急!!我的电脑中毒严重,请各位高手帮我看看!

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛急!!我的电脑中毒严重,请各位高手帮我看看!

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1 / 1 页

跳转页

bayernfcb 初生襁褓狮帖子:3 注册: 2006-11-12 来自:	发表于： 2006-11-12 21:21 \| 只看楼主短消息资料字号：小中大 1楼急!!我的电脑中毒严重,请各位高手帮我看看! Logfile of HijackThis v1.99.1 Scan saved at 21:03:12, on 2006-11-12 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Rising\Rav\CCenter.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Rising\Rav\Ravmond.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Rising\Rav\RavStub.exe C:\WINDOWS\SYSTEM32\RUNDLLFROMWIN2000.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe c:\windows\system32\wbem\lsass.exe C:\WINDOWS\Mixer.exe C:\Program Files\Rising\Rav\RavTask.exe C:\Program Files\Rising\Rav\Ravmon.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Common Files\Microsoft Shared\MSINFO\svchost.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Maxthon\Max.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\progra~1\intern~1\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\Microsoft Shared\MSINFO\Sysreme.exe C:\DOCUME~1\new\LOCALS~1\Temp\Rar$EX03.024\HijackThis.exe F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe O1 - Hosts: 222.88.90.22 www.4199.com O1 - Hosts: 222.88.90.22 4199.com O1 - Hosts: 222.88.90.22 www.9505.com O1 - Hosts: 222.88.90.22 9505.com O1 - Hosts: 222.88.90.22 7939.com O1 - Hosts: 222.88.90.22 www.7939.com O1 - Hosts: 222.88.90.22 www.3448.com O1 - Hosts: .72g.com O1 - Hosts: 203.171.236.215 www.muchina.com O1 - Hosts: 203.171.236.215 xyq.163.com O1 - Hosts: 203.171.236.215 xy2.163.com O1 - Hosts: 203.171.236.215 www.the9.com O1 - Hosts: 203.171.236.215 www.5173.com O1 - Hosts: 203.171.236.215 www.tkgame.com O1 - Hosts: 59.34.197.239 www.baidu.com O1 - Hosts: 59.34.197.239 baidu.com O1 - Hosts: 59.34.197.239 www.sohu.com O1 - Hosts: 59.34.197.239 sohu.com O1 - Hosts: 59.34.197.239 www.sina.com O1 - Hosts: 59.34.197.239 sina.com O1 - Hosts: 59.34.197.239 www.sina.com.cn O1 - Hosts: 59.34.197.239 sina.com.cn O1 - Hosts: 59.34.197.239 www.163.com O1 - Hosts: 59.34.197.239 163.com O1 - Hosts: 59.34.197.239 www.google.com O1 - Hosts: 59.34.197.239 google.com O1 - Hosts: 59.34.197.239 www.qq.com O1 - Hosts: 59.34.197.239 qq.com O1 - Hosts: 59.34.197.239 www.hao123.com O1 - Hosts: 59.34.197.239 hao123.com O1 - Hosts: 59.34.197.239 ttlttt.com O1 - Hosts: 59.34.197.239 www.ddspn.com O2 - BHO: (no name) - {003169BC-AB68-482F-AEA6-B51A47BDDB83} - C:\WINDOWS\system32\ATIAngetser.dll (file missing) O2 - BHO: IEMonitor Class - {08A312BB-5409-49FC-9347-54BB7D069AC6} - C:\Program Files\DeskAdTop\deskipn.dll O2 - BHO: AdPopup - {11F09AFD-75AD-4E51-AB43-E09E9351CE16} - C:\Program Files\Common Files\CPUSH\cpush0.dll O2 - BHO: Google Bar - {12365484-96a1-6974-3269-123555124655} - C:\WINDOWS\system32\GoogleBar.dll O2 - BHO: MsXmlExObj Class - {449840D6-2E92-47B5-AED3-B03A41CE9CE4} - C:\WINDOWS\system32\MSXMLR~1.DLL O2 - BHO: Vision - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\mmsass~1.dll O2 - BHO: DabObj Class - {70D509DD-32A5-4E11-B9C1-865433C8443C} - C:\WINDOWS\system32\dabapi.dll O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll O2 - BHO: 360安全卫士 - {8C7A85DB-99B6-4477-B14B-28FC27766244} - C:\WINDOWS\system32\muuaokiv.dll O2 - BHO: (no name) - {930FD663-1720-4E8A-BC62-681A8BCEA428} - C:\WINDOWS\system32\adsnwer.dll (file missing) O2 - BHO: NewWeb Controller - {9ACEEE31-1440-471B-AA46-72B061FE7D61} - C:\WINDOWS\system32\SCIntruder.dll O2 - BHO: Spoolsv Class - {9C363D55-07D7-433d-A13E-D9C105202F6F} - C:\WINDOWS\system32\drivers\spoolsv.dll O2 - BHO: (no name) - {A878C4B6-640F-4C84-953F-31F38D9D4C80} - C:\WINDOWS\system32\ATSerioserar.dll O2 - BHO: (no name) - {A9930D97-9CF0-42A0-A10D-4F28836579D5} - C:\PROGRA~1\KuGoo3\KUGOO3~1.OCX O2 - BHO: conimehlp Class - {B10343BD-1DC6-442F-9BA2-D44C708CEE83} - C:\WINDOWS\system32\mskey32.dll (file missing) O2 - BHO: AssistII - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\PROGRA~1\3721\Assist\asbar.dll O2 - BHO: (no name) - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - (no file) O2 - BHO: Webacc - {CAC068F3-A608-406B-8581-458788A67694} - C:\WINDOWS\system32\svchost.dll (file missing) O2 - BHO: IEHlprObj Class - {DE7C3CF0-4B15-11D1-ABED-709549C10000} - C:\WINDOWS\POPNT.DLL O3 - Toolbar: BitComet工具栏 - {3F1ABCDB-A875-46c1-8345-B72A4567E486} - C:\Program Files\BitComet\BitCometBar\BitCometBar0.6.dll O3 - Toolbar: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\PROGRA~1\3721\Assist\asbar.dll O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system O4 - HKLM\..\Run: [dabrun] rundll32.exe "C:\WINDOWS\system32\dabapi.dll",Rundll32 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKLM\..\RunOnce: [RavStub] "C:\Program Files\Rising\Rav\ravstub.exe" /RUNONCE O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm O8 - Extra context menu item: &使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm O8 - Extra context menu item: >>彩信发送<< - res://C:\PROGRA~1\MMSASS~1\mmsass~1.dll/mms.htm O8 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\QQ2005\AddToNetDisk.htm O8 - Extra context menu item: 使用KuGoo3下载(&K) - C:\Program Files\KuGoo3\KuGoo3DownX.htm O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\QQ2005\AddEmotion.htm O9 - Extra button: 启动迅雷 - {0062C9BD-B349-40DE-91A0-755F37ACD559} - C:\Program Files\Thunder Network\Thunder\Thunder.exe O9 - Extra 'Tools' menuitem: 启动迅雷 - {0062C9BD-B349-40DE-91A0-755F37ACD559} - C:\Program Files\Thunder Network\Thunder\Thunder.exe O9 - Extra button: 微软 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.microsoft.com/china/index.htm (file missing) O9 - Extra button: (no name) - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\mmsass~1.dll O9 - Extra 'Tools' menuitem: 彩E精灵设置 - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\mmsass~1.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (Rising Web Scan Object) - http://download.rising.com.cn/register/pcver/autoupgradepad/pcver2006new/OL2006.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{F470AD61-2D15-4B81-81ED-BA9EA5B13D8F}: NameServer = 202.96.209.5 202.102.15.162 O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll O21 - SSODL: webwork - {4C611512-2C1D-44b2-A044-872AD2AD5A61} - C:\WINDOWS\webwork\webwork.dll O23 - Service: GrayPigeonfdgServe (GrayPigeondfgServe) - Unknown owner - C:\WINDOWS\G_Server2006.exe O23 - Service: guandan (guana) - Unknown owner - C:\WINDOWS\sys1.0.exe O23 - Service: Network System (NetSystem) - Unknown owner - C:\WINDOWS\system32\NetSystem.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe O23 - Service: Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe 2006-11-12 22:12:48.200000000
bayernfcb 初生襁褓狮帖子:3 注册: 2006-11-12 来自:	分享到：

baoheMM 快乐黄口狮帖子:293 注册: 2005-08-03 来自:	发表于： 2006-11-12 21:25 \| 短消息资料字号：小中大 2楼 O23 - Service: GrayPigeonfdgServe (GrayPigeondfgServe) - Unknown owner - C:\WINDOWS\G_Server2006.exe O23 - Service: guandan (guana) - Unknown owner - C:\WINDOWS\sys1.0.exe 新版灰鸽子重启按F8进入安全模式关闭服务：控制面板/管理工具/服务 /查找(GraypigeonServer) 或G_Server2006 右击→属性/启动类型/禁止/应用/停止/确定。或者运行系统配置实用程序，找到(GraypigeonServer) 或G_Server2006.exe ，去掉前面的勾（禁用）/应用/确定。运行注册表查找 G_Server2006 删除根键然后删除在你的C:\WINDOWS\文件夹找到四个文件 G_Server2006.DLL G_Server2006.exe G_Server2006hook.dll G_Server2006key.dll
baoheMM 快乐黄口狮帖子:293 注册: 2005-08-03 来自:

红夜鬼1 横据古稀狮帖子:8602 注册: 2006-10-18 来自:	发表于： 2006-11-12 21:38 \| 短消息资料字号：小中大 3楼结束进程后删除 C:\WINDOWS\SYSTEM32\RUNDLLFROMWIN2000.EXE C:\WINDOWS\Mixer.exe C:\Program Files\Common Files\Microsoft Shared\MSINFO\svchost.exe C:\progra~1\intern~1\iexplore.exe 运行Hijackthis，把下面的选中打上钩，修复 O1 - Hosts: 222.88.90.22 www.4199.com O1 - Hosts: 222.88.90.22 4199.com O1 - Hosts: 222.88.90.22 www.9505.com O1 - Hosts: 222.88.90.22 9505.com O1 - Hosts: 222.88.90.22 7939.com O1 - Hosts: 222.88.90.22 www.7939.com O1 - Hosts: 222.88.90.22 www.3448.com O1 - Hosts: .72g.com O1 - Hosts: 203.171.236.215 www.muchina.com O1 - Hosts: 203.171.236.215 xyq.163.com O1 - Hosts: 203.171.236.215 xy2.163.com O1 - Hosts: 203.171.236.215 www.the9.com O1 - Hosts: 203.171.236.215 www.5173.com O1 - Hosts: 203.171.236.215 www.tkgame.com O1 - Hosts: 59.34.197.239 www.baidu.com O1 - Hosts: 59.34.197.239 baidu.com O1 - Hosts: 59.34.197.239 www.sohu.com O1 - Hosts: 59.34.197.239 sohu.com O1 - Hosts: 59.34.197.239 www.sina.com O1 - Hosts: 59.34.197.239 sina.com O1 - Hosts: 59.34.197.239 www.sina.com.cn O1 - Hosts: 59.34.197.239 sina.com.cn O1 - Hosts: 59.34.197.239 www.163.com O1 - Hosts: 59.34.197.239 163.com O1 - Hosts: 59.34.197.239 www.google.com O1 - Hosts: 59.34.197.239 google.com O1 - Hosts: 59.34.197.239 www.qq.com O1 - Hosts: 59.34.197.239 qq.com O1 - Hosts: 59.34.197.239 www.hao123.com O1 - Hosts: 59.34.197.239 hao123.com O1 - Hosts: 59.34.197.239 ttlttt.com O1 - Hosts: 59.34.197.239 www.ddspn.com O2 - BHO: Spoolsv Class - {9C363D55-07D7-433d-A13E-D9C105202F6F} - C:\WINDOWS\system32\drivers\spoolsv.dll O2 - BHO: (no name) - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - (no file) O2 - BHO: Webacc - {CAC068F3-A608-406B-8581-458788A67694} - C:\WINDOWS\system32\svchost.dll (file missing) O2 - BHO: IEHlprObj Class - {DE7C3CF0-4B15-11D1-ABED-709549C10000} - C:\WINDOWS\POPNT.DLL 删除 C:\WINDOWS\POPNT.DLL C:\WINDOWS\system32\drivers\spoolsv.dll
红夜鬼1 横据古稀狮帖子:8602 注册: 2006-10-18 来自:

初生襁褓狮

帖子:3
注册: 2006-11-12
来自:

发表于： 2006-11-12 22:11 | 只看楼主 短消息资料

字号：小中大 4楼

引用:

【baoheMM的贴子】O23 - Service: GrayPigeonfdgServe (GrayPigeondfgServe) - Unknown owner - C:\WINDOWS\G_Server2006.exe
O23 - Service: guandan (guana) - Unknown owner - C:\WINDOWS\sys1.0.exe

新版灰鸽子
重启按F8进入安全模式

关闭服务：控制面板/管理工具/服务 /查找(GraypigeonServer) 或G_Server2006 右击→属性/启动类型/禁止/应用/停止/确定。
或者运行系统配置实用程序，找到(GraypigeonServer) 或G_Server2006.exe ，去掉前面的勾（禁用）/应用/确定。
运行注册表查找 G_Server2006 删除根键

然后删除在你的C:\WINDOWS\文件夹找到四个文件

G_Server2006.DLL
G_Server2006.exe
G_Server2006hook.dll
G_Server2006key.dll

………………

现在连安全模式也进入不了了!郁闷!!
进入安全模式就会出现蓝屏!
请问该怎么办了

初生襁褓狮

帖子:3
注册: 2006-11-12
来自:

发表于： 2006-11-12 22:12 | 只看楼主 短消息资料

字号：小中大 5楼

引用:

【红夜鬼1的贴子】结束进程后删除
C:\WINDOWS\SYSTEM32\RUNDLLFROMWIN2000.EXE
C:\WINDOWS\Mixer.exe
C:\Program Files\Common Files\Microsoft Shared\MSINFO\svchost.exe
C:\progra~1\intern~1\iexplore.exe

运行Hijackthis，把下面的选中打上钩，修复
O1 - Hosts: 222.88.90.22 www.4199.com
O1 - Hosts: 222.88.90.22 4199.com
O1 - Hosts: 222.88.90.22 www.9505.com
O1 - Hosts: 222.88.90.22 9505.com
O1 - Hosts: 222.88.90.22 7939.com
O1 - Hosts: 222.88.90.22 www.7939.com
O1 - Hosts: 222.88.90.22 www.3448.com
O1 - Hosts: .72g.com
O1 - Hosts: 203.171.236.215 www.muchina.com
O1 - Hosts: 203.171.236.215 xyq.163.com
O1 - Hosts: 203.171.236.215 xy2.163.com
O1 - Hosts: 203.171.236.215 www.the9.com
O1 - Hosts: 203.171.236.215 www.5173.com
O1 - Hosts: 203.171.236.215 www.tkgame.com
O1 - Hosts: 59.34.197.239 www.baidu.com
O1 - Hosts: 59.34.197.239 baidu.com
O1 - Hosts: 59.34.197.239 www.sohu.com
O1 - Hosts: 59.34.197.239 sohu.com
O1 - Hosts: 59.34.197.239 www.sina.com
O1 - Hosts: 59.34.197.239 sina.com
O1 - Hosts: 59.34.197.239 www.sina.com.cn
O1 - Hosts: 59.34.197.239 sina.com.cn
O1 - Hosts: 59.34.197.239 www.163.com
O1 - Hosts: 59.34.197.239 163.com
O1 - Hosts: 59.34.197.239 www.google.com
O1 - Hosts: 59.34.197.239 google.com
O1 - Hosts: 59.34.197.239 www.qq.com
O1 - Hosts: 59.34.197.239 qq.com
O1 - Hosts: 59.34.197.239 www.hao123.com
O1 - Hosts: 59.34.197.239 hao123.com
O1 - Hosts: 59.34.197.239 ttlttt.com
O1 - Hosts: 59.34.197.239 www.ddspn.com
O2 - BHO: Spoolsv Class - {9C363D55-07D7-433d-A13E-D9C105202F6F} - C:\WINDOWS\system32\drivers\spoolsv.dll
O2 - BHO: (no name) - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - (no file)
O2 - BHO: Webacc - {CAC068F3-A608-406B-8581-458788A67694} - C:\WINDOWS\system32\svchost.dll (file missing)
O2 - BHO: IEHlprObj Class - {DE7C3CF0-4B15-11D1-ABED-709549C10000} - C:\WINDOWS\POPNT.DLL
删除
C:\WINDOWS\POPNT.DLL
C:\WINDOWS\system32\drivers\spoolsv.dll

………………

修复不了啊

出现错误!~

<<上一主题|下一主题>>

1 / 1 页

跳转页

bayernfcb 初生襁褓狮帖子:3 注册: 2006-11-12 来自:	发表于： 2006-11-12 21:21 \| 只看楼主短消息资料字号：小中大 1楼急!!我的电脑中毒严重,请各位高手帮我看看! Logfile of HijackThis v1.99.1 Scan saved at 21:03:12, on 2006-11-12 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Rising\Rav\CCenter.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Rising\Rav\Ravmond.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Rising\Rav\RavStub.exe C:\WINDOWS\SYSTEM32\RUNDLLFROMWIN2000.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe c:\windows\system32\wbem\lsass.exe C:\WINDOWS\Mixer.exe C:\Program Files\Rising\Rav\RavTask.exe C:\Program Files\Rising\Rav\Ravmon.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Common Files\Microsoft Shared\MSINFO\svchost.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Maxthon\Max.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\progra~1\intern~1\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\Microsoft Shared\MSINFO\Sysreme.exe C:\DOCUME~1\new\LOCALS~1\Temp\Rar$EX03.024\HijackThis.exe F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe O1 - Hosts: 222.88.90.22 www.4199.com O1 - Hosts: 222.88.90.22 4199.com O1 - Hosts: 222.88.90.22 www.9505.com O1 - Hosts: 222.88.90.22 9505.com O1 - Hosts: 222.88.90.22 7939.com O1 - Hosts: 222.88.90.22 www.7939.com O1 - Hosts: 222.88.90.22 www.3448.com O1 - Hosts: .72g.com O1 - Hosts: 203.171.236.215 www.muchina.com O1 - Hosts: 203.171.236.215 xyq.163.com O1 - Hosts: 203.171.236.215 xy2.163.com O1 - Hosts: 203.171.236.215 www.the9.com O1 - Hosts: 203.171.236.215 www.5173.com O1 - Hosts: 203.171.236.215 www.tkgame.com O1 - Hosts: 59.34.197.239 www.baidu.com O1 - Hosts: 59.34.197.239 baidu.com O1 - Hosts: 59.34.197.239 www.sohu.com O1 - Hosts: 59.34.197.239 sohu.com O1 - Hosts: 59.34.197.239 www.sina.com O1 - Hosts: 59.34.197.239 sina.com O1 - Hosts: 59.34.197.239 www.sina.com.cn O1 - Hosts: 59.34.197.239 sina.com.cn O1 - Hosts: 59.34.197.239 www.163.com O1 - Hosts: 59.34.197.239 163.com O1 - Hosts: 59.34.197.239 www.google.com O1 - Hosts: 59.34.197.239 google.com O1 - Hosts: 59.34.197.239 www.qq.com O1 - Hosts: 59.34.197.239 qq.com O1 - Hosts: 59.34.197.239 www.hao123.com O1 - Hosts: 59.34.197.239 hao123.com O1 - Hosts: 59.34.197.239 ttlttt.com O1 - Hosts: 59.34.197.239 www.ddspn.com O2 - BHO: (no name) - {003169BC-AB68-482F-AEA6-B51A47BDDB83} - C:\WINDOWS\system32\ATIAngetser.dll (file missing) O2 - BHO: IEMonitor Class - {08A312BB-5409-49FC-9347-54BB7D069AC6} - C:\Program Files\DeskAdTop\deskipn.dll O2 - BHO: AdPopup - {11F09AFD-75AD-4E51-AB43-E09E9351CE16} - C:\Program Files\Common Files\CPUSH\cpush0.dll O2 - BHO: Google Bar - {12365484-96a1-6974-3269-123555124655} - C:\WINDOWS\system32\GoogleBar.dll O2 - BHO: MsXmlExObj Class - {449840D6-2E92-47B5-AED3-B03A41CE9CE4} - C:\WINDOWS\system32\MSXMLR~1.DLL O2 - BHO: Vision - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\mmsass~1.dll O2 - BHO: DabObj Class - {70D509DD-32A5-4E11-B9C1-865433C8443C} - C:\WINDOWS\system32\dabapi.dll O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll O2 - BHO: 360安全卫士 - {8C7A85DB-99B6-4477-B14B-28FC27766244} - C:\WINDOWS\system32\muuaokiv.dll O2 - BHO: (no name) - {930FD663-1720-4E8A-BC62-681A8BCEA428} - C:\WINDOWS\system32\adsnwer.dll (file missing) O2 - BHO: NewWeb Controller - {9ACEEE31-1440-471B-AA46-72B061FE7D61} - C:\WINDOWS\system32\SCIntruder.dll O2 - BHO: Spoolsv Class - {9C363D55-07D7-433d-A13E-D9C105202F6F} - C:\WINDOWS\system32\drivers\spoolsv.dll O2 - BHO: (no name) - {A878C4B6-640F-4C84-953F-31F38D9D4C80} - C:\WINDOWS\system32\ATSerioserar.dll O2 - BHO: (no name) - {A9930D97-9CF0-42A0-A10D-4F28836579D5} - C:\PROGRA~1\KuGoo3\KUGOO3~1.OCX O2 - BHO: conimehlp Class - {B10343BD-1DC6-442F-9BA2-D44C708CEE83} - C:\WINDOWS\system32\mskey32.dll (file missing) O2 - BHO: AssistII - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\PROGRA~1\3721\Assist\asbar.dll O2 - BHO: (no name) - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - (no file) O2 - BHO: Webacc - {CAC068F3-A608-406B-8581-458788A67694} - C:\WINDOWS\system32\svchost.dll (file missing) O2 - BHO: IEHlprObj Class - {DE7C3CF0-4B15-11D1-ABED-709549C10000} - C:\WINDOWS\POPNT.DLL O3 - Toolbar: BitComet工具栏 - {3F1ABCDB-A875-46c1-8345-B72A4567E486} - C:\Program Files\BitComet\BitCometBar\BitCometBar0.6.dll O3 - Toolbar: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\PROGRA~1\3721\Assist\asbar.dll O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system O4 - HKLM\..\Run: [dabrun] rundll32.exe "C:\WINDOWS\system32\dabapi.dll",Rundll32 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKLM\..\RunOnce: [RavStub] "C:\Program Files\Rising\Rav\ravstub.exe" /RUNONCE O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm O8 - Extra context menu item: &使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm O8 - Extra context menu item: >>彩信发送<< - res://C:\PROGRA~1\MMSASS~1\mmsass~1.dll/mms.htm O8 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\QQ2005\AddToNetDisk.htm O8 - Extra context menu item: 使用KuGoo3下载(&K) - C:\Program Files\KuGoo3\KuGoo3DownX.htm O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\QQ2005\AddEmotion.htm O9 - Extra button: 启动迅雷 - {0062C9BD-B349-40DE-91A0-755F37ACD559} - C:\Program Files\Thunder Network\Thunder\Thunder.exe O9 - Extra 'Tools' menuitem: 启动迅雷 - {0062C9BD-B349-40DE-91A0-755F37ACD559} - C:\Program Files\Thunder Network\Thunder\Thunder.exe O9 - Extra button: 微软 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.microsoft.com/china/index.htm (file missing) O9 - Extra button: (no name) - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\mmsass~1.dll O9 - Extra 'Tools' menuitem: 彩E精灵设置 - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\mmsass~1.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (Rising Web Scan Object) - http://download.rising.com.cn/register/pcver/autoupgradepad/pcver2006new/OL2006.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{F470AD61-2D15-4B81-81ED-BA9EA5B13D8F}: NameServer = 202.96.209.5 202.102.15.162 O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll O21 - SSODL: webwork - {4C611512-2C1D-44b2-A044-872AD2AD5A61} - C:\WINDOWS\webwork\webwork.dll O23 - Service: GrayPigeonfdgServe (GrayPigeondfgServe) - Unknown owner - C:\WINDOWS\G_Server2006.exe O23 - Service: guandan (guana) - Unknown owner - C:\WINDOWS\sys1.0.exe O23 - Service: Network System (NetSystem) - Unknown owner - C:\WINDOWS\system32\NetSystem.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe O23 - Service: Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe 2006-11-12 22:12:48.200000000
bayernfcb 初生襁褓狮帖子:3 注册: 2006-11-12 来自:	分享到：

瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 急!!我的电脑中毒严重,请各位高手帮我看看!

急!!我的电脑中毒严重,请各位高手帮我看看!

急!!我的电脑中毒严重,请各位高手帮我看看!

瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛急!!我的电脑中毒严重,请各位高手帮我看看!