本页主题: 各位能帮我分析一下Hijackthis的结果吗? 打印 | 加为IE收藏 | 复制链接 | 收藏主题 | 上一主题 | 下一主题

JKHR007
级别: 骑士


精华: 1
发帖: 80
威望: 53 点
金钱: 163 静电币
支持度: 50 点
在线时间:69(小时)
注册时间:2003-08-26
最后登录:2011-08-17

 各位能帮我分析一下Hijackthis的结果吗?

HijackThis_zww汉化版扫描日志 V1.99.1
保存于     上午 09:31:23, 日期 2005-7-14
操作系统: Windows XP SP2 (WinNT 5.01.2600)
浏览器:   Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程:      
C:\Windows\System32\smss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Windows\system32\nvsvc32.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Windows\system32\UAService7.exe
C:\Program Files\Raxco\PerfectDisk\PDSched.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\Ringz Studio\Media Player\Winamp.exe
C:\Program Files\Thunder Network\Thunder\Thunder.exe
C:\Program Files\Thunder Network\Thunder\MediaIssue\Issue.exe
C:\Program Files\Tencent\QQ\QQ.exe
C:\Program Files\Tencent\QQ\TIMPlatform.exe
C:\Program Files\Maxthon\Maxthon.exe
D:\HijackThis1991汉化版\HijackThis1991zww.exe

O1 - Hosts: 127.0.0.0 008.cn
O1 - Hosts: 127.0.0.0 2qq.cn
O1 - Hosts: 127.0.0.0 abcdesign.ru
O1 - Hosts: 127.0.0.0 ad.qingyule.com
O1 - Hosts: 127.0.0.0 alexey.pioneers.com.ru
O1 - Hosts: 127.0.0.0 baltnet.ru
O1 - Hosts: 127.0.0.0 cctv1.net
O1 - Hosts: 127.0.0.0 cctv8.net
O1 - Hosts: 127.0.0.0 ciachoo.pl
O1 - Hosts: 127.0.0.0 dicto.ru
O1 - Hosts: 127.0.0.0 elemental.ru
O1 - Hosts: 127.0.0.0 errorguard.com
O1 - Hosts: 127.0.0.0 financial.washingtonpost.com
O1 - Hosts: 127.0.0.0 free.bestialityhost.com
O1 - Hosts: 127.0.0.0 friendlygreeting.com
O1 - Hosts: 127.0.0.0 gamma.vyborg.ru
O1 - Hosts: 127.0.0.0 gin.ru
O1 - Hosts: 127.0.0.0 glass-master.ru
O1 - Hosts: 127.0.0.0 gutemine.wu-wien.ac.at
O1 - Hosts: 127.0.0.0 hack-gegen-rechts.com
O1 - Hosts: 127.0.0.0 hgrstrailer.com
O1 - Hosts: 127.0.0.0 home.profootball.ru
O1 - Hosts: 127.0.0.0 hotbar.com
O1 - Hosts: 127.0.0.0 intellect.lvc
O1 - Hosts: 127.0.0.0 interfoodtd.ru
O1 - Hosts: 127.0.0.0 it.trendmicro-europe.com
O1 - Hosts: 127.0.0.0 jewishgen.org
O1 - Hosts: 127.0.0.0 k2kapital.com
O1 - Hosts: 127.0.0.0 lars-s.privat.t-online.de
O1 - Hosts: 127.0.0.0 laugh-mail.net
O1 - Hosts: 127.0.0.0 lavasoft.com
O1 - Hosts: 127.0.0.0 lavasoft.de
O1 - Hosts: 127.0.0.0 lavasoftusa.com
O1 - Hosts: 127.0.0.0 marketscore.com
O1 - Hosts: 127.0.0.0 math.kobe-u.ac.jp
O1 - Hosts: 127.0.0.0 me.5e163.com
O1 - Hosts: 127.0.0.0 momentum.ru
O1 - Hosts: 127.0.0.0 nefkom.net
O1 - Hosts: 127.0.0.0 no-abi2003.de
O1 - Hosts: 127.0.0.0 packages.debian.or.jp
O1 - Hosts: 127.0.0.0 page.taobao.com
O1 - Hosts: 127.0.0.0 perfectgirls.net
O1 - Hosts: 127.0.0.0 peterstar.ru
O1 - Hosts: 127.0.0.0 pgipearls.com
O1 - Hosts: 127.0.0.0 phg.pl
O1 - Hosts: 127.0.0.0 photo.gornet.ru
O1 - Hosts: 127.0.0.0 polobeer.de
O1 - Hosts: 127.0.0.0 porno-mania.net
O1 - Hosts: 127.0.0.0 puldk490gj.da.ru
O1 - Hosts: 127.0.0.0 qianbai.com
O1 - Hosts: 127.0.0.0 quotes.barchart.com
O1 - Hosts: 127.0.0.0 relay.great.ru
O1 - Hosts: 127.0.0.0 republika.pl
O1 - Hosts: 127.0.0.0 rollenspielzirkel.de
O1 - Hosts: 127.0.0.0 safer-networking.org
O1 - Hosts: 127.0.0.0 sdsauto.ru
O1 - Hosts: 127.0.0.0 search.taobao.com
O1 - Hosts: 127.0.0.0 sec.polbox.pl
O1 - Hosts: 127.0.0.0 security.kolla.de
O1 - Hosts: 127.0.0.0 shadkhan.ru
O1 - Hosts: 127.0.0.0 slavarik.ru
O1 - Hosts: 127.0.0.0 sovea.de
O1 - Hosts: 127.0.0.0 spybot.info
O1 - Hosts: 127.0.0.0 tdi-router.opola.pl
O1 - Hosts: 127.0.0.0 trendmicro.it
O1 - Hosts: 127.0.0.0 truefriends.net
O1 - Hosts: 127.0.0.0 tuhart.net
O1 - Hosts: 127.0.0.0 u.t2cn.com
O1 - Hosts: 127.0.0.0 ultimate-best-hgh.0my.net
O1 - Hosts: 127.0.0.0 vconsole.net
O1 - Hosts: 127.0.0.0 vip.pnet.pl
O1 - Hosts: 127.0.0.0 virtumonde.com
O1 - Hosts: 127.0.0.0 webpark.pl
O1 - Hosts: 127.0.0.0 wishken.com
O1 - Hosts: 127.0.0.0 www.139500.com
O1 - Hosts: 127.0.0.0 www.1yin.net
O1 - Hosts: 127.0.0.0 www.37021.com
O1 - Hosts: 127.0.0.0 www.47555.net
O1 - Hosts: 127.0.0.0 www.511ring.com
O1 - Hosts: 127.0.0.0 www.777888.com
O1 - Hosts: 127.0.0.0 www.77ttt.com
O1 - Hosts: 127.0.0.0 www.9p.cn
O1 - Hosts: 127.0.0.0 www.aifind.info
O1 - Hosts: 127.0.0.0 www.allyes.com
O1 - Hosts: 127.0.0.0 www.aogo.net
O1 - Hosts: 127.0.0.0 www.cctv8.net
O1 - Hosts: 127.0.0.0 www.cnqb.net
O1 - Hosts: 127.0.0.0 www.coolcdrom.com
O1 - Hosts: 127.0.0.0 www.coolseach.com
O1 - Hosts: 127.0.0.0 www.dj3344.com
O1 - Hosts: 127.0.0.0 www.donttrip.org
O1 - Hosts: 127.0.0.0 www.ebay.com.cn
O1 - Hosts: 127.0.0.0 www.ehomeday.com
O1 - Hosts: 127.0.0.0 www.gg888.net
O1 - Hosts: 127.0.0.0 www.girlchinese.com
O1 - Hosts: 127.0.0.0 www.homepage.com
O1 - Hosts: 127.0.0.0 www.jixian.net
O1 - Hosts: 127.0.0.0 www.kuliao.com
O1 - Hosts: 127.0.0.0 www.mir0.com
O1 - Hosts: 127.0.0.0 www.mtv51.com
O1 - Hosts: 127.0.0.0 www.mydj2005.com
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v5.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - IE工具栏增项: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - IE工具栏增项: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - 启动项HKLM\\Run: [nwiz] nwiz.exe /install
O4 - 启动项HKLM\\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - 启动项HKLM\\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - 启动项HKLM\\Run: [StormCodec_Helper] "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - 启动项HKLM\\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - 启动项HKLM\\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - 启动项HKLM\\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - 启动项HKLM\\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] C:\Windows\system32\ctfmon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - IE右键菜单中的新增项目: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\geturl.htm
O8 - IE右键菜单中的新增项目: &使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\getAllurl.htm
O8 - IE右键菜单中的新增项目: 使用Kugoo下载 - C:\PROGRA~1\KuGoo2\KugooDownX.htm
O8 - IE右键菜单中的新增项目: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm
O8 - IE右键菜单中的新增项目: 用比特精灵下载(&B) - C:\Program Files\BitSpirit\bsurl.htm
O9 - 浏览器额外的按钮: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - 浏览器额外的“工具”菜单项: Sun Java 控制台 - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - 浏览器额外的按钮: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - 浏览器额外的按钮: 易趣购物 - {DE60714F-AC17-427e-861A-FD60CBDF119A} - http://adfarm.mediaplex.com/ad/ck/4080-23171-9517-209?cn=song;icon;hp&mpro=http://www.ebay.com.cn (file missing)
O9 - 浏览器额外的“工具”菜单项: 易趣购物 - {DE60714F-AC17-427e-861A-FD60CBDF119A} - http://adfarm.mediaplex.com/ad/ck/4080-23171-9517-209?cn=song;icon;hp&mpro=http://www.ebay.com.cn (file missing)
O9 - 浏览器额外的按钮: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - 浏览器额外的“工具”菜单项: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1120130452437
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - https://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38540.753599537
O17 - HKLM\System\CCS\Services\Tcpip\..\{839ADB80-A7B1-4F2F-962D-900E68EA2F62}: NameServer = 202.96.128.86 202.96.128.166
O23 - NT 服务: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - NT 服务: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - NT 服务: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - NT 服务: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - NT 服务: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - NT 服务: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - NT 服务: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvsvc32.exe
O23 - NT 服务: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - NT 服务: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDSched.exe
O23 - NT 服务: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - NT 服务: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - NT 服务: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - NT 服务: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - NT 服务: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - NT 服务: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - NT 服务: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\Windows\system32\UAService7.exe
King
Posted: 2005-07-14 09:31 | [楼 主]
狗狗
加菲's
级别: 管理员


精华: 10
发帖: 4860
威望: 10315 点
金钱: 10295 静电币
支持度: 20130 点
在线时间:1420(小时)
注册时间:2001-11-20
最后登录:2024-12-21

 

呵呵,那么多域名在Hosts里面被屏蔽了。
Posted: 2005-07-15 04:06 | 1 楼
帖子浏览记录 版块浏览记录
狗狗静电BBS - wwW.DoGGiEhoMe.CoM » 电脑全方位 Computer Guide

沪ICP备05008186号
Powered by PHPWind Styled by MagiColor