本人电脑最近有个启动项(注册表run启动项中是desktop)始终删不掉,删了后刷新一下立刻又出来了,我曾用各种瑞星全面杀毒还用插件删除软件卸载插件始终有一插件无法卸载。现将自己电脑的信息发上来(在没开ie浏览器时候),请各位指点一下如何能将它清除掉。
HijackThis_zww汉化版扫描日志 V1.99.1
保存于 11:10:38, 日期 2006-11-28
操作系统: Windows 2000 SP4 (WinNT 5.00.2195)
浏览器: Internet Explorer v6.00 SP1 (6.00.2800.1106)
当前运行的进程:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\Program Files\Rising\Rav\Ravmond.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Rising\Rav\RavStub.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\mobsync.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\Kingsoft\PowerWord 2005\XDICT.EXE
C:\program files\internet explorer\IEXPLORE.EXE
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\svchost.exe
D:\Personal\Desktop\HijackThis 1[1].99.1 绿色汉化版\HijackThis1991.exe
O2 - BHO: IEMonitor Class - {08A312BB-5409-49FC-9347-54BB7D069AC6} - C:\WINNT\system32\deskipn.dll (file missing)
O3 - IE工具栏增项: @msdxmLC.dll,-1@2052,电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - IE工具栏增项: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (file missing)
O3 - IE工具栏增项: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (file missing)
O4 - 启动项HKLM\\Run: [Desktop] "C:\WINNT\system32\rundll32.exe" "C:\WINNT\system32\NTService32.dll",Run
O4 - 启动项HKLM\\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - Startup: 金山词霸 2005.lnk = C:\Program Files\Kingsoft\PowerWord 2005\XDICT.EXE
O8 - IE右键菜单中的新增项目: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - 浏览器额外的按钮: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - 浏览器额外的“工具”菜单项: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = erp.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{4AB78FB1-4338-48B5-9891-328651BEE3E3}: NameServer = 192.168.0.80
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = erp.com
O17 - HKLM\System\CS1\Services\Tcpip\..\{4AB78FB1-4338-48B5-9891-328651BEE3E3}: NameServer = 192.168.0.80
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = erp.com
O17 - HKLM\System\CS2\Services\Tcpip\..\{4AB78FB1-4338-48B5-9891-328651BEE3E3}: NameServer = 192.168.0.80
O23 - NT 服务: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - NT 服务: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - NT 服务: KDDelegateService - KINGDEE - C:\Program Files\KingDee\KDDelegateService.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe
O23 - NT 服务: Windows NT Service32 - Unknown owner - C:\WINNT\system32\rundll32.exe" "C:\WINNT\system32\NTService32.dll",Start (file missing)
O23 - NT 服务: Windows Createddos (Windows Processdos) - Unknown owner - C:\WINNT\system32\iexploer.exe
