瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 老大,帮我看看日志,并指明解决方法。

1   1  /  1  页   跳转

老大,帮我看看日志,并指明解决方法。

收藏
万万来
头像
初生襁褓狮
  • 帖子:63
  • 注册: 2004-01-18
  • 来自:
发表于: 2006-05-13 20:16 | 只看楼主 短消息 资料
字号: 1楼

老大,帮我看看日志,并指明解决方法。

老大,帮我看看日志,并指明解决方法。


HijackThis_zww汉化版扫描日志 V1.99.1
保存于      20:14:41, 日期 2006-5-13
操作系统:  Windows XP  (WinNT 5.01.2600)
浏览器:    Internet Explorer v6.00 (6.00.2600.0000)

当前运行的进程:         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rising\Rav\Ravmond.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Rising\Rav\RavStub.exe
C:\Program Files\Rising\Rav\RavTask.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Rising\Rav\Ravmon.exe
C:\Program Files\HijackThis1991汉化版\HijackThis1991zww.exe

F3 - REG:win.ini: load=c:\windows\alg.exe
O1 - Hosts: This is DY378.COM Setting file!!!
O1 - Hosts: 222.189.228.102 53900.com
O1 - Hosts: 222.189.228.102 www.53900.com
O1 - Hosts: 222.189.228.102 tm286.com
O1 - Hosts: 222.189.228.102 www.tm286.com
O1 - Hosts: 222.189.228.102 555567.com
O1 - Hosts: 222.189.228.102 www.555567.com
O1 - Hosts: 222.189.228.102 k3333.net
O1 - Hosts: 222.189.228.102 www.k3333.net
O1 - Hosts: 222.189.228.102 556633.com
O1 - Hosts: 222.189.228.102 www.556633.com
O1 - Hosts: 222.189.228.102 t9666.com
O1 - Hosts: 222.189.228.102 www.t9666.com
O1 - Hosts: 222.189.228.102 0085200852.com
O1 - Hosts: 222.189.228.102 www.0085200852.com
O1 - Hosts: 222.189.228.102 tm466.com
O1 - Hosts: 222.189.228.102 www.tm466.com
O1 - Hosts: 222.189.228.102 ok8088.com
O1 - Hosts: 222.189.228.102 www.ok8088.com
O1 - Hosts: 222.189.228.102 y636.com
O1 - Hosts: 222.189.228.102 www.y636.com
O1 - Hosts: 222.189.228.102 777568.com
O1 - Hosts: 222.189.228.102 www.777568.com
O1 - Hosts: 222.189.228.102 22261.com
O1 - Hosts: 222.189.228.102 www.22261.com
O1 - Hosts: 222.189.228.102 22799.net
O1 - Hosts: 222.189.228.102 www.22799.net
O1 - Hosts: 222.189.228.102 34511.com
O1 - Hosts: 222.189.228.102 www.34511.com
O1 - Hosts: 222.189.228.102 87765.com
O1 - Hosts: 222.189.228.102 www.87765.com
O1 - Hosts: 222.189.228.102 557888.com
O1 - Hosts: 222.189.228.102 www.557888.com
O1 - Hosts: 222.189.228.102 k667.net
O1 - Hosts: 222.189.228.102 www.k667.net
O1 - Hosts: 222.189.228.102 t6668.com
O1 - Hosts: 222.189.228.102 www.t6668.com
O1 - Hosts: 222.189.228.102 38144.com
O1 - Hosts: 222.189.228.102 www.38144.com
O1 - Hosts: 222.189.228.102 00338.net
O1 - Hosts: 222.189.228.102 www.00338.net
O1 - Hosts: 222.189.228.102 58567.net
O1 - Hosts: 222.189.228.102 www.58567.net
O1 - Hosts: 222.189.228.102 000666.net
O1 - Hosts: 222.189.228.102 www.000666.net
O1 - Hosts: 222.189.228.102 00448.net
O1 - Hosts: 222.189.228.102 www.00448.net
O1 - Hosts: 222.189.228.102 8888789.com
O1 - Hosts: 222.189.228.102 www.8888789.com
O1 - Hosts: 222.189.228.102 263789.com
O1 - Hosts: 222.189.228.102 www.263789.com
O1 - Hosts: 222.189.228.102 160061.com
O1 - Hosts: 222.189.228.102 www.160061.com
O1 - Hosts: 222.189.228.102 138600.com
O1 - Hosts: 222.189.228.102 www.138600.com
O1 - Hosts: 222.189.228.102 09198.com
O1 - Hosts: 222.189.228.102 www.09198.com
O1 - Hosts: 222.189.228.102 kdy2008.com
O1 - Hosts: 222.189.228.102 www.kdy2008.com
O1 - Hosts: 222.189.228.102 3d757.com
O1 - Hosts: 222.189.228.102 www.3d757.com
O1 - Hosts: 222.189.228.102 568cp.com
O1 - Hosts: 222.189.228.102 www.568cp.com
O1 - Hosts: 222.189.228.102 658668.com
O1 - Hosts: 222.189.228.102 www.658668.com
O1 - Hosts: 222.189.228.102 cp2166.com
O1 - Hosts: 222.189.228.102 www.cp2166.com
O1 - Hosts: 222.189.228.102 cp34567.com
O1 - Hosts: 222.189.228.102 www.cp34567.com
O1 - Hosts: 222.189.228.102 48699.com
O1 - Hosts: 222.189.228.102 www.48699.com
O1 - Hosts: 222.189.228.102 56598.com
O1 - Hosts: 222.189.228.102 www.56598.com
O1 - Hosts: 222.189.228.102 258268.com
O1 - Hosts: 222.189.228.102 www.258268.com
O1 - Hosts: 222.189.228.102 345333.com
O1 - Hosts: 222.189.228.102 www.345333.com
O1 - Hosts: 222.189.228.102 454455.com
O1 - Hosts: 222.189.228.102 www.454455.com
O1 - Hosts: 222.189.228.102 82567.com
O1 - Hosts: 222.189.228.102 www.82567.com
O1 - Hosts: 222.189.228.102 10585.com
O1 - Hosts: 222.189.228.102 www.10585.com
O1 - Hosts: 222.189.228.102 tm4936.com
O1 - Hosts: 222.189.228.102 www.tm4936.com
O1 - Hosts: 222.189.228.102 kk4949.com
O1 - Hosts: 222.189.228.102 www.kk4949.com
O1 - Hosts: 222.189.228.102 332338.com
O1 - Hosts: 222.189.228.102 www.332338.com
O1 - Hosts: 222.189.228.102 00858.cc
O1 - Hosts: 222.189.228.102 www.00858.cc
O1 - Hosts: 222.189.228.102 992998.com
O1 - Hosts: 222.189.228.102 www.992998.com
O1 - Hosts: 222.189.228.102 444345.com
O1 - Hosts: 222.189.228.102 www.444345.com
O1 - Hosts: 222.189.228.102 55770.com
O1 - Hosts: 222.189.228.102 www.55770.com
O1 - Hosts: 222.189.228.102 611688.com
O1 - Hosts: 222.189.228.102 www.611688.com
O1 - Hosts: 222.189.228.102 772778.com
O1 - Hosts: 222.189.228.102 www.772778.com
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O3 - IE工具栏增项: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll
O4 - 启动项HKLM\\Run: [services] c:\windows\services.exe
O4 - 启动项HKLM\\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [services] c:\windows\services.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - IE右键菜单中的新增项目: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm
O8 - IE右键菜单中的新增项目: &使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - C:\Program Files\FlashGet\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - C:\Program Files\FlashGet\jc_all.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - E:\E盘备份\QQ\SendMMS.htm
O9 - 浏览器额外的按钮: 相关站点 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - 浏览器额外的“工具”菜单项: 相关站点 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O17 - HKLM\System\CCS\Services\Tcpip\..\{0D248423-7219-4ACB-AFEA-98328B602FD3}: NameServer = 202.96.134.133,202.96.188.86
O17 - HKLM\System\CCS\Services\Tcpip\..\{E9ACED69-5A39-4CC3-8B4F-B248009DCDEA}: NameServer = 202.96.134.133
O17 - HKLM\System\CS1\Services\Tcpip\..\{0D248423-7219-4ACB-AFEA-98328B602FD3}: NameServer = 202.96.134.133,202.96.188.86
O17 - HKLM\System\CS2\Services\Tcpip\..\{0D248423-7219-4ACB-AFEA-98328B602FD3}: NameServer = 202.96.134.133,202.96.188.86
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe

最后编辑2006-05-13 20:23:13
分享到:
gototop
 
2116bromgamed2m
头像
锋芒艾服狮
  • 帖子:1263
  • 注册: 2005-10-18
  • 来自:SC
发表于: 2006-05-13 20:23 | 短消息 资料
字号: 2楼

修复:

F3 - REG:win.ini: load=c:\windows\alg.exe
所有01项
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O4 - 启动项HKLM\\Run: [services] c:\windows\services.exe
O4 - HKCU\..\Run: [services] c:\windows\services.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1

删除:

c:\windows\services.exe
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT