|
|
|||||||
| 論壇說明 |
|
歡迎您來到『史萊姆論壇』 ^___^ 您目前正以訪客的身份瀏覽本論壇,訪客所擁有的權限將受到限制,您可以瀏覽本論壇大部份的版區與文章,但您將無法參與任何討論或是使用私人訊息與其他會員交流。若您希望擁有完整的使用權限,請註冊成為我們的一份子,註冊的程序十分簡單、快速,而且最重要的是--註冊是完全免費的! 請點擊這裡:『註冊成為我們的一份子!』 |
 |
|
|
主題工具 | 顯示模式 |
2008-02-20, 11:45 PM
|
#1 |
|
註冊會員
|
求助 - 各位大大~麻煩你們幫我看一下我有哪裡出錯嚕
各位大大~麻煩你們幫我看一下我有哪裡出錯嚕~謝謝嚕  Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 上午 12:53:04, on 2008/2/20 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\Fonts\system\ati2evxx.EXE C:\Documents and Settings\Administrator\motou.exe C:\WINDOWS\FONTS\SYSTEM\DD.EXE C:\WINDOWS\system32\calc.exe C:\WINDOWS\SYSTEM32\CTFMON.EXE C:\PROGRA~1\YAHOO!\MESSEN~1\ymsgr_tray.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wdfmgr.exe C:\Program Files\Raxco\PerfectDisk\PDSched.exe C:\WINDOWS\System32\alg.exe C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPLAYER.EXE C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE C:\Program Files\Xi\NetTransport 2\NetTransport.exe c:\hijackthis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe O1 - Hosts: 124.238.254.113 www.10280011.com O1 - Hosts: 124.238.254.113 10280011.com O1 - Hosts: 124.238.254.113 www.10289900.com O1 - Hosts: 124.238.254.113 10289900.com O1 - Hosts: 124.238.254.113 www.78877788.com O1 - Hosts: 124.238.254.113 78877788.com O1 - Hosts: 124.238.254.113 www.11051122.com O1 - Hosts: 124.238.254.113 11051122.com O1 - Hosts: 124.238.254.113 1.ehai01.com O1 - Hosts: 124.238.254.113 da.ehai01.com O1 - Hosts: 124.238.254.113 ehai01.com O1 - Hosts: 124.238.254.113 2008.sekart.cn O1 - Hosts: 124.238.254.113 www.sekart.cn O1 - Hosts: 124.238.254.113 sekart.cn O1 - Hosts: 124.238.254.113 www.11309988.com O1 - Hosts: 124.238.254.113 www.12100088.com O1 - Hosts: 124.238.254.113 www.12108899.com O1 - Hosts: 124.238.254.113 d2.llsging.com O1 - Hosts: 124.238.254.113 llsging.com O1 - Hosts: 124.238.254.113 dd.749571.com O1 - Hosts: 124.238.254.113 749571.com O1 - Hosts: 124.238.254.113 pr.749571.com O1 - Hosts: 124.238.254.113 txwm1204.com O1 - Hosts: 124.238.254.113 www.txwm1204.com O2 - BHO: (no name) - {471B15AD-7A9C-491D-9C19-4E15B12DCE00} - C:\Program Files\Internet Explorer\PLUGINS\NvSys_55.Sys O2 - BHO: (no name) - {4B23A8E5-CC9C-4A15-81F3-9B902C00AF4B} - C:\Program Files\Internet Explorer\PLUGINS\NvSys_55.Sys O2 - BHO: (no name) - {9963387B-212E-4643-B207-82DAEA0E713D} - C:\Program Files\Internet Explorer\PLUGINS\Wn_Sys8x.Sys O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [WinForm] C:\WINDOWS\WinForm.exE O4 - HKLM\..\Run: [WSockDrv32] C:\WINDOWS\WSockDrv32.exe O4 - HKLM\..\Run: [Kvsc3] C:\WINDOWS\Kvsc3.exE O4 - HKLM\..\Run: [AVPSrv] C:\WINDOWS\AVPSrv.exE O4 - HKLM\..\Run: [mppds] C:\WINDOWS\mppds.exe O4 - HKLM\..\Run: [DbgHlp32] C:\WINDOWS\DbgHlp32.exe O4 - HKLM\..\Run: [MsPrint32D] C:\WINDOWS\gzpzjq.exe O4 - HKLM\..\Run: [upxdnd] C:\WINDOWS\upxdnd.exe O4 - HKLM\..\Run: [cmdbcs] C:\WINDOWS\cmdbcs.exe O4 - HKLM\..\Run: [WinSysM] C:\WINDOWS\455373M.exe O4 - HKLM\..\Run: [MsIMMs32] C:\WINDOWS\MsIMMs32.exE O4 - HKLM\..\Run: [PTSShell] C:\WINDOWS\PTSShell.exe O4 - HKLM\..\Run: [LotusHlp] C:\WINDOWS\LotusHlp.exe O4 - HKLM\..\Run: [NVDispDrv] C:\WINDOWS\vpbuhx.exe O4 - HKLM\..\Run: [NAVMon32] C:\WINDOWS\NAVMon32.exE O4 - HKLM\..\Run: [WINSvr32] C:\WINDOWS\WINSvr32.exE O4 - HKLM\..\Run: [RegSrv64D] C:\WINDOWS\vxrbdy.exe O4 - HKLM\..\Run: [WinSysW] C:\WINDOWS\455373L.exe O4 - HKLM\..\Run: [msccrt] C:\WINDOWS\msccrt.exe O4 - HKLM\..\Run: [SHAProc] C:\WINDOWS\SHAProc.exe O4 - HKLM\..\Run: [TBMonEx] C:\WINDOWS\Fonts\system\ati2evxx.EXE O4 - HKLM\..\Run: [inudhya] C:\WINDOWS\Fonts\system\soundma.exe O4 - HKLM\..\Run: [WSockx2_32] C:\WINDOWS\ylwuyd.exe O4 - HKLM\..\Run: [InternetExe] C:\Documents and Settings\Administrator\motou.exe O4 - HKLM\..\Run: [kermer] C:\WINDOWS\FONTS\SYSTEM\DD.EXE O4 - HKLM\..\Run: [kkaddmin] C:\WINDOWS\FONTS\SYSTEM\FBD.EXE O4 - HKLM\..\Run: [SSLDyn] C:\WINDOWS\SSLDyn.exE O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Yahoo! Pager] "c:\PROGRA~1\yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet O4 - HKLM\..\Policies\Explorer\Run: [zfyrspnum] zfyrspnum.exe O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] ctfmon.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] ctfmon.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] ctfmon.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] ctfmon.exe (User 'Default user') O8 - Extra context menu item: Foxy 下載 - res://D:\FOXY\FOXY.EXE/download.htm O8 - Extra context menu item: Foxy 搜尋 - res://D:\FOXY\FOXY.EXE/search.htm O8 - Extra context menu item: 使用影音傳送帶下載 - C:\Program Files\Xi\NetTransport 2\NTAddLink.html O8 - Extra context menu item: 使用影音傳送帶下載全部連結 - C:\Program Files\Xi\NetTransport 2\NTAddList.html O14 - IERESET.INF: START_PAGE_URL=tw.yahoo.com O17 - HKLM\System\CCS\Services\Tcpip\..\{50EB6A61-84C5-40EE-A22C-B7755067BD13}: NameServer = 168.95.192.1 168.95.1.1 O23 - Service: 8F4CCCCD - Unknown owner - C:\WINDOWS\system32\A3BF51DF.EXE O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDSched.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing) -- End of file - 6007 bytes |
|
送花文章: 0,
|
|
2008-02-21, 12:19 AM
|
#2 (permalink) |
|
長老會員
 
|
O1 - Hosts: 124.238.254.113 www.10280011.com
O1 - Hosts: 124.238.254.113 10280011.com O1 - Hosts: 124.238.254.113 www.10289900.com O1 - Hosts: 124.238.254.113 10289900.com O1 - Hosts: 124.238.254.113 www.78877788.com O1 - Hosts: 124.238.254.113 78877788.com O1 - Hosts: 124.238.254.113 www.11051122.com O1 - Hosts: 124.238.254.113 11051122.com O1 - Hosts: 124.238.254.113 1.ehai01.com O1 - Hosts: 124.238.254.113 da.ehai01.com O1 - Hosts: 124.238.254.113 ehai01.com O1 - Hosts: 124.238.254.113 2008.sekart.cn O1 - Hosts: 124.238.254.113 www.sekart.cn O1 - Hosts: 124.238.254.113 sekart.cn O1 - Hosts: 124.238.254.113 www.11309988.com O1 - Hosts: 124.238.254.113 www.12100088.com O1 - Hosts: 124.238.254.113 www.12108899.com O1 - Hosts: 124.238.254.113 d2.llsging.com O1 - Hosts: 124.238.254.113 llsging.com O1 - Hosts: 124.238.254.113 dd.749571.com O1 - Hosts: 124.238.254.113 749571.com O1 - Hosts: 124.238.254.113 pr.749571.com O1 - Hosts: 124.238.254.113 txwm1204.com O1 - Hosts: 124.238.254.113 www.txwm1204.com O2 - BHO: (no name) - {471B15AD-7A9C-491D-9C19-4E15B12DCE00} - C:\Program Files\Internet Explorer\PLUGINS\NvSys_55.Sys O2 - BHO: (no name) - {4B23A8E5-CC9C-4A15-81F3-9B902C00AF4B} - C:\Program Files\Internet Explorer\PLUGINS\NvSys_55.Sys O2 - BHO: (no name) - {9963387B-212E-4643-B207-82DAEA0E713D} - C:\Program Files\Internet Explorer\PLUGINS\Wn_Sys8x.Sys O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [WinForm] C:\WINDOWS\WinForm.exE O4 - HKLM\..\Run: [WSockDrv32] C:\WINDOWS\WSockDrv32.exe O4 - HKLM\..\Run: [Kvsc3] C:\WINDOWS\Kvsc3.exE O4 - HKLM\..\Run: [AVPSrv] C:\WINDOWS\AVPSrv.exE O4 - HKLM\..\Run: [mppds] C:\WINDOWS\mppds.exe O4 - HKLM\..\Run: [DbgHlp32] C:\WINDOWS\DbgHlp32.exe O4 - HKLM\..\Run: [MsPrint32D] C:\WINDOWS\gzpzjq.exe O4 - HKLM\..\Run: [upxdnd] C:\WINDOWS\upxdnd.exe O4 - HKLM\..\Run: [cmdbcs] C:\WINDOWS\cmdbcs.exe O4 - HKLM\..\Run: [WinSysM] C:\WINDOWS\455373M.exe O4 - HKLM\..\Run: [MsIMMs32] C:\WINDOWS\MsIMMs32.exE O4 - HKLM\..\Run: [PTSShell] C:\WINDOWS\PTSShell.exe O4 - HKLM\..\Run: [LotusHlp] C:\WINDOWS\LotusHlp.exe O4 - HKLM\..\Run: [NVDispDrv] C:\WINDOWS\vpbuhx.exe O4 - HKLM\..\Run: [NAVMon32] C:\WINDOWS\NAVMon32.exE O4 - HKLM\..\Run: [WINSvr32] C:\WINDOWS\WINSvr32.exE O4 - HKLM\..\Run: [RegSrv64D] C:\WINDOWS\vxrbdy.exe O4 - HKLM\..\Run: [WinSysW] C:\WINDOWS\455373L.exe O4 - HKLM\..\Run: [msccrt] C:\WINDOWS\msccrt.exe O4 - HKLM\..\Run: [SHAProc] C:\WINDOWS\SHAProc.exe O4 - HKLM\..\Run: [TBMonEx] C:\WINDOWS\Fonts\system\ati2evxx.EXE O4 - HKLM\..\Run: [inudhya] C:\WINDOWS\Fonts\system\soundma.exe O4 - HKLM\..\Run: [WSockx2_32] C:\WINDOWS\ylwuyd.exe O4 - HKLM\..\Run: [InternetExe] C:\Documents and Settings\Administrator\motou.exe O4 - HKLM\..\Run: [kermer] C:\WINDOWS\FONTS\SYSTEM\DD.EXE O4 - HKLM\..\Run: [kkaddmin] C:\WINDOWS\FONTS\SYSTEM\FBD.EXE O4 - HKLM\..\Run: [SSLDyn] C:\WINDOWS\SSLDyn.exE O4 - HKLM\..\Policies\Explorer\Run: [zfyrspnum] zfyrspnum.exe O23 - Service: 8F4CCCCD - Unknown owner - C:\WINDOWS\system32\A3BF51DF.EXE 嘆為觀止.....  勾選並修復上述項目 P.S 裝套防毒軟體. 掃描一次, 把病毒檔案全部清除 若嫌麻煩, 那就....format + 重裝作業系統吧 |
|
__________________ 刑天舞干戚
|
|
|
|
送花文章: 6,
|
|
向 plunderer 送花的會員:
|
|
|
|
|
相似的主題
|
||||
| 主題 | 主題作者 | 討論區 | 回覆 | 最後發表 |
| 大大可以幫我看一下我的問題嗎 | a9038889 | 一般電腦疑難討論區 | 3 | 2003-03-30 10:00 PM |
| 各位大大幫我一下~"~ | hala1107 | 一般電腦疑難討論區 | 0 | 2003-01-13 04:13 AM |
| 能麻煩各位大大救一下嗎? | ctboymax | 一般電腦疑難討論區 | 2 | 2002-12-12 09:30 PM |
平板模式
