Trojan.PSW.Lmir.jdl
知道这是个偷传奇账号密码
瑞星没包月 怎么删除?
大侠们帮帮偶
我把这个发来了 大家帮忙看看 昨天在其他的论坛咨询
已经修复删除了一些
Logfile of HijackThis v1.99.1
Scan saved at 12:53:49, on 2006-2-28
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
D:\rx\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
D:\rx\Rising\Rav\Ravmond.exe
C:\WINDOWS\system32\spoolsv.exe
D:\rx\Rising\Rav\RavStub.exe
C:\WINDOWS\Explorer.EXE
D:\QQ相关\ciku\jj4\jj4\jjsvr4.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\rundll32.exe
D:\rx\Rising\Rav\RavTask.exe
D:\rx\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\ctfmon.exe
D:\2o6贺岁\QQ\QQ.exe
D:\2o6贺岁\QQ\TIMPlatform.exe
C:\WINDOWS\system32\conime.exe
D:\rx\Rising\Rav\RsAgent.exe
C:\WINDOWS\msagent\AgentSvr.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\软件相关\156\hijackthis汉化版1.99.1.exe
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\kakatool.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [helper.dll] C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32
O4 - HKLM\..\Run: [NMGameX_AutoRun] C:\WINDOWS\system32\Rundll32.exe nmgamex.dll,LiveProcess /aa
O4 - HKLM\..\Run: [RavTask] "D:\rx\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [FeiyingUpdate] C:\DOCUME~1\TH\LOCALS~1\Temp\~ex7.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [pyjj] D:\QQ相关\ciku\jj4\jj4\jjsvr4.exe
O4 - Global Startup: 桌面传媒.lnk = ?
O16 - DPF: {15DDE989-CD45-4561-BF99-D22C0D5C2B85} - http://vivi.sina.com.cn/control/vivi.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com/PhotoUpload/MsnPUpld.cab?10,0,910,0
O16 - DPF: {A96C48EA-AA88-4BBD-B58C-7B41146A6EAC} (Qzone Media Tools) - http://imgcache.qq.com/qzone/photo/QzoneMediaTools.cab
O16 - DPF: {E787FD25-8D7C-4693-AE67-9406BC6E22DF} (CPasswordEditCtrl
Object) - https://www.tenpay.com/download/qqedit.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B34FDB74-ABFE-4BA7-88A9-6F43D4E9D2E0}: NameServer = 202.97.224.69,202.97.224.68
O18 - Protocol: koboo - {7DEE9D05-FA0A-4416-A6F3-6537D0EAB6A6} - C:\WINDOWS\system32\mbprot.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WB - D:\PROGRA~1\
OBJECT~1\WINDOW~1\fastload.dll
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - D:\rx\Rising\Rav\CCenter.exe
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\rx\Rising\Rav\Ravmond.exe
O23 - Service: SL Service (SlServ) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe