册表、启动文件夹、服务等）浏览器加载项正在运行的进程（包括进程模块信息）文件关联 Winsock 提供者 Autorun.inf HOSTS 文件启动项目注册表 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <internat.exe><internat.exe> [Microsoft Corporation] <ScanRegistry><C:\WINDOWS\scanregw.exe /autorun> [Microsoft Corporation] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] <AppInit_DLLs><> [N/A] ================================== 启动文件夹 N/A ================================== 服务 N/A ================================== 驱动程序 N/A ================================== 浏览器加载项 [IeCatch2 Class] {A5366673-E8CA-11D3-9CD9-0090271D075B} <D:\PROGRAM FILES\FLASHGET\JCCATCH.DLL, Amaze Soft> [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\SYSTEM\MACROMED\FLASH\FLASH8.OCX, Macromedia, Inc.> [Rising Web Scan Object] {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <C:\WINDOWS\DOWNLOADED PROGRAM FILES\OL2005.DLL, Beijing Rising Technology Co., Ltd.> [使用网际快车下载] <D:\PROGRAM FILES\FLASHGET\jc_link.htm, N/A> [使用网际快车下载全部链接] <D:\PROGRAM FILES\FLASHGET\jc_all.htm, N/A> [雅虎搜索] <res://C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YASBAR.DLL/246, N/A> [添加到雅虎订阅(&Y)] <res://C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YRSS.DLL/YRSSMENUEXT, N/A> ================================== 正在运行的进程 [PID: 4294965293][C:\WINDOWS\SYSTEM\MPREXE.EXE] [Microsoft Corporation, 4.10.1998] [C:\WINDOWS\SYSTEM\NETBIOS.DLL] [N/A, N/A] [D:\PROGRAM FILES\FLASHGET\JCCATCH.DLL] [Amaze Soft, 1, 1, 4, 0] [PID: 4294844781][C:\WINDOWS\EXPLORER.EXE] [Microsoft Corporation, 4.72.3110.1] [PID: 4294853153][C:\WINDOWS\SYSTEM\RPCSS.EXE] [Microsoft Corporation, 4.71.2900] [PID: 4294776153][C:\WINDOWS\SYSTEM\INTERNAT.EXE] [Microsoft Corporation, 4.10.2222] [C:\WINDOWS\SYSTEM\NETBIOS.DLL] [N/A, N/A] [C:\PROGRAM FILES\EFFICIENT NETWORKS\ENTERNET 500\APP\RESENU.DLL] [Efficient Networks, Inc., 1, 5, 0, 18] [PID: 4294714717][C:\PROGRAM FILES\EFFICIENT NETWORKS\ENTERNET 500\APP\ENTERNET.EXE] [N/A, N/A] [C:\PROGRAM FILES\EFFICIENT NETWORKS\ENTERNET 500\APP\DSLAPI32.DLL] [Efficient Networks Inc., 1, 5, 0, 18] [C:\PROGRAM FILES\EFFICIENT NETWORKS\ENTERNET 500\APP\PACKETLOG.DLL] [Efficient Networks, Inc., 1, 5, 0, 18] [C:\PROGRAM FILES\EFFICIENT NETWORKS\ENTERNET 500\APP\RESMSGENU.DLL] [Efficient Networks, Inc., 1, 5, 0, 17] [C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WEB 文件夹\MSONSEXT.DLL] [N/A, N/A] [C:\WINDOWS\SYSTEM\MACROMED\FLASH\FLASH8.OCX] [Macromedia, Inc., 8,0,22,0] [D:\PROGRAM FILES\FLASHGET\JCCATCH.DLL] [Amaze Soft, 1, 1, 4, 0] [PID: 4294746857][C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2800.1106] [PID: 4294658173][C:\PROGRAM FILES\ACCESSORIES\WORDPAD.EXE] [Microsoft Corporation, 5.00.1691.1] [C:\WINDOWS\SYSTEM\DD300_32.DLL] [Silicon Integrated Systems Corporation, 4.13.01.1133] [PID: 4294672981][C:\WINDOWS\SYSTEM\DDHELP.EXE] [Microsoft Corporation, 4.09.00.0900] [C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WEB 文件夹\MSONSEXT.DLL] [N/A, N/A] [C:\WINDOWS\SYSTEM\MACROMED\FLASH\FLASH8.OCX] [Macromedia, Inc., 8,0,22,0] [D:\PROGRAM FILES\FLASHGET\JCCATCH.DLL] [Amaze Soft, 1, 1, 4, 0] [PID: 4294806209][C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2800.1106] [PID: 4294608433][C:\WINDOWS\TEMP\RAR$EX00.751\SRENG.EXE] [Smallfrogs Studio, 2.3.13.690] ================================== 文件关联 .TXT OK. [C:\WINDOWS\NOTEPAD.EXE %1] .EXE OK. ["%1" %] .COM OK. ["%1" %] .PIF OK. ["%1" %] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %] .SCR OK. ["%1" /S] .CHM OK. ["C:\WINDOWS\hh.exe" %1] .HLP OK. [C:\WINDOWS\winhlp32.exe %1] .INI OK. [C:\WINDOWS\NOTEPAD.EXE %1] .INF OK. [C:\WINDOWS\NOTEPAD.EXE %1] .VBS OK. [C:\WINDOWS\WScript.exe "%1" %] .JS OK. [C:\WINDOWS\WScript.exe "%1" %] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock 提供者 MS.w95.spi.osp C:\WINDOWS\SYSTEM\mswsosp.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider) MS.w95.spi.tcp C:\WINDOWS\SYSTEM\msafd.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider) MS.w95.spi.udp C:\WINDOWS\SYSTEM\msafd.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider) MS.w95.spi.raw C:\WINDOWS\SYSTEM\msafd.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider) MS.w95.spi.rsvptcp C:\WINDOWS\SYSTEM\rsvpsp.dll(Microsoft Corporation, Microsoft Windows Rsvp 1.0 Service Provider) MS.w95.spi.rsvpudp C:\WINDOWS\SYSTEM\rsvpsp.dll(Microsoft Corporation, Microsoft Windows Rsvp 1.0 Service Provider) ================================== Autorun.inf N/A ================================== HOSTS 文件 N/A ================================== API HOOK N/A ================================== 2007-02-11 13:03:02
ihaesaes 初生襁褓狮帖子:14 注册: 2007-02-11 来自:	分享到：

两个铁球叱咤花甲狮帖子:3107 注册: 2006-01-19 来自:新疆叶城	发表于： 2007-02-11 12:54 \| 短消息资料字号：小中大 2楼 [C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WEB 文件夹\MSONSEXT.DLL] [N/ 这个是什么文件？机子有什么问题？是win2000系统？裸奔？佩服！有点流氓软件。
两个铁球叱咤花甲狮帖子:3107 注册: 2006-01-19 来自:新疆叶城

姑苏残月叱咤花甲狮帖子:2464 注册: 2007-01-27 来自:	发表于： 2007-02-11 13:01 \| 短消息资料字号：小中大 3楼 <ScanRegistry><C:\WINDOWS\scanregw.exe /autorun> [Microsoft Corporation] 这个删除你的日志干净,我喜欢
姑苏残月叱咤花甲狮帖子:2464 注册: 2007-01-27 来自:

ihaesaes 初生襁褓狮帖子:14 注册: 2007-02-11 来自:	发表于： 2007-02-11 13:12 \| 只看楼主短消息资料字号：小中大 4楼谢谢楼上的，我运行瑞星在线查毒一查EXPLORER就被中止了，能帮忙解决下吗
ihaesaes 初生襁褓狮帖子:14 注册: 2007-02-11 来自:

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT