这是我的日志,我该怎么做啊?才能杀掉那该死的鸽子啊。谢谢,谢谢。 Logfile of HijackThis v1.99.1
Scan saved at 18:40:38, on 2005-9-11
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
E:\软件\RAV\Ravmond.exe
E:\软件\RAV\RavStub.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CNNIC\Cdn\cdnup.exe
E:\软件\RAV\RAVTIMER.EXE
E:\软件\RAV\RAVMON.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\firewall.exe
C:\WINDOWS\System32\spooIsv.exe
C:\WINDOWS\System32\ifjswsr.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\conime.exe
C:\WINDOWS\System32\alg.exe
E:\软件\RAV\CCENTER.EXE
E:\下载\Chinanet\VnetClient.exe
E:\WINRAR\WinRAR.exe
C:\DOCUME~1\wlp\LOCALS~1\Temp\Rar$EX00.000\HijackThis.exe
C:\WINDOWS\System32\lsxkfkvv.exe
R3 - URLSearchHook: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\Program Files\3721\Assist\asbar.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\PROGRA~1\baidu\bar\baidubar.dll
O2 - BHO: AssistII - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\Program Files\3721\Assist\asbar.dll
O3 - Toolbar: Infofo 工具栏 - {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} - C:\Program Files\Infofo Bar\infofobar.dll
O3 - Toolbar: 百度超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\PROGRA~1\baidu\bar\baidubar.dll
O3 - Toolbar: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\Program Files\3721\Assist\asbar.dll
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [IMJPMIG8.1] ; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] ; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] ; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [CdnCtr] C:\Program Files\CNNIC\Cdn\cdnup.exe
O4 - HKLM\..\Run: [rfw] ; E:\Rfw\Rfw.exe
O4 - HKLM\..\Run: [Generic Host Process2 System Backup] ; scvhost2.exe
O4 - HKLM\..\Run: [Super Rabbit SRRestore] ; E:\超级兔子\SRRest.exe /autosave
O4 - HKLM\..\Run: [RavTimer] E:\软件\RAV\RAVTIMER.EXE
O4 - HKLM\..\Run: [RavMon] E:\软件\RAV\RAVMON.EXE -SYSTEM
O4 - HKLM\..\Run: [tracert] ; C:\WINDOWS\System32\insggens.exe
O4 - HKLM\..\Run: [MoveSearch] ; C:\Program Files\wsearch\Search.exe
O4 - HKLM\..\Run: [MSPY2002] ; C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [System service65] ; C:\WINDOWS\etb\pokapoka65.exe
O4 - HKLM\..\Run: [msdos] ; C:\msdos.exe
O4 - HKLM\..\Run: [vtnyfeg] ; C:\WINDOWS\System32\rmodudv.exe r
O4 - HKLM\..\Run: [Windows Network Firewall] C:\WINDOWS\System32\firewall.exe
O4 - HKLM\..\Run: [Spooler SubSystem App] C:\WINDOWS\System32\spooIsv.exe
O4 - HKLM\..\Run: [rodosza] C:\WINDOWS\System32\ifjswsr.exe r
O4 - HKLM\..\Run: [Services] C:\WINDOWS\System32\lsxkfkvv.exe
O4 - HKLM\..\RunServices: [Generic Host Process2 System Backup] ; scvhost2.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Generic Host Process2 System Backup] ; scvhost2.exe
O4 - HKCU\..\Run: [services32] ; C:\Program Files\Common Files\Windows\mc-58-12-0000133.exe
O4 - HKCU\..\Run: [DNS] ; C:\Program Files\Common Files\mc-58-12-0000133.exe
O4 - HKCU\..\Run: [msdos] ; C:\msdos.exe
O4 - HKCU\..\Run: [MSMSGS] ; "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: 腾讯QQ.lnk = ?
O9 - Extra button: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll
O9 - Extra 'Tools' menuitem: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\WINDOWS\System32\shdocvw.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\cdnns.dll
O11 - Options group: [!CNS] 上网助手-地址栏搜索
O11 - Options group: [CDNCLIENT] 中文上网
O17 - HKLM\System\CCS\Services\Tcpip\..\{6B389064-766E-4526-961D-685BEA9E7E19}: NameServer = 61.177.7.1 221.228.255.1
O23 - Service: Dadaoli_New_Server (NewDadaoliServer) - Unknown owner - C:\WINDOWS\Ddl_Server.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - rising - E:\软件\RAV\CCENTER.EXE
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - E:\软件\RAV\Ravmond.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe