本文来自 www.dngz.net
O8 - Extra context menu item: 使用网际快车下载全部链接 - E:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: 添加到QQ自定义面板 - E:\Program Files\QQ\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - E:\Program Files\QQ\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - E:\Program Files\QQ\SendMMS.htm O9 - Extra button: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-E800A446447A} - F:\浩方对战平台\gameclient.exe (file missing) O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll O9 - Extra button: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: KuGoo3 - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - E:\酷狗\KuGoo3\InExtend\KuGoo3DownXControl.ocx O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing) O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) (www.dngz.net)版权所有 O23 - Service: MSIServes (Windows Installer admin) - Unknown owner - C:\WINDOWS\system32\lssas.exe第二次掃描日誌: Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\freepc\freepc\freepp.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\蔡黎明\桌面\HijackThis.exe F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file) O2 - BHO: (no name) - {A9930D97-9CF0-42A0-A10D-4F28836579D5} - E:\酷狗\KuGoo3\KuGoo3DownXControl.ocx (file missing) O4 - HKLM\..\Run: [AntiArpSniffer] C:\Program Files\Anti ARP Sniffer\AntiArpSniffer.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DesktopSprite] E:\Program Files\SnowFox\DesktopSprite2\DesktopSprite.exe O8 - Extra context menu item: 上传到QQ网络硬盘 - E:\Program Files\QQ\AddToNetDisk.htm O8 - Extra context menu item: 使用KuGoo3下载(&K) - E:\酷狗\KuGoo3\KuGoo3DownX.htm O8 - Extra context menu item: 使用网际快车下载 - E:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: 使用网际快车下载全部链接 - E:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: 添加到QQ自定义面板 - E:\Program Files\QQ\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - E:\Program Files\QQ\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - E:\Program Files\QQ\SendMMS.htm dngz.net O9 - Extra button: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-E800A446447A} - F:\浩方对战平台\gameclient.exe (file missing) O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll O9 - Extra button: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: KuGoo3 - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - E:\酷狗\KuGoo3\InExtend\KuGoo3DownXControl.ocx O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing) O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: MSIServes (Windows Installer admin) - Unknown owner - C:\WINDOWS\system32\lssas.exe (file missing)
第三次掃描日誌: Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe (www.dngz.net)版权所有 C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\蔡黎明\桌面\HijackThis.exe F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file) O2 - BHO: (no name) - {A9930D97-9CF0-42A0-A10D-4F28836579D5} - E:\酷狗\KuGoo3\KuGoo3DownXControl.ocx (file missing) O4 - HKLM\..\Run: [AntiArpSniffer] C:\Program Files\Anti ARP Sniffer\AntiArpSniffer.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DesktopSprite] E:\Program Files\SnowFox\DesktopSprite2\DesktopSprite.exe O8 - Extra context menu item: 上传到QQ网络硬盘 - E:\Program Files\QQ\AddToNetDisk.htm O8 - Extra context menu item: 使用KuGoo3下载(&K) - E:\酷狗\KuGoo3\KuGoo3DownX.htm O8 - Extra context menu item: 使用网际快车下载 - E:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: 使用网际快车下载全部链接 - E:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: 添加到QQ自定义面板 - E:\Program Files\QQ\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - E:\Program Files\QQ\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - E:\Program Files\QQ\SendMMS.htm O9 - Extra button: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-E800A446447A} - F:\浩方对战平台\gameclient.exe (file missing) O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
dngz.net
O9 - Extra button: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: KuGoo3 - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - E:\酷狗\KuGoo3\InExtend\KuGoo3DownXControl.ocx O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing) O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: MSIServes (Windows Installer admin) - Unknown owner - C:\WINDOWS\system32\lssas.exe (file missing)自己是個菜鳥,不懂怎么弄,所以就通過自己平時的一小點經驗自己殺勒一下毒,然后也掃描勒三次日誌互相之間比較,清楚勒一些毒,但是問題依然存在,所以希望大傢幫幫忙解決一下。 電腦出現現象: 同學在我電腦上面下浩方,然後被卡巴6.0版說發現鴿子,然後同學就卸載了浩方,重啓機子后,所有的應用程序,都只能用打開方式打開,不能直接打開。想查看“我的電腦”的屬性,提示說是找不到rudll32.exe這個程序,然後我又重新從別的機子上拷來,問題還是存在,自己確實不懂了,發上來希望大家幫忙解決一下!到底是中的什麽病毒?謝謝大家了啊! (www.dngz.net)版权所有
蔡黎明.呵呵。差点以为是黎明来了。你中的病毒比较貌似我的电脑上中的。
呵呵:lol ,妳知道是怎么囬事嗎? 妳是怎么解決的?
有人来帮忙解决米有嘛! 帖子不能沉啊!
你可以看看那些exe的文件还在吗? 如果都被删掉了 那就得重装那些软件了 可以试试在安全模式杀杀毒,你电脑中毒不深
C:\Documents and Settings\蔡黎明\桌面\HijackThis.exe O2 - BHO: (no name) - {A9930D97-9CF0-42A0-A10D-4F28836579D5} - E:\酷狗\KuGoo3\KuGoo3DownXControl.ocx (file missing) O18 - Protocol: KuGoo3 - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - E:\酷狗\KuGoo3\InExtend\KuGoo3DownXControl.ocx 这三项有问题 特别是酷狗 清除办法请点击此网址http://zhidao.baidu.com/question/6982950.html
C:\Documents and Settings\蔡黎明\桌面\HijackThis.exe 这项有问题吗?可不可以说一下具体问题啊,我只是把HijackThis这个放在桌面上了而已啊!运行的时候应该会产生一个这样的进程吧!
嗯,酷狗那个我去看一下先! 谢谢楼上的和7楼的朋友的回复!我去看了一下,那个KuGoo3DownXControl.ocx应该是酷狗的升级或者下载的控件咯,应该不会有什么问题吧?
后来在网上查了一下,朋友又提醒了,可能是文件关联出了问题,在网上搜索了半天找到后回来一看,原来本版就已经有现成的详细答案啦,郁闷,只不过也解决了,也锻炼了我自己,嘿嘿,谢谢楼上回复的朋友们了啊。 如果有类似的问题,去本版的“发帖须知”里面去看看吧!