1   1  /  1  页   跳转

刚扫描的请高手看下

刚扫描的请高手看下

系统很慢
  高手来看下有什么没用的指出下 我删

Logfile of HijackThis v1.99.1
Scan saved at 14:28:30, on 2006-6-30
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
F:\Rising\Rav\CCenter.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\spoolsv.exe
F:\Rising\Rav\RavTask.exe
E:\WINDOWS\system32\ctfmon.exe
E:\WINDOWS\system32\conime.exe
F:\Rising\Rav\Ravmond.exe
F:\Rising\Rav\RAVMON.EXE
E:\Program Files\Internet Explorer\iexplore.exe
E:\WINDOWS\system32\NOTEPAD.EXE
F:\HijackThis\HijackThis.exe

R3 - Default URLSearchHook is missing
O1 - Hosts: 218.92.240.25 update.rising.com.cn
O1 - Hosts: 218.92.240.25 active.jiangmin.com
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F}? - (no file)
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - E:\WINDOWS\system32\kakatool.dll
O4 - HKLM\..\Run: [RavTask] "F:\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [IMJPMIG8.1] ; ; "E:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [k65tg] ; RunDll32 "E:\WINDOWS\Downlo~1\k65tg.dll",Run
O4 - HKLM\..\Run: [KernelFaultCheck] ; ; %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [PHIME2002A] ; ; E:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PHIME2002ASync] ; ; E:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [StormCodec_Helper] ; ; "G:\Storm Codec\StormSet.exe" /S /opti
O4 - HKLM\..\Run: [ThunderMini] ; ; E:\Program Files\Thunder Network\ThunderMini\ThunderMiniShell.exe
O4 - HKLM\..\RunOnce: [Super Rabbit Winspeed] "H:\Super Rabbit\MagicSet\winspeed.exe" /autokill:5
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] ; ; "E:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Super Rabbit IEPro] ; ; H:\Super Rabbit\MagicSet\SRIECLI.EXE /LOAD
O8 - Extra context menu item: &使用迷你迅雷下载 - E:\Program Files\Thunder Network\ThunderMini\Program\GetUrl.htm
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b}? - F:\qq2005\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b}? - F:\qq2005\QQ.EXE
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6}? - F:\qq2005\QQIEHelper.dll (file missing)
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6}? - F:\qq2005\QQIEHelper.dll (file missing)
O16 - DPF: {05C1004E-2596-48E5-8E26-39362985EEB9} (MMCPlayer Class) - http://p3p.sogou.com/MMCShell.cab
O16 - DPF: {05DA0521-0B6B-458C-BFB1-1EFEF1F3C8FF} (SSOClientAgent Class) - http://member.segame.com/common/SEGAme.cab
O16 - DPF: {5932517A-3326-4439-A708-1C98EDB5C549} (Downloader Class) - file://E:\Documents and Settings\All Users\Application Data\Share Helper\Cast\GGS\d510fb18a\js\iMopDl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1113915023294
O17 - HKLM\System\CCS\Services\Tcpip\..\{744C02FC-FC75-48CF-A3C2-1CAE7D6B6EFD}: NameServer = 192.168.10.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{744C02FC-FC75-48CF-A3C2-1CAE7D6B6EFD}: NameServer = 192.168.10.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{744C02FC-FC75-48CF-A3C2-1CAE7D6B6EFD}: NameServer = 192.168.10.1
O20 - Winlogon Notify: NavLogon - E:\WINDOWS\system32\NavLogon.dll
O21 - SSODL: stdup - {6A512BF7-EC78-4e8d-9841-6C02E8FA9838} - (no file)
O21 - SSODL: Vision - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - (no file)
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Unknown owner - D:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe (file missing)
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - F:\Rising\Rav\CCenter.exe
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - F:\Rising\Rav\Ravmond.exe

最后编辑2006-06-30 18:01:33.093000000
分享到:
gototop
 

把启动项扫上来!
gototop
 

O4 - HKLM\..\Run: [IMJPMIG8.1] ; ; "E:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [k65tg] ; RunDll32 "E:\WINDOWS\Downlo~1\k65tg.dll",Run
O4 - HKLM\..\Run: [PHIME2002A] ; ; E:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PHIME2002ASync] ; ; E:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [StormCodec_Helper] ; ; "G:\Storm Codec\StormSet.exe" /S /opti
O4 - HKLM\..\RunOnce: [Super Rabbit Winspeed] "H:\Super Rabbit\MagicSet\winspeed.exe" /autokill:5
O4 - HKCU\..\Run: [Super Rabbit IEPro] ; ; H:\Super Rabbit\MagicSet\SRIECLI.EXE /LOAD
O16 - DPF: {05C1004E-2596-48E5-8E26-39362985EEB9} (MMCPlayer Class) - http://p3p.sogou.com/MMCShell.cab
O16 - DPF: {05DA0521-0B6B-458C-BFB1-1EFEF1F3C8FF} (SSOClientAgent Class) - http://member.segame.com/common/SEGAme.cab
O16 - DPF: {5932517A-3326-4439-A708-1C98EDB5C549} (Downloader Class) - file://E:\Documents and Settings\All Users\Application Data\Share Helper\Cast\GGS\d510fb18a\js\iMopDl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1113915023294
O17 - HKLM\System\CCS\Services\Tcpip\..\{744C02FC-FC75-48CF-A3C2-1CAE7D6B6EFD}: NameServer = 192.168.10.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{744C02FC-FC75-48CF-A3C2-1CAE7D6B6EFD}: NameServer = 192.168.10.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{744C02FC-FC75-48CF-A3C2-1CAE7D6B6EFD}: NameServer = 192.168.10.1
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Unknown owner - D:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe (file missing)
上面的东西都没什么好大用处,完全可以清理出去,减轻一下系统的负担。
gototop
 
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT