【求助】我是菜鸟帮帮我呀 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛【求助】我是菜鸟帮帮我呀

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

12

1 / 2 页

跳转页

【求助】我是菜鸟帮帮我呀

酷喵喵初生襁褓狮帖子:5 注册: 2005-11-05 来自:	发表于： 2005-11-05 09:14 \| 只看楼主短消息资料字号：小中大 1楼【求助】我是菜鸟帮帮我呀各位大哥大姐大叔大婶大伯大娘大妈大嫂，我是菜鸟一名，最近我下载外挂时不小心中了木马（外挂害人啊），然后我启动电脑时总是出现“找不到C:\WINNT\sysem32\scvhost.exe" 我上网找到了HijackThis,可是我实在是菜到家了，找了很多帮助就是不会用，不知道如何判断那个有问题，就把扫描日志弄下来了，请各位大哥大姐..............帮忙看看啊 HijackThis@Qoo的扫描日志 V1.97.7 Scan saved at 9:04:25, on 2005-11-5 Platform: Windows 2000 SP1 (WinNT 5.00.2195) MSIE: Internet Explorer v5.00 (5.00.2920.0000) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\WINNT\System32\svchost.exe C:\WINNT\System32\nvsvc32.exe C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\Explorer.exe C:\WINNT\System32\Rundll32.exe C:\WINNT\SOUNDMAN.EXE C:\Program Files\CNNIC\Cdn\cdnup.exe C:\WINNT\System32\internat.exe C:\Program Files\DuDu\DddClient\dudupros.exe C:\WINNT\System32\conime.exe C:\WINNT\System32\rundll32.exe D:\杀马\hijackthis1.97_qoo\HijackThis.exe R3 - URLSearchHook: R3 - URLSearchHook: BDSrchHook Class - {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - C:\WINNT\DOWNLO~1\BDSrHook.dll O2 - BHO: (no name) - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll O2 - BHO: Link Filter - {4022F902-ABC7-4C79-924F-BB26F1D355A2} - C:\WINNT\System32\diybar2\diybar2.dll O2 - BHO: DuDu.com - {6BDE1669-B490-48E3-B668-456314F2D6C3} - C:\Program Files\DuDu\DddClient\dddiemon.dll O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\ O2 - BHO: (no name) - {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - C:\WINNT\DOWNLO~1\BDSrHook.dll O2 - BHO: (no name) - {F5824EFB-728A-4726-A5A5-85A68B20EDC3} - C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll O3 - Toolbar: ????? - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx O3 - Toolbar: ????? - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\Progra~1\Baidu\bar\BaiDuBar.dll O3 - Toolbar: ????? - {102293E4-758B-4483-946B-714EBCEC91B8} - C:\WINNT\SePpBar\sePpBar20050922.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\ O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize O4 - HKLM\..\Run: [Thunder] "C:\Program Files\Thunder Network\Thunder\ThunderShell.exe" /s O4 - HKLM\..\Run: [Sepp_UpdateExe] C:\WINNT\SePpBar\Fir_Update.exe O4 - HKLM\..\Run: [CdnCtr] C:\Program Files\CNNIC\Cdn\cdnup.exe O4 - HKLM\..\Run: [BIE] Rundll32.exe C:\WINNT\DOWNLO~1\BDSrHook.dll,Rundll32 O4 - HKCU\..\Run: [Internat.exe] internat.exe O4 - Startup: NTUSER.DAT O4 - Startup: ntuser.dat.LOG O4 - Startup: ntuser.ini O4 - Global Startup: ntuser.pol O8 - Extra context menu item: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\geturl.htm O8 - Extra context menu item: &使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\getallurl.htm O8 - Extra context menu item: 使用网际快车下载 - D:\ O8 - Extra context menu item: 使用网际快车下载全部链接 - D:\ O8 - Extra context menu item: 添加到QQ自定义面板 - E:\ O8 - Extra context menu item: 添加到QQ表情 - E:\ O8 - Extra context menu item: 用QQ彩信发送该图片 - E:\ O8 - Extra context menu item: 访问通用网址 - C:\Program Files\CNNIC\Cdn\cnnic.htm O9 - Extra 'Tools' menuitem: Link Filter (HKLM) O9 - Extra button: Related (HKLM) O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM) O9 - Extra button: FlashGet (HKLM) O9 - Extra 'Tools' menuitem: &FlashGet (HKLM) O10 - Unknown file in Winsock LSP: c:\winnt\system32\cdnns.dll O11 - Options group: [!IESearch] !IESearch O11 - Options group: [CDNCLIENT] O14 - IERESET.INF: SEARCH_PAGE_URL= O14 - IERESET.INF: START_PAGE_URL= O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O16 - DPF: {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} (BDSrchHook Class) - http://bar.baidu.com/update/cab/BDSrHook.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab 请大家帮忙看看，我也学点知识，谢谢啦 2005-11-05 10:09:47
酷喵喵初生襁褓狮帖子:5 注册: 2005-11-05 来自:	分享到：

xuyawei 快乐黄口狮帖子:255 注册: 2005-07-02 来自:	发表于： 2005-11-05 09:19 \| 短消息资料字号：小中大 2楼 Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\WINNT\System32\svchost.exe 不是有吗
xuyawei 快乐黄口狮帖子:255 注册: 2005-07-02 来自:

酷喵喵初生襁褓狮帖子:5 注册: 2005-11-05 来自:	发表于： 2005-11-05 09:21 \| 只看楼主短消息资料字号：小中大 3楼我也不知道啊,可他就是每次上机时都会出现的，那我再重新启动一下试试吧
酷喵喵初生襁褓狮帖子:5 注册: 2005-11-05 来自:

酷喵喵初生襁褓狮帖子:5 注册: 2005-11-05 来自:	发表于： 2005-11-05 09:30 \| 只看楼主短消息资料字号：小中大 4楼刚才重启了一下，详细的是这么说的---找不到文件：C:\WINNT\system32\scvhost.exe(或它的组件之一）请确定路径和文件是否正确，而且所需的库文件均可用到底是怎么一回事啊，我真的一点也不懂电脑
酷喵喵初生襁褓狮帖子:5 注册: 2005-11-05 来自:

神无锋芒艾服狮帖子:1938 注册: 2005-06-16 来自:	发表于： 2005-11-05 09:32 \| 短消息资料字号：小中大 5楼日志不完整，再发一个，
神无锋芒艾服狮帖子:1938 注册: 2005-06-16 来自:

酷喵喵初生襁褓狮帖子:5 注册: 2005-11-05 来自:	发表于： 2005-11-05 09:35 \| 只看楼主短消息资料字号：小中大 6楼 HijackThis@Qoo的扫描日志 V1.97.7 Scan saved at 9:34:34, on 2005-11-5 Platform: Windows 2000 SP1 (WinNT 5.00.2195) MSIE: Internet Explorer v5.00 (5.00.2920.0000) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\WINNT\System32\svchost.exe C:\WINNT\System32\nvsvc32.exe C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\Explorer.exe C:\WINNT\System32\Rundll32.exe C:\WINNT\SOUNDMAN.EXE C:\Program Files\CNNIC\Cdn\cdnup.exe C:\WINNT\System32\internat.exe C:\Program Files\DuDu\DddClient\dudupros.exe C:\WINNT\System32\conime.exe C:\WINNT\System32\rundll32.exe D:\杀马\hijackthis1.97_qoo\HijackThis.exe R3 - URLSearchHook: R3 - URLSearchHook: BDSrchHook Class - {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - C:\WINNT\DOWNLO~1\BDSrHook.dll O2 - BHO: (no name) - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll O2 - BHO: Link Filter - {4022F902-ABC7-4C79-924F-BB26F1D355A2} - C:\WINNT\System32\diybar2\diybar2.dll O2 - BHO: DuDu.com - {6BDE1669-B490-48E3-B668-456314F2D6C3} - C:\Program Files\DuDu\DddClient\dddiemon.dll O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\ O2 - BHO: (no name) - {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - C:\WINNT\DOWNLO~1\BDSrHook.dll O2 - BHO: (no name) - {F5824EFB-728A-4726-A5A5-85A68B20EDC3} - C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll O3 - Toolbar: ????? - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx O3 - Toolbar: ????? - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\Progra~1\Baidu\bar\BaiDuBar.dll O3 - Toolbar: ????? - {102293E4-758B-4483-946B-714EBCEC91B8} - C:\WINNT\SePpBar\sePpBar20050922.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\ O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize O4 - HKLM\..\Run: [Thunder] "C:\Program Files\Thunder Network\Thunder\ThunderShell.exe" /s O4 - HKLM\..\Run: [Sepp_UpdateExe] C:\WINNT\SePpBar\Fir_Update.exe O4 - HKLM\..\Run: [CdnCtr] C:\Program Files\CNNIC\Cdn\cdnup.exe O4 - HKLM\..\Run: [BIE] Rundll32.exe C:\WINNT\DOWNLO~1\BDSrHook.dll,Rundll32 O4 - HKCU\..\Run: [Internat.exe] internat.exe O4 - Startup: NTUSER.DAT O4 - Startup: ntuser.dat.LOG O4 - Startup: ntuser.ini O4 - Global Startup: ntuser.pol O8 - Extra context menu item: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\geturl.htm O8 - Extra context menu item: &使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\getallurl.htm O8 - Extra context menu item: 使用网际快车下载 - D:\ O8 - Extra context menu item: 使用网际快车下载全部链接 - D:\ O8 - Extra context menu item: 添加到QQ自定义面板 - E:\ O8 - Extra context menu item: 添加到QQ表情 - E:\ O8 - Extra context menu item: 用QQ彩信发送该图片 - E:\ O8 - Extra context menu item: 访问通用网址 - C:\Program Files\CNNIC\Cdn\cnnic.htm O9 - Extra 'Tools' menuitem: Link Filter (HKLM) O9 - Extra button: Related (HKLM) O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM) O9 - Extra button: FlashGet (HKLM) O9 - Extra 'Tools' menuitem: &FlashGet (HKLM) O10 - Unknown file in Winsock LSP: c:\winnt\system32\cdnns.dll O11 - Options group: [!IESearch] !IESearch O11 - Options group: [CDNCLIENT] O14 - IERESET.INF: SEARCH_PAGE_URL= O14 - IERESET.INF: START_PAGE_URL= O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O16 - DPF: {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} (BDSrchHook Class) - http://bar.baidu.com/update/cab/BDSrHook.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
酷喵喵初生襁褓狮帖子:5 注册: 2005-11-05 来自:

神无锋芒艾服狮帖子:1938 注册: 2005-06-16 来自:	发表于： 2005-11-05 09:36 \| 短消息资料字号：小中大 7楼 R3 - URLSearchHook: R3 - URLSearchHook: BDSrchHook Class - {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - C:\WINNT\DOWNLO~1\BDSrHook.dll O2 - BHO: (no name) - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll O2 - BHO: Link Filter - {4022F902-ABC7-4C79-924F-BB26F1D355A2} - C:\WINNT\System32\diybar2\diybar2.dll O2 - BHO: DuDu.com - {6BDE1669-B490-48E3-B668-456314F2D6C3} - C:\Program Files\DuDu\DddClient\dddiemon.dll O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\ O2 - BHO: (no name) - {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - C:\WINNT\DOWNLO~1\BDSrHook.dll O2 - BHO: (no name) - {F5824EFB-728A-4726-A5A5-85A68B20EDC3} - C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll O3 - Toolbar: ????? - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx O3 - Toolbar: ????? - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\Progra~1\Baidu\bar\BaiDuBar.dll O3 - Toolbar: ????? - {102293E4-758B-4483-946B-714EBCEC91B8} - C:\WINNT\SePpBar\sePpBar20050922.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\ O8 - Extra context menu item: 访问通用网址 - C:\Program Files\CNNIC\Cdn\cnnic.htm O9 - Extra 'Tools' menuitem: Link Filter (HKLM) O9 - Extra button: Related (HKLM) O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM) O9 - Extra button: FlashGet (HKLM) O9 - Extra 'Tools' menuitem: &FlashGet (HKLM) O10 - Unknown file in Winsock LSP: c:\winnt\system32\cdnns.dll O11 - Options group: [!IESearch] !IESearch O11 - Options group: [CDNCLIENT] O14 - IERESET.INF: SEARCH_PAGE_URL= O14 - IERESET.INF: START_PAGE_URL= O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O16 - DPF: {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} (BDSrchHook Class) - http://bar.baidu.com/update/cab/BDSrHook.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab 修复这几项。卸载中文上网和DUDU加速器。
神无锋芒艾服狮帖子:1938 注册: 2005-06-16 来自:

酷喵喵初生襁褓狮帖子:5 注册: 2005-11-05 来自:	发表于： 2005-11-05 09:37 \| 只看楼主短消息资料字号：小中大 8楼还有，1楼的哥哥，你看清楚啊，是缺少scvhost.exe,不是缺少svchost.exe啊
酷喵喵初生襁褓狮帖子:5 注册: 2005-11-05 来自:

神无锋芒艾服狮帖子:1938 注册: 2005-06-16 来自:	发表于： 2005-11-05 09:39 \| 短消息资料字号：小中大 9楼用V1.99.1版本的发一个，这个版本太老了。
神无锋芒艾服狮帖子:1938 注册: 2005-06-16 来自:

xuyawei 快乐黄口狮帖子:255 注册: 2005-07-02 来自:	发表于： 2005-11-05 09:39 \| 短消息资料字号：小中大 10楼我近视眼，不好意思，给你添麻烦了呵呵
xuyawei 快乐黄口狮帖子:255 注册: 2005-07-02 来自:

<<上一主题|下一主题>>

12

1 / 2 页

跳转页

页面顶部

Powered by Discuz!NT