瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 请帮忙看一下我的日志,是否中了灰鸽子

1   1  /  1  页   跳转

请帮忙看一下我的日志,是否中了灰鸽子

收藏
柠檬宝贝Y
头像
初生襁褓狮
  • 帖子:13
  • 注册: 2005-09-04
  • 来自:
发表于: 2005-09-14 09:17 | 显示全部 短消息 资料
字号: 1楼

请帮忙看一下我的日志,是否中了灰鸽子

Logfile of HijackThis v1.99.1
Scan saved at 9:11:35, on 2005-9-14
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\System32\termsrv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\msdtc.exe
C:\WINNT\System32\tcpsvcs.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\llssrv.exe
C:\WINNT\System32\sfmprint.exe
C:\WINNT\system32\regsvc.exe
C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
C:\WINNT\system32\r_server.exe
C:\WINNT\system32\MSTask.exe
C:\PROGRAM FILES\RISING\RAV\RavStub.exe
C:\PROGRA~1\COMMON~1\DATADY~1\ACTIVE~1\WEBCAC~1.EXE
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINNT\System32\wins.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\Dfssvc.exe
C:\WINNT\System32\dns.exe
C:\WINNT\System32\inetsrv\inetinfo.exe
C:\WINNT\System32\sfmsvc.exe
C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\System32\igfxtray.exe
C:\WINNT\System32\hkcmd.exe
C:\GRASP\scktsrvr.exe
C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
C:\PROGRA~1\RISING\RAV\RAVMON.EXE
C:\WINNT\system32\internat.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\GRASP\GJPSER.EXE
C:\GRASP\GraspNet.EXE
C:\Program Files\Microsoft Office\Office\EXCEL.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\WINNT\system32\notepad.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX10.313\HijackThis.exe

R3 - URLSearchHook: 虎翼DIY吧! - {0A00D11E-B1E7-44b5-AD88-C9190876AAC4} - C:\WINNT\system32\diybar2\diybar2.dll
O1 - Hosts: 218.5.76.51 ctt900.com
O1 - Hosts: 218.5.76.51 www.ctt900.com
O1 - Hosts: 218.5.76.51 ctt900.com
O1 - Hosts: 218.5.76.51 www.ctt900.com
O1 - Hosts: 218.5.76.51 zhao123.com
O1 - Hosts: 218.5.76.51 www.zhao123.com
O1 - Hosts: 218.5.76.51 zhao123.com
O1 - Hosts: 218.5.76.51 www.zhao123.com
O1 - Hosts: 218.5.76.51 4399.com
O1 - Hosts: 218.5.76.51 www.4399.com
O1 - Hosts: 218.5.76.51 4399.com
O1 - Hosts: 218.5.76.51 www.4399.com
O1 - Hosts: 218.5.76.51 chinagames.net
O1 - Hosts: 218.5.76.51 www.chinagames.net
O1 - Hosts: 218.5.76.51 chinagames.net
O1 - Hosts: 218.5.76.51 www.chinagames.net
O1 - Hosts: 218.5.76.51 tiexue.net
O1 - Hosts: 218.5.76.51 www.tiexue.net
O1 - Hosts: 218.5.76.51 tiexue.net
O1 - Hosts: 218.5.76.51 www.tiexue.net
O1 - Hosts: 218.5.76.51 qq163.com
O1 - Hosts: 218.5.76.51 www.qq163.com
O1 - Hosts: 218.5.76.51 qq163.com
O1 - Hosts: 218.5.76.51 www.qq163.com
O1 - Hosts: 218.5.76.51 flashmi.net
O1 - Hosts: 218.5.76.51 www.flashmi.net
O1 - Hosts: 218.5.76.51 flashmi.net
O1 - Hosts: 218.5.76.51 www.flashmi.net
O1 - Hosts: 218.5.76.51 chinamp3.com
O1 - Hosts: 218.5.76.51 www.chinamp3.com
O1 - Hosts: 218.5.76.51 chinamp3.com
O1 - Hosts: 218.5.76.51 www.chinamp3.com
O1 - Hosts: 218.5.76.51 pg168.com
O1 - Hosts: 218.5.76.51 www.pg168.com
O1 - Hosts: 218.5.76.51 pg168.com
O1 - Hosts: 218.5.76.51 www.pg168.com
O1 - Hosts: 218.5.76.51 yymp3.com
O1 - Hosts: 218.5.76.51 www.yymp3.com
O1 - Hosts: 218.5.76.51 yymp3.com
O1 - Hosts: 218.5.76.51 www.yymp3.com
O1 - Hosts: 218.5.76.51 yy138.com
O1 - Hosts: 218.5.76.51 www.yy138.com
O1 - Hosts: 218.5.76.51 yy138.com
O1 - Hosts: 218.5.76.51 www.yy138.com
O1 - Hosts: 218.5.76.51 dj99.com
O1 - Hosts: 218.5.76.51 www.dj99.com
O1 - Hosts: 218.5.76.51 dj99.com
O1 - Hosts: 218.5.76.51 www.dj99.com
O1 - Hosts: 218.5.76.51 sogua.com
O1 - Hosts: 218.5.76.51 www.sogua.com
O1 - Hosts: 218.5.76.51 sogua.com
O1 - Hosts: 218.5.76.51 www.sogua.com
O1 - Hosts: 218.5.76.51 snsn.net
O1 - Hosts: 218.5.76.51 www.snsn.net
O1 - Hosts: 218.5.76.51 snsn.net
O1 - Hosts: 218.5.76.51 www.snsn.net
O1 - Hosts: 218.5.76.51 flash8.net
O1 - Hosts: 218.5.76.51 www.flash8.net
O1 - Hosts: 218.5.76.51 flash8.net
O1 - Hosts: 218.5.76.51 www.flash8.net
O1 - Hosts: 218.5.76.51 mop.com
O1 - Hosts: 218.5.76.51 www.mop.com
O1 - Hosts: 218.5.76.51 mop.com
O1 - Hosts: 218.5.76.51 www.mop.com
O1 - Hosts: 218.5.76.51 tianyaclub.com
O1 - Hosts: 218.5.76.51 www.tianyaclub.com
O1 - Hosts: 218.5.76.51 tianyaclub.com
O1 - Hosts: 218.5.76.51 www.tianyaclub.com
O1 - Hosts: 218.5.76.51 xici.net
O1 - Hosts: 218.5.76.51 www.xici.net
O1 - Hosts: 218.5.76.51 xici.net
O1 - Hosts: 218.5.76.51 www.xici.net
O1 - Hosts: 218.5.76.51 ucanlove.com
O1 - Hosts: 218.5.76.51 www.ucanlove.com
O1 - Hosts: 218.5.76.51 ucanlove.com
O1 - Hosts: 218.5.76.51 www.ucanlove.com
O1 - Hosts: 218.5.76.51 cmfu.com
O1 - Hosts: 218.5.76.51 www.cmfu.com
O1 - Hosts: 218.5.76.51 cmfu.com
O1 - Hosts: 218.5.76.51 www.cmfu.com
O1 - Hosts: 218.5.76.51 21red.net
O1 - Hosts: 218.5.76.51 www.21red.net
O1 - Hosts: 218.5.76.51 21red.net
O1 - Hosts: 218.5.76.51 www.21red.net
O1 - Hosts: 218.5.76.51 pconline.com.cn
O1 - Hosts: 218.5.76.51 www.pconline.com.cn
O1 - Hosts: 218.5.76.51 pconline.com.cn
O1 - Hosts: 218.5.76.51 www.pconline.com.cn
O1 - Hosts: 218.5.76.51 donews.com
O1 - Hosts: 218.5.76.51 www.donews.com
O1 - Hosts: 218.5.76.51 donews.com
O1 - Hosts: 218.5.76.51 www.donews.com
O1 - Hosts: 218.5.76.51 pcauto.com.cn
O1 - Hosts: 218.5.76.51 www.pcauto.com.cn
O1 - Hosts: 218.5.76.51 pcauto.com.cn
O1 - Hosts: 218.5.76.51 www.pcauto.com.cn
O1 - Hosts: 218.5.76.51 265.com
O1 - Hosts: 218.5.76.51 www.265.com
O1 - Hosts: 218.5.76.51 265.com
O1 - Hosts: 218.5.76.51 www.265.com
O1 - Hosts: 218.5.76.51 wo99.com
O2 - BHO: Tencent Browser Helper - {0C7C23EF-A848-485B-873C-0ED954731014} - C:\WINNT\Downloaded Program Files\TBHMain.dll
O2 - BHO: Link Filter - {4022F902-ABC7-4C79-924F-BB26F1D355A2} - C:\WINNT\system32\diybar2\diybar2.dll
O2 - BHO: VnetCookie Class - {4E83D567-4697-4F7B-B1F0-A513B01DB89A} - c:\PROGRA~1\chinanet\VNETTR~1.DLL
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - C:\Program Files\Tencent\QQ\QQIEHelper.dll (file missing)
O3 - Toolbar: @msdxmLC.dll,-1@2052,电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - E:\BackUp\IEBand.dll
O3 - Toolbar: 虎翼DIY吧! - {0A00D11E-B1E7-44b5-AD88-C9190876AAC4} - C:\WINNT\system32\diybar2\diybar2.dll
O3 - Toolbar: IE伴郎 - {B225B89D-5E95-4194-98E8-149993071B31} - C:\PROGRA~1\NETMEE~1\CALLCO~1.DLL
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\System32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SocketServer] C:\GRASP\scktsrvr.exe
O4 - HKLM\..\Run: [RavTimer] C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
O4 - HKLM\..\Run: [RavMon] C:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM
O4 - HKCU\..\Run: [Internat.exe] internat.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: 服务管理器.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O9 - Extra button: (no name) - {3F686D91-4AFA-4ed1-B43F-F1DB46ED480C} - C:\WINNT\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Link Filter - {3F686D91-4AFA-4ed1-B43F-F1DB46ED480C} - C:\WINNT\system32\shdocvw.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\WINNT\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\WINNT\system32\shdocvw.dll
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll (file missing)
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll (file missing)
O11 - Options group: [TBH] QQ地址栏搜索
O17 - HKLM\System\CCS\Services\Tcpip\..\{78FA41F8-FCF0-4F00-95CD-BBB8C976EB28}: NameServer = 220.103.96.68,202.103.96.110
O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Routing and Remote Acess (RemoteAccess) - Unknown owner - C:\WINNT\KB842771.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - rising - C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINNT\system32\r_server.exe" /service (file missing)
O23 - Service: WebCacheService - Data Dynamics - C:\PROGRA~1\COMMON~1\DATADY~1\ACTIVE~1\WEBCAC~1.EXE
O23 - Service: KB896727 (Windows 2000 安全更新程序) - Unknown owner - C:\WINNT\kav.exe
O23 - Service: WINLOGO.exe - Unknown owner - C:\WINNT\WINLOGO.exe
最后编辑2005-09-14 09:25:39
分享到:
gototop
 
柠檬宝贝Y
头像
初生襁褓狮
  • 帖子:13
  • 注册: 2005-09-04
  • 来自:
发表于: 2005-09-14 09:24 | 显示全部 短消息 资料
字号: 2楼

怎样修复啊
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT