chnjcq - 2005-12-2 2:39:00
我的电脑曾经用瑞新杀出过灰鸽子,现在查不到毒,但电脑键盘常被锁死,桌面颜色常被更改,还会自动跳出一些画面,请高手指教一下,如何查毒,杀毒,谢谢,下面是HijackThis_815汉化版扫描日志 日期 2005-12-2
HijackThis_815汉化版扫描日志 V1.99.1
保存于 AM 2:17:04, 日期 2005-12-2
操作系统: Windows XP SP2 (WinNT 5.01.2600)
浏览器: Internet Explorer v6.00 SP2 (6.00.2900.2180)
当前运行的进程:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\新装软件D\瑞星杀毒\RISING\RAV\Ravmond.exe
C:\WINDOWS\Explorer.EXE
d:\新装软件d\瑞星杀毒\rising\rfw\rfwsrv.exe
C:\WINDOWS\system32\spoolsv.exe
D:\新装软件D\瑞星杀毒\Rising\Rfw\rfwmain.exe
D:\新装软件D\Photofamily 电子相册王 3.0多国语言版\DetectorSvc.exe
D:\新装软~1\瑞星杀毒\RISING\RAV\RAVTIMER.EXE
D:\新装软~1\瑞星杀毒\RISING\RAV\RAVMON.EXE
C:\WINDOWS\system32\ctfmon.exe
D:\新装软件D\瑞星杀毒\RISING\RAV\CCENTER.EXE
C:\WINDOWS\System32\Drivers\WTSRV.EXE
D:\新装软~1\瑞星杀毒\RISING\RAV\Rav.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\新装软件D\WinRAR 3.42 简体中文版\WinRAR.exe
D:\新装软件D\HijackThis下载\HijackThis1991zww.exe
O2 - BHO: Anti Fish - {38928D50-8A48-44C2-945F-D2F23F771410} - C:\Program Files\3721\Assist\Angling.dll
O2 - BHO: DragSearch BHO - {62EED7C6-9F02-42f9-B634-98E2899E147B} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\YDRAGS~1.DLL (file missing)
O2 - BHO: (no name) - {6BDE1669-B490-48E3-B668-456314F2D6C3} - (no file)
O2 - BHO: AssistII - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\Program Files\3721\Assist\asbar.dll
O3 - IE工具栏增项: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\Program Files\3721\Assist\asbar.dll
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] ; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] ; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] ; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [MSPY2002] ; C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - 启动项HKLM\\Run: [PRONoMgr.exe] ; c:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - 启动项HKLM\\Run: [thunder_mini] ; C:\Program Files\Sandai\ThunderMini\ThunderMini.exe
O4 - 启动项HKLM\\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - 启动项HKLM\\Run: [RfwMain] "D:\新装软件D\瑞星杀毒\Rising\Rfw\rfwmain.exe" -Startup
O4 - 启动项HKLM\\Run: [StormCodec_Helper] ; "D:\新装软件D\暴风影音\Storm Codec\StormSet.exe" /S /opti
O4 - 启动项HKLM\\Run: [Alitalk] ; D:\新装软~1\贸易通\贸易通\AliTalk.EXE -hideframe
O4 - 启动项HKLM\\Run: [WService] ; WService.EXE
O4 - 启动项HKLM\\Run: [RavTimer] D:\新装软~1\瑞星杀毒\RISING\RAV\RAVTIMER.EXE
O4 - 启动项HKLM\\Run: [RavMon] D:\新装软~1\瑞星杀毒\RISING\RAV\RAVMON.EXE -SYSTEM
O4 - HKCU\..\Run: [Super Rabbit Desktop Search] ; D:\新装软件D\魔法兔子\MagicSet\srsearch.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - D:\新装软件D\腾讯QQ 2004 II\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - D:\新装软件D\腾讯QQ 2004 II\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - D:\新装软件D\腾讯QQ 2004 II\SendMMS.htm
O16 - DPF: {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (AxInputControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab
O16 - DPF: {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} (AxSubmitControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab
O16 - DPF: {DE3496D2-AFB9-47EB-A8C2-C3B330222513} (PhotoUpload Control) - http://www.photo.163.com/PhotoUpload.cab
O16 - DPF: {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (Rising Web Scan Object) - http://download.rising.com.cn/register/pcver/autoupgradepad/Ver2005/OL2005.cab
O18 - 列举现有的协议: koboo - {7DEE9D05-FA0A-4416-A6F3-6537D0EAB6A6} - C:\WINDOWS\system32\mbprot.dll (file missing)
O23 - NT 服务: DetectorSvc - BENQ (IT) Co.,Ltd. - D:\新装软件D\Photofamily 电子相册王 3.0多国语言版\DetectorSvc.exe
O23 - NT 服务: Intel NCS NetService (NetSvc) - Intel(R) Corporation - c:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Corporation Limited - d:\新装软件d\瑞星杀毒\rising\rfw\rfwsrv.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - rising - D:\新装软件D\瑞星杀毒\RISING\RAV\CCENTER.EXE
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\新装软件D\瑞星杀毒\RISING\RAV\Ravmond.exe
O23 - NT 服务: WinTab Service (WinTabService) - Unknown owner - C:\WINDOWS\System32\Drivers\WTSRV.EXE
© 2000 - 2025 Rising Corp. Ltd.