FormVersion: 1.1
100 - Process: smss.exe - \SystemRoot\System32\smss.exe
100 - Process: csrss.exe - C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh觑?
100 - Process: winlogon.exe - winlogon.exe
100 - Process: services.exe - C:\WINDOWS\system32\services.exe
100 - Process: lsass.exe - C:\WINDOWS\system32\lsass.exe
100 - Process: ati2evxx.exe - C:\WINDOWS\system32\Ati2evxx.exe
100 - Process: svchost.exe - C:\WINDOWS\system32\svchost -k DcomLaunch
100 - Process: svchost.exe - C:\WINDOWS\system32\svchost -k rpcss
100 - Process: CCenter.exe - "C:\Program Files\Rising\Rav\CCenter.exe"
100 - Process: svchost.exe - C:\WINDOWS\System32\svchost.exe -k netsvcs
100 - Process: svchost.exe - C:\WINDOWS\system32\svchost.exe -k NetworkService
100 - Process: svchost.exe - C:\WINDOWS\system32\svchost.exe -k LocalService
100 - Process: RavMonD.exe - "C:\Program Files\Rising\Rav\Ravmond.exe"
100 - Process: ati2evxx.exe - Ati2evxx.exe -Client
100 - Process: explorer.exe - C:\WINDOWS\Explorer.EXE
100 - Process: rfwsrv.exe - "c:\program files\rising\rfw\rfwsrv.exe"
100 - Process: spoolsv.exe - C:\WINDOWS\system32\spoolsv.exe
100 - Process: RavStub.exe - "C:\Program Files\Rising\Rav\RavStub.exe" /RAVMOND
100 - Process: rfwmain.exe - -StartUp
100 - Process: MDM.EXE - "C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
100 - Process: alg.exe - C:\WINDOWS\System32\alg.exe
100 - Process: PDVDServ.exe - "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
100 - Process: realsched.exe - "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
100 - Process: SOUNDMAN.EXE - "C:\WINDOWS\SOUNDMAN.EXE"
100 - Process: RavTask.exe - "C:\Program Files\Rising\Rav\RavTask.exe" -system
100 - Process: RavMon.exe - "C:\Program Files\Rising\Rav\Ravmon.exe" -SYSTEM
100 - Process: bgoomain.exe - "C:\PROGRA~1\baigoo\bgoomain.exe"
100 - Process: ctfmon.exe - "C:\WINDOWS\system32\ctfmon.exe"
100 - Process: svchost.exe - C:\WINDOWS\System32\svchost.exe -k HTTPFilter
100 - Process: QQ.exe - "D:\QQ2006\QQ.exe"
100 - Process: TIMPlatform.exe - D:\QQ2006\TIMPlatform.exe -Embedding
100 - Process: QQPet.exe - "D:\QQ2006\qqpet\qqpet.exe" 514401010600041200BDA8B9B2BD8C9F8C80B2899A
100 - Process: MagicFlash.exe - "D:\QQ2006\MagicFlash.exe" "D:\QQ2006\MagicFace\{bde643b514d87e9ea1bf93c228e6d3ce2694.swf" "C:\DOCUME~1\Test\LOCALS~1\Temp\qmf\pmdBE9.tmp"
100 - Process: 360Safe.exe - "D:\360safe\360Safe.exe"
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page=http://www.qq.com/
R3 - URLSearchHook: (Tencent SearchHook) - {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} - C:\Program Files\TENCENT\Adplus\SSAddr1.dll
R3 - URLSearchHook: (Tencent SearchHook) - {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} - C:\Program Files\TENCENT\Adplus\SSAddr1.dll
O2 - BHO: (ThunderIEHelper Class) - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v8.dll
O2 - BHO: (Tencent Browser Helper) - {0C7C23EF-A848-485B-873C-0ED954731014} - C:\Program Files\TENCENT\Adplus\SSAddr1.dll
O2 - BHO: (Yahoo Ie-Bar) - {4FCE0A2B-6D48-4B22-AD7A-1ACACABC0B38} - C:\WINDOWS\twuenk_16.dll
O2 - BHO: (QQBrowserHelperObject Class) - {54EBD53A-9BC1-480B-966A-843A333CA162} - D:\QQ2006\QQIEHelper.dll
O2 - BHO: (Status Class) - {7BDAF75A-0D6F-4F50-AFE9-333D08DF4005} - C:\Program Files\baigoo\BGooBHO.dll
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [StormCodec_Helper] "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [Thunder] "C:\Program Files\Thunder Network\Thunder\ThunderShell.exe" /s
O4 - HKLM\..\Run: [bgoomain.exe] C:\PROGRA~1\baigoo\bgoomain.exe
O4 - HKLM\..\RunOnce: [RavStub] "C:\Program Files\Rising\Rav\ravstub.exe" /RUNONCE
O4 - HKLM\..\RunOnce: [C:\PROGRA~1\baigoo\plugin\bgoocos\bgoocos.dll] regsvr32 /s C:\PROGRA~1\baigoo\plugin\bgoocos\bgoocos.dll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup folder: [腾讯QQ.lnk] C:\Documents and Settings\Test\「开始」菜单\程序\启动\腾讯QQ.lnk
O8 - Extra context menu item: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\getallurl.htm
O8 - Extra context menu item: Google 搜索(&G) - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\QQ2006\AddToNetDisk.htm
O8 - Extra context menu item: 反向链接 - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\QQ2006\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\QQ2006\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\QQ2006\SendMMS.htm
O8 - Extra context menu item: 类似网页 - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: 缓存的网页快照 - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: 翻译英文字词(&T) - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O9 - Extra button: 信息检索(HKLM)
O9 - Extra button: 腾讯QQ(HKLM)
O9 - Extra button: QQ炫彩工具条设置(HKLM)
O9 - Extra button: Windows Messenger(HKLM)
O16 - DPF: {C661F36D-DF85-4EF4-83C7-E107B83D04B1} (WebActivater Control) - http://dl_dir.qq.com/3dshow/3DShowVM.cab
O17 - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{A1A94B0F-2DD9-4319-96FB-6E887FB4B81A}: NameServer = 61.139.2.69 202.98.96.68
O18 - Protocol: OFFICE 相关 - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll"
O18 - Protocol: OFFICE 相关 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
O23 - Service: Ati HotKey Poller - C:\WINDOWS\system32\ati2evxx.exe
O23 - Service: ATI Smart - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Dnscache - C:\WINDOWS\system32\dnsrslvr.dll
O23 - Service: EventSystem - C:\WINDOWS\system32\es.dll
O23 - Service: RfwProxySrv - c:\program files\Rising\Rfw\rfwProxy.exe
O23 - Service: RfwService - c:\program files\Rising\Rfw\rfwsrv.exe
O23 - Service: RsCCenter - C:\Program Files\Rising\Rav\CCenter.exe
O23 - Service: RsRavMon - C:\Program Files\Rising\Rav\RavMonD.exe

为什么还个病毒疫情实时检测那,还是危险啊!各位高手帮忙看一下!!!!!!!!!!

http://forum.ikaka.com/topic.asp?board=28&artid=8105899
下载HijackThis...把日志帖上来..

楼主,你发的是什么的日志啊

发的超级无敌日志..完全不知道什么玩意扫的..