|
版主
 
|
1#
大 中
小 發表於 2009-1-28 14:23 顯示全部帖子
Step: HiJackThis Scan & Fix
關閉瀏覽器,開啟 HiJackThis ,按 do a system scan only 勾選以下內容:
O1 - Hosts: 60.173.10.253 www.sznews.com
O1 - Hosts: 60.173.10.253 www.baidu.com
O1 - Hosts: 60.173.10.253 www.idoer.org
O1 - Hosts: 60.173.10.253 baidu.com
O1 - Hosts: 60.173.10.253 www.lhgz.com.cn
O1 - Hosts: 60.173.10.253 qq123.d189.5kweb.cn
O1 - Hosts: 60.173.10.253 www.taxexpert.com.cn
O1 - Hosts: 60.173.10.253 web.szds.gov.cn
O1 - Hosts: 60.173.10.253 www.szgs.gov.cn
O1 - Hosts: 60.173.10.253 www.szds.gov.cn
O1 - Hosts: 60.173.10.253 www.qz315.cn
O1 - Hosts: 60.173.10.253 www.315safe.com
O1 - Hosts: 60.173.10.253 www.315.gov.cn
O1 - Hosts: 60.173.10.253 www.315wm.com
O1 - Hosts: 60.173.10.253 www.ca315.com.cn
O1 - Hosts: 60.173.10.253 www.315ts.net
O1 - Hosts: 60.173.10.253 szgz.gov.cn
O1 - Hosts: 60.173.10.253 www.szgz.gov.cn
O1 - Hosts: 60.173.10.253 wenwen.soso.com
O1 - Hosts: 60.173.10.253 qbar.qq.com
O1 - Hosts: 60.173.10.253 imsafe.qq.com
O1 - Hosts: 60.173.10.253 service.qq.com
O1 - Hosts: 60.173.10.253 qq.com
O1 - Hosts: 60.173.10.253 www.qq.com
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: (no name) - {CAB2E13E-848E-4DA0-A97D-53245C25449A} - C:\Program Files\Internet Explorer\UzzzKtzNt.Ozg
O2 - BHO: (no name) - {CBD9FCD6-0F8C-4596-9B3F-2F6974FFE672} - C:\Program Files\Internet Explorer\RsenRz.R91
O4 - HKLM\..\Policies\Explorer\Run: [qq] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\343370
O20 - AppInit_DLLs: npbdiign.dll,ioofcnol.dll,ijhacchp.dll,fomkjklb.dll,kingcelf.dll,kjcnihod.dll,lmgkifpn.dll,ebaknhih.dll,dhmdiilb.dll,jkfdpdkc.dll,anolonii.dll,nfhnkkdj.dll,ckagblpl.dll,eepgcpbm.dll,kidiipkk.dll,mfmcicpa.dll
O21 - SSODL: F46C687F - {F46C687F-0B22-40E8-A84E-0BD4B9A68249} - (no file)
O21 - SSODL: 028FFECE - {028FFECE-5979-4F34-A5E3-7FBE587F0ABF} - (no file)
O21 - SSODL: F311903F - {F311903F-DD9B-466F-AB6F-9F292563B5C9} - (no file)
O21 - SSODL: A5A34612 - {A5A34612-8B2B-4141-9481-D42F47582C5B} - (no file)
O21 - SSODL: 38B409AA - {38B409AA-939A-4F9B-8A21-632743620474} - (no file)
O21 - SSODL: F7F1AC5B - {F7F1AC5B-C67E-4444-B92F-9BCEE1EBF0A5} - (no file)
O21 - SSODL: A56783DD - {A56783DD-F2D4-47C5-9566-78528CFD338A} - (no file)
O21 - SSODL: 042852EA - {042852EA-46AA-4BF8-904B-B84440F0132C} - (no file)
O21 - SSODL: 6FE8AB94 - {6FE8AB94-894A-4ADE-A76E-FE405CFD531E} - (no file)
O21 - SSODL: 193311A1 - {193311A1-9DD0-4DEA-B368-C142D6E9D937} - (no file)
O21 - SSODL: 05A4B9D9 - {05A4B9D9-7632-4BF0-8DEF-77EF5CA3E066} - (no file)
O21 - SSODL: C8368AA1 - {C8368AA1-4308-418B-B1C6-20E16E81C8FC} - (no file)
O21 - SSODL: E8388316 - {E8388316-153A-4310-AF0E-BD88F37874AA} - (no file)
O21 - SSODL: CEC5A543 - {CEC5A543-54C7-4A13-B733-CE0329FB9719} - (no file)
O21 - SSODL: B821A44D - {B821A44D-16B2-40E2-9B00-5BBD7426C5AA} - (no file)
O21 - SSODL: 20B7BE99 - {20B7BE99-B765-4143-B28F-7B05795E37AF} - (no file)
O21 - SSODL: 6956518B - {6956518B-C494-44B1-8E71-D3E80C3D510A} - (no file)
O21 - SSODL: 4F579D4E - {4F579D4E-008D-4EC3-97EB-FF3E45CD1A93} - (no file)
O21 - SSODL: D8B3117A - {D8B3117A-1AB4-49EA-91FE-171737F9C107} - (no file)
O21 - SSODL: 32564541 - {32564541-2905-4732-96B5-230308C8AF9E} - (no file)
O21 - SSODL: 7421A77E - {7421A77E-FE8A-4512-A11B-54D34EBA8568} - (no file)
O21 - SSODL: 5B1C3DCE - {5B1C3DCE-977A-4864-9633-72A012491D39} - (no file)
O21 - SSODL: 05013B75 - {05013B75-29A9-464A-B3A0-54A5BB8E297E} - (no file)
O21 - SSODL: C8B94C06 - {C8B94C06-09D6-4DDF-B31A-81B6725F7DA7} - (no file)
O21 - SSODL: 48E297B2 - {48E297B2-A5EF-477E-BCF6-F9E620992C65} - (no file)
O21 - SSODL: 0C87763D - {0C87763D-FE7D-4CBF-88AC-17F8C5385E76} - (no file)
O21 - SSODL: 79BD2207 - {79BD2207-50B2-4242-AD57-ABCBC1494C2E} - C:\WINDOWS\system32\npbdiign.dll
O21 - SSODL: FF04478F - {FF04478F-E842-4CE7-8583-B802B395860D} - (no file)
O21 - SSODL: 1FB81D23 - {1FB81D23-C89A-40A2-9788-4008F1BAFBCF} - (no file)
O21 - SSODL: 1BD2D38C - {1BD2D38C-B818-4591-97A5-55B24C13D205} - (no file)
O21 - SSODL: 0E957DCC - {0E957DCC-C945-49E8-81DE-15FF0C3CD9F5} - (no file)
O21 - SSODL: 6EC7C2E6 - {6EC7C2E6-DB0D-4262-9879-3B32C1B769EB} - (no file)
O21 - SSODL: CACDF8D9 - {CACDF8D9-2C4C-40F0-8036-0640BA10EF0C} - (no file)
O21 - SSODL: AC5AE035 - {AC5AE035-2626-416C-B586-412CEA47320E} - (no file)
O21 - SSODL: 18E26383 - {18E26383-16CF-41EF-A945-6F52185563E3} - (no file)
O21 - SSODL: 288FC785 - {288FC785-B27F-4604-A7C1-04EDBEA95364} - C:\WINDOWS\system32\ioofcnol.dll
O21 - SSODL: 231ACC19 - {231ACC19-1D8D-4BB7-A4F9-AEAE7B067641} - C:\WINDOWS\system32\ijhacchp.dll
O21 - SSODL: A7858722 - {A7858722-C8B6-47A3-A9F4-570FF79BF3BA} - C:\WINDOWS\system32\anolonii.dll
O21 - SSODL: 34FD9D4C - {34FD9D4C-CD79-44DC-B983-A9C40FF835F6} - C:\WINDOWS\system32\jkfdpdkc.dll
O21 - SSODL: D16D225B - {D16D225B-BDA9-4A53-A89D-48362E8EBDDC} - C:\WINDOWS\system32\dhmdiilb.dll
O21 - SSODL: EBA47121 - {EBA47121-2DC1-4940-95BA-7B9971B634AF} - C:\WINDOWS\system32\ebaknhih.dll
O21 - SSODL: 56042F97 - {56042F97-7B03-4074-8EFC-0AC85DC457AF} - C:\WINDOWS\system32\lmgkifpn.dll
O21 - SSODL: 43C7218D - {43C7218D-1CEB-4CD5-8775-2C8BB392FBEA} - C:\WINDOWS\system32\kjcnihod.dll
O21 - SSODL: 4270CE5F - {4270CE5F-10E9-453F-8380-6682A7B63CB2} - C:\WINDOWS\system32\kingcelf.dll
O21 - SSODL: F864345B - {F864345B-607A-48FB-BA70-202F0BED94E5} - C:\WINDOWS\system32\fomkjklb.dll
O21 - SSODL: 7F1744D3 - {7F1744D3-1A4F-428D-B8F2-23B590A9C8D3} - C:\WINDOWS\system32\nfhnkkdj.dll
O21 - SSODL: C4A0B595 - {C4A0B595-FC6E-4253-B1E2-C1CCFD2BBAEF} - C:\WINDOWS\system32\ckagblpl.dll
O21 - SSODL: EE90C9B6 - {EE90C9B6-D166-4CD1-B8FF-1047B5D68FDE} - C:\WINDOWS\system32\eepgcpbm.dll
O21 - SSODL: 42D22944 - {42D22944-B489-4539-8467-E9A5F577F9E7} - C:\WINDOWS\system32\kidiipkk.dll
O21 - SSODL: 6F6C2C9A - {6F6C2C9A-6021-4671-A6F2-27191BBDA579} - C:\WINDOWS\system32\mfmcicpa.dll
按 fix checked ,關閉 HiJackThis
Step: Download & RUN ComboFix
- 下載 ComboxFix 至桌面.
注意: ComboxFix 運作其間不要用滑鼠點擊程式視窗.
- 執行 ComboxFix 並依提示操作
- ComboxFix 將會自動完成操作.
- 執行完會有報告於C:\ComboFix.txt.
Step: Report Back
<ul>
貼上 以下報告
如果報告太長,可以上傳到 這裡
ComboFix 掃描報告 {C:\ComboFix.txt}
|
