我电脑上周被一个叫做9505的恶意网站锁死IE,怎么都办法,后来从网上得知有人中过,并且是在这里被高手解救的.可是我照他说的那种方法不行.是每个人的具体情况不一样吧.现在我把用HijackThis扫描的日志贴上来请高手教下小弟.我已经下载了SRENG和KILLBOX软件,但不知道该删日志里面的什么.
HijackThis_815汉化版扫描日志 V1.99.1
保存于 14:07:05, 日期 2006-10-20
操作系统: Windows XP SP2 (WinNT 5.01.2600)
浏览器: Internet Explorer v6.00 SP2 (6.00.2900.2180)
当前运行的进程:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rising\Rav\Ravmond.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Rising\Rav\RavStub.exe
C:\Program Files\Rising\Rav\RavTask.exe
C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
C:\Program Files\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
D:\新建文件夹\HijackThis1991zww.exe
R3 - URLSearchHook: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\Program Files\Yahoo!\Assistant\Assist\yasbar.dll
O1 - Hosts: 61.129.115.56 www.hao123.com
O1 - Hosts: 219.139.58.97 www.7b.com.cn
O1 - Hosts: 219.139.58.97 www.7939.com
O1 - Hosts: 61.129.115.56 www.360safe.com
O1 - Hosts: 61.129.115.56 360safe.com
O1 - Hosts: 61.129.115.56 update.360safe.com
O1 - Hosts: 61.129.115.56 dl.360safe.com
O1 - Hosts: 61.129.115.56 bbs.360safe.com
O1 - Hosts: 219.139.58.97 count16.51yes.com
O1 - Hosts: 219.139.58.97 count18.51yes.com
O1 - Hosts: 219.139.58.97 count20.51yes.com
O1 - Hosts: 61.129.115.56 www.btbaicai.com
O1 - Hosts: 61.129.115.56 btbaicai.com
O1 - Hosts: 61.129.115.56 www.pctutu.com
O1 - Hosts: 219.139.58.97 www.7322.com
O1 - Hosts: 219.139.58.97 www.5566.net
O1 - Hosts: 219.139.58.97 www.9991.com
O1 - Hosts: 61.129.115.56 forum.ikaka.com
O1 - Hosts: 61.129.115.56 www.ikaka.com
O1 - Hosts: 219.139.58.97 www.piaoxue.com
O1 - Hosts: 61.129.115.56 forum.jiangmin.com
O1 - Hosts: 61.129.115.56 update.jiangmin.com
O1 - Hosts: 61.129.115.56 post.baidu.com
O1 - Hosts: 61.129.115.56 zhidao.baidu.com
O1 - Hosts: 61.129.115.56 update.rising.com.cn
O1 - Hosts: 61.129.115.56 online.rising.com.cn
O1 - Hosts: 61.129.115.56 dl.pconline.com.cn
O1 - Hosts: 219.139.58.97 space.uwants.com
O1 - Hosts: 219.139.58.97 www.pcav.cn
O1 - Hosts: 219.139.58.97 mopery.hits.io
O1 - Hosts: 219.139.58.97 www.goodmv.cn
O1 - Hosts: 219.139.58.97 www.5566.net
O1 - Hosts: 219.139.58.97 www.piaoxue.com
O1 - Hosts: 219.139.58.97 www.luosoft.com
O1 - Hosts: 219.139.58.97 luosoft.com
O1 - Hosts: 219.139.58.97 www.7255.com
O1 - Hosts: 61.129.115.56 dl.pconline.com.cn
O1 - Hosts: 61.129.115.56 www.spjoy.com
O1 - Hosts: 61.129.115.56 c01.caishow.com
O1 - Hosts: 61.129.115.56 c02.caishow.com
O1 - Hosts: 61.129.115.56 c03.caishow.com
O1 - Hosts: 61.129.115.56 c04.caishow.com
O1 - Hosts: 61.129.115.56 www.caishow.com
O1 - Hosts: 61.129.115.56 union.caishow.com
O1 - Hosts: 61.129.115.56 ad01.a8.com
O1 - Hosts: 61.129.115.56 ad02.a8.com
O1 - Hosts: 61.129.115.56 sg.a8.com
O1 - Hosts: 61.129.115.56 www.adanywhere.cn
O1 - Hosts: 61.129.115.56 ip.adanywhere.cn
O1 - Hosts: 61.129.115.56 ip1.adanywhere.cn
O1 - Hosts: 61.129.115.56 ip2.adanywhere.cn
O1 - Hosts: 61.129.115.56 www.bannerbox.cn
O1 - Hosts: 61.129.115.56 www.caiqiyue.com
O1 - Hosts: 61.129.115.56 toolsbar.kuaiso.com
O1 - Hosts: 61.129.115.56 www.kuaiso.com
O1 - Hosts: 61.129.115.56 www.2t2t.cn
O1 - Hosts: 61.129.115.56 3.a.kal.cn
O1 - Hosts: 61.129.115.56 ip.alexaanywhere.com
O1 - Hosts: 61.129.115.56 go.ipcenter.cn
O1 - Hosts: 61.129.115.56 www.2yin.cn
O1 - Hosts: 61.129.115.56 wwww.systeel.com.cn
O1 - Hosts: 61.129.115.56 go.baibaoxiang.cn
O1 - Hosts: 61.129.115.56 www.gao58.com
O1 - Hosts: 61.129.115.56 www.2tu.cn
O1 - Hosts: 61.129.115.56 www.91tu.cn
O1 - Hosts: 61.129.115.56 www.haotop.com
O1 - Hosts: 61.129.115.56 news01.virussky.com
O1 - Hosts: 61.129.115.56 news02.virussky.com
O1 - Hosts: 61.129.115.56 news03.virussky.com
O1 - Hosts: 61.129.115.56 news04.virussky.com
O1 - Hosts: 61.129.115.56 news40.virussky.com
O1 - Hosts: 61.129.115.56 news41.virussky.com
O1 - Hosts: 61.129.115.56 news42.virussky.com
O1 - Hosts: 61.129.115.56 www.an85.com
O1 - Hosts: 61.129.115.56 an85.com
O1 - Hosts: 61.129.115.56 www.ycdy.com
O1 - Hosts: 61.129.115.56 ycdy.com
O1 - Hosts: 61.129.115.56 down.virussky.com
O1 - Hosts: 61.129.115.56 update.virussky.com
O1 - Hosts: 61.129.115.56 www.maipao.com
O1 - Hosts: 61.129.115.56 www.sina-baidu.com
O1 - Hosts: 61.129.115.56 www.maohehe.com
O1 - Hosts: 61.129.115.56 www.1717kan.cn
O1 - Hosts: 61.129.115.56 www.feixue.net
O1 - Hosts: 61.129.115.56 www.xingkongitv.com
O1 - Hosts: 61.129.115.56 about-blank.cc
O1 - Hosts: 61.129.115.56 www.xfkz.com
O1 - Hosts: 61.129.115.56 xfkz.com
O1 - Hosts: 61.129.115.56 www.365tan.com
O1 - Hosts: 61.129.115.56 cg.9e3.com
O1 - Hosts: 61.129.115.56 www.qqplayer.net
O1 - Hosts: 61.129.115.56 www.sosok.com
O1 - Hosts: 61.129.115.56 img.zhangxiu.com
O1 - Hosts: 61.129.115.56 www.okeaa.com
O1 - Hosts: 61.129.115.56 www.winopen.cn
O2 - BHO: yPhtb - {33BBE430-0E42-4f12-B075-8D21ACB10DCB} - C:\Program Files\Yahoo!\Assistant\Assist\yphtb.dll
O2 - BHO: Anti Fish - {38928D50-8A48-44C2-945F-D2F23F771410} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll
O2 - BHO: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\Program Files\Yahoo!\Assistant\Assist\yasbar.dll
O2 - BHO: YDragSearch - {62EED7C6-9F02-42f9-B634-98E2899E147B} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - C:\WINDOWS\downlo~1\CnsHook.dll
O3 - IE工具栏增项: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\Program Files\Yahoo!\Assistant\Assist\yasbar.dll
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [YLive.exe] C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
O4 - 启动项HKLM\\RunOnce: [RavStub] "C:\Program Files\Rising\Rav\ravstub.exe" /RUNONCE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: 河南网通宽带用户客户端.lnk = C:\Program Files\racer-henan-cnc\racer.exe
O9 - 浏览器额外的按钮: Yahoo 3.5G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail (file missing)
O9 - 浏览器额外的按钮: 名品折扣 - {59BC54A2-56B3-44a0-93E5-432D58746E26} - http://adtaobao.allyes.com/main/adfclick?db=adtaobao&bid=138,140,18&cid=816,8,1&sid=5042&show=ignore&url=http://www.taobao.com/vertical/mall/pro.php?allyesPara=816 (file missing)
O9 - 浏览器额外的按钮: 雅虎助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist (file missing)
O9 - 浏览器额外的按钮: 雅虎WIDGET - {6354ABE6-05F1-49ed-B850-E423120EC338} - http://cn.widget.yahoo.com/index.htm?source=Cns (file missing)
O9 - 浏览器额外的按钮: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg (file missing)
O9 - 浏览器额外的按钮: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing)
O9 - 浏览器额外的“工具”菜单项: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing)
O9 - 浏览器额外的按钮: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing)
O9 - 浏览器额外的“工具”菜单项: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing)
O11 - Options group: [!CNS] 中文上网
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe
