瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 版主哥哥请您过来看一下 小弟急死了

1   1  /  1  页   跳转

版主哥哥请您过来看一下 小弟急死了

收藏
骑着小猪压马路
头像
初生襁褓狮
  • 帖子:139
  • 注册: 2005-10-10
  • 来自:
发表于: 2006-01-09 20:36 | 显示全部 短消息 资料
字号: 1楼

版主哥哥请您过来看一下 小弟急死了

我的IE浏览器一上网站就抱错说什么发送不发送..
一上就出错
我都无奈了
我怀疑中毒了 用木马克星扫了一下 提示我这个吖
C:\WINDOWS\SYSTEM32\CDCD.SYS发现无效的系统服务,请在注册表删除
C:\WINDOWS\SYSTEM32\CDCD.SYS发现无效的系统服务,请在注册表删除
这是什么啊 哥哥 怎样才能找到他的注册表呢 ??
哥哥请帮忙吖
最后编辑2006-01-09 22:48:07
分享到:
gototop
 
骑着小猪压马路
头像
初生襁褓狮
  • 帖子:139
  • 注册: 2005-10-10
  • 来自:
发表于: 2006-01-09 21:00 | 显示全部 短消息 资料
字号: 2楼

Logfile of HijackThis v1.99.1
Scan saved at 20:59:14, on 2006-1-9
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Rising\Rfw\rfwmain.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Founder\Emergency Center\Hotkey.exe
C:\Program Files\Rising\Rfw\rfwsrv.exe
D:\QQ\QQ.exe
D:\QQ\TIMPlatform.exe
D:\QQ\QQ.exe
C:\Program Files\Rising\Rav\Ravmond.exe
C:\Program Files\Rising\Rav\RAVMON.EXE
C:\Program Files\Rising\Rav\RavStub.exe
C:\WINDOWS\System32\conime.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\刷日志的东西\526644200582224542\HijackThis\HijackThis.exe

O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\System32\xunleibho_v8.dll
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O8 - Extra context menu item: &使用迅雷下载 - F:\xunlei\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - F:\xunlei\getallurl.htm
O14 - IERESET.INF: START_PAGE_URL=http://www.foundertech.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{7B1FD3DE-30CE-47CA-8887-739BAC7BCBFE}: NameServer = 202.99.160.68 202.99.168.8
O20 - AppInit_DLLs: APIHookDll.dll
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe
O23 - Service: Sysbak hotkey Server (Sysbak_hotkey_Server) - Unknown owner - C:\Program Files\Founder\Emergency Center\Hotkey.exe
日志 哥哥帮忙看下拉
gototop
 
骑着小猪压马路
头像
初生襁褓狮
  • 帖子:139
  • 注册: 2005-10-10
  • 来自:
发表于: 2006-01-09 21:15 | 显示全部 短消息 资料
字号: 3楼

天天泡泡哥哥那我怎么办吖
我已经按照那为哥哥的方法把那个注册表删了
那个哥哥的方法对吗??
哥哥请你帮我 偶都快哭了
买电脑不到3月就出先这种问题
55555555555555555
哥哥帮帮小弟 谢谢您了
gototop
 
骑着小猪压马路
头像
初生襁褓狮
  • 帖子:139
  • 注册: 2005-10-10
  • 来自:
发表于: 2006-01-09 21:29 | 显示全部 短消息 资料
字号: 4楼

baohe哥哥你说的软件我都不懂 您告诉我在那里下载好吗?
请问在那里下载啊
谢谢您了
gototop
 
骑着小猪压马路
头像
初生襁褓狮
  • 帖子:139
  • 注册: 2005-10-10
  • 来自:
发表于: 2006-01-09 21:47 | 显示全部 短消息 资料
字号: 5楼

baohe哥哥 偶不会使吖...
看了半天这个软件相关的用法 不知道用什么放发 给你把帖子铁上来
在说了 偶看他们的图片都那么大
可是我的却很小 而且很模糊的
gototop
 
骑着小猪压马路
头像
初生襁褓狮
  • 帖子:139
  • 注册: 2005-10-10
  • 来自:
发表于: 2006-01-09 22:07 | 显示全部 短消息 资料
字号: 6楼

哥哥文件太多了
也打不了包
先给你一部分看
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit           

+ C:\WINDOWS\system32\userinit.exe    Userinit Logon Application    Microsoft Corporation    c:\windows\system32\userinit.exe

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell           

+ Explorer.exe    Windows Explorer    Microsoft Corporation    c:\windows\explorer.exe

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run           

+ ATIModeChange    ATI 2D Mode component    ATI Technologies, Inc.    c:\windows\system32\ati2mdxx.exe

+ ATIPTA    ATI Desktop Control Panel    ATI Technologies, Inc.    c:\program files\ati technologies\ati control panel\atiptaxx.exe

+ IMJPMIG8.1    Microsoft IME    Microsoft Corporation    c:\windows\ime\imjp8_1\imjpmig.exe

+ PHIME2002A    Intelligent IME version 2002a    Microsoft Corporation    c:\windows\system32\ime\tintlgnt\tintsetp.exe

+ PHIME2002ASync    Intelligent IME version 2002a    Microsoft Corporation    c:\windows\system32\ime\tintlgnt\tintsetp.exe

+ RavTask    RavTimer    Beijing Rising Technology Co., Ltd.    c:\program files\rising\rav\ravtask.exe

+ SoundMan    Realtek Sound Manager    Realtek Semiconductor Corp.    C:\WINDOWS\soundman.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run           

+ ctfmon.exe    CTF Loader    Microsoft Corporation    c:\windows\system32\ctfmon.exe

HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components           

+ Internet Explorer 6    IE 5.0 Per-User Install Utility    Microsoft Corporation    c:\windows\system32\ie4uinit.exe

+ Internet Explorer 访问    IOD Version Map    Microsoft Corporation    c:\windows\system32\iesetup.dll

+ Microsoft Outlook Express 6    Outlook Express Setup Library    Microsoft Corporation    c:\program files\outlook express\setup50.exe

+ Microsoft Windows Media Player 6.4    ADVPACK    Microsoft Corporation    c:\windows\system32\advpack.dll

+ Microsoft Windows Media Player 8    ADVPACK    Microsoft Corporation    c:\windows\system32\advpack.dll

+ NetMeeting 3.01    ADVPACK    Microsoft Corporation    c:\windows\system32\advpack.dll

+ Themes Setup    Microsoft(C) Register Server    Microsoft Corporation    c:\windows\system32\regsvr32.exe

+ Windows Messenger 4.0    ADVPACK    Microsoft Corporation    c:\windows\system32\advpack.dll

+ Windows 桌面更新    Microsoft(C) Register Server    Microsoft Corporation    c:\windows\system32\regsvr32.exe

+ 通讯簿 6    Outlook Express Setup Library    Microsoft Corporation    c:\program files\outlook express\setup50.exe

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler           

+ Browseui 预加载程序    Shell Browser UI Library    Microsoft Corporation    c:\windows\system32\browseui.dll

+ 组件类别缓存程序    Shell Browser UI Library    Microsoft Corporation    c:\windows\system32\browseui.dll

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad           

+ CDBurn    Windows Shell Common Dll    Microsoft Corporation    c:\windows\system32\shell32.dll

+ PostBootReminder    Windows Shell Common Dll    Microsoft Corporation    c:\windows\system32\shell32.dll

+ SysTray    Systray shell service object    Microsoft Corporation    c:\windows\system32\stobject.dll

+ WebCheck    Web Site Monitor    Microsoft Corporation    c:\windows\system32\webcheck.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks           

+ Rising Execute File Exts hook    Rising Shell Ext Module    Beijing Rising Technology Co., Ltd.    c:\windows\system32\ravext.dll

+ shell32.dll    Windows Shell Common Dll    Microsoft Corporation    c:\windows\system32\shell32.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved           

+ %DESC_PublishDropTarget%    Photo Printing Wizard    Microsoft Corporation    c:\windows\system32\photowiz.dll

+ .CAB file viewer    Cabinet File Viewer Shell Extension    Microsoft Corporation    c:\windows\system32\cabview.dll

+ ActiveX 高速缓存文件夹    Object Control Viewer    Microsoft Corporation    c:\windows\system32\occache.dll

+ Audio Media Properties Handler    Media File Property Extractor Shell Extension    Microsoft Corporation    c:\windows\system32\shmedia.dll

+ Auto Update Property Sheet Extension    Windows Update AutoUpdate Engine    Microsoft Corporation    c:\windows\system32\wuaueng.dll

+ Avi Properties Handler    Media File Property Extractor Shell Extension    Microsoft Corporation    c:\windows\system32\shmedia.dll

+ BandProxy    Shell Browser UI Library    Microsoft Corporation    c:\windows\system32\browseui.dll

+ CDF Extension Copy Hook    Shell Doc Object and Control Library    Microsoft Corporation    c:\windows\system32\shdocvw.dll

+ Channel Menu    Channel Definition File Viewer    Microsoft Corporation    c:\windows\system32\cdfview.dll

+ Channel Properties    Channel Definition File Viewer    Microsoft Corporation    c:\windows\system32\cdfview.dll

+ Code Download Agent    Web Site Monitor    Microsoft Corporation    c:\windows\system32\webcheck.dll
gototop
 
骑着小猪压马路
头像
初生襁褓狮
  • 帖子:139
  • 注册: 2005-10-10
  • 来自:
发表于: 2006-01-09 22:08 | 显示全部 短消息 资料
字号: 7楼



+ Compatibility PageCompatibility Tab Shell Extension DLLMicrosoft Corporationc:\windows\system32\slayerxp.dll

+ Compressed (zipped) Folder Right Drag HandlerCompressed (zipped) FoldersMicrosoft Corporationc:\windows\system32\zipfldr.dll

+ Compressed (zipped) Folder SendTo TargetCompressed (zipped) FoldersMicrosoft Corporationc:\windows\system32\zipfldr.dll

+ ConnectionAgentWeb Site MonitorMicrosoft Corporationc:\windows\system32\webcheck.dll

+ Crypto PKO ExtensionCrypto Shell ExtensionsMicrosoft Corporationc:\windows\system32\cryptext.dll

+ Crypto Sign ExtensionCrypto Shell ExtensionsMicrosoft Corporationc:\windows\system32\cryptext.dll

+ Darwin App PublisherShell Application ManagerMicrosoft Corporationc:\windows\system32\appwiz.cpl

+ DfsShellDistributed File System shell extensionMicrosoft Corporationc:\windows\system32\dfsshlex.dll

+ Directory Context Menu VerbsDirectory Service Common UIMicrosoft Corporationc:\windows\system32\dsuiext.dll

+ Directory Object FindDirectory Service FindMicrosoft Corporationc:\windows\system32\dsquery.dll

+ Directory Property UIDirectory Service Common UIMicrosoft Corporationc:\windows\system32\dsuiext.dll

+ Directory Query UIDirectory Service FindMicrosoft Corporationc:\windows\system32\dsquery.dll

+ Directory Start/Search FindDirectory Service FindMicrosoft Corporationc:\windows\system32\dsquery.dll

+ Disk Copy ExtensionWindows DiskCopyMicrosoft Corporationc:\windows\system32\diskcopy.dll

+ Disk Quota UIWindows Shell Disk Quota UI DLLMicrosoft Corporationc:\windows\system32\dskquoui.dll

+ Display Adapter CPL ExtensionAdvanced display adapter propertiesMicrosoft Corporationc:\windows\system32\deskadp.dll

+ Display Monitor CPL ExtensionAdvanced display monitor propertiesMicrosoft Corporationc:\windows\system32\deskmon.dll

+ Display Panning CPL ExtensionFile not found: deskpan.dll

+ Display TroubleShoot CPL ExtensionAdvanced display performance propertiesMicrosoft Corporationc:\windows\system32\deskperf.dll

+ DS Security PageDirectory Service Security UIMicrosoft Corporationc:\windows\system32\dssec.dll

+ Favorites BandShell Doc Object and Control LibraryMicrosoft Corporationc:\windows\system32\shdocvw.dll

+ FTP Folders WebviewMicrosoft Internet Explorer FTP Folder Shell ExtensionMicrosoft Corporationc:\windows\system32\msieftp.dll

+ GDI+ 文件缩略图解压缩程序Windows 图片和传真查看器Microsoft Corporationc:\windows\system32\shimgvw.dll

+ HTML 缩略图的解压缩程序Windows 图片和传真查看器Microsoft Corporationc:\windows\system32\shimgvw.dll

+ HyperTerminal Icon ExtHyperTerminal Applet LibraryHilgraeve, Inc.c:\windows\system32\hticons.dll

+ ICC 配置文件Microsoft Color Matching System User Interface DLLMicrosoft Corporationc:\windows\system32\icmui.dll

+ ICM 打印机管理Microsoft Color Matching System User Interface DLLMicrosoft Corporationc:\windows\system32\icmui.dll

+ ICM 监视器管理Microsoft Color Matching System User Interface DLLMicrosoft Corporationc:\windows\system32\icmui.dll

+ ICM 扫描仪管理Microsoft Color Matching System User Interface DLLMicrosoft Corporationc:\windows\system32\icmui.dll

+ IE4 套件初始屏幕Shell Doc Object and Control LibraryMicrosoft Corporationc:\windows\system32\shdocvw.dll

+ Installed Apps EnumeratorShell Application ManagerMicrosoft Corporationc:\windows\system32\appwiz.cpl

+ InternetShell Doc Object and Control LibraryMicrosoft Corporationc:\windows\system32\shdocvw.dll

+ InternetShell Doc Object and Control LibraryMicrosoft Corporationc:\windows\system32\shdocvw.dll

+ Internet Name SpaceShell Doc Object and Control LibraryMicrosoft Corporationc:\windows\system32\shdocvw.dll

+ Internet 临时文件Shell Doc Object and Control LibraryMicrosoft Corporationc:\windows\system32\shdocvw.dll

+ Internet 临时文件Shell Doc Object and Control LibraryMicrosoft Corporationc:\windows\system32\shdocvw.dll

+ InternetShortcutShell Doc Object and Control LibraryMicrosoft Corporationc:\windows\system32\shdocvw.dll

+ ISFBand OCShell Doc Object and Control LibraryMicrosoft Corporationc:\windows\system32\shdocvw.dll

+ Microsoft Agent Character Property Sheet HandlerMicrosoft Agent Property Sheet HandlerMicrosoft Corporationc:\windows\msagent\agentpsh.dll

+ Microsoft AutoCompleteShell Browser UI LibraryMicrosoft Corporationc:\windows\system32\browseui.dll

+ Microsoft Browser ArchitectureShell Doc Object and Control LibraryMicrosoft Corporationc:\windows\system32\shdocvw.dll

+ Microsoft BrowserBandShell Browser UI LibraryMicrosoft Corporationc:\windows\system32\browseui.dll

+ Microsoft DocProp Inplace Calendar ControlMicrosoft DocProp Shell ExtMicrosoft Corporationc:\windows\system32\docprop2.dll

+ Microsoft DocProp Inplace Droplist Combo ControlMicrosoft DocProp Shell ExtMicrosoft Corporationc:\windows\system32\docprop2.dll

+ Microsoft DocProp Inplace Edit Box ControlMicrosoft DocProp Shell ExtMicrosoft Corporationc:\windows\system32\docprop2.dll

+ Microsoft DocProp Inplace ML Edit Box ControlMicrosoft DocProp Shell ExtMicrosoft Corporationc:\windows\system32\docprop2.dll

+ Microsoft DocProp Inplace Time ControlMicrosoft DocProp Shell ExtMicrosoft Corporationc:\windows\system32\docprop2.dll

+ Microsoft DocProp Shell ExtMicrosoft DocProp Shell ExtMicrosoft Corporationc:\windows\system32\docprop2.dll

+ Microsoft Internet 工具栏Shell Browser UI LibraryMicrosoft Corporationc:\windows\system32\browseui.dll

+ Microsoft Url History 服务Shell Doc Object and Control LibraryMicrosoft Corporationc:\windows\system32\shdocvw.dll

+ Microsoft Url 搜索挂接Shell Doc Object and Control LibraryMicrosoft Corporationc:\windows\system32\shdocvw.dll

+ Microsoft 多个自动完成列表容器Shell Browser UI LibraryMicrosoft Corporationc:\windows\system32\browseui.dll

+ Microsoft 历史自动完成列表Shell Browser UI LibraryMicrosoft Corporationc:\windows\system32\browseui.dll

+ Microsoft 数据链接Microsoft Data Access - OLE DB Core ServicesMicrosoft Corporationc:\program files\common files\system\ole db\oledb32.dll

+ Microsoft 外壳文件夹自动完成列表Shell Browser UI LibraryMicrosoft Corporationc:\windows\system32\browseui.dll

+ Midi Properties HandlerMedia File Property Extractor Shell ExtensionMicrosoft Corporationc:\windows\system32\shmedia.dll

+ MMC Icon HandlerMMC Shell Extension DLLMicrosoft Corporationc:\windows\system32\mmcshext.dll

+ MRU 自动完成列表Shell Browser UI LibraryMicrosoft Corporationc:\windows\system32\browseui.dll
这是第2部分
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT