发表于: 2008-04-22 20:08 | 显示全部 短消息 资料
字号: 1楼

这是我的卡卡助手扫描结果,好像中毒被人监控了?!请各位帮忙看看!

Logfile of Kaka v2. 0. 0. 1 Scan Module v2. 0. 0. 0
Scan saved at 19:47:25, on 2008-04-22
Platform: Microsoft Windows XP Professional Service Pack 2 (Build 2600)
MSIE: Internet Explorer v6.00 SP2; (6.00.2900.2180 (xpsp_sp2_rtm.040803-2158))


Running processes:
[SMSS.EXE]
CommandLine =

[SPOOLSV.EXE]
CommandLine = C:\WINDOWS\system32\spoolsv.exe

[aspnet_state.exe]
CommandLine = C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

[INETINFO.EXE]
CommandLine = C:\WINDOWS\system32\inetsrv\inetinfo.exe

[MDM.EXE]
CommandLine = "C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"

[SQLSERVR.EXE]
CommandLine = "C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS

[CTFMON.EXE]
CommandLine = "C:\WINDOWS\system32\ctfmon.exe"

[sqlservr.exe]
CommandLine = d:\PROGRA~1\MICROS~3\MSSQL\binn\sqlservr.exe

[ALG.EXE]
CommandLine = C:\WINDOWS\System32\alg.exe

[IEXPLORE.EXE]
CommandLine = "C:\Program Files\Internet Explorer\IEXPLORE.EXE"

[wuauclt.exe]
CommandLine = "C:\WINDOWS\system32\wuauclt.exe"

[TXPlatform.exe]
CommandLine = "D:\Program Files\Tencent\QQ\TXPlatform.exe" -Embedding

[CONIME.EXE]
CommandLine = C:\WINDOWS\system32\conime.exe

[KkScan.exe]
CommandLine = "D:\Program Files\Rising\KakaToolBar\KkScan.exe"

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINDOWS\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page=%SystemRoot%\system32\blank.htm
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: 127.0.0.1  yu.8s7.net
O1 - Hosts: 127.0.0.1  1.jopanqc.com
O1 - Hosts: 127.0.0.1  2.joppnqq.com
O1 - Hosts: 127.0.0.1  wg.47255.com
O1 - Hosts: 127.0.0.1  1.joppnqq.com
O1 - Hosts: 127.0.0.1  xxx.m111.biz
O1 - Hosts: 127.0.0.1  1.jopenqc.com
O1 - Hosts: 127.0.0.1  1.jopenkk.com
O1 - Hosts: 127.0.0.1  xxx.vh7.biz
O1 - Hosts: 127.0.0.1  xxx.j41m.com
O1 - Hosts: 127.0.0.1  3.joppnqq.com
O1 - Hosts: 127.0.0.1  d.93se.com
O1 - Hosts: 127.0.0.1  www.868wg.com
O1 - Hosts: 127.0.0.1  xxx.mmma.biz
O1 - Hosts: 127.0.0.1  ilove.com
O1 - Hosts: 127.0.0.1  tp.shpzhan.cn
O1 - Hosts: 127.0.0.1  www.tomwg.com
O1 - Hosts: 127.0.0.1  www.cike007.cn
O1 - Hosts: 127.0.0.1  www.22aaa.com
O1 - Hosts: 127.0.0.1  xx.exiao01.com
O1 - Hosts: 127.0.0.1  www.exiao01.com
O1 - Hosts: 127.0.0.1  www.exiao01.com
O1 - Hosts: 127.0.0.1  new.749571.com
O1 - Hosts: 127.0.0.1  xtx.kv8.info
O1 - Hosts: 127.0.0.1  cao.kv8.info
O1 - Hosts: 127.0.0.1  1.jopmmqq.com
O1 - Hosts: 127.0.0.1  171817.171817.com
O1 - Hosts: 127.0.0.1  d2.llsging.com
O1 - Hosts: 127.0.0.1  down.malasc.cn
O1 - Hosts: 127.0.0.1  llboss.com
O1 - Hosts: 127.0.0.1  nx.51ylb.cn
O1 - Hosts: 127.0.0.1  my.531jx.cn
O1 - Hosts: 127.0.0.1  qqq.dzydhx.com
O1 - Hosts: 127.0.0.1  qqq.hao1658.com
O1 - Hosts: 127.0.0.1  www.333292.com
O1 - Hosts: 127.0.0.1  down.18dd.net
O1 - Hosts: 127.0.0.1  up.22x44.com
O1 - Hosts: 127.0.0.1  gxgxy.net
O1 - Hosts: 127.0.0.1    yu.8s7.net
O2 - BHO: QQCycloneHelper Class - {00000000-12C9-4305-82F9-43058F20E8D2} - d:\Program Files\Tencent\QQDownload\QQIEHelper01.dll (file missing)
O2 - BHO: ThunderAtOnce Class - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - d:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO:  (file missing)
O2 - BHO: Thunder Browser Helper - {889D2FEB-5411-4565-8998-1DD2C5261283} - d:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [runeip] "d:\Program Files\Rising\KakaToolBar\runiep.exe" /startup
O4 - HKLM\..\Run: [RavTask] "d:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [SKYNET Personal FireWall] D:\PROGRA~1\SKYNET\FIREWALL\pfw.exe
O4 - HKLM\..\Run: [RfwMain] "d:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - Startup: desktop.ini =
O4 - Global Startup: desktop.ini =
O4 - Global Startup: 服务管理器.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &使用超级旋风下载 - d:\Program Files\Tencent\QQDownload\geturl.htm
O8 - Extra context menu item: &使用超级旋风下载全部链接 - d:\Program Files\Tencent\QQDownload\getAllurl.htm
O8 - Extra context menu item: 使用迅雷下载 - d:\Program Files\Thunder Network\Thunder\Program\geturl.htm
O8 - Extra context menu item: 使用迅雷下载全部链接 - d:\Program Files\Thunder Network\Thunder\Program\getallurl.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ表情 - D:\Program Files\Tencent\QQ\AddEmotion.htm
O9 - Extra Button: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - d:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra 'Tools' menuitem: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - d:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra Button: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra Button: 访问瑞星网站 - {FF2DE7A6-ECB1-4CBC-9C0E-D92A9E66E444} - http://www.rising.com.cn (file missing)
O9 - Extra Button: 访问卡卡社区 - {FF2DE7A6-ECB1

[用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
最后编辑2008-04-23 14:08:26