1   1  /  1  页   跳转

救救菜鸟http://www.17777.com

收藏
shulin2000
头像
初生襁褓狮
  • 帖子:33
  • 注册: 2005-10-02
  • 来自:
发表于: 2005-10-03 10:50 | 只看楼主 短消息 资料
字号: 1楼

救救菜鸟http://www.17777.com

主页被改为http://www.17777.com
偶尔还有弹出窗口广告
俺好多不懂,刚下的HijackThis v1.99.1  ,不知道咋个用
请大哥们介绍详细点,谢谢


Logfile of HijackThis v1.99.1
Scan saved at 10:45:06, on 2005-10-3
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
d:\瑞星\rising\rfw\rfwsrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\RunDll32.exe
D:\瑞星\RISING\RAV\RAVTIMER.EXE
D:\瑞星\RISING\RAV\RAVMON.EXE
C:\WINDOWS\system32\spoolsv.exe
D:\瑞星\Rising\Rfw\rfwmain.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\VM_STI.EXE
C:\WINDOWS\System32\d11host.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
D:\瑞星\RISING\RAV\CCENTER.EXE
D:\瑞星\RISING\RAV\Ravmond.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\System32\svchost.exe
D:\瑞星\RISING\RAV\RavStub.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\kakazushou\HijackThis 1.99.1\hijackthis\HijackThis.exe

R3 - Default URLSearchHook is missing
O1 - Hosts: 222.83.177.22 popme.163.com
O1 - Hosts: 222.83.177.22 www.xk99.com
O1 - Hosts: 222.83.177.22 www.006.net
O1 - Hosts: 222.83.177.22 006.net
O1 - Hosts: 222.83.177.22 www.cmfu.com
O1 - Hosts: 222.83.177.22 www.free120.com
O1 - Hosts: 222.83.177.22 www.4577.com
O1 - Hosts: 222.83.177.22 www.9617.com
O1 - Hosts: 222.83.177.22 www.fjwz.com
O1 - Hosts: 222.83.177.22 partner.cpc.sohu.com
O1 - Hosts: 222.83.177.22 ad4.sina.com.cn
O1 - Hosts: 222.83.177.22 music.17o8.comer.cpc.sohu.com
O1 - Hosts: 222.83.177.22 ad.tom.com
O1 - Hosts: 222.83.177.22 search.union.3721.com
O1 - Hosts: 222.83.177.22 post.baidu.com
O1 - Hosts: 222.83.177.22 mp3.baidu.com
O1 - Hosts: 222.83.177.22 image.baidu.com
O1 - Hosts: 222.83.177.22 site.google.com
O1 - Hosts: 222.83.177.22 flash.baidu.com
O1 - Hosts: 222.83.177.22 assistant.3721.com
O1 - Hosts: 222.83.177.22 pfp.sina.com.cn
O1 - Hosts: 222.83.177.22 cn.websearch.yahoo.com
O1 - Hosts: 222.83.177.22 sms.qq.com
O1 - Hosts: 222.83.177.22 www.qq.com
O1 - Hosts: 222.83.177.22 partner.lead2.com.cn
O1 - Hosts: 222.83.177.22 ad.cn.doubleclick.net
O1 - Hosts: 222.83.177.22 auto.search.msn.com
O1 - Hosts: 222.83.177.22 www.ourgame.com
O1 - Hosts: 222.83.177.22 www.the9.com
O1 - Hosts: 222.83.177.22 www.flashempire.com
O1 - Hosts: 222.83.177.22 www.qq163.com
O1 - Hosts: 222.83.177.22 www.9sky.com
O1 - Hosts: 222.83.177.22 www.tom-1.com
O1 - Hosts: 222.83.177.22 www.17173.com
O1 - Hosts: 222.83.177.22 www.yaotou.com
O1 - Hosts: 222.83.177.22 union.3721.com
O1 - Hosts: 222.83.177.22 music.feifa.com
O1 - Hosts: 222.83.177.22 www.vodfans.com
O1 - Hosts: 222.83.177.22 www.sogua.com
O1 - Hosts: 222.83.177.22 fm974.tom.com
O1 - Hosts: 222.83.177.22 ent.tom.com
O1 - Hosts: 222.83.177.22 music.tyfo.com
O1 - Hosts: 222.83.177.22 www.wanwa.com
O1 - Hosts: 222.83.177.22 www.guang.org
O1 - Hosts: 222.83.177.22 www.wz.zj.cn
O1 - Hosts: 222.83.177.22 www.3189.net
O1 - Hosts: 222.83.177.22 music.17o8.com
O1 - Hosts: 222.83.177.22 www.99music.net
O1 - Hosts: 222.83.177.22 www.cococ.com
O1 - Hosts: 222.83.177.22 www.qqqq.cn
O1 - Hosts: 222.83.177.22 www.bnb.com.cn
O1 - Hosts: 222.83.177.22 www.z163.com
O1 - Hosts: 222.83.177.22 game.163.com
O1 - Hosts: 222.83.177.22 games.sina.com.cn
O1 - Hosts: 222.83.177.22 www.v111.com
O1 - Hosts: 222.83.177.22 music.v111.com
O1 - Hosts: 222.83.177.22 www.3tom.com
O1 - Hosts: 222.83.177.22 www.xkqq.com
O1 - Hosts: 222.83.177.22 www.verymp3.com
O1 - Hosts: 222.83.177.22 www.91look.com
O1 - Hosts: 222.83.177.22 www.168101.com
O1 - Hosts: 222.83.177.22 www.cmfu.com
O1 - Hosts: 222.83.177.22 www.woogood.com
O1 - Hosts: 222.83.177.22 www.haodx.com
O1 - Hosts: 222.83.177.22 www.yingku.com
O1 - Hosts: 222.83.177.22 www.flash51.com
O1 - Hosts: 222.83.177.22 www.17haha.com
O1 - Hosts: 222.83.177.22 www.432.cn
O1 - Hosts: 222.83.177.22 www.cnxp.com
O1 - Hosts: 222.83.177.22 www.hjsm.net
O1 - Hosts: 222.83.177.22 music.8wa.com
O1 - Hosts: 222.83.177.22 www.66vv.com
O1 - Hosts: 222.83.177.22 www.musicfbi.com
O1 - Hosts: 222.83.177.22 www.vv66.com
O1 - Hosts: 222.83.177.22 www.139mm.com
O1 - Hosts: 222.83.177.22 www.130wg.com
O1 - Hosts: 222.83.177.22 www.flashsea.com
O1 - Hosts: 222.83.177.22 movie.59178.com
O1 - Hosts: 222.83.177.22 www.wo123.com
O1 - Hosts: 222.83.177.22 www.1ya.cn
O1 - Hosts: 222.83.177.22 www.happy8.cn
O1 - Hosts: 222.83.177.22 www.s6.cn
O1 - Hosts: 222.83.177.22 www.hao123.com
O1 - Hosts: 222.83.177.22 www.qqee.com
O1 - Hosts: 222.83.177.22 imgu.21cn.com
O1 - Hosts: 222.83.177.22 www.sohu123.com
O1 - Hosts: 222.83.177.22 www.chinamp3.com
O1 - Hosts: 222.83.177.22 www.18z.net
O1 - Hosts: 222.83.177.22 www.ssxs.com
O1 - Hosts: 222.83.177.22 www.fjwz.net
O1 - Hosts: 222.83.177.22 www.wo365.com
O1 - Hosts: 222.83.177.22 www.zhao99.com
O1 - Hosts: 222.83.177.22 www.cn808.net
O1 - Hosts: 222.83.177.22 www.tt55.net
O1 - Hosts: 222.83.177.22 www.mp3tt.com
O1 - Hosts: 222.83.177.22 www.yi5.com
O1 - Hosts: 222.83.177.22 www.haozs.com
O1 - Hosts: 222.83.177.22 www.77ttt.com
O1 - Hosts: 222.83.177.22 www.77xi.com
O1 - Hosts: 222.83.177.22 13258.com
O1 - Hosts: 222.83.177.22 www.13258.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\KODAK\start\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Wbho Class - {40E3A34A-3282-41F8-AD2C-051BAB96AD4A} - C:\WINDOWS\System32\Usign.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\flashget\fg\jccatch.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\flashget\fg\fgiebar.dll
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [RavTimer] D:\瑞星\RISING\RAV\RAVTIMER.EXE
O4 - HKLM\..\Run: [RavMon] D:\瑞星\RISING\RAV\RAVMON.EXE -SYSTEM
O4 - HKLM\..\Run: [RfwMain] "D:\瑞星\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE USB PC Camera 301P
O4 - HKLM\..\Run: [internet.exe] C:/WINDOWS/system.hta
O4 - HKLM\..\Run: [3721] C:\$NtUninstallQ5926809$\3721.bat
O4 - HKLM\..\Run: [d11host] C:\WINDOWS\System32\d11host.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [] regedit -s C:\$NtUninstallQ5926809$\sp4custom.dll
O4 - HKCU\..\Run: [3721] C:\$NtUninstallQ5926809$\3721.bat
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
O4 - Global Startup: 柯达 EasyShare 软件.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O8 - Extra context menu item: 使用网际快车下载 - D:\Program Files\flashget\fg\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - D:\Program Files\flashget\fg\jc_all.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\qq\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\qq\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\qq\SendMMS.htm
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\flashget\fg\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\flashget\fg\flashget.exe
O9 - Extra button: 访问瑞星网站 - {FF2DE7A6-ECB1-4CBC-9C0E-D92A9E66E444} - http://www.rising.com.cn (file missing)
O9 - Extra button: 访问卡卡社区 - {FF2DE7A6-ECB1-4CBC-9C0E-D92A9E66E445} - http://www.ikaka.com (file missing)
O12 - Plugin for .mp3: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: {2EA6D939-4445-43F1-A12B-8CB3DDA8B855} (BlueskyVideo Control) - http://www.bluesky.cn/download/v2_60.cab
O16 - DPF: {7253A666-8D4A-11D7-A4DC-00E04C504779} (BDC Control) - http://www.qingyiliao.com/BDC.cab
O16 - DPF: {991481A7-4669-4E15-8C24-100404E1F5CB} (Blueskyvoice Control) - http://www.bluesky.cn/download/blueskyvoice_60.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8C55CBD5-0317-4CF5-817E-A9A3D41D154C}: NameServer = 218.77.31.200
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Corporation Limited - d:\瑞星\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - rising - D:\瑞星\RISING\RAV\CCENTER.EXE
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\瑞星\RISING\RAV\Ravmond.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE

最后编辑2005-10-04 11:14:21
分享到:
gototop
 
建能
头像
横据古稀狮
  • 帖子:5755
  • 注册: 2005-04-01
  • 来自:
发表于: 2005-10-03 11:13 | 短消息 资料
字号: 2楼

O2 - BHO: Wbho Class - {40E3A34A-3282-41F8-AD2C-051BAB96AD4A} - C:\WINDOWS\System32\Usign.dll
O2 - BHO: Wbho Class - {40E3A34A-3282-41F8-AD2C-051BAB96AD4A} - C:\WINDOWS\System32\Usign.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\flashget\fg\jccatch.dll
O4 - HKLM\..\Run: [internet.exe] C:/WINDOWS/system.hta
O4 - HKLM\..\Run: [3721] C:\$NtUninstallQ5926809$\3721.bat
O4 - HKLM\..\Run: [d11host] C:\WINDOWS\System32\d11host.exe
O4 - HKCU\..\Run: [] regedit -s C:\$NtUninstallQ5926809$\sp4custom.dll
O4 - HKCU\..\Run: [3721] C:\$NtUninstallQ5926809$\3721.bat
所有01 项如果使用了系统还原,请先关闭。
请关闭所有浏览器窗口和文件夹窗口, 在安全摸试下修复上面几项)(如果你清楚某项是安全的,可以不处理)
,将隐藏的文件不隐藏。找到下面几项C:\WINDOWS\System32\Usign.dll
C:/WINDOWS/system.hta
D:\PROGRA~1\flashget\fg\jccatch.dll把它们删除。
gototop
 
shulin2000
头像
初生襁褓狮
  • 帖子:33
  • 注册: 2005-10-02
  • 来自:
发表于: 2005-10-04 10:42 | 只看楼主 短消息 资料
字号: 3楼

修复了一下,但
C:\WINDOWS\System32\Usign.dll
C:/WINDOWS/system.hta
D:\PROGRA~1\flashget\fg\jccatch.dll
这3个文件1个没找到啊!还有个路径是错误的.怎么回事,大哥们再帮给看看.再讲详细些
谢谢啦!

HijackThis_zww汉化版扫描日志 V1.99.1
保存于      10:20:22, 日期 2005-10-4
操作系统:  Windows XP  (WinNT 5.01.2600)
浏览器:    Internet Explorer v6.00 (6.00.2600.0000)

当前运行的进程:         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
D:\kakazushou\hanhua\4483172005624221516\HijackThis1991zww.exe

R3 - 默认的URLSearchHook丢失。用HijackThis修复
O1 - Hosts: 222.83.177.22 popme.163.com
O1 - Hosts: 222.83.177.22 www.xk99.com
O1 - Hosts: 222.83.177.22 www.006.net
O1 - Hosts: 222.83.177.22 006.net
O1 - Hosts: 222.83.177.22 www.cmfu.com
O1 - Hosts: 222.83.177.22 www.free120.com
O1 - Hosts: 222.83.177.22 www.4577.com
O1 - Hosts: 222.83.177.22 www.9617.com
O1 - Hosts: 222.83.177.22 www.fjwz.com
O1 - Hosts: 222.83.177.22 partner.cpc.sohu.com
O1 - Hosts: 222.83.177.22 ad4.sina.com.cn
O1 - Hosts: 222.83.177.22 music.17o8.comer.cpc.sohu.com
O1 - Hosts: 222.83.177.22 ad.tom.com
O1 - Hosts: 222.83.177.22 search.union.3721.com
O1 - Hosts: 222.83.177.22 post.baidu.com
O1 - Hosts: 222.83.177.22 mp3.baidu.com
O1 - Hosts: 222.83.177.22 image.baidu.com
O1 - Hosts: 222.83.177.22 site.google.com
O1 - Hosts: 222.83.177.22 flash.baidu.com
O1 - Hosts: 222.83.177.22 assistant.3721.com
O1 - Hosts: 222.83.177.22 pfp.sina.com.cn
O1 - Hosts: 222.83.177.22 cn.websearch.yahoo.com
O1 - Hosts: 222.83.177.22 sms.qq.com
O1 - Hosts: 222.83.177.22 www.qq.com
O1 - Hosts: 222.83.177.22 partner.lead2.com.cn
O1 - Hosts: 222.83.177.22 ad.cn.doubleclick.net
O1 - Hosts: 222.83.177.22 auto.search.msn.com
O1 - Hosts: 222.83.177.22 www.ourgame.com
O1 - Hosts: 222.83.177.22 www.the9.com
O1 - Hosts: 222.83.177.22 www.flashempire.com
O1 - Hosts: 222.83.177.22 www.qq163.com
O1 - Hosts: 222.83.177.22 www.9sky.com
O1 - Hosts: 222.83.177.22 www.tom-1.com
O1 - Hosts: 222.83.177.22 www.17173.com
O1 - Hosts: 222.83.177.22 www.yaotou.com
O1 - Hosts: 222.83.177.22 union.3721.com
O1 - Hosts: 222.83.177.22 music.feifa.com
O1 - Hosts: 222.83.177.22 www.vodfans.com
O1 - Hosts: 222.83.177.22 www.sogua.com
O1 - Hosts: 222.83.177.22 fm974.tom.com
O1 - Hosts: 222.83.177.22 ent.tom.com
O1 - Hosts: 222.83.177.22 music.tyfo.com
O1 - Hosts: 222.83.177.22 www.wanwa.com
O1 - Hosts: 222.83.177.22 www.guang.org
O1 - Hosts: 222.83.177.22 www.wz.zj.cn
O1 - Hosts: 222.83.177.22 www.3189.net
O1 - Hosts: 222.83.177.22 music.17o8.com
O1 - Hosts: 222.83.177.22 www.99music.net
O1 - Hosts: 222.83.177.22 www.cococ.com
O1 - Hosts: 222.83.177.22 www.qqqq.cn
O1 - Hosts: 222.83.177.22 www.bnb.com.cn
O1 - Hosts: 222.83.177.22 www.z163.com
O1 - Hosts: 222.83.177.22 game.163.com
O1 - Hosts: 222.83.177.22 games.sina.com.cn
O1 - Hosts: 222.83.177.22 www.v111.com
O1 - Hosts: 222.83.177.22 music.v111.com
O1 - Hosts: 222.83.177.22 www.3tom.com
O1 - Hosts: 222.83.177.22 www.xkqq.com
O1 - Hosts: 222.83.177.22 www.verymp3.com
O1 - Hosts: 222.83.177.22 www.91look.com
O1 - Hosts: 222.83.177.22 www.168101.com
O1 - Hosts: 222.83.177.22 www.cmfu.com
O1 - Hosts: 222.83.177.22 www.woogood.com
O1 - Hosts: 222.83.177.22 www.haodx.com
O1 - Hosts: 222.83.177.22 www.yingku.com
O1 - Hosts: 222.83.177.22 www.flash51.com
O1 - Hosts: 222.83.177.22 www.17haha.com
O1 - Hosts: 222.83.177.22 www.432.cn
O1 - Hosts: 222.83.177.22 www.cnxp.com
O1 - Hosts: 222.83.177.22 www.hjsm.net
O1 - Hosts: 222.83.177.22 music.8wa.com
O1 - Hosts: 222.83.177.22 www.66vv.com
O1 - Hosts: 222.83.177.22 www.musicfbi.com
O1 - Hosts: 222.83.177.22 www.vv66.com
O1 - Hosts: 222.83.177.22 www.139mm.com
O1 - Hosts: 222.83.177.22 www.130wg.com
O1 - Hosts: 222.83.177.22 www.flashsea.com
O1 - Hosts: 222.83.177.22 movie.59178.com
O1 - Hosts: 222.83.177.22 www.wo123.com
O1 - Hosts: 222.83.177.22 www.1ya.cn
O1 - Hosts: 222.83.177.22 www.happy8.cn
O1 - Hosts: 222.83.177.22 www.s6.cn
O1 - Hosts: 222.83.177.22 www.hao123.com
O1 - Hosts: 222.83.177.22 www.qqee.com
O1 - Hosts: 222.83.177.22 imgu.21cn.com
O1 - Hosts: 222.83.177.22 www.sohu123.com
O1 - Hosts: 222.83.177.22 www.chinamp3.com
O1 - Hosts: 222.83.177.22 www.18z.net
O1 - Hosts: 222.83.177.22 www.ssxs.com
O1 - Hosts: 222.83.177.22 www.fjwz.net
O1 - Hosts: 222.83.177.22 www.wo365.com
O1 - Hosts: 222.83.177.22 www.zhao99.com
O1 - Hosts: 222.83.177.22 www.cn808.net
O1 - Hosts: 222.83.177.22 www.tt55.net
O1 - Hosts: 222.83.177.22 www.mp3tt.com
O1 - Hosts: 222.83.177.22 www.yi5.com
O1 - Hosts: 222.83.177.22 www.haozs.com
O1 - Hosts: 222.83.177.22 www.77ttt.com
O1 - Hosts: 222.83.177.22 www.77xi.com
O1 - Hosts: 222.83.177.22 13258.com
O1 - Hosts: 222.83.177.22 www.13258.com
O3 - IE工具栏增项: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\flashget\fg\fgiebar.dll
O3 - IE工具栏增项: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - 启动项HKLM\\Run: [RavTimer] D:\瑞星\RISING\RAV\RAVTIMER.EXE
O4 - 启动项HKLM\\Run: [RavMon] D:\瑞星\RISING\RAV\RAVMON.EXE -SYSTEM
O4 - 启动项HKLM\\Run: [RfwMain] "D:\瑞星\Rising\Rfw\rfwmain.exe" -Startup
O4 - 启动项HKLM\\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - 启动项HKLM\\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE USB PC Camera 301P
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
O4 - Global Startup: 柯达 EasyShare 软件.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - D:\Program Files\flashget\fg\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - D:\Program Files\flashget\fg\jc_all.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - D:\qq\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - D:\qq\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - D:\qq\SendMMS.htm
O9 - 浏览器额外的按钮: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - 浏览器额外的“工具”菜单项: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - 浏览器额外的按钮: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\flashget\fg\flashget.exe
O9 - 浏览器额外的“工具”菜单项: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\flashget\fg\flashget.exe
O9 - 浏览器额外的按钮: 访问瑞星网站 - {FF2DE7A6-ECB1-4CBC-9C0E-D92A9E66E444} - http://www.rising.com.cn (file missing)
O9 - 浏览器额外的按钮: 访问卡卡社区 - {FF2DE7A6-ECB1-4CBC-9C0E-D92A9E66E445} - http://www.ikaka.com (file missing)
O12 - IE插件,支持文件类型.mp3: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: {2EA6D939-4445-43F1-A12B-8CB3DDA8B855} (BlueskyVideo Control) - http://www.bluesky.cn/download/v2_60.cab
O16 - DPF: {7253A666-8D4A-11D7-A4DC-00E04C504779} (BDC Control) - http://www.qingyiliao.com/BDC.cab
O16 - DPF: {991481A7-4669-4E15-8C24-100404E1F5CB} (Blueskyvoice Control) - http://www.bluesky.cn/download/blueskyvoice_60.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8C55CBD5-0317-4CF5-817E-A9A3D41D154C}: NameServer = 218.77.31.200
O23 - NT 服务: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - NT 服务: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - NT 服务: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Corporation Limited - d:\瑞星\rising\rfw\rfwsrv.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - rising - D:\瑞星\RISING\RAV\CCENTER.EXE
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\瑞星\RISING\RAV\Ravmond.exe
O23 - NT 服务: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
gototop
 
飞跃迷离
头像
社区嘉宾
  • 帖子:7351
  • 注册: 2004-10-15
  • 来自:
发表于: 2005-10-04 10:45 | 短消息 资料
字号: 4楼

修复:

R3 - 默认的URLSearchHook丢失。用HijackThis修复

所有01项
gototop
 
shulin2000
头像
初生襁褓狮
  • 帖子:33
  • 注册: 2005-10-02
  • 来自:
发表于: 2005-10-04 11:14 | 只看楼主 短消息 资料
字号: 5楼

谢谢建能!
谢谢飞跃迷离!
谢谢大家!!
偶爱你们!!!
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT