发表于: 2005-08-24 20:54 | 显示全部 短消息 资料
字号: 1楼

有好心的帮帮小弟!~~~

Logfile of HijackThis v1.99.1
Scan saved at 20:46:37, on 2005-8-24
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

运行进程:           
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ravsecs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\crypserv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\conime.exe
E:\Winamp\Winamp.exe
D:\RAV\CCENTER.EXE
D:\TT\TTraveler.exe
C:\Program Files\wnwb2005\wnwb.exe
F:\瑞星\HijackThis v1.99.1 汉化版\HijackThis.exe

O2 - BHO: 好看123上网精灵 - {00000000-280E-445B-B051-A8B2DA7E798A} - C:\PROGRA~1\SUPERR~1\MagicSet\HAOKAN~2.DLL
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (没有文件) 
O2 - BHO: update wnwb - {ED8DFC5C-10EF-45AB-9DC2-0639AFF5A270} - C:\PROGRA~1\COMMON~1\Wnwb\wnwbio.dll
O3 - Toolbar: 好看123上网精灵 - {FEDF637B-F631-4583-A210-33CC828D42DB} - C:\PROGRA~1\SUPERR~1\MagicSet\HAOKAN~2.DLL
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Super Rabbit SRRestore] C:\Program Files\Super Rabbit\MagicSet\srrest.exe /autosave
O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [NetSpeeder] "F:\网络狂飙 (NetSpeeder) 3.5 简体中文注册版\网络狂飙 (NetSpeeder) 3.5 简体中文注册版\NetSpeeder.exe" hide
O4 - HKLM\..\Run: [DAEMON Tools-2052] "F:\虚拟光驱\daemon.exe" -lang 1033 -noicon
O4 - HKLM\..\Run: [Rapdata] C:\WINDOWS\system32\ravsecs.exe
O4 - HKLM\..\Run: [ExFilter] Rundll32.exe "C:\PROGRA~1\CNNIC\Cdn\cdnspie.dll",ExecFilter solo
O4 - HKLM\..\Run: [SCANREGW] C:\WINDOWS\system32\scanregw.exe
O4 - HKLM\..\Run: [RavTimer] D:\RAV\RAVTIMER.EXE
O4 - HKLM\..\Run: [RavMon] D:\RAV\RAVMON.EXE -SYSTEM
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [eMuleAutoStart] ; C:\Program Files\eMule\eMule.exe -AutoStart
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: 使用网际快车下载 - D:\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - D:\FlashGet\jc_all.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\QQ\SendMMS.htm
O9 - Extra button: 网址大全 - {1FBA04EE-3024-11D2-8F1F-0000F87ABD18} - http://www.coc.cc (文件故障)
O9 - Extra 'Tools' menuitem: 网址大全 - {1FBA04EE-3024-11D2-8F1F-0000F87ABD18} - http://www.coc.cc (文件故障)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (文件故障)
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (文件故障)
O16 - DPF: {AEA9B195-510E-47C7-ABE5-BBF8A270E6FE} (MiniVos20 Control) - file://F:\Vos CF版\VosCreatorforCanmusic\MiniVos20.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E3E01264-59FA-48A4-B90D-538BE17E8501}: NameServer = 202.97.224.69 202.97.227.138

最后编辑2005-08-24 20:54:46