瑞星每次启动扫描都有一个 Backdoor.Gpigeon.ugu 病毒,是不是灰鸽子
HijackThis_815汉化版扫描日志 V1.99.1
保存于 15:52:36, 日期 2005-12-25
操作系统: Windows XP SP2 (WinNT 5.01.2600)
浏览器: Internet Explorer v6.00 SP2 (6.00.2900.2180)
当前运行的进程:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rising\Rav\Ravmond.exe
C:\WINDOWS\Explorer.EXE
c:\program files\rising\rfw\rfwsrv.exe
C:\Program Files\Rising\Rav\RavStub.exe
c:\program files\rising\rfw\RfwMain.exe
C:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\AK-47\桌面\4842302005817230232\HijackThis1991zww.exe
R3 - 默认的URLSearchHook丢失。用HijackThis修复
O1 - Hosts: 61.135.151.65 club.chinaren.com
O1 - Hosts: 61.183.15.93 dzh.mop.com
O1 - Hosts: 61.145.114.87 turtle.yueding.com
O1 - Hosts: 61.157.205.120 www.tiexue.net
O1 - Hosts: 219.150.150.23 www.myzone.com.cn
O1 - Hosts: 61.183.15.93 dzh.mop.com
O1 - Hosts: 219.153.20.191 www.xxflash.net
O1 - Hosts: 218.28.138.123 hnlottery.com.cn
O1 - Hosts: 219.238.233.209 update.rising.com.cn
O1 - Hosts: 218.93.127.166 db.kingsoft.com
O1 - Hosts: 210.51.168.18 www.andogz.com
O1 - Hosts: 219.238.236.181 bj.onlinedown.net
O1 - Hosts: 61.242.253.60 www.skycn.com
O1 - Hosts: 210.78.134.195 bj.superdown.com
O1 - Hosts: 216.221.188.182 netzerg.dns2go.com
O1 - Hosts: 61.152.117.78 luyang.myrice.com
O1 - Hosts: 202.108.36.145 fixdown.yeah.net
O1 - Hosts: 61.142.80.139 www.shenyi99.com
O1 - Hosts: 80.245.197.244 www.lanxiu.net
O1 - Hosts: 219.239.88.110 www.yesky.com
O1 - Hosts: 218.83.155.132 www2.arongsoft.com
O1 - Hosts: 202.103.221.4 www.pcdog.com
O1 - Hosts: 222.138.97.56 www2.piaodown.com
O1 - Hosts: 58.215.65.41 www.jd165.com
O1 - Hosts: 61.129.51.42 www.salala.com
O1 - Hosts: 61.140.60.90 www.21cn.com
O1 - Hosts: 61.129.32.23 www.sharebank.com.cn
O1 - Hosts: 210.51.170.68 www.fxdown.com
O1 - Hosts: 61.129.88.118 www.cnyou.com
O1 - Hosts: 64.225.154.135 www.flasharea.net
O1 - Hosts: 202.101.43.16 www.crsky.com
O1 - Hosts: 218.31.34.82 www.fast8.com
O1 - Hosts: 202.102.249.40 www.mydrivers.com
O1 - Hosts: 58.215.65.49 www.33ii.com
O1 - Hosts: 219.129.149.163 www.5ud.com
O1 - Hosts: 222.187.105.34 www.sq88.com
O1 - Hosts: 222.73.4.27 download.winzheng.com
O1 - Hosts: 218.16.119.23 www.6688cn.com
O1 - Hosts: 61.152.171.109 www.37021.com
O1 - Hosts: 61.163.238.60 www.ayxz.com
O1 - Hosts: 219.150.221.59 www.mumayi.net
O1 - Hosts: 216.127.74.148 www2.x365x.com
O1 - Hosts: 61.152.145.79 bbs.btbbt.com
O1 - Hosts: 38.99.128.44 www.hao356.com
O1 - Hosts: 210.192.120.111 www.qs98.com
O1 - Hosts: 67.19.79.213 www.bitgirl.org
O1 - Hosts: 61.152.93.48 www.1000fr.com
O1 - Hosts: 218.10.216.131 bbs1.btbbt.com
O1 - Hosts: 61.129.77.159 bbs.cnxp.cn
O1 - Hosts: 194.55.26.46 www.dw-world.de
O1 - Hosts: 202.27.17.241 www.zaobao.com
O1 - Hosts: 61.155.10.21 www.cctv.com
O1 - Hosts: 194.117.210.38 www.rfi.fr
O1 - Hosts: 202.109.104.102 www.fsfund.com
O1 - Hosts: 218.83.155.246 www.searchina.net.cn
O1 - Hosts: 211.90.137.134 nfcmag.com
O1 - Hosts: 61.144.120.8 www.nanfangdaily.com.cn
O1 - Hosts: 211.100.21.205 www.lifeweek.com.cn
O1 - Hosts: 61.177.95.122 www.cn99.com
O1 - Hosts: 222.33.63.66 www.haoting.com
O1 - Hosts: 61.129.81.91 www.zisi.net
O1 - Hosts: 61.129.65.95 xmwb.news365.com.cn
O1 - Hosts: 218.30.100.21 www.erhuchina.com
O1 - Hosts: 61.138.176.250 club.xwhb.net
O1 - Hosts: 61.235.154.103 www.angel222.com
O1 - Hosts: 61.144.255.245 www.guqu.net
O1 - Hosts: 202.96.155.26 www.ebud.net
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v8.dll
O3 - IE工具栏增项: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\kakatool.dll
O4 - 启动项HKLM\\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - 启动项HKLM\\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - IE右键菜单中的新增项目: &使用迅雷下载 - D:\网络工具\迅雷5\geturl.htm
O8 - IE右键菜单中的新增项目: &使用迅雷下载全部链接 - D:\网络工具\迅雷5\getallurl.htm
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1120575033968
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1125113892765
O16 - DPF: {87CCFDB0-C4BE-4BC2-A78C-9EAA7CF96667} (pcastup Class) - http://pcastdl.dudu.com/files/vodupdate.cab
O16 - DPF: {98A62E3F-A8C5-4EF0-8A00-C70CF9D18A89} (LoaderCore Class) - http://tb.sogou.com/DLLoader.cab
O16 - DPF: {D0A29C6C-AA71-4423-8C4A-5998B774C448} (IEDown Class) - http://download.ourgame.com/IEDown4.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{82B52077-4BD7-4A1B-AF15-7C338E19038C}: NameServer = 222.88.88.88 219.150.150.150
O17 - HKLM\System\CCS\Services\Tcpip\..\{CE14D8C9-F3AF-4CC0-82E6-C76654B6645B}: NameServer = 219.150.150.150
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe
