Logfile of HijackThis v1.99.0
Scan saved at 11:12:40, on 2006-11-18
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
D:\瑞星杀毒\Rising\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
D:\瑞星杀毒\Rising\Rising\Rav\Ravmond.exe
d:\瑞星杀毒\rising\rising\rfwsrv.exe
C:\WINDOWS\system32\spoolsv.exe
D:\瑞星杀毒\Rising\Rising\Rav\RavStub.exe
d:\瑞星杀毒\rising\rising\RfwMain.exe
D:\瑞星杀毒\Rising\Rising\Rav\RavTask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\瑞星杀毒\Rising\Rising\Rav\Ravmon.exe
C:\WINDOWS\System32\ctfmon.exe
C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe
C:\PROGRA~1\Yahoo!\ASSIST~1\ylive.exe
C:\WINDOWS\explorer.exe
D:\winrar解压\WinRAR.exe
C:\DOCUME~1\shan\LOCALS~1\Temp\Rar$EX00.814\首页绑架克星 - HijackThis1.99.exe
C:\WINDOWS\notepad.exe
R3 - URLSearchHook: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\Program Files\Yahoo!\Assistant\Assist\yasbar.dll
O2 - BHO: (no name) - {0CB66BA8-5E1F-4963-93D1-E1D6B78FE9A2} - (no file)
O2 - BHO: MyIEHelper Class - {16B770A0-0E87-4278-B748-2460D64A8386} - C:\Documents and Settings\All Users\Application Data\Microsoft\UserData\IEHelper_5012.dll (file missing)
O2 - BHO: XBTP03129 - {6029B367-250A-4696-925C-641709CA7381} - (no file)
O2 - BHO: (no name) - {70AFF2CB-9DA2-499C-8D15-900729FCE83D} - (no file)
O2 - BHO: 5940.cn导航 BHO - {9411F42F-09FF-4FB5-ADD3-30ECAC43DC51} - (no file)
O2 - BHO: (no name) - {CE7C3CF0-98A8-474D-B2B5-1ED7E2E3B004} - (no file)
O3 - Toolbar: 雅虎助手 - {406F94F0-504F-4A40-8DFD-58B0666ABEBD} - C:\Program Files\Yahoo!\Assistant\Assist\yasbar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [RavTask] "D:\瑞星杀毒\Rising\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [YLive.exe] C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
O4 - HKLM\..\Run: [yassistse] "C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe"
O4 - HKLM\..\Run: [CdnCtr] ; C:\Program Files\CNNIC\Cdn\cdnup.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O10 - Broken Internet access because of LSP provider 'c:\windows\system32\cdnns.dll' missing
O14 - IERESET.INF: START_PAGE_URL=http://www.microsoft.com/
O23 - Service: C7876130 - Unknown - C:\WINDOWS\System32\C7876130.EXE (file missing)
O23 - Service: Rising Proxy Service - Beijing Rising Technology Co., Ltd. - d:\瑞星杀毒\rising\rising\rfwproxy.exe
O23 - Service: Rising Personal Firewall Service - Beijing Rising Technology Co., Ltd. - d:\瑞星杀毒\rising\rising\rfwsrv.exe
O23 - Service: Rising Process Communication Center - Beijing Rising Technology Co., Ltd. - D:\瑞星杀毒\Rising\Rising\Rav\CCenter.exe
O23 - Service: Rising RealTime Monitor - Beijing Rising Technology Co., Ltd. - D:\瑞星杀毒\Rising\Rising\Rav\Ravmond.exe
