电脑正常启动瑞星杀毒软件(多次点击都无任何反应)用HijackThis扫描日记如下!
日志文件 Trend Micro HijackThis v 2.0.2
日志保存时间: 17:27:22,2008-06-17
操作系统: Windows XP SP2 (WinNT 5.01.2600)
IE版本: Internet Explorer v6.00 SP2 (6.00.2900.2180)
启动模式: 正常
正在运行的进程:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\MsgGhost.exe
C:\WINDOWS\system32\ServerNT.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Administrator\桌面\HijackThis.exe
R3 - 默认 URLSearchHook 丢失
F2 - REG:system.ini: Shell=Explorer.exe,22.exe
O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll
O2 - BHO: ThunderBHO - {7369D359-5B70-4A5B-B789-B25FE09B4AF3} - C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll
O2 - BHO: SafeMon Class - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} - C:\Program Files\360safe\safemon\safemon.dll
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O8 - 扩展右键菜单项: 使用迅雷下载 - C:\Program Files\Thunder\Program\geturl.htm
O8 - 扩展右键菜单项: 使用迅雷下载全部链接 - C:\Program Files\Thunder\Program\getallurl.htm
O8 - 扩展右键菜单项: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O17 - HKLM\System\CCS\Services\Tcpip\..\{2FD854F8-3FF2-401D-9075-2D43245F55A7}: NameServer = 61.128.128.68,61.128.192.68
O17 - HKLM\System\CS1\Services\Tcpip\..\{2FD854F8-3FF2-401D-9075-2D43245F55A7}: NameServer = 61.128.128.68,61.128.192.68
O20 - AppInit_DLLs: ytewcxzsw.dll,msosfasq00.dll,msoscqet00.dll,msosjtfo00.dll,pppppp.dll,bbbbbb.dll,qqqqqq.dll,3680x.dll,eeeeee.dll,yyyyyy.dll,vvvvvv.dll
O21 - SSODL: midimapzt - {4F4F0064-71E0-4f0d-0001-708476C7815F} - C:\WINDOWS\system32\midimapzt.dll
O21 - SSODL: midimapms - {4F4F0064-71E0-4f0d-0014-708476C7815F} - C:\WINDOWS\system32\midimapms.dll
O21 - SSODL: midimaptl - {4F4F0064-71E0-4f0d-0017-708476C7815F} - C:\WINDOWS\system32\midimaptl.dll
O21 - SSODL: midimapzx - {4F4F0064-71E0-4f0d-0005-708476C7815F} - C:\WINDOWS\system32\midimapzx.dll
O21 - SSODL: midimapqn3 - {4F4F0064-71E0-4f0d-0022-708476C7815F} - C:\WINDOWS\system32\midimapqn3.dll
O21 - SSODL: midimapgj - {4F4F0064-71E0-4f0d-0003-708476C7815F} - C:\WINDOWS\system32\midimapgj.dll
O21 - SSODL: midimapwl - {4F4F0064-71E0-4f0d-0004-708476C7815F} - C:\WINDOWS\system32\midimapwl.dll
O21 - SSODL: midimapjr - {4F4F0064-71E0-4f0d-0012-708476C7815F} - C:\WINDOWS\system32\midimapjr.dll
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
O23 - NT 服务: UfAutoLoadService - Unknown owner - C:\WINDOWS\system32\UfAutoLoadService.exe
O23 - NT 服务: UfMsgGhost - Unknown owner - C:\WINDOWS\system32\MsgGhost.exe
O23 - NT 服务: U8AuthServer (UFNet) - Unknown owner - C:\WINDOWS\system32\ServerNT.exe
--
文件结束 - 3680 字节
用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
