瑞星卡卡安全论坛

首页 » 技术交流区 » 反病毒/反流氓软件论坛 » 帮忙看看病毒
梦幻金乌 - 2006-6-3 14:42:00
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page=file:///D:/Trader-06-A/myTrader/Link.html
R3 - Default URLSearchHook is missing
O1 - Hosts: 127.0.0.1 ad1.sina.com.cn
O1 - Hosts: 127.0.0.1 ad2.sina.com.cn
O1 - Hosts: 127.0.0.1 ad3.sina.com.cn
O1 - Hosts: 127.0.0.1 ad4.sina.com.cn
O1 - Hosts: 127.0.0.1 pop.163.com
O1 - Hosts: 127.0.0.1 img.163.com
O1 - Hosts: 127.0.0.1 www.netdirect.nl
O1 - Hosts: 127.0.0.1 www.oneandonlynetwork.com
O1 - Hosts: 127.0.0.1 www.targetshop.com
O1 - Hosts: 127.0.0.1 www.teknosurf2.com
O1 - Hosts: 127.0.0.1 www.teknosurf3.com
O1 - Hosts: 127.0.0.1 www.valueclick.com
O1 - Hosts: 127.0.0.1 www.websitefinancing.com
O1 - Hosts: 127.0.0.1 www2.burstnet.com
O1 - Hosts: 127.0.0.1 www4.trix.net
O1 - Hosts: 127.0.0.1 www80.valueclick.com
O1 - Hosts: 127.0.0.1 z.extreme-dm.com
O1 - Hosts: 127.0.0.1 z0.extreme-dm.com
O1 - Hosts: 127.0.0.1 z1.extreme-dm.com
O1 - Hosts: 127.0.0.1 ads.rediff.com
O1 - Hosts: 127.0.0.1 ads.indya.com
O1 - Hosts: 127.0.0.1 ads.adflight.com
O1 - Hosts: 127.0.0.1 ads.beguide.net
O1 - Hosts: 127.0.0.1 ads.mediaturf.net
O1 - Hosts: 127.0.0.1 ad1.adcept.net
O1 - Hosts: 127.0.0.1 ad2.adcept.net
O1 - Hosts: 127.0.0.1 ad3.adcept.net
O1 - Hosts: 127.0.0.1 ads.fortunecity.com
O1 - Hosts: 127.0.0.1 http://www.103.net/?
O1 - Hosts: 127.0.0.1 www.advunis.com/frame_nusports.html
O1 - Hosts: 127.0.0.1 www.advunis.com
O1 - Hosts: 127.0.0.1 www.nusports.cn
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\SYSTEM\KAKATOOL.DLL
O4 - HKLM\..\Run: [internat.exe] internat.exe
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [PopKillerRun] C:\PROGRAM FILES\完美卸载\POPKILLER.EXE  -PowerOn
O4 - HKLM\..\Run: [SKYNET Personal FireWall] C:\PROGRAM FILES\SKYNET\FIREWALL\PFW.EXE
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - Startup: MemTurbo.lnk = D:\Program Files\mySoftware\MemTurbo30\MemTurbo.exe
O4 - Startup: mumayi.net.exe.lnk = C:\AAAMyProgram\Speed4WEB\Speed4WEB\mumayi.net.exe
O9 - Extra Button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_06\BIN\SSV.DLL
O9 - Extra 'Tools' menuitem: Sun Java 控制台 - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_06\BIN\SSV.DLL
O14 - IERESET.INF: START_PAGE_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
O16 - DPF: DirectAnimation Java Classes -
O16 - DPF: Internet Explorer Classes for Java -
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O18 - Protocol: msdaipp - (no CLSID) - (no file)
O18 - Protocol: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM\urlmon.dll
O18 - Protocol: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM\urlmon.dll
O18 - Protocol: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM\urlmon.dll
O18 - Protocol: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM\urlmon.dll
O18 - Protocol: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM\urlmon.dll
O18 - Protocol: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM\urlmon.dll
O18 - Protocol: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM\urlmon.dll
O18 - Protocol: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\SYSTEM\urlmon.dll
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM\MSHTML.DLL
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM\MSHTML.DLL
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM\MSHTML.DLL
O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM\MSHTML.DLL
O18 - Protocol: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM\MSHTML.DLL
O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\SYSTEM\MSHTML.DLL
O18 - Protocol: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\SYSTEM\INETCOMM.DLL
O18 - Protocol: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\SYSTEM\MSDXM.OCX
1
查看完整版本: 帮忙看看病毒
© 2000 - 2025 Rising Corp. Ltd.