打印

[求救]浏览器总是弹出无聊网站，查也查不到，救命啊！！

懒虫

大懒使小懒，小懒使门槛

版主

Rank: 7 Rank: 7 Rank: 7

帖子: 9092
积分: 1124
技术分: 128
来自: 水管工
在线时间: 576 小时
注册时间: 2001-4-15

1^# 大中小发表于 2006-5-15 01:37 只看该作者

[求救]浏览器总是弹出无聊网站，查也查不到，救命啊！！

如题。。。。用“木马克星”、“卡巴斯基”、“灰鸽子查杀”都扫描过，都说没有发现病毒。但是还是一会儿弹一个网站出来，网站地址是http://www.17sp.com.cn/hello001.htm。扫了个日至，斑斑帮忙看看，谢谢咯！

Logfile of HijackThis v1.99.1
Scan saved at 17:30:18, on 2006-5-14
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32ibmpmsvc.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32S24EvMon.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32TpShocks.exe
CROGRA~1ThinkPadPkgMgrHOTKEYTPHKMGR.exe
CROGRA~1ThinkPadUTILIT~1EzEjMnAp.Exe
Crogram FilesSynapticsSynTPSynTPLpr.exe
C:Program FilesSynapticsSynTPSynTPEnh.exe
C:Program FilesThinkPadPkgMgrHOTKEYTPONSCR.exe
C:Program FilesThinkPadPkgMgrHOTKEY_1TpScrex.exe
C:IBMTOOLSUTILSibmprc.exe
C:Program FilesThinkPadConnectUtilitiesQCWLICON.EXE
C:Program FilesCommon FilesRealUpdate_OB ealsched.exe
C:PROGRA~1SonySONICS~1SsAAD.exe
C:WINDOWSVM_STI.EXE
C:Program FilesHewlett-PackardOrderReminderOrderReminder.exe
C:Program FilesSinfor SCPDLANNGwatch.exe
C:Program FilesiTunesiTunesHelper.exe
C:WINDOWSsystem32ctfmon.exe
C:WINDOWSsystem32driversCDAC11BA.EXE
C:Program FilesIBMIBM Rapid Restore Ultra rpcsb.exe
C:Program FilesSinfor SCPDLANNGLUC.exe
C:WINDOWSSystem32QCONSVC.EXE
C:WINDOWSsystem32RegSrvc.exe
C:Program FilesCommon Filessinforlogslogs.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32TPHDEXLG.EXE
C:WINDOWSsystem32TpKmpSVC.exe
C:Program FilesCommon FilesSony SharedAVLibSSScsiSV.exe
C:Program FilesiPodiniPodService.exe
C:WINDOWSsystem32wuauclt.exe
F:Program Files真封神之天尊地魔gc.exe
C:WINDOWSsystem32csimesrv.exe
F:腾讯QQ腾讯QQqqQQ.exe
F:腾讯QQ腾讯QQqqTIMPlatform.exe
C:Program FilesInternet ExplorerIEXPLORE.EXE
F:download木马杀客mmsk.exe
F:downloadha_hijackthis_1991HijackThis.exe

