HELP.............. - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛 HELP..............

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

HELP..............

cangyi 初生襁褓狮帖子:8 注册: 2006-11-26 来自:	发表于： 2006-11-26 19:23 \| 显示全部短消息资料字号：小中大 1楼 HELP.............. 电脑中了流氓软件 ,我也不知道什么名字卡卡找不到, 桌面上有4个联接,一个免费成人电影,一个成人视频聊天,一个免费获QQ币,一个免费点歌送朋友. 这四个网页删除以后,过一段时间就自己又出现了, 并且收藏夹也自动生成一些这类的东西, 每阁一段时间自动打开网页,,,,,, 卡卡找不到.. 杀毒也没用....... 我对瑞星失望了......... 2006-11-26 20:23:04
cangyi 初生襁褓狮帖子:8 注册: 2006-11-26 来自:	分享到：

cangyi 初生襁褓狮帖子:8 注册: 2006-11-26 来自:	发表于： 2006-11-26 19:27 \| 显示全部短消息资料字号：小中大 2楼用了东方卫士也用了都不管用... 什么都查不到啊... 郁闷
cangyi 初生襁褓狮帖子:8 注册: 2006-11-26 来自:

cangyi 初生襁褓狮帖子:8 注册: 2006-11-26 来自:	发表于： 2006-11-26 20:03 \| 显示全部短消息资料字号：小中大 3楼进程名称路径数值名称数值数据操作日期操作方式操作结果 C:\Program Files\Internet Explorer\iexplore.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Start Page http://www.hao123.com/sendmail.php 2006-10-09 09:17 修改同意修改 C:\WINDOWS\Explorer.EXE HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Start Page www.8xdy.com/xin.htm 2006-10-09 09:18 修改同意修改 C:\DOCUME~1\user\LOCALS~1\Temp\svchost.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN csrss C:\WINDOWS\csrss.exe 2006-10-14 20:45 修改同意修改 C:\WINDOWS\csrss.exe HKEY_CURRENT_USER\SOFTWARE\POLICIES\MICROSOFT\INTERNET EXPLORER\CONTROL PANEL HomePage 2006-10-14 20:45 修改同意修改 C:\WINDOWS\csrss.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Start Page http://www.zh3g.com 2006-10-17 20:10 修改同意修改 C:\WINDOWS\csrss.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Start Page http://www.zh3g.com 2006-10-18 21:04 修改同意修改 C:\WINDOWS\csrss.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Start Page http://www.zh3g.com 2006-10-19 20:28 修改同意修改 C:\WINDOWS\csrss.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Start Page http://www.zh3g.com 2006-10-21 20:22 修改同意修改 C:\Documents and Settings\All Users\Templates\temp.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN System C:\Program Files\Common Files\System\Update.exe 2006-11-03 20:56 修改同意修改 C:\WINDOWS\system32\kb20060926a.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Start Page http://www.kzdh.com/ 2006-11-03 20:57 修改同意修改 C:\WINDOWS\csrss.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Start Page http://mmdy.23liao.com/lian.htm 2006-11-23 21:57 修改拒绝修改 C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN csrss 2006-11-23 21:59 删除同意修改 C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN MSConfig C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe 2006-11-23 21:59 修改同意修改 C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN KernelFaultCheck 2006-11-23 22:03 删除同意修改 C:\WINDOWS\regedit.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN MSConfig 2006-11-23 22:05 删除同意修改 C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN MSConfig C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe 2006-11-23 22:05 修改同意修改 C:\WINDOWS\system32\rundll32.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Start Page about:blank 2006-11-23 22:11 修改同意修改 C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN MSConfig 2006-11-23 22:24 删除同意修改 C:\WINDOWS\regedit.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Start Page about:blank 2006-11-23 22:27 修改同意修改 E:\dfvsx_v3.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN dfvsx "C:\Program Files\DFVSX\DFVSX.exe" -Min 2006-11-23 22:37 修改同意修改 C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN dfvsx 2006-11-23 22:55 删除同意修改 C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN MSConfig C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe 2006-11-23 22:55 修改同意修改 D:\Program Files\Super Rabbit\MagicSet\SRCK.EXE HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE KKDelay ; C:\Program Files\Rising\AntiSpyware\RunOnce.exe 2006-11-23 23:58 修改同意修改 C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN MSConfig 2006-11-24 07:04 删除同意修改 C:\WINDOWS\system32\rundll32.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Start Page about:blank 2006-11-24 07:59 修改同意修改 C:\WINDOWS\system32\rundll32.exe HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN Start Page about:blank 2006-11-26 09:17 修改同意修改
cangyi 初生襁褓狮帖子:8 注册: 2006-11-26 来自:

cangyi 初生襁褓狮帖子:8 注册: 2006-11-26 来自:	发表于： 2006-11-26 20:12 \| 显示全部短消息资料字号：小中大 4楼注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] (ctfmon.exe)(C:\WINDOWS\system32\ctfmon.exe) [(Verified)Microsoft Corporation] [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] (load)() [N/A] (run)() [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] (RavTask)("D:\Program Files\Rising\Rav\RavTask.exe" -system) [Beijing Rising Technology Co., Ltd.] (csrss)(; C:\WINDOWS\csrss.exe) [Microsoft Corporation] (dfvsx)(; "C:\Program Files\DFVSX\DFVSX.exe" -Min) [N/A] (helper.dll)(; C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32) [N/A] (HotKeysCmds)(; C:\WINDOWS\system32\hkcmd.exe) [(Verified)Intel Corporation] (IgfxTray)(; C:\WINDOWS\system32\igfxtray.exe) [(Verified)Intel Corporation] (KernelFaultCheck)(; %systemroot%\system32\dumprep 0 -k) [N/A] (MINI_BFYY)(; ) [N/A] (NeroFilterCheck)(; C:\WINDOWS\system32\NeroCheck.exe) [Ahead Software Gmbh] (SoundMan)(; SOUNDMAN.EXE) [Realtek Semiconductor Corp.] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] (shell)(EXPLORER.EXE) [(Verified)Microsoft Corporation] (Userinit)(C:\WINDOWS\system32\userinit.exe,) [(Verified)Microsoft Corporation] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] (AppInit_DLLs)() [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] ({32CD708B-60A7-4C00-9377-D73EAA495F0F})(C:\WINDOWS\system32\RavExt.dll) [Beijing Rising Technology Co., Ltd.]
cangyi 初生襁褓狮帖子:8 注册: 2006-11-26 来自:

cangyi 初生襁褓狮帖子:8 注册: 2006-11-26 来自:	发表于： 2006-11-26 20:13 \| 显示全部短消息资料字号：小中大 5楼启动文件夹 N/A -------------------------------------------------------------------------------- 服务 [Indexing Manager / AtHome] (C:\WINDOWS\System32\svchost.exe -k netsvcs--)C:\WINDOWS\system32\dnbotb52.dll)(N/A) [CAC03559 / CAC03559] (C:\WINDOWS\system32\CAC03559.EXE -service)(Microsoft Corporation) [Human Interface Device Access / HidServ] (C:\WINDOWS\System32\svchost.exe -k netsvcs--)%SystemRoot%\System32\hidserv.dll)(N/A) [Rising Process Communication Center / RsCCenter] ("D:\Program Files\Rising\Rav\CCenter.exe")(Beijing Rising Technology Co., Ltd.) [Rising RealTime Monitor / RsRavMon] ("D:\Program Files\Rising\Rav\Ravmond.exe")(Beijing Rising Technology Co., Ltd.) [System Event Logger / SDTSTA] (C:\WINDOWS\SYSTEM32\RUNDLLFROMWIN2000.EXE C:\WINDOWS\SYSTEM32\WBEM\XUOBYH23.DLL,Export 1087)(N/A) -------------------------------------------------------------------------------- 驱动程序 [AhnFlt2K / AhnFlt2K] (\??\C:\WINDOWS\system32\drivers\AhnFlt2K.sys)(Ahnlab, Inc.) [AhnRec2K / AhnRec2K] (\??\C:\WINDOWS\system32\drivers\AhnRec2K.sys)(Ahnlab, Inc.) [Service for Realtek AC97 Audio (WDM) / ALCXWDM] (system32\drivers\ALCXWDM.SYS)(Realtek Semiconductor Corp.) [AliIde / AliIde] (\SystemRoot\System32\DRIVERS\aliide.sys)(N/A) [BaseTDI / BaseTDI] (\??\C:\WINDOWS\system32\drivers\basetdi.sys)(Beijing Rising Technology Co., Ltd.) [CmdIde / CmdIde] (\SystemRoot\System32\DRIVERS\cmdide.sys)(CMD Technology, Inc.) [ExpScaner / ExpScaner] (\??\D:\Program Files\Rising\Rav\ExpScan.sys)() [HookCont / HookCont] (\??\D:\Program Files\Rising\Rav\HOOKCONT.sys)(Rising tech Co. ltd) [HookReg / HookReg] (\??\D:\Program Files\Rising\Rav\HookReg.sys)() [HookSys / HookSys] (\??\D:\Program Files\Rising\Rav\HookSys.sys)(Rising) [ialm / ialm] (system32\DRIVERS\ialmnt5.sys)(Intel Corporation) [MegaIDE / MegaIDE] (\SystemRoot\System32\DRIVERS\MegaIDE.sys)(LSI Logic Corporation.) [MEMSCAN / MEMSCAN] (\??\D:\Program Files\Rising\Rav\MEMSCAN.sys)(瑞星软件有限公司) [msqmx / msqmx] (\??\C:\WINDOWS\system32\drivers\msqmx.sys)(Microsoft Corporation) [npkcrypt / npkcrypt] (\??\C:\Program Files\Tencent\qq\npkcrypt.sys)(N/A) [nv / nv] (system32\DRIVERS\nv4_mini.sys)(NVIDIA Corporation) [Direct Parallel Link Driver / Ptilink] (system32\DRIVERS\ptilink.sys)(Parallel Technologies, Inc.) [RsAntiSpyware / RsAntiSpyware] (\SystemRoot\system32\drivers\RsBoot.sys)(Beijing Rising) [RSPPSYS / RSPPSYS] (\??\D:\PROGRAM FILES\RISING\RAV\RSPPSYS.sys)(Rising) [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139] (system32\DRIVERS\RTL8139.SYS)(Realtek Semiconductor Corporation) [Secdrv / Secdrv] (system32\DRIVERS\secdrv.sys)(N/A) [TCP/IP Protocol Driver / Tcpip] (system32\DRIVERS\tcpip.sys)(Microsoft Corporation) [v3engine / v3engine] (\??\C:\WINDOWS\system32\drivers\v3engine.sys)(AhnLab, Inc.) [V3Flt2K / V3Flt2K] (\??\C:\Program Files\DFVSX\V3Flt2K.sys)(Ahnlab, Inc.) [ViaIde / ViaIde] (\SystemRoot\system32\DRIVERS\viaide.sys)(Microsoft Corporation)
cangyi 初生襁褓狮帖子:8 注册: 2006-11-26 来自:

cangyi 初生襁褓狮帖子:8 注册: 2006-11-26 来自:	发表于： 2006-11-26 20:14 \| 显示全部短消息资料字号：小中大 6楼浏览器加载项 [卡卡上网安全助手] {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} (C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.) [Windows Media Player] {22D6F312-B0F6-11D0-94AB-0080C74C7E95} (C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation) [HTML Document] {25336920-03F9-11CF-8FD0-00AA00686F13} (%SystemRoot%\system32\mshtml.dll, N/A) [DHTML Edit Control Safe for Scripting for IE5] {2D360201-FFF5-11D1-8D03-00A0C959BC0A} (C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation) [XML Document] {48123BC4-99D9-11D1-A6B3-00C04FD91555} (%SystemRoot%\system32\msxml3.dll, N/A) [Windows Media Player] {6BF52A52-394A-11D3-B153-00C04F79FAA6} (C:\WINDOWS\system32\wmp.dll, Microsoft Corporation) [WebVGPlayer Class] {AA899B43-24BD-4B6B-BBD0-45557D8D11E0} (C:\PROGRA~1\VIEWGOOD\WEBPLA~1\VGPlayer.dll, ) [Microsoft Scriptlet Component] {AE24FDAE-03C6-11D1-8B76-0080C744F389} (C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation) [卡卡上网安全助手] {AFF6E516-CBE5-4F8A-9C2F-38A68013E766} (C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.) [SearchAssistantOC] {B45FF030-4447-11D2-85DE-00C04FA35C89} (%SystemRoot%\system32\shdocvw.dll, N/A) [RDS.DataSpace] {BD96C556-65A3-11D0-983A-00C04FC29E36} (C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation) [AUDIO__X_MS_WMA Moniker Class] {CD3AFA84-B84F-48F0-9393-7EDC34128127} (C:\WINDOWS\system32\wmp.dll, Microsoft Corporation) [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} (C:\WINDOWS\system32\macromed\flash\Flash.ocx, Macromedia, Inc.) [OfficeObj Class] {D2BD7935-05FC-11D2-9059-00C04FD7A1BD} (, N/A) [卡卡上网安全助手] {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} (C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.) [用比特精灵下载(&B)] (C:\Program Files\BitSpirit\bsurl.htm, N/A)
cangyi 初生襁褓狮帖子:8 注册: 2006-11-26 来自:

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT