打印

[系统问题] C盘使用100%

望乡

青铜长老

Rank: 6 Rank: 6

帖子: 341
积分: 1634
威望: 0
注册时间: 2007-4-19

楼主大中小发表于 2008-10-2 13:16 只看该作者此帖被阅读 305 次

C盘使用100%

请斑竹帮看看这系统，提示C盘已经使用100%，下面是扫描的日志文件：
日志文件 Trend Micro HijackThis v 2.0.2
日志保存时间: 13:11:54,2008-10-2
操作系统: Windows XP SP2 (WinNT 5.01.2600)
IE版本: Internet Explorer v7.00 (7.00.6000.16705)
启动模式: 正常

正在运行的进程:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Seekmo\bin\10.0.406.0\OEAddOn.exe
C:\Program Files\pipi\jfCacheMgr.exe
C:\Program Files\VIEWGOOD\WebPlayer 2007\WebPlayerDeamon.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE
C:\WINDOWS\ObjectDock\objectdock.exe
C:\Program Files\StormII\stormliv.exe
C:\Program Files\QvodPlayer\QvodTerminal.exe
D:\My Documents\QQ\QQ2008Beta1.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsd9.tmp\Silverlight.exe
f:\temp\ext45874\install.exe
D:\Program Files\QQ2007\QQ.exe
D:\Program Files\QQ2007\TXPlatform.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Thunder Network\Thunder\Program\Thunder5.exe
G:\hijackthis_v2.02h\HijackThis.exe

O2 - BHO: QQCycloneHelper - {00000000-12C9-4305-82F9-43058F20E8D2} - D:\Program Files\QQDownload\QQIEHelper01.dll
O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll
O2 - BHO: 超级兔子上网精灵 - {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} - D:\Program Files\Super Rabbit\MagicSet\haokanbar.dll
O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll
O2 - BHO: SecAddons Class - {AF69627B-8489-41C2-971A-B927DF7A5B0F} - C:\Program Files\ast\SecAddons.dll
O3 - IE 工具栏: (未命名) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (没有文件)
O3 - IE 工具栏: 超级兔子上网精灵 - {43869BB3-22FD-4F15-9B46-238106BA2F4E} - D:\Program Files\Super Rabbit\MagicSet\haokanbar.dll
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Vistadrv] C:\WINDOWS\Vistadrive\vsdrv.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Anti-Spy Tools] C:\Program Files\ast\ast.exe -min
O4 - HKLM\..\Run: [SeekmoOE] C:\Program Files\Seekmo\bin\10.0.406.0\OEAddOn.exe
O4 - HKLM\..\Run: [SeekmoSA] "C:\Program Files\Seekmo\bin\10.0.406.0\SeekmoSA.exe"
O4 - HKLM\..\Run: [jfproc] C:\Program Files\pipi\jfCacheMgr.exe
O4 - HKLM\..\Run: [Thunder] "C:\Program Files\Thunder Network\Thunder\Thunder.exe" /s
O4 - HKLM\..\Run: [UUSEE] "MediaCenter.exe" -b
O4 - HKLM\..\Run: [WebPlayerUpdater] "C:\Program Files\VIEWGOOD\WebPlayer 2007\WebPlayerDeamon.exe" /Hide
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Super Rabbit IEPro] D:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE /LOAD
O4 - HKCU\..\Run: [QQDownload] "D:\Program Files\QQDownload\QQDownload.exe" autostart
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - .DEFAULT User Startup: Stardock ObjectDock.lnk = C:\WINDOWS\ObjectDock\objectdock.exe (User 'Default user')
O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\ObjectDock\objectdock.exe
O4 - Startup: QQ游戏启动加速程序.lnk = D:\Program Files\QQGame\Accel.exe
O4 - Startup: 腾讯QQ.lnk = D:\Program Files\QQ2007\QQ.exe
O8 - 扩展右键菜单项: &使用超级旋风下载 - D:\Program Files\QQDownload\geturl.htm
O8 - 扩展右键菜单项: &使用超级旋风下载全部链接 - D:\Program Files\QQDownload\getAllurl.htm
O8 - 扩展右键菜单项: 使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\Program\geturl.htm
O8 - 扩展右键菜单项: 使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\Program\getallurl.htm
O8 - 扩展右键菜单项: 添加到QQ表情 - D:\Program Files\QQ2007\AddEmotion.htm
O9 - 额外的按钮: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - C:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - 额外的“工具”菜单项目: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - C:\Program Files\Thunder Network\Thunder\Thunder.exe
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.co ... s/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{77410CEE-2F05-4D48-B2C2-8D86110C1E36}: NameServer = 202.103.224.68,202.103.226.68
O17 - HKLM\System\CS1\Services\Tcpip\..\{77410CEE-2F05-4D48-B2C2-8D86110C1E36}: NameServer = 202.103.224.68,202.103.226.68
O23 - NT 服务: Contrl Center of Storm Media (ccosm) - 北京暴风网际科技有限公司 - C:\Program Files\StormII\stormliv.exe
O23 - NT 服务: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - NT 服务: Qvod Terminal - Shenzhen QVOD Technology Co.,Ltd - C:\Program Files\QvodPlayer\QvodTerminal.exe
O23 - NT 服务: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe(文件不存在)

