瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 Logfile of HijackThis v1.99.1 扫描日志 麻烦高手 【求助】

1   1  /  1  页   跳转

Logfile of HijackThis v1.99.1 扫描日志 麻烦高手 【求助】

收藏
郁闷之星
头像
初生襁褓狮
  • 帖子:4
  • 注册: 2006-09-16
  • 来自:
发表于: 2006-09-16 17:19 | 只看楼主 短消息 资料
字号: 1楼

Logfile of HijackThis v1.99.1 扫描日志 麻烦高手 【求助】

Logfile of HijackThis v1.99.1
Scan saved at 16:29:20, on 2006-9-16
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5450.0004)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
d:\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
d:\Rising\Rav\Ravmond.exe
C:\WINDOWS\system32\svchost.exe
D:\Rising\Rav\RavTask.exe
D:\green software\Glass2k.exe
D:\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\ctfmon.exe
d:\Rising\Rav\RavStub.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\conime.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wuauclt.exe
D:\green software\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - d:\Thunder\ComDlls\XunLeiBHO_002.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - (no file)
O4 - HKLM\..\Run: [KTPWare] C:\Program Files\Elantech\ktp.exe
O4 - HKLM\..\Run: [RavTask] "d:\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [Glass2k] D:\green software\Glass2k.exe
O4 - HKLM\..\Run: [SKYNET Personal FireWall] D:\SkyNet\PFW.exe
O4 - HKLM\..\Run: [StormCodec_Helper] "d:\Storm Codec\StormSet.exe" /S /opti
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DesktopSprite] D:\DesktopSprite\DesktopSprite.exe
O4 - Global Startup: taskmgr.exe.lnk = C:\WINDOWS\system32\taskmgr.exe
O8 - Extra context menu item: &使用迅雷下载 - d:\Thunder\Program\GetUrl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - d:\Thunder\Program\GetAllUrl.htm
O9 - Extra button: 启动迅雷 - {0062C9BD-B349-40DE-91A0-755F37ACD559} - d:\Thunder\Thunder.exe
O9 - Extra 'Tools' menuitem: 启动迅雷 - {0062C9BD-B349-40DE-91A0-755F37ACD559} - d:\Thunder\Thunder.exe
O9 - Extra button: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} (Edit Class) - https://www.sz1.cmbchina.com/download/CMBEdit.cab
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (CEditCtrl Object) - https://img.alipay.com/download/1007/aliedit.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://yiqunzhu.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1156607819703
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1157769479156
O16 - DPF: {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} (AxSubmitControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab
O16 - DPF: {C661F36D-DF85-4EF4-83C7-E107B83D04B1} (WebActivater Control) - http://dl_dir.qq.com/3dshow/3DShowVM.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - d:\Rising\Rav\CCenter.exe
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - d:\Rising\Rav\Ravmond.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - D:\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

正常开机内存占用 260

开机之后3分钟 有个 svchost.exe 占35M内存+ 40 M虚拟内存 100% CPU

恢复之后开qq, Opera, 千千静听, 迅雷 以后 内存占用超500

Explorer.exe 占20M内存+27M 虚拟内存

怀疑中了新版灰鸽子  请高人来帮忙解答一下

在线等回复
最后编辑2006-09-16 18:23:30
分享到:
gototop
 
郁闷之星
头像
初生襁褓狮
  • 帖子:4
  • 注册: 2006-09-16
  • 来自:
发表于: 2006-09-16 17:48 | 只看楼主 短消息 资料
字号: 2楼

有人吗???
gototop
 
郁闷之星
头像
初生襁褓狮
  • 帖子:4
  • 注册: 2006-09-16
  • 来自:
发表于: 2006-09-16 18:31 | 只看楼主 短消息 资料
字号: 3楼

.............
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT