IE被9505锁定,不管点什么网站都会自动跳回www.9505.com上网导航!!
在论坛里搜索到扫描日志的方法,把扫描的内容发上来给大侠们看看,帮帮我啊!!
当前运行的进程:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\HijackThis1991zww.exe
O1 - Hosts: 219.139.58.97 www.hao123.com
O1 - Hosts: 219.139.58.97 hao123.com
O1 - Hosts: 219.139.58.97 www.7b.com.cn
O1 - Hosts: 219.139.58.97 7b.com.cn
O1 - Hosts: 219.139.58.97 www.7939.com
O1 - Hosts: 219.139.58.97 www.maohehe.com
O1 - Hosts: 219.139.58.97 www.sina-baidu.com
O1 - Hosts: 219.139.58.97 sina-baidu.com
O1 - Hosts: 219.139.58.97 www.maipao.com
O1 - Hosts: 219.139.58.97 update.virussky.com
O1 - Hosts: 219.139.58.97 down.virussky.com
O1 - Hosts: 219.139.58.97 www.ycdy.com
O1 - Hosts: 219.139.58.97 ycdy.com
O1 - Hosts: 219.139.58.97 www.2tu.cn
O1 - Hosts: 219.139.58.97 2tu.cn
O1 - Hosts: 219.139.58.97 www.91tu.cn
O1 - Hosts: 219.139.58.97 91tu.cn
O1 - Hosts: 219.139.58.97 www.haotop.com
O1 - Hosts: 219.139.58.97 news01.virussky.com
O1 - Hosts: 219.139.58.97 news02.virussky.com
O1 - Hosts: 219.139.58.97 news03.virussky.com
O1 - Hosts: 219.139.58.97 news04.virussky.com
O1 - Hosts: 219.139.58.97 news40.virussky.com
O1 - Hosts: 219.139.58.97 news41.virussky.com
O1 - Hosts: 219.139.58.97 news42.virussky.com
O1 - Hosts: 219.139.58.97 www.an85.com
O1 - Hosts: 219.139.58.97 an85.com
O1 - Hosts: 219.139.58.97 www.360safe.com
O1 - Hosts: 219.139.58.97 360safe.com
O1 - Hosts: 219.139.58.97 update.360safe.com
O1 - Hosts: 219.139.58.97 dl.360safe.com
O1 - Hosts: 219.139.58.97 bbs.360safe.com
O1 - Hosts: 219.139.58.97 www.gao58.com
O1 - Hosts: 219.139.58.97 count16.51yes.com
O1 - Hosts: 219.139.58.97 count18.51yes.com
O1 - Hosts: 219.139.58.97 count20.51yes.com
O1 - Hosts: 219.139.58.97 www.ok538.com
O1 - Hosts: 219.139.58.97 www.3000sss.com
O1 - Hosts: 219.139.58.97 3000sss.com
O1 - Hosts: 219.139.58.97 www.qq658.com
O1 - Hosts: 219.139.58.97 www.53679.com
O1 - Hosts: 219.139.58.97 www.17587.net
O1 - Hosts: 219.139.58.97 www.17587.com
O1 - Hosts: 219.139.58.97 www.an188.com
O1 - Hosts: 219.139.58.97 cwzwxm.3322.org
O1 - Hosts: 219.139.58.97 www.onediy.net
O1 - Hosts: 219.139.58.97 sohu.fswan.com
O1 - Hosts: 219.139.58.97 www.hewdq.com
O1 - Hosts: 219.139.58.97 go.ipcenter.cn
O1 - Hosts: 219.139.58.97 www.32666.com
O1 - Hosts: 219.139.58.97 show.googleadsenseagent.com
O1 - Hosts: 219.139.58.97 www.2yin.cn
O1 - Hosts: 219.139.58.97 2yin.cn
O1 - Hosts: 219.139.58.97 www.84442.com
O1 - Hosts: 219.139.58.97 www.898333.com
O1 - Hosts: 219.139.58.97 hewdq.com
O1 - Hosts: 219.139.58.97 84442.com
O1 - Hosts: 219.139.58.97 wwww.systeel.com.cn
O1 - Hosts: 219.139.58.97 go.baibaoxiang.cn
O1 - Hosts: 219.139.58.97 www.btbaicai.com
O1 - Hosts: 219.139.58.97 btbaicai.com
O1 - Hosts: 219.139.58.97 www.2t2t.cn
O1 - Hosts: 219.139.58.97 2t2t.cn
O1 - Hosts: 219.139.58.97 3.a.kal.cn
O1 - Hosts: 219.139.58.97 www.222978.com
O1 - Hosts: 219.139.58.97 www.5yaowan.com
O1 - Hosts: 219.139.58.97 show.roogoo.com
O1 - Hosts: 219.139.58.97 ip.alexaanywhere.com
O1 - Hosts: 219.139.58.97 www.znmq.com
O1 - Hosts: 219.139.58.97 www.pctutu.com
O1 - Hosts: 219.139.58.97 www.7322.com
O1 - Hosts: 219.139.58.97 www.5566.net
O1 - Hosts: 219.139.58.97 www.9991.com
O1 - Hosts: 219.139.58.97 forum.ikaka.com
O1 - Hosts: 219.139.58.97 www.ikaka.com
O1 - Hosts: 219.139.58.97 www.piaoxue.com
O1 - Hosts: 219.139.58.97 forum.jiangmin.com
O1 - Hosts: 219.139.58.97 update.jiangmin.com
O1 - Hosts: 219.139.58.97 post.baidu.com
O1 - Hosts: 219.139.58.97 zhidao.baidu.com
O1 - Hosts: 219.139.58.97 update.rising.com.cn
O1 - Hosts: 219.139.58.97 online.rising.com.cn
O1 - Hosts: 219.139.58.97 dl.pconline.com.cn
O1 - Hosts: 219.139.58.97 space.uwants.com
O1 - Hosts: 219.139.58.97 www.pcav.cn
O1 - Hosts: 219.139.58.97 mopery.hits.io
O1 - Hosts: 219.139.58.97 www.goodmv.cn
O1 - Hosts: 219.139.58.97 www.5566.net
O1 - Hosts: 219.139.58.97 www.9991.com
O1 - Hosts: 219.139.58.97 9991.com
O1 - Hosts: 219.139.58.97 www.piaoxue.com
O1 - Hosts: 219.139.58.97 www.luosoft.com
O1 - Hosts: 219.139.58.97 luosoft.com
O1 - Hosts: 219.139.58.97 www.caiqiyue.com
O1 - Hosts: 219.139.58.97 toolsbar.kuaiso.com
O1 - Hosts: 219.139.58.97 www.kuaiso.com
O1 - Hosts: 219.139.58.97 www.7255.com
O1 - Hosts: 219.139.58.97 7255.com
O1 - Hosts: 219.139.58.97 www.adanywhere.cn
O1 - Hosts: 219.139.58.97 ip.adanywhere.cn
O1 - Hosts: 219.139.58.97 ip1.adanywhere.cn
O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [NvCplDaemon] ; RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - 启动项HKLM\\Run: [Thunder] ; "C:\Program Files\Thunder Network\Thunder\ThunderShell.exe" /s
O4 - 启动项HKLM\\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - 启动项HKLM\\Run: [WangWang] "C:\Program Files\淘宝网\淘宝旺旺\WangWang.EXE"
O4 - 启动项HKLM\\Run: [R] C:\WINDOWS\system32\rundll32.exe ctfmon.dll s
O4 - 启动项HKLM\\Run: [dl_accel] C:\Program Files\3721\Dlaccel\YDownloader.exe
O4 - 启动项HKLM\\Run: [NeroFilterCheck] ; C:\WINDOWS\system32\NeroCheck.exe
O4 - 启动项HKLM\\Run: [NvMediaCenter] ; RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - 启动项HKLM\\Run: [nwiz] ; nwiz.exe /install
O4 - 启动项HKLM\\Run: [RaidTool] ; C:\Program Files\VIA\RAID\raid_tool.exe
O4 - 启动项HKLM\\Run: [snpstd] ; C:\WINDOWS\vsnpstd.exe
O4 - 启动项HKLM\\Run: [TkBellExe] ; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [fcc67d577195f664e2096c3d3f94b234] ; "C:\Stoneage80_Release.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - IE右键菜单中的新增项目: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm
O8 - IE右键菜单中的新增项目: &使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - C:\Program Files\tencent\QQ\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - C:\Program Files\tencent\QQ\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - C:\Program Files\tencent\QQ\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - C:\Program Files\tencent\QQ\SendMMS.htm
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (CEditCtrl
Object) - https://img.alipay.com/download/1007/aliedit.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {C661F36D-DF85-4EF4-83C7-E107B83D04B1} (WebActivater Control) -
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{406D6724-61B2-4AF9-92FB-97A3448FC560}: NameServer = 60.191.134.206,60.191.134.205
O17 - HKLM\System\CS1\Services\Tcpip\..\{406D6724-61B2-4AF9-92FB-97A3448FC560}: NameServer = 60.191.134.206,60.191.134.205
O18 - 列举现有的协议: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - 列举现有的协议: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O23 - NT 服务: 卡巴斯基反病毒软件6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
O23 - NT 服务: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - D:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - NT 服务: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - NT 服务: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
用SRENG,启动之后的提示是:"警告!注册表值UIHost被修改为非正常值(默认值是logonui.exe)请检查你的系统中可能存在的计算机病毒!!"而且这个文件不允许删除~~~~
本人在这方面是超级菜鸟,希望大侠客们能给我详细的解决方法,小女子在这先拜谢各位了~~~
