杀毒软件都无法运行了，麻烦帮忙看看这是哪中毒啦，谢谢！ - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛杀毒软件都无法运行了，麻烦帮忙看看这是哪中毒啦，谢谢！

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

杀毒软件都无法运行了，麻烦帮忙看看这是哪中毒啦，谢谢！

木木142 初生襁褓狮帖子:2 注册: 2006-04-26 来自:	发表于： 2006-04-26 09:44 \| 显示全部短消息资料字号：小中大 1楼杀毒软件都无法运行了，麻烦帮忙看看这是哪中毒啦，谢谢！俺一同事的电脑估计是中毒太深了，杀毒的软件都难运行了，麻烦各位资深的帮忙看看，谢谢！ Logfile of Kaka v2. 0. 0. 8 Scan Module v2. 0. 0. 1 Scan saved at 09:44:57, on 2006-04-26 Platform: Microsoft Windows 2000 Professional Service Pack 4 (Build 2195) MSIE: Internet Explorer v6.00 SP1;Q867801;Q833989; (6.00.2800.1106) Running processes: [smss.exe] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINNT\system32\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page=http://www.google.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINNT\system32\blank.htm R3 - URLSearchHook: MyURLSearchHook Class - {982CB676-38F0-4D9A-BB72-D9371ABE876E} - C:\Program Files\P4P\ToolBar.dll (file missing) R3 - URLSearchHook: SgUrlSearHook Class - {BAB1AC41-6FF7-4F2E-A04E-5C592CCFEA7D} - C:\WINNT\system32\socul.dll O1 - Hosts: 59.36.96.132 account.etsoft.com.cn O1 - Hosts: 60.191.245.21 www.4a4e.com O1 - Hosts: 61.129.75.124 www.715173.com O1 - Hosts: 222.208.183.149 cool889987.bigwww.com O1 - Hosts: 127.0.0.1 woool.etsoft.com.cn O1 - Hosts: 222.208.183.149 www.zuomo.net O1 - Hosts: 222.208.183.149 www.sbfn77.com O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINNT\system32\xunleibho_v4.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx O2 - BHO: CPub Object - {0CA51D02-7739-43EA-8D9A-1E8AD4327B03} - C:\Program Files\P4P\sodaie.dll (file missing) O2 - BHO: QQBrowserHelperObject Class - {54EBD53A-9BC1-480B-966A-843A333CA162} - C:\Program Files\Tencent\QQ\QQIEHelper.dll O2 - BHO: HBObject Class - {AE22AFE5-1EF4-4D25-9E23-D2825FB17DA1} - C:\WINNT\DOWNLO~1\hbhelper.dll O2 - BHO: BrowserHAP Class - {AEF6F648-78D8-4456-BEE7-5ADE23D209FD} - C:\PROGRA~1\HBClient\hapast.dll O2 - BHO: T2BHO Class - {B1D147E7-873E-4909-8127-695D9BB78728} - C:\WINNT\Downloaded Program Files\barsmall24.dll O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx O3 - Toolbar: 天下搜索 - {56A7DC70-E102-4408-A34A-AE06FEF01586} - C:\WINNT\Downloaded Program Files\iesmall24.dll O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINNT\system32\kakatool.dll O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ScanRegistry] C:\Program Files\Common Files\update\update.exe O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [RichMedia] C:\WINNT\system32\Rundll32.exe "C:\WINNT\DOWNLO~1\hbhelper.dll",WaitWindows O4 - HKLM\..\Run: [hbpassport] C:\PROGRA~1\HBClient\hbast.exe O4 - HKLM\..\Run: [supdate2.dll] RUNDLL32.EXE C:\WINNT\system32\supdate2.dll,Run O4 - HKLM\..\Run: [Internet] C:\WINNT\system32\Intercpu.exe O4 - HKLM\..\Run: [NTdhcp] C:\WINNT\system32\NTdhcp.exe O4 - Startup: 腾讯QQ.lnk = C:\Program Files\Tencent\QQ\QQ.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe O4 - Global Startup: CIBA2000.lnk = C:\Program Files\KINGSOFT\XDICT\xdict32.exe O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm O9 - Extra Button: 词霸 - {8DE0FCD4-5EB5-11D3-AD25-00002100131B} - C:\PROGRA~1\KINGSOFT\XDICT\ieplugin.DLL O9 - Extra Button: 卓越 - {C8CE29C5-7589-11D3-B81B-0080C8DC5DC8} - C:\PROGRA~1\KINGSOFT\XDICT\ieplugin.DLL O9 - Extra Button: @shdoclc.dll,-866 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: @shdoclc.dll,-864 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\system32\shdocvw.dll O9 - Extra Button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE O9 - Extra Button: 易趣购物 - {DE607141-AC19-421e-863A-3D70ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=5 (file missing) O9 - Extra 'Tools' menuitem: 易趣购物 - {DE607141-AC19-421e-863A-3D70ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=5 (file missing) O9 - Extra Button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll O10 - Unknown file in Winsock LSP: C:\WINNT\system32\hbmter.dll O10 - Unknown file in Winsock LSP: C:\WINNT\system32\hbmter.dll O14 - IERESET.INF: START_PAGE_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome O16 - DPF: DirectAnimation Java Classes - file://C:\WINNT\Java\classes\dajava.cab O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {038318E8-0C2D-4DF5-A7AF-B4FB373F501E} (HBHelper.HBActivex) - http://download.henbang.net/download/updatelist/helper.cab O16 - DPF: {56A7DC70-E102-4408-A34A-AE06FEF01586} (天下搜索) - http://iebar.t2t2.com/iebar.cab O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\TempEI4\EI40_\msxml4.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {98A62E3F-A8C5-4EF0-8A00-C70CF9D18A89} (LoaderCore Class) - http://tb.sogou.com/DLLoader.cab O16 - DPF: {EF248BC9-F17D-4024-8868-71A5D22C667C} (Hbact.HbactObject) - http://59.36.96.15/download/updatelist/hap111.cab O16 - DPF: {EF9F1C48-1A63-495A-9317-B7B71B34A9CF} (Msp Class) - http://ddddl.dudu.com/ddd/update/plugin/dudumsp.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = dns-0.net O17 - HKLM\System\CCS\Services\VxD\MSTCP: SearchList = dns-0.net O17 - HKLM\System\CCS\Services\Tcpip\..\{48F83D52-3329-47EF-9A1B-E9A9F9D81050}: NameServer = 202.96.128.166,202.96.128.86 O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINNT\system32\mshtml.dll O18 - Protocol: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINNT\system32\urlmon.dll O18 - Protocol: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL O18 - Protocol: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINNT\system32\urlmon.dll O18 - Protocol: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINNT\system32\urlmon.dll O18 - Protocol: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINNT\system32\urlmon.dll O18 - Protocol: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINNT\system32\urlmon.dll O18 - Protocol: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINNT\system32\urlmon.dll O18 - Protocol: ipp - (no CLSID) - (no file) O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINNT\System32\itss.dll O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINNT\system32\mshtml.dll O18 - Protocol: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINNT\system32\urlmon.dll O18 - Protocol: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINNT\system32\mshtml.dll O18 - Protocol: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINNT\system32\inetcomm.dll O18 - Protocol: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINNT\system32\urlmon.dll O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINNT\System32\itss.dll O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL O18 - Protocol: msdaipp - (no CLSID) - (no file) O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINNT\system32\mshtml.dll O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINNT\system32\mshtml.dll O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINNT\system32\mshtml.dll O18 - Protocol: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINNT\system32\msdxm.ocx O20 - Winlogon Notify: wzcnotif O23 - Service: F-Secure BackWeb (BackWeb Client - 7681197) - - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE O23 - Service: C-DillaSrv (C-DillaSrv) - C-Dilla Ltd - C:\WINNT\system32\drivers\cdantsrv.exe O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\system32\dmadmin.exe /com O23 - Service: F-Secure BackWeb LAN Access (F-Secure BackWeb LAN Access) - - "C:\Program Files\F-Secure\BackWeb\7681197\Program\fsbwlan.exe" O23 - Service: F-Secure Gatekeeper Handler Starter (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - "C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe" O23 - Service: F-Secure Network Request Broker (F-Secure Network Request Broker) - F-Secure Corporation - "C:\Program Files\F-Secure\Common\FNRB32.EXE" O23 - Service: F-Secure Authentication Agent (FSAA) - F-Secure Corporation. All Rights Reserved. - "C:\Program Files\F-Secure\Common\FSAA.EXE" O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - "C:\Program Files\F-Secure\Common\FSMA32.EXE" O23 - Service: Gray_Pigeon_Server1.23 (GrayPigeonServer1.23) - - C:\WINNT\G_Server1.23.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - "C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe" O23 - Service: Macromedia Licensing Service (Macromedia Licensing Service) - - "C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe" O23 - Service: NT LM Security Support Provide (NtlmSspp) - - C:\WINNT\lsasss.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: windos internet (windos internet) - - C:\WINNT\xp.exe 2006-04-26 13:54:24
木木142 初生襁褓狮帖子:2 注册: 2006-04-26 来自:	分享到：

初生襁褓狮

帖子:2
注册: 2006-04-26
来自:

发表于： 2006-04-26 13:37 | 显示全部 短消息资料

字号：小中大 2楼

引用:

【不言放弃的贴子】【回复“木木142”的帖子】
楼主的日志有很大问题
建议导出全部日志
包括系统进程　

OK？
...........................

谢谢了，唉，我同事说只有重装了，算了吧。不过，还是要谢谢你了。。

gototop

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT