瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 大家看看我的HijackThis.log 看我人IE被什么绑架了。。。

1   1  /  1  页   跳转

大家看看我的HijackThis.log 看我人IE被什么绑架了。。。

收藏
晓笑东风
头像
初生襁褓狮
  • 帖子:3
  • 注册: 2005-10-11
  • 来自:
发表于: 2005-11-25 09:52 | 显示全部 短消息 资料
字号: 1楼

大家看看我的HijackThis.log 看我人IE被什么绑架了。。。

Logfile of HijackThis v1.99.1
Scan saved at 9:41:05, on 2005-11-25
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\JJOL\IME\JJSvr.EXE
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\System32\taskmgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\regedit.exe
C:\Documents and Settings\Yamaru\桌面\hijackthis\HijackThis.exe

O1 - Hosts: 61.129.15.77 popme.163.com
O1 - Hosts: 61.129.15.77 www.xk99.com
O1 - Hosts: 61.129.15.77 www.006.net
O1 - Hosts: 61.129.15.77 006.net
O1 - Hosts: 61.129.15.77 www.cmfu.com
O1 - Hosts: 61.129.15.77 www.free120.com
O1 - Hosts: 61.129.15.77 www.4577.com
O1 - Hosts: 61.129.15.77 www.9617.com
O1 - Hosts: 61.129.15.77 www.fjwz.com
O1 - Hosts: 61.129.15.77 partner.cpc.sohu.com
O1 - Hosts: 61.129.15.77 ad4.sina.com.cn
O1 - Hosts: 61.129.15.77 music.17o8.comer.cpc.sohu.com
O1 - Hosts: 61.129.15.77 ad.tom.com
O1 - Hosts: 61.129.15.77 search.union.3721.com
O1 - Hosts: 61.129.15.77 post.baidu.com
O1 - Hosts: 61.129.15.77 mp3.baidu.com
O1 - Hosts: 61.129.15.77 image.baidu.com
O1 - Hosts: 61.129.15.77 site.google.com
O1 - Hosts: 61.129.15.77 flash.baidu.com
O1 - Hosts: 61.129.15.77 assistant.3721.com
O1 - Hosts: 61.129.15.77 pfp.sina.com.cn
O1 - Hosts: 61.129.15.77 cn.websearch.yahoo.com
O1 - Hosts: 61.129.15.77 sms.qq.com
O1 - Hosts: 61.129.15.77 www.qq.com
O1 - Hosts: 61.129.15.77 partner.lead2.com.cn
O1 - Hosts: 61.129.15.77 ad.cn.doubleclick.net
O1 - Hosts: 61.129.15.77 auto.search.msn.com
O1 - Hosts: 61.129.15.77 www.ourgame.com
O1 - Hosts: 61.129.15.77 www.the9.com
O1 - Hosts: 61.129.15.77 www.flashempire.com
O1 - Hosts: 61.129.15.77 www.qq163.com
O1 - Hosts: 61.129.15.77 www.9sky.com
O1 - Hosts: 61.129.15.77 www.tom-1.com
O1 - Hosts: 61.129.15.77 www.17173.com
O1 - Hosts: 61.129.15.77 www.yaotou.com
O1 - Hosts: 61.129.15.77 union.3721.com
O1 - Hosts: 61.129.15.77 music.feifa.com
O1 - Hosts: 61.129.15.77 www.vodfans.com
O1 - Hosts: 61.129.15.77 www.sogua.com
O1 - Hosts: 61.129.15.77 fm974.tom.com
O1 - Hosts: 61.129.15.77 ent.tom.com
O1 - Hosts: 61.129.15.77 music.tyfo.com
O1 - Hosts: 61.129.15.77 www.wanwa.com
O1 - Hosts: 61.129.15.77 www.guang.org
O1 - Hosts: 61.129.15.77 www.wz.zj.cn
O1 - Hosts: 61.129.15.77 www.3189.net
O1 - Hosts: 61.129.15.77 music.17o8.com
O1 - Hosts: 61.129.15.77 www.99music.net
O1 - Hosts: 61.129.15.77 www.cococ.com
O1 - Hosts: 61.129.15.77 www.qqqq.cn
O1 - Hosts: 61.129.15.77 www.bnb.com.cn
O1 - Hosts: 61.129.15.77 www.z163.com
O1 - Hosts: 61.129.15.77 game.163.com
O1 - Hosts: 61.129.15.77 games.sina.com.cn
O1 - Hosts: 61.129.15.77 www.v111.com
O1 - Hosts: 61.129.15.77 music.v111.com
O1 - Hosts: 61.129.15.77 www.3tom.com
O1 - Hosts: 61.129.15.77 www.xkqq.com
O1 - Hosts: 61.129.15.77 www.verymp3.com
O1 - Hosts: 61.129.15.77 www.91look.com
O1 - Hosts: 61.129.15.77 www.168101.com
O1 - Hosts: 61.129.15.77 www.cmfu.com
O1 - Hosts: 61.129.15.77 www.woogood.com
O1 - Hosts: 61.129.15.77 www.haodx.com
O1 - Hosts: 61.129.15.77 www.yingku.com
O1 - Hosts: 61.129.15.77 www.flash51.com
O1 - Hosts: 61.129.15.77 www.17haha.com
O1 - Hosts: 61.129.15.77 www.432.cn
O1 - Hosts: 61.129.15.77 www.cnxp.com
O1 - Hosts: 61.129.15.77 www.hjsm.net
O1 - Hosts: 61.129.15.77 music.8wa.com
O1 - Hosts: 61.129.15.77 www.66vv.com
O1 - Hosts: 61.129.15.77 www.musicfbi.com
O1 - Hosts: 61.129.15.77 www.vv66.com
O1 - Hosts: 61.129.15.77 www.139mm.com
O1 - Hosts: 61.129.15.77 www.130wg.com
O1 - Hosts: 61.129.15.77 www.flashsea.com
O1 - Hosts: 61.129.15.77 movie.59178.com
O1 - Hosts: 61.129.15.77 www.wo123.com
O1 - Hosts: 61.129.15.77 www.1ya.cn
O1 - Hosts: 61.129.15.77 www.happy8.cn
O1 - Hosts: 61.129.15.77 www.s6.cn
O1 - Hosts: 61.129.15.77 www.hao123.com
O1 - Hosts: 61.129.15.77 www.qqee.com
O1 - Hosts: 61.129.15.77 imgu.21cn.com
O1 - Hosts: 61.129.15.77 www.sohu123.com
O1 - Hosts: 61.129.15.77 www.chinamp3.com
O1 - Hosts: 61.129.15.77 www.18z.net
O1 - Hosts: 61.129.15.77 www.ssxs.com
O1 - Hosts: 61.129.15.77 www.fjwz.net
O1 - Hosts: 61.129.15.77 www.wo365.com
O1 - Hosts: 61.129.15.77 www.zhao99.com
O1 - Hosts: 61.129.15.77 www.cn808.net
O1 - Hosts: 61.129.15.77 www.tt55.net
O1 - Hosts: 61.129.15.77 www.mp3tt.com
O1 - Hosts: 61.129.15.77 www.yi5.com
O1 - Hosts: 61.129.15.77 www.haozs.com
O1 - Hosts: 61.129.15.77 www.77ttt.com
O1 - Hosts: 61.129.15.77 www.77xi.com
O1 - Hosts: 61.129.15.77 13258.com
O1 - Hosts: 61.129.15.77 www.13258.com
O2 - BHO: Infofo 工具栏 - {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} - C:\Program Files\Infofo Bar\infofobar.dll
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - d:\PROGRA~1\Kingsoft\FastAIT\IEBand.dll
O3 - Toolbar: Infofo 工具栏 - {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} - C:\Program Files\Infofo Bar\infofobar.dll
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O16 - DPF: {1F831FA1-42FC-11D4-95A6-0080AD30DCE1} (InstaFred) - file://D:\Program Files\AutoCAD 2002\InstFred.ocx
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday 控件) - file://D:\Program Files\AutoCAD 2002\AcDcToday.ocx
O16 - DPF: {AE563722-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://D:\Program Files\AutoCAD 2002\InstBanr.ocx
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview 控件) - file://D:\Program Files\AutoCAD 2002\AcPreview.ocx
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: cdl - {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL
O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\System32\msvidctl.dll
O18 - Protocol: file - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ftp - {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: gopher - {79EAC9E4-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: http - {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: https - {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ipp - (no CLSID) - (no file)
O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\System32\msvidctl.dll
O18 - Protocol: local - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: mailto - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11D0-85E3-00C04FD85AB4} - C:\WINDOWS\System32\inetcomm.dll
O18 - Protocol: mk - {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll
O18 - Protocol: msdaipp - (no CLSID) - (no file)
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\System32\msvidctl.dll
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\System32\msdxm.ocx
O18 - Protocol: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\System32\wiascr.dll
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe

最后编辑2005-11-25 12:21:14
分享到:
gototop
 
晓笑东风
头像
初生襁褓狮
  • 帖子:3
  • 注册: 2005-10-11
  • 来自:
发表于: 2005-11-25 11:23 | 显示全部 短消息 资料
字号: 2楼

原来有个怀复呵呵
gototop
 
晓笑东风
头像
初生襁褓狮
  • 帖子:3
  • 注册: 2005-10-11
  • 来自:
发表于: 2005-11-25 11:27 | 显示全部 短消息 资料
字号: 3楼

Logfile of HijackThis v1.99.1
Scan saved at 11:26:54, on 2005-11-25
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\JJOL\IME\JJSvr.EXE
C:\WINDOWS\System32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Tencent\qq\QQ.exe
C:\Program Files\Tencent\qq\TIMPlatform.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Yamaru\桌面\hijackthis\HijackThis.exe

O2 - BHO: Infofo 工具栏 - {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} - C:\Program Files\Infofo Bar\infofobar.dll
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - d:\PROGRA~1\Kingsoft\FastAIT\IEBand.dll
O3 - Toolbar: Infofo 工具栏 - {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} - C:\Program Files\Infofo Bar\infofobar.dll
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: 导出到 Microsoft Excel(&x) - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O16 - DPF: {1F831FA1-42FC-11D4-95A6-0080AD30DCE1} (InstaFred) - file://D:\Program Files\AutoCAD 2002\InstFred.ocx
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday 控件) - file://D:\Program Files\AutoCAD 2002\AcDcToday.ocx
O16 - DPF: {AE563722-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://D:\Program Files\AutoCAD 2002\InstBanr.ocx
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview 控件) - file://D:\Program Files\AutoCAD 2002\AcPreview.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{3945DE0F-57EC-403D-BC90-D6BA18C2C1D6}: NameServer = 202.96.209.6,202.96.209.133
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: cdl - {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL
O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\System32\msvidctl.dll
O18 - Protocol: file - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ftp - {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: gopher - {79EAC9E4-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: http - {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: https - {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ipp - (no CLSID) - (no file)
O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\System32\msvidctl.dll
O18 - Protocol: local - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: mailto - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11D0-85E3-00C04FD85AB4} - C:\WINDOWS\System32\inetcomm.dll
O18 - Protocol: mk - {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll
O18 - Protocol: msdaipp - (no CLSID) - (no file)
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\System32\msvidctl.dll
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\System32\msdxm.ocx
O18 - Protocol: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\System32\wiascr.dll
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT