计算机网络 课件:大家看看我的卡卡日志扫描1
来源:百度文库 编辑:查人人中国名人网 时间:2024/10/06 02:42:31
Logfile of Kaka v2. 0. 0. 9 Scan Module v2. 0. 0. 1
Scan saved at 16:23:55, on 2006-08-19
Platform: Microsoft Windows XP Professional Service Pack 2 (Build 2600)
MSIE: Internet Explorer v6.00 SP2; (6.00.2900.2180 (xpsp_sp2_rtm.040803-2158))
Running processes:
[smss.exe]
CommandLine =
[csrss.exe]
CommandLine = C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
[winlogon.exe]
CommandLine = winlogon.exe
[SERVICES.EXE]
CommandLine = C:\WINDOWS\system32\services.exe
[LSASS.EXE]
CommandLine = C:\WINDOWS\system32\lsass.exe
[SVCHOST.EXE]
CommandLine = C:\WINDOWS\system32\svchost -k DcomLaunch
[SVCHOST.EXE]
CommandLine = C:\WINDOWS\system32\svchost -k rpcss
[CCenter.exe]
CommandLine = "C:\Program Files\Rising\Rav\CCenter.exe"
[SVCHOST.EXE]
CommandLine = C:\WINDOWS\System32\svchost.exe -k netsvcs
[SVCHOST.EXE]
CommandLine = C:\WINDOWS\system32\svchost.exe -k NetworkService
[SVCHOST.EXE]
CommandLine = C:\WINDOWS\system32\svchost.exe -k LocalService
[RavMonD.exe]
CommandLine = "C:\Program Files\Rising\Rav\Ravmond.exe"
[EXPLORER.EXE]
CommandLine = C:\WINDOWS\Explorer.EXE
[spoolsv.exe]
CommandLine = C:\WINDOWS\system32\spoolsv.exe
[RavStub.exe]
CommandLine = "C:\Program Files\Rising\Rav\RavStub.exe" /RAVMOND
[slserv.exe]
CommandLine = slserv.exe
[igfxtray.exe]
CommandLine = "C:\WINDOWS\system32\igfxtray.exe"
[hkcmd.exe]
CommandLine = "C:\WINDOWS\system32\hkcmd.exe"
[RavTask.exe]
CommandLine = "C:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE" -SYSTEM
[RavMon.exe]
CommandLine = "C:\Program Files\Rising\Rav\Ravmon.exe" -SYSTEM
[realsched.exe]
CommandLine = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
[ctfmon.exe]
CommandLine = "C:\WINDOWS\system32\ctfmon.exe"
[alg.exe]
CommandLine = C:\WINDOWS\System32\alg.exe
[BitComet.exe]
CommandLine = "D:\新建文件夹\新建文件夹\BitComet\BitComet.exe"
[QQ.exe]
CommandLine = "C:\Program Files\Tencent\QQ\QQ.exe"
[TIMPlatform.exe]
CommandLine = "C:\Program Files\Tencent\QQ\TIMPlatform.exe" -Embedding
[TTraveler.exe]
CommandLine = "C:\Program Files\Tencent\TT\TTraveler.exe"
[KkScan.exe]
CommandLine = "C:\Program Files\Rising\KakaToolBar\KkScan.exe"
[wuauclt.exe]
CommandLine = "C:\WINDOWS\system32\wuauclt.exe" /RunStoreAsComServer Local\[2a4]SUSDS1398b835188c6d4fb4d915c283985190
[iexplore.exe]
CommandLine = "C:\Program Files\Internet Explorer\iexplore.exe" -nohome
R3 - Default URLSearchHook is missing
O2 - BHO: (file missing)
Scan saved at 16:23:55, on 2006-08-19
Platform: Microsoft Windows XP Professional Service Pack 2 (Build 2600)
MSIE: Internet Explorer v6.00 SP2; (6.00.2900.2180 (xpsp_sp2_rtm.040803-2158))
Running processes:
[smss.exe]
CommandLine =
[csrss.exe]
CommandLine = C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
[winlogon.exe]
CommandLine = winlogon.exe
[SERVICES.EXE]
CommandLine = C:\WINDOWS\system32\services.exe
[LSASS.EXE]
CommandLine = C:\WINDOWS\system32\lsass.exe
[SVCHOST.EXE]
CommandLine = C:\WINDOWS\system32\svchost -k DcomLaunch
[SVCHOST.EXE]
CommandLine = C:\WINDOWS\system32\svchost -k rpcss
[CCenter.exe]
CommandLine = "C:\Program Files\Rising\Rav\CCenter.exe"
[SVCHOST.EXE]
CommandLine = C:\WINDOWS\System32\svchost.exe -k netsvcs
[SVCHOST.EXE]
CommandLine = C:\WINDOWS\system32\svchost.exe -k NetworkService
[SVCHOST.EXE]
CommandLine = C:\WINDOWS\system32\svchost.exe -k LocalService
[RavMonD.exe]
CommandLine = "C:\Program Files\Rising\Rav\Ravmond.exe"
[EXPLORER.EXE]
CommandLine = C:\WINDOWS\Explorer.EXE
[spoolsv.exe]
CommandLine = C:\WINDOWS\system32\spoolsv.exe
[RavStub.exe]
CommandLine = "C:\Program Files\Rising\Rav\RavStub.exe" /RAVMOND
[slserv.exe]
CommandLine = slserv.exe
[igfxtray.exe]
CommandLine = "C:\WINDOWS\system32\igfxtray.exe"
[hkcmd.exe]
CommandLine = "C:\WINDOWS\system32\hkcmd.exe"
[RavTask.exe]
CommandLine = "C:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE" -SYSTEM
[RavMon.exe]
CommandLine = "C:\Program Files\Rising\Rav\Ravmon.exe" -SYSTEM
[realsched.exe]
CommandLine = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
[ctfmon.exe]
CommandLine = "C:\WINDOWS\system32\ctfmon.exe"
[alg.exe]
CommandLine = C:\WINDOWS\System32\alg.exe
[BitComet.exe]
CommandLine = "D:\新建文件夹\新建文件夹\BitComet\BitComet.exe"
[QQ.exe]
CommandLine = "C:\Program Files\Tencent\QQ\QQ.exe"
[TIMPlatform.exe]
CommandLine = "C:\Program Files\Tencent\QQ\TIMPlatform.exe" -Embedding
[TTraveler.exe]
CommandLine = "C:\Program Files\Tencent\TT\TTraveler.exe"
[KkScan.exe]
CommandLine = "C:\Program Files\Rising\KakaToolBar\KkScan.exe"
[wuauclt.exe]
CommandLine = "C:\WINDOWS\system32\wuauclt.exe" /RunStoreAsComServer Local\[2a4]SUSDS1398b835188c6d4fb4d915c283985190
[iexplore.exe]
CommandLine = "C:\Program Files\Internet Explorer\iexplore.exe" -nohome
R3 - Default URLSearchHook is missing
O2 - BHO: (file missing)
自己安装一个进程查询软件
看看吧
我们专家也有走眼的时候
★ATA★ 木蚂蚁 Windwos 进程管理器 V3.70
右键菜单
在进程列表中点击右键,可以启动右键菜单快捷地进行“列表排序”、“文件属性…”、“所在目录…”、
“删除文件”、“结束进程”、“强行结束(慎用)”、“导出列表”的操作。
进程查询
在进程信息选项卡中的查询框里请输入您想要查询的进程名然后回车或点击“查询”键进行查询,
该功能支持模糊查询(可省略扩展名,自动适配大小写),或直接点击进程列表中的进程项也可以在右侧查询到进程信息。
对于进程数据库里查询不到的进程,您还可以通过链接提示直接到百度或 Google 上搜索进程信息。
进程信息采用不同颜色表示其安全等级:
黑色===正常进程(正常的系统或应用程序进程,安全状态)
绿色===可疑进程(容易被病毒或木马利用的正常进程,需要留心)
红色===病毒/木马进程(非常危险)
点击“添加”键可以自定义添加新的进程信息,填写完整并设定好安全等级后点击“确定”键即可保存。
点击“修改”键可以修改更新原来的进程信息记录。
本程序收录了网上的有关 Windows 系统中的 2000 多条进程信息;
提供对进程的查看、查询、管理和扫描功能以帮助大家更好地了解和管理 Windows 系统中的进程。
包括系统进程、应用程序进程以及部分病毒与木马进程。当然收并不是很全,今后会继续补充和完善。
http://soft.mumayi.net/downinfo/3580.html