进程
我的hijstic
Logfile of HijackThis v1.99.1
Scan saved at 9:18:37 上午, on 7/2/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
运行进程:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rising\Rfw\rfwsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRAM FIaLES\RISING\RAV\CCENTER.EXE
C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
C:\Program Files\Rising\Rfw\RfwMain.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRAM FILES\RISING\RAV\RavStub.exe
E:\哥哥\IE\Maxthon\Thundermini\ThunderMini.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
C:\PROGRA~1\RISING\RAV\RAVMON.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\taskmgr.exe
E:\QQ应用软件\QQ软件\TIMPlatform.exe
E:\哥哥\IE\Maxthon\Maxthon.exe
E:\QQ应用软件\QQ软件\QQ.exe
E:\木马专杀\HijackThis.exe
R3 - URLSearchHook: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\Program Files\3721\Assist\asbar.dll
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v5.dll
O2 - BHO: (no name) - {2AE11484-1F54-48C2-AA02-CEBE3EB5B688} - C:\WINDOWS\system32\man.dll (文件故障)
O2 - BHO: NaviHelperObj Class - {3E422F49-1566-40D3-B43D-077EF739AC32} - C:\WINDOWS\system32\NaviHelper.dll (文件故障)
O2 - BHO: Router Layer - {5EB7CB50-E375-4718-B4C0-9AD12EFA2F84} - C:\WINDOWS\System32\aclayer.dll
O2 - BHO: 卡卡安全助手 - {AFF6E516-CBE5-4F8A-9C2F-38A68013E766} - C:\Program Files\Rising\KaKaToolBar\kakatool.dll
O2 - BHO: AssistII - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\Program Files\3721\Assist\asbar.dll
O2 - BHO: YiSou - {EF1D17A9-089F-40cc-8D64-7324CDEBA0DB} - C:\PROGRA~1\yisou\yisoub.dll
O3 - Toolbar: (no name) - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - (没有文件)
O3 - Toolbar: 完美网译通 - {F43BD772-ABDD-43b7-A96A-3E9E61946EC0} - C:\WINDOWS\WORLD2\TOOLBAR\hmtoolbar.dll
O3 - Toolbar: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\Program Files\3721\Assist\asbar.dll
O3 - Toolbar: 一搜工具条 - {115F6E46-FCBC-41ed-B3B5-3BDDD4AAB5E5} - C:\Program Files\yisou\yisou.dll
O3 - Toolbar: 卡卡安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\Program Files\Rising\KaKaToolBar\kakatool.dll
O4 - HKLM\..\Run: [thunder_mini] E:\哥哥\IE\Maxthon\Thundermini\ThunderMini.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [WINDIY FireWall] E:\哥哥\System Expert\SystemExpert.exe /IEFireWall
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RavTimer] C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
O4 - HKLM\..\Run: [RavMon] C:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [InitTest] E:\QQ应用软\initUnit.EXE /NET
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: E话通.lnk = ?
O8 - Extra context menu item: &使用迅雷下载 - D:\工具\Thunder\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - D:\工具\Thunder\getAllurl.htm
O8 - Extra context menu item: &使用迷你迅雷下载 - E:\哥哥\IE\Maxthon\Thundermini\geturl.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - E:\QQ应用软件\QQ软件\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - E:\QQ应用软件\QQ软件\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - E:\QQ应用软件\QQ软件\SendMMS.htm
O8 - Extra context menu item: 百度-搜索MP3 - res://C:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDUMP3.HTM
O8 - Extra context menu item: 百度-搜索图片 - res://C:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDUIMG.HTM
O8 - Extra context menu item: 百度-搜索新闻 - res://C:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDUNEWS.HTM
O8 - Extra context menu item: 百度-搜索歌词 - res://C:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDULYRIC.HTM
O8 - Extra context menu item: 百度-搜索网页 - res://C:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDUSEARCH.HTM
O8 - Extra context menu item: 百度-搜索贴吧 - res://C:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDUPOST.HTM
O8 - Extra context menu item: 百度-词典搜索 - res://C:\Progra~1\Baidu\bar\BaiDuBar.dll/BAIDU_DIC.HTM
O9 - Extra button: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-E800A446447A} - E:\游戏\浩方对战平台\GameClient.exe
O9 - Extra button: WINDIY 网页防火墙 - {1DE0FCD4-5EB5-11D3-AD25-00002100131C} - E:\哥哥\System Expert\SystemExpert.e (文件故障)
O9 - Extra 'Tools' menuitem: WINDIY 网页防火墙 - {1DE0FCD4-5EB5-11D3-AD25-00002100131C} - E:\哥哥\System Expert\SystemExpert.e (文件故障)
O9 - Extra button: 访问瑞星网站 - {FF2DE7A6-ECB1-4CBC-9C0E-D92A9E66E444} - http://www.rising.com.cn (文件故障)
O9 - Extra button: 访问卡卡社区 - {FF2DE7A6-ECB1-4CBC-9C0E-D92A9E66E445} - http://www.ikaka.com (文件故障)
O11 - Options group: [!CNS] 网络实名
O16 - DPF: {35DC0C9A-C471-4910-8724-BA5514967E2F} (ERADMStart.StartControl) - http://www.im.tv/bbstart.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{51E10A18-9795-41F3-8555-1EE6D2F507C4}: NameServer = 202.96.128.68 61.139.2.69
O18 - Protocol: ipp - (no CLSID) - (没有文件)
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll
O18 - Protocol: msdaipp - (no CLSID) - (没有文件)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
附件:
44711220057291848.jpg