中科新闻网斗法破高廉概括300字:hijackthis扫描,请高手帮忙!
来源:百度文库 编辑:中科新闻网 时间:2024/04/29 19:07:25
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
F:\100\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
F:\100\Rav\RavStub.exe
F:\100\Ewido\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\conime.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\LVComsX.exe
C:\DOCUME~1\EMINEM\LOCALS~1\Temp\Rar$EX00.500\HijackThis.exe
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: 超级兔子上网精灵 - {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} - F:\100\MagicSet\haokanbar.dll
O3 - Toolbar: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - F:\100\kingsoft\IEBand.dll
O3 - Toolbar: 超级兔子上网精灵 - {43869BB3-22FD-4F15-9B46-238106BA2F4E} - F:\100\MagicSet\haokanbar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] ; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] ; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] ; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RavTask] "F:\100\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [jiahus] ; C:\WINDOWS\system32\svchqs.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Super Rabbit IEPro] F:\100\MagicSet\SRIECLI.EXE /LOAD
O8 - Extra context menu item: 上传到QQ网络硬盘 - F:\100\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - F:\100\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - F:\100\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - F:\100\QQ\SendMMS.htm
O8 - Extra context menu item: 用比特精灵下载(&B) - F:\100\BitSpirit\bsurl.htm
O17 - HKLM\System\CCS\Services\Tcpip\..\{39DCD18F-9DD7-43B7-9E00-77176F4779A0}: NameServer = 202.96.134.133,202.96.128.68
O17 - HKLM\System\CCS\Services\Tcpip\..\{8EFEAC50-5F29-49FA-B11D-96BAF43295EA}: NameServer = 202.96.128.166 202.96.134.133
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
崔衍渠老师,我想问问08项的这几个可以用FIX CHECKED吗?
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
F:\100\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
F:\100\Rav\RavStub.exe
F:\100\Ewido\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\conime.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\LVComsX.exe
C:\DOCUME~1\EMINEM\LOCALS~1\Temp\Rar$EX00.500\HijackThis.exe
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: 超级兔子上网精灵 - {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} - F:\100\MagicSet\haokanbar.dll
O3 - Toolbar: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - F:\100\kingsoft\IEBand.dll
O3 - Toolbar: 超级兔子上网精灵 - {43869BB3-22FD-4F15-9B46-238106BA2F4E} - F:\100\MagicSet\haokanbar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] ; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] ; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] ; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RavTask] "F:\100\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [jiahus] ; C:\WINDOWS\system32\svchqs.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Super Rabbit IEPro] F:\100\MagicSet\SRIECLI.EXE /LOAD
O8 - Extra context menu item: 上传到QQ网络硬盘 - F:\100\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - F:\100\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - F:\100\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - F:\100\QQ\SendMMS.htm
O8 - Extra context menu item: 用比特精灵下载(&B) - F:\100\BitSpirit\bsurl.htm
O17 - HKLM\System\CCS\Services\Tcpip\..\{39DCD18F-9DD7-43B7-9E00-77176F4779A0}: NameServer = 202.96.134.133,202.96.128.68
O17 - HKLM\System\CCS\Services\Tcpip\..\{8EFEAC50-5F29-49FA-B11D-96BAF43295EA}: NameServer = 202.96.128.166 202.96.134.133
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
崔衍渠老师,我想问问08项的这几个可以用FIX CHECKED吗?
你的日志 修复
O4 - HKLM\..\Run: [jiahus] ; C:\WINDOWS\system32\svchqs.exe
删除文件 C:\WINDOWS\system32\svchqs.exe (如果有的话)
这个文件 C:\WINDOWS\system32\LVComsX.exe 确认一下。
其他没问题!