瑞星卡卡安全论坛

首页 » 技术交流区 » 反病毒/反流氓软件论坛 » 帮帮忙``帮我看看日志``电脑是不是有问题```谢谢
zhanghaha - 2006-7-7 21:27:00
HijackThis_zww汉化版扫描日志 V1.99.1
保存于      21:16:14, 日期 2006-7-7
操作系统:  Windows XP SP2 (WinNT 5.01.2600)
浏览器:    Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程:         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
F:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
F:\Program Files\Rising\Rav\Ravmond.exe
C:\WINDOWS\Explorer.EXE
F:\Program Files\Rising\Rav\RavStub.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
F:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ChinaNet\VnetClient.exe
F:\Program Files\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\svchost.exe
F:\Program Files\qq2006\QQ.exe
F:\Program Files\qq2006\TIMPlatform.exe
F:\Program Files\qq2006\QQ.exe
F:\Program Files\qq2006\QQ.exe
F:\Program Files\qq2006\qqpet\qqpet.exe
F:\Program Files\qq2006\qqpet\qqpet.exe
C:\DOCUME~1\ZB\LOCALS~1\Temp\Rar$EX00.652\QQPetNurse.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
F:\Program Files\Rising\Rav\RsLogVw.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
F:\Program Files\HB_Hijackthis1991zww814_Pconline\HijackThis1991汉化版\HijackThis1991zww.exe

R3 - URLSearchHook: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\Program Files\Yahoo!\Assistant\Assist\yasbar.dll (file missing)
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - F:\Program Files\qq2006\QQIEHelper.dll
O2 - BHO: stdup - {6A512BF7-EC78-4e8d-9841-6C02E8FA9838} - C:\WINDOWS\SYSTEM32\stdup.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - F:\PROGRA~1\迅咐雷?5\FLASHGET\jccatch.dll (file missing)
O2 - BHO: (no name) - {A9930D97-9CF0-42A0-A10D-4F28836579D5} - F:\PROGRA~1\KuGoo3\KUGOO3~1.OCX
O3 - IE工具栏增项: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - F:\PROGRA~1\迅咐雷?5\FLASHGET\fgiebar.dll (file missing)
O3 - IE工具栏增项: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\Program Files\Yahoo!\Assistant\Assist\yasbar.dll (file missing)
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [rundll32] C:\WINDOWS\system32\IEXPLORER.EXE
O4 - 启动项HKLM\\Run: [yassistse] "C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe"
O4 - 启动项HKLM\\Run: [spoolsv] C:\WINDOWS\system32\spoolsv\spoolsv.exe -printer
O4 - 启动项HKLM\\Run: [RavTask] "F:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [KVFW] C:\Program Files\KVFW\kvfw.exe -silent
O4 - Startup: desktop.ini
O4 - Startup: 腾讯QQ.lnk = F:\Program Files\qq2006\QQ.exe
O4 - Startup: 星空极速.lnk = C:\Program Files\ChinaNet\VnetClient.exe
O4 - Global Startup: desktop.ini
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - F:\Program Files\qq2006\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 使用KuGoo3下载(&K) - F:\Program Files\KuGoo3\KuGoo3DownX.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - F:\PROGRA~1\迅雷5\FLASHGET\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - F:\PROGRA~1\迅雷5\FLASHGET\jc_all.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - F:\Program Files\qq2006\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - F:\Program Files\qq2006\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - F:\Program Files\qq2006\SendMMS.htm
O9 - 浏览器额外的按钮: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - 浏览器额外的“工具”菜单项: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{57E0783B-5835-4D0D-A041-549EC72CF7D5}: NameServer = 202.96.128.166 202.96.128.86
O23 - NT 服务: Kingsoft Personal Firewall Service (KPfwSvc) - Unknown owner - F:\Program Files\新建文件夹\KPfwSvc.EXE (file missing)
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - F:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - F:\Program Files\Rising\Rav\Ravmond.exe
建能 - 2006-7-7 21:30:00
O23 - NT 服务: Kingsoft Personal Firewall Service (KPfwSvc) - Unknown owner - F:\Program Files\新建文件夹\KPfwSvc.EXE (file missing)
O4 - Global Startup: desktop.ini
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O4 - 启动项HKLM\\Run: [rundll32] C:\WINDOWS\system32\IEXPLORER.EXE
O2 - BHO: stdup - {6A512BF7-EC78-4e8d-9841-6C02E8FA9838} - C:\WINDOWS\SYSTEM32\stdup.dll
修读上面各项
zhanghaha - 2006-7-7 23:12:00
HijackThis_zww汉化版扫描日志 V1.99.1
保存于      23:02:35, 日期 2006-7-7
操作系统:  Windows XP SP2 (WinNT 5.01.2600)
浏览器:    Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程:         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
F:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
F:\Program Files\Rising\Rav\Ravmond.exe
C:\WINDOWS\Explorer.EXE
F:\Program Files\Rising\Rav\RavStub.exe
C:\WINDOWS\SOUNDMAN.EXE
F:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ChinaNet\VnetClient.exe
F:\Program Files\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\svchost.exe
F:\Program Files\qq2006\QQ.exe
F:\Program Files\qq2006\TIMPlatform.exe
F:\Program Files\qq2006\QQ.exe
F:\Program Files\qq2006\QQ.exe
F:\Program Files\qq2006\qqpet\qqpet.exe
F:\Program Files\qq2006\qqpet\qqpet.exe
C:\DOCUME~1\ZB\LOCALS~1\Temp\Rar$EX00.652\QQPetNurse.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\dumprep.exe
F:\Program Files\HB_Hijackthis1991zww814_Pconline\HijackThis1991汉化版\HijackThis1991zww.exe

R3 - URLSearchHook: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\Program Files\Yahoo!\Assistant\Assist\yasbar.dll (file missing)
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - F:\Program Files\qq2006\QQIEHelper.dll
O2 - BHO: stdup - {6A512BF7-EC78-4e8d-9841-6C02E8FA9838} - C:\WINDOWS\SYSTEM32\stdup.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - F:\PROGRA~1\迅咐雷?5\FLASHGET\jccatch.dll (file missing)
O2 - BHO: (no name) - {A9930D97-9CF0-42A0-A10D-4F28836579D5} - F:\PROGRA~1\KuGoo3\KUGOO3~1.OCX
O3 - IE工具栏增项: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - F:\PROGRA~1\迅咐雷?5\FLASHGET\fgiebar.dll (file missing)
O3 - IE工具栏增项: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\Program Files\Yahoo!\Assistant\Assist\yasbar.dll (file missing)
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [yassistse] "C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe"
O4 - 启动项HKLM\\Run: [spoolsv] C:\WINDOWS\system32\spoolsv\spoolsv.exe -printer
O4 - 启动项HKLM\\Run: [RavTask] "F:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [KVFW] C:\Program Files\KVFW\kvfw.exe -silent
O4 - Startup: desktop.ini
O4 - Startup: 腾讯QQ.lnk = F:\Program Files\qq2006\QQ.exe
O4 - Startup: 星空极速.lnk = C:\Program Files\ChinaNet\VnetClient.exe
O4 - Global Startup: desktop.ini
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - F:\Program Files\qq2006\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 使用KuGoo3下载(&K) - F:\Program Files\KuGoo3\KuGoo3DownX.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - F:\PROGRA~1\迅雷5\FLASHGET\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - F:\PROGRA~1\迅雷5\FLASHGET\jc_all.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - F:\Program Files\qq2006\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - F:\Program Files\qq2006\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - F:\Program Files\qq2006\SendMMS.htm
O9 - 浏览器额外的按钮: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - 浏览器额外的“工具”菜单项: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{57E0783B-5835-4D0D-A041-549EC72CF7D5}: NameServer = 202.96.128.166 202.96.128.86
O23 - NT 服务: Kingsoft Personal Firewall Service (KPfwSvc) - Unknown owner - F:\Program Files\新建文件夹\KPfwSvc.EXE (file missing)
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - F:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - F:\Program Files\Rising\Rav\Ravmond.exe


  可以 嘛?
zhanghaha - 2006-7-8 11:46:00
唉唉```
我嘚電腦現在真嘚很卡啊,,怒s囖
zhanghaha - 2006-7-8 20:47:00
????
zhanghaha - 2006-7-8 20:47:00
僦這樣可以嘚嘞啊??
zhanghaha - 2006-7-8 21:22:00
是不是可以了?
我无邪 - 2006-7-8 21:38:00
下载超级兔子。
http://www.pctutu.com/srmsdown.asp
安装好后,打开“超级兔子清理王”“专业卸载,卸载所有提示的垃圾软件,卸载是不要打开任何浏览窗口。卸载不了可以重启后再去卸载。
卸载完后,重启。
双击我的电脑,工具,文件夹选项,查看,单击选取"显示隐藏文件或文件夹"清除"隐藏受保护的操作系统文件(推荐)"复选框。在提示确定更改时,单击“是”,清除“隐藏已知文件类型的扩展名
删除
C:\WINDOWS\system32\spoolsv
C:\Program Files\Yahoo
C:\WINDOWS\SYSTEM32\stdup.dll
zhanghaha - 2006-7-9 12:10:00
C:\Program Files\Yahoo
C:\WINDOWS\SYSTEM32\stdup.dll
  这两个我找不到噢,,好像没了。。。
    C:\WINDOWS\system32\spoolsv这个我删了。。。
    双击我的电脑,工具,文件夹选项,查看,单击选取"显示隐藏文件或文件夹"清除"隐藏受保护的操作系统文件(推荐)"复选框。在提示确定更改时,单击“是”,清除“隐藏已知文件类型的扩展名  这个我把勾弄没了。。。就可以了吗???
我无邪 - 2006-7-9 12:24:00
请在扫份日志粘上来。
zhanghaha - 2006-7-11 1:17:00
惨了,,我按照你的说法,,我不知道删除了哪个文件,现在我的电脑一双击哪个上网的连接器,,它就弹出一个东西,,它说:这个文件需要关闭....  就是发送了一个错误...现在上网上不了了,,,
zhanghaha - 2006-7-12 19:58:00
现在怎么办好???
唯一的办法是不是从装?
zhanghaha - 2006-7-17 22:48:00
HijackThis_zww汉化版扫描日志 V1.99.1
保存于      22:38:16, 日期 2006-7-17
操作系统:  Windows XP SP2 (WinNT 5.01.2600)
浏览器:    Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程:         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
F:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
F:\Program Files\Rising\Rav\Ravmond.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
F:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
F:\Program Files\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\spoolsv.exe
F:\Program Files\Rising\Rav\RavStub.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wincup\wincup.exe
F:\Program Files\qq2006\QQ.exe
F:\Program Files\qq2006\TIMPlatform.exe
F:\Program Files\qq2006\QQ.exe
F:\Program Files\釺釺靜聽\TTPlayer\TTPlayer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
F:\Program Files\HB_Hijackthis1991zww814_Pconline\HijackThis1991汉化版\HijackThis1991zww.exe

R3 - URLSearchHook: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\Program Files\Yahoo!\Assistant\Assist\yasbar.dll (file missing)
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - F:\Program Files\qq2006\QQIEHelper.dll
O2 - BHO: Vision - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll
O2 - BHO: stdup - {6A512BF7-EC78-4e8d-9841-6C02E8FA9838} - C:\WINDOWS\SYSTEM32\stdup.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - F:\PROGRA~1\迅咐雷?5\FLASHGET\jccatch.dll (file missing)
O2 - BHO: (no name) - {A9930D97-9CF0-42A0-A10D-4F28836579D5} - F:\PROGRA~1\KuGoo3\KUGOO3~1.OCX
O3 - IE工具栏增项: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - F:\PROGRA~1\迅咐雷?5\FLASHGET\fgiebar.dll (file missing)
O3 - IE工具栏增项: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\Program Files\Yahoo!\Assistant\Assist\yasbar.dll (file missing)
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [yassistse] "C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe"
O4 - 启动项HKLM\\Run: [spoolsv] C:\WINDOWS\system32\spoolsv\spoolsv.exe -printer
O4 - 启动项HKLM\\Run: [RavTask] "F:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [KVFW] C:\Program Files\KVFW\kvfw.exe -silent
O4 - Startup: 腾讯QQ.lnk = F:\Program Files\qq2006\QQ.exe
O4 - Startup: 星空极速.lnk = C:\Program Files\ChinaNet\VnetClient.exe
O4 - Global Startup: desktop.ini
O8 - IE右键菜单中的新增项目: >>彩信发送<< - res://C:\Program Files\MMSAssist\Mmsass~1.dll/mms.htm
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - F:\Program Files\qq2006\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 使用KuGoo3下载(&K) - F:\Program Files\KuGoo3\KuGoo3DownX.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - F:\PROGRA~1\迅雷5\FLASHGET\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - F:\PROGRA~1\迅雷5\FLASHGET\jc_all.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - F:\Program Files\qq2006\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - F:\Program Files\qq2006\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - F:\Program Files\qq2006\SendMMS.htm
O9 - 浏览器额外的按钮: (no name) - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll
O9 - 浏览器额外的“工具”菜单项: 彩E精灵设置 - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll
O9 - 浏览器额外的按钮: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - 浏览器额外的“工具”菜单项: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{57E0783B-5835-4D0D-A041-549EC72CF7D5}: NameServer = 202.96.128.166 202.96.128.86
O21 - SSODL: SysTime - {724C75F1-B757-408D-A50A-4CF99DA35D73} - C:\PROGRA~1\WinKld\WinKld.dll
O23 - NT 服务: Kingsoft Personal Firewall Service (KPfwSvc) - Unknown owner - F:\Program Files\新建文件夹\KPfwSvc.EXE (file missing)
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - F:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - F:\Program
  哈哈..可以仩網嘞,,
    幚硪看看```謝謝
我无邪 - 2006-7-17 23:02:00
用兔子是绝对可以解决问题的
如果你不用,你也可以强行删除它们,只是效果 不好。
关闭所有浏览窗口以及一些不必要的程序
运行Hijackthis,扫描结束后在下列选项前打上勾,然后选"修复""
R3 - URLSearchHook: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\Program Files\Yahoo!\Assistant\Assist\yasbar.dll (file missing)
O2 - BHO: Vision - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll
O2 - BHO: stdup - {6A512BF7-EC78-4e8d-9841-6C02E8FA9838} - C:\WINDOWS\SYSTEM32\stdup.dll
O3 - IE工具栏增项: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\Program Files\Yahoo!\Assistant\Assist\yasbar.dll (file missing)
O4 - 启动项HKLM\\Run: [yassistse] "C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe"
O4 - 启动项HKLM\\Run: [spoolsv] C:\WINDOWS\system32\spoolsv\spoolsv.exe -printer
O8 - IE右键菜单中的新增项目: >>彩信发送<< - res://C:\Program Files\MMSAssist\Mmsass~1.dll/mms.htm
O9 - 浏览器额外的按钮: (no name) - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll
O9 - 浏览器额外的“工具”菜单项: 彩E精灵设置 - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll
重启删除
C:\PROGRA~1\MMSASS~1
C:\WINDOWS\system32\spoolsv整个文件夹。
C:\WINDOWS\SYSTEM32\stdup.dll
zhanghaha - 2006-7-18 17:51:00
C:\PROGRA~1\MMSASS~1
這個諟卟諟刪除裏麵嘚第一嗰文件夾?
zhanghaha - 2006-7-18 18:15:00
硪用兔子~~~把那些網阯駩刪除嘞
zhanghaha - 2006-7-18 18:24:00
C:\WINDOWS\system32\spoolsv整个文件夹。
C:\WINDOWS\SYSTEM32\stdup.dll
這兩嗰本來囿嘚,但重啓後僦找卟菿嘞...
  第一嗰刪除嘞..
  C:\WINDOWS\system32裏麵囿spool  諟卟諟一様嘚?
zhanghaha - 2006-7-18 18:25:00
HijackThis_zww汉化版扫描日志 V1.99.1
保存于      18:16:00, 日期 2006-7-18
操作系统:  Windows XP SP2 (WinNT 5.01.2600)
浏览器:    Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程:         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
F:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
F:\Program Files\Rising\Rav\Ravmond.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
F:\Program Files\Rising\Rav\RavStub.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wincup\wincup.exe
C:\WINDOWS\SOUNDMAN.EXE
F:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
F:\Program Files\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
F:\Program Files\HB_Hijackthis1991zww814_Pconline\HijackThis1991汉化版\HijackThis1991zww.exe

O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - F:\Program Files\qq2006\QQIEHelper.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - F:\PROGRA~1\迅咐雷?5\FLASHGET\jccatch.dll (file missing)
O2 - BHO: (no name) - {A9930D97-9CF0-42A0-A10D-4F28836579D5} - F:\PROGRA~1\KuGoo3\KUGOO3~1.OCX
O3 - IE工具栏增项: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - F:\PROGRA~1\迅咐雷?5\FLASHGET\fgiebar.dll (file missing)
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [RavTask] "F:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - 启动项HKLM\\RunOnce: [Super Rabbit Winspeed] "F:\Program Files\MagicSet\winspeed.exe" /autokill:10,127,126,125,124,123,122,121,120,118,117,114,113,112,111,110,109,108,104,103,102,101,99,97,96,95,94,93,92,91,89,85,83,82,80,79,78,77,76,73,72,71,70,69,68,67,66,65,64,63,62,61,60,59,58,57,55,53,52,51,50,46,45,44,43,42,41,40,39,38,37,36,35,34,33,32,31,30,29,28,27,26,25,23,22,21,20,19,17,16,15,14,13,12,11,9,8,7,6,5,4,3,1
O4 - 启动项HKLM\\RunOnce: [RavStub] "F:\Program Files\Rising\Rav\ravstub.exe" /RUNONCE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [KVFW] C:\Program Files\KVFW\kvfw.exe -silent
O4 - Startup: 腾讯QQ.lnk = F:\Program Files\qq2006\QQ.exe
O4 - Startup: 星空极速.lnk = C:\Program Files\ChinaNet\VnetClient.exe
O4 - Global Startup: desktop.ini
O4 - Global Startup: 星空极速.lnk = D:\Program Files\ChinaNet\VnetClient.exe
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - F:\Program Files\qq2006\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 使用KuGoo3下载(&K) - F:\Program Files\KuGoo3\KuGoo3DownX.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - F:\PROGRA~1\迅雷5\FLASHGET\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - F:\PROGRA~1\迅雷5\FLASHGET\jc_all.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - F:\Program Files\qq2006\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - F:\Program Files\qq2006\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - F:\Program Files\qq2006\SendMMS.htm
O9 - 浏览器额外的按钮: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - 浏览器额外的“工具”菜单项: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{57E0783B-5835-4D0D-A041-549EC72CF7D5}: NameServer = 202.96.128.166 202.96.128.86
O21 - SSODL: SysTime - {724C75F1-B757-408D-A50A-4CF99DA35D73} - C:\PROGRA~1\WinKld\WinKld.dll
O23 - NT 服务: Kingsoft Personal Firewall Service (KPfwSvc) - Unknown owner - F:\Program Files\新建文件夹\KPfwSvc.EXE (file missing)
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - F:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - F:\Program Files\Rising\Rav\Ravmond.exe
O23 - NT 服务: WinWrCup - MsWinCup - C:\WINDOWS\wincup\wincup.exe

可以嘞嘛?
zhanghaha - 2006-7-20 22:46:00
HijackThis_zww汉化版扫描日志 V1.99.1
保存于      22:36:12, 日期 2006-7-20
操作系统:  Windows XP SP2 (WinNT 5.01.2600)
浏览器:    Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程:         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
F:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
F:\Program Files\Rising\Rav\Ravmond.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
F:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ChinaNet\VnetClient.exe
F:\Program Files\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\spoolsv.exe
F:\Program Files\Rising\Rav\RavStub.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wincup\wincup.exe
F:\Program Files\qq2006\QQ.exe
F:\Program Files\qq2006\TIMPlatform.exe
F:\Program Files\qq2006\QQ.exe
F:\Program Files\qq2006\QQ.exe
F:\Program Files\qq2006\qqpet\qqpet.exe
F:\Program Files\qq2006\qqpet\qqpet.exe
F:\Program Files\qq2006\qqpet\qqpet.exe
C:\DOCUME~1\ZB\LOCALS~1\Temp\Rar$EX00.107\QQPetNurse.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
F:\Program Files\HB_Hijackthis1991zww814_Pconline\HijackThis1991汉化版\HijackThis1991zww.exe

O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - F:\Program Files\qq2006\QQIEHelper.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - F:\PROGRA~1\迅咐雷?5\FLASHGET\jccatch.dll (file missing)
O2 - BHO: (no name) - {A9930D97-9CF0-42A0-A10D-4F28836579D5} - F:\PROGRA~1\KuGoo3\KUGOO3~1.OCX
O3 - IE工具栏增项: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - F:\PROGRA~1\迅咐雷?5\FLASHGET\fgiebar.dll (file missing)
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [RavTask] "F:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - 启动项HKLM\\RunOnce: [Super Rabbit Winspeed] "F:\Program Files\MagicSet\winspeed.exe" /autokill:10,127,126,125,124,123,122,121,120,118,117,114,113,112,111,110,109,108,104,103,102,101,99,97,96,95,94,93,92,91,89,85,83,82,80,79,78,77,76,73,72,71,70,69,68,67,66,65,64,63,62,61,60,59,58,57,55,53,52,51,50,46,45,44,43,42,41,40,39,38,37,36,35,34,33,32,31,30,29,28,27,26,25,23,22,21,20,19,17,16,15,14,13,12,11,9,8,7,6,5,4,3,1
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [KVFW] C:\Program Files\KVFW\kvfw.exe -silent
O4 - Startup: 腾讯QQ.lnk = F:\Program Files\qq2006\QQ.exe
O4 - Global Startup: desktop.ini
O4 - Global Startup: 星空极速.lnk = C:\Program Files\ChinaNet\VnetClient.exe
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - F:\Program Files\qq2006\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 使用KuGoo3下载(&K) - F:\Program Files\KuGoo3\KuGoo3DownX.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - F:\PROGRA~1\迅雷5\FLASHGET\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - F:\PROGRA~1\迅雷5\FLASHGET\jc_all.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - F:\Program Files\qq2006\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - F:\Program Files\qq2006\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - F:\Program Files\qq2006\SendMMS.htm
O9 - 浏览器额外的按钮: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - 浏览器额外的“工具”菜单项: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{57E0783B-5835-4D0D-A041-549EC72CF7D5}: NameServer = 202.96.128.166 202.96.128.86
O21 - SSODL: SysTime - {724C75F1-B757-408D-A50A-4CF99DA35D73} - C:\PROGRA~1\WinKld\WinKld.dll
O23 - NT 服务: Kingsoft Personal Firewall Service (KPfwSvc) - Unknown owner - F:\Program Files\新建文件夹\KPfwSvc.EXE (file missing)
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - F:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - F:\Program Files\Rising\Rav\Ravmond.exe
O23 - NT 服务: WinWrCup - MsWinCup - C:\WINDOWS\wincup\wincup.exe

  可以了吗 ?
zhanghaha - 2006-7-22 18:20:00
帮我看看好吗?
zhanghaha - 2006-7-29 22:47:00
帮我看看好吗?????
谢谢
zhanghaha - 2006-8-20 21:05:00
求求了```
帮我看看好吗??
zhanghaha - 2006-8-20 21:06:00
HijackThis_zww汉化版扫描日志 V1.99.1
保存于      20:57:14, 日期 2006-8-13
操作系统:  Windows XP SP2 (WinNT 5.01.2600)
浏览器:    Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程:         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
F:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
F:\Program Files\Rising\Rav\Ravmond.exe
C:\WINDOWS\Explorer.EXE
F:\Program Files\Rising\Rav\RavStub.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
F:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
F:\Program Files\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Sogou PXP\p2psvr.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wincup\wincup.exe
C:\WINDOWS\system32\wuauclt.exe
F:\Program Files\qq2006\QQ.exe
F:\Program Files\qq2006\TIMPlatform.exe
F:\Program Files\釺釺靜聽\TTPlayer\TTPlayer.exe
F:\Program Files\Rising\Rav\Rav.exe
F:\Program Files\Rising\Rav\RsAgent.exe
C:\WINDOWS\msagent\AgentSvr.exe
C:\Program Files\Internet Explorer\iexplore.exe
F:\Program Files\HB_Hijackthis1991zww814_Pconline\HijackThis1991汉化版\HijackThis1991zww.exe

O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - F:\Program Files\qq2006\QQIEHelper.dll
O2 - BHO: Vision - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\mmsass~1.dll
O2 - BHO: IHiu Class - {67A06BB1-027B-4E94-8C3D-2DCD5E808A28} - C:\WINDOWS\system32\AYBHOAD.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - F:\PROGRA~1\迅咐雷?5\FLASHGET\jccatch.dll (file missing)
O2 - BHO: (no name) - {A9930D97-9CF0-42A0-A10D-4F28836579D5} - F:\PROGRA~1\KuGoo3\KUGOO3~1.OCX
O3 - IE工具栏增项: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - F:\PROGRA~1\迅咐雷?5\FLASHGET\fgiebar.dll (file missing)
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [RavTask] "F:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - 启动项HKLM\\RunOnce: [Super Rabbit Winspeed] "F:\Program Files\MagicSet\winspeed.exe" /autokill:10,127,126,125,124,123,122,121,120,118,117,114,113,112,111,110,109,108,104,103,102,101,99,97,96,95,94,93,92,91,89,85,83,82,80,79,78,77,76,73,72,71,70,69,68,67,66,65,64,63,62,61,60,59,58,57,55,53,52,51,50,46,45,44,43,42,41,40,39,38,37,36,35,34,33,32,31,30,29,28,27,26,25,23,22,21,20,19,17,16,15,14,13,12,11,9,8,7,6,5,4,3,1
O4 - 启动项HKLM\\RunOnce: [RavStub] "F:\Program Files\Rising\Rav\ravstub.exe" /RUNONCE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [KVFW] C:\Program Files\KVFW\kvfw.exe -silent
O4 - Startup: 腾讯QQ.lnk = F:\Program Files\qq2006\QQ.exe
O4 - Startup: Vnet_PPPoE.lnk = ?
O4 - Global Startup: desktop.ini
O8 - IE右键菜单中的新增项目: >>彩信发送<< - res://C:\PROGRA~1\MMSASS~1\mmsass~1.dll/mms.htm
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - F:\Program Files\qq2006\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 使用KuGoo3下载(&K) - F:\Program Files\KuGoo3\KuGoo3DownX.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - F:\PROGRA~1\迅雷5\FLASHGET\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - F:\PROGRA~1\迅雷5\FLASHGET\jc_all.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - F:\Program Files\qq2006\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - F:\Program Files\qq2006\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - F:\Program Files\qq2006\SendMMS.htm
O9 - 浏览器额外的按钮: (no name) - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\mmsass~1.dll
O9 - 浏览器额外的“工具”菜单项: 彩E精灵设置 - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\mmsass~1.dll
O9 - 浏览器额外的按钮: 酷热影音 - {7D73FF86-05F1-39ed-C850-A423120EC338} - www.kuree.com/index.htm?id=00011001 (file missing)
O9 - 浏览器额外的按钮: 中国最大小区互动平台 - {bf80e5ce-44f9-4954-9ec9-ca5bb86346cd} - http://www.hiu.cn (file missing)
O9 - 浏览器额外的按钮: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - 浏览器额外的“工具”菜单项: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05C1004E-2596-48E5-8E26-39362985EEB9} (MMCPlayer Class) - http://p3p.sogou.com/MMCShell.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{57E0783B-5835-4D0D-A041-549EC72CF7D5}: NameServer = 202.96.128.166 202.96.128.86
O21 - SSODL: SysTime - {724C75F1-B757-408D-A50A-4CF99DA35D73} - C:\PROGRA~1\WinKld\WinKld.dll
O21 - SSODL: webwork - {4C611512-2C1D-44b2-A044-872AD2AD5A61} - C:\WINDOWS\webwork\webwork.dll
O23 - NT 服务: Kingsoft Personal Firewall Service (KPfwSvc) - Unknown owner - F:\Program Files\新建文件夹\KPfwSvc.EXE (file missing)
O23 - NT 服务: P4P Service - Sohu.com Inc. - C:\Program Files\Common Files\Sogou PXP\p2psvr.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - F:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - F:\Program Files\Rising\Rav\Ravmond.exe
O23 - NT 服务: WinWrCup - MsWinCup - C:\WINDOWS\wincup\wincup.exe

zhanghaha - 2006-8-20 21:07:00
HijackThis_zww汉化版扫描日志 V1.99.1
保存于      20:57:14, 日期 2006-8-13
操作系统:  Windows XP SP2 (WinNT 5.01.2600)
浏览器:    Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程:         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
F:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
F:\Program Files\Rising\Rav\Ravmond.exe
C:\WINDOWS\Explorer.EXE
F:\Program Files\Rising\Rav\RavStub.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
F:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
F:\Program Files\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Sogou PXP\p2psvr.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wincup\wincup.exe
C:\WINDOWS\system32\wuauclt.exe
F:\Program Files\qq2006\QQ.exe
F:\Program Files\qq2006\TIMPlatform.exe
F:\Program Files\釺釺靜聽\TTPlayer\TTPlayer.exe
F:\Program Files\Rising\Rav\Rav.exe
F:\Program Files\Rising\Rav\RsAgent.exe
C:\WINDOWS\msagent\AgentSvr.exe
C:\Program Files\Internet Explorer\iexplore.exe
F:\Program Files\HB_Hijackthis1991zww814_Pconline\HijackThis1991汉化版\HijackThis1991zww.exe

O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - F:\Program Files\qq2006\QQIEHelper.dll
O2 - BHO: Vision - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\mmsass~1.dll
O2 - BHO: IHiu Class - {67A06BB1-027B-4E94-8C3D-2DCD5E808A28} - C:\WINDOWS\system32\AYBHOAD.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - F:\PROGRA~1\迅咐雷?5\FLASHGET\jccatch.dll (file missing)
O2 - BHO: (no name) - {A9930D97-9CF0-42A0-A10D-4F28836579D5} - F:\PROGRA~1\KuGoo3\KUGOO3~1.OCX
O3 - IE工具栏增项: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - F:\PROGRA~1\迅咐雷?5\FLASHGET\fgiebar.dll (file missing)
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [RavTask] "F:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - 启动项HKLM\\RunOnce: [Super Rabbit Winspeed] "F:\Program Files\MagicSet\winspeed.exe" /autokill:10,127,126,125,124,123,122,121,120,118,117,114,113,112,111,110,109,108,104,103,102,101,99,97,96,95,94,93,92,91,89,85,83,82,80,79,78,77,76,73,72,71,70,69,68,67,66,65,64,63,62,61,60,59,58,57,55,53,52,51,50,46,45,44,43,42,41,40,39,38,37,36,35,34,33,32,31,30,29,28,27,26,25,23,22,21,20,19,17,16,15,14,13,12,11,9,8,7,6,5,4,3,1
O4 - 启动项HKLM\\RunOnce: [RavStub] "F:\Program Files\Rising\Rav\ravstub.exe" /RUNONCE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [KVFW] C:\Program Files\KVFW\kvfw.exe -silent
O4 - Startup: 腾讯QQ.lnk = F:\Program Files\qq2006\QQ.exe
O4 - Startup: Vnet_PPPoE.lnk = ?
O4 - Global Startup: desktop.ini
O8 - IE右键菜单中的新增项目: >>彩信发送<< - res://C:\PROGRA~1\MMSASS~1\mmsass~1.dll/mms.htm
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - F:\Program Files\qq2006\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 使用KuGoo3下载(&K) - F:\Program Files\KuGoo3\KuGoo3DownX.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - F:\PROGRA~1\迅雷5\FLASHGET\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - F:\PROGRA~1\迅雷5\FLASHGET\jc_all.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - F:\Program Files\qq2006\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - F:\Program Files\qq2006\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - F:\Program Files\qq2006\SendMMS.htm
O9 - 浏览器额外的按钮: (no name) - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\mmsass~1.dll
O9 - 浏览器额外的“工具”菜单项: 彩E精灵设置 - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\mmsass~1.dll
O9 - 浏览器额外的按钮: 酷热影音 - {7D73FF86-05F1-39ed-C850-A423120EC338} - www.kuree.com/index.htm?id=00011001 (file missing)
O9 - 浏览器额外的按钮: 中国最大小区互动平台 - {bf80e5ce-44f9-4954-9ec9-ca5bb86346cd} - http://www.hiu.cn (file missing)
O9 - 浏览器额外的按钮: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - 浏览器额外的“工具”菜单项: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05C1004E-2596-48E5-8E26-39362985EEB9} (MMCPlayer Class) - http://p3p.sogou.com/MMCShell.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{57E0783B-5835-4D0D-A041-549EC72CF7D5}: NameServer = 202.96.128.166 202.96.128.86
O21 - SSODL: SysTime - {724C75F1-B757-408D-A50A-4CF99DA35D73} - C:\PROGRA~1\WinKld\WinKld.dll
O21 - SSODL: webwork - {4C611512-2C1D-44b2-A044-872AD2AD5A61} - C:\WINDOWS\webwork\webwork.dll
O23 - NT 服务: Kingsoft Personal Firewall Service (KPfwSvc) - Unknown owner - F:\Program Files\新建文件夹\KPfwSvc.EXE (file missing)
O23 - NT 服务: P4P Service - Sohu.com Inc. - C:\Program Files\Common Files\Sogou PXP\p2psvr.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - F:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - F:\Program Files\Rising\Rav\Ravmond.exe
O23 - NT 服务: WinWrCup - MsWinCup - C:\WINDOWS\wincup\wincup.exe

zhanghaha - 2006-8-20 21:08:00
求求了, ,,
高手帮帮忙阿。。。
 
  谢谢了
1
查看完整版本: 帮帮忙``帮我看看日志``电脑是不是有问题```谢谢
© 2000 - 2026 Rising Corp. Ltd.