在线等,请帮我分析下HIJACKTHIS日志,看看有没中毒..谢谢! - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛在线等,请帮我分析下HIJACKTHIS日志,看看有没中毒..谢谢!

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

在线等,请帮我分析下HIJACKTHIS日志,看看有没中毒..谢谢!

HiJackThiSPro 初生襁褓狮帖子:4 注册: 2008-05-11 来自:	发表于： 2008-05-11 19:58 \| 只看楼主短消息资料字号：小中大 1楼在线等,请帮我分析下HIJACKTHIS日志,看看有没中毒..谢谢! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:57:19, on 2008-5-11 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe d:\Rising\Rav\CCenter.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe D:\RISING\RAV\ravmond.exe d:\Rising\Rfw\rfwsrv.exe d:\Rising\Rfw\rfwProxy.exe d:\Rising\Rfw\rfwstub.exe C:\WINDOWS\Explorer.EXE D:\RISING\RAV\RavStub.exe d:\Rising\Rfw\RfwMain.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SOUNDMAN.EXE F:\Rising\AntiSpyware\runiep.exe F:\360safe\safemon\360Tray.exe D:\Rising\Rav\RavTask.exe C:\WINDOWS\system32\ctfmon.exe D:\Rising\Rav\Ravmon.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wuauclt.exe F:\Tencent\QQ\QQ.exe D:\Maxthon2\Maxthon.exe C:\WINDOWS\system32\conime.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe D:\Rising\Rav\RsAgent.exe C:\WINDOWS\msagent\AgentSvr.exe C:\WINDOWS\system32\wbem\wmiprvse.exe F:\安装程序\HiJackThis_v2\HiJackThis_v2\HijackThis.exe O2 - BHO: QQToolbar - {29CF293A-1E7D-4069-9E11-E39698D0AF95} - C:\Program Files\Tencent\QQToolbar\IEBar.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\BitComet\tools\BitCometBHO_1.2.2.28.dll O2 - BHO: Kingsoft Trojan Webshield - {4E8A5278-C04E-4FE3-BF78-8A7CCD6EF333} - D:\Kingsoft Antispy\IEBuddy.DLL O2 - BHO: SafeMon Class - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} - F:\360safe\safemon\safemon.dll O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\KakaTool.dll O3 - Toolbar: QQToolbar - {29CF293A-1E7D-4069-9E11-E39698D0AF95} - C:\Program Files\Tencent\QQToolbar\IEBar.dll O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [runeip] "f:\Rising\AntiSpyware\runiep.exe" /startup O4 - HKLM\..\Run: [360Safetray] F:\360safe\safemon\360Tray.exe /start O4 - HKLM\..\Run: [RfwMain] "d:\Rising\Rfw\rfwmain.exe" -Startup O4 - HKLM\..\Run: [RavTask] "d:\Rising\Rav\RavTask.exe" -system O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] ctfmon.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] ctfmon.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] ctfmon.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] ctfmon.exe (User 'Default user') O8 - Extra context menu item: &使用BitComet下载 - res://D:\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &使用BitComet下载全部链接 - res://D:\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: &使用BitComet下载本页视频 - res://D:\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &使用迅雷下载 - d:\Thunder Network\Thunder\Program\GetUrl.htm O8 - Extra context menu item: &使用迅雷下载全部链接 - d:\Thunder Network\Thunder\Program\GetAllUrl.htm O8 - Extra context menu item: 使用iTudou下载节目 - D:\iTudou\iTudou_Link.HTM O8 - Extra context menu item: 添加到QQ表情 - f:\Tencent\QQ\AddEmotion.htm O9 - Extra button: 金山网页防挂马模块设置 - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} - D:\Kingsoft Antispy\IEBuddyExt.DLL O9 - Extra 'Tools' menuitem: 金山网页防挂马模块设置 - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} - D:\Kingsoft Antispy\IEBuddyExt.DLL O9 - Extra button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - D:\PPLive\PPLive.exe O9 - Extra 'Tools' menuitem: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - D:\PPLive\PPLive.exe O9 - Extra button: 上海唐人游 - {9E8A3C9F-F66D-425C-A38A-F1D9558EBD28} - d:\TangGame\唐人游.lnk (file missing) O9 - Extra 'Tools' menuitem: 上海唐人游 - {9E8A3C9F-F66D-425C-A38A-F1D9558EBD28} - d:\TangGame\唐人游.lnk (file missing) O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://D:\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing) O10 - Broken Internet access because of LSP provider 'c:\windows\system32\cdnns.dll' missing O14 - IERESET.INF: START_PAGE_URL=http://www.microsoft.com/ O16 - DPF: {05C1004E-2596-48E5-8E26-39362985EEB9} - http://p3p.sogou.com/MMCShell.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://babie-playgirl.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {52FF336D-A05D-4A14-A3A1-7B6B4B427F88} (UploadControl Control) - http://blog.163.com/bin/UploadControl.cab O16 - DPF: {61238DE1-3317-4322-89AC-AC844831380D} (GLAvatar Control) - http://dltel.ourgame.com/download/Avatar27.CAB O16 - DPF: {8686F2A6-DC01-4E8F-BDE3-DCC7DBBAD6AE} (163Uploader Control) - http://photo.163.com/163Uploader.cab O16 - DPF: {A96C48EA-AA88-4BBD-B58C-7B41146A6EAC} - http://qz-photo.qq.com/qzone_v4/QzoneMediaTools.cab O16 - DPF: {C09B522F-8AED-4E21-A65C-DC1AB652BAEE} (Tencent Safety Online Base Module) - http://safe.qq.com/cgi-bin/tso/TSOBase.ocx O17 - HKLM\System\CCS\Services\Tcpip\..\{F878D78A-6ECD-4465-8E68-ECE0864FEF49}: NameServer = 202.109.15.135 202.96.209.6 O18 - Protocol: KuGoo3 - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - F:\KuGoo3\InExtend\KuGoo3DownXControl.ocx O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod 服务 (iPod Service) - Apple Inc. - D:\iPod\bin\iPodService.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Rising Proxy Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - d:\Rising\Rfw\rfwProxy.exe O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - d:\Rising\Rfw\rfwsrv.exe O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - d:\Rising\Rav\CCenter.exe O23 - Service: Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\RISING\RAV\Ravmond.exe -- End of file - 6529 bytes 没有中毒只求大家帮我看看有没奇怪的项谢谢! 用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; MAXTHON 2.0)
HiJackThiSPro 初生襁褓狮帖子:4 注册: 2008-05-11 来自:	分享到：

HiJackThiSPro 初生襁褓狮帖子:4 注册: 2008-05-11 来自:	发表于： 2008-05-11 20:01 \| 只看楼主短消息资料字号：小中大 2楼回复：在线等,请帮我分析下HIJACKTHIS日志,看看有没中毒..谢谢!
HiJackThiSPro 初生襁褓狮帖子:4 注册: 2008-05-11 来自:

永远的黑暗拙长孩提狮帖子:169 注册: 2006-01-22 来自:昆仑琼华派	发表于： 2008-05-11 21:28 \| 短消息资料字号：小中大 3楼回复：在线等,请帮我分析下HIJACKTHIS日志,看看有没中毒..谢谢! 可以考虑用其他专业工具修复010项
永远的黑暗拙长孩提狮帖子:169 注册: 2006-01-22 来自:昆仑琼华派

HiJackThiSPro 初生襁褓狮帖子:4 注册: 2008-05-11 来自:	发表于： 2008-05-11 22:12 \| 只看楼主短消息资料字号：小中大 4楼回复：在线等,请帮我分析下HIJACKTHIS日志,看看有没中毒..谢谢! 什么软件啊
HiJackThiSPro 初生襁褓狮帖子:4 注册: 2008-05-11 来自:

HiJackThiSPro 初生襁褓狮帖子:4 注册: 2008-05-11 来自:	发表于： 2008-05-11 22:22 \| 只看楼主短消息资料字号：小中大 5楼回复：在线等,请帮我分析下HIJACKTHIS日志,看看有没中毒..谢谢! 我找到了这个软件叫LSPFIX 哈哈
HiJackThiSPro 初生襁褓狮帖子:4 注册: 2008-05-11 来自:

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT