C:\新建文件夹\HijackThis.exe
O2 - BHO: WebThunderBHO - {00000AAA-A363-466E-BEF5-9BB68697AA7F} - d:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v8.dll
O2 - BHO: Router Layer - {5EB7CB50-E375-4718-B4C0-9AD12EFA2F84} - C:\WINDOWS\System32\aclayer.dll (file missing)
O2 - BHO: ff Class - {FAAAC0F6-94BE-4466-934B-7C53666A2F41} - C:\WINDOWS\system32\3341.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [load] C:\WINDOWS\uninstall\rundl132.exe
O4 - HKLM\..\Run: [RavTask] "D:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [cmdbcs] C:\WINDOWS\cmdbcs.exe
O4 - HKLM\..\Run: [AVPSrv] C:\WINDOWS\AVPSrv.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [eMuleAutoStart] D:\Program Files\eMule\emule.exe -AutoStart
O4 - Startup: 腾讯QQ.lnk = D:\Program Files\Tencent\QQ\QQ.exe
O4 - Global Startup: microsofts.hta
O8 - Extra context menu item: &使用迅雷下载 - d:\Program Files\Thunder Network\Thunder\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - d:\Program Files\Thunder Network\Thunder\getallurl.htm
O8 - Extra context menu item: 下载页面上的ED2(&K)链接 - d:\Program Files\eMule\ed2k.html
O8 - Extra context menu item: 使用Web迅雷下载 - d:\Program Files\Thunder Network\WebThunder\GetUrl.htm
O8 - Extra context menu item: 使用Web迅雷下载全部链接 - d:\Program Files\Thunder Network\WebThunder\GetAllUrl.htm
O8 - Extra context menu item: 添加到QQ表情 - d:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用比特精灵下载(&B) - d:\Program Files\BitSpirit\bsurl.htm
O9 - Extra button: 番茄花园 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.tomatolei.com (file missing)
O9 - Extra button: 启动Web迅雷 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - http://my.xunlei.com (file missing)
O9 - Extra 'Tools' menuitem: 启动Web迅雷 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - http://my.xunlei.com (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://www.tomatolei.com
O16 - DPF: {C09B522F-8AED-4E21-A65C-DC1AB652BAEE} (Tencent Safety Online Base Module) - http://safe.qq.com/cgi-bin/tso/TSOBase.ocx
O23 - Service: 16E26C0E - Unknown owner - C:\WINDOWS\system32\D53341C7.EXE
O23 - Service: Provisioning Transaction Service (919mm) - Unknown owner - C:\WINDOWS\system32\spool\xDown0.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BlackHole Remote Control Services (BRC_Services) - Unknown owner - C:\WINDOWS\system32\brc_Server.exe" /service (file missing)
O23 - Service: E893F5D6 - Unknown owner - C:\WINDOWS\system32\CCB3BACA.EXE (file missing)
O23 - Service: Fax 2Client (ms_2fax) - Unknown owner - C:\WINDOWS\system32\34471.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - D:\Program Files\Rising\Rav\CCenter.exe
O23 - Service: Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\PROGRAM FILES\RISING\RAV\Ravmond.exe
O23 - Service: Network Provisioning Stop (xmlpro) - Unknown owner - C:\WINDOWS\system32\\Lysvr.exe
第23项里面貌似有几个就是灰鸽子了 里面第23项的第3,4个应该是ATI既进程
倒数第2,3个是瑞星杀毒既进程 其他的偶也不太懂 求各位帮助OTL
不胜感激