--
文件结束 - 5387 字节

TOP

阿顺

对镜无心，八风不动

超级版主

Rank: 18

电脑家园顾问

帖子: 12387
积分: 55937
威望: 0
注册时间: 2004-3-13

元老勋章财富勋章荣誉勋章奉献勋章热情勋章

沙发大中小发表于 2008-10-3 16:20 只看该作者

修复以下红色的部分：
O2 - BHO: QQCycloneHelper - {00000000-12C9-4305-82F9-43058F20E8D2} - D:\Program Files\QQDownload\QQIEHelper01.dll
O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll
O2 - BHO: 超级兔子上网精灵 - {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} - D:\Program Files\Super Rabbit\MagicSet\haokanbar.dll
O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll
O2 - BHO: SecAddons Class - {AF69627B-8489-41C2-971A-B927DF7A5B0F} - C:\Program Files\ast\SecAddons.dll
O3 - IE 工具栏: (未命名) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (没有文件)
O3 - IE 工具栏: 超级兔子上网精灵 - {43869BB3-22FD-4F15-9B46-238106BA2F4E} - D:\Program Files\Super Rabbit\MagicSet\haokanbar.dll
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Vistadrv] C:\WINDOWS\Vistadrive\vsdrv.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Anti-Spy Tools] C:\Program Files\ast\ast.exe -min
O4 - HKLM\..\Run: [SeekmoOE] C:\Program Files\Seekmo\bin\10.0.406.0\OEAddOn.exe
O4 - HKLM\..\Run: [SeekmoSA] "C:\Program Files\Seekmo\bin\10.0.406.0\SeekmoSA.exe"
O4 - HKLM\..\Run: [jfproc] C:\Program Files\pipi\jfCacheMgr.exe
O4 - HKLM\..\Run: [Thunder] "C:\Program Files\Thunder Network\Thunder\Thunder.exe" /s
O4 - HKLM\..\Run: [UUSEE] "MediaCenter.exe" -b
O4 - HKLM\..\Run: [WebPlayerUpdater] "C:\Program Files\VIEWGOOD\WebPlayer 2007\WebPlayerDeamon.exe" /Hide
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Super Rabbit IEPro] D:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE /LOAD
O4 - HKCU\..\Run: [QQDownload] "D:\Program Files\QQDownload\QQDownload.exe" autostart
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - .DEFAULT User Startup: Stardock ObjectDock.lnk = C:\WINDOWS\ObjectDock\objectdock.exe (User 'Default user')
O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\ObjectDock\objectdock.exe
O4 - Startup: QQ游戏启动加速程序.lnk = D:\Program Files\QQGame\Accel.exe
O4 - Startup: 腾讯QQ.lnk = D:\Program Files\QQ2007\QQ.exe
O8 - 扩展右键菜单项: &使用超级旋风下载 - D:\Program Files\QQDownload\geturl.htm
O8 - 扩展右键菜单项: &使用超级旋风下载全部链接 - D:\Program Files\QQDownload\getAllurl.htm
O8 - 扩展右键菜单项: 使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\Program\geturl.htm
O8 - 扩展右键菜单项: 使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\Program\getallurl.htm
O8 - 扩展右键菜单项: 添加到QQ表情 - D:\Program Files\QQ2007\AddEmotion.htm
O9 - 额外的按钮: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - C:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - 额外的“工具”菜单项目: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - C:\Program Files\Thunder Network\Thunder\Thunder.exe
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.co ... s/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{77410CEE-2F05-4D48-B2C2-8D86110C1E36}: NameServer = 202.103.224.68,202.103.226.68
O17 - HKLM\System\CS1\Services\Tcpip\..\{77410CEE-2F05-4D48-B2C2-8D86110C1E36}: NameServer = 202.103.224.68,202.103.226.68
O23 - NT 服务: Contrl Center of Storm Media (ccosm) - 北京暴风网际科技有限公司 - C:\Program Files\StormII\stormliv.exe
O23 - NT 服务: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - NT 服务: Qvod Terminal - Shenzhen QVOD Technology Co.,Ltd - C:\Program Files\QvodPlayer\QvodTerminal.exe
O23 - NT 服务: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe(文件不存在)

抵制日货，从我做起！抵制日货，从我做起！抵制日货，从我做起！

TOP

hyqld

高级会员

Rank: 4

帖子: 63
积分: 383
威望: 0
注册时间: 2007-2-8

板凳大中小发表于 2008-10-13 17:40 只看该作者

有木马和恶意软件版主高招！！清理完在清理下文件和注册表垃圾

TOP

天天免费公开3只涨停黑马	免费公开三只黑马100%获利	内部泄密３只暴涨黑马曝光	专家免费推荐3只暴涨牛股
股票权证确保全国最低	免费低佣开期货帐户	女主播献身!!就为抄底这股	20岁女主播炒股暴富内幕
先操作盈利后再进行分红	君睿软件-股市必杀绝招	女散户25岁坐拥4亿如何炒	500人股票QQ群欢迎加入