Logfile of HijackThis v1.99.1
Scan saved at 21:17:16, on 2005-10-4
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
C:\PROGRAM FILES\RISING\RAV\RavStub.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\RunDll32.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
C:\PROGRA~1\RISING\RAV\RAVMON.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\CNNIC\Cdn\cdnup.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\conime.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\qq\QQ.exe
C:\Program Files\Tencent\QQ\TIMPlatform.exe
E:\HijackThis\HijackThis.exe

R3 - URLSearchHook: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\Program Files\3721\Assist\asbar.dll
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\System32\xunleibho_v5.dll
O2 - BHO: Tencent Browser Helper - {0C7C23EF-A848-485B-873C-0ED954731014} - C:\WINDOWS\Downloaded Program Files\TBHMain.dll
O2 - BHO: CNNIC_IDN - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O2 - BHO: ShowBarObject Class - {850B69E4-90DB-4F45-8621-891BF35A5B53} - C:\WINDOWS\System32\alitb\bar.dll
O2 - BHO: AssistII - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\Program Files\3721\Assist\asbar.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll
O2 - BHO: Infofo 工具栏 - {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} - C:\Program Files\Infofo Bar\infofobar.dll
O2 - BHO: WMHlprObj Class - {F5824EFB-728A-4726-A5A5-85A68B20EDC3} - C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll
O3 - Toolbar: Infofo 工具栏 - {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} - C:\Program Files\Infofo Bar\infofobar.dll
O3 - Toolbar: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\Program Files\3721\Assist\asbar.dll
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - HKLM\..\Run: [RavTimer] C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
O4 - HKLM\..\Run: [RavMon] C:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Install Alitalk] C:\WINDOWS\temp\alitalk\alitalk.exe -hideframe
O4 - HKLM\..\Run: [MoveSearch] C:\Program Files\wsearch\Search.exe
O4 - HKLM\..\Run: [CdnCtr] C:\Program Files\CNNIC\Cdn\cdnup.exe
O4 - HKLM\..\Run: [helper.dll] C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32
O4 - HKLM\..\Run: [DAEMON Tools-2052] "C:\Program Files\D-Tools\daemon.exe"  -lang 2052
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O8 - Extra context menu item: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\getAllurl.htm
O8 - Extra context menu item: Fullscreen Toggle - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\fullscrn.htm
O8 - Extra context menu item: Launch search in Tab 1 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\search1.htm
O8 - Extra context menu item: Launch search in Tab 2 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\search2.htm
O8 - Extra context menu item: Launch search in Tab 3 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\search3.htm
O8 - Extra context menu item: Launch search in Tab 4 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\search4.htm
O8 - Extra context menu item: Launch search in Tab 5 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\search5.htm
O8 - Extra context menu item: Launch search in Tab 6 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\search6.htm
O8 - Extra context menu item: Send Page to Tab 1 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\CurrentTo1.htm
O8 - Extra context menu item: Send Page to Tab 2 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\CurrentTo2.htm
O8 - Extra context menu item: Send Page to Tab 3 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\CurrentTo3.htm
O8 - Extra context menu item: Send Page to Tab 4 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\CurrentTo4.htm
O8 - Extra context menu item: Send Page to Tab 5 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\CurrentTo5.htm
O8 - Extra context menu item: Send Page to Tab 6 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\CurrentTo6.htm
O8 - Extra context menu item: Send Shortcut to Tab 1 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\sendtotab1.htm
O8 - Extra context menu item: Send Shortcut to Tab 2 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\sendtotab2.htm
O8 - Extra context menu item: Send Shortcut to Tab 3 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\sendtotab3.htm
O8 - Extra context menu item: Send Shortcut to Tab 4 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\sendtotab4.htm
O8 - Extra context menu item: Send Shortcut to Tab 5 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\sendtotab5.htm
O8 - Extra context menu item: Send Shortcut to Tab 6 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\sendtotab6.htm
O8 - Extra context menu item: Send to Pic Grabber - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\image.htm
O8 - Extra context menu item: Send to Systray - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\systray.htm
O8 - Extra context menu item: 使用影音传送带下载 - C:\Program Files\Xi\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: 使用影音传送带下载全部链接 - C:\Program Files\Xi\NetTransport 2\NTAddList.html
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm
O8 - Extra context menu item: 访问通用网址 - C:\Program Files\CNNIC\Cdn\cnnic.htm
O9 - Extra button: 商机直通车 - {13b0c05c-ef05-4bf6-b0ea-f6111af25544} - C:\WINDOWS\System32\alitb\bar.dll
O9 - Extra button: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll
O9 - Extra 'Tools' menuitem: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll
O9 - Extra button: Infofo 工具栏 - {8507326C-B5C1-4559-BB91-0919E753836F} - C:\Program Files\Infofo Bar\infofobar.dll
O9 - Extra 'Tools' menuitem: Infofo 工具栏 - {8507326C-B5C1-4559-BB91-0919E753836F} - C:\Program Files\Infofo Bar\infofobar.dll
O9 - Extra button: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: 易趣购物 - {BE9C13C3-9E46-4db1-BC05-BD8DA44599F2} - http://adfarm.mediaplex.com/ad/ck/4080-23171-9517-195?cn=song;icon;hp&mpro=http://www.ebay.com.cn (file missing)
O9 - Extra 'Tools' menuitem: 易趣购物 - {BE9C13C3-9E46-4db1-BC05-BD8DA44599F2} - http://adfarm.mediaplex.com/ad/ck/4080-23171-9517-195?cn=song;icon;hp&mpro=http://www.ebay.com.cn (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\cdnns.dll
O11 - Options group: [CDNCLIENT]  中文上网
O11 - Options group: [TBH] QQ地址栏搜索
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by9fd.bay9.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {991481A7-4669-4E15-8C24-100404E1F5CB} (Blueskyvoice Control) - http://www.bluesky.cn/download/blueskyvoice_60.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Rising Process Communication Center (RsCCenter) - rising - C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\Ravmond.exe

建议修复：
O8 - Extra context menu item: Fullscreen Toggle - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\fullscrn.htm
O8 - Extra context menu item: Launch search in Tab 1 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\search1.htm
O8 - Extra context menu item: Launch search in Tab 2 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\search2.htm
O8 - Extra context menu item: Launch search in Tab 3 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\search3.htm
O8 - Extra context menu item: Launch search in Tab 4 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\search4.htm
O8 - Extra context menu item: Launch search in Tab 5 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\search5.htm
O8 - Extra context menu item: Launch search in Tab 6 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\search6.htm
O8 - Extra context menu item: Send Page to Tab 1 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\CurrentTo1.htm
O8 - Extra context menu item: Send Page to Tab 2 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\CurrentTo2.htm
O8 - Extra context menu item: Send Page to Tab 3 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\CurrentTo3.htm
O8 - Extra context menu item: Send Page to Tab 4 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\CurrentTo4.htm
O8 - Extra context menu item: Send Page to Tab 5 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\CurrentTo5.htm
O8 - Extra context menu item: Send Page to Tab 6 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\CurrentTo6.htm
O8 - Extra context menu item: Send Shortcut to Tab 1 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\sendtotab1.htm
O8 - Extra context menu item: Send Shortcut to Tab 2 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\sendtotab2.htm
O8 - Extra context menu item: Send Shortcut to Tab 3 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\sendtotab3.htm
O8 - Extra context menu item: Send Shortcut to Tab 4 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\sendtotab4.htm
O8 - Extra context menu item: Send Shortcut to Tab 5 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\sendtotab5.htm
O8 - Extra context menu item: Send Shortcut to Tab 6 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\sendtotab6.htm
O8 - Extra context menu item: Send to Pic Grabber - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\image.htm
O8 - Extra context menu item: Send to Systray - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1d4e48ec-f46b-498c-940d-526b4687c8ee\systray.htm
O9 - Extra button: 商机直通车 - {13b0c05c-ef05-4bf6-b0ea-f6111af25544} - C:\WINDOWS\System32\alitb\bar.dll

删除文件夹C:\WINDOWS\System32\alitb


O4 - HKLM\..\Run: [MoveSearch] C:\Program Files\wsearch\Search.exe
是“网络猪”的项目（也可能是划词搜索），如果楼主不想使用，请到开始-->设置-->控制面板-->添加删除程序, 卸载

谢谢斑竹~~~~~~~~麻烦你再帮我看看,还有个问题.每次电脑启动都会出现一个东西(请看图)我在启动配置没有找到这个东西.这个东西会拖慢速度的~~~~~~帮我看看谢谢了~~~~~

【回复“eric1984”的帖子】
修复：
O4 - HKLM\..\Run: [MoveSearch] C:\Program Files\wsearch\Search.exe

删除文件夹 C:\Program Files\wsearch

您可以先到控制面板添加删除程序里看看有没有它的卸载项。

太感激你了~~~~~~~斑竹~~~~~