网页转换到垃圾网站~HijackThis扫描日志 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛网页转换到垃圾网站~HijackThis扫描日志

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

网页转换到垃圾网站~HijackThis扫描日志

无奈啊老中病毒强壮不惑狮帖子:926 注册: 2004-09-28 来自:	发表于： 2006-02-03 05:26 \| 只看楼主短消息资料字号：小中大 1楼网页转换到垃圾网站~HijackThis扫描日志 HijackThis_zww汉化版扫描日志 V1.99.1 保存于 5:23:03, 日期 2006-2-3 操作系统： Windows 2000 SP4 (WinNT 5.00.2195) 浏览器： Internet Explorer v5.00 SP4 (5.00.2920.0000) 当前运行的进程： C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\Ati2evxx.exe C:\WINNT\system32\svchost.exe C:\Program Files\Rising\Rav\CCenter.exe C:\Program Files\Rising\Rav\Ravmond.exe C:\WINNT\system32\svchost.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\Program Files\Rising\Rav\RavStub.exe C:\WINNT\system32\Ati2evxx.exe C:\WINNT\Explorer.EXE C:\Program Files\Rising\Rav\RavTask.exe C:\WINNT\system32\internat.exe F:\新建文件夹\HijackThis1991汉化版\HijackThis1991zww.exe R3 - 默认的URLSearchHook丢失。用HijackThis修复 O2 - BHO: Deliverer Class - {3E290290-1728-4C1E-863A-AA12526333F6} - C:\Program Files\CNet\ADDeliverer\ADDeliverer.dll O2 - BHO: HBObject Class - {AE22AFE5-1EF4-4D25-9E23-D2825FB17DA1} - C:\WINNT\DOWNLO~1\hbhelper.dll O3 - IE工具栏增项: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll O3 - IE工具栏增项: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINNT\system32\KakaTool.dll O4 - 启动项HKLM\\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system O4 - 启动项HKLM\\Run: [RichMedia] C:\WINNT\system32\Rundll32.exe "C:\WINNT\DOWNLO~1\hbhelper.dll",WaitWindows O4 - 启动项HKLM\\Run: [Synchronization Manager] mobsync.exe /logon O4 - 启动项HKCU\\Run: [Internat.exe] internat.exe O8 - IE右键菜单中的新增项目: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\geturl.htm O8 - IE右键菜单中的新增项目: &使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\getallurl.htm O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - C:\Program Files\Tencent\QQ\AddToNetDisk.htm O8 - IE右键菜单中的新增项目: 使用网际快车下载 - C:\Program Files\FlashGet\jc_link.htm O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - C:\Program Files\FlashGet\jc_all.htm O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm O8 - IE右键菜单中的新增项目: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm O9 - 浏览器额外的按钮: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-E800A446447A} - D:\Program Files\浩方对战平台\GameClient.exe O9 - 浏览器额外的按钮: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O9 - 浏览器额外的“工具”菜单项: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE O9 - 浏览器额外的按钮: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe O9 - 浏览器额外的“工具”菜单项: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe O9 - 浏览器额外的按钮: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll O9 - 浏览器额外的“工具”菜单项: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll O10 - 未知的文件在 Winsock LSP: c:\winnt\system32\hbmter.dll O10 - 未知的文件在 Winsock LSP: c:\winnt\system32\hbmter.dll O14 - IERESET.INF: SEARCH_PAGE_URL= O14 - IERESET.INF: START_PAGE_URL= O23 - NT 服务: Ati HotKey Poller - ATI Technologies Inc. - C:\WINNT\system32\Ati2evxx.exe O23 - NT 服务: ATI Smart - Unknown owner - C:\WINNT\system32\ati2sgag.exe O23 - NT 服务: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe 2006-02-04 04:40:09
无奈啊老中病毒强壮不惑狮帖子:926 注册: 2004-09-28 来自:	分享到：

不言放弃社区嘉宾帖子:30678 注册: 2004-09-17 来自:蓝色星球	发表于： 2006-02-03 05:30 \| 短消息资料字号：小中大 2楼修复 R3 - 默认的URLSearchHook丢失。用HijackThis修复 O2 - BHO: Deliverer Class - {3E290290-1728-4C1E-863A-AA12526333F6} - C:\Program Files\CNet\ADDeliverer\ADDeliverer.dll 卸载 C:\Program Files\CNet 删除 C:\Program Files\CNet
不言放弃社区嘉宾帖子:30678 注册: 2004-09-17 来自:蓝色星球

无奈啊老中病毒强壮不惑狮帖子:926 注册: 2004-09-28 来自:	发表于： 2006-02-03 06:03 \| 只看楼主短消息资料字号：小中大 3楼试试~谢谢
无奈啊老中病毒强壮不惑狮帖子:926 注册: 2004-09-28 来自:

无奈啊老中病毒强壮不惑狮帖子:926 注册: 2004-09-28 来自:	发表于： 2006-02-03 06:35 \| 只看楼主短消息资料字号：小中大 4楼还是不行呀~这是我的iereset.inf清帮忙看看能不能修改 ? NOTE: this is an NT5-only version of iereset.inx [Version] Signature="$CHICAGO$" AdvancedINF=2.5,"You need a new version of advpack.dll" [RestoreHomePage] AddReg=RestoreHomePage.reg [RestoreBrowserSettings] AddReg=RestoreBrowserSettings.reg DelReg=DeleteTemplates.reg [RestoreHomePage.reg] HKCU,"Software\Microsoft\Internet Explorer\Main","Start Page",0,%START_PAGE_URL% [RestoreBrowserSettings.reg] HKLM,"Software\Microsoft\Internet Explorer\Main","Default_Page_URL",0,%START_PAGE_URL% HKLM,"Software\Microsoft\Internet Explorer\Main","Default_Search_URL",0,%SEARCH_PAGE_URL% HKLM,"Software\Microsoft\Internet Explorer\Main","Search Page",0,%SEARCH_PAGE_URL% HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","1",0,"www.%s.com" HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","2",0,"www.%s.org" HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","3",0,"www.%s.net" HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","4",0,"www.%s.edu" HKCU,"Software\Microsoft\Internet Explorer\Main","Search Page",0,%SEARCH_PAGE_URL% HKCU,"Software\Microsoft\Internet Explorer\SearchUrl","provider",0,"" HKLM,"Software\Microsoft\Internet Explorer\Search","SearchAssistant",0,"http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" HKLM,"Software\Microsoft\Internet Explorer\Search","CustomizeSearch",0,"http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm" HKLM,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\SafeSites",%SAFESITE_VALUE%,0,"http://ie.search.msn.com/" [DeleteTemplates.reg] HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","5" HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","6" HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","7" HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","8" HKLM,"Software\Microsoft\Internet Explorer\Main\UrlTemplate","9" [Strings] START_PAGE_URL = "http://www.microsoft.com/windows/ie_intl/cn/start/" SEARCH_PAGE_URL = "http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" SAFESITE_VALUE = "ie.search.msn.com" ; IMPORTANT NOTE: ; IE branding dll (iedkcs32.dll) uses the following entries to restore the default MS values. ; In the vanilla version of IE, the values must be the same as their corresponding non MS_ values. ; For example, START_PAGE_URL and MS_START_PAGE_URL must have the same URL in the IE version released by MS. MS_START_PAGE_URL = "http://www.microsoft.com/windows/ie_intl/cn/start/"
无奈啊老中病毒强壮不惑狮帖子:926 注册: 2004-09-28 来自:

魔法学徒卡卡技术团队帖子:11465 注册: 2004-10-03 来自:	发表于： 2006-02-03 13:28 \| 短消息资料字号：小中大 5楼建议使用恶意软件清理助手卸载很棒通行证
魔法学徒卡卡技术团队帖子:11465 注册: 2004-10-03 来自:

无奈啊老中病毒强壮不惑狮帖子:926 注册: 2004-09-28 来自:	发表于： 2006-02-04 04:40 \| 只看楼主短消息资料字号：小中大 6楼哪里下啊?
无奈啊老中病毒强壮不惑狮帖子:926 注册: 2004-09-28 来自:

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT