1   1  /  1  页   跳转

非常难缠,会干掉卡卡

收藏
wbdx
头像
初生襁褓狮
  • 帖子:8
  • 注册: 2006-01-27
  • 来自:
发表于: 2007-10-09 23:58 | 显示全部 短消息 资料
字号: 1楼

非常难缠,会干掉卡卡

Logfile of HijackThis v1.99.1
Scan saved at 23:37:11, on 2007-10-9
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
E:\WINNT\System32\smss.exe
E:\WINNT\system32\winlogon.exe
E:\WINNT\system32\services.exe
E:\WINNT\system32\lsass.exe
E:\WINNT\System32\ibmpmsvc.exe
e:\program files\rising\rfw\rfwsrv.exe
E:\WINNT\system32\svchost.exe
E:\Program Files\Rising\Rav\CCenter.exe
E:\Program Files\Rising\Rav\Ravmond.exe
E:\WINNT\System32\svchost.exe
E:\WINNT\System32\svchost.exe
E:\WINNT\System32\WBEM\WinMgmt.exe
E:\Program Files\Rising\Rav\RavStub.exe
E:\WINNT\System32\wins.exe
E:\WINNT\system32\svchost.exe
E:\WINNT\System32\svchost.exe
E:\WINNT\System32\tcpsvcs.exe
E:\WINNT\System32\inetsrv\inetinfo.exe
E:\WINNT\System32\msdtc.exe
E:\WINNT\Explorer.EXE
e:\program files\rising\rfw\RfwMain.exe
E:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
E:\Program Files\Rising\Rav\RavTask.exe
E:\Program Files\Rising\Rav\Ravmon.exe
E:\Program Files\Common Files\Real\Update_OB\realsched.exe
E:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
E:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
E:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
E:\PVSW\bin\w3dbsmgr.exe
E:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
E:\WINNT\system32\cmd.exe
E:\WINNT\system32\conime.exe
E:\Program Files\Microsoft Visual Studio\VB98\vb6.exe
E:\WINNT\system32\NOTEPAD.EXE
E:\Program Files\Internet Explorer\IEXPLORE.EXE
E:\Program Files\Internet Explorer\IEXPLORE.EXE
E:\WINNT\system32\taskmgr.exe
E:\WINNT\system32\mmc.exe
e:\program files\rising\rfw\RfwCfg.exe
C:\Downloads\hijackthis\HijackThis.exe
E:\WINNT\system32\rundll32.exe
最后编辑2007-10-10 20:46:54.060000000
分享到:
gototop
 
wbdx
头像
初生襁褓狮
  • 帖子:8
  • 注册: 2006-01-27
  • 来自:
发表于: 2007-10-09 23:58 | 显示全部 短消息 资料
字号: 2楼

O1 - Hosts: 61.152.244.167 search.114.vnet.cn
O1 - Hosts: 61.152.244.167 keyword.vnet.cn
O1 - Hosts: 61.152.244.167 auto.search.msn.com
O1 - Hosts: 61.152.244.167 search.msn.com
O1 - Hosts: 61.152.244.167 cnweb.search.live.com
O1 - Hosts: 61.152.244.167 www.hao123.com
O1 - Hosts: 61.152.244.167 hao123.com
O1 - Hosts: 61.152.244.167 www.360safe.com
O1 - Hosts: 61.152.244.167 360safe.com
O1 - Hosts: 222.73.126.115 update.360safe.com
O1 - Hosts: 61.152.244.167 dl.360safe.com
O1 - Hosts: 61.152.244.167 bbs.360safe.com
O1 - Hosts: 61.152.244.167 www.btbaicai.com
O1 - Hosts: 61.152.244.167 btbaicai.com
O1 - Hosts: 61.152.244.167 www.pctutu.com
O1 - Hosts: 61.152.244.167 www.7322.com
O1 - Hosts: 61.152.244.167 www.5566.net
O1 - Hosts: 61.152.244.167 www.9991.com
O1 - Hosts: 61.152.244.167 9991.com
O1 - Hosts: 61.152.244.167 forum.ikaka.com
O1 - Hosts: 61.152.244.167 www.ikaka.com
O1 - Hosts: 222.73.126.115 update.ikaka.com
O1 - Hosts: 61.152.244.167 forum.jiangmin.com
O1 - Hosts: 222.73.126.115 update.jiangmin.com
O1 - Hosts: 61.152.244.167 post.baidu.com
O1 - Hosts: 222.73.126.115 update.rising.com.cn
O1 - Hosts: 61.152.244.167 online.rising.com.cn
O1 - Hosts: 222.73.126.115 center.rising.com.cn
O1 - Hosts: 61.152.244.167 up.duba.net
O1 - Hosts: 61.152.244.167 shadu.baidu.com
O1 - Hosts: 61.152.244.167 security.symantec.com
O1 - Hosts: 61.152.244.167 shadu.duba.net
O1 - Hosts: 61.152.244.167 online.jiangmin.com
O1 - Hosts: 61.152.244.167 cn.mcafee.com
O1 - Hosts: 61.152.244.167 www.ahn.com.cn
O1 - Hosts: 61.152.244.167 www.kaspersky.com.cn
O1 - Hosts: 61.152.244.167 www.pcav.cn
O1 - Hosts: 61.152.244.167 mopery.hits.io
O1 - Hosts: 61.152.244.167 www.luosoft.com
O1 - Hosts: 61.152.244.167 luosoft.com
O1 - Hosts: 61.152.244.167 www.im286.com
O1 - Hosts: 61.152.244.167 bbs.htmlman.net
O1 - Hosts: 61.152.244.167 10000.286er.com
O1 - Hosts: 61.152.244.167 im286.net
O1 - Hosts: 61.152.244.167 cool.47555.com
O1 - Hosts: 61.152.244.167 ju.qihoo.com
O1 - Hosts: 61.152.244.167 bbs.chinaz.com
O1 - Hosts: 61.152.244.167 www.qihoo.com
O1 - Hosts: 222.73.126.115 dnl-cn1.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-cn2.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-cn3.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-cn4.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-cn5.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-cn6.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-cn7.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-cn8.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-cn9.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-cn10.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-cn11.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-cn12.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-cn13.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-cn14.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-cn15.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-eu1.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-eu2.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-eu3.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-eu4.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-eu5.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-eu6.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-eu7.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-eu8.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-eu9.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-eu10.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-eu11.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-eu12.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-eu13.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-eu14.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-eu15.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-us1.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-us2.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-us3.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-us4.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-us5.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-us6.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-us7.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-us8.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-us9.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-us10.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-us11.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-us12.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-us13.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-us14.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-us15.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-ru1.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-ru2.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-ru3.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-ru4.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-ru5.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-ru6.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-ru7.kaspersky-labs.com
O1 - Hosts: 222.73.126.115 dnl-ru8.kaspersky-labs.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files\BitComet\tools\BitCometBHO_1.1.6.6.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - E:\WINNT\system32\msdxm.ocx
O4 - HKLM\..\Run: [TPHOTKEY] E:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [RfwMain] "E:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [load] E:\WINNT\uninstall\rundl132.exe
O4 - HKLM\..\Run: [RavTask] "E:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [LogMeIn GUI] "E:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [TkBellExe] "E:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [runeip] "E:\Program Files\Rising\AntiSpyware\runiep.exe" /startup
O4 - Global Startup: Pervasive.SQL Workgroup Engine.lnk = E:\PVSW\bin\w3dbsmgr.exe
O4 - Global Startup: 服务管理器.lnk = E:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\Program Files\Tencent\QQ\SendMMS.htm
O8 - Extra context menu item: 用比特精灵下载(&B) - D:\Program Files\BitSpirit\bsurl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java 控制台 - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - E:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - E:\WINNT\web\related.htm
O16 - DPF: {5467862B-C477-437F-886E-EC5006B37DCA} (PwdEdit Control) - https://ebank.cmbc.com.cn/PwdEdit.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{76151B62-B0B9-40C8-95F0-F0DDF9E1A0E9}: NameServer = 192.168.0.118
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "E:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: igfxcui - E:\WINNT\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: tphotkey - E:\WINNT\SYSTEM32\tphklock.dll
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - E:\WINNT\System32\dmadmin.exe
O23 - Service: IMail FINGER Server (FINGRD32) - Ipswitch, Inc.  - d:\IMail\FINGRD32.exe
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - E:\WINNT\System32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IMail LDAP Server (ILDAP) - Ipswitch, Inc.  - d:\IMail\ILDAP.exe
O23 - Service: IMail IMAP4 Server (IMAP4D32) - Ipswitch, Inc.  - d:\IMail\IMAP4D32.exe
O23 - Service: IMail Monitor Service (IMonitor) - Ipswitch, Inc.  - d:\IMail\IMonitor.exe
O23 - Service: IMail Web Calendar Service (IWebCal) - Ipswitch, Inc.  - d:\IMail\IWebCal.exe
O23 - Service: IMail Web Service (IWEBMSG) - Ipswitch, Inc.  - d:\IMail\iwebmsg.exe
O23 - Service: Maximizer Email Service (Maximizer-CMGR-Service) - Unknown owner - F:\Program Files\Maximizer\Campaign Manager\AutoProgService.exe" (file missing)
O23 - Service: Maximizer PrintFax Service (Maximizer-PrintFax-Service) - Unknown owner - F:\Program Files\Maximizer\Campaign Manager\AutoPrintservice.exe" (file missing)
O23 - Service: IMail POP3 Server (POP3D32) - Ipswitch, Inc.  - d:\IMail\POP3D32.exe
O23 - Service: IMail PWD Server (PSERVE) - Ipswitch, Inc.  - d:\IMail\PSERVE.exe
O23 - Service: QCONSVC - IBM Corp. - E:\WINNT\System32\QCONSVC.EXE
O23 - Service: RegSrvc - Intel Corporation - E:\WINNT\System32\RegSrvc.exe
O23 - Service: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - e:\program files\rising\rfw\rfwproxy.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - e:\program files\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - E:\Program Files\Rising\Rav\CCenter.exe
O23 - Service: Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - E:\Program Files\Rising\Rav\Ravmond.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation  - E:\WINNT\System32\S24EvMon.exe
O23 - Service: IMail SMTP Server (SMTPD32) - Ipswitch, Inc.  - d:\IMail\smtpd32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - E:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: IMail Sys Logger Service (SYSLOGD) - Ipswitch, Inc.  - d:\IMail\SYSLOGD.exe
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - E:\WINNT\system32\TpKmpSVC.exe
O23 - Service: IMail WHOIS Server (WHOISD32) - Ipswitch, Inc.  - d:\IMail\WHOISD32.exe
gototop
 
wbdx
头像
初生襁褓狮
  • 帖子:8
  • 注册: 2006-01-27
  • 来自:
发表于: 2007-10-10 00:16 | 显示全部 短消息 资料
字号: 3楼

其实就是这几个文件的问题
\system32\HZRJB.dll
\system32\nnnnjjj.hhh
\system32\ssssoooo.lll
\system32\pppppppp.dll
\system32\kkkkkggg.dll
\system32\gggggggg.dll
\system32\lhhhhhhh.dll
会删除掉 卡卡,并且没有办法从新安装卡卡
gototop
 
wbdx
头像
初生襁褓狮
  • 帖子:8
  • 注册: 2006-01-27
  • 来自:
发表于: 2007-10-10 20:31 | 显示全部 短消息 资料
字号: 4楼

这几个文件删除,就出来,很烦啊,谁有办法啊
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT