瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 原创】各位大侠帮忙下是怎回事?多谢了

1   1  /  1  页   跳转

原创】各位大侠帮忙下是怎回事?多谢了

收藏
小神龙1
头像
初生襁褓狮
  • 帖子:2
  • 注册: 2005-08-16
  • 来自:
发表于: 2005-08-16 18:29 | 只看楼主 短消息 资料
字号: 1楼

原创】各位大侠帮忙下是怎回事?多谢了

我用的是XP系统,可能是前天由于前天开了一个网站后就出现了好多病毒.有的病毒虽查到了但是却找不着删除不了的.就如这类win.reg.wisis.exe之类的.好像也有最新发布的一些病毒在里面.开机进入界面会有自动弹出那个命令提示符闪一下就又没了.机子的运行的速度也慢了许多.还望各位帮忙解决下.....谢谢啦!
最后编辑2005-08-16 21:15:53
分享到:
gototop
 
小神龙1
头像
初生襁褓狮
  • 帖子:2
  • 注册: 2005-08-16
  • 来自:
发表于: 2005-08-16 21:15 | 只看楼主 短消息 资料
字号: 2楼

Logfile of HijackThis v1.99.1
Scan saved at 18:18:08, on 2005-8-16
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\KAV2005\KWatch.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\KAV2005\KPfwSvc.EXE
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\EzButton\CplBCL50.EXE
C:\Program Files\D-Tools\daemon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\conime.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\KAV2005\KMailMon.EXE
E:\腾讯QQ\QQ.exe
E:\腾讯QQ\TIMPlatform.exe
E:\腾讯QQ\qqpet\qqpet.exe
C:\Program Files\TTPlayer\TTPlayer.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\ftp.exe
C:\Program Files\Tencent\TT\TTraveler.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\DOCUME~1\BLUEWA~1\LOCALS~1\Temp\Rar$EX41.240\HijackThis.exe

R3 - URLSearchHook: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\Program Files\3721\Assist\asbar.dll
O1 - Hosts: 64.20.39.242 www.567hk.com
O1 - Hosts: 64.20.39.242 567hk.com
O1 - Hosts: 64.20.39.242 fc987.com
O1 - Hosts: 64.20.39.242 www.fc987.com
O1 - Hosts: 64.20.39.242 hk3777.com
O1 - Hosts: 64.20.39.242 www.hk3777.com
O1 - Hosts: 64.20.39.242 32012.com
O1 - Hosts: 64.20.39.242 www.32012.com
O1 - Hosts: 64.20.39.242 16700.net
O1 - Hosts: 64.20.39.242 www.16700.net
O1 - Hosts: 64.20.39.242 85668.com
O1 - Hosts: 64.20.39.242 www.85668.com
O1 - Hosts: 64.20.39.242 tk9933.com
O1 - Hosts: 64.20.39.242 www.tk9933.com
O1 - Hosts: 64.20.39.242 zhinanzhen.com
O1 - Hosts: 64.20.39.242 www.zhinanzhen.com
O1 - Hosts: 64.20.39.242 www.118y.com
O1 - Hosts: 64.20.39.242 118y.com
O1 - Hosts: 64.20.39.242 www.kai888.com
O1 - Hosts: 64.20.39.242 kai888.com
O1 - Hosts: 64.20.39.242 www.hk256.com
O1 - Hosts: 64.20.39.242 hk256.com
O1 - Hosts: 64.20.39.242 www.tk6788.com
O1 - Hosts: 64.20.39.242 tk6788.com
O1 - Hosts: 64.20.39.242 fc987.com/cp132.htm
O1 - Hosts: 64.20.39.242 fc987.com/cp128.htm
O1 - Hosts: 64.20.39.242 fc987.com/cp129.htm
O1 - Hosts: 64.20.39.242 fc987.com/cp130.htm
O1 - Hosts: 64.20.39.242 fc987.com/cp131.htm
O1 - Hosts: 64.20.39.242 www.10238.com/02.asp
O1 - Hosts: 64.20.39.242 www.10238.com/01.asp
O1 - Hosts: 64.20.39.242 www.10238.com
O1 - Hosts: 64.20.39.242 www.20008.com
O1 - Hosts: 64.20.39.242 20008.com
O1 - Hosts: 64.20.39.242 www.cctv858.net
O1 - Hosts: 64.20.39.242 cctv858.net
O1 - Hosts: 64.20.39.242 www.zm1861.com
O1 - Hosts: 64.20.39.242 zm1861.com
O1 - Hosts: 64.20.39.242 www.cctv7777.com
O1 - Hosts: 64.20.39.242 cctv7777.com
O1 - Hosts: 64.20.39.242 www.317858.com
O1 - Hosts: 64.20.39.242 317858.com
O1 - Hosts: 64.20.39.242 www.51338.com
O1 - Hosts: 64.20.39.242 51338.com
O1 - Hosts: 64.20.39.242 www.777778.com
O1 - Hosts: 64.20.39.242 777778.com
O1 - Hosts: 64.20.39.242 www.zm1861.net
O1 - Hosts: 64.20.39.242 zm1861.net
O1 - Hosts: 64.20.39.242 www.dddzzz.com
O1 - Hosts: 64.20.39.242 dddzzz.com
O1 - Hosts: 64.20.39.242 www.dddttt.com
O1 - Hosts: 64.20.39.242 dddttt.com
O1 - Hosts: 64.20.39.242 www.58128.net
O1 - Hosts: 64.20.39.242 58128.net
O1 - Hosts: 64.20.39.242 www.755788.com
O1 - Hosts: 64.20.39.242 755788.com
O1 - Hosts: 64.20.39.242 www.hao7k.com
O1 - Hosts: 64.20.39.242 hao7k.com
O1 - Hosts: 64.20.39.242 www.2233.cc
O1 - Hosts: 64.20.39.242 2233.cc
O1 - Hosts: 64.20.39.242 www.7k777.com
O1 - Hosts: 64.20.39.242 7k777.com
O1 - Hosts: 64.20.39.242 www.ok49.cn
O1 - Hosts: 64.20.39.242 ok49.cn
O1 - Hosts: 64.20.39.242 www.535888.com
O1 - Hosts: 64.20.39.242 535888.com
O1 - Hosts: 64.20.39.242 www.49001.com
O1 - Hosts: 64.20.39.242 49001.com
O1 - Hosts: 64.20.39.242 www.hk38.net
O1 - Hosts: 64.20.39.242 hk38.net
O1 - Hosts: 64.20.39.242 www.k80088.com
O1 - Hosts: 64.20.39.242 k80088.com
O1 - Hosts: 64.20.39.242 www.662233.com
O1 - Hosts: 64.20.39.242 662233.com
O1 - Hosts: 64.20.39.242 www.xg685.com
O1 - Hosts: 64.20.39.242 xg685.com
O1 - Hosts: 64.20.39.242 www.hok111.com
O1 - Hosts: 64.20.39.242 hok111.com
O1 - Hosts: 64.20.39.242 www.4482.com
O1 - Hosts: 64.20.39.242 4482.com
O1 - Hosts: 64.20.39.242 www.5787.com
O1 - Hosts: 64.20.39.242 5787.com
O1 - Hosts: 64.20.39.242 www.hkliuhecai.cn
O1 - Hosts: 64.20.39.242 hkliuhecai.cn
O1 - Hosts: 64.20.39.242 www.588123.com
O1 - Hosts: 64.20.39.242 588123.com
O1 - Hosts: 64.20.39.242 www.six68.com
O1 - Hosts: 64.20.39.242 six68.com
O1 - Hosts: 64.20.39.242 www.tm1819.com
O1 - Hosts: 64.20.39.242 tm1819.com
O1 - Hosts: 64.20.39.242 www.my599.com
O1 - Hosts: 64.20.39.242 my599.com
O1 - Hosts: 64.20.39.242 www.8k999.com
O1 - Hosts: 64.20.39.242 8k999.com
O1 - Hosts: 64.20.39.242 www.73678.com
O1 - Hosts: 64.20.39.242 73678.com
O1 - Hosts: 64.20.39.242 www.77178.com
O1 - Hosts: 64.20.39.242 77178.com
O1 - Hosts: 64.20.39.242 www.456678.com
O1 - Hosts: 64.20.39.242 456678.com
O1 - Hosts: 64.20.39.242 www.999234.com
O2 - BHO: QQBrowserHelperObject Class - {54EBD53A-9BC1-480B-966A-843A333CA162} - E:\腾讯QQ\QQIEHelper.dll
O2 - BHO: Router Layer - {5EB7CB50-E375-4718-B4C0-9AD12EFA2F84} - C:\WINDOWS\System32\aclayer.dll (file missing)
O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\PROGRA~1\baidu\bar\BaiduBar.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FLASHGET\jccatch.dll
O2 - BHO: AssistII - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\Program Files\3721\Assist\asbar.dll
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - C:\WINDOWS\DOWNLO~1\CnsHook.dll
O2 - BHO: Infofo 工具栏 - {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} - C:\Program Files\Infofo Bar\infofobar.dll
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll
O3 - Toolbar: 完美网译通 - {F43BD772-ABDD-43b7-A96A-3E9E61946EC0} - C:\WINDOWS\WORLD2\TOOLBAR\hmtoolbar.dll
O3 - Toolbar: 百度超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\PROGRA~1\baidu\bar\BaiduBar.dll
O3 - Toolbar: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\Program Files\3721\Assist\asbar.dll
O3 - Toolbar: Infofo 工具栏 - {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} - C:\Program Files\Infofo Bar\infofobar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [CplBCL50] C:\Program Files\EzButton\CplBCL50.EXE
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe"  -lang 1033
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [helper.dll] C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [SysMudu] C:\WINDOWS\System32\sysMudu.exe
O4 - HKLM\..\Run: [CnsMin] Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32
O4 - HKLM\..\Run: [KavStart] "C:\KAV2005\KAVStart.exe" -startup
O4 - HKLM\..\Run: [] regedit -s C:\$NtUninstallKB883939$\spcustom.dll
O4 - HKLM\..\Run: [3721] C:\$NtUninstallKB883939$\a3721.bat
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Kugoo] E:\KUGOO2\KUGOO.EXE
O4 - HKCU\..\Run: [] regedit -s C:\$NtUninstallKB883939$\spcustom.dll
O4 - HKCU\..\Run: [3721] C:\$NtUninstallKB883939$\a3721.bat
O4 - Startup: 腾讯QQ.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: !搜一搜 - res://C:\WINDOWS\DOWNLO~1\CnsMinEx.dll/1003
O8 - Extra context menu item: !搜一搜(&S) - res://C:\Program Files\yisou\yisou.dll/232
O8 - Extra context menu item: 使用Kugoo下载 - E:\KuGoo\KugooDownX.htm
O8 - Extra context menu item: 使用网际快车下载 - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - E:\腾讯QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - E:\腾讯QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - E:\腾讯QQ\SendMMS.htm
O9 - Extra button: 手机短信 - {00000000-0000-0001-0001-596BAEDD1289} - http://sms.3721.com/ie/index.htm?pid=202206_1006 (file missing)
O9 - Extra button: Yahoo 1G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.mail.yahoo.com/promo/rd1 (file missing)
O9 - Extra button: 寻宝乐趣多 - {59BC54A2-56B3-44a0-93E5-432D58746E26} - http://hot.3721.com/rd/shop_btn.htm (file missing)
O9 - Extra button: 上网助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://assistant.3721.com/index.htm?fb=Cns (file missing)
O9 - Extra button: Infofo 工具栏 - {8507326C-B5C1-4559-BB91-0919E753836F} - C:\Program Files\Infofo Bar\infofobar.dll
O9 - Extra 'Tools' menuitem: Infofo 工具栏 - {8507326C-B5C1-4559-BB91-0919E753836F} - C:\Program Files\Infofo Bar\infofobar.dll
O9 - Extra button: 易趣购物 - {BE9C13C3-9E46-4db1-BC05-BD8DA44599F2} - http://adfarm.mediaplex.com/ad/ck/4080-23171-9517-195?cn=song;icon;hp&mpro=http://www.ebay.com.cn (file missing)
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT