神马品牌网安装平台:我用HIJACK扫完的日志
来源:百度文库 编辑:神马品牌网 时间:2024/05/08 00:07:23
我电脑中了灰鸽子病毒!
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
d:\program files\rising\rfw\rfwsrv.exe
D:\Program Files\KWatch.EXE
C:\WINDOWS\system32\spoolsv.exe
d:\program files\rising\rfw\RfwMain.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\GAOV\Mysee Alert\Mysee Alert.exe
D:\Program Files\KAVStart.exe
D:\Program Files\KPfwSvc.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
D:\Program Files\KPFW32.EXE
D:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE
D:\Program Files\KMailMon.EXE
D:\Program Files\Tencent\TT\TTraveler.exe
C:\PROGRA~1\3721\ske\TrojanAssistant.exe
C:\WINDOWS\explorer.exe
C:\Downloads\HijackThis.exe
O2 - BHO: KOSIE HelperInternet Explorer Web Content Guard - {1B2F92A1-CDAF-4511-9382-91E3F5CE0880} - C:\Program Files\KOS\KOSIEBar.dll
O2 - BHO: MSHlper Class - {721E6521-4CAD-4A8D-A7F1-4E230B31EF19} - C:\WINDOWS\system32\MSHLP.DLL (file missing)
O2 - BHO: 超级兔子上网精灵 - {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} - D:\Program Files\Super Rabbit\MagicSet\haokanbar.dll
O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\PROGRA~1\baidu\bar\baidubar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: 超级兔子上网精灵 - {43869BB3-22FD-4F15-9B46-238106BA2F4E} - D:\Program Files\Super Rabbit\MagicSet\haokanbar.dll
O3 - Toolbar: 百度超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\PROGRA~1\baidu\bar\baidubar.dll
O4 - HKLM\..\Run: [Thunder] "D:\Program Files\Thunder Network\Thunder\Thunder.exe" /s
O4 - HKLM\..\Run: [RfwMain] "D:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Mysee Alert] "C:\Program Files\GAOV\Mysee Alert\Mysee Alert.exe" -notray
O4 - HKLM\..\Run: [KavStart] "D:\Program Files\KAVStart.exe" -startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [KavPFW] "D:\Program Files\KPFW32.EXE"
O4 - HKCU\..\Run: [Super Rabbit IEPro] D:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE /LOAD
O8 - Extra context menu item: Google 搜索(&G) - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
d:\program files\rising\rfw\rfwsrv.exe
D:\Program Files\KWatch.EXE
C:\WINDOWS\system32\spoolsv.exe
d:\program files\rising\rfw\RfwMain.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\GAOV\Mysee Alert\Mysee Alert.exe
D:\Program Files\KAVStart.exe
D:\Program Files\KPfwSvc.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
D:\Program Files\KPFW32.EXE
D:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE
D:\Program Files\KMailMon.EXE
D:\Program Files\Tencent\TT\TTraveler.exe
C:\PROGRA~1\3721\ske\TrojanAssistant.exe
C:\WINDOWS\explorer.exe
C:\Downloads\HijackThis.exe
O2 - BHO: KOSIE HelperInternet Explorer Web Content Guard - {1B2F92A1-CDAF-4511-9382-91E3F5CE0880} - C:\Program Files\KOS\KOSIEBar.dll
O2 - BHO: MSHlper Class - {721E6521-4CAD-4A8D-A7F1-4E230B31EF19} - C:\WINDOWS\system32\MSHLP.DLL (file missing)
O2 - BHO: 超级兔子上网精灵 - {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} - D:\Program Files\Super Rabbit\MagicSet\haokanbar.dll
O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\PROGRA~1\baidu\bar\baidubar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: 超级兔子上网精灵 - {43869BB3-22FD-4F15-9B46-238106BA2F4E} - D:\Program Files\Super Rabbit\MagicSet\haokanbar.dll
O3 - Toolbar: 百度超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\PROGRA~1\baidu\bar\baidubar.dll
O4 - HKLM\..\Run: [Thunder] "D:\Program Files\Thunder Network\Thunder\Thunder.exe" /s
O4 - HKLM\..\Run: [RfwMain] "D:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Mysee Alert] "C:\Program Files\GAOV\Mysee Alert\Mysee Alert.exe" -notray
O4 - HKLM\..\Run: [KavStart] "D:\Program Files\KAVStart.exe" -startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [KavPFW] "D:\Program Files\KPFW32.EXE"
O4 - HKCU\..\Run: [Super Rabbit IEPro] D:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE /LOAD
O8 - Extra context menu item: Google 搜索(&G) - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
C:\Program Files\GAOV\Mysee Alert\Mysee Alert.exe
这个进程认不得,但肯定不是灰鸽子了
知道了是灰鸽子还不杀!?