1   1  /  1  页   跳转

中毒了,大家帮帮给看看。

收藏
leemagic
头像
初生襁褓狮
  • 帖子:97
  • 注册: 2005-11-06
  • 来自:
发表于: 2006-09-05 13:54 | 只看楼主 短消息 资料
字号: 1楼

中毒了,大家帮帮给看看。

最近机器特别慢,大家费心给看看,谢谢。



Logfile of HijackThis v1.99.1
Scan saved at 13:35:59, on 2006-9-5
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
C:\Program Files\Rising\Rav\Ravmond.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Rising\Rav\RavStub.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\drivers\CDAC11BA.EXE
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\snmp.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Rising\Rav\Ravmon.exe
C:\WINNT\system32\internat.exe
C:\Program Files\ipmsg.exe
C:\Documents and Settings\ljc\桌面\HijackThis\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: 66.197.186.149 www.hinet.net
O1 - Hosts: 66.197.186.149 www.pchome.com.tw
O1 - Hosts: 66.197.186.149 www.msn.com.tw
O1 - Hosts: 66.197.186.149 www.yam.com
O1 - Hosts: 66.197.186.149 www.google.com.tw
O1 - Hosts: 66.197.186.149 www.gamer.com.tw
O1 - Hosts: 66.197.186.149 www.taiwankiss.com
O1 - Hosts: 66.197.186.149 www.sina.com.tw
O1 - Hosts: 66.197.186.149 www.so-net.net.tw
O1 - Hosts: 66.197.186.149 www.uhome.net
O1 - Hosts: 66.197.186.149 www.gamania.com
O1 - Hosts: 66.197.186.149 www.104.com.tw
O1 - Hosts: 66.197.186.149 www.tp.edu.tw
O1 - Hosts: 66.197.186.149 www.seed.net.tw
O1 - Hosts: 66.197.186.149 www.tw18.com
O1 - Hosts: 66.197.186.149 www.gamebase.com.tw
O1 - Hosts: 66.197.186.149 www.hello.com.tw
O1 - Hosts: 66.197.186.149 www.taiwandns.com
O1 - Hosts: 66.197.186.149 www.ithome.com.tw
O1 - Hosts: 66.197.186.149 www.cartoonnetwork.com.tw
O1 - Hosts: 66.197.186.149 bubble.com.tw
O1 - Hosts: 66.197.186.149 tw.ebay.com
O1 - Hosts: 66.197.186.149 www.microsoft.com
O1 - Hosts: 66.197.186.149 www.oc-gamer.com
O1 - Hosts: 66.197.186.149 www.igame.com.tw
O1 - Hosts: 66.197.186.149 www.funtown.com.tw
O1 - Hosts: 66.197.186.149 www.softstar.com.tw
O1 - Hosts: 66.197.186.149 service.gamania.com
O1 - Hosts: 66.197.186.149 www.gamezone.idv.tw
O1 - Hosts: 66.197.186.149 www.ggame.com.tw
O1 - Hosts: 66.197.186.149 www.gamestation.com.tw
O1 - Hosts: 66.197.186.149 www.lineage2.com.tw
O1 - Hosts: 66.197.186.149 tw.games.yahoo.com
O1 - Hosts: 66.197.186.149 www.iogc.com.tw
O1 - Hosts: 66.197.186.149 www.transakt.com.tw
O1 - Hosts: 66.197.186.149 www.softking.com.tw
O1 - Hosts: 66.197.186.149 groups.msn.com
O1 - Hosts: 66.197.186.149 www.mofa.com.tw
O1 - Hosts: 66.197.186.149 dir.pchome.com.tw
O1 - Hosts: 66.197.186.149 www.sa.game.tw
O1 - Hosts: 66.197.186.149 www.books.com.tw
O1 - Hosts: 66.197.186.149 www.gamemaster.com
O1 - Hosts: 66.197.186.149 www.newspace.com.tw
O1 - Hosts: 66.197.186.149 www.e-box.net.tw
O1 - Hosts: 66.197.186.149 gnn.gamer.com.tw
O1 - Hosts: 66.197.186.149 pc.gamebase.com.tw
O1 - Hosts: 66.197.186.149 twbbs.net.tw
O1 - Hosts: 66.197.186.149 www.twindex.com.tw
O1 - Hosts: 66.197.186.149 www.t2t.com.tw
O1 - Hosts: 66.197.186.149 www.girl-tw.com
O1 - Hosts: 66.197.186.149 www.sogi.com.tw
O1 - Hosts: 66.197.186.149 hdvd.com.tw
O1 - Hosts: 66.197.186.149 cgi.tw.ebay.com
O1 - Hosts: 66.197.186.149 movie.kingnet.com.tw
O1 - Hosts: 66.197.186.149 www.atmovies.com.tw
O1 - Hosts: 66.197.186.149 www.movie.com.tw
O1 - Hosts: 66.197.186.149 www.kokoro.com.tw
O1 - Hosts: 66.197.186.149 www.twgirls.net
O1 - Hosts: 66.197.186.149 bbs.vips.com.tw
O1 - Hosts: 66.197.186.149 www.symantec.com
O1 - Hosts: 66.197.186.149 www.symantec.com.tw
O1 - Hosts: 66.197.186.149 liveupdate.symantecliveupdate.com
O2 - BHO: 金山超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\Program Files\Kingsoft\PowerWord 2006\BaiduBar.dll (file missing)
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: 金山超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\Program Files\Kingsoft\PowerWord 2006\BaiduBar.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [IMSCMIG40W] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40W\IMSCMIG.EXE /SetPreload /Log
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe"  -lang 1033
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKCU\..\Run: [Internat.exe] internat.exe
O4 - HKCU\..\Run: [Tok-Cirrhatus-1596] "C:\Documents and Settings\ljc\Local Settings\Application Data\br4215on.exe"
O4 - HKCU\..\Run: [DrvMon.exe] C:\WINNT\system32\DrvMon.exe
O4 - Startup: 飞鸽传书.lnk = C:\Program Files\ipmsg.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: 百度-搜索MP3 - res://C:\Program Files\Kingsoft\PowerWord 2006\BaiduBar.dll/BAIDUMP3.HTM
O8 - Extra context menu item: 百度-搜索图片 - res://C:\Program Files\Kingsoft\PowerWord 2006\BaiduBar.dll/BAIDUIMG.HTM
O8 - Extra context menu item: 百度-搜索新闻 - res://C:\Program Files\Kingsoft\PowerWord 2006\BaiduBar.dll/BAIDUNEWS.HTM
O8 - Extra context menu item: 百度-搜索歌词 - res://C:\Program Files\Kingsoft\PowerWord 2006\BaiduBar.dll/BAIDULYRIC.HTM
O8 - Extra context menu item: 百度-搜索网页 - res://C:\Program Files\Kingsoft\PowerWord 2006\BaiduBar.dll/BAIDUSEARCH.HTM
O8 - Extra context menu item: 百度-搜索贴吧 - res://C:\Program Files\Kingsoft\PowerWord 2006\BaiduBar.dll/BAIDUPOST.HTM
O8 - Extra context menu item: 百度-词典搜索 - res://C:\Program Files\Kingsoft\PowerWord 2006\BaiduBar.dll/BAIDU_DIC.HTM
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINNT\system32\drivers\CDAC11BA.EXE
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe

最后编辑2006-09-05 13:54:02
分享到:
gototop
 
mopery
头像
卡卡技术团队
  • 帖子:17737
  • 注册: 2005-12-06
  • 来自:New York
卡卡名人堂论坛9周年纪念
发表于: 2006-09-05 14:02 | 短消息 资料
字号: 2楼

修复 所有01项
修复 (file missing)结尾的....

修复
O4 - HKCU\..\Run: [DrvMon.exe] C:\WINNT\system32\DrvMon.exe
O4 - Startup: 飞鸽传书.lnk = C:\Program Files\ipmsg.exe
删除
C:\WINNT\system32\DrvMon.exe
C:\Program Files\ipmsg.exe
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT