瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 【求助】跪求 都是灰鸽子惹得祸 救命嘎!!!

12   1  /  2  页   跳转

【求助】跪求 都是灰鸽子惹得祸 救命嘎!!!

收藏
超级大白鲨
头像
初生襁褓狮
  • 帖子:19
  • 注册: 2006-06-04
  • 来自:
发表于: 2006-06-04 21:25 | 只看楼主 短消息 资料
字号: 1楼

【求助】跪求 都是灰鸽子惹得祸 救命嘎!!!

我每次开机瑞星防火墙都提示内存中的木马病毒已清除,提示病毒如下"IEXPLORE.EXE>>C:\Program Files\Internet Explorer\IEXPLORE.EXE ->Backdoor.Gpigeon.uql"
可每次开机都有,处理不掉阿.
我也按照版主的方法去尝试手工清除,可是找不到所谓的_hook.dll  .exe  .dll之类的文件,我也在安全模式找过,请问哪位高手可以解救的,谢谢了
最后编辑2006-06-05 00:02:08
分享到:
gototop
 
超级大白鲨
头像
初生襁褓狮
  • 帖子:19
  • 注册: 2006-06-04
  • 来自:
发表于: 2006-06-04 21:20 | 只看楼主 短消息 资料
字号: 2楼

HijackThis_zww汉化版扫描日志 V1.99.1
保存于      21:18:33, 日期 2006-6-4
操作系统:  Windows 2000 SP4 (WinNT 5.00.2195)
浏览器:    Internet Explorer v6.00 SP1 (6.00.2800.1106)

当前运行的进程:         
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
C:\Program Files\rising\Rav\Ravmond.exe
c:\program files\rising\rfw\rfwsrv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\DRIVERS\CDANTSRV.EXE
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\rising\Rav\RavStub.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
c:\program files\rising\rfw\RfwMain.exe
C:\Program Files\rising\Rav\RavTask.exe
C:\Program Files\rising\Rav\Ravmon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINNT\system32\ctfmon.exe
c:\program files\rising\rfw\RfwCfg.exe
D:\Program Files\Tencent\TM\TMDlls\TM.exe
D:\Program Files\Tencent\TM\TMDlls\TIMPlatform.exe
D:\Program Files\HijackThis\HijackThis1991zww.exe

F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: 218.5.76.71 1ting.com
O1 - Hosts: 218.5.76.71 www.1ting.com
O1 - Hosts: 218.5.76.71 yy138.com
O1 - Hosts: 218.5.76.71 www.yy138.com
O1 - Hosts: 218.5.76.71 dj99.com
O1 - Hosts: 218.5.76.71 www.dj99.com
O1 - Hosts: 218.5.76.71 520music.com
O1 - Hosts: 218.5.76.71 www.520music.com
O1 - Hosts: 218.5.76.71 vv66.com
O1 - Hosts: 218.5.76.71 www.vv66.com
O1 - Hosts: 218.5.76.71 666ccc.com
O1 - Hosts: 218.5.76.71 www.666ccc.com
O1 - Hosts: 218.5.76.71 666qqq.com
O1 - Hosts: 218.5.76.71 www.666qqq.com
O1 - Hosts: 218.5.76.71 100yy.com
O1 - Hosts: 218.5.76.71 www.100yy.com
O1 - Hosts: 218.5.76.71 006.net
O1 - Hosts: 218.5.76.71 www.006.net
O1 - Hosts: 218.5.76.71 2t.cn
O1 - Hosts: 218.5.76.71 www.2t.cn
O1 - Hosts: 218.5.76.71 cococ.com
O1 - Hosts: 218.5.76.71 www.cococ.com
O1 - Hosts: 218.5.76.71 ting.cococ.com
O1 - Hosts: 218.5.76.71 yymp3.com
O1 - Hosts: 218.5.76.71 www.yymp3.com
O1 - Hosts: 218.5.76.71 qq163.com
O1 - Hosts: 218.5.76.71 www.qq163.com
O1 - Hosts: 218.5.76.71 7760.com
O1 - Hosts: 218.5.76.71 www.7760.com
O1 - Hosts: 218.5.76.71 568.com
O1 - Hosts: 218.5.76.71 www.568.com
O1 - Hosts: 218.5.76.71 nowok.net
O1 - Hosts: 218.5.76.71 www.nowok.net
O1 - Hosts: 218.5.76.71 chinamp3.com
O1 - Hosts: 218.5.76.71 www.chinamp3.com
O1 - Hosts: 218.5.76.71 99music.net
O1 - Hosts: 218.5.76.71 www.99music.net
O1 - Hosts: 218.5.76.71 6621.com
O1 - Hosts: 218.5.76.71 www.6621.com
O1 - Hosts: 218.5.76.71 7t7t.com
O1 - Hosts: 218.5.76.71 www.7t7t.com
O1 - Hosts: 218.5.76.71 haoting.com
O1 - Hosts: 218.5.76.71 www.haoting.com
O1 - Hosts: 218.5.76.71 mtv110.com
O1 - Hosts: 218.5.76.71 www.mtv110.com
O1 - Hosts: 218.5.76.71 st020.com
O1 - Hosts: 218.5.76.71 www.st020.com
O1 - Hosts: 218.5.76.71 music.jschina.com.cn
O1 - Hosts: 218.5.76.71 real2000.org
O1 - Hosts: 218.5.76.71 www.real2000.org
O1 - Hosts: 218.5.76.71 6bb.com
O1 - Hosts: 218.5.76.71 www.6bb.com
O1 - Hosts: 218.5.76.71 5474.com
O1 - Hosts: 218.5.76.71 www.5474.com
O1 - Hosts: 218.5.76.71 qq163.com
O1 - Hosts: 218.5.76.71 www.qq163.com
O1 - Hosts: 218.5.76.71 ting88.com
O1 - Hosts: 218.5.76.71 www.ting88.com
O1 - Hosts: 218.5.76.71 tt78.com
O1 - Hosts: 218.5.76.71 www.tt78.com
O1 - Hosts: 218.5.76.71 8yh.com
O1 - Hosts: 218.5.76.71 mp3.8yh.com
O1 - Hosts: 218.5.76.71 ibmp3.com
O1 - Hosts: 218.5.76.71 www.ibmp3.com
O1 - Hosts: 218.5.76.71 feifa.com
O1 - Hosts: 218.5.76.71 www.feifa.com
O1 - Hosts: 218.5.76.71 music.feifa.com
O1 - Hosts: 218.5.76.71 91f.net
O1 - Hosts: 218.5.76.71 www.91f.net
O1 - Hosts: 218.5.76.71 6621.com
O1 - Hosts: 218.5.76.71 www.6621.com
O1 - Hosts: 218.5.76.71 ting163.com
O1 - Hosts: 218.5.76.71 www.ting163.com
O1 - Hosts: 218.5.76.71 99music.net
O1 - Hosts: 218.5.76.71 www.99music.net
O1 - Hosts: 218.5.76.71 wo99.com
O1 - Hosts: 218.5.76.71 www.wo99.com
O1 - Hosts: 218.5.76.71 jnnc.com
O1 - Hosts: 218.5.76.71 www.jnnc.com
O1 - Hosts: 218.5.76.71 mtv123.com
O1 - Hosts: 218.5.76.71 www.mtv123.com
O1 - Hosts: 218.5.76.71 dj520.com
O1 - Hosts: 218.5.76.71 www.dj520.com
O1 - Hosts: 218.5.76.71 7xi.net
O1 - Hosts: 218.5.76.71 www.7xi.net
O1 - Hosts: 218.5.76.71 mtv110.com
O1 - Hosts: 218.5.76.71 www.mtv110.com
O1 - Hosts: 218.5.76.71 mtvtop.net
O1 - Hosts: 218.5.76.71 www.mtvtop.net
O1 - Hosts: 218.5.76.71 mtvtop.com
O1 - Hosts: 218.5.76.71 www.mtvtop.com
O1 - Hosts: 218.5.76.71 xaonline.com
O1 - Hosts: 218.5.76.71 music.xaonline.com
O1 - Hosts: 218.5.76.71 musictea.com
O1 - Hosts: 218.5.76.71 www.musictea.com
O1 - Hosts: 218.5.76.71 tfol.com
O1 - Hosts: 218.5.76.71 www.tfol.com
O1 - Hosts: 218.5.76.71 yyue.com
O1 - Hosts: 218.5.76.71 www.yyue.com
O1 - Hosts: 218.5.76.71 yyue.net
O1 - Hosts: 218.5.76.71 www.yyue.net
O3 - IE工具栏增项: @msdxmLC.dll,-1@2052,电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - IE工具栏增项: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINNT\system32\kakatool.dll
O4 - 启动项HKLM\\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - 启动项HKLM\\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - 启动项HKLM\\Run: [RavTask] "C:\Program Files\rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - 启动项HKLM\\Run: [Synchronization Manager] mobsync.exe /logon
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - 启动项HKLM\\Run: [ISUSPM Startup] c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - D:\Program Files\FlashGet\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - D:\Program Files\FlashGet\jc_all.htm
O9 - 浏览器额外的按钮: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - 浏览器额外的“工具”菜单项: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O16 - DPF: {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} (Edit Class) - https://www.sz1.cmbchina.com/download/CMBEdit.cab
O16 - DPF: {1F831FA1-42FC-11D4-95A6-0080AD30DCE1} (InstaFred) - file://D:\Program Files\AutoCAD 2002\InstFred.ocx
O16 - DPF: {2354A44B-3CEB-4829-9940-545B03103538} (PowerPlr Control) - http://bbsky.wuhan.net.cn/plugin/PowerPlr.ocx
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (CEditCtrl Object) - https://img.alipay.com/download/1007/aliedit.cab
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday 控件) - file://D:\Program Files\AutoCAD 2002\AcDcToday.ocx
O16 - DPF: {AE563722-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://D:\Program Files\AutoCAD 2002\InstBanr.ocx
O16 - DPF: {DF6FE46D-1D23-4668-AD3A-CDEA1262B282} (PowerDld Control) - http://bbsky.wuhan.net.cn/plugin/PowerDld.ocx
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview 控件) - file://D:\Program Files\AutoCAD 2002\AcPreview.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{3EAEEB20-CD13-4A56-8D9E-713CA3AC51BE}: NameServer = 211.91.120.129,211.94.33.193
O23 - NT 服务: C-DillaSrv - C-Dilla Ltd - C:\WINNT\system32\DRIVERS\CDANTSRV.EXE
O23 - NT 服务: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - NT 服务: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - NT 服务: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - NT 服务: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe
O23 - NT 服务: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\rising\Rav\Ravmond.exe
O23 - NT 服务: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - NT 服务: windows - Unknown owner - C:\WINNT\cn.exe

这是扫描的结果,请专家就诊,如能解决,不胜感激
gototop
 
超级大白鲨
头像
初生襁褓狮
  • 帖子:19
  • 注册: 2006-06-04
  • 来自:
发表于: 2006-06-04 21:31 | 只看楼主 短消息 资料
字号: 3楼

怎么没有人解决的了的,我的情况真的很特殊呀
gototop
 
SEALyp
头像
叱咤花甲狮
  • 帖子:2820
  • 注册: 2005-01-21
  • 来自:
发表于: 2006-06-04 21:36 | 短消息 资料
字号: 4楼

O23 - NT 服务: windows - Unknown owner - C:\WINNT\cn.exe
gototop
 
sasade
头像
初生襁褓狮
  • 帖子:60
  • 注册: 2006-06-04
  • 来自:
发表于: 2006-06-04 21:38 | 短消息 资料
字号: 5楼

【回复“超级大白鲨”的帖子】O23 - NT 服务: windows - Unknown owner - C:\WINNT\cn.exe
灰鸽子啊。修复吧。修复之后重启。删除C:\WINNT\cn.exe。
那些O1,也都修复了吧。
gototop
 
超级大白鲨
头像
初生襁褓狮
  • 帖子:19
  • 注册: 2006-06-04
  • 来自:
发表于: 2006-06-04 21:44 | 只看楼主 短消息 资料
字号: 6楼

01是什么问题?怎么修复?
gototop
 
SEALyp
头像
叱咤花甲狮
  • 帖子:2820
  • 注册: 2005-01-21
  • 来自:
发表于: 2006-06-04 21:46 | 短消息 资料
字号: 7楼

点HijackThis修复01
gototop
 
我无邪
头像
高贵耄耋狮
  • 帖子:20720
  • 注册: 2004-06-10
  • 来自:广西玉林
发表于: 2006-06-04 21:48 | 短消息 资料
字号: 8楼

开始→运行→输入services.msc,打开“服务”→查找windows →双击→启动类型→禁止→停止→应用→确定。禁止windows这个服务
重启
关闭所有浏览窗口以及一些不必要的程序
运行Hijackthis,扫描结束后在下列选项前打上勾,然后选"修复""(如果有的话)
所有01项
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O23 - NT 服务: windows - Unknown owner - C:\WINNT\cn.exe
双击我的电脑--工具---文件夹选项--查看--单击选取"显示隐藏文件或文件夹"清除"隐藏受保护的操作系统文件(推荐)"复选框。在提示您确定更改时,单击“是”
删除
C:\WINNT\cn.exe
gototop
 
超级大白鲨
头像
初生襁褓狮
  • 帖子:19
  • 注册: 2006-06-04
  • 来自:
发表于: 2006-06-04 22:34 | 只看楼主 短消息 资料
字号: 9楼

请帮忙再看看,我在安全模式去掉了一个cn.exe的键值,卸载了智能狂拼3,但是没有找到C:\WINNT\cn.exe,先在开机没有木马提示了,我不敢确定清楚干净没有,再传一份日志请高手们看看,谢谢。
我没有按照“我无邪”老大说的方法去做,不知道可不可以?


HijackThis_zww汉化版扫描日志 V1.99.1
保存于      22:22:40, 日期 2006-6-4
操作系统:  Windows 2000 SP4 (WinNT 5.00.2195)
浏览器:    Internet Explorer v6.00 SP1 (6.00.2800.1106)

当前运行的进程:         
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
C:\Program Files\rising\Rav\Ravmond.exe
c:\program files\rising\rfw\rfwsrv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\DRIVERS\CDANTSRV.EXE
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\Program Files\rising\Rav\RavStub.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
c:\program files\rising\rfw\RfwMain.exe
C:\Program Files\rising\Rav\RavTask.exe
C:\Program Files\rising\Rav\Ravmon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINNT\system32\ctfmon.exe
C:\WINNT\system32\NOTEPAD.EXE
D:\Program Files\HijackThis\HijackThis1991zww.exe

F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: 218.5.76.71 1ting.com
O1 - Hosts: 218.5.76.71 www.1ting.com
O1 - Hosts: 218.5.76.71 yy138.com
O1 - Hosts: 218.5.76.71 www.yy138.com
O1 - Hosts: 218.5.76.71 dj99.com
O1 - Hosts: 218.5.76.71 www.dj99.com
O1 - Hosts: 218.5.76.71 520music.com
O1 - Hosts: 218.5.76.71 www.520music.com
O1 - Hosts: 218.5.76.71 vv66.com
O1 - Hosts: 218.5.76.71 www.vv66.com
O1 - Hosts: 218.5.76.71 666ccc.com
O1 - Hosts: 218.5.76.71 www.666ccc.com
O1 - Hosts: 218.5.76.71 666qqq.com
O1 - Hosts: 218.5.76.71 www.666qqq.com
O1 - Hosts: 218.5.76.71 100yy.com
O1 - Hosts: 218.5.76.71 www.100yy.com
O1 - Hosts: 218.5.76.71 006.net
O1 - Hosts: 218.5.76.71 www.006.net
O1 - Hosts: 218.5.76.71 2t.cn
O1 - Hosts: 218.5.76.71 www.2t.cn
O1 - Hosts: 218.5.76.71 cococ.com
O1 - Hosts: 218.5.76.71 www.cococ.com
O1 - Hosts: 218.5.76.71 ting.cococ.com
O1 - Hosts: 218.5.76.71 yymp3.com
O1 - Hosts: 218.5.76.71 www.yymp3.com
O1 - Hosts: 218.5.76.71 qq163.com
O1 - Hosts: 218.5.76.71 www.qq163.com
O1 - Hosts: 218.5.76.71 7760.com
O1 - Hosts: 218.5.76.71 www.7760.com
O1 - Hosts: 218.5.76.71 568.com
O1 - Hosts: 218.5.76.71 www.568.com
O1 - Hosts: 218.5.76.71 nowok.net
O1 - Hosts: 218.5.76.71 www.nowok.net
O1 - Hosts: 218.5.76.71 chinamp3.com
O1 - Hosts: 218.5.76.71 www.chinamp3.com
O1 - Hosts: 218.5.76.71 99music.net
O1 - Hosts: 218.5.76.71 www.99music.net
O1 - Hosts: 218.5.76.71 6621.com
O1 - Hosts: 218.5.76.71 www.6621.com
O1 - Hosts: 218.5.76.71 7t7t.com
O1 - Hosts: 218.5.76.71 www.7t7t.com
O1 - Hosts: 218.5.76.71 haoting.com
O1 - Hosts: 218.5.76.71 www.haoting.com
O1 - Hosts: 218.5.76.71 mtv110.com
O1 - Hosts: 218.5.76.71 www.mtv110.com
O1 - Hosts: 218.5.76.71 st020.com
O1 - Hosts: 218.5.76.71 www.st020.com
O1 - Hosts: 218.5.76.71 music.jschina.com.cn
O1 - Hosts: 218.5.76.71 real2000.org
O1 - Hosts: 218.5.76.71 www.real2000.org
O1 - Hosts: 218.5.76.71 6bb.com
O1 - Hosts: 218.5.76.71 www.6bb.com
O1 - Hosts: 218.5.76.71 5474.com
O1 - Hosts: 218.5.76.71 www.5474.com
O1 - Hosts: 218.5.76.71 qq163.com
O1 - Hosts: 218.5.76.71 www.qq163.com
O1 - Hosts: 218.5.76.71 ting88.com
O1 - Hosts: 218.5.76.71 www.ting88.com
O1 - Hosts: 218.5.76.71 tt78.com
O1 - Hosts: 218.5.76.71 www.tt78.com
O1 - Hosts: 218.5.76.71 8yh.com
O1 - Hosts: 218.5.76.71 mp3.8yh.com
O1 - Hosts: 218.5.76.71 ibmp3.com
O1 - Hosts: 218.5.76.71 www.ibmp3.com
O1 - Hosts: 218.5.76.71 feifa.com
O1 - Hosts: 218.5.76.71 www.feifa.com
O1 - Hosts: 218.5.76.71 music.feifa.com
O1 - Hosts: 218.5.76.71 91f.net
O1 - Hosts: 218.5.76.71 www.91f.net
O1 - Hosts: 218.5.76.71 6621.com
O1 - Hosts: 218.5.76.71 www.6621.com
O1 - Hosts: 218.5.76.71 ting163.com
O1 - Hosts: 218.5.76.71 www.ting163.com
O1 - Hosts: 218.5.76.71 99music.net
O1 - Hosts: 218.5.76.71 www.99music.net
O1 - Hosts: 218.5.76.71 wo99.com
O1 - Hosts: 218.5.76.71 www.wo99.com
O1 - Hosts: 218.5.76.71 jnnc.com
O1 - Hosts: 218.5.76.71 www.jnnc.com
O1 - Hosts: 218.5.76.71 mtv123.com
O1 - Hosts: 218.5.76.71 www.mtv123.com
O1 - Hosts: 218.5.76.71 dj520.com
O1 - Hosts: 218.5.76.71 www.dj520.com
O1 - Hosts: 218.5.76.71 7xi.net
O1 - Hosts: 218.5.76.71 www.7xi.net
O1 - Hosts: 218.5.76.71 mtv110.com
O1 - Hosts: 218.5.76.71 www.mtv110.com
O1 - Hosts: 218.5.76.71 mtvtop.net
O1 - Hosts: 218.5.76.71 www.mtvtop.net
O1 - Hosts: 218.5.76.71 mtvtop.com
O1 - Hosts: 218.5.76.71 www.mtvtop.com
O1 - Hosts: 218.5.76.71 xaonline.com
O1 - Hosts: 218.5.76.71 music.xaonline.com
O1 - Hosts: 218.5.76.71 musictea.com
O1 - Hosts: 218.5.76.71 www.musictea.com
O1 - Hosts: 218.5.76.71 tfol.com
O1 - Hosts: 218.5.76.71 www.tfol.com
O1 - Hosts: 218.5.76.71 yyue.com
O1 - Hosts: 218.5.76.71 www.yyue.com
O1 - Hosts: 218.5.76.71 yyue.net
O1 - Hosts: 218.5.76.71 www.yyue.net
O3 - IE工具栏增项: @msdxmLC.dll,-1@2052,电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - IE工具栏增项: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINNT\system32\kakatool.dll
O4 - 启动项HKLM\\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - 启动项HKLM\\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - 启动项HKLM\\Run: [RavTask] "C:\Program Files\rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - 启动项HKLM\\Run: [Synchronization Manager] mobsync.exe /logon
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - 启动项HKLM\\Run: [ISUSPM Startup] c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - D:\Program Files\FlashGet\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - D:\Program Files\FlashGet\jc_all.htm
O9 - 浏览器额外的按钮: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - 浏览器额外的“工具”菜单项: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O16 - DPF: {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} (Edit Class) - https://www.sz1.cmbchina.com/download/CMBEdit.cab
O16 - DPF: {1F831FA1-42FC-11D4-95A6-0080AD30DCE1} (InstaFred) - file://D:\Program Files\AutoCAD 2002\InstFred.ocx
O16 - DPF: {2354A44B-3CEB-4829-9940-545B03103538} (PowerPlr Control) - http://bbsky.wuhan.net.cn/plugin/PowerPlr.ocx
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (CEditCtrl Object) - https://img.alipay.com/download/1007/aliedit.cab
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday 控件) - file://D:\Program Files\AutoCAD 2002\AcDcToday.ocx
O16 - DPF: {AE563722-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://D:\Program Files\AutoCAD 2002\InstBanr.ocx
O16 - DPF: {DF6FE46D-1D23-4668-AD3A-CDEA1262B282} (PowerDld Control) - http://bbsky.wuhan.net.cn/plugin/PowerDld.ocx
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview 控件) - file://D:\Program Files\AutoCAD 2002\AcPreview.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{3EAEEB20-CD13-4A56-8D9E-713CA3AC51BE}: NameServer = 211.91.120.129,211.94.33.193
O23 - NT 服务: C-DillaSrv - C-Dilla Ltd - C:\WINNT\system32\DRIVERS\CDANTSRV.EXE
O23 - NT 服务: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - NT 服务: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - NT 服务: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - NT 服务: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe
O23 - NT 服务: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\rising\Rav\Ravmond.exe
O23 - NT 服务: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
gototop
 
SEALyp
头像
叱咤花甲狮
  • 帖子:2820
  • 注册: 2005-01-21
  • 来自:
发表于: 2006-06-04 22:42 | 短消息 资料
字号: 10楼

O23 - NT 服务: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
值得怀疑
gototop
 
<<上一主题|下一主题>>
12   1  /  2  页   跳转
页面顶部
Powered by Discuz!NT