1   1  /  1  页   跳转

【求助】帮忙看看!

收藏
幻想雪
头像
初生襁褓狮
  • 帖子:59
  • 注册: 2005-07-30
  • 来自:
发表于: 2006-07-01 14:49 | 只看楼主 短消息 资料
字号: 1楼

【求助】帮忙看看!



Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rising\Rav\Ravmond.exe
c:\program files\rising\rfw\rfwsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Rising\Rav\RavStub.exe
c:\program files\rising\rfw\RfwMain.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\conime.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Rising\Rav\Ravmon.exe
C:\WINDOWS\VM_STI.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
F:\TT\TTraveler.exe
C:\Program Files\Rising\Rav\Rav.exe
C:\Program Files\Rising\Rav\RsAgent.exe
C:\WINDOWS\msagent\AgentSvr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\user\LOCALS~1\Temp\Rar$EX00.469\HijackThis.exe

R3 - URLSearchHook: (no name) - {44C777A1-1279-41AA-AAE6-B8C06AFEF0B4} - C:\WINDOWS\system32\Zdtxxy.dll
R3 - URLSearchHook: (no name) - {F0E4C8AC-0D4D-491B-B277-C99E6091F617} - C:\WINDOWS\system32\Dzyl.dll
R3 - URLSearchHook: (no name) - {91B37DF3-6DD1-48FB-9400-8DD3EBFE4D96} - C:\WINDOWS\system32\Fkjohf.dll
R3 - URLSearchHook: (no name) - {2B8635FA-E610-42BE-B2C3-11959237D863} - C:\WINDOWS\system32\Hgxj.dll
R3 - URLSearchHook: (no name) - {BFC3A51D-C47C-437E-90A5-14C8EB90AC12} - C:\WINDOWS\system32\Flivz.dll
R3 - URLSearchHook: (no name) - {0233BC37-5985-4A5C-9405-DEB001EE4817} - C:\WINDOWS\system32\Ecjf.dll
R3 - URLSearchHook: (no name) - {0A086449-FACF-4653-AA38-27AB2D39E833} - C:\WINDOWS\system32\Trvn.dll
R3 - URLSearchHook: (no name) - {EA2B0656-CFD1-4454-8415-510DD3281CAE} - C:\WINDOWS\system32\Dyaj.dll
R3 - URLSearchHook: (no name) - {171D4F8F-2057-4AA0-B7A2-DF7C3B0645B0} - C:\WINDOWS\system32\Nlclof.dll
R3 - URLSearchHook: (no name) - {BDFE0658-1D91-4A1E-9DE2-3EBFE35DF04B} - C:\WINDOWS\system32\Sqpomb.dll
R3 - URLSearchHook: (no name) - {0A32C773-27CE-4422-9603-AEE02D31ACC8} - C:\WINDOWS\system32\Icxfjy.dll
R3 - URLSearchHook: (no name) - {33A688DC-3435-4BFE-9925-12C2483F4667} - C:\WINDOWS\system32\Dlfo.dll
R3 - URLSearchHook: (no name) - {70C53672-2F46-484D-AFD9-0AA88741D580} - C:\WINDOWS\system32\Ijeusm.dll
R3 - URLSearchHook: (no name) - {D65F27FB-E6B0-43AF-9CF6-A66D53E8BCA1} - C:\WINDOWS\system32\Plcfc.dll
R3 - URLSearchHook: (no name) - {1C1C1643-4DA3-417E-AF8D-72959490768F} - C:\WINDOWS\system32\Xymtp.dll
R3 - URLSearchHook: (no name) - {A549A7F6-B392-4594-A7D2-F89D5A0174CB} - C:\WINDOWS\system32\Sgnxh.dll
R3 - URLSearchHook: (no name) - {368A01C2-1E89-4942-8A9D-A036E43CE55F} - C:\WINDOWS\system32\Rmdglb.dll
R3 - URLSearchHook: (no name) - {74DCEE79-79FA-41DA-B12E-7A6870D74681} - C:\WINDOWS\system32\Qcvi.dll
R3 - URLSearchHook: (no name) - {2E0875AC-23EA-47CD-BC1F-347BFD9449C8} - C:\WINDOWS\system32\Yjoc.dll
R3 - URLSearchHook: (no name) - {C57E5D6E-AD9C-4885-9A69-2B74BD132C9B} - C:\WINDOWS\system32\Tqelj.dll
R3 - URLSearchHook: (no name) - {AAF2B974-B3CF-4066-BEF8-98CCCDEF1CE8} - C:\WINDOWS\system32\Yjra.dll
R3 - URLSearchHook: (no name) - {1A2834E5-BDFF-470F-883E-C54B10DAE687} - C:\WINDOWS\system32\Xfkjt.dll
R3 - URLSearchHook: (no name) - {ADC5A1C0-2D32-4383-9167-86F389E6A0B1} - C:\WINDOWS\system32\Xoguo.dll
R3 - URLSearchHook: (no name) - {DD210115-B690-441E-8DB3-397DEC6ACED5} - C:\WINDOWS\system32\Uhtt.dll
R3 - URLSearchHook: (no name) - {A04F8873-5AF4-4CF9-B3D6-26D8B68D208D} - C:\WINDOWS\system32\Ayqyi.dll
R3 - URLSearchHook: (no name) - {EFDF93D9-3DF7-45A2-9498-8669058A638E} - C:\WINDOWS\system32\Yfdai.dll
R3 - URLSearchHook: (no name) - {159590ED-1D0F-4813-AC7E-82F958E845DF} - C:\WINDOWS\system32\Ernqpd.dll
R3 - URLSearchHook: (no name) - {0DDA6A49-FE51-43A6-BAC1-308A40C88E70} - C:\WINDOWS\system32\Cajwr.dll
R3 - URLSearchHook: (no name) - {5C427A72-4DAC-439F-BF0B-4B639E9A1F5A} - C:\WINDOWS\system32\Suji.dll
R3 - URLSearchHook: (no name) - {EF33FF15-35E5-466A-B9E0-4FF5092E6CB5} - C:\WINDOWS\system32\Lmte.dll
R3 - URLSearchHook: (no name) - {8A2E04D4-FBDA-4161-A9F5-1DECB04516B0} - C:\WINDOWS\system32\Gofz.dll
R3 - URLSearchHook: (no name) - {69CE782F-53CF-4684-B207-144B8CB6B89A} - C:\WINDOWS\system32\Loer.dll
R3 - URLSearchHook: (no name) - {CB27C9E6-E1F6-4DAE-95ED-0A4AC6A288DD} - C:\WINDOWS\system32\Ndrr.dll
R3 - URLSearchHook: (no name) - {4A212EE1-21EC-409D-AFEE-FC4B31951DEB} - C:\WINDOWS\system32\Wshki.dll
R3 - URLSearchHook: (no name) - {6A047595-55BE-42C7-AB16-8A63FE548079} - C:\WINDOWS\system32\Aoff.dll
R3 - URLSearchHook: (no name) - {747049A3-3542-47D8-A703-30C67030A5EF} - C:\WINDOWS\system32\Ntbyz.dll
R3 - URLSearchHook: (no name) - {F07D8BED-FC1D-4124-AFF4-B44801ECF50C} - C:\WINDOWS\system32\Wxcys.dll
R3 - URLSearchHook: (no name) - {7CAE6485-45C7-40A5-B49C-56C49A03BC7C} - C:\WINDOWS\system32\Yvsi.dll
R3 - URLSearchHook: (no name) - {9334332C-C23E-44C3-8AA7-122E560B737C} - C:\WINDOWS\system32\Qlxw.dll
R3 - URLSearchHook: (no name) - {2C41CC5D-03DE-4BA9-B601-1A5E13449507} - C:\WINDOWS\system32\Swet.dll



最后编辑2006-07-01 15:50:54
分享到:
gototop
 
幻想雪
头像
初生襁褓狮
  • 帖子:59
  • 注册: 2005-07-30
  • 来自:
发表于: 2006-07-01 14:51 | 只看楼主 短消息 资料
字号: 2楼

R3 - URLSearchHook: (no name) - {0875E7D2-7100-411D-B9F5-33245EDED9AC} - C:\WINDOWS\system32\Tfek.dll
R3 - URLSearchHook: (no name) - {66478D3B-F222-4761-96F6-694D3A763FE2} - C:\WINDOWS\system32\Flcwk.dll
R3 - URLSearchHook: (no name) - {82FB782E-E849-419A-B6DE-08C8E4481A26} - C:\WINDOWS\system32\Kxgq.dll
R3 - URLSearchHook: (no name) - {8726196B-483D-4DB3-91E9-910CDD899B87} - C:\WINDOWS\system32\Vpcxhp.dll
R3 - URLSearchHook: (no name) - {5127B78A-54E3-4B38-8145-DDA8CE311E2D} - C:\WINDOWS\system32\Opny.dll
R3 - URLSearchHook: (no name) - {E85CDB33-C04F-45AC-A680-7201C594220A} - C:\WINDOWS\system32\Lxgmgi.dll
R3 - URLSearchHook: (no name) - {4D6CD728-B958-4D12-BB88-67BC0EAC5A4F} - C:\WINDOWS\system32\Wqgitv.dll
R3 - URLSearchHook: (no name) - {ADF3E95B-2824-4C61-934A-E62F00D1E4A8} - C:\WINDOWS\system32\Llqua.dll
R3 - URLSearchHook: (no name) - {27D73177-712A-4EBD-89DC-2950B9DA79F8} - C:\WINDOWS\system32\Orjqm.dll
R3 - URLSearchHook: (no name) - {2F8359DF-F6F3-4F39-8CDA-A45D8CA60491} - C:\WINDOWS\system32\Uacca.dll
R3 - URLSearchHook: (no name) - {B827C804-9A15-4512-AB56-43D53D235D7D} - C:\WINDOWS\system32\Lfglve.dll
R3 - URLSearchHook: (no name) - {B3802D4F-5C07-470C-BAC2-AC8FF25F2D92} - C:\WINDOWS\system32\Jjeqsh.dll
R3 - URLSearchHook: (no name) - {E2EF760C-F732-4777-913C-7F3BE32FE8F7} - C:\WINDOWS\system32\Vlil.dll
R3 - URLSearchHook: (no name) - {88DD260B-A05B-4C9B-806B-02934B9AFCFC} - C:\WINDOWS\system32\Zgsu.dll
R3 - URLSearchHook: (no name) - {1EAD2F04-5E5B-46EA-801F-B0035286843F} - C:\WINDOWS\system32\Qezpd.dll
R3 - URLSearchHook: (no name) - {C776AE26-AF55-4967-B86B-806F8D1A5F29} - C:\WINDOWS\system32\Lzlil.dll
R3 - URLSearchHook: (no name) - {7784CF0D-2B52-4489-8D7C-7E3662161B85} - C:\WINDOWS\system32\Jgtgpj.dll
R3 - URLSearchHook: (no name) - {22E947B8-7D29-4A46-83BD-D0132C676225} - C:\WINDOWS\system32\Nftmo.dll
R3 - URLSearchHook: (no name) - {DA7F27A4-4FAB-4E7C-BDCA-E8BCDBF7ECDD} - (no file)
R3 - URLSearchHook: (no name) - {4573E6C5-5294-4252-BC5B-9BB53B9F5351} - C:\WINDOWS\system32\Optw.dll
R3 - URLSearchHook: (no name) - {2C137107-9AD2-48D9-B901-70203F953C6C} - C:\WINDOWS\system32\Nobxl.dll
R3 - URLSearchHook: (no name) - {0B894BA6-B432-4315-BAE4-8CBC09CFF0D8} - C:\WINDOWS\system32\Czvxy.dll
R3 - URLSearchHook: (no name) - {0EEC6600-9FF5-46E6-8B59-5AA6AAA24F42} - C:\WINDOWS\system32\Fprzi.dll
R3 - URLSearchHook: (no name) - {63A0358D-CB86-4F56-894A-C4FF3F5F770D} - C:\WINDOWS\system32\Vnco.dll
R3 - URLSearchHook: (no name) - {2DAE1EE2-A5A8-4975-A53E-27F95C5FB896} - C:\WINDOWS\system32\Mgbz.dll
R3 - URLSearchHook: (no name) - {01B46B41-C1E3-45AD-9C60-08F432206CA7} - C:\WINDOWS\system32\Pnodvx.dll
R3 - URLSearchHook: (no name) - {488B51CF-D5EE-46CC-B5C9-F4246AC91359} - C:\WINDOWS\system32\Ewgubp.dll
R3 - URLSearchHook: (no name) - {FFFFBAB7-146C-4684-9C00-080301B3738F} - C:\WINDOWS\system32\Fjxbea.dll
R3 - URLSearchHook: (no name) - {0D9AF0D8-E11E-4A47-9347-AD0D411461E2} - C:\WINDOWS\system32\Zoignt.dll
R3 - URLSearchHook: (no name) - {EA5CB108-79F1-4E2D-8DC5-E1E9E9F38C02} - C:\WINDOWS\system32\Johh.dll
R3 - URLSearchHook: (no name) - {CFCB3CF3-4F2A-4BF3-805C-B6B55EAB3CFF} - C:\WINDOWS\system32\Dsdhvg.dll
R3 - URLSearchHook: (no name) - {7D1D23CF-84A4-4E4C-9D5B-66E18B39951B} - C:\WINDOWS\system32\Ssjsp.dll
R3 - URLSearchHook: (no name) - {08EE5A12-EF0C-4FC4-89EB-EAD64B2FEF44} - C:\WINDOWS\system32\Tiamk.dll
R3 - URLSearchHook: (no name) - {49A94E09-052A-4CE8-ACDB-814F73C779DC} - C:\WINDOWS\system32\Hhie.dll
R3 - URLSearchHook: (no name) - {C537F402-BEB8-4C52-94C7-E0CBB53462EC} - C:\WINDOWS\system32\Hvzvdu.dll
R3 - URLSearchHook: (no name) - {03BDD655-5DBE-4EAD-AFBB-220607CFE310} - C:\WINDOWS\system32\Wtmia.dll
R3 - URLSearchHook: (no name) - {63A4ED64-4A6E-4CE6-9F46-7F118CB1A657} - C:\WINDOWS\system32\Ijeijk.dll
R3 - URLSearchHook: (no name) - {3598D981-1C15-4CEC-8BC3-13BD055646D1} - C:\WINDOWS\system32\Gwufk.dll
R3 - URLSearchHook: (no name) - {48888609-2089-4E65-B063-04FA0251CBAA} - C:\WINDOWS\system32\Aiuqks.dll
R3 - URLSearchHook: (no name) - {A26646C1-CA54-4FC7-87F8-E7CD43963DC4} - C:\WINDOWS\system32\Fhrbkl.dll
R3 - URLSearchHook: (no name) - {00A9863E-60C0-41F1-A250-1CB76DC8C792} - C:\WINDOWS\system32\Vpvwpt.dll
R3 - URLSearchHook: (no name) - {A955752A-778A-432F-BC30-AF66CA7625AB} - C:\WINDOWS\system32\Hfqm.dll
R3 - URLSearchHook: (no name) - {75994928-3F15-4555-8F04-E7CE1FECBB8D} - C:\WINDOWS\system32\Nsfud.dll
R3 - URLSearchHook: (no name) - {67DEC451-BAA0-4B2F-A4FF-6817792C940C} - C:\WINDOWS\system32\Zsgmxq.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll
O3 - Toolbar: BitCometBar - {3F1ABCDB-A875-46c1-8345-B72A4567E486} - D:\BitComet\BitCometBar\BitCometBar0.3.dll
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\KakaTool.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [WangWang] "D:\淘宝旺旺\WangWang.EXE"
O4 - HKLM\..\Run: [DAEMON Tools] "E:\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE HTD PC Camera
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\RunOnce: [RavStub] "C:\Program Files\Rising\Rav\ravstub.exe" /RUNONCE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [eMuleAutoStart] F:\eMule\emule.exe -AutoStart
O4 - Startup: 腾讯QQ.lnk = F:\QQ\QQ.exe
O4 - Global Startup: Picture Package Menu.lnk = F:\c\Picture Package Menu\SonyTray.exe
O8 - Extra context menu item: &使用迅雷下载 - E:\迅雷5\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - E:\迅雷5\getallurl.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - F:\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 使用网际快车下载 - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - F:\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - F:\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - F:\QQ\SendMMS.htm
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - F:\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - F:\QQ\QQ.EXE
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - F:\QQ\QQIEHelper.dll (file missing)
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - F:\QQ\QQIEHelper.dll (file missing)
O10 - Broken Internet access because of LSP provider 'c:\windows\system32\cdnns.dll' missing
O17 - HKLM\System\CCS\Services\Tcpip\..\{84A1D6EA-AD93-421F-A908-AFE497535252}: NameServer = 202.103.225.68 202.103.224.68
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe
gototop
 
soood
头像
健康舞勺狮
  • 帖子:302
  • 注册: 2006-04-01
  • 来自:
发表于: 2006-07-01 15:58 | 短消息 资料
字号: 3楼

建议修复R3、F2
04自启动项建议除保留以下三项外其余关闭,可提高开关机速度:
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
建议修复010浏览器绑架项
如果不在特别的"域中",建议修复017项
建议卸载QQ播放器(开始-设置-控制面板-添加删除程序),并卸载new0设备(右键单击“我的电脑”-属性-硬件-设备管理器-查看-显示隐藏的设备-new0)
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT