发表于: 2006-07-02 23:40 | 显示全部 短消息 资料
字号: 1楼

请高手帮忙看看日志

--------------------------系统环境-------------------------
检测日期: 2006-7-2 23:28
Windows: Microsoft Windows XP
ServicePack: Service Pack 2
Update: 2600.xpsp_sp2_gdr.050301-1519
Internet Explorer: 6.0.2900.2180


-----------------------网络基础安全测试--------------------
密码安全检测:已经设置了管理员密码,建议:将密码复杂度和长度提高!
网络漏洞检测:空连接检查安全!

服务名称        是否运行              描述
RemoteRegistry [] [说明:这个服务可能被利用远程操作注册表]
Windows Time  [运行中] [说明:这个服务可能被黑客利用来启动木马]
Telnet        [运行中] [说明:这个服务可能被黑客登录到您计算机]
Messenger      [运行中] [说明:这个服务常被广告商用来发垃圾广告]
Server        [运行中] [说明:如果你的电脑不用局域网中,可以关闭]
建议在[控制面板]-[管理工具]-[服务]中,找到这些服务关闭并设置为[禁用].

-----------------------计算机网络端口----------------------
协议      端口号              端口类型
TCP        135        未知类型
TCP        445        未知类型
TCP      1950        未知类型
TCP      1951        未知类型
TCP      1025        未知类型
TCP        139        未知类型
TCP        445        未知类型
TCP        500        未知类型
TCP      1031        未知类型
TCP      1032        未知类型
TCP      1185        未知类型
TCP      4500        未知类型
TCP        123        未知类型
TCP        123        未知类型
TCP      1027        未知类型
TCP      1028        未知类型
TCP      1029        未知类型
TCP      1561        未知类型
TCP      1867        未知类型
TCP        123        未知类型
TCP        137        未知类型
TCP        138        未知类型


--------------------计算机系统组件体检----------------------
[编号:0]
[名称:\SystemRoot\System32\smss.exe]
[类型:运行进程]
[内容:未知]

[编号:1]
[名称:\??\C:\WINDOWS\system32\csrss.exe]
[类型:运行进程]
[内容:未知]

[编号:2]
[名称:\??\C:\WINDOWS\system32\winlogon.exe]
[类型:运行进程]
[内容:未知]

[编号:3]
[名称:C:\WINDOWS\system32\services.exe]
[类型:运行进程]
[内容:Microsoft(R) Windows(R) Operating System (C) Microsoft Corporation. All rights reserved.]

[编号:4]
[名称:C:\WINDOWS\system32\lsass.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:5]
[名称:C:\WINDOWS\system32\svchost.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:6]
[名称:C:\WINDOWS\system32\svchost.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:7]
[名称:C:\WINDOWS\System32\svchost.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:8]
[名称:C:\WINDOWS\System32\svchost.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:9]
[名称:C:\WINDOWS\System32\svchost.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:10]
[名称:D:\QQ2005\287838090\CacheFolder\KWatch.EXE]
[类型:运行进程]
[内容:Kingsoft Antivirus Copyright (C) 1998 - 2005 Kingsoft Corporation]

[编号:11]
[名称:C:\WINDOWS\system32\spoolsv.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:12]
[名称:C:\WINDOWS\SYSTEM32\RUNDLL32.EXE]
[类型:运行进程]
[内容:未知]

[编号:13]
[名称:D:\QQ2005\287838090\CacheFolder\KPfwSvc.EXE]
[类型:运行进程]
[内容:Kingsoft Firewall Copyright (c) 2001-2005 Kingsoft Corporation]

[编号:14]
[名称:C:\Program Files\VeriSign\NAVI\naviagent.exe]
[类型:运行进程]
[内容:NAVI Agent Copyright ? VeriSign, Inc. 2002-2004]

[编号:15]
[名称:C:\WINDOWS\System32\nvsvc32.exe]
[类型:运行进程]
[内容:NVIDIA Driver Helper Service, Version 29.42 (c) NVIDIA Corporation. All rights reserved.]

[编号:16]
[名称:C:\WINDOWS\System32\svchost.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:17]
[名称:C:\Program Files\联想\联想键盘驱动\TGESrvLogon.exe]
[类型:运行进程]
[内容:TGELogonSrv 应用程序 版权所有 (C) 2001]

[编号:18]
[名称:C:\WINDOWS\system32\wdfmgr.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:19]
[名称:C:\Program Files\Common Files\SAND\Network.exe]
[类型:运行进程]
[内容:QQFACE Copyright (C) COMENET TECHNOLOGY 2002-2005]

[编号:20]
[名称:C:\WINDOWS\System32\alg.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:21]
[名称:C:\PROGRA~1\VeriSign\NAVI\NAVICL~1.EXE]
[类型:运行进程]
[内容:NAVI Client Copyright ? VeriSign, Inc. 2002-2004]

[编号:22]
[名称:C:\WINDOWS\system32\Rundll32.exe]
[类型:运行进程]
[内容:未知]

[编号:23]
[名称:C:\WINDOWS\system32\rundll32.exe]
[类型:运行进程]
[内容:未知]

[编号:24]
[名称:C:\WINDOWS\system32\rundll32.exe]
[类型:运行进程]
[内容:未知]

[编号:25]
[名称:C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe]
[类型:运行进程]
[内容:  YLive Copyright ? 2005]

[编号:26]
[名称:C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe]
[类型:运行进程]
[内容:Yahoo! AssistSetting Copyright cn.yahoo.com 2004]

[编号:27]
[名称:D:\QQ2005\287838090\CacheFolder\KAVStart.exe]
[类型:运行进程]
[内容:Kingsoft Antivirus Copyright (C) 1998 - 2005, Kingsoft Corporation]

[编号:28]
[名称:C:\Program Files\Common Files\Real\Update_OB\realsched.exe]
[类型:运行进程]
[内容:RealPlayer (32-bit)  Copyright ? RealNetworks, Inc. 1995-2004]

[编号:29]
[名称:C:\Program Files\baigoo\bgoomain.exe]
[类型:运行进程]
[内容:BGooMain Copyright ? 2005]

[编号:30]
[名称:C:\WINDOWS\VM_STI.EXE]
[类型:运行进程]
[内容:VM., 2002. VM., 2002.]

[编号:31]
[名称:C:\WINDOWS\system32\Rundll32.exe]
[类型:运行进程]
[内容:未知]

[编号:32]
[名称:C:\WINDOWS\system32\ctfmon.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:33]
[名称:D:\QQ2005\287838090\CacheFolder\KMailMon.EXE]
[类型:运行进程]
[内容:Kingsoft Antivirus Copyright (C) 1998 - 2005 Kingsoft Corporation]

[编号:34]
[名称:C:\Program Files\Internet Explorer\iexplore.exe]
[类型:运行进程]
[内容:Microsoft(R) Windows(R) Operating System (C) Microsoft Corporation. All rights reserved.]

[编号:35]
[名称:D:\木马防御大师\WmNetPro.exe]
[类型:运行进程]
[内容:NetSecurity 应用程序 版权所有 (C) 2005 王剑锋]

[编号:36]
[名称:C:\Program Files\Internet Explorer\iexplore.exe]
[类型:运行进程]
[内容:Microsoft(R) Windows(R) Operating System (C) Microsoft Corporation. All rights reserved.]

[编号:37]
[名称:C:\WINDOWS\explorer.exe]
[类型:运行进程]
[内容:Microsoft(R) Windows(R) Operating System (C) Microsoft Corporation. All rights reserved.]

[编号:38]
[名称:C:\Program Files\Internet Explorer\iexplore.exe]
[类型:运行进程]
[内容:Microsoft(R) Windows(R) Operating System (C) Microsoft Corporation. All rights reserved.]

[编号:39]
[名称:D:\木马防御大师\syssec.exe]
[类型:运行进程]
[内容:完美卸载V2006-ChinaHijackThis 版权所有 (C) 2006]

[编号:40]
[分隔符:---------------------------------------------------------------------]

[编号:41]
[名称:C:\WINDOWS\system32\ntdll.dll]
[类型:已加载DLL]
[内容:Microsoft(R) Windows(R) Operating System (C) Microsoft Corporation. All rights reserved.]

[编号:42]
[名称:C:\WINDOWS\system32\CSRSRV.dll]
[类型:已加载DLL]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:43]
[名称:C:\WINDOWS\system32\basesrv.dll]
[类型:已加载DLL]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:44]
[名称:C:\WINDOWS\system32\winsrv.dll]
[类型:已加载DLL]
[内容:Microsoft(R) Windows(R) Operating System (C) Microsoft Corporation. All rights reserved.]

[编号:45]
[名称:C:\WINDOWS\system32\GDI32.dll]
[类型:已加载DLL]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:46]
[名称:C:\WINDOWS\system32\KERNEL32.dll]
[类型:已加载DLL]
[内容:Microsoft(R) Windows(R) Operating System (C) Microsoft Corporation. All rights reserved.]

[编号:47]
[名称:C:\WINDOWS\system32\USER32.dll]
[类型:已加载DLL]
[内容:Microsoft(R) Windows(R) Operating System (C) Microsoft Corporation. All rights reserved.]

[编号:48]
[名称:C:\WINDOWS\system32\LPK.DLL]
[类型:已加载DLL]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:49]
[名称:C:\WINDOWS\system32\USP10.dll]
[类型:已加载DLL]
[内容:Microsoft(R) Uniscribe Unicode script processor ? Microsoft Corporation. All rights reserved.]

[编号:50]
[名称:C:\WINDOWS\system32\msvcrt.dll]
[类型:已加载DLL]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]
最后编辑2006-07-02 23:36:12