瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 哪位版主大哥帮我看看灰鸽子2005的日志,不好意思这是下半节。

1   1  /  1  页   跳转

哪位版主大哥帮我看看灰鸽子2005的日志,不好意思这是下半节。

哪位版主大哥帮我看看灰鸽子2005的日志,不好意思这是下半节。

O8 - Extra context menu item:  >> 彩信发送 << - res://F:\PROGRA~1\MMSASS~1\MMSASS~1.DLL/mms.htm
O8 - Extra context menu item: !CopySo拷贝搜 - res://F:\Program Files\Copyso\CopysoIE.dll/copyso.htm
O8 - Extra context menu item: !全球排名 - res://F:\Program Files\Copyso\CopysoIE.dll/tops.htm
O8 - Extra context menu item: !反向链接 - res://F:\Program Files\Copyso\CopysoIE.dll/snapshot.htm
O8 - Extra context menu item: !网页快照 - res://F:\Program Files\Copyso\CopysoIE.dll/similar.htm
O8 - Extra context menu item: &使用迅雷下载 - F:\Program Files\Thunder Network\Thunder\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - F:\Program Files\Thunder Network\Thunder\getallurl.htm
O8 - Extra context menu item: &使用迷你迅雷下载 - F:\Program Files\Sandai\ThunderMini\geturl.htm
O8 - Extra context menu item: 使用网际快车下载 - D:\金山词霸\FLASHGET\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - D:\金山词霸\FLASHGET\jc_all.htm
O8 - Extra context menu item: 导出到 Microsoft Excel(&x) - res://D:\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ自定义面板 - F:\Program Files\Tencent\qq\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - F:\Program Files\Tencent\qq\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - F:\Program Files\Tencent\qq\SendMMS.htm
O8 - Extra context menu item: 百度-搜索MP3 - res://F:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDUMP3.HTM
O8 - Extra context menu item: 百度-搜索图片 - res://F:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDUIMG.HTM
O8 - Extra context menu item: 百度-搜索新闻 - res://F:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDUNEWS.HTM
O8 - Extra context menu item: 百度-搜索歌词 - res://F:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDULYRIC.HTM
O8 - Extra context menu item: 百度-搜索网页 - res://F:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDUSEARCH.HTM
O8 - Extra context menu item: 百度-搜索贴吧 - res://F:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDUPOST.HTM
O8 - Extra context menu item: 百度-词典搜索 - res://F:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDU_DIC.HTM
O9 - Extra button: 手机短信 - {00000000-0000-0001-0001-596BAEDD1289} - http://sms.3721.com/ie/index.htm?pid=U_skycn_5409 (file missing)
O9 - Extra button: 迅雷 - {1FBA04EE-3024-11D2-8F1F-000019796948} - F:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: 迅雷 - {1FBA04EE-3024-11D2-8F1F-000019796948} - F:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Yahoo 1G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.mail.yahoo.com/promo/rd1 (file missing)
O9 - Extra button: 寻宝乐趣多 - {59BC54A2-56B3-44a0-93E5-432D58746E26} - http://hot.3721.com/rd/shop_btn.htm (file missing)
O9 - Extra button: 上网助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://assistant.3721.com/index.htm?fb=Cns (file missing)
O9 - Extra button: (no name) - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - F:\PROGRA~1\MMSASS~1\MMSASS~1.DLL
O9 - Extra 'Tools' menuitem: MMSAssist工具条设置 - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - F:\PROGRA~1\MMSASS~1\MMSASS~1.DLL
O9 - Extra button: 8751 - {7147A401-C746-3FCF-B3F1-062B3D95D81E} - F:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &8751 - {7147A401-C746-3FCF-B3F1-062B3D95D81E} - F:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - F:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - F:\WINDOWS\web\related.htm
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - F:\Program Files\Tencent\qq\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - F:\Program Files\Tencent\qq\QQ.EXE
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\金山词霸\FLASHGET\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\金山词霸\FLASHGET\flashget.exe (file missing)
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - F:\Program Files\Tencent\qq\QQIEHelper.dll
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - F:\Program Files\Tencent\qq\QQIEHelper.dll
O9 - Extra button: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/ (file missing)
O9 - Extra button: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://assistant.3721.com/security1.htm?fb=Cns (file missing)
O9 - Extra 'Tools' menuitem: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://assistant.3721.com/security1.htm?fb=Cns (file missing)
O9 - Extra button: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://assistant.3721.com/clean1.htm?fb=Cns (file missing)
O9 - Extra 'Tools' menuitem: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://assistant.3721.com/clean1.htm?fb=Cns (file missing)
O11 - Options group: [!CNS]  上网助手-地址栏搜索
O12 - Plugin for .spop: F:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone
O16 - DPF: {56A7DC70-E102-4408-A34A-AE06FEF01586} (天下搜索) - http://iebar.t2t2.com/iebar.cab
O16 - DPF: {F138084D-84D7-48CD-BEA8-04772457516E} (VqqSpeedDlProxy Class) - http://218.85.138.27/vqqsdl1009.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{65DC55A3-7AD5-4F0B-BD53-BBB9C42BA781}: NameServer = 61.147.37.1 61.177.7.1
O18 - Protocol: koboo - {7DEE9D05-FA0A-4416-A6F3-6537D0EAB6A6} - F:\WINDOWS\System32\mbprot.dll
O23 - Service: O&O Defrag - O&O Software GmbH - F:\WINDOWS\System32\oodag.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - rising - F:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - F:\PROGRAM FILES\RISING\RAV\Ravmond.exe
O23 - Service: Windows Times (W32Times) - Unknown owner - F:\Program Files\Internet Explorer\SIGNUP\TIMEMAN32.EXE

最后编辑2005-10-21 11:40:30
分享到:
gototop
 

【回复“烨龙将军”的帖子】
F:\Program Files\Internet Explorer\SIGNUP\TIMEMAN32.EXE

我怀疑是这个文件。请将此文件打包,加密,发到:linbaohe@163.com。发完后,告诉我解压密码。(因为163邮箱有卡巴斯基杀毒,样本必须加密发送。)
gototop
 
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT