【求助】高手进，有日志 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛【求助】高手进，有日志

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

【求助】高手进，有日志

dwb938 初生襁褓狮帖子:6 注册: 2006-05-13 来自:	发表于： 2006-10-07 13:57 \| 只看楼主短消息资料字号：小中大 1楼【求助】高手进，有日志前几天电脑中了木马，用卡巴6。0杀了，可是系统不稳定，开QQ影院有时电脑会重启。 Logfile of HijackThis v1.99.1 Scan saved at 13:41:04, on 2006-10-7 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\spoolsv.exe D:\WINDOWS\Explorer.EXE D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe D:\WINDOWS\system32\ctfmon.exe H:\Program Files\上海征途网络科技有限公司\征途\data\zhengtu.dat D:\WINDOWS\system32\wuauclt.exe D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe D:\WINDOWS\system32\rundll32.exe J:\Program Files\foobar2000\foobar2000.exe D:\Program Files\Opera\Opera.exe R:\HijackThis.exe O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - D:\Program Files\Tencent\QQ\QQIEHelper.dll O2 - BHO: (no name) - {A9930D97-9CF0-42A0-A10D-4F28836579D5} - J:\PROGRA~1\KuGoo3\KUGOO3~1.OCX O4 - HKLM\..\Run: [IMJPMIG8.1] "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [kis] "D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\Program Files\Tencent\QQ\AddToNetDisk.htm O8 - Extra context menu item: 使用KuGoo3下载(&K) - J:\Program Files\KuGoo3\KuGoo3DownX.htm O8 - Extra context menu item: 添加到QQ自定义面板 - D:\Program Files\Tencent\QQ\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - D:\Program Files\Tencent\QQ\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\Program Files\Tencent\QQ\SendMMS.htm O9 - Extra button: Web反病毒保护 - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Program Files\Tencent\QQ\QQ.EXE O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Program Files\Tencent\QQ\QQ.EXE O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\Program Files\Tencent\QQ\QQIEHelper.dll O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\Program Files\Tencent\QQ\QQIEHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O20 - AppInit_DLLs: D:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll O20 - Winlogon Notify: klogon - D:\WINDOWS\system32\klogon.dll O23 - Service: 卡巴斯基互联网安全套装 6.0 (AVP) - Unknown owner - D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing) 2006-10-07 14:10:14
dwb938 初生襁褓狮帖子:6 注册: 2006-05-13 来自:	分享到：

dwb938 初生襁褓狮帖子:6 注册: 2006-05-13 来自:	发表于： 2006-10-07 14:18 \| 只看楼主短消息资料字号：小中大 2楼 Process list saved on 14:07:21, on 2006-10-7 Platform: Windows XP SP2 (WinNT 5.01.2600) [pid][full path to filename][file version][company name] 484D:\WINDOWS\System32\smss.exe5.1.2600.2180Microsoft Corporation 596D:\WINDOWS\system32\winlogon.exe5.1.2600.2180Microsoft Corporation 640D:\WINDOWS\system32\services.exe5.1.2600.2180Microsoft Corporation 660D:\WINDOWS\system32\lsass.exe5.1.2600.2180Microsoft Corporation 820D:\WINDOWS\system32\svchost.exe5.1.2600.2180Microsoft Corporation 932D:\WINDOWS\System32\svchost.exe5.1.2600.2180Microsoft Corporation 1380D:\WINDOWS\system32\spoolsv.exe5.1.2600.2696Microsoft Corporation 1400D:\WINDOWS\Explorer.EXE6.0.2900.2180Microsoft Corporation 1648D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe6.0.0.299Kaspersky Lab 1676D:\WINDOWS\system32\ctfmon.exe5.1.2600.2180Microsoft Corporation 2388H:\Program Files\上海征途网络科技有限公司\征途\data\zhengtu.dat1.0.0.1041上海征途网络科技有限公司 3172D:\WINDOWS\system32\wuauclt.exe5.8.0.2469Microsoft Corporation 196D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe6.0.0.299Kaspersky Lab 2156D:\WINDOWS\system32\rundll32.exe5.1.2600.2180Microsoft Corporation 1608J:\Program Files\foobar2000\foobar2000.exe0.9.0.0 288D:\Program Files\Opera\Opera.exe9.2.8585.0Opera Software 1964R:\HijackThis.exe1.99.0.1Soeperman Enterprises Ltd. DLLs loaded by process D:\WINDOWS\Explorer.EXE: [full path to filename][file version][company name] D:\WINDOWS\system32\ntdll.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\kernel32.dll5.1.2600.2945Microsoft Corporation D:\WINDOWS\system32\msvcrt.dll7.0.2600.2180Microsoft Corporation D:\WINDOWS\system32\ADVAPI32.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\RPCRT4.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\GDI32.dll5.1.2600.2818Microsoft Corporation D:\WINDOWS\system32\USER32.dll5.1.2600.2622Microsoft Corporation D:\WINDOWS\system32\SHLWAPI.dll6.0.2900.2937Microsoft Corporation D:\WINDOWS\system32\SHELL32.dll6.0.2900.2951Microsoft Corporation D:\WINDOWS\system32\ole32.dll5.1.2600.2726Microsoft Corporation D:\WINDOWS\system32\OLEAUT32.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\BROWSEUI.dll6.0.2900.2937Microsoft Corporation D:\WINDOWS\system32\SHDOCVW.dll6.0.2900.2937Microsoft Corporation D:\WINDOWS\system32\CRYPT32.dll5.131.2600.2180Microsoft Corporation D:\WINDOWS\system32\MSASN1.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\CRYPTUI.dll5.131.2600.2180Microsoft Corporation D:\WINDOWS\system32\WINTRUST.dll5.131.2600.2180Microsoft Corporation D:\WINDOWS\system32\IMAGEHLP.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\NETAPI32.dll5.1.2600.2952Microsoft Corporation D:\WINDOWS\system32\WININET.dll6.0.2900.2937Microsoft Corporation D:\WINDOWS\system32\WLDAP32.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\VERSION.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\UxTheme.dll6.0.2900.2180Microsoft Corporation D:\WINDOWS\system32\ShimEng.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\AppPatch\AcGenral.DLL5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\WINMM.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\MSACM32.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\USERENV.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\IMM32.DLL5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\LPK.DLL5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\USP10.dll1.420.2600.2180Microsoft Corporation D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll6.0.2900.2180Microsoft Corporation D:\WINDOWS\system32\comctl32.dll5.82.2900.2180Microsoft Corporation D:\WINDOWS\system32\msctfime.ime5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\appHelp.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\CLBCATQ.DLL2001.12.4414.308Microsoft Corporation D:\WINDOWS\system32\COMRes.dll2001.12.4414.258Microsoft Corporation D:\WINDOWS\System32\cscui.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\System32\CSCDLL.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\themeui.dll6.0.2900.2180Microsoft Corporation D:\WINDOWS\system32\Secur32.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\MSIMG32.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\xpsp2res.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\msutb.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\MSCTF.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\SAMLIB.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\SETUPAPI.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\urlmon.dll6.0.2900.2960Microsoft Corporation D:\WINDOWS\system32\NETSHELL.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\rtutils.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\credui.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\WS2_32.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\WS2HELP.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\ATL.DLL3.5.2284.0Microsoft Corporation D:\WINDOWS\system32\iphlpapi.dll5.1.2600.2912Microsoft Corporation D:\WINDOWS\system32\LINKINFO.dll5.1.2600.2751Microsoft Corporation D:\WINDOWS\system32\ntshrui.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\WINSTA.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\webcheck.dll6.0.2900.2180Microsoft Corporation D:\WINDOWS\system32\WSOCK32.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\stobject.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\BatMeter.dll6.0.2900.2180Microsoft Corporation D:\WINDOWS\system32\POWRPROF.dll6.0.2900.2180Microsoft Corporation D:\WINDOWS\system32\WTSAPI32.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\wdmaud.drv5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\msacm32.drv5.1.2600.0Microsoft Corporation D:\WINDOWS\system32\midimap.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\rsaenh.dll5.1.2600.2161Microsoft Corporation D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\shellex.dll6.0.0.299Kaspersky Lab D:\WINDOWS\system32\MSVCP60.dll6.2.3104.0Microsoft Corporation D:\WINDOWS\system32\xpsp1res.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\SXS.DLL5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\browselc.dll6.0.2900.2180Microsoft Corporation D:\WINDOWS\system32\DUSER.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\MPR.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\System32\drprov.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\System32\ntlanman.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\System32\NETUI0.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\System32\NETUI1.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\System32\NETRAP.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\System32\davclnt.dll5.1.2600.2180Microsoft Corporation D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\pr_remote.dll6.0.0.299Kaspersky Lab D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\prloader.dll6.0.0.299Kaspersky Lab D:\WINDOWS\system32\shdoclc.dll6.0.2900.2180Microsoft Corporation D:\WINDOWS\system32\MLANG.dll6.0.2900.2530Microsoft Corporation D:\Program Files\Media Player Classic\Codecs\mmfinfo.dll D:\Program Files\Media Player Classic\Codecs\mkunicode.dll D:\WINDOWS\system32\MSGINA.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\ODBC32.dll3.525.1117.0Microsoft Corporation D:\WINDOWS\system32\comdlg32.dll6.0.2900.2180Microsoft Corporation D:\WINDOWS\system32\odbcint.dll3.525.1117.0Microsoft Corporation D:\WINDOWS\system32\mydocs.dll6.0.2900.2180Microsoft Corporation D:\WINDOWS\system32\NTMARTA.DLL5.1.2600.2180Microsoft Corporation J:\PROGRA~1\KuGoo3\KUGOO3~1.OCX D:\WINDOWS\system32\olepro32.dll5.1.2600.2180Microsoft Corporation D:\WINDOWS\system32\zipfldr.dll6.0.2900.2180Microsoft Corporation
dwb938 初生襁褓狮帖子:6 注册: 2006-05-13 来自:

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT