瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 老是跳出网页,修复了IE,查毒也查不出来…………救命呀

1   1  /  1  页   跳转

[求助] 老是跳出网页,修复了IE,查毒也查不出来…………救命呀

收藏
zx7270
头像
初生襁褓狮
  • 帖子:3
  • 注册: 2009-04-22
  • 来自:
发表于: 2009-04-22 15:46 | 只看楼主 短消息 资料
字号: 1楼

老是跳出网页,修复了IE,查毒也查不出来…………救命呀

Logfile of HijackThis v1.99.1
Scan saved at 15:48:18, on 2009-4-22
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
C:\Program Files\360Safebox\safeboxTray.exe
D:\Program Files\360safe\safemon\360tray.exe
D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
E:\课程文件\公务员考试\20090104111121237\2009年公务员考试模拟试题\WORDVIEW.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\system32\GP_CLT_Service.exe
C:\WINDOWS\system32\GP_CLT.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\System32\svchost.exe
D:\Program Files\Thunder Network\Thunder\Program\Thunder5.exe
C:\Program Files\Maxthon2\Maxthon.exe
E:\TDDownload\san\hijackthis\HijackThis.exe
R3 - Default URLSearchHook is missing
O2 - BHO: 超级兔子上网精灵 - {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} - F:\Program Files\Super Rabbit\MagicSet\haokanbar.dll
O3 - Toolbar: 超级兔子上网精灵 - {43869BB3-22FD-4F15-9B46-238106BA2F4E} - F:\Program Files\Super Rabbit\MagicSet\haokanbar.dll
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
O4 - HKLM\..\Run: [360Safebox] "C:\Program Files\360Safebox\safeboxTray.exe" /r
O4 - HKLM\..\Run: [360Safetray] D:\Program Files\360safe\safemon\360tray.exe /start
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [moviemk] E:\课程文件\公务员考试\20090104111121237\2009年公务员考试模拟试题\WORDVIEW.exe
O4 - HKLM\..\Run: [egui] "D:\Program Files\ESET\ESET NOD32 Antivirus\EsetACT\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: 使用迅雷下载 - d:\Program Files\Thunder Network\Thunder\Program\geturl.htm
O8 - Extra context menu item: 使用迅雷下载全部链接 - d:\Program Files\Thunder Network\Thunder\Program\getallurl.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ表情 - d:\Program Files\Tencent\QQ\AddEmotion.htm
O9 - Extra button: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - d:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra 'Tools' menuitem: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - d:\Program Files\Thunder Network\Thunder\Thunder.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: easyabc.95599.cn (HKLM)
O15 - Trusted Zone: www.95599.cn (HKLM)
O15 - Trusted Zone: ebank.95599.sh.cn (HKLM)
O15 - Trusted Zone: www.95599.sh.cn (HKLM)
O15 - Trusted Zone: www.abchina.com (HKLM)
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (EditCtrl Class) - https://img.alipay.com/download/2121/aliedit.cab
O16 - DPF: {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (AxInputControl Class) - https://b2c.icbc.com.cn/icbc/newperbank/AXSafeControls.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C47950A7-4C6B-4720-8EEC-7F744563DE26}: NameServer = 61.139.2.69 202.98.96.68
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" -r (file missing)
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - D:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: GP_CLT_Service - Unknown owner - C:\WINDOWS\system32\GP_CLT_Service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HuntmineSvr - 北京搜神网络有限责任公司 - d:\Program Files\Huntmine\HuntmineSvr.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
跳出的网页时  wwww.liangxin163.com

用户系统信息:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; CIBA; MAXTHON 2.0)
分享到:
gototop
 
左眼球
头像
锋芒艾服狮
  • 帖子:1313
  • 注册: 2008-03-03
  • 来自:左眼眶子里
论坛8周年活动礼物
发表于: 2009-04-22 16:17 | 短消息 资料
字号: 2楼

回复:老是跳出网页,修复了IE,查毒也查不出来…………救命呀

下载windows清理助手,用它清理一下。

如果还有问题
下载SREng
下载之后解压缩,运行SREngLdr.EXE,如果不能运行,可以尝试改名为123.com;
点击“智能扫描”,勾选所有扫描项,勾选“检查进程模块的数字签名”;
然后点击“扫描”;
等待扫描完成,点击“保存报告”;
将保存的日志文件SREnglog.log作为附件上传到论坛;
精品软件、实用工具大杂烩(20091221更新到61款)
Windows清理助手
gototop
 
zx7270
头像
初生襁褓狮
  • 帖子:3
  • 注册: 2009-04-22
  • 来自:
发表于: 2009-04-22 16:34 | 只看楼主 短消息 资料
字号: 3楼

回复: 老是跳出网页,修复了IE,查毒也查不出来…………救命呀

用那个清理的软件有4个程序可以清理,3个都是默认的,现在已经清理的,不知道还会不会跳出来,也用另外个软件检测了,下面是结果,麻烦看一下,谢谢啦!

附件附件:

文件名:SREngLOG.log
下载次数:134
文件类型:application/octet-stream
文件大小:
上传时间:2009-4-22 16:34:22
描述:log
gototop
 
zx7270
头像
初生襁褓狮
  • 帖子:3
  • 注册: 2009-04-22
  • 来自:
发表于: 2009-04-22 16:41 | 只看楼主 短消息 资料
字号: 4楼

回复: 老是跳出网页,修复了IE,查毒也查不出来…………救命呀

还是在跳出来……清理了以后跳的
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT