高校问答贤字书法:hijackthis的扫描结果。高手分析下 谢~~~
来源:百度文库 编辑:高校问答 时间:2024/04/20 21:05:06
ogfile of HijackThis v1.99.1
Scan saved at 21:08:35, on 2006-7-20
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\Rundll32.exe
C:\KV2004\KVSrvXp_1.exe
C:\KV2004\KVwsc.exe
C:\WINDOWS\NTService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\KV2004\KVMonXP.kxp
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\IEXPLORER.EXE
C:\windows\VM303_STI.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system\java.exe
C:\Program Files\MiniPPGou\MiniPPGou.exe
C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\KVFW\kvfw.exe
C:\Program Files\Huawei Technologies\Huawei SmartAX MT810\dslmon.exe
C:\Program files\Internet Explorer\IExplore.exe
C:\Program Files\Internet Explorer\PLUGINS\newweb10294.EXE
C:\WINDOWS\system\java.exe
C:\WINDOWS\system\java.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system\servicess.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\temp\ls.tmp
C:\WINDOWS\system32\conime.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Internet Explorer\PLUGINS\102586.exe
C:\Program Files\Internet Explorer\PLUGINS\newweb10294.EXE
C:\WINDOWS\system\java.exe
C:\WINDOWS\system\java.exe
C:\Program Files\baigoo\bgoomain.exe
C:\WINDOWS\system32\rundll32.exe
C:\KV2004\KvXP.kxp
C:\WINDOWS\system32\DllHost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\explorer.exe
C:\WINDOWS\msagent\AgentSvr.exe
D:\program files\Tencent\qq\TTraveler.exe
C:\WINDOWS\svchost.exe
D:\Downloads\HijackThis.exe
O2 - BHO: BrowseHelper Class - {80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9} - C:\KV2004\KvShell.dll
O2 - BHO: IEHlprObj Class - {999ADFA2-8AD1-47ff-97FC-69FB847458F4} - C:\Progra~1\NetMeeting\nmview.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: HBObject Class - {AE22AFE5-1EF4-4D25-9E23-D2825FB17DA1} - C:\PROGRA~1\hbclient\HBHelper.dll
O2 - BHO: Webacc - {CAC068F3-A608-406B-8581-458788A67694} - C:\WINDOWS\system32\svchost.dll
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - C:\windows\downlo~1\CnsHook.dll
O2 - BHO: 1 - {E78F50F9-51CF-40EC-AE3F-4F802528150B} - C:\WINDOWS\Downloader.dll
O2 - BHO: internet explorer helper - {F7911E65-B01C-4A58-AEC7-53085ECA70A5} - C:\WINDOWS\system32\mshlink.dll
Scan saved at 21:08:35, on 2006-7-20
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\Rundll32.exe
C:\KV2004\KVSrvXp_1.exe
C:\KV2004\KVwsc.exe
C:\WINDOWS\NTService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\KV2004\KVMonXP.kxp
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\IEXPLORER.EXE
C:\windows\VM303_STI.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system\java.exe
C:\Program Files\MiniPPGou\MiniPPGou.exe
C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\KVFW\kvfw.exe
C:\Program Files\Huawei Technologies\Huawei SmartAX MT810\dslmon.exe
C:\Program files\Internet Explorer\IExplore.exe
C:\Program Files\Internet Explorer\PLUGINS\newweb10294.EXE
C:\WINDOWS\system\java.exe
C:\WINDOWS\system\java.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system\servicess.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\temp\ls.tmp
C:\WINDOWS\system32\conime.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Internet Explorer\PLUGINS\102586.exe
C:\Program Files\Internet Explorer\PLUGINS\newweb10294.EXE
C:\WINDOWS\system\java.exe
C:\WINDOWS\system\java.exe
C:\Program Files\baigoo\bgoomain.exe
C:\WINDOWS\system32\rundll32.exe
C:\KV2004\KvXP.kxp
C:\WINDOWS\system32\DllHost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\explorer.exe
C:\WINDOWS\msagent\AgentSvr.exe
D:\program files\Tencent\qq\TTraveler.exe
C:\WINDOWS\svchost.exe
D:\Downloads\HijackThis.exe
O2 - BHO: BrowseHelper Class - {80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9} - C:\KV2004\KvShell.dll
O2 - BHO: IEHlprObj Class - {999ADFA2-8AD1-47ff-97FC-69FB847458F4} - C:\Progra~1\NetMeeting\nmview.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: HBObject Class - {AE22AFE5-1EF4-4D25-9E23-D2825FB17DA1} - C:\PROGRA~1\hbclient\HBHelper.dll
O2 - BHO: Webacc - {CAC068F3-A608-406B-8581-458788A67694} - C:\WINDOWS\system32\svchost.dll
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - C:\windows\downlo~1\CnsHook.dll
O2 - BHO: 1 - {E78F50F9-51CF-40EC-AE3F-4F802528150B} - C:\WINDOWS\Downloader.dll
O2 - BHO: internet explorer helper - {F7911E65-B01C-4A58-AEC7-53085ECA70A5} - C:\WINDOWS\system32\mshlink.dll
ati2evxx.exe是ATI显示卡增强工具。它用于管理ATI HotKey特性。
你的怎么三个?
C:\Program Files\Internet Explorer\PLUGINS\102586.exe
C:\Program Files\Internet Explorer\PLUGINS\newweb10294.EXE
PLUGINS是一个放插件的文件夹,而且一般情况下也删除不掉的
bgoomain.exe 百狗BaiGoo 的插件 删除
你的日志不全,请务必把日志全部贴完