斑竹帮忙看一眼可以吗~？谢谢啦~！ bbs.ikaka.com

0o懒喵o0 - 2006-6-12 21:10:00

HijackThis_815汉化版扫描日志 V1.99.1
保存于 19:47:41, 日期 2006-6-12
操作系统： Windows XP SP2 (WinNT 5.01.2600)
浏览器： Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程：
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\rising\Rav\RavTimer.exe
C:\Program Files\rising\Rav\RavMon.exe
C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
C:\Program Files\FarStone\VirtualDrive\VDTask.exe
C:\WINDOWS\vcdplayx.exe
C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe
C:\Program Files\Common Files\SAND\Network.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
F:\Very CD\eMule\eMule.exe
G:\QQ\TIMPlatform.exe
C:\WINDOWS\system32\wscntfy.exe
G:\QQ\QQ.exe
D:\WinRAR.exe
C:\DOCUME~1\suhong\LOCALS~1\Temp\Rar$EX00.719\HijackThis1991.exe

R3 - URLSearchHook: VeryCD Search Class - {88351CEF-BAC0-4A9B-8380-31A173E2926F} - C:\PROGRA~1\YOK.com\SUPERS~1\YOK_SuperSearch.dll
O2 - BHO: ThunderIEHelper - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v14.dll
O2 - BHO: Tencent Browser Helper - {0C7C23EF-A848-485B-873C-0ED954731014} - C:\Program Files\TENCENT\Adplus\SSAddr.dll
O2 - BHO: xBarHelper.MoveCatchPic - {0CF098A0-CBAC-4EFB-8451-3AFC201C7222} - C:\Program Files\xBar\xBarHelper.dll
O2 - BHO: (no name) - {15DDE989-CD45-4561-BF99-D22C0D5C2B74} - (no file)
O2 - BHO: (no name) - {2674E8D1-A70C-41A2-A361-50622F77F485} - C:\WINDOWS\system32\Sfcbvc.dll
O2 - BHO: (no name) - {2DB21C21-8CB1-4869-8EA9-62D24BAB1A69} - C:\WINDOWS\system32\Zirkvr.dll
O2 - BHO: yPhtb - {33BBE430-0E42-4f12-B075-8D21ACB10DCB} - C:\Program Files\Yahoo!\Assistant\Assist\yphtb.dll
O2 - BHO: (no name) - {33C3992F-1963-49BE-88D7-974C8EE564B5} - (no file)
O2 - BHO: Anti Fish - {38928D50-8A48-44C2-945F-D2F23F771410} - C:\Program Files\Yahoo!\Assistant\Assist\yAngling.dll
O2 - BHO: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O2 - BHO: (no name) - {408FEFE7-36CB-481E-8DFC-3F06D18D2A88} - C:\WINDOWS\system32\Rwgmm.dll
O2 - BHO: (no name) - {4EA8EECF-19F1-4E65-AFE8-8ACD39749D8B} - C:\WINDOWS\system32\Gdiphq.dll
O2 - BHO: (no name) - {4F328980-80B0-4060-9381-1D426A60EBAE} - C:\WINDOWS\system32\Xkos.dll
O2 - BHO: (no name) - {506BB699-1A55-41EA-BADE-72D54510CE7D} - C:\WINDOWS\system32\Fhaiho.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - G:\QQ\QQIEHelper.dll
O2 - BHO: YDragSearch - {62EED7C6-9F02-42f9-B634-98E2899E147B} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL
O2 - BHO: (no name) - {6981C251-16DE-4C18-8DEC-FD63D638D58E} - C:\WINDOWS\system32\Tjwm.dll
O2 - BHO: VeryCD超级搜索 - {75FE2B5A-D3A4-4EFA-AC11-ADC9C9459688} - C:\PROGRA~1\YOK.com\SUPERS~1\YOK_SuperSearch.dll
O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - F:\讯雷\ComDlls\XunLeiBHO_001.dll
O2 - BHO: (no name) - {89452D93-7AF9-42DB-B657-4D28F1558949} - C:\WINDOWS\system32\Vqtv.dll
O2 - BHO: (no name) - {90DB62AA-144F-48A5-9167-CA3F380FB028} - C:\WINDOWS\system32\Tmeg.dll
O2 - BHO: (no name) - {9F8D4C0B-06FC-4E47-9586-D31D1D078B07} - C:\WINDOWS\system32\Kcphe.dll
O2 - BHO: (no name) - {A37BFDAA-4E70-4BB3-880E-502965492D1A} - C:\WINDOWS\system32\Bnwxa.dll
O2 - BHO: (no name) - {A9930D97-9CF0-42A0-A10D-4F28836579D5} - F:\酷狗\KuGoo3\KuGoo3DownXControl.ocx
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {B551AC09-C45D-4602-839F-01112531D450} - C:\WINDOWS\system32\Avpyj.dll
O2 - BHO: (no name) - {BA550FFF-D4C3-4623-B8B1-7CB49BB864ED} - C:\WINDOWS\system32\Jwrlm.dll
O2 - BHO: (no name) - {BC7FD602-76D1-42C3-9E48-54EADA445A2D} - C:\WINDOWS\system32\Mlcit.dll
O2 - BHO: (no name) - {C39B6C49-FCF9-4ADD-B3F4-C01A89383B2C} - C:\WINDOWS\system32\Zhpf.dll
O2 - BHO: (no name) - {C8E3C7EB-A9C9-4CCC-B633-B451F36CACFD} - C:\WINDOWS\system32\Gbtt.dll
O2 - BHO: (no name) - {CBBC8017-8EB6-4017-9665-0E9E4CB7BBD2} - C:\WINDOWS\system32\Wnnr.dll
O2 - BHO: (no name) - {D2DDF9A6-61AA-4BBB-AC95-8F40FCF1D600} - C:\WINDOWS\system32\Aqsov.dll
O2 - BHO: (no name) - {DE308C6D-2C39-4052-B46A-312E7721FE09} - C:\WINDOWS\system32\Runvmj.dll
O2 - BHO: (no name) - {EB7BBA62-293D-4776-B1FA-7D94B0A6B789} - C:\WINDOWS\system32\Thexk.dll
O2 - BHO: (no name) - {EC434EA3-E64D-46B8-A36D-DEBB30AF3521} - C:\WINDOWS\system32\Teex.dll
O2 - BHO: (no name) - {FABFEE00-1774-45CD-9DAC-9C3B371B990E} - C:\WINDOWS\system32\Krechp.dll
O2 - BHO: (no name) - {FBFBD820-F825-422A-802D-2D4F07EEC7E2} - C:\WINDOWS\system32\Rrtket.dll
O2 - BHO: (no name) - {FC81D849-7CA2-422E-B3B7-DA9FD0F48F8C} - C:\WINDOWS\system32\Ysrm.dll
O2 - BHO: (no name) - {FEAD3F53-3DCB-41FB-9408-7FA69D85E72D} - C:\WINDOWS\system32\Iymws.dll
O3 - IE工具栏增项: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O3 - IE工具栏增项: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - E:\金山快译2\IEBand.dll
O3 - IE工具栏增项: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - IE工具栏增项: VeryCD超级搜索 - {F869BB38-FFEF-4589-B986-610B7AD0ADA2} - C:\PROGRA~1\YOK.com\SUPERS~1\YOK_SuperSearch.dll
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - 启动项HKLM\\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - 启动项HKLM\\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - 启动项HKLM\\Run: [RavTimer] C:\Program Files\rising\Rav\RavTimer.exe
O4 - 启动项HKLM\\Run: [RavMon] C:\Program Files\rising\Rav\RavMon.exe -system
O4 - 启动项HKLM\\Run: [VirtualDrive] "C:\Program Files\FarStone\VirtualDrive\VDTask.exe" /AutoRestore
O4 - 启动项HKLM\\Run: [vcdplayx] "C:\WINDOWS\vcdplayx.exe"
O4 - 启动项HKLM\\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - 启动项HKLM\\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - 启动项HKLM\\Run: [DAEMON Tools-2052] "D:\daemon.exe" -lang 2052
O4 - 启动项HKLM\\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - 启动项HKLM\\Run: [YLive.exe] C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
O4 - 启动项HKLM\\Run: [yassistse] "C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe"
O4 - 启动项HKLM\\Run: [res] C:\WINDOWS\system32\res.exe
O4 - 启动项HKLM\\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - 启动项HKLM\\Run: [xBarUpdate] C:\Program Files\xBar\xBarUpdate.exe
O4 - 启动项HKLM\\Run: [Thunder] "F:\讯雷\ThunderShell.exe" /s
O4 - 启动项HKLM\\Run: [NMGameX_AutoRun] C:\WINDOWS\system32\Rundll32.exe NMGameX.dll,LiveProcess /aa
O4 - 启动项HKLM\\Run: [YOKAssiant] Rundll32.exe C:\PROGRA~1\YOK.com\SUPERS~1\YOK_SuperSearch.dll,YOKAssiant
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - 启动项HKLM\\Run: [stup.exe] C:\PROGRA~1\TENCENT\Adplus\stup.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [eMuleAutoStart] F:\Very CD\eMule\eMule.exe -AutoStart
O4 - Startup: 腾讯QQ.lnk = G:\QQ\QQ.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - IE右键菜单中的新增项目: &使用迅雷下载 - F:\讯雷\Program\GetUrl.htm
O8 - IE右键菜单中的新增项目: &使用迅雷下载全部链接 - F:\讯雷\Program\GetAllUrl.htm
O8 - IE右键菜单中的新增项目: Google 搜索(&G) - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - IE右键菜单中的新增项目: VeryCD超级搜索 - C:\PROGRA~1\YOK.com\SUPERS~1\yoksch.htm
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - G:\QQ\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 使用KuGoo3下载(&K) - F:\酷狗\KuGoo3\KuGoo3DownX.htm
O8 - IE右键菜单中的新增项目: 反向链接 - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - IE右键菜单中的新增项目: 发送到手机 - C:\Program Files\xBar\xBar.htm
O8 - IE右键菜单中的新增项目: 导出到 Microsoft Office Excel(&X) - res://D:\新建文~1\OFFICE11\EXCEL.EXE/3000
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - G:\QQ\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - G:\QQ\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 添加到雅虎订阅(&Y) - res://C:\Program Files\Yahoo!\Assistant\Assist\yrss.dll/YRSSMENUEXT
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - G:\QQ\SendMMS.htm
O8 - IE右键菜单中的新增项目: 类似网页 - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - IE右键菜单中的新增项目: 缓存的网页快照 - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - IE右键菜单中的新增项目: 翻译英文字词(&T) - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - IE右键菜单中的新增项目: 雅虎搜索 - res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll/246
O9 - 浏览器额外的按钮: 卓越 - {8DE0FCD4-5EB5-11D3-AD25-00002100131B} - C:\POWERW~1\IEPlugin.dll (file missing)
O9 - 浏览器额外的按钮: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\新建文~1\OFFICE11\REFIEBAR.DLL
O9 - 浏览器额外的按钮: 词霸 - {9A687CA6-D585-4947-9ED9-BE96071F5CD9} - C:\POWERW~1\XDictExB.dll (file missing)
O9 - 浏览器额外的按钮: 金山词霸 - {C8CE29C5-7589-11D3-B81B-0080C8DC5DC8} - C:\POWERW~1\IEPlugin.dll (file missing)
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - G:\QQ\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - G:\QQ\QQ.EXE
O9 - 浏览器额外的按钮: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - G:\QQ\QQIEHelper.dll
O9 - 浏览器额外的“工具”菜单项: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - G:\QQ\QQIEHelper.dll
O9 - 浏览器额外的按钮: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - 浏览器额外的“工具”菜单项: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{5EB2EB4E-A534-4D17-8909-DDACB1AC3492}: NameServer = 202.106.0.20 202.106.46.151
O17 - HKLM\System\CCS\Services\Tcpip\..\{FEB786AD-2770-4C08-8CBE-BF2044B90A84}: NameServer = 192.168.1.1
O18 - 列举现有的协议: dic - {C21F5C32-F57A-4A0D-8E0A-B672691C52D0} - C:\POWERW~1\XDictExB.dll (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - rising - C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
O23 - NT 服务: Network System (Universal Disk Manager) - COMENET TECHNOLOGY - C:\Program Files\Common Files\SAND\Network.exe

瑞星卡卡安全论坛