瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 求助!最近发送量飞速 查毒没有 影响上网 求各位大虾帮忙

1   1  /  1  页   跳转

[求助] 求助!最近发送量飞速 查毒没有 影响上网 求各位大虾帮忙

求助!最近发送量飞速 查毒没有 影响上网 求各位大虾帮忙

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:18:30, on 2008-9-16
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRAM FILES\RISING\RAV\ravmond.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRAM FILES\RISING\RAV\RavStub.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRAM FILES\RISING\RAV\RavMon.exe
C:\WINDOWS\VM303_STI.EXE
C:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\GridService\peer.exe
C:\Program Files\Rising\AntiSpyware\rstray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SogouInput\OlympicNews.exe
C:\Program Files\Rising\AntiSpyware\knownsvr.exe
d:\Program Files\Tencent\QQ\TXPlatform.exe
D:\Program Files\Maxthon2\Maxthon.exe
G:\tool\HijackThis.exe
O1 - Hosts: ------fs2you patch by vadera@pdahd.cn------
O1 - Hosts: 59.63.157.25 www.fs2you.com
O1 - Hosts: 222.169.230.101 dyn.www.fs2you.com
O1 - Hosts: 59.32.232.195 file1.fs2you.com
O1 - Hosts: 222.169.230.98 file2.fs2you.com
O1 - Hosts: 221.204.246.79 file3.fs2you.com
O1 - Hosts: 61.150.85.80 file4.fs2you.com
O1 - Hosts: 60.2.139.27 file5.fs2you.com
O1 - Hosts: 61.184.189.10 file6.fs2you.com
O1 - Hosts: 61.174.62.132 file7.fs2you.com
O1 - Hosts: 58.211.75.49 file8.fs2you.com
O1 - Hosts: 61.134.84.238 file9.fs2you.com
O1 - Hosts: 61.156.40.181 file10.fs2you.com
O1 - Hosts: 218.75.151.4 file11.fs2you.com
O1 - Hosts: 58.211.75.31 file12.fs2you.com
O1 - Hosts: 124.94.101.133 file13.fs2you.com
O1 - Hosts: 221.204.246.115 file14.fs2you.com
O1 - Hosts: 218.75.151.10 file15.fs2you.com
O1 - Hosts: 58.218.209.126 file16.fs2you.com
O1 - Hosts: 61.157.152.173 file17.fs2you.com
O1 - Hosts: 125.46.41.27 file18.fs2you.com
O1 - Hosts: 125.91.11.223 file19.fs2you.com
O1 - Hosts: 59.53.48.134 file20.fs2you.com
O1 - Hosts: 59.53.48.136 file21.fs2you.com
O1 - Hosts: 59.53.48.144 file22.fs2you.com
O1 - Hosts: 61.139.106.204 file23.fs2you.com
O1 - Hosts: 59.53.48.172 file24.fs2you.com
O1 - Hosts: 124.94.101.146 file25.fs2you.com
O1 - Hosts: 61.166.111.227 file26.fs2you.com
O1 - Hosts: ------fs2you patch end------
O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll
O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll
O2 - BHO: 卡卡上网安全助手 - {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} - C:\WINDOWS\system32\urlFilter.dll
O2 - BHO: SafeMon Class - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} - D:\Program Files\360safe\safemon\safemon.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - HKLM\..\Run: [SKYNET Personal FireWall] D:\PROGRA~1\SKYNET\FIREWALL\pfw.exe
O4 - HKLM\..\Run: [搜狐彩电网页版] ; C:\Program Files\sohutv_web\SysTrayIcon.exe "C:\Program Files\sohutv_web" "4233816bb1168343bbdf34897e049e84" "1.0.0.4" ""
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [Grid Service] "C:\Program Files\GridService\peer.exe" -n Grid
O4 - HKLM\..\Run: [runeip] "C:\Program Files\Rising\AntiSpyware\rstray.exe" /startup
O4 - HKLM\..\RunOnce: [KKDelay] C:\Program Files\Rising\AntiSpyware\RunOnce.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OlympicExpress] "C:\Program Files\SogouInput\OlympicNews.exe"
O4 - HKCU\..\Run: [WangWang] ; "C:\Program Files\Alisoft\WangWang\WangWang.exe"
O4 - HKCU\..\Run: [nEOwizard] d:\Program Files\nEO iMAGING\nEOWizard.exe %1
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Startup: QQ游戏启动加速程序.lnk = F:\QQGAME\Accel.exe
O4 - Startup: RsAutorunsDisabled
O8 - Extra context menu item: 上传到QQ网络硬盘 - d:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\Program\geturl.htm
O8 - Extra context menu item: 使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\Program\getallurl.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ自定义面板 - d:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - d:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - d:\Program Files\Tencent\QQ\SendMMS.htm
O9 - Extra button: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - C:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra 'Tools' menuitem: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - C:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra button: Zcom 杂志 - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} - d:\Zcom\E-Space.exe
O9 - Extra 'Tools' menuitem: Zcom 杂志(E-Space) - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} - d:\Zcom\E-Space.exe
O16 - DPF: {05C1004E-2596-48E5-8E26-39362985EEB9} (MMCPlayer Class) - http://p3p.sogou.com/MMCShell.cab
O16 - DPF: {1E0DFFCF-27FF-4574-849B-55007349FEDA} (iTrusPTA Class) - https://img.alipay.com/download/1101/aliedit.cab
O16 - DPF: {2375BEE5-F175-4F1C-81EC-8E4E2E72E2DD} (PhotoDraw Class) - http://imgcache.qq.com/qzone/client/photo/pages/QQPhotoDrawSetup.exe
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (EditCtrl Class) - https://img.alipay.com/download/2121/aliedit.cab
O16 - DPF: {75B75D86-D88B-4BEA-BC59-BFD9D7300518} (Videohelp Control) - http://download.bluesky.cn/download/bluesky_webinstall.cab
O16 - DPF: {9FAFB576-6933-4CCC-AB3D-B988EC43D04E} (RavOnline Class) - http://download.rising.com.cn/rs2008/online/notvista/ravolctl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{739D7E62-3603-4868-8053-8446C36DD6DD}: NameServer = 202.96.69.38 202.96.64.68
O20 - AppInit_DLLs: kmon.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Information Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - Service: Rising RealTime Monitor (RsRavMon) - Beijing Rising Information Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
--
End of file - 7033 bytes
分享到:
gototop
 

回复:求助!最近发送量飞速 查毒没有 影响上网 求各位大虾帮忙


谢谢楼上两位兄弟哦~~
gototop
 
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT