发表于: 2005-10-22 09:44 | 只看楼主 短消息 资料
字号: 1楼

不幸中灰鸽子,这是我的hijackthis日志,请帮忙指导!!谢谢!!

Logfile of HijackThis v1.99.0
Scan saved at 9:41:28, on 2005-10-22
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
C:\PROGRAM FILES\RISING\RAV\RavStub.exe
c:\program files\rising\rfw\rfwsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\AlienGUIse\wbload.exe
C:\WINDOWS\Explorer.EXE
c:\program files\rising\rfw\RfwMain.exe
C:\Program Files\周杰伦语音整点报时\周杰伦语音整点报时.exe
C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
C:\PROGRA~1\RISING\RAV\RAVMON.EXE
C:\WINDOWS\system32\ctfmon.exe
F:\Maxthon\Maxthon.exe
E:\hijackthis1.97_qoo\HijackThis\HijackThis.exe

R3 - URLSearchHook: 全能助手广告拦截专家 - {ED51E9A3-16C5-4236-99E0-9F093B021433} - D:\TweakAssist\AssistIEBar.dll
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v8.dll
O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\PROGRA~1\baidu\bar\baidubar.dll
O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O2 - BHO: IEHlprObj Class - {C5E5DB7E-46B1-47E6-8447-2E517F269925} - D:\网络杂志\GETIE.dll
O2 - BHO: 超级兔子上网精灵 - {FEDF637B-F631-4583-A210-33CC828D42DB} - D:\MagicSet\HaokanBar.dll (file missing)
O3 - Toolbar: 百度超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\PROGRA~1\baidu\bar\baidubar.dll
O3 - Toolbar: 卡卡安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\kakatool.dll
O3 - Toolbar: 超级兔子上网精灵 - {FEDF637B-F631-4583-A210-33CC828D42DB} - D:\MagicSet\HaokanBar.dll (file missing)
O3 - Toolbar: 全能助手广告拦截专家 - {ED51E9A3-16C5-4236-99E0-9F093B021433} - D:\TweakAssist\AssistIEBar.dll
O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [jayclock] C:\Program Files\周杰伦语音整点报时\周杰伦语音整点报时.exe
O4 - HKLM\..\Run: [RavTimer] C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
O4 - HKLM\..\Run: [RavMon] C:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &使用暴风下载器下载 - E:\Storm Downloader\geturl.htm
O8 - Extra context menu item: &使用迅雷下载 - D:\Thunder\geturl.htm
O8 - Extra context menu item: 使用Kugoo下载 - F:\KuGoo2\KugooDownX.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - E:\腾讯QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - E:\腾讯QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - E:\腾讯QQ\SendMMS.htm
O8 - Extra context menu item: 百度-词典搜索 - res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDU_DIC.HTM
O9 - Extra button: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-E800A446447A} - E:\浩方对战平台\GameClient.exe
O9 - Extra button: 访问瑞星网站 - {FF2DE7A6-ECB1-4CBC-9C0E-D92A9E66E444} - http://www.rising.com.cn (file missing)
O9 - Extra button: 访问卡卡社区 - {FF2DE7A6-ECB1-4CBC-9C0E-D92A9E66E445} - http://www.ikaka.com (file missing)
O17 - HKLM\System\CCS\Services\Tcpip\..\{902C4EA0-D22D-440D-9C0D-7A7EB546986B}: NameServer = 202.99.192.68 202.99.192.66
O18 - Filter: text/x-mrml - {C51721BE-858B-4A66-A8BF-D2882FF49820} - D:\手只机铃逡音舯编嗉辑软砑件\players\MidRadio\MidRadio.ocx
O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - D:\美雷桌繺\iprepair.dll (file missing)
O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Rising Personal Firewall Service - Beijing Rising Technology Corporation Limited - c:\program files\rising\rfw\rfwsrv.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) - Unknown - %ProgramFiles%\WinPcap\rpcapd.exe (file missing)
O23 - Service: Rising Process Communication Center - rising - C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
O23 - Service: RsRavMon Service - Beijing Rising Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
O23 - Service: StyleXPService - Unknown - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Windows Client Sevice - Unknown - C:\WINDOWS\Exp1orer.exe
最后编辑2005-10-22 09:44:10