前两天，我Q在线，但忽然间显示Q在别处登录，被迫下线，不知道怎么回事，感觉是不是电脑有什么木马呀，发个日志，高手请给看看

Logfile of HijackThis v1.99.1
Scan saved at 15:11:52, on 2006-6-30
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
D:\RISING\RAV\CCENTER.EXE
C:\WINNT\System32\svchost.exe
d:\rising\rfw\rfwsrv.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\inetsrv\inetinfo.exe
C:\WINNT\Explorer.EXE
d:\rising\rfw\RfwMain.exe
C:\WINNT\System32\igfxtray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINNT\System32\hkcmd.exe
C:\WINNT\system32\internat.exe
D:\QQ传美贺岁版\QQ.exe
D:\QQ传美贺岁版\TIMPlatform.exe
D:\世界之窗浏览器\TheWorld.exe
d:\rising\Rav\RAVTASK.EXE
d:\rising\Rav\RAV.EXE
D:\rising\rav\Ravmond.exe
d:\rising\Rav\RAVMON.EXE
D:\rising\rav\RavStub.exe
D:\QQ传美贺岁版\QQ.exe
F:\工具软件\系统工具\日志检查\HijackThis.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINNT\system32\kakatool.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Cmaudio] rem RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\System32\igfxtray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [vcdplayx] rem "C:\WINNT\vcdplayx.exe"
O4 - HKLM\..\Run: [RavTask] "d:\rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [AutoInsQyule] rem C:\Program Files\Qyule\QyuleInstall.exe
O4 - HKLM\..\Run: [RfwMain] "d:\rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\System32\hkcmd.exe
O4 - HKLM\..\Run: [xuelf] C:\WINNT\My Document.exe
O4 - HKLM\..\Run: [P5P] d:\P5P\P5P.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [AutoInsQyule] rem C:\Program Files\Qyule\QyuleInstall.exe
O4 - HKCU\..\Run: [updateMgr] "D:\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\qq\AddToNetDisk.htm
O8 - Extra context menu item: 使用网际快车下载 - D:\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - D:\FlashGet\jc_all.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\qq\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\qq\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\qq\SendMMS.htm
O9 - Extra button: 新浪UC - {2253922F-1B26-4C74-8B57-E3AEE748DBB8} - d:\UC\uc.exe
O9 - Extra button: (no name) - {3F686D91-4AFA-4ed1-B43F-F1DB46ED480C} - C:\WINNT\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Link Filter - {3F686D91-4AFA-4ed1-B43F-F1DB46ED480C} - C:\WINNT\system32\shdocvw.dll
O9 - Extra button: 中文上网 - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\WINNT\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: 中文上网 - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\WINNT\system32\shdocvw.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O10 - Unknown file in Winsock LSP: c:\winnt\system32\msplus1.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\msplus1.dll
O16 - DPF: {23739A7E-5741-4D1C-88D5-D50B18F7C347} (iWebOffice Control) - http://192.168.3.6:9090/workflow2/work/iWebOffice2003.ocx
O16 - DPF: {28E0FA88-ABA8-4937-A247-3031F1A11165} (Installer Class) - http://dl.51.net/download/diybar2.cab
O16 - DPF: {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (AxInputControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AXSafeControls.cab
O16 - DPF: {9A578C98-3C2F-4630-890B-FC04196EF420} - http://jump.cnnic.cn/stat/stat?sid=0008&debug=false&pid=c_hbcnc&url=http://client.jogo.cn/download/cnnic/cdn.cab
O18 - Filter: text/html - {83DFBFF3-1455-4538-8036-39D2057787DF} - C:\WINNT\gsSecurity1.dll
O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - d:\rising\rfw\rfwproxy.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - d:\rising\rfw\rfwsrv.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - D:\RISING\RAV\CCENTER.EXE
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\rising\rav\Ravmond.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

O4 - HKLM\..\Run: [xuelf] C:\WINNT\My Document.exe
修复后删除

是有些奇怪的东东，不过我也拿不准

那是个什么东东？