瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 【求助帮忙看看日志!经常跳出恶意网页!谢谢

1   1  /  1  页   跳转

【求助帮忙看看日志!经常跳出恶意网页!谢谢

收藏
3801502
头像
初生襁褓狮
  • 帖子:30
  • 注册: 2006-03-02
  • 来自:
发表于: 2006-05-11 08:53 | 只看楼主 短消息 资料
字号: 1楼

【求助帮忙看看日志!经常跳出恶意网页!谢谢

Logfile of Kaka v2. 0. 0. 8 Scan Module v2. 0. 0. 1
Scan saved at 08:51:13, on 2006-05-11
Platform: Microsoft Windows XP Professional Service Pack 2 (Build 2600)
MSIE: Internet Explorer v6.00 SP2; (6.00.2900.2180 (xpsp_sp2_rtm.040803-2158))


Running processes:
[SMSS.EXE]
CommandLine =

[CSRSS.EXE]
CommandLine = C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

[WINLOGON.EXE]
CommandLine = winlogon.exe

[SERVICES.EXE]
CommandLine = C:\WINDOWS\system32\services.exe

[LSASS.EXE]
CommandLine = C:\WINDOWS\system32\lsass.exe

[SVCHOST.EXE]
CommandLine = C:\WINDOWS\system32\svchost -k DcomLaunch

[SVCHOST.EXE]
CommandLine = C:\WINDOWS\system32\svchost -k rpcss

[SVCHOST.EXE]
CommandLine = C:\WINDOWS\System32\svchost.exe -k netsvcs

[SVCHOST.EXE]
CommandLine = C:\WINDOWS\System32\svchost.exe -k NetworkService

[SVCHOST.EXE]
CommandLine = C:\WINDOWS\System32\svchost.exe -k LocalService

[SPOOLSV.EXE]
CommandLine = C:\WINDOWS\system32\spoolsv.exe

[EXPLORER.EXE]
CommandLine = C:\WINDOWS\Explorer.EXE

[CTFMON.EXE]
CommandLine = ctfmon.exe -n

[CCAPP.EXE]
CommandLine = "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

[AdskScSrv.exe]
CommandLine = "C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"

[CDAC11BA.EXE]
CommandLine = C:\WINDOWS\System32\drivers\CDAC11BA.EXE

[ThunderMini.exe]
CommandLine = "D:\Thunder Network\ThunderMini\ThunderMini.exe"

[KPContext.exe]
CommandLine = "C:\WINDOWS\system32\KPContext.exe"

[CCSETMGR.EXE]
CommandLine = "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"

[realsched.exe]
CommandLine = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot

[SOUNDMAN.EXE]
CommandLine = "C:\WINDOWS\SOUNDMAN.EXE"

[NAVAPSVC.EXE]
CommandLine = "C:\Program Files\Norton AntiVirus\navapsvc.exe"

[NVSVC32.EXE]
CommandLine = C:\WINDOWS\System32\nvsvc32.exe

[wdfmgr.exe]
CommandLine = C:\WINDOWS\System32\wdfmgr.exe

[ccEvtMgr.exe]
CommandLine = "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"

[SymWSC.exe]
CommandLine = "C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe"

[SVCHOST.EXE]
CommandLine = C:\WINDOWS\System32\svchost.exe -k imgsvc

[alg.exe]
CommandLine = C:\WINDOWS\System32\alg.exe

[iexplore.exe]
CommandLine = "C:\Program Files\Internet Explorer\iexplore.exe"

[KkScan.exe]
CommandLine = "d:\Program Files\Rising\KakaToolBar\KkScan.exe"

[msmsgs.exe]
CommandLine = "C:\Program Files\Messenger\msmsgs.exe" -Embedding

R3 - Default URLSearchHook is missing
O1 - Hosts: 218.5.76.71 1ting.com
O1 - Hosts: 218.5.76.71 www.1ting.com
O1 - Hosts: 218.5.76.71 yy138.com
O1 - Hosts: 218.5.76.71 www.yy138.com
O1 - Hosts: 218.5.76.71 dj99.com
O1 - Hosts: 218.5.76.71 www.dj99.com
O1 - Hosts: 218.5.76.71 520music.com
O1 - Hosts: 218.5.76.71 www.520music.com
O1 - Hosts: 218.5.76.71 vv66.com
O1 - Hosts: 218.5.76.71 www.vv66.com
O1 - Hosts: 218.5.76.71 666ccc.com
O1 - Hosts: 218.5.76.71 www.666ccc.com
O1 - Hosts: 218.5.76.71 666qqq.com
O1 - Hosts: 218.5.76.71 www.666qqq.com
O1 - Hosts: 218.5.76.71 100yy.com
O1 - Hosts: 218.5.76.71 www.100yy.com
O1 - Hosts: 218.5.76.71 006.net
O1 - Hosts: 218.5.76.71 www.006.net
O1 - Hosts: 218.5.76.71 2t.cn
O1 - Hosts: 218.5.76.71 www.2t.cn
O1 - Hosts: 218.5.76.71 cococ.com
O1 - Hosts: 218.5.76.71 www.cococ.com
O1 - Hosts: 218.5.76.71 ting.cococ.com
O1 - Hosts: 218.5.76.71 yymp3.com
O1 - Hosts: 218.5.76.71 www.yymp3.com
O1 - Hosts: 218.5.76.71 qq163.com
O1 - Hosts: 218.5.76.71 www.qq163.com
O1 - Hosts: 218.5.76.71 7760.com
O1 - Hosts: 218.5.76.71 www.7760.com
O1 - Hosts: 218.5.76.71 568.com
O1 - Hosts: 218.5.76.71 www.568.com
O1 - Hosts: 218.5.76.71 nowok.net
O1 - Hosts: 218.5.76.71 www.nowok.net
O1 - Hosts: 218.5.76.71 chinamp3.com
O1 - Hosts: 218.5.76.71 www.chinamp3.com
O1 - Hosts: 218.5.76.71 99music.net
O1 - Hosts: 218.5.76.71 www.99music.net
O1 - Hosts: 218.5.76.71 6621.com
O1 - Hosts: 218.5.76.71 www.6621.com
O1 - Hosts: 218.5.76.71 7t7t.com
O1 - Hosts: 218.5.76.71 www.7t7t.com
O1 - Hosts: 218.5.76.71 haoting.com
O1 - Hosts: 218.5.76.71 www.haoting.com
O1 - Hosts: 218.5.76.71 mtv110.com
O1 - Hosts: 218.5.76.71 www.mtv110.com
O1 - Hosts: 218.5.76.71 st020.com
O1 - Hosts: 218.5.76.71 www.st020.com
O1 - Hosts: 218.5.76.71 music.jschina.com.cn
O1 - Hosts: 218.5.76.71 real2000.org
O1 - Hosts: 218.5.76.71 www.real2000.org
O1 - Hosts: 218.5.76.71 6bb.com
O1 - Hosts: 218.5.76.71 www.6bb.com
O1 - Hosts: 218.5.76.71 5474.com
O1 - Hosts: 218.5.76.71 www.5474.com
O1 - Hosts: 218.5.76.71 qq163.com
O1 - Hosts: 218.5.76.71 www.qq163.com
O1 - Hosts: 218.5.76.71 ting88.com
O1 - Hosts: 218.5.76.71 www.ting88.com
O1 - Hosts: 218.5.76.71 tt78.com
O1 - Hosts: 218.5.76.71 www.tt78.com
O1 - Hosts: 218.5.76.71 8yh.com
O1 - Hosts: 218.5.76.71 mp3.8yh.com
O1 - Hosts: 218.5.76.71 ibmp3.com
O1 - Hosts: 218.5.76.71 www.ibmp3.com
O1 - Hosts: 218.5.76.71 feifa.com
O1 - Hosts: 218.5.76.71 www.feifa.com
O1 - Hosts: 218.5.76.71 music.feifa.com
O1 - Hosts: 218.5.76.71 91f.net
O1 - Hosts: 218.5.76.71 www.91f.net
O1 - Hosts: 218.5.76.71 6621.com
O1 - Hosts: 218.5.76.71 www.6621.com
最后编辑2006-05-15 10:30:00
分享到:
gototop
 
3801502
头像
初生襁褓狮
  • 帖子:30
  • 注册: 2006-03-02
  • 来自:
发表于: 2006-05-11 08:54 | 只看楼主 短消息 资料
字号: 2楼

1 - Hosts: 218.5.76.71 www.6621.com
O1 - Hosts: 218.5.76.71 7t7t.com
O1 - Hosts: 218.5.76.71 www.7t7t.com
O1 - Hosts: 218.5.76.71 haoting.com
O1 - Hosts: 218.5.76.71 www.haoting.com
O1 - Hosts: 218.5.76.71 mtv110.com
O1 - Hosts: 218.5.76.71 www.mtv110.com
O1 - Hosts: 218.5.76.71 st020.com
O1 - Hosts: 218.5.76.71 www.st020.com
O1 - Hosts: 218.5.76.71 music.jschina.com.cn
O1 - Hosts: 218.5.76.71 real2000.org
O1 - Hosts: 218.5.76.71 www.real2000.org
O1 - Hosts: 218.5.76.71 6bb.com
O1 - Hosts: 218.5.76.71 www.6bb.com
O1 - Hosts: 218.5.76.71 5474.com
O1 - Hosts: 218.5.76.71 www.5474.com
O1 - Hosts: 218.5.76.71 qq163.com
O1 - Hosts: 218.5.76.71 www.qq163.com
O1 - Hosts: 218.5.76.71 ting88.com
O1 - Hosts: 218.5.76.71 www.ting88.com
O1 - Hosts: 218.5.76.71 tt78.com
O1 - Hosts: 218.5.76.71 www.tt78.com
O1 - Hosts: 218.5.76.71 8yh.com
O1 - Hosts: 218.5.76.71 mp3.8yh.com
O1 - Hosts: 218.5.76.71 ibmp3.com
O1 - Hosts: 218.5.76.71 www.ibmp3.com
O1 - Hosts: 218.5.76.71 feifa.com
O1 - Hosts: 218.5.76.71 www.feifa.com
O1 - Hosts: 218.5.76.71 music.feifa.com
O1 - Hosts: 218.5.76.71 91f.net
O1 - Hosts: 218.5.76.71 www.91f.net
O1 - Hosts: 218.5.76.71 6621.com
O1 - Hosts: 218.5.76.71 www.6621.com
O1 - Hosts: 218.5.76.71 ting163.com
O1 - Hosts: 218.5.76.71 www.ting163.com
O1 - Hosts: 218.5.76.71 99music.net
O1 - Hosts: 218.5.76.71 www.99music.net
O1 - Hosts: 218.5.76.71 wo99.com
O1 - Hosts: 218.5.76.71 www.wo99.com
O1 - Hosts: 218.5.76.71 jnnc.com
O1 - Hosts: 218.5.76.71 www.jnnc.com
O1 - Hosts: 218.5.76.71 mtv123.com
O1 - Hosts: 218.5.76.71 www.mtv123.com
O1 - Hosts: 218.5.76.71 dj520.com
O1 - Hosts: 218.5.76.71 www.dj520.com
O1 - Hosts: 218.5.76.71 7xi.net
O1 - Hosts: 218.5.76.71 www.7xi.net
O1 - Hosts: 218.5.76.71 mtv110.com
O1 - Hosts: 218.5.76.71 www.mtv110.com
O1 - Hosts: 218.5.76.71 mtvtop.net
O1 - Hosts: 218.5.76.71 www.mtvtop.net
O1 - Hosts: 218.5.76.71 mtvtop.com
O1 - Hosts: 218.5.76.71 www.mtvtop.com
O1 - Hosts: 218.5.76.71 xaonline.com
O1 - Hosts: 218.5.76.71 music.xaonline.com
O1 - Hosts: 218.5.76.71 musictea.com
O1 - Hosts: 218.5.76.71 www.musictea.com
O1 - Hosts: 218.5.76.71 tfol.com
O1 - Hosts: 218.5.76.71 www.tfol.com
O1 - Hosts: 218.5.76.71 yyue.com
O1 - Hosts: 218.5.76.71 www.yyue.com
O1 - Hosts: 218.5.76.71 yyue.net
O1 - Hosts: 218.5.76.71 www.yyue.net
O1 - Hosts: 218.5.76.71 qq150.com
O1 - Hosts: 218.5.76.71 www.qq150.com
O1 - Hosts: 218.5.76.71 517tg.com
O1 - Hosts: 218.5.76.71 www.517tg.com
O1 - Hosts: 218.5.76.71 souting.com
O1 - Hosts: 218.5.76.71 www.souting.com
O1 - Hosts: 218.5.76.71 tt67.com
O1 - Hosts: 218.5.76.71 www.tt67.com
O1 - Hosts: 218.5.76.71 tt78.com
O1 - Hosts: 218.5.76.71 www.tt78.com
O1 - Hosts: 218.5.76.71 funmtv.com
O1 - Hosts: 218.5.76.71 www.funmtv.com
O1 - Hosts: 218.5.76.71 gz163.cn
O1 - Hosts: 218.5.76.71 www.gz163.cn
O1 - Hosts: 218.5.76.71 51y.com
O1 - Hosts: 218.5.76.71 www.51y.com
O1 - Hosts: 218.5.76.71 tt90.com
O1 - Hosts: 218.5.76.71 www.tt90.com
O1 - Hosts: 218.5.76.71 cns.3721,com
O1 - Hosts: 218.5.76.71 assistant.3721,com
O1 - Hosts: 218.5.76.71 auto.search.msn.com
O1 - Hosts: 218.5.76.71 so.qq.com
O1 - Hosts: 218.5.76.71 4yt.net
O1 - Hosts: 218.5.76.71 www.4yt.net
O1 - Hosts: 218.5.76.71 qq533.net
O1 - Hosts: 218.5.76.71 www.qq533.net
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v14.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: QQBrowserHelperObject Class - {54EBD53A-9BC1-480B-966A-843A333CA162} - D:\Program Files\Tencent\QQ\QQIEHelper.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\fgiebar.dll
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\KakaTool.dll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Outlooker] C:\Program Files\Common Files\System\gd_bin_ini.exe
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [thunder_mini] D:\Thunder Network\ThunderMini\ThunderMini.exe
O4 - HKLM\..\Run: [KPContext] C:\WINDOWS\system32\KPContext.exe
O4 - HKLM\..\Run: [StormCodec_Helper] "d:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - HKLM\..\Run: [Antiy Auto Update] C:\Program Files\Antiy Labs\Alive\AliveCenter0.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Explorer] C:\WINDOWS\system32\MS_VMMIIT.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\RunOnce: [Explorer] C:\WINDOWS\System\MCI_AVI_ics.exe
O4 - Global Startup: desktop.ini =
O4 - Global Startup: EPSON Status Monitor 3 Environment Check(3).lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
gototop
 
3801502
头像
初生襁褓狮
  • 帖子:30
  • 注册: 2006-03-02
  • 来自:
发表于: 2006-05-11 08:55 | 只看楼主 短消息 资料
字号: 3楼

O8 - Extra context menu item: &使用迅雷下载 - d:\Thunder Network\Thunder\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - d:\Thunder Network\Thunder\getallurl.htm
O8 - Extra context menu item: &使用迷你迅雷下载 - D:\Thunder Network\ThunderMini\geturl.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 使用网际快车下载 - D:\PROGRA~1\FLASHGET\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - D:\PROGRA~1\FLASHGET\jc_all.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\Program Files\Tencent\QQ\SendMMS.htm
O9 - Extra Button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra Button: 易趣购物 - {DE60714F-AC17-427e-861A-FD60CBDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing)
O9 - Extra 'Tools' menuitem: 易趣购物 - {DE60714F-AC17-427e-861A-FD60CBDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing)
O9 - Extra Button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com
O16 - DPF: DirectAnimation Java Classes - file://C:\WINDOWS\Java\classes\dajava.cab
O16 - DPF: {5EC7C511-CD0F-42E6-830C-1BD9882F3458} (PowerPlayer Control) - http://download.ppstream.com/bin/powerplayer.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1121064128657
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1121064303328
O17 - HKLM\System\CCS\Services\Tcpip\..\{BA57694A-86C3-40FF-B354-9B048AF4FF69}: NameServer = 202.98.160.68
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ic32pp - {BBCA9F81-8F4F-11D2-90FF-0080C83D3571} - C:\WINDOWS\wc98pp.dll
O18 - Protocol: ipp - (no CLSID) - (no file)
O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\System32\inetcomm.dll
O18 - Protocol: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL
O18 - Protocol: msdaipp - (no CLSID) - (no file)
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\System32\wiascr.dll
O23 - Service: Autodesk Licensing Service (Autodesk Licensing Service) - Autodesk, Inc. - "C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"
O23 - Service: C-DillaCdaC11BA (C-DillaCdaC11BA) - Macrovision - C:\WINDOWS\system32\drivers\cdac11ba.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - "C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe"
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
O23 - Service: Remote Registry Protect (Hardware) - Microsoft Corporation - C:\WINDOWS\system32\svchost.exe -k netsvcs
O23 - Service: Human Interface Device Access (HidServ) -  - C:\WINDOWS\system32\svchost.exe -k netsvcs
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - "C:\Program Files\Norton AntiVirus\navapsvc.exe"
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - "C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - "C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe"
gototop
 
ppdog
头像
飘泊而立狮
  • 帖子:837
  • 注册: 2005-05-31
  • 来自:
发表于: 2006-05-11 08:56 | 短消息 资料
字号: 4楼

修复所有01项
gototop
 
3801502
头像
初生襁褓狮
  • 帖子:30
  • 注册: 2006-03-02
  • 来自:
发表于: 2006-05-11 08:56 | 只看楼主 短消息 资料
字号: 5楼

现在全了
gototop
 
3801502
头像
初生襁褓狮
  • 帖子:30
  • 注册: 2006-03-02
  • 来自:
发表于: 2006-05-11 08:58 | 只看楼主 短消息 资料
字号: 6楼

怎么修复?
谢谢
gototop
 
不言放弃
头像
社区嘉宾
  • 帖子:30678
  • 注册: 2004-09-17
  • 来自:蓝色星球
发表于: 2006-05-11 09:12 | 短消息 资料
字号: 7楼

【回复“3801502”的帖子】
用HIJACKTHIS修复
O4 - HKCU\..\Run: [Outlooker] C:\Program Files\Common Files\System\gd_bin_ini.exe
O4 - HKLM\..\Run: [Explorer] C:\WINDOWS\system32\MS_VMMIIT.exe
O4 - HKLM\..\RunOnce: [Explorer] C:\WINDOWS\System\MCI_AVI_ics.exe
O18 - Protocol: ic32pp - {BBCA9F81-8F4F-11D2-90FF-0080C83D3571} - C:\WINDOWS\wc98pp.dll

用HIJACKHTIS修复
所有的01项

开始--控制面板--性能和维护--管理工具--服务
禁用如下服务:
Remote Registry Protect (Hardware)
Human Interface Device Access (HidServ)

开始--运行
输入regedit
确定
进入注册表
展开[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]
找到后删除Hardware文件夹

删除如下文件:
C:\Program Files\Common Files\System\gd_bin_ini.exe
C:\WINDOWS\system32\MS_VMMIIT.exe
C:\WINDOWS\System\MCI_AVI_ics.exe
C:\WINDOWS\wc98pp.dll

另:
http://forum.ikaka.com/topic.asp?board=28&artid=6979213
(1楼附件)
下载HIJACKTHIS

使用方法:
打开HIJACKHTIS
勾选待修复的选项
然后点击“修复”按纽--确定
gototop
 
3801502
头像
初生襁褓狮
  • 帖子:30
  • 注册: 2006-03-02
  • 来自:
发表于: 2006-05-15 10:30 | 只看楼主 短消息 资料
字号: 8楼

现在好了
谢谢两位
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT