卡饭论坛's Archiver



不形于色 发表于 2008-7-27 10:04

帮我看下HIJACK日志

Logfile of HijackThis v1.99.1
Scan saved at 10:03:17, on 2008-7-27
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Maxthon2\Maxthon.exe
F:\HijackThis.exe
R3 - Default URLSearchHook is missing
O2 - BHO: SafeMon Class - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} - C:\Program Files\360safe\safemon\safemon.dll
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [TkBellExe] "realsched.exe"  -osboot
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: 使用迅雷下载 - C:\Program Files\Thunder\Program\GetUrl.htm
O8 - Extra context menu item: 使用迅雷下载全部链接 - C:\Program Files\Thunder\Program\GetAllUrl.htm
O8 - Extra context menu item: 用比特精灵下载(&B) - C:\Program Files\BitSpirit\bsurl.htm
O10 - Unknown file in Winsock LSP: c:\windows\system32\gamelink.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\gamelink.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\gamelink.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\gamelink.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\gamelink.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\gamelink.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\gamelink.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\gamelink.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: CabOCX - [url=http://jifen.cnzz.com/activex/Cnzz.Visa.Certification.CAB]http://jifen.cnzz.com/activex/Cnzz.Visa.Certification.CAB[/url]
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - [url=http://dl.tvunetworks.com/TVUAx.cab]http://dl.tvunetworks.com/TVUAx.cab[/url]
O16 - DPF: {5CD4310E-88FB-43C1-BE24-5F3FA9C5C9D1} (KooPlayer Control) - [url=http://www.tvkoo.com/update/KooPlayer.ocx]http://www.tvkoo.com/update/KooPlayer.ocx[/url]
O16 - DPF: {A22B8FD2-4CAA-4EFB-82F7-680CD656D9B0} (NowStarter Control) - [url=http://www.gogobox.com.tw/neo.fld/GNowStarter.cab]http://www.gogobox.com.tw/neo.fld/GNowStarter.cab[/url]
O16 - DPF: {C728DAB8-FDF5-4CD7-89DD-879D25794C77} (KooPlayer Control) - [url=http://www.cctv.com/live/video_player/img/CCTVKooPlayer.ocx]http://www.cctv.com/live/video_player/img/CCTVKooPlayer.ocx[/url]
O17 - HKLM\System\CCS\Services\Tcpip\..\{AA5A9C6D-1E10-429E-99E8-DA982FAD7FF2}: NameServer = 221.7.92.98 221.5.203.98
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Microsoft Distribution Center (MDC) - Unknown owner - C:\WINDOWS\taskmgr.exe" /service (file missing)

huai168an 发表于 2008-7-27 11:53

Unknown file in Winsock LSP: c:\windows\system32\gamelink.dll这个要注意下
O16 - DPF:类要注意
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O23 - Service: Microsoft Distribution Center (MDC) - Unknown owner - C:\WINDOWS\taskmgr.exe" /service (file missing)
两个missing文件

页: [1]

Powered by Discuz! Archiver 6.1.0  © 2001-2007 Comsenz Inc.