瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 baohe大哥,泡泡大哥,救救我吧,

1   1  /  1  页   跳转

baohe大哥,泡泡大哥,救救我吧,

baohe大哥,泡泡大哥,救救我吧,

我的机子养了不少鸽子,请二位给我看看,如何赶走,或者杀掉。到时我请你们吃鸽子汤。
还有,我这个系统是不是很烂?要不要来个洗心革面?
我这里先谢了。


HijackThis_815汉化版扫描日志 V1.99.1
保存于 13:02:29, 日期 2005-10-5
操作系统: Windows XP SP2 (WinNT 5.01.2600)
浏览器: Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程:
C:\WINXP\System32\smss.exe
C:\WINXP\system32\winlogon.exe
C:\WINXP\system32\services.exe
C:\WINXP\system32\lsass.exe
C:\WINXP\system32\svchost.exe
C:\WINXP\System32\svchost.exe
D:\PROGRAM FILES\RISING\RAV\Ravmond.exe
C:\WINXP\Explorer.EXE
D:\Program Files\Rising\Rfw\rfwsrv.exe
D:\PROGRAM FILES\RISING\RAV\RavStub.exe
C:\WINXP\system32\spoolsv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
C:\WINXP\system32\svchost.exe
D:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
D:\Program Files\Rising\Rfw\RfwMain.exe
D:\PROGRA~1\RISING\RAV\RAVMON.EXE
C:\WINXP\system32\ctfmon.exe
C:\WINXP\system32\rundll32.exe
D:\Program Files\System Safety Monitor\SYSSAFE.EXE
C:\WINXP\system32\NOTEPAD.EXE
D:\Program Files\HijackThis1991汉化版\HijackThis1991zww.exe

F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINXP\system32\xunleibho_v5.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SohuDAIEHelper - {0CA51D02-7739-43EA-8D9A-1E8AD4327B03} - C:\Program Files\P4P\SoDAIE.dll (file missing)
O2 - BHO: GMail - {5FCEA0BA-123B-469a-A27B-8EFF96FEA71D} - C:\WINXP\Downloaded Program Files\gmlite_1000318.dll
O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\Program Files\Baidu\Bar\BaiduBar.dll
O2 - BHO: DownloadBHO T2BHO - {B1D147E7-873E-4909-8127-695D9BB78728} - C:\WINXP\Downloaded Program Files\barhelp22.0.dll (file missing)
O3 - IE工具栏增项: 捜狗直通车 - {DBBB7978-AF21-4EF4-9AD1-B2F4BC75696C} - C:\PROGRA~1\P4P\ToolBar.dll (file missing)
O3 - IE工具栏增项: 百度超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - (no file)
O4 - 启动项HKLM\\Run: [RavTimer] D:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
O4 - 启动项HKLM\\Run: [RavMon] D:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM
O4 - 启动项HKLM\\Run: [RfwMain] "D:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - 启动项HKLM\\RunOnce: [RavStub] "D:\PROGRAM FILES\RISING\RAV\ravstub.exe" /RUNONCE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINXP\system32\ctfmon.exe
O8 - IE右键菜单中的新增项目: &使用迅雷下载 - D:\Program Files\Sandai Technologies Inc\Thunder\geturl.htm
O8 - IE右键菜单中的新增项目: &使用迅雷下载全部链接 - D:\Program Files\Sandai Technologies Inc\Thunder\getAllurl.htm
O8 - IE右键菜单中的新增项目: 用比特精灵下载(&B) - D:\Program Files\BitSpirit\bsurl.htm
O9 - 浏览器额外的按钮: SoQ - {8F67DCF3-B1DF-4A39-A787-3775784BF737} - http://www.soq.com (file missing)
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\WINXP\system32\shdocvw.dll
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\WINXP\system32\shdocvw.dll
O9 - 浏览器额外的按钮: 易趣购物 - {DE607141-AC19-421e-860A-0D70ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=5 (file missing)
O9 - 浏览器额外的“工具”菜单项: 易趣购物 - {DE607141-AC19-421e-860A-0D70ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=5 (file missing)
O9 - 浏览器额外的按钮: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - 浏览器额外的“工具”菜单项: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=WWW.AHJXZX.COM
O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} (KXHCM10 Control) - http://218.219.197.30/kxhcm10.ocx
O16 - DPF: {3D8F74EE-8692-4F8F-B8D2-7522E732519E} (WebActivater Control) - http://game.qq.com/QQGame2.cab
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (CEditCtrl Object) - https://img.alipay.com/download/aliedit.cab
O16 - DPF: {5FCEA0BA-123B-469A-A27B-8EFF96FEA71D} (GMail) - http://update.ism.net.cn/gmail.cab
O23 - NT 服务: Gray_Pigeon_Server (GrayPigeonServer) - Unknown owner - C:\WINXP\see.exe
O23 - NT 服务: Gray_Pigeon_Server2.0 (GrayPigeonServer2.0) - Unknown owner - (no file)
O23 - NT 服务: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Corporation Limited - D:\Program Files\Rising\Rfw\rfwsrv.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - rising - D:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\PROGRAM FILES\RISING\RAV\Ravmond.exe

最后编辑2005-10-05 16:56:54
分享到:
gototop
 

【回复“沧浪渔笛”的帖子】
O23 - NT 服务: Gray_Pigeon_Server (GrayPigeonServer) - Unknown owner - C:\WINXP\see.exe
O23 - NT 服务: Gray_Pigeon_Server2.0 (GrayPigeonServer2.0) - Unknown owner - (no file)

灰鸽子
gototop
 

请问大哥,是鸽子,如何杀掉呀?我真是很菜的,
gototop
 

晕,楼主,你不要一个问题发几个贴好不好~~
gototop
 

看置顶的贴一般都能找的到!
gototop
 
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT