大虾！求助！机器太慢了，而且有病毒。谢了。 bbs.ikaka.com

mouse123 - 2006-8-20 14:11:00

HijackThis_zww汉化版扫描日志 V1.99.1
保存于 13:55:05, 日期 2006-8-20
操作系统： Windows XP SP2 (WinNT 5.01.2600)
浏览器： Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程：
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rising\Rav\Ravmond.exe
c:\program files\rising\rfw\rfwsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Rising\Rav\RavStub.exe
C:\Program Files\Antiy Labs\Alive\AliveCenter.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
c:\program files\rising\rfw\RfwMain.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\LHotkey.exe
C:\Program Files\Lenovo\联想键盘驱动\LCC.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\HuaCi\huaci\zsearch.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\HuaCi\huaci\ZsUp.exe
C:\Program Files\Rising\Rav\RavTask.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Rising\Rav\Ravmon.exe
C:\Program Files\DeskMemo\Deskmemo.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Owner\桌面\HijackThis1991zww.exe
C:\WINDOWS\system32\Wxsq.exe
C:\WINDOWS\system32\Wxsq.exe
C:\WINDOWS\system32\Wxsq.exe
C:\WINDOWS\system32\Wxsq.exe
C:\WINDOWS\system32\Wxsq.exe

R3 - URLSearchHook: (no name) - {BB3746FC-15CF-4E54-A378-079FA15A731F} - C:\WINDOWS\system32\Ispb.dll
R3 - URLSearchHook: Tencent SearchHook - {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} - C:\Program Files\TENCENT\Adplus\SSAddr.dll
O2 - BHO: (no name) - {9B450616-ADAC-4E29-A4E7-2E8795C52BAC} - C:\WINDOWS\system32\Alzg.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {B51DC671-B31E-48F9-A99C-F4AEB9FDFF89} - C:\WINDOWS\system32\Tbvp.dll
O2 - BHO: (no name) - {BAFB4966-9D5E-4F21-849B-6B5D0CFA6146} - C:\WINDOWS\system32\Uvsqs.dll
O2 - BHO: (no name) - {BB3746FC-15CF-4E54-A378-079FA15A731F} - C:\WINDOWS\system32\Ispb.dll
O2 - BHO: (no name) - {BC7A7A39-8043-47E1-9A90-E6034E7F53F5} - C:\WINDOWS\system32\Gkdv.dll
O2 - BHO: (no name) - {BC8FFFD0-60E1-4EB3-BB89-C7AE40A351B1} - C:\WINDOWS\system32\Mfxczg.dll (file missing)
O2 - BHO: (no name) - {BCA2B394-0613-4BF8-BB9C-1F1EDC4ED4FF} - C:\WINDOWS\system32\Yxstey.dll (file missing)
O2 - BHO: (no name) - {BE3D5B3D-F21E-4205-BDA2-F2FB6F768D99} - C:\WINDOWS\system32\Xdewb.dll
O2 - BHO: (no name) - {BF2DB065-CFFC-497B-95AD-C362884C67A7} - C:\WINDOWS\system32\Qtobx.dll
O2 - BHO: (no name) - {C02F976A-870B-4964-B1BA-826D1B3D8EEC} - C:\WINDOWS\system32\Zuvzq.dll (file missing)
O2 - BHO: (no name) - {C2E70AAB-1662-4918-8EF3-772D673C0743} - C:\WINDOWS\system32\Vkckh.dll (file missing)
O2 - BHO: (no name) - {C50FDB56-B09B-45BD-9CB8-7D786EF59BC0} - C:\WINDOWS\system32\Swnt.dll (file missing)
O2 - BHO: (no name) - {C5AC03EA-B969-4CC4-B62E-10108FED247F} - C:\WINDOWS\system32\Jckxfg.dll
O2 - BHO: (no name) - {FF0D56DD-A518-42BF-951C-9A4E420E0499} - C:\WINDOWS\system32\Xfez.dll (file missing)
O2 - BHO: (no name) - {FFFF385D-91C1-4E2A-8C1F-9964862C8ECD} - C:\WINDOWS\system32\Chamcp.dll
O3 - IE工具栏增项: (no name) - {F60C7D81-8471-4D40-AAFE-56D318F34C2D} - (no file)
O3 - IE工具栏增项: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - IE工具栏增项: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\fgiebar.dll
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [LHotkey] LHotkey.exe
O4 - 启动项HKLM\\Run: [Lcc] C:\Program Files\Lenovo\联想键盘驱动\LCC.exe
O4 - 启动项HKLM\\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - 启动项HKLM\\Run: [nwiz] nwiz.exe /install
O4 - 启动项HKLM\\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [CnxDslTaskBar] "C:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe"
O4 - 启动项HKLM\\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - 启动项HKLM\\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - 启动项HKLM\\Run: [MoveSearch] C:\Program Files\HuaCi\huaci\zsearch.exe
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - 启动项HKLM\\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [Desktop] C:\WINDOWS\system32\rundll32.exe "C:\Program Files\DeskAdTop\Run.dll" ,Rundll
O4 - 启动项HKLM\\Run: [jnm5] RunDll32 "C:\WINDOWS\Downlo~1\culqhzg.dll",Run
O4 - 启动项HKLM\\Run: [Mysee Alert] "C:\Program Files\GAOV\Mysee Alert\Mysee Alert.exe" -notray
O4 - 启动项HKLM\\Run: [NMGameX_AutoRun] C:\WINDOWS\system32\Rundll32.exe NMGameX.dll,LiveProcess /aa
O4 - 启动项HKLM\\Run: [stup.exe] C:\PROGRA~1\TENCENT\Adplus\stup.exe
O4 - 启动项HKLM\\Run: [DesktopMemo] "C:\Program Files\DeskMemo\Deskmemo.exe"
O4 - 启动项HKLM\\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - 启动项HKLM\\Run: [SearchNet_Up] C:\Program Files\SearchNet\ServeUp.exe
O4 - 启动项HKLM\\Run: [SrvNet32] RunDll32 "C:\Program Files\SearchNet\SrvNet32.dll",Run
O4 - 启动项HKLM\\RunOnce: [RavStub] "C:\Program Files\Rising\Rav\ravstub.exe" /RUNONCE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: 桌面媒体.lnk = C:\WINDOWS\system32\rundll32.exe
O4 - Startup: 划词搜索.lnk = C:\Program Files\HuaCi\huaci\zsearch.exe
O4 - Startup: 新浪UC.lnk = E:\UC\uc.exe
O4 - Startup: 腾讯QQ.lnk = C:\Program Files\Tencent\QQ\QQ.exe
O4 - Startup: 地址栏搜索.lnk = C:\Program Files\SearchNet\ServeUp.exe
O8 - IE右键菜单中的新增项目: Google 搜索(&G) - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - C:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - D:\PROGRA~1\FLASHGET\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - D:\PROGRA~1\FLASHGET\jc_all.htm
O8 - IE右键菜单中的新增项目: 使用超级解霸播放 - C:\Program Files\Herosoft\Hero 9\MPURLGET.HTM
O8 - IE右键菜单中的新增项目: 反向链接 - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - IE右键菜单中的新增项目: 导出到 Microsoft Excel(&x) - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - IE右键菜单中的新增项目: 收藏此页到新浪ViVi - http://vivi.sina.com.cn/collect/click.php?agent=ddt
O8 - IE右键菜单中的新增项目: 新浪搜索 - http://cha.sina.com.cn/ddt.html
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm
O8 - IE右键菜单中的新增项目: 类似网页 - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - IE右键菜单中的新增项目: 缓存的网页快照 - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - IE右键菜单中的新增项目: 翻译英文字词(&T) - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - IE右键菜单中的新增项目: 访问通用网址 - C:\Program Files\CNNIC\Cdn\cnnic.htm
O9 - 浏览器额外的按钮: 新浪UC - {2253922F-1B26-4C74-8B57-E3AEE748DBB8} - E:\UC\uc.exe
O9 - 浏览器额外的按钮: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll (file missing)
O9 - 浏览器额外的“工具”菜单项: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll (file missing)
O9 - 浏览器额外的按钮: 豪杰超级解霸9 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - C:\Program Files\Herosoft\Hero 9\STHSDVD.EXE
O9 - 浏览器额外的“工具”菜单项: 豪杰超级解霸9 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - C:\Program Files\Herosoft\Hero 9\STHSDVD.EXE
O9 - 浏览器额外的按钮: 联想 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.lenovo.com (file missing)
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - 浏览器额外的按钮: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\flashget.exe
O9 - 浏览器额外的“工具”菜单项: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\flashget.exe
O9 - 浏览器额外的按钮: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - 浏览器额外的“工具”菜单项: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - 浏览器额外的按钮: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - 浏览器额外的“工具”菜单项: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [CDNCLIENT] 中文上网
O11 - Options group: [TBH] 搜搜地址栏搜索
O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com
O16 - DPF: {3D8F74EE-8692-4F8F-B8D2-7522E732519E} (WebActivater Control) - http://game.qq.com/QQGame2.cab
O16 - DPF: {52A05F4B-9F0C-4752-BB78-9B6DFD2DE9D5} (HdwCode Control) - http://www.chinaacc.com/plugin/HdwCode.cab
O16 - DPF: {53AF6E02-F18F-4228-AC13-3E79773FBE50} (CMCBooter Object) - http://download.mysee.com/plugin/booter.cab
O16 - DPF: {D0A29C6C-AA71-4423-8C4A-5998B774C448} (IEDown Class) - http://download.ourgame.com/IEDown4.cab
O16 - DPF: {F138084D-84D7-48CD-BEA8-04772457516E} (VqqSpeedDlProxy Class) - http://218.85.138.27/vqqsdl1009.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A7F7B9CE-A05F-4CD9-99CD-2AFD3830319B}: NameServer = 202.99.192.68 202.99.192.66
O23 - NT 服务: Antiy live update (Alive Auto-Update Service) - Unknown owner - C:\Program Files\Antiy Labs\Alive\AliveCenter.exe
O23 - NT 服务: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - NT 服务: MM_PLAY - Unknown owner - C:\WINDOWS\M_play.exe
O23 - NT 服务: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - NT 服务: Rising Proxy Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe

westbeck - 2006-8-20 14:48:00

引用:

【mouse123的贴子】类似于“R3 - URLSearchHook: (no name) - ”和
“O2 - BHO: (no name)”的项目是否都可以删除掉？因为这种项目太多了。

后面(no file)和(file missing)都可以修复

westbeck - 2006-8-20 14:49:00

请问楼主知不知道这两项是什么?
C:\WINDOWS\system32\Wxsq.exe
C:\Program Files\DeskMemo\Deskmemo.exe

westbeck - 2006-8-20 14:52:00

O23 - NT 服务: MM_PLAY - Unknown owner - C:\WINDOWS\M_play.exe
开始--运行--输入:regedit
打开注册表编辑器,定位到:HKEY_LOCAL_MACHINE\ SYSTEM \ CURRENTCONTROLSET \ SERVICES分支，删除左栏中的病毒服务名:MM_PLAY
重启后安全模式显示隐藏文件删除:
C:\WINDOWS\M_play.exe
C:\WINDOWS\M_play.dll(若有的话)
C:\WINDOWS\M_playkey.dll(若有的话)
C:\WINDOWS\M_play_hook.dll(若有的话)

M4AI - 2006-8-20 14:53:00

R3 - URLSearchHook: (no name) - {BB3746FC-15CF-4E54-A378-079FA15A731F} - C:\WINDOWS\system32\Ispb.dll
R3 - URLSearchHook: Tencent SearchHook - {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} - C:\Program Files\TENCENT\Adplus\SSAddr.dll
O2 - BHO: (no name) - {9B450616-ADAC-4E29-A4E7-2E8795C52BAC} - C:\WINDOWS\system32\Alzg.dll (file missing)
修复~~
O23 - NT 服务: MM_PLAY - Unknown owner - C:\WINDOWS\M_play.exe
O23 - NT 服务: Antiy live update (Alive Auto-Update Service) - Unknown owner - C:\Program Files\Antiy Labs\Alive\AliveCenter.exe
这2项有问题~~不知道是不是鸽子

还有,你的启动项太多~~建议删除一些.请问是家用电脑嘛??

710207 - 2006-8-20 15:00:00

修复
R3 - URLSearchHook: (no name) - {BB3746FC-15CF-4E54-A378-079FA15A731F} - C:\WINDOWS\system32\Ispb.dll
O2 - BHO: (no name) - {9B450616-ADAC-4E29-A4E7-2E8795C52BAC} - C:\WINDOWS\system32\Alzg.dll (file missing)
O2 - BHO: (no name) - {B51DC671-B31E-48F9-A99C-F4AEB9FDFF89} - C:\WINDOWS\system32\Tbvp.dll
O2 - BHO: (no name) - {BAFB4966-9D5E-4F21-849B-6B5D0CFA6146} - C:\WINDOWS\system32\Uvsqs.dll
O2 - BHO: (no name) - {BB3746FC-15CF-4E54-A378-079FA15A731F} - C:\WINDOWS\system32\Ispb.dll
O2 - BHO: (no name) - {BC7A7A39-8043-47E1-9A90-E6034E7F53F5} - C:\WINDOWS\system32\Gkdv.dll
O2 - BHO: (no name) - {BC8FFFD0-60E1-4EB3-BB89-C7AE40A351B1} - C:\WINDOWS\system32\Mfxczg.dll (file missing)
O2 - BHO: (no name) - {BCA2B394-0613-4BF8-BB9C-1F1EDC4ED4FF} - C:\WINDOWS\system32\Yxstey.dll (file missing)
O2 - BHO: (no name) - {BE3D5B3D-F21E-4205-BDA2-F2FB6F768D99} - C:\WINDOWS\system32\Xdewb.dll
O2 - BHO: (no name) - {BF2DB065-CFFC-497B-95AD-C362884C67A7} - C:\WINDOWS\system32\Qtobx.dll
O2 - BHO: (no name) - {C02F976A-870B-4964-B1BA-826D1B3D8EEC} - C:\WINDOWS\system32\Zuvzq.dll (file missing)
O2 - BHO: (no name) - {C2E70AAB-1662-4918-8EF3-772D673C0743} - C:\WINDOWS\system32\Vkckh.dll (file missing)
O2 - BHO: (no name) - {C50FDB56-B09B-45BD-9CB8-7D786EF59BC0} - C:\WINDOWS\system32\Swnt.dll (file missing)
O2 - BHO: (no name) - {C5AC03EA-B969-4CC4-B62E-10108FED247F} - C:\WINDOWS\system32\Jckxfg.dll
O2 - BHO: (no name) - {FF0D56DD-A518-42BF-951C-9A4E420E0499} - C:\WINDOWS\system32\Xfez.dll (file missing)
O2 - BHO: (no name) - {FFFF385D-91C1-4E2A-8C1F-9964862C8ECD} - C:\WINDOWS\system32\Chamcp.dll
O3 - IE工具栏增项: (no name) - {F60C7D81-8471-4D40-AAFE-56D318F34C2D} - (no file)
O4 - 启动项HKLM\\Run: [jnm5] RunDll32 "C:\WINDOWS\Downlo~1\culqhzg.dll",Run
O9 - 浏览器额外的按钮: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll (file missing)
O9 - 浏览器额外的“工具”菜单项: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll (file missing)
O9 - 浏览器额外的按钮: 联想 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.lenovo.com (file missing)
------------------------------------------------------------
删除
C:\WINDOWS\system32\Ispb.dll
C:\WINDOWS\system32\Tbvp.dll
C:\WINDOWS\system32\Uvsqs.dll
C:\WINDOWS\system32\Gkdv.dll
C:\WINDOWS\system32\Xdewb.dll
C:\WINDOWS\system32\Qtobx.dll
C:\WINDOWS\system32\Jckxfg.dll
C:\WINDOWS\system32\Chamcp.dll
C:\WINDOWS\Downlo~1\culqhzg.dll
------------------------------------------------------------
O23 - NT 服务: MM_PLAY - Unknown owner - C:\WINDOWS\M_play.exe
属于灰鸽子
开始--运行--输入"services.msc"--确定
停用"MM_PLAY"服务
开始--运行--输入"regedit"--确定
展开：HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services分支
删除"MM_PLAY"文件夹
重新启动计算机
删除"C:\WINDOWS"下所有"M_play"开头的文件
------------------------------------------------------------
楼主请到http://www.pctutu.com/srmsdown.asp
下载超级兔子
下载后安装
运行超级兔子
运行超级兔子清理王
将显示的流氓软件根据提示卸掉

mouse123 - 2006-8-20 15:15:00

多谢各位大虾，我已经删除了所有标识为“no name”的项目，还有m_play也删掉了，现在速度比刚开始好了一些。这是最新的日志，大虾们看看还有哪些可以清除掉的。多谢了。
===========================================
HijackThis_zww汉化版扫描日志 V1.99.1
保存于 15:01:47, 日期 2006-8-20
操作系统： Windows XP SP2 (WinNT 5.01.2600)
浏览器： Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程：
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rising\Rav\Ravmond.exe
c:\program files\rising\rfw\rfwsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Rising\Rav\RavStub.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Antiy Labs\Alive\AliveCenter.exe
c:\program files\rising\rfw\RfwMain.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\LHotkey.exe
C:\Program Files\Lenovo\联想键盘驱动\LCC.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\DeskMemo\Deskmemo.exe
C:\Program Files\Rising\Rav\Ravmon.exe
C:\Program Files\DeskMemo\mdup.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Owner\桌面\HijackThis1991zww.exe

R3 - URLSearchHook: Tencent SearchHook - {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} - C:\Program Files\TENCENT\Adplus\SSAddr.dll
O2 - BHO: 搜搜地址栏搜索 - {0C7C23EF-A848-485B-873C-0ED954731014} - C:\Program Files\TENCENT\Adplus\SSAddr.dll
O2 - BHO: Shockwave Flash BrowserHelpObject - {1002C84D-A326-2D3C-13F3-2C2474392A91} - C:\WINDOWS\system32\FlashHlp.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\FLASHGET\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - IE工具栏增项: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - IE工具栏增项: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\fgiebar.dll
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [LHotkey] LHotkey.exe
O4 - 启动项HKLM\\Run: [Lcc] C:\Program Files\Lenovo\联想键盘驱动\LCC.exe
O4 - 启动项HKLM\\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - 启动项HKLM\\Run: [nwiz] nwiz.exe /install
O4 - 启动项HKLM\\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [CnxDslTaskBar] "C:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe"
O4 - 启动项HKLM\\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - 启动项HKLM\\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - 启动项HKLM\\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [Mysee Alert] "C:\Program Files\GAOV\Mysee Alert\Mysee Alert.exe" -notray
O4 - 启动项HKLM\\Run: [DesktopMemo] "C:\Program Files\DeskMemo\Deskmemo.exe"
O4 - 启动项HKLM\\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - 启动项HKLM\\Run: [SearchNet_Up] C:\Program Files\SearchNet\ServeUp.exe
O4 - 启动项HKLM\\Run: [SrvNet32] RunDll32 "C:\Program Files\SearchNet\SrvNet32.dll",Run
O4 - 启动项HKLM\\Run: [stup.exe] C:\PROGRA~1\TENCENT\Adplus\stup.exe
O4 - 启动项HKLM\\RunOnce: [RavStub] "C:\Program Files\Rising\Rav\ravstub.exe" /RUNONCE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: 桌面媒体.lnk = C:\WINDOWS\system32\rundll32.exe
O4 - Startup: 新浪UC.lnk = E:\UC\uc.exe
O4 - Startup: 腾讯QQ.lnk = C:\Program Files\Tencent\QQ\QQ.exe
O4 - Startup: 地址栏搜索.lnk = C:\Program Files\SearchNet\ServeUp.exe
O8 - IE右键菜单中的新增项目: Google 搜索(&G) - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - C:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - D:\PROGRA~1\FLASHGET\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - D:\PROGRA~1\FLASHGET\jc_all.htm
O8 - IE右键菜单中的新增项目: 使用超级解霸播放 - C:\Program Files\Herosoft\Hero 9\MPURLGET.HTM
O8 - IE右键菜单中的新增项目: 反向链接 - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - IE右键菜单中的新增项目: 导出到 Microsoft Excel(&x) - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - IE右键菜单中的新增项目: 收藏此页到新浪ViVi - http://vivi.sina.com.cn/collect/click.php?agent=ddt
O8 - IE右键菜单中的新增项目: 新浪搜索 - http://cha.sina.com.cn/ddt.html
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm
O8 - IE右键菜单中的新增项目: 类似网页 - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - IE右键菜单中的新增项目: 缓存的网页快照 - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - IE右键菜单中的新增项目: 翻译英文字词(&T) - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - IE右键菜单中的新增项目: 访问通用网址 - C:\Program Files\CNNIC\Cdn\cnnic.htm
O9 - 浏览器额外的按钮: 新浪UC - {2253922F-1B26-4C74-8B57-E3AEE748DBB8} - E:\UC\uc.exe
O9 - 浏览器额外的按钮: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\WINDOWS\system32\shdocvw.dll
O9 - 浏览器额外的“工具”菜单项: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\WINDOWS\system32\shdocvw.dll
O9 - 浏览器额外的按钮: 豪杰超级解霸9 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - C:\Program Files\Herosoft\Hero 9\STHSDVD.EXE
O9 - 浏览器额外的“工具”菜单项: 豪杰超级解霸9 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - C:\Program Files\Herosoft\Hero 9\STHSDVD.EXE
O9 - 浏览器额外的按钮: 联想 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.lenovo.com (file missing)
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - 浏览器额外的按钮: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\flashget.exe
O9 - 浏览器额外的“工具”菜单项: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\flashget.exe
O9 - 浏览器额外的按钮: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - 浏览器额外的“工具”菜单项: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - 浏览器额外的按钮: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - 浏览器额外的“工具”菜单项: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [CDNCLIENT] 中文上网
O11 - Options group: [TBH] 搜搜地址栏搜索
O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com
O16 - DPF: {3D8F74EE-8692-4F8F-B8D2-7522E732519E} (WebActivater Control) - http://game.qq.com/QQGame2.cab
O16 - DPF: {52A05F4B-9F0C-4752-BB78-9B6DFD2DE9D5} (HdwCode Control) - http://www.chinaacc.com/plugin/HdwCode.cab
O16 - DPF: {D0A29C6C-AA71-4423-8C4A-5998B774C448} (IEDown Class) - http://download.ourgame.com/IEDown4.cab
O16 - DPF: {F138084D-84D7-48CD-BEA8-04772457516E} (VqqSpeedDlProxy Class) - http://218.85.138.27/vqqsdl1009.cab
O23 - NT 服务: Antiy live update (Alive Auto-Update Service) - Unknown owner - C:\Program Files\Antiy Labs\Alive\AliveCenter.exe
O23 - NT 服务: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - NT 服务: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - NT 服务: Rising Proxy Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe

westbeck - 2006-8-20 15:35:00

下载超级兔子。
http://www.pctutu.com/srmsdown.asp
安装好后，打开“超级兔子清理王”“专业卸载,卸载所有提示的垃圾软件，卸载是不要打开任何浏览窗口。卸载不了可以重启后再去卸载。
卸载完后，再重启。
再扫份日志粘上来

westbeck - 2006-8-20 15:36:00

请问楼主知不知道这项是什么?
C:\Program Files\DeskMemo\Deskmemo.exe
是你装的什么软件吗?

M4AI - 2006-8-20 16:01:00

O23 - NT 服务: Antiy live update (Alive Auto-Update Service) - Unknown owner - C:\Program Files\Antiy Labs\Alive\AliveCenter.exe

这一项不是灰鸽子吗??
请问是什么

mouse123 - 2006-8-20 18:51:00

我已经把deskmemo和alivecenter.exe都删掉了。
现在已经好多了，下面是最新的日志。各位大虾看看还有什么垃圾。谢了。
=========================================
HijackThis_zww汉化版扫描日志 V1.99.1
保存于 18:39:13, 日期 2006-8-20
操作系统： Windows XP SP2 (WinNT 5.01.2600)
浏览器： Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程：
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rising\Rav\Ravmond.exe
c:\program files\rising\rfw\rfwsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Rising\Rav\RavStub.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
c:\program files\rising\rfw\RfwMain.exe
C:\WINDOWS\LHotkey.exe
C:\Program Files\Lenovo\联想键盘驱动\LCC.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Owner\桌面\HijackThis1991zww.exe

R3 - URLSearchHook: Tencent SearchHook - {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} - C:\Program Files\TENCENT\Adplus\SSAddr.dll
O2 - BHO: 搜搜地址栏搜索 - {0C7C23EF-A848-485B-873C-0ED954731014} - C:\Program Files\TENCENT\Adplus\SSAddr.dll
O2 - BHO: Shockwave Flash BrowserHelpObject - {1002C84D-A326-2D3C-13F3-2C2474392A91} - C:\WINDOWS\system32\FlashHlp.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\FLASHGET\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - IE工具栏增项: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - IE工具栏增项: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\fgiebar.dll
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [LHotkey] LHotkey.exe
O4 - 启动项HKLM\\Run: [Lcc] C:\Program Files\Lenovo\联想键盘驱动\LCC.exe
O4 - 启动项HKLM\\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - 启动项HKLM\\Run: [nwiz] nwiz.exe /install
O4 - 启动项HKLM\\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [CnxDslTaskBar] "C:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe"
O4 - 启动项HKLM\\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - 启动项HKLM\\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - 启动项HKLM\\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [Mysee Alert] "C:\Program Files\GAOV\Mysee Alert\Mysee Alert.exe" -notray
O4 - 启动项HKLM\\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - 启动项HKLM\\Run: [SearchNet_Up] C:\Program Files\SearchNet\ServeUp.exe
O4 - 启动项HKLM\\Run: [SrvNet32] RunDll32 "C:\Program Files\SearchNet\SrvNet32.dll",Run
O4 - 启动项HKLM\\Run: [stup.exe] C:\PROGRA~1\TENCENT\Adplus\stup.exe
O4 - 启动项HKLM\\RunOnce: [RavStub] "C:\Program Files\Rising\Rav\ravstub.exe" /RUNONCE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: 桌面媒体.lnk = C:\WINDOWS\system32\rundll32.exe
O4 - Startup: 新浪UC.lnk = E:\UC\uc.exe
O4 - Startup: 腾讯QQ.lnk = C:\Program Files\Tencent\QQ\QQ.exe
O4 - Startup: 地址栏搜索.lnk = C:\Program Files\SearchNet\ServeUp.exe
O8 - IE右键菜单中的新增项目: Google 搜索(&G) - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - C:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - D:\PROGRA~1\FLASHGET\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - D:\PROGRA~1\FLASHGET\jc_all.htm
O8 - IE右键菜单中的新增项目: 使用超级解霸播放 - C:\Program Files\Herosoft\Hero 9\MPURLGET.HTM
O8 - IE右键菜单中的新增项目: 反向链接 - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - IE右键菜单中的新增项目: 导出到 Microsoft Excel(&x) - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - IE右键菜单中的新增项目: 收藏此页到新浪ViVi - http://vivi.sina.com.cn/collect/click.php?agent=ddt
O8 - IE右键菜单中的新增项目: 新浪搜索 - http://cha.sina.com.cn/ddt.html
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm
O8 - IE右键菜单中的新增项目: 类似网页 - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - IE右键菜单中的新增项目: 缓存的网页快照 - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - IE右键菜单中的新增项目: 翻译英文字词(&T) - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - IE右键菜单中的新增项目: 访问通用网址 - C:\Program Files\CNNIC\Cdn\cnnic.htm
O9 - 浏览器额外的按钮: 新浪UC - {2253922F-1B26-4C74-8B57-E3AEE748DBB8} - E:\UC\uc.exe
O9 - 浏览器额外的按钮: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\WINDOWS\system32\shdocvw.dll
O9 - 浏览器额外的“工具”菜单项: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\WINDOWS\system32\shdocvw.dll
O9 - 浏览器额外的按钮: 豪杰超级解霸9 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - C:\Program Files\Herosoft\Hero 9\STHSDVD.EXE
O9 - 浏览器额外的“工具”菜单项: 豪杰超级解霸9 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - C:\Program Files\Herosoft\Hero 9\STHSDVD.EXE
O9 - 浏览器额外的按钮: 联想 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.lenovo.com (file missing)
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - 浏览器额外的按钮: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\flashget.exe
O9 - 浏览器额外的“工具”菜单项: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\flashget.exe
O9 - 浏览器额外的按钮: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - 浏览器额外的“工具”菜单项: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - 浏览器额外的按钮: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - 浏览器额外的“工具”菜单项: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [CDNCLIENT] 中文上网
O11 - Options group: [TBH] 搜搜地址栏搜索
O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com
O16 - DPF: {3D8F74EE-8692-4F8F-B8D2-7522E732519E} (WebActivater Control) - http://game.qq.com/QQGame2.cab
O16 - DPF: {52A05F4B-9F0C-4752-BB78-9B6DFD2DE9D5} (HdwCode Control) - http://www.chinaacc.com/plugin/HdwCode.cab
O16 - DPF: {D0A29C6C-AA71-4423-8C4A-5998B774C448} (IEDown Class) - http://download.ourgame.com/IEDown4.cab
O16 - DPF: {F138084D-84D7-48CD-BEA8-04772457516E} (VqqSpeedDlProxy Class) - http://218.85.138.27/vqqsdl1009.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A7F7B9CE-A05F-4CD9-99CD-2AFD3830319B}: NameServer = 202.99.192.68 202.99.192.66
O23 - NT 服务: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - NT 服务: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - NT 服务: Rising Proxy Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe

查看完整版本: 大虾！求助！机器太慢了，而且有病毒。谢了。

瑞星卡卡安全论坛