瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 【求助】请帮忙看看我的扫描日志

1   1  /  1  页   跳转

【求助】请帮忙看看我的扫描日志

收藏
雪花静静地飘
头像
初生襁褓狮
  • 帖子:2
  • 注册: 2006-09-09
  • 来自:
发表于: 2006-09-09 20:06 | 只看楼主 短消息 资料
字号: 1楼

【求助】请帮忙看看我的扫描日志

Logfile of Kaka v2. 0. 0. 9 Scan Module v2. 0. 0. 1
Scan saved at 19:53:57, on 2006-09-09
Platform: Microsoft Windows XP Professional Service Pack 2 (Build 2600)
MSIE: Internet Explorer v6.00 SP2; (6.00.2900.2180 (xpsp_sp2_rtm.040803-2158))


Running processes:
[smss.exe]
CommandLine =

[csrss.exe]
CommandLine = C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

[winlogon.exe]
CommandLine = winlogon.exe

[services.exe]
CommandLine = C:\WINDOWS\system32\services.exe

[lsass.exe]
CommandLine = C:\WINDOWS\system32\lsass.exe

[ati2evxx.exe]
CommandLine = C:\WINDOWS\system32\Ati2evxx.exe

[svchost.exe]
CommandLine = C:\WINDOWS\system32\svchost -k DcomLaunch

[svchost.exe]
CommandLine = C:\WINDOWS\system32\svchost -k rpcss

[CCenter.exe]
CommandLine = "C:\Program Files\Rising\Rav\CCenter.exe"

[svchost.exe]
CommandLine = C:\WINDOWS\System32\svchost.exe -k netsvcs

[svchost.exe]
CommandLine = C:\WINDOWS\system32\svchost.exe -k NetworkService

[svchost.exe]
CommandLine = C:\WINDOWS\system32\svchost.exe -k LocalService

[RavMonD.exe]
CommandLine = "C:\Program Files\Rising\Rav\Ravmond.exe"

[ati2evxx.exe]
CommandLine = Ati2evxx.exe -Client

[explorer.exe]
CommandLine = C:\WINDOWS\Explorer.EXE

[rfwsrv.exe]
CommandLine = "c:\program files\rising\rfw\rfwsrv.exe"

[rundll32.exe]
CommandLine = Rundll32.exe C:\WINDOWS\downlo~1\CnsMin.dll,Rundll32

[RavStub.exe]
CommandLine = "C:\Program Files\Rising\Rav\RavStub.exe" /RAVMOND

[rfwmain.exe]
CommandLine =  -StartUp

[rundll32.exe]
CommandLine = C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\MMSASS~1\MMSSVER.DLL,Service

[svchost.exe]
CommandLine = C:\WINDOWS\system32\svchost.exe -k imgsvc

[wincup.exe]
CommandLine = C:\WINDOWS\wincup\wincup.exe -R

[alg.exe]
CommandLine = C:\WINDOWS\System32\alg.exe

[RavTask.exe]
CommandLine = "C:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE" -SYSTEM

[RavMon.exe]
CommandLine = "C:\Program Files\Rising\Rav\Ravmon.exe" -SYSTEM

[rundll32.exe]
CommandLine = "C:\WINDOWS\system32\Rundll32.exe"  "C:\PROGRA~1\HBClient\tbhelper.dll",WaitWindows

[daemon.exe]
CommandLine = "C:\Program Files\D-Tools\daemon.exe"  -lang 1033

[ctfmon.exe]
CommandLine = "C:\WINDOWS\system32\ctfmon.exe"

[VnetClient.exe]
CommandLine = "C:\Program Files\ChinaNet\VnetClient.exe"

[QQ.exe]
CommandLine = "C:\Program Files\Tencent\QQ\QQ.exe"

[TIMPlatform.exe]
CommandLine = "C:\Program Files\Tencent\QQ\TIMPlatform.exe" -Embedding

[QQ.exe]
CommandLine = "C:\Program Files\Tencent\QQ\QQ.exe"

[RsAgent.exe]
CommandLine = "C:\Program Files\Rising\Rav\RsAgent.exe"

[agentsvr.exe]
CommandLine = C:\WINDOWS\msagent\AgentSvr.exe -Embedding

[KkScan.exe]
CommandLine = "C:\Program Files\Rising\KakaToolBar\KkScan.exe"

[IEXPLORE.EXE]
CommandLine = "C:\Program Files\Internet Explorer\iexplore.exe"  -nohome

R3 - URLSearchHook: (no name) - {BB936323-19FA-4521-BA29-ECA6A121BC78} - (no file)
O2 - BHO:  (file missing)
O2 - BHO: WebThunder Browser Helper - {00000AAA-A363-466E-BEF5-9BB68697AA7F} - C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_011.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO:  (file missing)
O2 - BHO:  (file missing)
O2 - BHO: FltSetUp Class - {1D49D58D-5C84-4B50-8359-D9809BEB2B32} - C:\Program Files\Internet Explorer\Connection Wizard\icwuti1.dll
O2 - BHO: VnetCookie Class - {4E83D567-4697-4F7B-B1F0-A513B01DB89A} - c:\PROGRA~1\chinanet\VNETTR~1.DLL
O2 - BHO: QQBrowserHelperObject Class - {54EBD53A-9BC1-480B-966A-843A333CA162} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O2 - BHO:  (file missing)
O2 - BHO:  (file missing)
O2 - BHO: DragSearch BHO - {62EED7C6-9F02-42f9-B634-98E2899E147B} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL (file missing)
O2 - BHO:  (file missing)
O2 - BHO: ActiveBHO Class - {63C55A7F-6E29-8D4F-5C76-4F850F28D13A} - C:\Progra~1\DoDoorRSSFinder\ActiveBandObject.dll
O2 - BHO:  (file missing)
O2 - BHO: Vision - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\mmsass~1.dll
O2 - BHO:  (file missing)
O2 - BHO: Helper Class - {6E28339B-7A2A-47B6-AEB2-197004272379} - C:\WINDOWS\vchelper.dll
O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\Program Files\BaiDu\bar\BaiduBar.dll
O2 - BHO: Thunder Browser Helper - {889D2FEB-5411-4565-8998-1DD2C5261283} - D:\XUNLEI\ComDlls\XunLeiBHO_002.dll
最后编辑2006-09-09 20:05:23
分享到:
gototop
 
秋日里的蓝天
头像
卡卡技术团队
  • 帖子:7349
  • 注册: 2004-09-30
  • 来自:
发表于: 2006-09-09 20:13 | 短消息 资料
字号: 2楼

运行Hijackthis,把下面的选中打上钩,修复
R3 - URLSearchHook: (no name) - {BB936323-19FA-4521-BA29-ECA6A121BC78} - (no file)
O2 - BHO: (file missing)
O2 - BHO: WebThunder Browser Helper - {00000AAA-A363-466E-BEF5-9BB68697AA7F} - C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_011.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (file missing)
O2 - BHO: (file missing)
O2 - BHO: FltSetUp Class - {1D49D58D-5C84-4B50-8359-D9809BEB2B32} - C:\Program Files\Internet Explorer\Connection Wizard\icwuti1.dll
O2 - BHO: VnetCookie Class - {4E83D567-4697-4F7B-B1F0-A513B01DB89A} - c:\PROGRA~1\chinanet\VNETTR~1.DLL
O2 - BHO: QQBrowserHelperObject Class - {54EBD53A-9BC1-480B-966A-843A333CA162} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O2 - BHO: (file missing)
O2 - BHO: (file missing)
O2 - BHO: DragSearch BHO - {62EED7C6-9F02-42f9-B634-98E2899E147B} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL (file missing)
O2 - BHO: (file missing)
O2 - BHO: ActiveBHO Class - {63C55A7F-6E29-8D4F-5C76-4F850F28D13A} - C:\Progra~1\DoDoorRSSFinder\ActiveBandObject.dll
O2 - BHO: (file missing)
O2 - BHO: Vision - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\mmsass~1.dll
O2 - BHO: (file missing)
O2 - BHO: Helper Class - {6E28339B-7A2A-47B6-AEB2-197004272379} - C:\WINDOWS\vchelper.dll
O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\Program Files\BaiDu\bar\BaiduBar.dll
O2 - BHO: Thunder Browser Helper - {889D2FEB-5411-4565-8998-1DD2C5261283} - D:\XUNLEI\ComDlls\XunLeiBHO_002.dll


O2 - BHO: Vision - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\mmsass~1.dll
进入控制面版的添加删除程序中卸载,MMSASS~1彩信
关闭所有浏览窗口以及一些不必要的程序
运行Hijackthis,把下面的选中打上钩,修复
C:\PROGRA~1\MMSASS~1\mmsass~1.dll

重启后删除
C:\PROGRA~1\MMSASS~1
如果还是解决不了
下载超级兔子。
http://www.pctutu.com/srmsdown.asp
安装好后,打开“超级兔子清理王”“专业卸载,卸载所有提示的垃圾软件,
卸载是不要打开任何浏览窗口。卸载不了可以重启后再去卸载。
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT