1   1  /  1  页   跳转

我机子IE被劫持了

收藏
爱文兰
头像
拙长孩提狮
  • 帖子:59
  • 注册: 2004-02-15
  • 来自:
发表于: 2005-07-05 14:45 | 显示全部 短消息 资料
字号: 1楼

我机子IE被劫持了

http://www.vv78.com/real/
就是这个网
最后编辑2005-07-06 21:19:49
分享到:
gototop
 
爱文兰
头像
拙长孩提狮
  • 帖子:59
  • 注册: 2004-02-15
  • 来自:
发表于: 2005-07-05 14:48 | 显示全部 短消息 资料
字号: 2楼

没人帮帮我啊
gototop
 
爱文兰
头像
拙长孩提狮
  • 帖子:59
  • 注册: 2004-02-15
  • 来自:
发表于: 2005-07-05 14:52 | 显示全部 短消息 资料
字号: 3楼

......在线等救济啊
gototop
 
爱文兰
头像
拙长孩提狮
  • 帖子:59
  • 注册: 2004-02-15
  • 来自:
发表于: 2005-07-06 20:32 | 显示全部 短消息 资料
字号: 4楼

我不懂啊 能和我说清楚点吗?
gototop
 
爱文兰
头像
拙长孩提狮
  • 帖子:59
  • 注册: 2004-02-15
  • 来自:
发表于: 2005-07-06 21:12 | 显示全部 短消息 资料
字号: 5楼

HijackThis@Qoo的扫描日志  V1.97.7
Scan saved at PM 09:00:12, on 2005/7/6
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\rising\rfw\rfwsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\soundman.exe
C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
C:\Program Files\rising\Rfw\rfwmain.exe
C:\WINDOWS\vsncp106.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\ctfmon.exe
D:\QQ\QQ.exe
D:\QQ\TIMPlatform.exe
C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\conime.exe
C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
C:\PROGRAM FILES\RISING\RAV\RavStub.exe
c:\program files\rising\rav\RAVMON.EXE
D:\新建文件夹 (2)\qq\QQ.exe
C:\Program Files\Internet Explorer\iexplore.exe
E:\新建文件夹\HijackThis.exe

O1 - Hosts: 61.129.88.171 www.7t7t.com
O1 - Hosts: 61.129.88.171 7t7t.com
O1 - Hosts: 61.129.88.171 www.517tg.net
O1 - Hosts: 61.129.88.171 517tg.net
O1 - Hosts: 61.129.88.171 www.8848wg.com
O1 - Hosts: 61.129.88.171 8848wg.com
O1 - Hosts: 61.129.88.171 www.hot57.com
O1 - Hosts: 61.129.88.171 hot57.com
O1 - Hosts: 61.129.88.171 www.music9999.com
O1 - Hosts: 61.129.88.171 music9999.com
O1 - Hosts: 61.129.88.171 www.jx263.com
O1 - Hosts: 61.129.88.171 jx263.com
O1 - Hosts: 61.129.88.171 www.666ccc.com
O1 - Hosts: 61.129.88.171 666ccc.com
O1 - Hosts: 61.129.88.171 www.liu6.com
O1 - Hosts: 61.129.88.171 liu6.com
O1 - Hosts: 61.129.88.171 www.poptang.com
O1 - Hosts: 61.129.88.171 poptang.com
O1 - Hosts: 61.129.88.171 www.maoxiandao.com
O1 - Hosts: 61.129.88.171 maoxiandao.com
O1 - Hosts: 61.129.88.171 www.qq65.com
O1 - Hosts: 61.129.88.171 qq65.com
O1 - Hosts: 61.129.88.171 www.zhao123.com
O1 - Hosts: 61.129.88.171 zhao123.com
O1 - Hosts: 61.129.88.171 www.4399.com
O1 - Hosts: 61.129.88.171 4399.com
O1 - Hosts: 61.129.88.171 www.chinagames.net
O1 - Hosts: 61.129.88.171 chinagames.net
O1 - Hosts: 61.129.88.171 www.tiexue.net
O1 - Hosts: 61.129.88.171 tiexue.net
O1 - Hosts: 61.129.88.171 www.qq163.com
O1 - Hosts: 61.129.88.171 qq163.com
O1 - Hosts: 61.129.88.171 www.tt67.com
O1 - Hosts: 61.129.88.171 tt67.com
O1 - Hosts: 61.129.88.171 www.chinamp3.com
O1 - Hosts: 61.129.88.171 chinamp3.com
O1 - Hosts: 61.129.88.171 www.pg168.com
O1 - Hosts: 61.129.88.171 pg168.com
O1 - Hosts: 61.129.88.171 www.yymp3.com
O1 - Hosts: 61.129.88.171 yymp3.com
O1 - Hosts: 61.129.88.171 www.yy138.com
O1 - Hosts: 61.129.88.171 yy138.com
O1 - Hosts: 61.129.88.171 www.dj99.com
O1 - Hosts: 61.129.88.171 dj99.com
O1 - Hosts: 61.129.88.171 www.sogua.com
O1 - Hosts: 61.129.88.171 sogua.com
O1 - Hosts: 61.129.88.171 www.snsn.net
O1 - Hosts: 61.129.88.171 snsn.net
O1 - Hosts: 61.129.88.171 www.flash8.net
O1 - Hosts: 61.129.88.171 flash8.net
O1 - Hosts: 61.129.88.171 www.mop.com
O1 - Hosts: 61.129.88.171 mop.com
O1 - Hosts: 61.129.88.171 www.tianyaclub.com
O1 - Hosts: 61.129.88.171 tianyaclub.com
O1 - Hosts: 61.129.88.171 www.xici.net
O1 - Hosts: 61.129.88.171 xici.net
O1 - Hosts: 61.129.88.171 www.ucanlove.com
O1 - Hosts: 61.129.88.171 ucanlove.com
O1 - Hosts: 61.129.88.171 www.cmfu.com
O1 - Hosts: 61.129.88.171 cmfu.com
O1 - Hosts: 61.129.88.171 www.21red.net
O1 - Hosts: 61.129.88.171 21red.net
O1 - Hosts: 61.129.88.171 www.pconline.com.cn
O1 - Hosts: 61.129.88.171 pconline.com.cn
O1 - Hosts: 61.129.88.171 www.donews.com
O1 - Hosts: 61.129.88.171 donews.com
O1 - Hosts: 61.129.88.171 www.pcauto.com.cn
O1 - Hosts: 61.129.88.171 pcauto.com.cn
O1 - Hosts: 61.129.88.171 www.265.com
O1 - Hosts: 61.129.88.171 265.com
O1 - Hosts: 61.129.88.171 www.wo99.com
O1 - Hosts: 61.129.88.171 wo99.com
O1 - Hosts: 61.129.88.171 www.familydoctor.com.cn
O1 - Hosts: 61.129.88.171 familydoctor.com.cn
O1 - Hosts: 61.129.88.171 www.flashempire.com
O1 - Hosts: 61.129.88.171 flashempire.com
O1 - Hosts: 61.129.88.171 www.showgood.tv
O1 - Hosts: 61.129.88.171 showgood.tv
O1 - Hosts: 61.129.88.171 www.flashfan.net
O1 - Hosts: 61.129.88.171 flashfan.net
O1 - Hosts: 61.129.88.171 www.long21.net
O1 - Hosts: 61.129.88.171 long21.net
O1 - Hosts: 61.129.88.171 www.sowww.com
O1 - Hosts: 61.129.88.171 sowww.com
O1 - Hosts: 61.129.88.171 www.flashhome.net
O1 - Hosts: 61.129.88.171 flashhome.net
O1 - Hosts: 61.129.88.171 www.cnflash.net
O1 - Hosts: 61.129.88.171 cnflash.net
O1 - Hosts: 61.129.88.171 www.flashsky.com
O1 - Hosts: 61.129.88.171 flashsky.com
O1 - Hosts: 61.129.88.171 www.hunansky.com
O1 - Hosts: 61.129.88.171 hunansky.com
O1 - Hosts: 61.129.88.171 www.52flash.net
O1 - Hosts: 61.129.88.171 52flash.net
O1 - Hosts: 61.129.88.171 www.flashh.com
O1 - Hosts: 61.129.88.171 flashh.com
O1 - Hosts: 61.129.88.171 www.flashsun.com
O1 - Hosts: 61.129.88.171 flashsun.com
O1 - Hosts: 61.129.88.171 www.7k7k.com
O1 - Hosts: 61.129.88.171 7k7k.com
O1 - Hosts: 61.129.88.171 www.xuanxuan.com
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - D:\QQ\QQIEHelper.dll
O3 - Toolbar: ????? - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] soundman.exe
O4 - HKLM\..\Run: [RavTimer] C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [SNCP106] C:\WINDOWS\vsncp106.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [RavMon] C:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Startup: NTUSER.DAT
O4 - Startup: ntuser.dat.LOG
O4 - Startup: ntuser.ini
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\QQ\SendMMS.htm
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: QQ (HKLM)
O9 - Extra button: Real.com (HKLM)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {3D8F74EE-8692-4F8F-B8D2-7522E732519E} (WebActivater Control) - http://game.qq.com/QQGame2.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/12e993cf515f60022917/netzip/RdxIE601_cn.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1110386540075
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{600850F0-AD28-4C01-B496-FFC0DE81C2F9}: NameServer = 202.98.198.168 202.98.192.68
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - %SystemRoot%\System32\mshtml.dll
gototop
 
爱文兰
头像
拙长孩提狮
  • 帖子:59
  • 注册: 2004-02-15
  • 来自:
发表于: 2005-07-06 21:19 | 显示全部 短消息 资料
字号: 6楼

HijackThis@Qoo的扫描日志  V1.97.7
Scan saved at PM 09:17:39, on 2005/7/6
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\rising\rfw\rfwsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\soundman.exe
C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
C:\Program Files\rising\Rfw\rfwmain.exe
C:\WINDOWS\vsncp106.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\ctfmon.exe
D:\QQ\QQ.exe
D:\QQ\TIMPlatform.exe
C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\conime.exe
C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
C:\PROGRAM FILES\RISING\RAV\RavStub.exe
c:\program files\rising\rav\RAVMON.EXE
D:\新建文件夹 (2)\qq\QQ.exe
C:\Program Files\Internet Explorer\iexplore.exe
E:\新建文件夹\HijackThis.exe

O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - D:\QQ\QQIEHelper.dll
O3 - Toolbar: ????? - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] soundman.exe
O4 - HKLM\..\Run: [RavTimer] C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [RavMon] C:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Startup: NTUSER.DAT
O4 - Startup: ntuser.dat.LOG
O4 - Startup: ntuser.ini
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\QQ\SendMMS.htm
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: QQ (HKLM)
O9 - Extra button: Real.com (HKLM)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {3D8F74EE-8692-4F8F-B8D2-7522E732519E} (WebActivater Control) - http://game.qq.com/QQGame2.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{600850F0-AD28-4C01-B496-FFC0DE81C2F9}: NameServer = 202.98.198.168 202.98.192.68
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - %SystemRoot%\System32\mshtml.dll
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT