我在开机后出现大量的图片损坏的提示,进程管理器很多不知明的进程,一会有一会又没有,可能是我的瑞星帮忙给关掉的,这么多的提示给我带来很多麻烦,我想可能是某些文件损坏的原因,以下是我扫出来的日志,希望好心人帮我看看,谢谢

Logfile of HijackThis v1.99.1
Scan saved at 14:58:46, on 2007-5-25
Platform: Windows 2003  (WinNT 5.02.3790)
MSIE: Internet Explorer v6.00 (6.00.3790.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
d:\Rising\Rav\CCenter.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
D:\RISING\RAV\Ravmond.exe
C:\WINDOWS\System32\svchost.exe
D:\RISING\RAV\RavStub.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\msdtc.exe
C:\WINDOWS\System32\svchost.exe
d:\htoa\tomcat\bin\tomcat5.exe
d:\IBM\WebSphere\AppServer\bin\wasservice.exe
d:\htoa\mysql\bin\mysqld-nt.exe
E:\oracle\ora92\bin\omtsreco.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Dfssvc.exe
d:\IBM\WebSphere\AppServer\java\bin\java.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
D:\Rising\Rav\RavTask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\KSVSvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
E:\eclipse\eclipse.exe
C:\j2sdk1.4.2_14\bin\javaw.exe
C:\Documents and Settings\wangchun\桌面\HijackThis.exe

O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - D:\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll
O2 - BHO: ThunderBHO - {06849E9E-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: DsHelper - {0D42E1BD-09DD-4873-A826-9C7E793EB7B6} - d:\Thunder Network\Thunder\Components\ResWorker\DSIeHelper.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [wgsa] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wgso.exe
O4 - HKLM\..\Run: [load] C:\WINDOWS\uninstall\rundl132.exe
O4 - HKLM\..\Run: [runeip] C:\Program Files\Rising\AntiSpyware\runiep.exe
O4 - HKLM\..\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - HKLM\..\Run: [RavTask] "d:\Rising\Rav\RavTask.exe" -system
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 使用迅雷下载 - D:\Thunder Network\Thunder\Program\geturl.htm
O8 - Extra context menu item: 使用迅雷下载全部链接 - D:\Thunder Network\Thunder\Program\getallurl.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://D:\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\Tencent\QQ\SendMMS.htm
O9 - Extra button: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - d:\Thunder Network\Thunder\Thunder.exe
O9 - Extra 'Tools' menuitem: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - d:\Thunder Network\Thunder\Thunder.exe
O9 - Extra button: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - d:\Tencent\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - d:\Tencent\QQ\QQ.EXE
O16 - DPF: {23739A7E-5741-4D1C-88D5-D50B18F7C347} (iWebOffice Control) - http://demo2.rathink.com/workflow2/work/iWebOffice2003.ocx
O16 - DPF: {B4D9857D-8A55-4442-A577-6B3ED5D4E41B} (ScreenCapture Class) - http://m32.mail.qq.com/activex/fmo.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = corp.yysoft.com
O17 - HKLM\Software\..\Telephony: DomainName = corp.yysoft.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{2B6D5871-A22C-4C8A-B2CD-B51A79271F88}: NameServer = 192.168.9.16
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = corp.yysoft.com
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: htoa_tomcat5 (htoa) - Apache Software Foundation - d:\htoa\tomcat\bin\tomcat5.exe
O23 - Service: IBM WebSphere Application Server V6.1 - wangchun-kf601Node01 (IBMWAS61Service - wangchun-kf601Node01) - Unknown owner - d:\IBM\WebSphere\AppServer\bin\wasservice.exe" "IBMWAS61Service - wangchun-kf601Node01 (file missing)
O23 - Service: MySql - Unknown owner - d:\htoa\mysql\bin\mysqld-nt (file missing)
O23 - Service: OracleMTSRecoveryService - Oracle Corporation - E:\oracle\ora92\bin\omtsreco.exe
O23 - Service: OracleOraHome92ClientCache - Unknown owner - E:\oracle\ora92\BIN\ONRSD.EXE
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - d:\Rising\Rav\CCenter.exe
O23 - Service: Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\RISING\RAV\Ravmond.exe
O23 - Service: WinWLServiceNow - Unknown owner - C:\DOCUME~1\wangchun\LOCALS~1\Temp\RAVWL.EXE

O23 - Service: WinWLServiceNow - Unknown owner - C:\DOCUME~1\wangchun\LOCALS~1\Temp\RAVWL.EXE
O23 - Service: MySql - Unknown owner - d:\htoa\mysql\bin\mysqld-nt (file missing)
怀疑ing.........

O23 - Service: OracleMTSRecoveryService - Oracle Corporation - E:\oracle\ora92\bin\omtsreco.exe
O23 - Service: OracleOraHome92ClientCache - Unknown owner - E:\oracle\ora92\BIN\ONRSD.EXE
请教下是什么？

不齿 下问  你这种高手估计没人想伺候 88  我想斑竹知道也不会理你这种人 太会说话了  佩服  佩服

修复:
O4 - HKLM\..\Run: [wgsa] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wgso.exe
O4 - HKLM\..\Run: [load] C:\WINDOWS\uninstall\rundl132.exe
O23 - Service: WinWLServiceNow - Unknown owner - C:\DOCUME~1\wangchun\LOCALS~1\Temp\RAVWL.EXE
重启后删除对应文件,再下个威金专杀在安全模式下全盘杀毒.


没明白你说的是什么????

换SRE日志吧..