帮我看一下日志吧，电脑运行一会网页上速变慢，网也打不开 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛帮我看一下日志吧，电脑运行一会网页上速变慢，网也打不开

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第四十七次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

帮我看一下日志吧，电脑运行一会网页上速变慢，网也打不开

jixieren 初生襁褓狮帖子:1 注册: 2005-09-30 来自:	发表于： 2005-12-03 16:03 \| 只看楼主短消息资料字号：小中大 1楼帮我看一下日志吧，电脑运行一会网页上速变慢，网也打不开帮我看一下日志吧，电脑运行一会网页上方的编辑，文件一栏不见了，网速变慢，网也打不开Logfile of HijackThis v1.99.1 Scan saved at 15:37:27 上午, on 2005-12-3 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\windows\System32\smss.exe C:\windows\system32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe C:\windows\System32\svchost.exe D:\PROGRAM FILES\RISING\RAV\Ravmond.exe d:\rising\rfw\rfwsrv.exe D:\PROGRAM FILES\RISING\RAV\RavStub.exe C:\windows\system32\spoolsv.exe C:\windows\Explorer.EXE D:\emule\emule.exe D:\Rising\Rfw\rfwmain.exe C:\windows\SOUNDMAN.EXE C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Common Files\Upd\Update.exe D:\PROGRA~2\RISING\RAV\RAVTIMER.EXE D:\PROGRA~2\RISING\RAV\RAVMON.EXE C:\windows\system32\ctfmon.exe C:\Program Files\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe D:\DXPSecurityService.exe D:\PROGRAM FILES\RISING\RAV\CCENTER.EXE C:\windows\diskman.exe D:\Program Files\Rising\Rav\RsAgent.exe C:\WINDOWS\msagent\AgentSvr.exe D:\Downloads\Wom6[1].6\Wom6.6\Womcc.exe C:\windows\system32\taskmgr.exe D:\HijackThis.exe R3 - Default URLSearchHook is missing O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\windows\system32\xunleibho_v8.dll O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {31EBA2E2-58B2-4980-9C41-F12F5F1422C5} - (no file) O2 - BHO: (no name) - {4022F902-ABC7-4C79-924F-BB26F1D355A2} - (no file) O2 - BHO: (no name) - {42AFACEE-2A77-41EB-9EE2-D9F8AF827F90} - (no file) O2 - BHO: YDragSearch - {62EED7C6-9F02-42f9-B634-98E2899E147B} - (no file) O2 - BHO: (no name) - {77FEF28E-EB96-44FF-B511-3185DEA48697} - (no file) O2 - BHO: (no name) - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - (no file) O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file) O2 - BHO: CAP Class - {B8CCDD47-38E4-4CD2-B7FA-3B4B690F74BD} - C:\windows\system32\dtap.dll O2 - BHO: IEHlprObj Class - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - c:\Program Files\Internet Explorer\2052\IEhelper.dll O2 - BHO: (no name) - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - (no file) O2 - BHO: (no name) - {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} - (no file) O2 - BHO: (no name) - {DDDE2452-AF9E-4577-AE6C-465DBCB54D49} - (no file) O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\fgiebar.dll O3 - Toolbar: (no name) - {0A00D11E-B1E7-44b5-AD88-C9190876AAC4} - (no file) O3 - Toolbar: (no name) - {F43BD772-ABDD-43b7-A96A-3E9E61946EC0} - (no file) O3 - Toolbar: (no name) - {A6790AA5-C6C7-4BCF-A46D-0FDAC4EA90EF} - (no file) O3 - Toolbar: (no name) - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - (no file) O3 - Toolbar: (no name) - {3F1ABCDB-A875-46c1-8345-B72A4567E486} - (no file) O3 - Toolbar: (no name) - {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} - (no file) O3 - Toolbar: (no name) - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - (no file) O3 - Toolbar: &u88连锁加盟网 - {3FFD59AA-280D-4AB3-B420-0CFF2B332316} - C:\Program Files\Internet Explorer\2052\WebBand.dll O4 - HKLM\..\Run: [eMule] D:\emule\emule.exe O4 - HKLM\..\Run: [RfwMain] "D:\Rising\Rfw\rfwmain.exe" -Startup O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [WindowsUpdate] C:\windows\system32\WindowsUpdate.exe O4 - HKLM\..\Run: [Update] C:\Program Files\Common Files\Upd\Update.exe O4 - HKLM\..\Run: [RavTimer] D:\PROGRA~2\RISING\RAV\RAVTIMER.EXE O4 - HKLM\..\Run: [RavMon] D:\PROGRA~2\RISING\RAV\RAVMON.EXE -SYSTEM O4 - HKLM\..\Run: [DTService] rundll32.exe C:\DOCUME~1\Admin\LOCALS~1\Temp\RarSFX2\DTSERV~1.DLL,Load O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe O4 - HKCU\..\Run: [升级程序] C:\Program Files\Internet Explorer\2052\aupdate.exe O4 - HKCU\..\Run: [update] C:\Program Files\Internet Explorer\IE Uninstall\aupdate.exe O4 - HKCU\..\Run: [eMuleAutoStart] D:\emule\emule.exe -AutoStart O4 - Global Startup: AutoCAD 启动加速器.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe O4 - Global Startup: AudioDeck.lnk = C:\Program Files\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &使用迅雷下载 - D:\download\geturl.htm O8 - Extra context menu item: &使用迅雷下载全部链接 - D:\download\getallurl.htm O8 - Extra context menu item: Download All by FlashGet - D:\PROGRA~1\FLASHGET\jc_all.htm O8 - Extra context menu item: Download using FlashGet - D:\PROGRA~1\FLASHGET\jc_link.htm O8 - Extra context menu item: U88连锁加盟网 - c:\Program Files\Internet Explorer\2052\contextmenu.htm O8 - Extra context menu item: 使用影音传送带下载 - C:\Program Files\Xi\NetTransport 2\NTAddLink.html O8 - Extra context menu item: 使用影音传送带下载全部链接 - C:\Program Files\Xi\NetTransport 2\NTAddList.html O8 - Extra context menu item: 使用网络传送带下载 - D:\NetXfer\NXAddLink.html O8 - Extra context menu item: 使用网络传送带下载全部链接 - D:\NetXfer\NXAddList.html O8 - Extra context menu item: 添加到我的和讯网摘 - http://bookmark.hexun.com/inc/PostPage.aspx O9 - Extra button: (no name) - {3FFD59AA-280D-4AB3-B420-0CFF2B332316} - C:\windows\system32\shdocvw.dll O9 - Extra button: Infofo 工具栏 - {8507326C-B5C1-4559-BB91-0919E753836F} - C:\windows\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Infofo 工具栏 - {8507326C-B5C1-4559-BB91-0919E753836F} - C:\windows\system32\shdocvw.dll O9 - Extra button: (no name) - {9239E4EC-C9A6-11D2-A844-00C04F68D538} - (no file) O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\flashget.exe O9 - Extra button: 易趣购物 - {DE60714F-AC17-427e-861A-FD60CBDF119A} - http://adfarm.mediaplex.com/ad/ck/4080-23171-9517-219?cn=song;icon;hp&mpro=http://www.ebay.com.cn (file missing) O9 - Extra 'Tools' menuitem: 易趣购物 - {DE60714F-AC17-427e-861A-FD60CBDF119A} - http://adfarm.mediaplex.com/ad/ck/4080-23171-9517-219?cn=song;icon;hp&mpro=http://www.ebay.com.cn (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O16 - DPF: {28E0FA88-ABA8-4937-A247-3031F1A11165} (Installer Class) - http://pi.51.net/download/diybar2.cab O16 - DPF: {339C1EE2-1029-46B8-81F1-360217F26FC4} (VGAPlayer Control) - http://219.144.186.220/gll/1/VGAPlayer.cab O16 - DPF: {9BBD100C-E820-4930-9937-E8F3AA40E584} (DFVSScanFile Control) - http://antivirus3.sunv.com/dfvsolDown/dfvsol.cab O16 - DPF: {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (Rising Web Scan Object) - http://download.rising.com.cn/register/pcver/autoupgradepad/Ver2005/OL2005.cab O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: DXP Network License Service (DXPNetworkSecurityService) - Unknown owner - D:\DXPSecurityService.exe O23 - Service: HASP Loader - Unknown owner - C:\WINDOWS\system32\nhsrvice.exe (file missing) O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Corporation Limited - d:\rising\rfw\rfwsrv.exe O23 - Service: Rising Process Communication Center (RsCCenter) - rising - D:\PROGRAM FILES\RISING\RAV\CCENTER.EXE O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\PROGRAM FILES\RISING\RAV\Ravmond.exe O23 - Service: Universal Disk Manager - Unknown owner - C:\windows\diskman.exe 2005-12-03 16:09:26
jixieren 初生襁褓狮帖子:1 注册: 2005-09-30 来自:	分享到：

baohe 大版主帖子:72578 注册: 2003-04-10 来自:	发表于： 2005-12-03 16:09 \| 短消息资料字号：小中大 2楼【回复“jixieren”的帖子】 O23 - Service: HASP Loader - Unknown owner - C:\WINDOWS\system32\nhsrvice.exe (file missing)————修复这项。 O23 - Service: Universal Disk Manager - Unknown owner - C:\windows\diskman.exe————木马。 O4 - HKLM\..\Run: [WindowsUpdate] C:\windows\system32\WindowsUpdate.exe————木马 O4 - HKLM\..\Run: [Update] C:\Program Files\Common Files\Upd\Update.exe————木马
baohe 大版主帖子:72578 注册: 2003-04-10 来自:

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT