[求助}我的系统有问题吗！

qqqqqq123 · 发表于 2006-9-21 16:56:00

看网页经常CPU100%！！！！！

Logfile of HijackThis v1.99.0
Scan saved at 0:39:28, on 2006-9-21
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\system32\RunDll32.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Documents and Settings\qqqqqq123\桌面\hijackthis\hijackthis.scr

O1 - Hosts: 60.190.138.232 www.ad688.net
O1 - Hosts: 209.120.238.117 www.kxxxk.com
O1 - Hosts: 58.211.0.168 www.tomatolei.com
O1 - Hosts: 209.120.238.117 www.xxxk.ch
O1 - Hosts: 218.5.74.146 bbs.cn-dos.net
O1 - Hosts: 218.85.133.140 bbs.wuyou.net
O1 - Hosts: 222.36.47.24 www.discuz.net
O1 - Hosts: 220.231.61.32 bbs.websky.net
O1 - Hosts: 222.73.240.7 bbs.cfanhome.com
O1 - Hosts: 208.113.145.115 bbs.mscode.cc
O1 - Hosts: 202.103.67.95 www1.mydrivers.com
O1 - Hosts: 218.28.45.168 so.mydrivers.com
O1 - Hosts: 219.133.40.91 qq.com
O1 - Hosts: 222.33.63.10 www.onlinedown.net
O1 - Hosts: 219.239.88.127 www.mydown.com
O1 - Hosts: 61.151.243.100 bbs.military.china.com
O1 - Hosts: 218.93.127.202 bbs.crsky.com
O1 - Hosts: 211.147.7.182 www2.beareyes.com.cn
O1 - Hosts: 61.139.55.86 bbs.newmov.com
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O4 - HKLM\..\Run: [SKYNET Personal FireWall] F:\PROGRA~1\SkyNet\FireWall\pfw.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\20060821\Xtzjqq\AddToNetDisk.htm
O8 - Extra context menu item: 使用网际快车下载 - D:\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - D:\FlashGet\jc_all.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://F:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\20060821\Xtzjqq\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\20060821\Xtzjqq\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\20060821\Xtzjqq\SendMMS.htm
O17 - HKLM\System\CCS\Services\Tcpip\..\{60CF96A3-D9BF-4951-A341-05687CF2AB86}: NameServer = 61.177.7.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{60CF96A3-D9BF-4951-A341-05687CF2AB86}: NameServer = 61.177.7.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{60CF96A3-D9BF-4951-A341-05687CF2AB86}: NameServer = 61.177.7.1

[ 本帖最后由 qqqqqq123 于 2006-9-21 10:18 PM 编辑 ]

qqqqqq123 · 发表于 2006-9-21 22:01:20

使我打不开www.283g.com？？
打不开 ftp://cs%2Ejs%2Ecn:cs%2Ejs%2Ecn@d4.youxi888.com/gamehallsetup.exe

打不开连接gamehallsetup.exe的服务器

连接被重置

载入页面时到服务器的连接被重置

[ 本帖最后由 qqqqqq123 于 2006-9-21 10:11 PM 编辑 ]

qqqqqq123 · 发表于 2006-9-21 22:33:35

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\system32\RunDll32.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Program Files\ADSL拨号王\HNMainUI.exe
F:\Program Files\Mozilla Firefox\firefox.exe
D:\Thunder\Thunder.exe
F:\WINDOWS\system32\taskmgr.exe
F:\WINDOWS\system32\NOTEPAD.EXE
F:\Program Files\Internet Explorer\IEXPLORE.EXE
F:\Documents and Settings\qqqqqq123\桌面\hijackthis\hijackthis.scr

O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O4 - HKLM\..\Run: [SKYNET Personal FireWall] F:\PROGRA~1\SkyNet\FireWall\pfw.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\20060821\Xtzjqq\AddToNetDisk.htm
O8 - Extra context menu item: 使用网际快车下载 - D:\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - D:\FlashGet\jc_all.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://F:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\20060821\Xtzjqq\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\20060821\Xtzjqq\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\20060821\Xtzjqq\SendMMS.htm
O17 - HKLM\System\CCS\Services\Tcpip\..\{7C8A8AFD-8860-4908-9642-DC7E904AF251}: NameServer = 61.177.7.1 221.228.255.1
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - F:\WINDOWS\system32\mshtml.dll
O18 - Protocol: cdl - {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - F:\WINDOWS\system32\urlmon.dll
O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - F:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: file - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - F:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ftp - {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B} - F:\WINDOWS\system32\urlmon.dll
O18 - Protocol: gopher - {79EAC9E4-BAF9-11CE-8C82-00AA004BA90B} - F:\WINDOWS\system32\urlmon.dll
O18 - Protocol: http - {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B} - F:\WINDOWS\system32\urlmon.dll
O18 - Protocol: https - {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} - F:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ipp - (no CLSID) - (no file)
O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - F:\WINDOWS\system32\itss.dll
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - F:\WINDOWS\system32\mshtml.dll
O18 - Protocol: local - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - F:\WINDOWS\system32\urlmon.dll
O18 - Protocol: mailto - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - F:\WINDOWS\system32\mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11D0-85E3-00C04FD85AB4} - F:\WINDOWS\system32\inetcomm.dll
O18 - Protocol: mk - {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B} - F:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - F:\WINDOWS\system32\itss.dll
O18 - Protocol: msdaipp - (no CLSID) - (no file)
O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - F:\WINDOWS\system32\mshtml.dll
O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - F:\WINDOWS\system32\mshtml.dll
O18 - Protocol: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - F:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - F:\WINDOWS\system32\mshtml.dll
O18 - Protocol: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - F:\WINDOWS\system32\wiascr.dll

[ 本帖最后由 qqqqqq123 于 2006-9-22 08:02 PM 编辑 ]

6618 · 发表于 2006-9-21 23:46:18

直接修复这一项，除了这个外，发现不了其他问题。
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)

qqqqqq123 · 发表于 2006-9-22 20:00:19

直接修复了O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
今天好了，大概是网絡本身受到攻激

6618 · 发表于 2006-9-22 22:54:53

原帖由 qqqqqq123 于 2006-9-22 08:00 PM 发表
直接修复了O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
今天好了，大概是网絡本身受到攻激

不是网络本身受到攻激，而是你的机子存在恶意的IE浏览器的BHO模块，修掉这个模快机子就恢复正常了。

		自动登录	找回密码
密码			注册

[求助}我的系统有问题吗！

我的系统今天好了