1   1  /  1  页   跳转

检查以下?

收藏
xushao
头像
飘泊而立狮
  • 帖子:621
  • 注册: 2005-03-21
  • 来自:
发表于: 2005-09-06 13:15 | 只看楼主 短消息 资料
字号: 1楼

检查以下?

Logfile of HijackThis v1.99.1
Scan saved at 13:14:21, on 2005-9-6
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CNNIC\Cdn\cdnup.exe
C:\WINDOWS\system32\internat.exe
C:\WINDOWS\system32\conime.exe
C:\Program Files\racer-henan-cnc\racer.exe
C:\Program Files\racer-henan-cnc\RacerKp.exe
D:\Maxthon\遨游\Maxthon\Maxthon.exe
D:\QQ\极品QQ绿色版\腾讯QQ\TIMPlatform.exe
D:\QQ\极品QQ绿色版\腾讯QQ\QQ.exe
D:\QQ\极品QQ绿色版\腾讯QQ\QQ.exe
D:\Program Files\winmap\Winamp.exe
D:\计算机\3713212005414131840\显示CPU温度版本号及硬盘温度.exe
D:\计算机\1903632005219183744\HijackThis.exe

R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: CNNIC_IDN - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FLASHGET\jccatch.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CdnCtr] C:\Program Files\CNNIC\Cdn\cdnup.exe
O4 - HKLM\..\Run: [renewup] C:\Program Files\CNNIC\Cdn\cdnrenew.exe
O4 - Startup: INTERNAT.lnk = C:\WINDOWS\system32\internat.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &使用迅雷下载 - D:\计算机\Thunder\Thunder\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - D:\计算机\Thunder\Thunder\getAllurl.htm
O8 - Extra context menu item: 使用Kugoo下载 - D:\Program Files\新建文件夹\KuGoo2\KugooDownX.htm
O8 - Extra context menu item: 使用网际快车下载 - C:\PROGRA~1\FLASHGET\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - C:\PROGRA~1\FLASHGET\jc_all.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll
O9 - Extra 'Tools' menuitem: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\cdnns.dll
O11 - Options group: [CDNCLIENT]  中文上网
O14 - IERESET.INF: SEARCH_PAGE_URL=
O14 - IERESET.INF: START_PAGE_URL=
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

最后编辑2005-09-06 19:57:55
分享到:
gototop
 
sanadayukimura
头像
强壮不惑狮
  • 帖子:1173
  • 注册: 2005-05-18
  • 来自:
发表于: 2005-09-06 14:12 | 短消息 资料
字号: 2楼

【回复“xushao”的帖子】
建议您修复:
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=userinit.exe,
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O14 - IERESET.INF: SEARCH_PAGE_URL=
O14 - IERESET.INF: START_PAGE_URL=。
gototop
 
xushao
头像
飘泊而立狮
  • 帖子:621
  • 注册: 2005-03-21
  • 来自:
发表于: 2005-09-06 19:54 | 只看楼主 短消息 资料
字号: 3楼

删除不了啊~
不能修复~
Logfile of HijackThis v1.99.1
Scan saved at 19:54:35, on 2005-9-6
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\瑞星杀毒\杀毒\RAV\Ravmond.exe
C:\WINDOWS\Explorer.EXE
D:\瑞星杀毒\杀毒\RAV\RavStub.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\nvsvc32.exe
D:\瑞星杀毒\杀毒\RAV\CCENTER.EXE
D:\瑞星杀毒\杀毒\RAV\RAVTIMER.EXE
D:\瑞星杀毒\杀毒\RAV\RAVMON.EXE
D:\瑞星杀毒\防火墙\FIREWALL\FIREWALL\ONLINEREG.EXE
C:\Program Files\racer-henan-cnc\racer.exe
C:\Program Files\racer-henan-cnc\RacerKp.exe
D:\Program Files\winmap\Winamp.exe
D:\Maxthon\遨游\Maxthon\Maxthon.exe
C:\Program Files\3721\Dlaccel\YDownloader.exe
C:\Program Files\3721\Dlaccel\TDUpdate.exe
D:\计算机\1903632005219183744\HijackThis.exe

R3 - URLSearchHook: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\PROGRA~1\3721\Assist\asbar.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v1.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FLASHGET\jccatch.dll
O2 - BHO: AssistII - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\PROGRA~1\3721\Assist\asbar.dll
O2 - BHO: SFP Class - {F236CC5A-F6E4-4011-9EED-C52FDF51CE3D} - C:\WINDOWS\system32\Sbhoplin.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll
O3 - Toolbar: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\PROGRA~1\3721\Assist\asbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RavTimer] D:\瑞星杀毒\杀毒\RAV\RAVTIMER.EXE
O4 - HKLM\..\Run: [RavMon] D:\瑞星杀毒\杀毒\RAV\RAVMON.EXE -SYSTEM
O4 - HKLM\..\Run: [SKYNET Personal FireWall] D:\瑞星杀毒\防火墙\FIREWALL\FIREWALL\pfw.exe
O4 - HKLM\..\Run: [yahoo_mini] C:\Program Files\3721\Dlaccel\YDownloader.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &使用下载加速专家下载 - C:\Program Files\3721\Dlaccel\geturl.htm
O8 - Extra context menu item: &使用迅雷下载 - D:\计算机\Thunder\Thunder\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - D:\计算机\Thunder\Thunder\getAllurl.htm
O8 - Extra context menu item: 使用Kugoo下载 - D:\Program Files\新建文件夹\KuGoo2\KugooDownX.htm
O8 - Extra context menu item: 使用网际快车下载 - C:\PROGRA~1\FLASHGET\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - C:\PROGRA~1\FLASHGET\jc_all.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O14 - IERESET.INF: SEARCH_PAGE_URL=
O14 - IERESET.INF: START_PAGE_URL=
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - rising - D:\瑞星杀毒\杀毒\RAV\CCENTER.EXE
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\瑞星杀毒\杀毒\RAV\Ravmond.exe
gototop
 
飞跃迷离
头像
社区嘉宾
  • 帖子:7351
  • 注册: 2004-10-15
  • 来自:
发表于: 2005-09-06 19:57 | 短消息 资料
字号: 4楼

进入安全模式下修复看看...
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT