谁能帮我看下hijackthis?好象是灰鸽但找不到><

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛谁能帮我看下hijackthis?好象是灰鸽但找不到><

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1 / 1 页

跳转页

cat1959 初生襁褓狮帖子:2 注册: 2006-03-25 来自:	发表于： 2006-03-26 00:22 \| 只看楼主短消息资料字号：小中大 1楼谁能帮我看下hijackthis?好象是灰鸽但找不到>< 我用瑞星的专杀工具有查到,但杀后重启机子还是有>_< 到注册表里,我也没找到services这个文件夹....之后就撤底的晕掉了~ ~ 请看懂的各位帮帮忙^^ Logfile of HijackThis v1.99.1 Scan saved at 23:57:42, on 2006-3-25 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\rising\Rav\CCenter.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\rising\Rav\Ravmond.exe c:\program files\rising\rfw\rfwsrv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\rising\Rav\RavStub.exe c:\program files\rising\rfw\RfwMain.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe D:\Program Files\淘宝网\淘宝旺旺\WangWang.EXE C:\Program Files\wsearch\Search.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\rising\Rav\RavTask.exe C:\Program Files\rising\Rav\Ravmon.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\svchost.exe C:\Program Files\rising\Rav\RsAgent.exe C:\WINDOWS\msagent\AgentSvr.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\rising\Rav\Rav.exe d:\Program Files\WinRAR\WinRAR.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE d:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\FBX~1.FBX\LOCALS~1\Temp\Rar$EX00.767\HijackThis.exe R3 - URLSearchHook: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - (no file) O2 - BHO: IEHandle Class - {31EBA2E2-58B2-4980-9C41-F12F5F1422C5} - C:\Program Files\Common Files\Collegesoft\Share Components\TPHANDLE.dll O2 - BHO: MMSAssist - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\FlashGet\jccatch.dll O2 - BHO: AssistII - {BB936323-19FA-4521-BA29-ECA6A121BC78} - (no file) O2 - BHO: Infofo 工具栏 - {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} - C:\Program Files\Infofo Bar\infofobar.dll O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\fgiebar.dll O3 - Toolbar: Infofo 工具栏 - {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} - C:\Program Files\Infofo Bar\infofobar.dll O3 - Toolbar: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - (no file) O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [rfw] C:\Program Files\rising\Rfw\Rfw.exe O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\rising\Rfw\rfwmain.exe" -Startup O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [WangWang] "d:\Program Files\淘宝网\淘宝旺旺\WangWang.EXE" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [MoveSearch] C:\Program Files\wsearch\Search.exe O4 - HKLM\..\Run: [helper.dll] C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32 O4 - HKLM\..\Run: [RavTask] "C:\Program Files\rising\Rav\RavTask.exe" -system O4 - HKLM\..\Run: [YLive.exe] C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe O4 - HKLM\..\Run: [ExFilter] Rundll32.exe "C:\PROGRA~1\CNNIC\Cdn\cdnspie.dll,ExecFilter solo" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: >> 彩信发送 << - res://C:\PROGRA~1\MMSASS~1\Mmsass~1.dll/mms.htm O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\Program Files\Tencent\qq\AddToNetDisk.htm O8 - Extra context menu item: 使用网际快车下载 - D:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: 使用网际快车下载全部链接 - D:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: 添加到QQ自定义面板 - D:\Program Files\Tencent\qq\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - D:\Program Files\Tencent\qq\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\Program Files\Tencent\qq\SendMMS.htm O9 - Extra button: (no name) - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll O9 - Extra 'Tools' menuitem: MMSAssist工具条设置 - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll O9 - Extra button: Infofo 工具栏 - {8507326C-B5C1-4559-BB91-0919E753836F} - C:\Program Files\Infofo Bar\infofobar.dll O9 - Extra 'Tools' menuitem: Infofo 工具栏 - {8507326C-B5C1-4559-BB91-0919E753836F} - C:\Program Files\Infofo Bar\infofobar.dll O9 - Extra button: 词霸 - {8DE0FCD4-5EB5-11D3-AD25-00002100131B} - d:\PROGRA~1\KINGSOFT\XDICT\ieplugin.DLL (file missing) O9 - Extra button: 卓越 - {C8CE29C5-7589-11D3-B81B-0080C8DC5DC8} - d:\PROGRA~1\KINGSOFT\XDICT\ieplugin.DLL (file missing) O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe O9 - Extra button: 易趣购物 - {DE607141-AC19-421e-861A-1D70ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=5 (file missing) O9 - Extra 'Tools' menuitem: 易趣购物 - {DE607141-AC19-421e-861A-1D70ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=5 (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} (Edit Class) - https://www.sz1.cmbchina.com/download/CMBEdit.cab O16 - DPF: {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} (AxSubmitControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab O16 - DPF: {F2EB8999-766E-4BF6-AAAD-188D398C0D0B} (PBActiveX40 Control) - http://www4.cmbchina.com/download/pb45.cab O23 - Service: DNS Server - Unknown owner - C:\Program Files\Internet Explorer\IEXPL0RE.EXE O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Rising Proxy Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\rising\Rav\CCenter.exe O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\rising\Rav\Ravmond.exe 2006-03-27 00:46:14
cat1959 初生襁褓狮帖子:2 注册: 2006-03-25 来自:	分享到：

红树叶ん自信弱冠狮帖子:371 注册: 2006-03-23 来自:	发表于： 2006-03-26 00:25 \| 短消息资料字号：小中大 2楼我是菜鸟啊. 哈哈 O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Rising Proxy Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe 这几个里面没有么?
红树叶ん自信弱冠狮帖子:371 注册: 2006-03-23 来自:

轩辕小聪卡卡技术团队帖子:8368 注册: 2006-01-09 来自:	发表于： 2006-03-26 00:56 \| 短消息资料字号：小中大 3楼【回复“红树叶ん”的帖子】你列出的这三项，第一项是显卡相关程序，后两项是瑞星的。 O23 - Service: DNS Server - Unknown owner - C:\Program Files\Internet Explorer\IEXPL0RE.EXE 我倒怀疑这一项，路径的确是IE浏览器，但是一般不会被日志扫出来的。请问楼主，专杀工具报的病毒名称和路径？
轩辕小聪卡卡技术团队帖子:8368 注册: 2006-01-09 来自:

轩辕小聪卡卡技术团队帖子:8368 注册: 2006-01-09 来自:	发表于： 2006-03-26 00:59 \| 短消息资料字号：小中大 4楼楼主看一下，C:\Program Files\Internet Explorer\文件夹下是否有一个iexplore.exe，还有一个IEXPL0RE.EXE，如果两个都在，后者就有可能是有问题的。不过不像是灰鸽子，鸽子一般也不会在这个目录下的。
轩辕小聪卡卡技术团队帖子:8368 注册: 2006-01-09 来自:

闪电风暴特邀体验者帖子:5462 注册: 2005-01-12 来自:0GiNr	发表于： 2006-03-26 08:56 \| 短消息资料字号：小中大 5楼 O23 - Service: DNS Server - Unknown owner - C:\Program Files\Internet Explorer\IEXPL0RE.EXE 变种灰鸽子这个文件名改成小写你就知道了: iexpl0re.exe (那个是数字0)
闪电风暴特邀体验者帖子:5462 注册: 2005-01-12 来自:0GiNr

闪电风暴特邀体验者帖子:5462 注册: 2005-01-12 来自:0GiNr	发表于： 2006-03-26 08:57 \| 短消息资料字号：小中大 6楼【回复“红树叶ん”的帖子】你并没有找到呵呵
闪电风暴特邀体验者帖子:5462 注册: 2005-01-12 来自:0GiNr

飘泊而立狮

帖子:734
注册: 2006-03-24
来自:

发表于： 2006-03-26 09:08 | 短消息资料

字号：小中大 7楼

引用:

【闪电风暴的贴子】O23 - Service: DNS Server - Unknown owner - C:\Program Files\Internet Explorer\IEXPL0RE.EXE
变种灰鸽子
这个文件名改成小写你就知道了:
iexpl0re.exe (那个是数字0)
...........................

8错8错~~~
用google 搜的时候也现出原形了~~

黑灯黑火飘泊而立狮帖子:734 注册: 2006-03-24 来自:	发表于： 2006-03-26 09:09 \| 短消息资料字号：小中大 8楼另，你要删除的病毒服务项是 DNS Server （别删错了~~）
黑灯黑火飘泊而立狮帖子:734 注册: 2006-03-24 来自:

cat1959 初生襁褓狮帖子:2 注册: 2006-03-25 来自:	发表于： 2006-03-26 17:37 \| 只看楼主短消息资料字号：小中大 9楼谢谢各位的回复 C:\Program Files\Internet Explorer\文件夹里的文件是: IEXPLORE =====这个是IE图标,且类似的只有一个 iedw nvlib.txt HMMAPI.DLL 还有3个文件夹我到注册表中后,找到DNS Server 文件夹,单击后,显示有7个文件分别是: 名称 ImagePath 类型 EEG_EXPAND_SZ 数据 C:\ProgramFiles\InternetExplorer\IEXPL0RE.EXE 名称 DisplayName 类型 EEG_SZ 数据 DN Server 名称 ErrorControl 类型 EEG_DWORD 数据一串数字名称 ObjectName 类型 EEG_EXPAND_SZ 数据 Localsystem 名称 Start 类型 EEG_DWORD 数据一串数字名称 Type 类型 EEG_DWORD 数据一串数字名称默认类型 EEG_SZ 数据数值未设置在DN Server目录下,还有两个子目录,分别是:Enum和Security 这两个子目录里都有: 名称默认类型 EEG_SZ 数据数值未设置但其他文件都与其上级目录内容不一样我该如何操作杀毒? 该删除整个DNS Server文件夹么? 因为担心误操作删了IE,所以还没敢动手呢><
cat1959 初生襁褓狮帖子:2 注册: 2006-03-25 来自:

黑灯黑火飘泊而立狮帖子:734 注册: 2006-03-24 来自:	发表于： 2006-03-27 00:46 \| 短消息资料字号：小中大 10楼对，删除整个DNS Server文件夹！
黑灯黑火飘泊而立狮帖子:734 注册: 2006-03-24 来自:

<<上一主题|下一主题>>

1 / 1 页

跳转页

cat1959 初生襁褓狮帖子:2 注册: 2006-03-25 来自:	发表于： 2006-03-26 00:22 \| 只看楼主短消息资料字号：小中大 1楼谁能帮我看下hijackthis?好象是灰鸽但找不到>< 我用瑞星的专杀工具有查到,但杀后重启机子还是有>_< 到注册表里,我也没找到services这个文件夹....之后就撤底的晕掉了~ ~ 请看懂的各位帮帮忙^^ Logfile of HijackThis v1.99.1 Scan saved at 23:57:42, on 2006-3-25 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\rising\Rav\CCenter.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\rising\Rav\Ravmond.exe c:\program files\rising\rfw\rfwsrv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\rising\Rav\RavStub.exe c:\program files\rising\rfw\RfwMain.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe D:\Program Files\淘宝网\淘宝旺旺\WangWang.EXE C:\Program Files\wsearch\Search.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\rising\Rav\RavTask.exe C:\Program Files\rising\Rav\Ravmon.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\svchost.exe C:\Program Files\rising\Rav\RsAgent.exe C:\WINDOWS\msagent\AgentSvr.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\rising\Rav\Rav.exe d:\Program Files\WinRAR\WinRAR.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE d:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\FBX~1.FBX\LOCALS~1\Temp\Rar$EX00.767\HijackThis.exe R3 - URLSearchHook: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - (no file) O2 - BHO: IEHandle Class - {31EBA2E2-58B2-4980-9C41-F12F5F1422C5} - C:\Program Files\Common Files\Collegesoft\Share Components\TPHANDLE.dll O2 - BHO: MMSAssist - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\FlashGet\jccatch.dll O2 - BHO: AssistII - {BB936323-19FA-4521-BA29-ECA6A121BC78} - (no file) O2 - BHO: Infofo 工具栏 - {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} - C:\Program Files\Infofo Bar\infofobar.dll O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\fgiebar.dll O3 - Toolbar: Infofo 工具栏 - {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} - C:\Program Files\Infofo Bar\infofobar.dll O3 - Toolbar: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - (no file) O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [rfw] C:\Program Files\rising\Rfw\Rfw.exe O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\rising\Rfw\rfwmain.exe" -Startup O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [WangWang] "d:\Program Files\淘宝网\淘宝旺旺\WangWang.EXE" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [MoveSearch] C:\Program Files\wsearch\Search.exe O4 - HKLM\..\Run: [helper.dll] C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32 O4 - HKLM\..\Run: [RavTask] "C:\Program Files\rising\Rav\RavTask.exe" -system O4 - HKLM\..\Run: [YLive.exe] C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe O4 - HKLM\..\Run: [ExFilter] Rundll32.exe "C:\PROGRA~1\CNNIC\Cdn\cdnspie.dll,ExecFilter solo" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: >> 彩信发送 << - res://C:\PROGRA~1\MMSASS~1\Mmsass~1.dll/mms.htm O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\Program Files\Tencent\qq\AddToNetDisk.htm O8 - Extra context menu item: 使用网际快车下载 - D:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: 使用网际快车下载全部链接 - D:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: 添加到QQ自定义面板 - D:\Program Files\Tencent\qq\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - D:\Program Files\Tencent\qq\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\Program Files\Tencent\qq\SendMMS.htm O9 - Extra button: (no name) - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll O9 - Extra 'Tools' menuitem: MMSAssist工具条设置 - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll O9 - Extra button: Infofo 工具栏 - {8507326C-B5C1-4559-BB91-0919E753836F} - C:\Program Files\Infofo Bar\infofobar.dll O9 - Extra 'Tools' menuitem: Infofo 工具栏 - {8507326C-B5C1-4559-BB91-0919E753836F} - C:\Program Files\Infofo Bar\infofobar.dll O9 - Extra button: 词霸 - {8DE0FCD4-5EB5-11D3-AD25-00002100131B} - d:\PROGRA~1\KINGSOFT\XDICT\ieplugin.DLL (file missing) O9 - Extra button: 卓越 - {C8CE29C5-7589-11D3-B81B-0080C8DC5DC8} - d:\PROGRA~1\KINGSOFT\XDICT\ieplugin.DLL (file missing) O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe O9 - Extra button: 易趣购物 - {DE607141-AC19-421e-861A-1D70ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=5 (file missing) O9 - Extra 'Tools' menuitem: 易趣购物 - {DE607141-AC19-421e-861A-1D70ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=5 (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} (Edit Class) - https://www.sz1.cmbchina.com/download/CMBEdit.cab O16 - DPF: {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} (AxSubmitControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab O16 - DPF: {F2EB8999-766E-4BF6-AAAD-188D398C0D0B} (PBActiveX40 Control) - http://www4.cmbchina.com/download/pb45.cab O23 - Service: DNS Server - Unknown owner - C:\Program Files\Internet Explorer\IEXPL0RE.EXE O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Rising Proxy Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\rising\Rav\CCenter.exe O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\rising\Rav\Ravmond.exe 2006-03-27 00:46:14
cat1959 初生襁褓狮帖子:2 注册: 2006-03-25 来自:	分享到：

瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 谁能帮我看下hijackthis?好象是灰鸽但找不到><

谁能帮我看下hijackthis?好象是灰鸽但找不到><

谁能帮我看下hijackthis?好象是灰鸽但找不到><

瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛谁能帮我看下hijackthis?好象是灰鸽但找不到><