瑞星卡卡安全论坛

首页 » 技术交流区 » 反病毒/反流氓软件论坛 » 各位达人帮帮忙
Undo - 2005-8-15 9:29:00
有个垃圾网www.cctv28.net,很难清除,帮忙解决一下,烦死了
Undo - 2005-8-15 9:30:00
比较急啊!!!!!!!!!!!!
花落花又开 - 2005-8-15 9:33:00
【回复“Undo”的帖子】
您好,为了方便帮您解决问题,请您使用hijackthis把扫描的日志贴到贴子上来。

HijackThis下载地址请参考:
【必读】本版说明及常用小软件下载
http://forum.ikaka.com/topic.asp?board=67&artid=5188931

HijackThis的使用方法-----请参考--瑞星HijackThis专题
http://it.rising.com.cn/newSite/Channels/anti_virus/Antivirus_Faq/TopicExplorerPagePackage/hijackthis.htm

运行HijackThis,先点[扫描系统并保存日志]或[Do a system scan and save a logfile]按钮,扫描完成后,LOG将会在自动弹出的记事本中
显示,再从记事本里复制/粘贴到贴子里。如果LOG比较长,一贴发不完,你可以分成几个部分发在回贴里。

注:请不要把此恶意网站发成链接,以免有会员误点.
Undo - 2005-8-15 9:37:00
Logfile of HijackThis v1.99.1
Scan saved at 9:35:59, on 2005-8-15
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
C:\WINNT\system32\RUNDLL32.EXE
C:\Program Files\Eset\nod32krn.exe
C:\Documents and Settings\wuwg\My Documents\downloads\5044992005814233050\HijackThis.exe

O1 - Hosts: 205.177.72.132 www.567hk.com
O1 - Hosts: 205.177.72.132 567hk.com
O1 - Hosts: 205.177.72.132 fc987.com
O1 - Hosts: 205.177.72.132 www.fc987.com
O1 - Hosts: 205.177.72.132 hk3777.com
O1 - Hosts: 205.177.72.132 www.hk3777.com
O1 - Hosts: 205.177.72.132 32012.com
O1 - Hosts: 205.177.72.132 www.32012.com
O1 - Hosts: 205.177.72.132 16700.net
O1 - Hosts: 205.177.72.132 www.16700.net
O1 - Hosts: 205.177.72.132 85668.com
O1 - Hosts: 205.177.72.132 www.85668.com
O1 - Hosts: 205.177.72.132 tk9933.com
O1 - Hosts: 205.177.72.132 www.tk9933.com
O1 - Hosts: 205.177.72.132 zhinanzhen.com
O1 - Hosts: 205.177.72.132 www.zhinanzhen.com
O1 - Hosts: 205.177.72.132 www.118y.com
O1 - Hosts: 205.177.72.132 118y.com
O1 - Hosts: 205.177.72.132 www.kai888.com
O1 - Hosts: 205.177.72.132 kai888.com
O1 - Hosts: 205.177.72.132 www.hk256.com
O1 - Hosts: 205.177.72.132 hk256.com
O1 - Hosts: 205.177.72.132 www.tk6788.com
O1 - Hosts: 205.177.72.132 tk6788.com
O1 - Hosts: 205.177.72.132 www.t009.com
O1 - Hosts: 205.177.72.132 t009.com
O1 - Hosts: 205.177.72.132 www1.t009.com
O1 - Hosts: 205.177.72.132 www2.t009.com
O1 - Hosts: 205.177.72.132 www3.t009.com
O1 - Hosts: 205.177.72.132 www4.t009.com
O1 - Hosts: 205.177.72.132 www5.t009.com
O1 - Hosts: 205.177.72.132 www6.t009.com
O1 - Hosts: 205.177.72.132 www7.t009.com
O1 - Hosts: 205.177.72.132 www8.t009.com
O1 - Hosts: 205.177.72.132 www9.t009.com
O1 - Hosts: 205.177.72.132 www.cp008.net
O1 - Hosts: 205.177.72.132 cp008.net
O1 - Hosts: 205.177.72.132 www5.cp008.net
O1 - Hosts: 205.177.72.132 www6.cp008.net
O1 - Hosts: 205.177.72.132 www7.cp008.net
O1 - Hosts: 205.177.72.132 www.8886988.net
O1 - Hosts: 205.177.72.132 8886988.net
O1 - Hosts: 205.177.72.132 www1.8886988.net
O1 - Hosts: 205.177.72.132 www2.8886988.net
O1 - Hosts: 205.177.72.132 www3.8886988.net
O1 - Hosts: 205.177.72.132 www4.8886988.net
O1 - Hosts: 205.177.72.132 www5.8886988.net
O1 - Hosts: 205.177.72.132 www1.ts567.com
O1 - Hosts: 205.177.72.132 www2.ts567.com
O1 - Hosts: 205.177.72.132 www3.ts567.com
O1 - Hosts: 205.177.72.132 www4.ts567.com
O1 - Hosts: 205.177.72.132 www5.ts567.com
O1 - Hosts: 205.177.72.132 cp008.com
O1 - Hosts: 205.177.72.132 www.cp008.com
O1 - Hosts: 205.177.72.132 www1.cp008.com
O1 - Hosts: 205.177.72.132 www2.cp008.com
O1 - Hosts: 205.177.72.132 www3.cp008.com
O1 - Hosts: 205.177.72.132 www4.cp008.com
O1 - Hosts: 205.177.72.132 www5.cp008.com
O1 - Hosts: 205.177.72.132 www6.605288.com
O1 - Hosts: 205.177.72.132 www7.605288.com
O1 - Hosts: 205.177.72.132 www8.605288.com
O1 - Hosts: 205.177.72.132 www9.605288.com
O1 - Hosts: 205.177.72.132 www10.605288.com
O1 - Hosts: 205.177.72.132 fc987.com/cp132.htm
O1 - Hosts: 205.177.72.132 fc987.com/cp128.htm
O1 - Hosts: 205.177.72.132 fc987.com/cp129.htm
O1 - Hosts: 205.177.72.132 fc987.com/cp130.htm
O1 - Hosts: 205.177.72.132 fc987.com/cp131.htm
O1 - Hosts: 205.177.72.132 www.10238.com/02.asp
O1 - Hosts: 205.177.72.132 www.10238.com/01.asp
O1 - Hosts: 205.177.72.132 www.10238.com
O1 - Hosts: 205.177.72.132 www.20008.com
O1 - Hosts: 205.177.72.132 20008.com
O1 - Hosts: 205.177.72.132 www.cctv858.net
O1 - Hosts: 205.177.72.132 cctv858.net
O1 - Hosts: 205.177.72.132 www.zm1861.com
O1 - Hosts: 205.177.72.132 zm1861.com
O1 - Hosts: 205.177.72.132 www.cctv7777.com
O1 - Hosts: 205.177.72.132 cctv7777.com
O1 - Hosts: 205.177.72.132 www.317858.com
O1 - Hosts: 205.177.72.132 317858.com
O1 - Hosts: 205.177.72.132 www.51338.com
O1 - Hosts: 205.177.72.132 51338.com
O1 - Hosts: 205.177.72.132 www.777778.com
O1 - Hosts: 205.177.72.132 777778.com
O1 - Hosts: 205.177.72.132 www.zm1861.net
O1 - Hosts: 205.177.72.132 zm1861.net
O1 - Hosts: 205.177.72.132 www.dddzzz.com
O1 - Hosts: 205.177.72.132 dddzzz.com
O1 - Hosts: 205.177.72.132 www.dddttt.com
O1 - Hosts: 205.177.72.132 dddttt.com
O1 - Hosts: 205.177.72.132 www.58128.net
O1 - Hosts: 205.177.72.132 58128.net
O1 - Hosts: 205.177.72.132 www.755788.com
O1 - Hosts: 205.177.72.132 755788.com
O1 - Hosts: 205.177.72.132 www.hao7k.com
O1 - Hosts: 205.177.72.132 hao7k.com
O1 - Hosts: 205.177.72.132 www.2233.cc
O1 - Hosts: 205.177.72.132 2233.cc
O1 - Hosts: 205.177.72.132 www.7k777.com
O3 - Toolbar: 卡卡安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINNT\system32\kakatool.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O8 - Extra context menu item: Download with IDM - D:\Internet Download Manager\IEExt.htm
O16 - DPF: {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (Rising Web Scan Object) - http://download.rising.com.cn/register/pcver/autoupgradepad/Ver2005/OL2005.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6B47415C-17BA-4A95-9465-721083466A9C}: NameServer = 211.148.192.135,211.148.192.134
O23 - Service: Apache - Unknown owner - D:\usr\local\apache\Apache.exe" --ntservice (file missing)
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset  - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe

花落花又开 - 2005-8-15 9:40:00
【回复“Undo”的帖子】

看看hosts文件被改成什么样了...

修复所有01项,
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
1
查看完整版本: 各位达人帮帮忙