R3 - URLSearchHook: (no name) - <default> - (no file)
O2 - BHO: ThunderIEHelper - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:WINDOWSsystem32xunleibho_v14.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 - BHO: Router Layer - {5EB7CB50-E375-4718-B4C0-9AD12EFA2F84} - C:WINDOWSSystem32aclayer.dll (file missing)
O2 - BHO: (no name) - {62EED7C6-9F02-42f9-B634-98E2899E147B} - (no file)
O2 - BHO: std software - {6A512BF7-EC78-4e8d-9841-6C02E8FA9838} - (no file)
O2 - BHO: MICROQIL2 - {832C0563-0820-4fef-83D8-418261DBC233} - C:WINDOWSsystem32RAdminl.dll
O2 - BHO: Accoona Search Assistant - {944864A5-3916-46E2-96A9-A2E84F3F1208} - C:Program FilesAccoonaASearchAssist.dll (file missing)
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O2 - BHO: BrowserHAP Class - {AEF6F648-78D8-4456-BEE7-5ADE23D209FD} - C:PROGRA~1HBClienthapast.dll (file missing)
O2 - BHO: IEHlprObj Class - {C5E5DB7E-46B1-47E6-8447-2E517F269925} - C:Program FilesXplusGETIE.dll (file missing)
O2 - BHO: (no name) - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - (no file)
O2 - BHO: 珊瑚虫工具栏 - {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} - C:Program FilesInfofo Barinfofobar.dll (file missing)
O3 - Toolbar: BitCometBar - {3F1ABCDB-A875-46c1-8345-B72A4567E486} - C:Program FilesBitCometBitCometBarBitCometBar0.1.dll
O3 - Toolbar: 电鹰工具栏 - {1BC0B497-3010-43BF-AD78-5858A70907A2} - C:WINDOWSsystem32DyToolband20060126.dll (file missing)
O3 - Toolbar: 珊瑚虫工具栏 - {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} - C:Program FilesInfofo Barinfofobar.dll (file missing)
O4 - HKLM..Run: [IMJPMIG8.1] "C:WINDOWSIMEimjp8_1IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM..Run: [PHIME2002ASync] C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE /SYNC
O4 - HKLM..Run: [TPKMAPHELPER] C:Program FilesThinkPadUtilitiesTpKmapAp.exe -helper
O4 - HKLM..Run: [TpShocks] TpShocks.exe
O4 - HKLM..Run: [TPHOTKEY] C:PROGRA~1ThinkPadPkgMgrHOTKEYTPHKMGR.exe
O4 - HKLM..Run: [TP4EX] tp4ex.exe
O4 - HKLM..Run: [EZEJMNAP] C:PROGRA~1ThinkPadUTILIT~1EzEjMnAp.Exe
O4 - HKLM..Run: [SynTPLpr] C:Program FilesSynapticsSynTPSynTPLpr.exe
O4 - HKLM..Run: [SynTPEnh] C:Program FilesSynapticsSynTPSynTPEnh.exe
O4 - HKLM..Run: [ibmmessages] C:Program FilesIBMMessages By IBMibmmessages.exe
O4 - HKLM..Run: [IBMPRC] C:IBMTOOLSUTILSibmprc.exe
O4 - HKLM..Run: [QCWLICON] C:Program FilesThinkPadConnectUtilitiesQCWLICON.EXE
O4 - HKLM..Run: [MSPY2002] C:WINDOWSsystem32IMEPINTLGNTImScInst.exe /SYNC
O4 - HKLM..Run: [IMEKRMIG6.1] C:WINDOWSimeimkr6_1IMEKRMIG.EXE
O4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon FilesRealUpdate_OB ealsched.exe" -osboot
O4 - HKLM..Run: [StormCodec_Helper] "C:Program FilesRingz StudioStorm CodecStormSet.exe" /S /opti
O4 - HKLM..Run: [SsAAD.exe] C:PROGRA~1SonySONICS~1SsAAD.exe
O4 - HKLM..Run: [BigDogPath] C:WINDOWSVM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM..Run: [ATIPTA] C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe
O4 - HKLM..Run: [OrderReminder] C:Program FilesHewlett-PackardOrderReminderOrderReminder.exe
O4 - HKLM..Run: [NGWatch] "C:Program FilesSinfor SCPDLANNGwatch.exe" -a
O4 - HKLM..Run: [KAVPersonal50] "f:Program FilesKaspersky LabKaspersky Anti-Virus Personal Prokav.exe" /minimize
O4 - HKLM..Run: [hbpassport] C:PROGRA~1HBClienthbast.exe
O4 - HKLM..Run: [iTunesHelper] "C:Program FilesiTunesiTunesHelper.exe"
O4 - HKLM..Run: [mmsk] F:download木马杀客mmsk.exe
O4 - HKLM..Run: [Windir] C:WINDOWSsystem32Windir.exe
O4 - HKLM..RunServices: [mmsk] F:download木马杀客mmsk.exe
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [DrvMon.exe] C:WINDOWSsystem32DrvMon.exe
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOfficeOSA9.EXE
O8 - Extra context menu item: &使用迅雷下载 - F:Program FilesSandai Technologies IncThundergeturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - F:Program FilesSandai Technologies IncThundergetallurl.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - F:腾讯QQ腾讯QQqqAddToNetDisk.htm
O8 - Extra context menu item: 使用网际快车下载 - F:FlashGetjc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - F:FlashGetjc_all.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - F:腾讯QQ腾讯QQqqAddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - F:腾讯QQ腾讯QQqqAddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - F:腾讯QQ腾讯QQqqSendMMS.htm
O8 - Extra context menu item: 电鹰搜索 - res://C:WINDOWSsystem32dytoolband.dll/MENUSEARCH.HTM
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesIBMJava142jreinNPJPI142.dll
O9 - Extra ’Tools’ menuitem: IBM Java 控制台 - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesIBMJava142jreinNPJPI142.dll
O9 - Extra button: 常用网址 - {36B39F01-7B48-44AD-A165-5849CD8EF562} - C:WINDOWSsystem32SHDOCVW.DLL
O9 - Extra button: 珊瑚虫工具栏 - {8507326C-B5C1-4559-BB91-0919E753836F} - C:Program FilesInfofo Barinfofobar.dll (file missing)
O9 - Extra ’Tools’ menuitem: 珊瑚虫工具栏 - {8507326C-B5C1-4559-BB91-0919E753836F} - C:Program FilesInfofo Barinfofobar.dll (file missing)
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - F:腾讯QQ腾讯QQQQ.EXE
O9 - Extra ’Tools’ menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - F:腾讯QQ腾讯QQQQ.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra ’Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O11 - Options group: [JAVA_IBM] Java (IBM)
O16 - DPF: {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} (Edit Class) - https://www.sz1.cmbchina.com/download/CMBEdit.cab
O16 - DPF: {87CCFDB0-C4BE-4BC2-A78C-9EAA7CF96667} - http://ps.itv.mop.com/dn/files/vodupdate_1.0.0.8_20051009.cab
O16 - DPF: {D0A29C6C-AA71-4423-8C4A-5998B774C448} (IEDown Class) - http://download.ourgame.com/IEDown4.cab
O16 - DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} - http://ps.itv.mop.com/dn/files/pCastCtl_1.0.0.80_20060123.cab
O17 - HKLMSystemCCSServicesTcpip..{F794D1BD-44EA-4096-87FA-40DBA6E3C214}: NameServer = 61.139.2.69 61.128.128.68
O18 - Protocol: koboo - {7DEE9D05-FA0A-4416-A6F3-6537D0EAB6A6} - C:WINDOWSsystem32mbprot.dll
O20 - Winlogon Notify: QConGina - C:WINDOWSSYSTEM32QConGina.dll
O20 - Winlogon Notify: tphotkey - C:WINDOWSSYSTEM32 phklock.dll
O23 - Service: Adobe LM Service - Unknown owner - C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:WINDOWSsystem32driversCDAC11BA.EXE
O23 - Service: IBM Rapid Restore Ultra Service - Unknown owner - C:Program FilesIBMIBM Rapid Restore Ultra rpcsb.exe
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:WINDOWSsystem32ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:Program FilesiPodiniPodService.exe
O23 - Service: kavsvc - Kaspersky Lab - f:Program FilesKaspersky LabKaspersky Anti-Virus Personal Prokavsvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:Program FilesCommon FilesSony SharedAVLibMSCSPTISRV.exe
O23 - Service: NGLUC - Unknown owner - C:Program FilesSinfor SCPDLANNGLUC.exe" (file missing)
O23 - Service: NGUGC - 深圳市深信服电子科技有限公司 - C:Program FilesSinfor SCPDLANNGUGC.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:Program FilesCommon FilesSony SharedAVLibPACSPTISVR.exe
O23 - Service: QCONSVC - IBM Corp. - C:WINDOWSSystem32QCONSVC.EXE
O23 - Service: RegSrvc - Intel Corporation - C:WINDOWSsystem32RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:WINDOWSsystem32S24EvMon.exe
O23 - Service: Log Server for NC (Sinfor LogServer) - Unknown owner - C:Program FilesCommon Filessinforlogslogs.exe" (file missing)
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:Program FilesCommon FilesSony SharedAVLibSPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:Program FilesCommon FilesSony SharedAVLibSSScsiSV.exe
O23 - Service: IBM HDD APS Logging Service (TPHDEXLGSVC) - IBM Corporation - C:WINDOWSSystem32TPHDEXLG.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:WINDOWSsystem32TpKmpSVC.exe

TOP

风邪无鸣

新手上路

Rank: 1

帖子: 8
积分: 1
技术分: 0
在线时间: 0 小时
注册时间: 2006-5-16

2^# 大中小发表于 2006-5-16 23:44 只看该作者

Re：[求救]浏览器总是弹出无聊网站，查也查不到，救命啊！！

我办公室的电脑也有出现这种情况,我去下了个雅虎助手,用里面的强力修复,修复了一下,就好了,你可以一试

TOP

小猪贝贝

新手上路

Rank: 1

帖子: 30
积分: 4
技术分: 0
在线时间: 0 小时
注册时间: 2006-4-5

3^# 大中小发表于 2006-5-22 23:20 只看该作者

Re：[求救]浏览器总是弹出无聊网站，查也查不到，救命啊！！

用兔子也可以去掉，点里面的专业卸载

TOP

懒虫

大懒使小懒，小懒使门槛

版主

Rank: 7 Rank: 7 Rank: 7

帖子: 9092
积分: 1124
技术分: 128
来自: 水管工
在线时间: 576 小时
注册时间: 2001-4-15

4^# 大中小发表于 2006-5-23 18:10 只看该作者

Re：[求救]浏览器总是弹出无聊网站，查也查不到，救命啊！！

助手、兔子，我都不会用啊！郁闷ING～～～～

TOP

windows2k

注册会员

Rank: 2

帖子: 324
积分: 49
技术分: 15
在线时间: 0 小时
注册时间: 2002-8-26

5^# 大中小发表于 2006-5-24 17:11 只看该作者

Re：[求救]浏览器总是弹出无聊网站，查也查不到，救命啊！！

编辑HOSTS表

TOP

风邪无鸣

新手上路

Rank: 1

帖子: 8
积分: 1
技术分: 0
在线时间: 0 小时
注册时间: 2006-5-16

6^# 大中小发表于 2006-5-24 18:12 只看该作者

Re：[求救]浏览器总是弹出无聊网站，查也查不到，救命啊！！

1.首先上到www.3721.com,在上方导航栏找到"雅虎助手"点击,按照提示把上网助手(即雅虎助手)下载下来,进行安装.
2.安装完毕后在电脑屏幕,右下角的工具栏,会出现雅虎助手的小图标,右键单击,选择"IE修复专家"
3.在弹出的对话框中选择"强力修复",虽然上面写着小心慎用,但是没有关系,我用了N次,给别人用了N次,都没有问题.然后选择"立即修复",然后他又开始吓唬人,说"注意!强力修复后有可能导致某些软件无法使用、启动项丢失等副作用.强烈建议您慎用此功能.您确实要进行强力修复吗?"这时候,你如果心理承受能力差的话点否就算了,反正这些副作用我没有遇到过,他只是把IE恢复到初始状态.
4.修复完毕后,强烈建议再修复一次,如果,第二次,修复的数目不为"0",则说明有一些顽固的症状,选择"重启后修复",然后重新启动电脑,则在开机进入Windows的时候雅虎助手开始修复.一般就可以了.
5.另外,对于一些IE无法打开,乃至"我的电脑"和"文件夹"这些打不开或者报错的,也可以用雅虎助手的"IE修复专家"的"强力修复",进行恢复.
p.s.我不是打广告哦,只是说这个东东是好东东~

TOP

nine

闪吧成员

Rank: 8 Rank: 8

帖子: 1435
积分: 179
技术分: 31
在线时间: 4 小时
注册时间: 2002-4-30

7^# 大中小发表于 2006-5-26 06:32 只看该作者

Re：[求救]浏览器总是弹出无聊网站，查也查不到，救命啊！！

O2 - BHO: MICROQIL2 - {832C0563-0820-4fef-83D8-418261DBC233} - C:WINDOWSsystem32RAdminl.dll 应该是他捣的鬼

TOP