《电子电脑》显示文章详细内容： [展开] [回复] [网址] [举报] [屏蔽]
looking_200501	我去了，我也扫了，也描了，得了这么个log，帮偶看看，下一步做什么呢？ 是用HijackThis.exe把？ Logfile of HijackThis v1.99.1 Scan saved at 23:03:13, on 2006-2-16 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINNT_2K\System32\smss.exe C:\WINNT_2K\system32\winlogon.exe C:\WINNT_2K\system32\services.exe C:\WINNT_2K\system32\lsass.exe C:\WINNT_2K\system32\svchost.exe C:\WINNT_2K\system32\spoolsv.exe C:\WINNT_2K\SYSTEM32\DNTUS26.EXE C:\WINNT_2K\system32\svchost.exe C:\WINNT_2K\system32\drivers\KodakCCS.exe D:\Program Files\Network Associates\Common Framework\FrameworkService.exe D:\Program Files\Network Associates\VirusScan\Mcshield.exe D:\Program Files\Network Associates\VirusScan\VsTskMgr.exe e:\PROGRA~1\app\pppoeservice.exe D:\KODAK\Kodak EasyShare software\bin\ptssvc.exe C:\WINNT_2K\system32\r_server.exe C:\WINNT_2K\system32\MSTask.exe C:\WINNT_2K\system32\stisvc.exe C:\WINNT_2K\System32\WBEM\WinMgmt.exe C:\WINNT_2K\system32\mspmspsv.exe C:\WINNT_2K\system32\svchost.exe C:\WINNT_2K\system32\svchost.exe C:\WINNT_2K\Explorer.EXE D:\Program Files\Network Associates\VirusScan\SHSTAT.EXE D:\Program Files\Network Associates\Common Framework\UpdaterUI.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\QuickTime\qttask.exe C:\WINNT_2K\system32\internat.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe D:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe D:\KODAK\Kodak EasyShare software\bin\EasyShare.exe C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe C:\WINNT_2K\FSScrCtl.exe C:\WINNT_2K\system32\wuauclt.exe e:\PROGRA~1\app\EnterNetFolder.Exe e:\PROGRA~1\app\EnterNet.exe C:\Program Files\MSN Apps\Updater\01.05.0000.1009\zh-cn\msnappau.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE d:\Program Files\Ad Killer\adkiller.exe D:\PROGRA~1\NetAnts\netants.exe D:\Download\IETool\HijackThis.exe O2 - BHO: QQBrowserHelperObject Class - {54EBD53A-9BC1-480B-966A-843A333CA162} - D:\Program Files\Tencent\QQ\QQIEHelper.dll O2 - BHO: NetAnts.IE.Monitor - {57E91B41-F40A-11D1-B792-444553540000} - D:\Program Files\NetAnts\AntAPI.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: AdKillerMonitor Class - {99EBA16F-C13A-40a6-A9C7-5F3EEC4E7BE6} - d:\PROGRA~1\ADKILL~1\AKServer.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\zh-cn\msntb.dll O3 - Toolbar: @msdxmLC.dll,-1@2052,电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT_2K\system32\msdxm.ocx O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\zh-cn\msntb.dll O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [ShStatEXE] "D:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE O4 - HKLM\..\Run: [McAfeeUpdaterUI] "D:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Windows Update] winupdate.exe O4 - HKLM\..\Run: [SP00LS] SP00LS.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\RunServices: [Windows Update] winupdate.exe O4 - HKLM\..\RunServices: [SP00LS] SP00LS.EXE O4 - HKCU\..\Run: [Internat.exe] internat.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [HMI PowerSystem] hmisvc32.exe O4 - Startup: Screen Saver Control.lnk = C:\WINNT_2K\FSScrCtl.exe O4 - Startup: 腾讯QQ.lnk = D:\Program Files\Tencent\QQ\QQ.exe O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Acrobat Assistant.lnk = D:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe O4 - Global Startup: 柯达 EasyShare 软件.lnk = D:\KODAK\Kodak EasyShare software\bin\EasyShare.exe O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &Download by NetAnts - D:\PROGRA~1\NetAnts\NAGet.htm O8 - Extra context menu item: Download &All by NetAnts - D:\PROGRA~1\NetAnts\NAGetAll.htm O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\Program Files\Tencent\QQ\AddToNetDisk.htm O8 - Extra context menu item: 添加到QQ自定义面板 - D:\Program Files\Tencent\QQ\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - D:\Program Files\Tencent\QQ\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\Program Files\Tencent\QQ\SendMMS.htm O9 - Extra button: TOL24 - {345ff7d8-2364-4ef7-889b-7d3c1d0bd342} - http://www.TOL24.com (file missing) O9 - Extra button: NetAnts - {57E91B47-F40A-11D1-B792-444553540000} - D:\PROGRA~1\NetAnts\NetAnts.exe O9 - Extra 'Tools' menuitem: &NetAnts - {57E91B47-F40A-11D1-B792-444553540000} - D:\PROGRA~1\NetAnts\NetAnts.exe O9 - Extra button: 卓越 - {8DE0FCD4-5EB5-11D3-AD25-00002100131B} - d:\PROGRA~1\Kingsoft\XDict\IEPlugin.dll O9 - Extra button: 金山词霸 - {C8CE29C5-7589-11D3-B81B-0080C8DC5DC8} - d:\PROGRA~1\Kingsoft\XDict\IEPlugin.dll O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT_2K\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT_2K\web\related.htm O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Program Files\Tencent\QQ\QQ.EXE O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Program Files\Tencent\QQ\QQ.EXE O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\Program Files\Tencent\QQ\QQIEHelper.dll O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\Program Files\Tencent\QQ\QQIEHelper.dll O16 - DPF: {40CFEA79-ED5B-4B2B-8B8D-B567E40AF812} (sslclient Control) - http://www.tol24.com/download/ocx/sslclientnew.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1130500628180 O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT_2K\System32\dmadmin.exe O23 - Service: DameWare NT Utilities 2.6 (DNTUS26) - DameWare Development LLC - C:\WINNT_2K\SYSTEM32\DNTUS26.EXE O23 - Service: Microsoft Control Mail Services (hostmail) - Unknown owner - c:\winnt\system32\spool\files\srunner.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINNT_2K\system32\drivers\KodakCCS.exe O23 - Service: McAfee Framework 服务 (McAfeeFramework) - Network Associates, Inc. - D:\Program Files\Network Associates\Common Framework\FrameworkService.exe O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - D:\Program Files\Network Associates\VirusScan\Mcshield.exe O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - D:\Program Files\Network Associates\VirusScan\VsTskMgr.exe O23 - Service: MS System Spooler (MSpool) - Unknown owner - C:\winnt\system32\spool\prtprocs\SystemSpool.dll (file missing) O23 - Service: PipeCmd Service (PipeCmdSrv) - Unknown owner - C:\WINNT_2K\system32\PipeCmdSrv.exe (file missing) O23 - Service: PPPoE Service (PPPoEService) - Unknown owner - e:\PROGRA~1\app\pppoeservice.exe O23 - Service: ptssvc - KODAK - D:\KODAK\Kodak EasyShare software\bin\ptssvc.exe O23 - Service: radmm - Unknown owner - C:\WINNT_2K\system32\r_server.exe O23 - Service: Trend NT Realtime Service (Tmntsrv) - Unknown owner - D:\Program Files\Trend Micro\PC-cillin 2000\Tmntsrv.exe (file missing) O23 - Service: vbhtf - Unknown owner - \\61.50.241.8\E$\btxsrv32.exe" -service (file missing)
2006-02-16 23:13:34	此文章已经被查看788次

相关文章：

[回复]  [顶端]

为啥一上网ie窗口就噼哩啪啦的一个接着一个蹦出来，关都来不及，中毒了？(空)-looking_200501 (阅读:513次 跟贴:20 2006/02/15 22:10)[跳过] 对 中毒了 装一个修复IE的工具吧(空)-jinzi (阅读:178次 2006/02/15 22:38) 还望救人救到底，什么修复工具阿？？(空)-looking_200501 (阅读:166次 2006/02/16 10:35) 去3721的网站直接就可以查杀～不过完事记住把3721的流氓软件也给杀了～(空)-泣无声 (阅读:147次 2006/02/16 11:08) 要不就下个微软 antispyware 也行(空)-jinzi (阅读:128次 2006/02/16 11:12) 好银阿(空)-looking_200501 (阅读:147次 2006/02/16 12:54) 还是去这个网站吧～呵呵～-泣无声 (36字节 阅读:186次 2006/02/16 11:12) 好银阿(空)-looking_200501 (阅读:150次 2006/02/16 12:50) 我去了，我也扫了，也描了，得了这么个log，帮偶看看，下一步做什么呢？-looking_200501 (8826字节 阅读:788次 2006/02/16 23:13) 用maxthon浏览器吧。太平洋电脑有下载。(空)-十车书主 (阅读:162次 2006/02/16 09:22) 肯定偷着上色情网站了，嘿嘿。现在很多杀毒软件都可以防这类病毒的，建议装诺顿试试。(空)-石心人 (阅读:2159次 2006/02/16 12:32) 现在这种东西到处都是(空)-jinzi (阅读:165次 2006/02/16 12:45) 坏银阿-looking_200501 (47字节 阅读:146次 2006/02/16 12:56) 安装yahoo助手（原3721助手）试一试，也许会有一定效果。(空)-blowsnow (阅读:131次 2006/02/16 12:57) 3721本身就是个大流氓软件(空)-泣无声 (阅读:182次 2006/02/16 13:40) 那就以黑制黑，以毒攻毒：）(空)-blowsnow (阅读:176次 2006/02/16 13:43) 不过流氓也可改造，妓女也可从良。(空)-blowsnow (阅读:174次 2006/02/16 13:44) 好人呀～～-泣无声 (93字节 阅读:126次 2006/02/16 13:47) 不是好人阿-looking_200501 (29字节 阅读:181次 2006/02/16 14:17) 它的流氓手段极为精尖！要小心、尽量避免用它！(空)-以心转境 (阅读:164次 2006/02/16 14:38) 如果自己分析，推荐hijackthis-北京偏北 (103字节 阅读:190次 2006/02/16 14:48)

您必须登录论坛才可以发表文章：

用户名：   密码：   记住密码：    （忘记密码 注册）

版权所有 回龙观社区网 经营许可证编号：京B2-20201639 昌公网安备1101140035号

举报电话：010-86468600-5 举报邮箱：