这是不是灰鸽子 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛这是不是灰鸽子

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

这是不是灰鸽子

libao18 初生襁褓狮帖子:11 注册: 2005-08-21 来自:	发表于： 2005-08-21 20:13 \| 显示全部短消息资料字号：小中大 1楼这是不是灰鸽子咋天有人用了移动盘，后来重启了一次，就发现只要打开一个盘，就会有三个文件，一个被杀了，还有两个ghost.exe和windows可以删除，但开机就又有个，用瑞星查不出来，用hijackthis检查如下，请那们大侠帮帮忙看看，是不是灰鸽子，怎么办啊。。。。（记录我把前面的一些删了，因为论坛只能发达1200字） Logfile of HijackThis v1.99.1 Scan saved at 19:56:57, on 2005-8-21 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE C:\Program Files\Symantec_Client_Security\Symantec Client Firewall\NISUM.EXE C:\Program Files\rising\rav\CCenter.exe C:\Program Files\rising\rav\RavMonD.exe C:\Program Files\Symantec_Client_Security\Symantec Client Firewall\SymPxSvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.exe C:\PROGRA~1\SYMANT~1\SYMANT~1\IAMAPP.EXE C:\Program Files\rising\rav\RavMon.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\CNNIC\Cdn\cdnup.exe D:\Program Files\rili\CalSprite\CalSprite.exe C:\Program Files\Ringz Studio\Storm Downloader\StormDownloader.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Symantec_Client_Security\Symantec Client Firewall\NISSERV.EXE C:\Program Files\Messenger\msmsgs.exe D:\Program Files\认证\8021x.exe C:\Program Files\Internet Explorer\iexplore.exe D:\Program Files\office\OFFICE11\WINWORD.EXE C:\WINDOWS\SYSTEM\4C0B6.com C:\WINDOWS\System32\taskmgr.exe C:\Documents and Settings\Windows XP\桌面\新建文件夹\HijackThis.exe F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\svch0st_.exe O1 - Hosts: 218.7.124.88 www.wwwggg.com O1 - Hosts: 218.7.124.88 www.1717333.com O1 - Hosts: 218.7.124.88 www.bb999.com O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [iamapp] C:\PROGRA~1\SYMANT~1\SYMANT~1\IAMAPP.EXE O4 - HKLM\..\Run: [NMGameX_AutoRun] C:\WINDOWS\System32\Rundll32.exe NMGameX.dll,LiveProcess /aa O4 - HKLM\..\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload O4 - HKLM\..\Run: [RavTimer] C:\Program Files\rising\rav\RavTimer.exe O4 - HKLM\..\Run: [RavMon] C:\Program Files\rising\rav\RavMon.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\ item: 添加到QQ自定义面板 - D:\Program Files\qq\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - D:\Program Files\qq\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\Program Files\qq\SendMMS.htm O8 - Extra context menu item: 百度Flash搜索 - res://C:\WINDOWS\DOWNLO~1\BaiDuBar.dll/FLASHSEARCH.HTM O8 - Extra context menu item: 百度mp3搜索 - res://C:\WINDOWS\DOWNLO~1\BaiDuBar.dll/BAIDUMP3.HTM O8 - Extra context menu item: 百度信息快递搜索 - res://C:\WINDOWS\DOWNLO~1\BaiDuBar.dll/BAIDUIE.HTM O8 - Extra context menu item: 百度图片搜索 - res://C:\WINDOWS\DOWNLO~1\BaiDuBar.dll/BAIDUIMG.HTM O8 - Extra context menu item: 百度搜索 - res://C:\WINDOWS\DOWNLO~1\BaiDuBar.dll/BAIDUSEARCH.HTM O8 - Extra context menu item: 百度新闻搜索 - res://C:\WINDOWS\DOWNLO~1\BaiDuBar.dll/BAIDUNEWS.HTM O8 - Extra context menu item: 类似网页 - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: 缓存的网页快照 - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: 豪杰超级解霸V8实时播放 - D:\Program Files\Herospv8\MPURLGET.HTM O9 - Extra button: 手机短信 - {00000000-0000-0001-0001-596BAEDD1289} - http://sms.3721.com/ie/index.htm (file missing) O9 - Extra button: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-E800A446447A} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: TOL24 - {345ff7d8-2364-4ef7-889b-7d3c1d0bd342} - http://www.TOL24.com (file missing) O9 - Extra button: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll O9 - Extra 'Tools' menuitem: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll O9 - Extra button: 豪杰超级解霸V8 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - D:\Program Files\Herospv8\STHSDVD.EXE O9 - Extra 'Tools' menuitem: 豪杰超级解霸V8 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - D:\Program Files\Herospv8\STHSDVD.EXE O9 - Extra button: Yahoo 1G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.mail.yahoo.com/promo/rd1 (file missing) O9 - Extra button: 寻宝乐趣多 - {59BC54A2-56B3-44a0-93E5-432D58746E26} - http://hot.3721.com/rd/shop_btn.htm (file missing) O9 - Extra button: 上网助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://assistant.3721.com/index.htm?fb=Cns (file missing) O9 - Extra button: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~2\office\OFFICE11\REFIEBAR.DLL O9 - Extra button: 词霸 - {9A687CA6-D585-4947-9ED9-BE96071F5CD9} - D:\PROGRA~2\jscb\XDictExB.dll O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Program Files\qq\QQ.EXE O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Program Files\qq\QQ.EXE O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~2\flashget\FLASHGET\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~2\flashget\FLASHGET\flashget.exe O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\Program Files\qq\QQIEHelper.dll O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\Program Files\qq\QQIEHelper.dll O9 - Extra button: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/ (file missing) O9 - Extra button: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://assistant.3721.com/security1.htm?fb=Cns (file missing) O9 - Extra 'Tools' menuitem: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://assistant.3721.com/security1.htm?fb=Cns (file missing) O9 - Extra button: 易趣购物 - {EE60714F-AC19-427e-861A-FD60ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing) O9 - Extra 'Tools' menuitem: 易趣购物 - {EE60714F-AC19-427e-861A-FD60ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra button: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://assistant.3721.com/clean1.htm?fb=Cns (file missing) O9 - Extra 'Tools' menuitem: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://assistant.3721.com/clean1.htm?fb=Cns (file missing) O10 - Unknown file in Winsock LSP: c:\windows\system32\cdnns.dll O11 - Options group: [!CNS] 网络实名 O11 - Options group: [CDNCLIENT] 中文上网 O16 - DPF: {3359C0B1-2363-40B3-AFCA-1ABC799AC486} (SSReaderPlug Control) - http://reg.ssreader.com/ssreaderplug.ocx O16 - DPF: {3D8F74EE-8692-4F8F-B8D2-7522E732519E} (WebActivater Control) - http://game.qq.com/QQGame2.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/27317a2b8a3796d0c402/netzip/RdxIE601_cn.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{6DD3E4DB-86F4-40DF-A68A-F0122FD679F3}: NameServer = 202.114.0.242,202.112.20.131 O17 - HKLM\System\CS1\Services\Tcpip\..\{6DD3E4DB-86F4-40DF-A68A-F0122FD679F3}: NameServer = 202.114.0.242,202.112.20.131 O17 - HKLM\System\CS2\Services\Tcpip\..\{6DD3E4DB-86F4-40DF-A68A-F0122FD679F3}: NameServer = 202.114.0.242,202.112.20.131 O18 - Protocol: dic - {C21F5C32-F57A-4A0D-8E0A-B672691C52D0} - D:\PROGRA~2\jscb\XDictExB.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE O23 - Service: Crypkey License - Unknown owner - crypserv.exe (file missing) O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Symantec Client Firewall Service (NISSERV) - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec Client Firewall\NISSERV.EXE O23 - Service: Symantec Client Firewall Accounts Manager (NISUM) - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec Client Firewall\NISUM.EXE O23 - Service: Rising Process Communication Center (RsCCenter) - rising - C:\Program Files\rising\rav\CCenter.exe O23 - Service: Rising Realtime Monitor Service (RsRavMon) - rising - C:\Program Files\rising\rav\RavMonD.exe O23 - Service: Symantec Client Firewall Proxy Service (SymPxSvc) - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec Client Firewall\SymPxSvc.exe 2005-08-21 22:12:06
libao18 初生襁褓狮帖子:11 注册: 2005-08-21 来自:	分享到：

libao18 初生襁褓狮帖子:11 注册: 2005-08-21 来自:	发表于： 2005-08-21 20:40 \| 显示全部短消息资料字号：小中大 2楼点修复后电脑重启，开机后病毒还在，又要怎么办呢。。。。还有自动杀的病毒是script.expoit.activexcomponent.a 这是个什么啊。。我是电脑白痴，请大侠再指教啊。
libao18 初生襁褓狮帖子:11 注册: 2005-08-21 来自:

libao18 初生襁褓狮帖子:11 注册: 2005-08-21 来自:	发表于： 2005-08-21 20:41 \| 显示全部短消息资料字号：小中大 3楼啊，是什么，说说吧。。。电脑要完蛋了。。。。。。我哭啊。。。
libao18 初生襁褓狮帖子:11 注册: 2005-08-21 来自:

libao18 初生襁褓狮帖子:11 注册: 2005-08-21 来自:	发表于： 2005-08-21 20:46 \| 显示全部短消息资料字号：小中大 4楼 ogfile of HijackThis v1.99.1 Scan saved at 20:46:17, on 2005-8-21 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE C:\Program Files\Symantec_Client_Security\Symantec Client Firewall\NISUM.EXE C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.exe C:\PROGRA~1\SYMANT~1\SYMANT~1\IAMAPP.EXE C:\Program Files\rising\rav\CCenter.exe C:\Program Files\rising\rav\RavMonD.exe C:\Program Files\rising\rav\RavMon.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\CNNIC\Cdn\cdnup.exe D:\Program Files\rili\CalSprite\CalSprite.exe C:\Program Files\Ringz Studio\Storm Downloader\StormDownloader.exe C:\WINDOWS\SYSTEM\4C0B6.com C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\System32\conime.exe C:\Program Files\Symantec_Client_Security\Symantec Client Firewall\NISSERV.EXE C:\Program Files\Symantec_Client_Security\Symantec Client Firewall\SymPxSvc.exe D:\Program Files\认证\8021x.exe C:\Program Files\Messenger\msmsgs.exe D:\Program Files\office\OFFICE11\WINWORD.EXE C:\Program Files\Internet Explorer\iexplore.exe D:\Program Files\RealonePlayer\realplay.exe C:\Documents and Settings\Windows XP\桌面\新建文件夹\HijackThis.exe F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\svch0st_.exe O1 - Hosts: 218.7.124.88 www.wwwggg.com O1 - Hosts: 218.7.124.88 www.1717333.com O1 - Hosts: 218.7.124.88 www.bb999.com O1 - Hosts: 218.7.124.88 www.5073.com O1 - Hosts: 218.7.124.88 www.wg999.com O1 - Hosts: 218.7.124.88 www.txwg.com O1 - Hosts: 218.7.124.88 www.d186.com O1 - Hosts: 218.7.124.88 www.51wg.com O1 - Hosts: 218.7.124.88 www.77wg.com O1 - Hosts: 218.7.124.88 www.365sky.com O1 - Hosts: 218.7.124.88 www.gameswg.com O1 - Hosts: 218.7.124.88 www.5dgame.com O1 - Hosts: 218.7.124.88 www.ttee.com O1 - Hosts: 218.7.124.88 www.comv9.com O1 - Hosts: 218.7.124.88 www.95wg.com O1 - Hosts: 218.7.124.88 www.jxwg.com O1 - Hosts: 218.7.124.88 www.wgwang.com O1 - Hosts: 218.7.124.88 www.wgxz.com O1 - Hosts: 218.7.124.88 www.91333.com O1 - Hosts: 218.7.124.88 www.wg86.com O1 - Hosts: 218.7.124.88 www.skyxz.com O1 - Hosts: 218.7.124.88 www.tywg.com O1 - Hosts: 218.7.124.88 www.py126.com O1 - Hosts: 218.7.124.88 www.banbancq.com O1 - Hosts: 218.7.124.88 www.92wg.com O1 - Hosts: 218.7.124.88 www.9wg.com O1 - Hosts: 218.7.124.88 www.jxtool.com O1 - Hosts: 218.7.124.88 www.wg-xz.com O1 - Hosts: 218.7.124.88 www.7ywg.com O1 - Hosts: 218.7.124.88 www.hahawg.com O1 - Hosts: 218.7.124.88 www.comv8.com O1 - Hosts: 218.7.124.88 www.andown.com O1 - Hosts: 218.7.124.88 www.gm169.com O1 - Hosts: 218.7.124.88 www.wgshop.com O1 - Hosts: 218.7.124.88 www.wolvip.com O1 - Hosts: 218.7.124.88 www.9csf.com O1 - Hosts: 218.7.124.88 www.mir222.com O1 - Hosts: 218.7.124.88 www.py999.com O1 - Hosts: 218.7.124.88 www.pycq.com O1 - Hosts: 218.7.124.88 www.newpy.com O1 - Hosts: 218.7.124.88 www.py173.com O1 - Hosts: 218.7.124.88 www.wggame.com O1 - Hosts: 218.7.124.88 www.wgzzz.com O1 - Hosts: 218.7.124.88 www.117799.com O1 - Hosts: 218.7.124.88 www.wgsky.com O1 - Hosts: 218.7.124.88 www.wg00.com O1 - Hosts: 218.7.124.88 www.wg8.com O1 - Hosts: 218.7.124.88 www.wgx8.com O1 - Hosts: 218.7.124.88 www.139wg.com O1 - Hosts: 218.7.124.88 www.wgdd.com O1 - Hosts: 218.7.124.88 www.lxwg.com O1 - Hosts: 218.7.124.88 www.ly888.com O1 - Hosts: 218.7.124.88 www.heiyun.com O1 - Hosts: 218.7.124.88 www.mir888.com O1 - Hosts: 218.7.124.88 www.chiyue.com O1 - Hosts: 218.7.124.88 www.waigua8.com O1 - Hosts: 218.7.124.88 www.wwwggg.net O1 - Hosts: 218.7.124.88 www.1717333.net O1 - Hosts: 218.7.124.88 www.bb999.net O1 - Hosts: 218.7.124.88 www.5073.net O1 - Hosts: 218.7.124.88 www.wg999.net O1 - Hosts: 218.7.124.88 www.txwg.net O1 - Hosts: 218.7.124.88 www.d186.net O1 - Hosts: 218.7.124.88 www.51wg.net O1 - Hosts: 218.7.124.88 www.77wg.net O1 - Hosts: 218.7.124.88 www.365sky.net O1 - Hosts: 218.7.124.88 www.gameswg.net O1 - Hosts: 218.7.124.88 www.5dgame.net O1 - Hosts: 218.7.124.88 www.ttee.net O1 - Hosts: 218.7.124.88 www.comv9.net O1 - Hosts: 218.7.124.88 www.95wg.net O1 - Hosts: 218.7.124.88 www.jxwg.net O1 - Hosts: 218.7.124.88 www.wgwang.net O1 - Hosts: 218.7.124.88 www.wgxz.net O1 - Hosts: 218.7.124.88 www.91333.net O1 - Hosts: 218.7.124.88 www.wg86.net O1 - Hosts: 218.7.124.88 www.skyxz.net O1 - Hosts: 218.7.124.88 www.tywg.net O1 - Hosts: 218.7.124.88 www.py126.net O1 - Hosts: 218.7.124.88 www.banbancq.net O1 - Hosts: 218.7.124.88 www.92wg.net O1 - Hosts: 218.7.124.88 www.9wg.net O1 - Hosts: 218.7.124.88 www.jxtool.net O1 - Hosts: 218.7.124.88 www.wg-xz.net O1 - Hosts: 218.7.124.88 www.7ywg.net O1 - Hosts: 218.7.124.88 www.hahawg.net O1 - Hosts: 218.7.124.88 www.comv8.net O1 - Hosts: 218.7.124.88 www.andown.net O1 - Hosts: 218.7.124.88 www.gm169.net O1 - Hosts: 218.7.124.88 www.wgshop.net O1 - Hosts: 218.7.124.88 www.wolvip.net O1 - Hosts: 218.7.124.88 www.9csf.net O1 - Hosts: 218.7.124.88 www.mir222.net O1 - Hosts: 218.7.124.88 www.py999.net O1 - Hosts: 218.7.124.88 www.pycq.net O1 - Hosts: 218.7.124.88 www.newpy.net O1 - Hosts: 218.7.124.88 www.py173.net O1 - Hosts: 218.7.124.88 www.wggame.net O1 - Hosts: 218.7.124.88 www.wgzzz.net O1 - Hosts: 218.7.124.88 www.117799.net O1 - Hosts: 218.7.124.88 www.wgsky.net O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\System32\xunleibho_v4.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: CNNIC_IDN - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - D:\Program Files\qq\QQIEHelper.dll O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~2\flashget\FLASHGET\jccatch.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: (no name) - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - (no file) O2 - BHO: AssistII - {BB936323-19FA-4521-BA29-ECA6A121BC78} - (no file) O2 - BHO: IEHlprObj Class - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - C:\WINDOWS\System32\qylhelper.dll O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - (no file) O2 - BHO: YiSou - {EF1D17A9-089F-40cc-8D64-7324CDEBA0DB} - C:\PROGRA~1\YiSou\yisoub.dll O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - C:\PROGRA~1\Kingsoft\FastAIT\IEBand.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~2\flashget\FLASHGET\fgiebar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: (no name) - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - (no file) O3 - Toolbar: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - (no file) O3 - Toolbar: 一搜工具条 - {115F6E46-FCBC-41ed-B3B5-3BDDD4AAB5E5} - C:\Program Files\YiSou\yisou.dll O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [iamapp] C:\PROGRA~1\SYMANT~1\SYMANT~1\IAMAPP.EXE O4 - HKLM\..\Run: [NMGameX_AutoRun] C:\WINDOWS\System32\Rundll32.exe NMGameX.dll,LiveProcess /aa O4 - HKLM\..\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload O4 - HKLM\..\Run: [RavTimer] C:\Program Files\rising\rav\RavTimer.exe O4 - HKLM\..\Run: [RavMon] C:\Program Files\rising\rav\RavMon.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [CdnCtr] C:\Program Files\CNNIC\Cdn\cdnup.exe O4 - HKLM\..\Run: [CalSprite] D:\Program Files\rili\CalSprite\CalSprite.exe O4 - HKLM\..\Run: [StormCodec_Helper] "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti O4 - HKLM\..\Run: [MINI_BFYY] C:\Program Files\Ringz Studio\Storm Downloader\StormDownloader.exe O4 - HKLM\..\Run: [startkey] C:\WINDOWS\System32\server.exe O4 - HKLM\..\Run: [renewup] C:\Program Files\CNNIC\Cdn\cdnrenew.exe O4 - HKLM\..\Run: [TempCom] C:\WINDOWS\SYSTEM\4C0B6.com O4 - HKLM\..\RunServices: [RavMon] C:\Program Files\rising\rav\RavMon.exe /AUTO O4 - HKLM\..\RunOnce: [C:\PROGRA~1\3721\alrex.dll] regsvr32 /s C:\PROGRA~1\3721\alrex.dll O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [startkey] C:\WINDOWS\System32\server.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Startup: 腾讯QQ.lnk = D:\Program Files\qq\QQ.exe
libao18 初生襁褓狮帖子:11 注册: 2005-08-21 来自:

libao18 初生襁褓狮帖子:11 注册: 2005-08-21 来自:	发表于： 2005-08-21 20:47 \| 显示全部短消息资料字号：小中大 5楼 8 - Extra context menu item: !搜一搜 - res://C:\WINDOWS\downlo~1\CnsMinEx.dll/1003 O8 - Extra context menu item: !搜一搜(&S) - res://C:\Program Files\YiSou\yisou.dll/232 O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &使用暴风下载器下载 - C:\Program Files\Ringz Studio\Storm Downloader\geturl.htm O8 - Extra context menu item: Open PDF in Word - res://D:\Program Files\pdf-word\IEShellExt.dll /100 O8 - Extra context menu item: 使用网际快车下载 - D:\Program Files\flashget\FlashGet\jc_link.htm O8 - Extra context menu item: 使用网际快车下载全部链接 - D:\Program Files\flashget\FlashGet\jc_all.htm O8 - Extra context menu item: 反向链接 - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://D:\PROGRA~2\office\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: 导出当前页到超星阅览器(&A) - D:\Program Files\超星\SSREADER36\ss_all.htm O8 - Extra context menu item: 导出选中部分到超星阅览器(&S) - D:\Program Files\超星\SSREADER36\ss_select.htm O8 - Extra context menu item: 添加到QQ自定义面板 - D:\Program Files\qq\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - D:\Program Files\qq\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\Program Files\qq\SendMMS.htm O8 - Extra context menu item: 百度Flash搜索 - res://C:\WINDOWS\DOWNLO~1\BaiDuBar.dll/FLASHSEARCH.HTM O8 - Extra context menu item: 百度mp3搜索 - res://C:\WINDOWS\DOWNLO~1\BaiDuBar.dll/BAIDUMP3.HTM O8 - Extra context menu item: 百度信息快递搜索 - res://C:\WINDOWS\DOWNLO~1\BaiDuBar.dll/BAIDUIE.HTM O8 - Extra context menu item: 百度图片搜索 - res://C:\WINDOWS\DOWNLO~1\BaiDuBar.dll/BAIDUIMG.HTM O8 - Extra context menu item: 百度搜索 - res://C:\WINDOWS\DOWNLO~1\BaiDuBar.dll/BAIDUSEARCH.HTM O8 - Extra context menu item: 百度新闻搜索 - res://C:\WINDOWS\DOWNLO~1\BaiDuBar.dll/BAIDUNEWS.HTM O8 - Extra context menu item: 类似网页 - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: 缓存的网页快照 - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: 豪杰超级解霸V8实时播放 - D:\Program Files\Herospv8\MPURLGET.HTM O9 - Extra button: 手机短信 - {00000000-0000-0001-0001-596BAEDD1289} - http://sms.3721.com/ie/index.htm (file missing) O9 - Extra button: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-E800A446447A} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: TOL24 - {345ff7d8-2364-4ef7-889b-7d3c1d0bd342} - http://www.TOL24.com (file missing) O9 - Extra button: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll O9 - Extra 'Tools' menuitem: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll O9 - Extra button: 豪杰超级解霸V8 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - D:\Program Files\Herospv8\STHSDVD.EXE O9 - Extra 'Tools' menuitem: 豪杰超级解霸V8 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - D:\Program Files\Herospv8\STHSDVD.EXE O9 - Extra button: Yahoo 1G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.mail.yahoo.com/promo/rd1 (file missing) O9 - Extra button: 寻宝乐趣多 - {59BC54A2-56B3-44a0-93E5-432D58746E26} - http://hot.3721.com/rd/shop_btn.htm (file missing) O9 - Extra button: 上网助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://assistant.3721.com/index.htm?fb=Cns (file missing) O9 - Extra button: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~2\office\OFFICE11\REFIEBAR.DLL O9 - Extra button: 词霸 - {9A687CA6-D585-4947-9ED9-BE96071F5CD9} - D:\PROGRA~2\jscb\XDictExB.dll O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Program Files\qq\QQ.EXE O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Program Files\qq\QQ.EXE O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~2\flashget\FLASHGET\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~2\flashget\FLASHGET\flashget.exe O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\Program Files\qq\QQIEHelper.dll O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\Program Files\qq\QQIEHelper.dll O9 - Extra button: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/ (file missing) O9 - Extra button: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://assistant.3721.com/security1.htm?fb=Cns (file missing) O9 - Extra 'Tools' menuitem: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://assistant.3721.com/security1.htm?fb=Cns (file missing) O9 - Extra button: 易趣购物 - {EE60714F-AC19-427e-861A-FD60ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing) O9 - Extra 'Tools' menuitem: 易趣购物 - {EE60714F-AC19-427e-861A-FD60ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra button: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://assistant.3721.com/clean1.htm?fb=Cns (file missing) O9 - Extra 'Tools' menuitem: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://assistant.3721.com/clean1.htm?fb=Cns (file missing) O10 - Unknown file in Winsock LSP: c:\windows\system32\cdnns.dll O11 - Options group: [!CNS] 网络实名 O11 - Options group: [CDNCLIENT] 中文上网 O16 - DPF: {3359C0B1-2363-40B3-AFCA-1ABC799AC486} (SSReaderPlug Control) - http://reg.ssreader.com/ssreaderplug.ocx O16 - DPF: {3D8F74EE-8692-4F8F-B8D2-7522E732519E} (WebActivater Control) - http://game.qq.com/QQGame2.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/27317a2b8a3796d0c402/netzip/RdxIE601_cn.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{6DD3E4DB-86F4-40DF-A68A-F0122FD679F3}: NameServer = 202.114.0.242,202.112.20.131 O17 - HKLM\System\CS1\Services\Tcpip\..\{6DD3E4DB-86F4-40DF-A68A-F0122FD679F3}: NameServer = 202.114.0.242,202.112.20.131 O17 - HKLM\System\CS2\Services\Tcpip\..\{6DD3E4DB-86F4-40DF-A68A-F0122FD679F3}: NameServer = 202.114.0.242,202.112.20.131 O18 - Protocol: dic - {C21F5C32-F57A-4A0D-8E0A-B672691C52D0} - D:\PROGRA~2\jscb\XDictExB.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Symantec Client Firewall Service (NISSERV) - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec Client Firewall\NISSERV.EXE O23 - Service: Symantec Client Firewall Accounts Manager (NISUM) - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec Client Firewall\NISUM.EXE O23 - Service: Rising Process Communication Center (RsCCenter) - rising - C:\Program Files\rising\rav\CCenter.exe O23 - Service: Rising Realtime Monitor Service (RsRavMon) - rising - C:\Program Files\rising\rav\RavMonD.exe O23 - Service: Symantec Client Firewall Proxy Service (SymPxSvc) - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec Client Firewall\SymPxSvc.exe
libao18 初生襁褓狮帖子:11 注册: 2005-08-21 来自:

libao18 初生襁褓狮帖子:11 注册: 2005-08-21 来自:	发表于： 2005-08-21 20:59 \| 显示全部短消息资料字号：小中大 6楼按上面的方法做了，奇怪这次没有要求重启，现在的记录如下。。。 Logfile of HijackThis v1.99.1 Scan saved at 20:57:54, on 2005-8-21 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE C:\Program Files\Symantec_Client_Security\Symantec Client Firewall\NISUM.EXE C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.exe C:\PROGRA~1\SYMANT~1\SYMANT~1\IAMAPP.EXE C:\Program Files\rising\rav\CCenter.exe C:\Program Files\rising\rav\RavMonD.exe C:\Program Files\rising\rav\RavMon.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\CNNIC\Cdn\cdnup.exe D:\Program Files\rili\CalSprite\CalSprite.exe C:\Program Files\Ringz Studio\Storm Downloader\StormDownloader.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\System32\conime.exe C:\Program Files\Symantec_Client_Security\Symantec Client Firewall\NISSERV.EXE C:\Program Files\Symantec_Client_Security\Symantec Client Firewall\SymPxSvc.exe D:\Program Files\认证\8021x.exe C:\Program Files\Messenger\msmsgs.exe D:\Program Files\office\OFFICE11\WINWORD.EXE C:\Program Files\Internet Explorer\iexplore.exe D:\Program Files\RealonePlayer\realplay.exe C:\Documents and Settings\Windows XP\桌面\新建文件夹\HijackThis.exe F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\svch0st_.exe O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\System32\xunleibho_v4.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: CNNIC_IDN - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - D:\Program Files\qq\QQIEHelper.dll O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~2\flashget\FLASHGET\jccatch.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: IEHlprObj Class - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - C:\WINDOWS\System32\qylhelper.dll O2 - BHO: YiSou - {EF1D17A9-089F-40cc-8D64-7324CDEBA0DB} - C:\PROGRA~1\YiSou\yisoub.dll O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - C:\PROGRA~1\Kingsoft\FastAIT\IEBand.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~2\flashget\FLASHGET\fgiebar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: (no name) - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - (no file) O3 - Toolbar: (no name) - {BB936323-19FA-4521-BA29-ECA6A121BC78} - (no file) O3 - Toolbar: 一搜工具条 - {115F6E46-FCBC-41ed-B3B5-3BDDD4AAB5E5} - C:\Program Files\YiSou\yisou.dll O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [iamapp] C:\PROGRA~1\SYMANT~1\SYMANT~1\IAMAPP.EXE O4 - HKLM\..\Run: [NMGameX_AutoRun] C:\WINDOWS\System32\Rundll32.exe NMGameX.dll,LiveProcess /aa O4 - HKLM\..\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload O4 - HKLM\..\Run: [RavTimer] C:\Program Files\rising\rav\RavTimer.exe O4 - HKLM\..\Run: [RavMon] C:\Program Files\rising\rav\RavMon.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [CdnCtr] C:\Program Files\CNNIC\Cdn\cdnup.exe O4 - HKLM\..\Run: [CalSprite] D:\Program Files\rili\CalSprite\CalSprite.exe O4 - HKLM\..\Run: [StormCodec_Helper] "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti O4 - HKLM\..\Run: [MINI_BFYY] C:\Program Files\Ringz Studio\Storm Downloader\StormDownloader.exe O4 - HKLM\..\Run: [renewup] C:\Program Files\CNNIC\Cdn\cdnrenew.exe O4 - HKLM\..\RunServices: [RavMon] C:\Program Files\rising\rav\RavMon.exe /AUTO O4 - HKLM\..\RunOnce: [C:\PROGRA~1\3721\alrex.dll] regsvr32 /s C:\PROGRA~1\3721\alrex.dll O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Startup: 腾讯QQ.lnk = D:\Program Files\qq\QQ.exe O4 - Global Startup: 启动.bat O8 - Extra context menu item: !搜一搜 - res://C:\WINDOWS\downlo~1\CnsMinEx.dll/1003 O8 - Extra context menu item: !搜一搜(&S) - res://C:\Program Files\YiSou\yisou.dll/232 O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &使用暴风下载器下载 - C:\Program Files\Ringz Studio\Storm Downloader\geturl.htm O8 - Extra context menu item: Open PDF in Word - res://D:\Program Files\pdf-word\IEShellExt.dll /100 O8 - Extra context menu item: 使用网际快车下载 - D:\Program Files\flashget\FlashGet\jc_link.htm O8 - Extra context menu item: 使用网际快车下载全部链接 - D:\Program Files\flashget\FlashGet\jc_all.htm O8 - Extra context menu item: 反向链接 - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://D:\PROGRA~2\office\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: 导出当前页到超星阅览器(&A) - D:\Program Files\超星\SSREADER36\ss_all.htm O8 - Extra context menu item: 导出选中部分到超星阅览器(&S) - D:\Program Files\超星\SSREADER36\ss_select.htm O8 - Extra context menu item: 添加到QQ自定义面板 - D:\Program Files\qq\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - D:\Program Files\qq\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\Program Files\qq\SendMMS.htm O8 - Extra context menu item: 百度Flash搜索 - res://C:\WINDOWS\DOWNLO~1\BaiDuBar.dll/FLASHSEARCH.HTM O8 - Extra context menu item: 百度mp3搜索 - res://C:\WINDOWS\DOWNLO~1\BaiDuBar.dll/BAIDUMP3.HTM O8 - Extra context menu item: 百度信息快递搜索 - res://C:\WINDOWS\DOWNLO~1\BaiDuBar.dll/BAIDUIE.HTM O8 - Extra context menu item: 百度图片搜索 - res://C:\WINDOWS\DOWNLO~1\BaiDuBar.dll/BAIDUIMG.HTM O8 - Extra context menu item: 百度搜索 - res://C:\WINDOWS\DOWNLO~1\BaiDuBar.dll/BAIDUSEARCH.HTM O8 - Extra context menu item: 百度新闻搜索 - res://C:\WINDOWS\DOWNLO~1\BaiDuBar.dll/BAIDUNEWS.HTM O8 - Extra context menu item: 类似网页 - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: 缓存的网页快照 - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: 豪杰超级解霸V8实时播放 - D:\Program Files\Herospv8\MPURLGET.HTM
libao18 初生襁褓狮帖子:11 注册: 2005-08-21 来自:

libao18 初生襁褓狮帖子:11 注册: 2005-08-21 来自:	发表于： 2005-08-21 21:00 \| 显示全部短消息资料字号：小中大 7楼 O9 - Extra button: 手机短信 - {00000000-0000-0001-0001-596BAEDD1289} - http://sms.3721.com/ie/index.htm (file missing) O9 - Extra button: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-E800A446447A} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: TOL24 - {345ff7d8-2364-4ef7-889b-7d3c1d0bd342} - http://www.TOL24.com (file missing) O9 - Extra button: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll O9 - Extra 'Tools' menuitem: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll O9 - Extra button: 豪杰超级解霸V8 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - D:\Program Files\Herospv8\STHSDVD.EXE O9 - Extra 'Tools' menuitem: 豪杰超级解霸V8 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - D:\Program Files\Herospv8\STHSDVD.EXE O9 - Extra button: Yahoo 1G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.mail.yahoo.com/promo/rd1 (file missing) O9 - Extra button: 寻宝乐趣多 - {59BC54A2-56B3-44a0-93E5-432D58746E26} - http://hot.3721.com/rd/shop_btn.htm (file missing) O9 - Extra button: 上网助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://assistant.3721.com/index.htm?fb=Cns (file missing) O9 - Extra button: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~2\office\OFFICE11\REFIEBAR.DLL O9 - Extra button: 词霸 - {9A687CA6-D585-4947-9ED9-BE96071F5CD9} - D:\PROGRA~2\jscb\XDictExB.dll O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Program Files\qq\QQ.EXE O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Program Files\qq\QQ.EXE O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~2\flashget\FLASHGET\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~2\flashget\FLASHGET\flashget.exe O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\Program Files\qq\QQIEHelper.dll O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\Program Files\qq\QQIEHelper.dll O9 - Extra button: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/ (file missing) O9 - Extra button: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://assistant.3721.com/security1.htm?fb=Cns (file missing) O9 - Extra 'Tools' menuitem: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://assistant.3721.com/security1.htm?fb=Cns (file missing) O9 - Extra button: 易趣购物 - {EE60714F-AC19-427e-861A-FD60ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing) O9 - Extra 'Tools' menuitem: 易趣购物 - {EE60714F-AC19-427e-861A-FD60ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra button: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://assistant.3721.com/clean1.htm?fb=Cns (file missing) O9 - Extra 'Tools' menuitem: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://assistant.3721.com/clean1.htm?fb=Cns (file missing) O10 - Unknown file in Winsock LSP: c:\windows\system32\cdnns.dll O11 - Options group: [!CNS] 网络实名 O11 - Options group: [CDNCLIENT] 中文上网 O16 - DPF: {3359C0B1-2363-40B3-AFCA-1ABC799AC486} (SSReaderPlug Control) - http://reg.ssreader.com/ssreaderplug.ocx O16 - DPF: {3D8F74EE-8692-4F8F-B8D2-7522E732519E} (WebActivater Control) - http://game.qq.com/QQGame2.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/27317a2b8a3796d0c402/netzip/RdxIE601_cn.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{6DD3E4DB-86F4-40DF-A68A-F0122FD679F3}: NameServer = 202.114.0.242,202.112.20.131 O17 - HKLM\System\CS1\Services\Tcpip\..\{6DD3E4DB-86F4-40DF-A68A-F0122FD679F3}: NameServer = 202.114.0.242,202.112.20.131 O17 - HKLM\System\CS2\Services\Tcpip\..\{6DD3E4DB-86F4-40DF-A68A-F0122FD679F3}: NameServer = 202.114.0.242,202.112.20.131 O18 - Protocol: dic - {C21F5C32-F57A-4A0D-8E0A-B672691C52D0} - D:\PROGRA~2\jscb\XDictExB.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Symantec Client Firewall Service (NISSERV) - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec Client Firewall\NISSERV.EXE O23 - Service: Symantec Client Firewall Accounts Manager (NISUM) - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec Client Firewall\NISUM.EXE O23 - Service: Rising Process Communication Center (RsCCenter) - rising - C:\Program Files\rising\rav\CCenter.exe O23 - Service: Rising Realtime Monitor Service (RsRavMon) - rising - C:\Program Files\rising\rav\RavMonD.exe O23 - Service: Symantec Client Firewall Proxy Service (SymPxSvc) - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec Client Firewall\SymPxSvc.exe
libao18 初生襁褓狮帖子:11 注册: 2005-08-21 来自:

libao18 初生襁褓狮帖子:11 注册: 2005-08-21 来自:	发表于： 2005-08-21 22:09 \| 显示全部短消息资料字号：小中大 8楼我按照各位大侠的意见做了，不过没找到4c04b那个文件。刚有一个同学过来，不管三七二十一给用了一个系统还原，也不知他做的对不对，不过现在各个盘里的确没有原来那三个病毒了。谢谢各们提供帮助的大侠们，谢绝kaka 社区，我已加入为会员了，以后多联系。。。
libao18 初生襁褓狮帖子:11 注册: 2005-08-21 来自:

libao18 初生襁褓狮帖子:11 注册: 2005-08-21 来自:	发表于： 2005-08-21 22:11 \| 显示全部短消息资料字号：小中大 9楼现在的情况如下。 Logfile of HijackThis v1.99.1 Scan saved at 22:11:09, on 2005-8-21 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE C:\Program Files\Symantec_Client_Security\Symantec Client Firewall\NISUM.EXE C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.exe C:\PROGRA~1\SYMANT~1\SYMANT~1\IAMAPP.EXE C:\Program Files\rising\rav\RavMon.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\CNNIC\Cdn\cdnup.exe C:\Program Files\rising\rav\CCenter.exe D:\Program Files\rili\CalSprite\CalSprite.exe C:\Program Files\rising\rav\RavMonD.exe C:\Program Files\Ringz Studio\Storm Downloader\StormDownloader.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Symantec_Client_Security\Symantec Client Firewall\SymPxSvc.exe D:\Program Files\认证\8021x.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Symantec_Client_Security\Symantec Client Firewall\NISSERV.EXE C:\Program Files\Messenger\msmsgs.exe C:\Documents and Settings\Windows XP\桌面\新建文件夹\HijackThis.exe O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\System32\xunleibho_v4.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: CNNIC_IDN - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - D:\Program Files\qq\QQIEHelper.dll O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~2\flashget\FLASHGET\jccatch.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: (no name) - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - (no file) O2 - BHO: AssistII - {BB936323-19FA-4521-BA29-ECA6A121BC78} - (no file) O2 - BHO: IEHlprObj Class - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - C:\WINDOWS\System32\qylhelper.dll O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - (no file) O2 - BHO: YiSou - {EF1D17A9-089F-40cc-8D64-7324CDEBA0DB} - C:\PROGRA~1\YiSou\yisoub.dll O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - C:\PROGRA~1\Kingsoft\FastAIT\IEBand.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~2\flashget\FLASHGET\fgiebar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: (no name) - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - (no file) O3 - Toolbar: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - (no file) O3 - Toolbar: 一搜工具条 - {115F6E46-FCBC-41ed-B3B5-3BDDD4AAB5E5} - C:\Program Files\YiSou\yisou.dll O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [iamapp] C:\PROGRA~1\SYMANT~1\SYMANT~1\IAMAPP.EXE O4 - HKLM\..\Run: [NMGameX_AutoRun] C:\WINDOWS\System32\Rundll32.exe NMGameX.dll,LiveProcess /aa O4 - HKLM\..\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload O4 - HKLM\..\Run: [RavTimer] C:\Program Files\rising\rav\RavTimer.exe O4 - HKLM\..\Run: [RavMon] C:\Program Files\rising\rav\RavMon.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [CdnCtr] C:\Program Files\CNNIC\Cdn\cdnup.exe O4 - HKLM\..\Run: [CalSprite] D:\Program Files\rili\CalSprite\CalSprite.exe O4 - HKLM\..\Run: [StormCodec_Helper] "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti O4 - HKLM\..\Run: [MINI_BFYY] C:\Program Files\Ringz Studio\Storm Downloader\StormDownloader.exe O4 - HKLM\..\Run: [startkey] C:\WINDOWS\System32\server.exe O4 - HKLM\..\RunServices: [RavMon] C:\Program Files\rising\rav\RavMon.exe /AUTO O4 - HKLM\..\RunOnce: [C:\PROGRA~1\3721\alrex.dll] regsvr32 /s C:\PROGRA~1\3721\alrex.dll O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [startkey] C:\WINDOWS\System32\server.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Startup: 腾讯QQ.lnk = D:\Program Files\qq\QQ.exe O8 - Extra context menu item: !搜一搜 - res://C:\WINDOWS\downlo~1\CnsMinEx.dll/1003 O8 - Extra context menu item: !搜一搜(&S) - res://C:\Program Files\YiSou\yisou.dll/232 O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &使用暴风下载器下载 - C:\Program Files\Ringz Studio\Storm Downloader\geturl.htm O8 - Extra context menu item: Open PDF in Word - res://D:\Program Files\pdf-word\IEShellExt.dll /100 O8 - Extra context menu item: 使用网际快车下载 - D:\Program Files\flashget\FlashGet\jc_link.htm O8 - Extra context menu item: 使用网际快车下载全部链接 - D:\Program Files\flashget\FlashGet\jc_all.htm O8 - Extra context menu item: 反向链接 - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://D:\PROGRA~2\office\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: 导出当前页到超星阅览器(&A) - D:\Program Files\超星\SSREADER36\ss_all.htm O8 - Extra context menu item: 导出选中部分到超星阅览器(&S) - D:\Program Files\超星\SSREADER36\ss_select.htm O8 - Extra context menu item: 添加到QQ自定义面板 - D:\Program Files\qq\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - D:\Program Files\qq\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\Program Files\qq\SendMMS.htm O8 - Extra context menu item: 百度Flash搜索 - res://C:\WINDOWS\DOWNLO~1\BaiDuBar.dll/FLASHSEARCH.HTM O8 - Extra context menu item: 百度mp3搜索 - res://C:\WINDOWS\DOWNLO~1\BaiDuBar.dll/BAIDUMP3.HTM O8 - Extra context menu item: 百度信息快递搜索 - res://C:\WINDOWS\DOWNLO~1\BaiDuBar.dll/BAIDUIE.HTM O8 - Extra context menu item: 百度图片搜索 - res://C:\WINDOWS\DOWNLO~1\BaiDuBar.dll/BAIDUIMG.HTM O8 - Extra context menu item: 百度搜索 - res://C:\WINDOWS\DOWNLO~1\BaiDuBar.dll/BAIDUSEARCH.HTM O8 - Extra context menu item: 百度新闻搜索 - res://C:\WINDOWS\DOWNLO~1\BaiDuBar.dll/BAIDUNEWS.HTM O8 - Extra context menu item: 类似网页 - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: 缓存的网页快照 - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: 豪杰超级解霸V8实时播放 - D:\Program Files\Herospv8\MPURLGET.HTM
libao18 初生襁褓狮帖子:11 注册: 2005-08-21 来自:

libao18 初生襁褓狮帖子:11 注册: 2005-08-21 来自:	发表于： 2005-08-21 22:12 \| 显示全部短消息资料字号：小中大 10楼 O9 - Extra button: 手机短信 - {00000000-0000-0001-0001-596BAEDD1289} - http://sms.3721.com/ie/index.htm (file missing) O9 - Extra button: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-E800A446447A} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: TOL24 - {345ff7d8-2364-4ef7-889b-7d3c1d0bd342} - http://www.TOL24.com (file missing) O9 - Extra button: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll O9 - Extra 'Tools' menuitem: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll O9 - Extra button: 豪杰超级解霸V8 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - D:\Program Files\Herospv8\STHSDVD.EXE O9 - Extra 'Tools' menuitem: 豪杰超级解霸V8 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - D:\Program Files\Herospv8\STHSDVD.EXE O9 - Extra button: Yahoo 1G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.mail.yahoo.com/promo/rd1 (file missing) O9 - Extra button: 寻宝乐趣多 - {59BC54A2-56B3-44a0-93E5-432D58746E26} - http://hot.3721.com/rd/shop_btn.htm (file missing) O9 - Extra button: 上网助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://assistant.3721.com/index.htm?fb=Cns (file missing) O9 - Extra button: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~2\office\OFFICE11\REFIEBAR.DLL O9 - Extra button: 词霸 - {9A687CA6-D585-4947-9ED9-BE96071F5CD9} - D:\PROGRA~2\jscb\XDictExB.dll O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Program Files\qq\QQ.EXE O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Program Files\qq\QQ.EXE O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~2\flashget\FLASHGET\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~2\flashget\FLASHGET\flashget.exe O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\Program Files\qq\QQIEHelper.dll O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\Program Files\qq\QQIEHelper.dll O9 - Extra button: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/ (file missing) O9 - Extra button: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://assistant.3721.com/security1.htm?fb=Cns (file missing) O9 - Extra 'Tools' menuitem: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://assistant.3721.com/security1.htm?fb=Cns (file missing) O9 - Extra button: 易趣购物 - {EE60714F-AC19-427e-861A-FD60ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing) O9 - Extra 'Tools' menuitem: 易趣购物 - {EE60714F-AC19-427e-861A-FD60ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra button: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://assistant.3721.com/clean1.htm?fb=Cns (file missing) O9 - Extra 'Tools' menuitem: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://assistant.3721.com/clean1.htm?fb=Cns (file missing) O10 - Unknown file in Winsock LSP: c:\windows\system32\cdnns.dll O11 - Options group: [!CNS] 网络实名 O11 - Options group: [CDNCLIENT] 中文上网 O16 - DPF: {3359C0B1-2363-40B3-AFCA-1ABC799AC486} (SSReaderPlug Control) - http://reg.ssreader.com/ssreaderplug.ocx O16 - DPF: {3D8F74EE-8692-4F8F-B8D2-7522E732519E} (WebActivater Control) - http://game.qq.com/QQGame2.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/27317a2b8a3796d0c402/netzip/RdxIE601_cn.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{6DD3E4DB-86F4-40DF-A68A-F0122FD679F3}: NameServer = 202.114.0.242,202.112.20.131 O17 - HKLM\System\CS1\Services\Tcpip\..\{6DD3E4DB-86F4-40DF-A68A-F0122FD679F3}: NameServer = 202.114.0.242,202.112.20.131 O17 - HKLM\System\CS2\Services\Tcpip\..\{6DD3E4DB-86F4-40DF-A68A-F0122FD679F3}: NameServer = 202.114.0.242,202.112.20.131 O18 - Protocol: dic - {C21F5C32-F57A-4A0D-8E0A-B672691C52D0} - D:\PROGRA~2\jscb\XDictExB.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE O23 - Service: Crypkey License - Unknown owner - crypserv.exe (file missing) O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Symantec Client Firewall Service (NISSERV) - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec Client Firewall\NISSERV.EXE O23 - Service: Symantec Client Firewall Accounts Manager (NISUM) - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec Client Firewall\NISUM.EXE O23 - Service: Rising Process Communication Center (RsCCenter) - rising - C:\Program Files\rising\rav\CCenter.exe O23 - Service: Rising Realtime Monitor Service (RsRavMon) - rising - C:\Program Files\rising\rav\RavMonD.exe O23 - Service: Symantec Client Firewall Proxy Service (SymPxSvc) - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec Client Firewall\SymPxSvc.exe
libao18 初生襁褓狮帖子:11 注册: 2005-08-21 来自:

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT