我好像不知不觉中装了很多流氓软件 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛我好像不知不觉中装了很多流氓软件

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

我好像不知不觉中装了很多流氓软件

我是个笨蛋初生襁褓狮帖子:5 注册: 2006-06-18 来自:	发表于： 2006-06-18 23:04 \| 只看楼主短消息资料字号：小中大 1楼我好像不知不觉中装了很多流氓软件 Logfile of HijackThis v1.99.0 Scan saved at 22:46:16, on 2006-6-18 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Unable to get Internet Explorer version! Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Rising\Rav\CCenter.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe C:\Program Files\Rising\Rav\Ravmond.exe c:\program files\rising\rfw\rfwsrv.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Rising\Rav\RavStub.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Explorer.EXE c:\program files\rising\rfw\RfwMain.exe C:\Program Files\rising\Rav\RavMon.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\CTFMON.EXE D:\Program Files\TENCENT\QQ\QQ.exe D:\Program Files\TENCENT\QQ\TIMPlatform.exe C:\WINDOWS\temp\realsched.exe C:\WINDOWS\system32\MicrosoftLive.exe C:\WINDOWS\system32\Rundll32.exe C:\dwnSetup\101627.exe C:\Program Files\baigoo\bgoomain.exe C:\Program Files\Internet Explorer\iexplore.exe D:\软件\hijackthis.exe 2006-06-19 16:26:47.640000000
我是个笨蛋初生襁褓狮帖子:5 注册: 2006-06-18 来自:	分享到：

我是个笨蛋初生襁褓狮帖子:5 注册: 2006-06-18 来自:	发表于： 2006-06-18 23:06 \| 只看楼主短消息资料字号：小中大 2楼 R3 - URLSearchHook: (no name) - {59CA9DF8-1B76-4DCB-BCE3-D009B81F8D50} - C:\WINDOWS\system32\Gjjg.dll R3 - URLSearchHook: (no name) - {60CEF77A-329E-4ED7-B7EF-B32818B73C98} - C:\WINDOWS\system32\Ejmuzx.dll R3 - URLSearchHook: (no name) - {2EA9E7DE-D35E-4C63-9116-F1526225B5CC} - C:\WINDOWS\system32\Ujeb.dll R3 - URLSearchHook: (no name) - {C1D04B3A-75B0-450B-870A-289EB45E874B} - C:\WINDOWS\system32\Ywhac.dll R3 - URLSearchHook: (no name) - {F62E70A9-3401-4F93-9143-18C1BADEB322} - C:\WINDOWS\system32\Xvqga.dll R3 - URLSearchHook: (no name) - {E1D27A9D-76CF-4D57-B637-F8BC92FFC593} - C:\WINDOWS\system32\Lbdqdt.dll R3 - URLSearchHook: (no name) - {6B5FF867-4912-4EC3-B65F-DA3402FFEC60} - C:\WINDOWS\system32\Qzbhx.dll R3 - URLSearchHook: (no name) - {9D251FA3-91C8-49C4-9527-9C4FD0FF05C9} - C:\WINDOWS\system32\Nkjrdx.dll R3 - URLSearchHook: (no name) - {398EDB4E-2BC0-44B5-BEB4-8C1C961495FA} - C:\WINDOWS\system32\Kovdp.dll R3 - URLSearchHook: (no name) - {AEAC1F49-660D-458E-AD0F-B605A9271FBB} - C:\WINDOWS\system32\Sepza.dll R3 - URLSearchHook: (no name) - {D3F8097C-5520-4C80-92E2-C6CF872394F2} - C:\WINDOWS\system32\Wjoqy.dll R3 - URLSearchHook: (no name) - {9A71726D-9552-44A3-90B3-906829BA161E} - C:\WINDOWS\system32\Zyiv.dll R3 - URLSearchHook: (no name) - {F52A68C3-80C3-4DB5-B67E-167A2466824E} - C:\WINDOWS\system32\Qjrjmh.dll R3 - URLSearchHook: (no name) - {3E4349A0-0E0C-4AC3-8A15-411C317135DD} - C:\WINDOWS\system32\Hyxnuc.dll R3 - URLSearchHook: Kuaiso Toolsbar - {6D53ADB7-6AD5-4A59-BFE4-7B57D2F4AA89} - C:\Program Files\Kuaiso Toolsbar\Kuaiso_06003.dll F2 - REG:system.ini: UserInit=userinit.exe,C:\WINDOWS\system32\inituser.exe O2 - BHO: (no name) - {02B0E755-4D4A-438A-8896-0A7C9352C19F}? - (no file) O2 - BHO: (no name) - {08A312BB-5409-49FC-9347-54BB7D069AC6}? - (no file) O2 - BHO: (no name) - {0E526921-0ABF-4D35-88B2-301062F9712D}? - (no file) O2 - BHO: wmpdrm - {0E674588-66B7-4E19-9D0E-2053B800F69F} - C:\WINDOWS\system32\wmpdrm.dll O2 - BHO: wmpdrm - {0E674588-66B7-4E19-9D0E-2053B800F69F}? - (no file) O2 - BHO: (no name) - {14A21378-5BB1-4BC4-95D5-5D3F51527F6F}? - (no file) O2 - BHO: (no name) - {16A770A0-0E87-4278-B748-2460D64A8386}? - (no file) O2 - BHO: (no name) - {26AAF39C-695B-43C2-8925-AADD04AF82F5}? - (no file) O2 - BHO: (no name) - {2EA9E7DE-D35E-4C63-9116-F1526225B5CC}? - (no file) O2 - BHO: (no name) - {398EDB4E-2BC0-44B5-BEB4-8C1C961495FA}? - (no file) O2 - BHO: (no name) - {3E4349A0-0E0C-4AC3-8A15-411C317135DD}? - (no file) O2 - BHO: (no name) - {43045C83-DEC7-46D3-90CB-F4E16D0E213F}? - (no file) O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162}? - (no file) O2 - BHO: (no name) - {59CA9DF8-1B76-4DCB-BCE3-D009B81F8D50} - C:\WINDOWS\system32\Gjjg.dll O2 - BHO: (no name) - {5ABC5DB4-7D8B-4EA3-802C-6C2F2374E165}? - (no file) O2 - BHO: (no name) - {5DA29257-81CA-4DFE-A866-46C60F6E9A61}? - (no file) O2 - BHO: XBTP03129 - {6029B367-250A-4696-925C-641709CA7381}? - (no file) O2 - BHO: (no name) - {60CEF77A-329E-4ED7-B7EF-B32818B73C98}? - (no file) O2 - BHO: (no name) - {645669D6-7BD0-4630-8D26-1EFBC421FB28}? - (no file) O2 - BHO: MMSAssist - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll O2 - BHO: MMSAssist - {6671A431-5C3D-463d-A7CF-5587F9B7E191}? - (no file) O2 - BHO: (no name) - {6B280AC7-8B18-46A4-BF70-FC579A1B2F76}? - (no file) O2 - BHO: (no name) - {6B5FF867-4912-4EC3-B65F-DA3402FFEC60}? - (no file) O2 - BHO: (no name) - {6BF6E64D-52D6-4F79-A579-2BF39D867BEF}? - (no file) O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\PROGRA~1\baidu\bar\baidubar.dll O2 - BHO: bg - {7BDAF75A-0D6F-4F50-AFE9-333D08DF4005}? - (no file) O2 - BHO: (no name) - {8465D755-AFE0-40ef-BC5E-2290D2C1F31F}? - (no file) O2 - BHO: (no name) - {92FB5F8F-8254-4978-9C50-03D9B0405062}? - (no file) O2 - BHO: (no name) - {954BC627-FE38-44AA-810F-66F39B4B8E02}? - (no file) O2 - BHO: (no name) - {9A71726D-9552-44A3-90B3-906829BA161E}? - (no file) O2 - BHO: NewWeb Controller - {9ACEEE30-143F-471A-AA45-72B061FE7D60}? - (no file) O2 - BHO: (no name) - {9D251FA3-91C8-49C4-9527-9C4FD0FF05C9}? - (no file) O2 - BHO: (no name) - {A2477A16-800F-41BD-BD6D-AE081F9B3EBD}? - (no file) O2 - BHO: (no name) - {A3E2C0D8-CB85-4222-9C09-9C6018CED371}? - (no file) O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B}? - (no file) O2 - BHO: HBObject Class - {AE22AFE5-1EF4-4D25-9E23-D2825FB17DA1} - C:\PROGRA~1\hbclient\HBHelper.dll O2 - BHO: (no name) - {AE22AFE5-1EF4-4D25-9E23-D2825FB17DA1}? - (no file) O2 - BHO: (no name) - {AEAC1F49-660D-458E-AD0F-B605A9271FBB}? - (no file) O2 - BHO: (no name) - {B3674A58-826A-4A5D-8C69-7FE607746228}? - (no file) O2 - BHO: (no name) - {B8CCDD47-38E4-4CD2-B7FA-3B4B690F74BD}? - (no file) O2 - BHO: (no name) - {C1D04B3A-75B0-450B-870A-289EB45E874B}? - (no file) O2 - BHO: (no name) - {D3F8097C-5520-4C80-92E2-C6CF872394F2}? - (no file) O2 - BHO: (no name) - {D5BA132E-88D0-47B7-9163-B9BF40239C2E}? - (no file) O2 - BHO: (no name) - {D7E8B076-CE3E-48C0-A6B5-8D68C81D7DB6}? - (no file) O2 - BHO: (no name) - {DD125569-61C4-42D1-97A4-6CA612D7F026}? - (no file) O2 - BHO: (no name) - {E1D27A9D-76CF-4D57-B637-F8BC92FFC593}? - (no file) O2 - BHO: (no name) - {F52A68C3-80C3-4DB5-B67E-167A2466824E}? - (no file) O2 - BHO: IEHlprObj Class - {F5B3ECED-9BF3-4f7e-882B-A6E75343C499} - C:\Progra~1\NetMeeting\netinit.dll O2 - BHO: (no name) - {F5B3ECED-9BF3-4f7e-882B-A6E75343C499}? - (no file) O2 - BHO: (no name) - {F62E70A9-3401-4F93-9143-18C1BADEB322}? - (no file) O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll O3 - Toolbar: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - C:\Program Files\Kingsoft\FastAIT 2005\IEBand.dll O3 - Toolbar: 百度超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\PROGRA~1\baidu\bar\baidubar.dll O3 - Toolbar: (no name) - {F869BB38-FFEF-4589-B986-610B7AD0ADA2}? - (no file) O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\KakaTool.dll O3 - Toolbar: IE标准栏 - {954F618B-0DEC-4D1A-9317-E0FC96F87865} - C:\WINDOWS\system32\amstreamxb.dll O3 - Toolbar: (no name) - {902DF477-B757-44DD-9430-2EE942187BEC}? - (no file) O3 - Toolbar: (no name) - {6D53ADB7-6AD5-4A59-BFE4-7B57D2F4AA89}? - (no file)
我是个笨蛋初生襁褓狮帖子:5 注册: 2006-06-18 来自:

我是个笨蛋初生襁褓狮帖子:5 注册: 2006-06-18 来自:	发表于： 2006-06-18 23:06 \| 只看楼主短消息资料字号：小中大 3楼 O4 - HKLM\..\Run: [Rav] C:\Program Files\rising\Rav\RavMon.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKLM\..\Run: [RichMedia] C:\WINDOWS\system32\Rundll32.exe "C:\PROGRA~1\hbclient\HBHelper.dll",WaitWindows O4 - HKLM\..\Run: [spoolsv] C:\WINDOWS\system32\spoolsv\spoolsv.exe -printer O8 - Extra context menu item: >> 彩信发送 << - res://C:\PROGRA~1\MMSASS~1\Mmsass~1.dll/mms.htm O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\Program Files\TENCENT\QQ\AddToNetDisk.htm O8 - Extra context menu item: 使用网际快车下载 - C:\Program Files\FLASHGET\jc_link.htm O8 - Extra context menu item: 使用网际快车下载全部链接 - C:\Program Files\FLASHGET\jc_all.htm O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: 添加到QQ自定义面板 - D:\Program Files\TENCENT\QQ\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - D:\Program Files\TENCENT\QQ\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\Program Files\TENCENT\QQ\SendMMS.htm O8 - Extra context menu item: 用比特精灵下载(&B) - D:\Program Files\BitSpirit\bsurl.htm O8 - Extra context menu item: 百度--MP3搜索 - RES://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUMP3.HTM O8 - Extra context menu item: 百度--图片搜索 - RES://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUIMG.HTM O8 - Extra context menu item: 百度--新闻搜索 - RES://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUNEWS.HTM O8 - Extra context menu item: 百度--歌词搜索 - RES://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDULYRIC.HTM O8 - Extra context menu item: 百度--网页搜索 - RES://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUSEARCH.HTM O8 - Extra context menu item: 百度--词典搜索 - RES://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDU_DIC.HTM O8 - Extra context menu item: 百度--贴吧搜索 - RES://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUPOST.HTM O9 - Extra button: 新浪UC - {2253922F-1B26-4C74-8B57-E3AEE748DBB8} - D:\Program Files\sina\UC\uc.exe O9 - Extra button: (no name) - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll O9 - Extra 'Tools' menuitem: MMSAssist工具条设置 - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll O9 - Extra button: (no name) - {6671A433-5C3D-463d-A7CF-5587F9B7E191}? - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll O9 - Extra 'Tools' menuitem: MMSAssist工具条设置 - {6671A433-5C3D-463d-A7CF-5587F9B7E191}? - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - d:\Program Files\Tencent\QQ\QQ.EXE O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - d:\Program Files\Tencent\QQ\QQ.EXE O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - d:\Program Files\Tencent\QQ\QQIEHelper.dll O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - d:\Program Files\Tencent\QQ\QQIEHelper.dll O10 - Broken Internet access because of LSP provider 'c:\windows\system32\cdnns.dll' missing O16 - DPF: {3D8F74EE-8692-4F8F-B8D2-7522E732519E} (WebActivater Control) - http://game.qq.com/QQGame2.cab O16 - DPF: {5EC7C511-CD0F-42E6-830C-1BD9882F3458} - http://download.ppstream.com/bin/powerplayer.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1121405533622 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1134049727900 O16 - DPF: {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} (AxSubmitControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{5F1C7108-AAA2-4678-978B-4ADCF5D79792}: NameServer = 202.96.104.28 202.96.104.25 O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll O18 - Protocol: cdl - {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll O18 - Protocol: file - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: ftp - {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: gopher - {79EAC9E4-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: http - {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: https - {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: ipp - (no CLSID) - (no file) O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - (no file) O18 - Protocol: local - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: mailto - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll O18 - Protocol: mhtml - {05300401-BCBC-11D0-85E3-00C04FD85AB4} - C:\WINDOWS\System32\inetcomm.dll O18 - Protocol: mk - {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll O18 - Protocol: msdaipp - (no CLSID) - (no file) O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\System32\mshtml.dll O18 - Protocol: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - (no file) O18 - Protocol: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\System32\wiascr.dll O23 - Service: Rising Proxy Service - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe O23 - Service: Rising Personal Firewall Service - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe O23 - Service: Rising Process Communication Center - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe O23 - Service: RsRavMon Service - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe O23 - Service: StyleXPService - Unknown - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe 这是HijackThis的日志，谁帮我看看都装了哪些流氓软件，该如何删除？（百度的不要删）。最好还帮我看看有没有中什么病毒，先谢谢了~~~~
我是个笨蛋初生襁褓狮帖子:5 注册: 2006-06-18 来自:

我是个笨蛋初生襁褓狮帖子:5 注册: 2006-06-18 来自:	发表于： 2006-06-18 23:23 \| 只看楼主短消息资料字号：小中大 4楼我是安装了下面这个地址下载来得程序，一下子装了很多流氓软件 http://www.softnews.cn/down.asp?id=922&no=1
我是个笨蛋初生襁褓狮帖子:5 注册: 2006-06-18 来自:

我是个笨蛋初生襁褓狮帖子:5 注册: 2006-06-18 来自:	发表于： 2006-06-19 00:11 \| 只看楼主短消息资料字号：小中大 5楼用超级兔子删除了一些，看看还有问题吗？ Logfile of HijackThis v1.99.0 Scan saved at 23:46:41, on 2006-6-18 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Unable to get Internet Explorer version! Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Rising\Rav\CCenter.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe C:\Program Files\Rising\Rav\Ravmond.exe c:\program files\rising\rfw\rfwsrv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Rising\Rav\RavStub.exe c:\program files\rising\rfw\RfwMain.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\rising\Rav\RavMon.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Internet Explorer\iexplore.exe D:\软件\hijackthis.exe R3 - URLSearchHook: (no name) - {59CA9DF8-1B76-4DCB-BCE3-D009B81F8D50} - C:\WINDOWS\system32\Gjjg.dll R3 - URLSearchHook: (no name) - {60CEF77A-329E-4ED7-B7EF-B32818B73C98} - C:\WINDOWS\system32\Ejmuzx.dll R3 - URLSearchHook: (no name) - {2EA9E7DE-D35E-4C63-9116-F1526225B5CC} - C:\WINDOWS\system32\Ujeb.dll R3 - URLSearchHook: (no name) - {C1D04B3A-75B0-450B-870A-289EB45E874B} - C:\WINDOWS\system32\Ywhac.dll R3 - URLSearchHook: (no name) - {F62E70A9-3401-4F93-9143-18C1BADEB322} - C:\WINDOWS\system32\Xvqga.dll R3 - URLSearchHook: (no name) - {E1D27A9D-76CF-4D57-B637-F8BC92FFC593} - C:\WINDOWS\system32\Lbdqdt.dll R3 - URLSearchHook: (no name) - {6B5FF867-4912-4EC3-B65F-DA3402FFEC60} - C:\WINDOWS\system32\Qzbhx.dll R3 - URLSearchHook: (no name) - {9D251FA3-91C8-49C4-9527-9C4FD0FF05C9} - C:\WINDOWS\system32\Nkjrdx.dll R3 - URLSearchHook: (no name) - {398EDB4E-2BC0-44B5-BEB4-8C1C961495FA} - C:\WINDOWS\system32\Kovdp.dll R3 - URLSearchHook: (no name) - {AEAC1F49-660D-458E-AD0F-B605A9271FBB} - C:\WINDOWS\system32\Sepza.dll R3 - URLSearchHook: (no name) - {D3F8097C-5520-4C80-92E2-C6CF872394F2} - C:\WINDOWS\system32\Wjoqy.dll R3 - URLSearchHook: (no name) - {9A71726D-9552-44A3-90B3-906829BA161E} - C:\WINDOWS\system32\Zyiv.dll R3 - URLSearchHook: (no name) - {F52A68C3-80C3-4DB5-B67E-167A2466824E} - C:\WINDOWS\system32\Qjrjmh.dll R3 - URLSearchHook: (no name) - {3E4349A0-0E0C-4AC3-8A15-411C317135DD} - C:\WINDOWS\system32\Hyxnuc.dll F2 - REG:system.ini: UserInit=userinit.exe,C:\WINDOWS\system32\inituser.exe O2 - BHO: Shockwave Flash Object - {14A21378-5BB1-4BC4-95D5-5D3F51527F6F} - C:\WINDOWS\system32\swflash.ocx O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\PROGRA~1\baidu\bar\baidubar.dll O2 - BHO: IEHlprObj Class - {F5B3ECED-9BF3-4f7e-882B-A6E75343C499} - C:\Progra~1\NetMeeting\netinit.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll O3 - Toolbar: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - C:\Program Files\Kingsoft\FastAIT 2005\IEBand.dll O3 - Toolbar: 百度超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\PROGRA~1\baidu\bar\baidubar.dll O3 - Toolbar: (no name) - {F869BB38-FFEF-4589-B986-610B7AD0ADA2}? - (no file) O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\KakaTool.dll O3 - Toolbar: (no name) - {902DF477-B757-44DD-9430-2EE942187BEC}? - (no file) O3 - Toolbar: (no name) - {6D53ADB7-6AD5-4A59-BFE4-7B57D2F4AA89}? - (no file) O4 - HKLM\..\Run: [Rav] C:\Program Files\rising\Rav\RavMon.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\Program Files\TENCENT\QQ\AddToNetDisk.htm O8 - Extra context menu item: 使用网际快车下载 - C:\PROGRA~1\FLASHGET\jc_link.htm O8 - Extra context menu item: 使用网际快车下载全部链接 - C:\PROGRA~1\FLASHGET\jc_all.htm O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: 添加到QQ自定义面板 - D:\Program Files\TENCENT\QQ\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - D:\Program Files\TENCENT\QQ\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\Program Files\TENCENT\QQ\SendMMS.htm O9 - Extra button: 新浪UC - {2253922F-1B26-4C74-8B57-E3AEE748DBB8} - D:\Program Files\sina\UC\uc.exe O9 - Extra button: (no name) - {6671A433-5C3D-463d-A7CF-5587F9B7E191}? - C:\WINDOWS\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: MMSAssist工具条设置 - {6671A433-5C3D-463d-A7CF-5587F9B7E191}? - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - d:\Program Files\Tencent\QQ\QQ.EXE O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - d:\Program Files\Tencent\QQ\QQ.EXE O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - d:\Program Files\Tencent\QQ\QQIEHelper.dll O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - d:\Program Files\Tencent\QQ\QQIEHelper.dll O10 - Broken Internet access because of LSP provider 'c:\windows\system32\cdnns.dll' missing O16 - DPF: {3D8F74EE-8692-4F8F-B8D2-7522E732519E} (WebActivater Control) - http://game.qq.com/QQGame2.cab O16 - DPF: {5EC7C511-CD0F-42E6-830C-1BD9882F3458} - http://download.ppstream.com/bin/powerplayer.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1121405533622 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1134049727900 O16 - DPF: {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} (AxSubmitControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{5F1C7108-AAA2-4678-978B-4ADCF5D79792}: NameServer = 202.96.104.28 202.96.104.25 O23 - Service: Rising Proxy Service - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe O23 - Service: Rising Personal Firewall Service - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe O23 - Service: Rising Process Communication Center - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe O23 - Service: RsRavMon Service - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe O23 - Service: StyleXPService - Unknown - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
我是个笨蛋初生襁褓狮帖子:5 注册: 2006-06-18 来自:

轩辕小聪卡卡技术团队帖子:8368 注册: 2006-01-09 来自:	发表于： 2006-06-19 16:26 \| 短消息资料字号：小中大 6楼修复： R3 - URLSearchHook: (no name) - {59CA9DF8-1B76-4DCB-BCE3-D009B81F8D50} - C:\WINDOWS\system32\Gjjg.dll R3 - URLSearchHook: (no name) - {60CEF77A-329E-4ED7-B7EF-B32818B73C98} - C:\WINDOWS\system32\Ejmuzx.dll R3 - URLSearchHook: (no name) - {2EA9E7DE-D35E-4C63-9116-F1526225B5CC} - C:\WINDOWS\system32\Ujeb.dll R3 - URLSearchHook: (no name) - {C1D04B3A-75B0-450B-870A-289EB45E874B} - C:\WINDOWS\system32\Ywhac.dll R3 - URLSearchHook: (no name) - {F62E70A9-3401-4F93-9143-18C1BADEB322} - C:\WINDOWS\system32\Xvqga.dll R3 - URLSearchHook: (no name) - {E1D27A9D-76CF-4D57-B637-F8BC92FFC593} - C:\WINDOWS\system32\Lbdqdt.dll R3 - URLSearchHook: (no name) - {6B5FF867-4912-4EC3-B65F-DA3402FFEC60} - C:\WINDOWS\system32\Qzbhx.dll R3 - URLSearchHook: (no name) - {9D251FA3-91C8-49C4-9527-9C4FD0FF05C9} - C:\WINDOWS\system32\Nkjrdx.dll R3 - URLSearchHook: (no name) - {398EDB4E-2BC0-44B5-BEB4-8C1C961495FA} - C:\WINDOWS\system32\Kovdp.dll R3 - URLSearchHook: (no name) - {AEAC1F49-660D-458E-AD0F-B605A9271FBB} - C:\WINDOWS\system32\Sepza.dll R3 - URLSearchHook: (no name) - {D3F8097C-5520-4C80-92E2-C6CF872394F2} - C:\WINDOWS\system32\Wjoqy.dll R3 - URLSearchHook: (no name) - {9A71726D-9552-44A3-90B3-906829BA161E} - C:\WINDOWS\system32\Zyiv.dll R3 - URLSearchHook: (no name) - {F52A68C3-80C3-4DB5-B67E-167A2466824E} - C:\WINDOWS\system32\Qjrjmh.dll R3 - URLSearchHook: (no name) - {3E4349A0-0E0C-4AC3-8A15-411C317135DD} - C:\WINDOWS\system32\Hyxnuc.dll F2 - REG:system.ini: UserInit=userinit.exe,C:\WINDOWS\system32\inituser.exe O2 - BHO: IEHlprObj Class - {F5B3ECED-9BF3-4f7e-882B-A6E75343C499} - C:\Progra~1\NetMeeting\netinit.dll O3 - Toolbar: (no name) - {F869BB38-FFEF-4589-B986-610B7AD0ADA2}? - (no file) O3 - Toolbar: (no name) - {902DF477-B757-44DD-9430-2EE942187BEC}? - (no file) O3 - Toolbar: (no name) - {6D53ADB7-6AD5-4A59-BFE4-7B57D2F4AA89}? - (no file) 重启后删除： C:\WINDOWS\system32\inituser.exe C:\WINDOWS\system32\Gjjg.dll C:\WINDOWS\system32\Ejmuzx.dll C:\WINDOWS\system32\Ujeb.dll C:\WINDOWS\system32\Ywhac.dll C:\WINDOWS\system32\Xvqga.dll C:\WINDOWS\system32\Lbdqdt.dll C:\WINDOWS\system32\Qzbhx.dll C:\WINDOWS\system32\Nkjrdx.dll C:\WINDOWS\system32\Kovdp.dll C:\WINDOWS\system32\Sepza.dll C:\WINDOWS\system32\Wjoqy.dll C:\WINDOWS\system32\Zyiv.dll C:\WINDOWS\system32\Qjrjmh.dll C:\WINDOWS\system32\Hyxnuc.dll C:\Progra~1\NetMeeting\netinit.dll
轩辕小聪卡卡技术团队帖子:8368 注册: 2006-01-09 来自:

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT