瑞星卡卡安全论坛技术交流区系统软件 寿宁老师:发现EnvSec键盘木马与Fe7zf.exe的关联

1234567   2  /  7  页   跳转

寿宁老师:发现EnvSec键盘木马与Fe7zf.exe的关联

你电脑里东西不少。。。
gototop
 

雅虎助手怎么还有。。。。
gototop
 

美眉把超级解霸换成暴风影音吧,不错的
gototop
 

引用:
【C++果冻的贴子】美眉把超级解霸换成暴风影音吧,不错的
...........................

没看出来,PF,这都看的出来
gototop
 

拜托,先帮我解决病毒再谈上网享受的事情吧,朋友!
gototop
 

引用:
【叶子弟弟的贴子】
没看出来,PF,这都看的出来
...........................

呵呵……你的好了没有?……
gototop
 

美眉你怎么那么多018项啊,好多的动态连接库文件啊,有问题
gototop
 

引用:
【C++果冻的贴子】
呵呵……你的好了没有?……
...........................

快好了
gototop
 

引用:
【C++果冻的贴子】美眉你怎么那么多018项啊,好多的动态连接库文件啊,有问题
...........................

是啊,我看了后都吃了一惊,是有大问题。
gototop
 

给你看一下偶的日志哈……
-----------------------
Logfile of HijackThis v1.99.1
Scan saved at 21:54:42, on 2005-11-13
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Soft4Ever\looknstop\LnSSvc.exe
C:\Program Files\Soft4Ever\looknstop\looknstop.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ProcessGuard\dcsuserprot.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\ProcessGuard\pgaccount.exe
C:\WINDOWS\system32\CTFMON.EXE
C:\Program Files\ProcessGuard\procguard.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\系统安全\HijackThis1.991\HijackThis.exe

O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize
O4 - HKLM\..\Run: [!1_pgaccount] "C:\Program Files\ProcessGuard\pgaccount.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [!1_ProcessGuard_Startup] "C:\Program Files\ProcessGuard\procguard.exe" -minimize
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1129867573814
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1130316396953
O17 - HKLM\System\CCS\Services\Tcpip\..\{}: NameServer =
O17 - HKLM\System\CS1\Services\Tcpip\..\{}: NameServer =
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: DiamondCS Process Guard Service v3.000 (DCSPGSRV) - DiamondCS - C:\Program Files\ProcessGuard\dcsuserprot.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe
O23 - Service: Look 'n' Stop Service (LnSSvc) - Soft4Ever - C:\Program Files\Soft4Ever\looknstop\LnSSvc.exe

gototop
 
1234567   2  /  7  页   跳转
页面顶部
Powered by Discuz!NT