Logfile of HijackThis v1.99.1
Scan saved at 12:29:59, on 2005-11-9
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\PROGRAM FILES\RISING\RAV\Ravmond.exe
E:\Program Files\Rising\Rfw\rfwsrv.exe
E:\PROGRAM FILES\RISING\RAV\RavStub.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\System32\ctfmon.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\3721\Dlaccel\YDownloader.exe
E:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
E:\PROGRA~1\Yahoo!\Assistant\yassistse.exe
E:\WINDOWS\System32\RUNDLL32.exe
E:\Program Files\Iparmor\Iparmor.exe
E:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
E:\PROGRA~1\RISING\RAV\RAVMON.EXE
E:\Program Files\Rising\Rfw\RfwMain.exe
E:\Program Files\SmartVGA\colordesk.exe
E:\Program Files\3721\Dlaccel\TDUpdate.exe
E:\Program Files\DuDu\DddClient\DuDuAcc.exe
E:\Program Files\DuDu\DddClient\dudupros.exe
E:\WINDOWS\System32\nvsvc32.exe
E:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
E:\Program Files\Internet Explorer\IEXPLORE.EXE
E:\Program Files\WinRAR\WinRAR.exe
E:\DOCUME~1\VK\LOCALS~1\Temp\Rar$EX00.266\HijackThis.exe
E:\WINDOWS\System32\wuauclt.exe

O2 - BHO: (no name) - _{1272F701-349D-4DB3-BBCD-10CBDCD049FE} - (no file)
O2 - BHO: YDragSearch - _{62EED7C6-9F02-42f9-B634-98E2899E147B} - (no file)
O2 - BHO: MMSAssist - _{6671A431-5C3D-463d-A7CF-5587F9B7E191} - (no file)
O2 - BHO: MEobjectSDT - _{D4D5C535-BA95-4327-870D-A33826FDD17A} - (no file)
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - E:\WINDOWS\System32\xunleibho_v8.dll
O2 - BHO: EyeOnBrowser Class - {1272F701-349D-4DB3-BBCD-10CBDCD049FE} - E:\WINDOWS\Downlo~1\_IS_WEBH.dll
O2 - BHO: Anti Fish - {38928D50-8A48-44C2-945F-D2F23F771410} - E:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yAngling.dll
O2 - BHO: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - E:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - E:\Program Files\Tencent\QQ\QQIEHelper.dll
O2 - BHO: stdup - {6A512BF7-EC78-4e8d-9841-6C02E8FA9838} - E:\WINDOWS\system32\stdup.dll
O2 - BHO: DuDu.com - {6BDE1669-B490-48E3-B668-456314F2D6C3} - E:\Program Files\DuDu\DddClient\dddiemon.dll
O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - E:\PROGRA~1\baidu\bar\baidubar.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - E:\PROGRA~1\FLASHGET\jccatch.dll
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - (no file)
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - E:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - e:\program files\google\googletoolbar1.dll
O3 - Toolbar: 百度超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - E:\PROGRA~1\baidu\bar\baidubar.dll
O3 - Toolbar: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - E:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O3 - Toolbar: (no name) - {DBBB7978-AF21-4EF4-9AD1-B2F4BC75696C} - E:\PROGRA~1\P4P\ToolBar.dll (file missing)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - E:\PROGRA~1\FLASHGET\fgiebar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "E:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] E:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] E:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [dl_accel] E:\Program Files\3721\Dlaccel\YDownloader.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [YLive.exe] E:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
O4 - HKLM\..\Run: [yassistse] "E:\PROGRA~1\Yahoo!\Assistant\yassistse.exe"
O4 - HKLM\..\Run: [advapi32] RUNDLL32 E:\WINDOWS\Downlo~1\_IS_ISC.DLL,isc
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [CnsMin] Rundll32.exe E:\WINDOWS\DOWNLO~1\CONFLICT.2\CnsMin.dll,Rundll32
O4 - HKLM\..\Run: [iparmor] E:\Program Files\Iparmor\Iparmor.exe mini
O4 - HKLM\..\Run: [RavTimer] E:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
O4 - HKLM\..\Run: [RavMon] E:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM
O4 - HKLM\..\Run: [RfwMain] "E:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [colorful] E:\Program Files\SmartVGA\colordesk.exe
O4 - Startup: 腾讯QQ.lnk = E:\Program Files\Tencent\QQ\QQ.exe
O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = E:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: DuDu加速器.lnk = E:\Program Files\DuDu\DddClient\DuDuAcc.exe
O4 - Global Startup: 行动管理员 32.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = E:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O8 - Extra context menu item:  >> 彩信发送 << - res://E:\PROGRA~1\MMSASS~1\MMSASS~1.DLL/mms.htm
O8 - Extra context menu item: &Google Search - res://E:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &使用DuDu 加速器下? - res://E:\Program Files\DuDu\DddClient\dddmext.dll/202
O8 - Extra context menu item: &使用下载加速专家下载 - E:\Program Files\3721\Dlaccel\geturl.htm
O8 - Extra context menu item: &使用迅雷下载 - E:\Program Files\Thunder Network\Thunder\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - E:\Program Files\Thunder Network\Thunder\getallurl.htm
O8 - Extra context menu item: Backward Links - res://E:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://E:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://E:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://E:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: 下载页面上的ED2(&K)链接 - E:\Program Files\eMule\ed2k.html
O8 - Extra context menu item: 使用网际快车下载 - E:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - E:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - E:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - E:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - E:\Program Files\Tencent\QQ\SendMMS.htm
O8 - Extra context menu item: 百度-搜索MP3 - res://E:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUMP3.HTM
O8 - Extra context menu item: 百度-搜索图片 - res://E:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUIMG.HTM
O8 - Extra context menu item: 百度-搜索新闻 - res://E:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUNEWS.HTM
O8 - Extra context menu item: 百度-搜索歌词 - res://E:\PROGRA~1\baidu\bar\baidubar.dll/BAIDULYRIC.HTM
O8 - Extra context menu item: 百度-搜索网页 - res://E:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUSEARCH.HTM
O8 - Extra context menu item: 百度-搜索贴吧 - res://E:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUPOST.HTM
O8 - Extra context menu item: 百度-词典搜索 - res://E:\PROGRA~1\baidu\bar\baidubar.dll/BAIDU_DIC.HTM
O9 - Extra button: 手机短信 - {00000000-0000-0001-0001-596BAEDD1289} - http://sms.3721.com/ie/index.htm (file missing)
O9 - Extra button: 下?管理 - {3DB9F45E-AA74-4373-A466-C18A9F1C500D} - E:\Program Files\DuDu\DddClient\DuDuAcc.exe
O9 - Extra 'Tools' menuitem: 下?管理 - {3DB9F45E-AA74-4373-A466-C18A9F1C500D} - E:\Program Files\DuDu\DddClient\DuDuAcc.exe
O9 - Extra button: Yahoo 1G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.mail.yahoo.com/promo/rd1 (file missing)
O9 - Extra button: 寻宝乐趣多 - {59BC54A2-56B3-44a0-93E5-432D58746E26} - http://hot.3721.com/rd/shop_btn.htm (file missing)
O9 - Extra button: 上网助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://assistant.3721.com/index.htm?fb=Cns (file missing)
O9 - Extra button: (no name) - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - E:\PROGRA~1\MMSASS~1\MMSASS~1.DLL
O9 - Extra 'Tools' menuitem: MMSAssist工具条设置 - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - E:\PROGRA~1\MMSASS~1\MMSASS~1.DLL
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - E:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - E:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - Extra button: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/ (file missing)
O9 - Extra button: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://assistant.3721.com/security1.htm?fb=Cns (file missing)
O9 - Extra 'Tools' menuitem: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://assistant.3721.com/security1.htm?fb=Cns (file missing)
O9 - Extra button: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://assistant.3721.com/clean1.htm?fb=Cns (file missing)
O9 - Extra 'Tools' menuitem: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://assistant.3721.com/clean1.htm?fb=Cns (file missing)
O11 - Options group: [!CNS]  上网助手-地址栏搜索
O16 - DPF: _{9BBD100C-E820-4930-9937-E8F3AA40E584} - http://antivirus3.sunv.com/dfvsolDown/dfvsol.cab
O16 - DPF: _{9BDBC41E-C335-4263-83C0-ECE78EE28A33} - http://origin-www.ahn.com.cn/aspservice/plugin/myfirewall20.cab
O16 - DPF: _{EF9F1C48-1A63-495A-9317-B7B71B34A9CF} - http://ddddl.dudu.com/ddd/update/plugin/sinamsp.cab
O16 - DPF: {33331111-1111-1111-1111-611111193457} - file://c:\ex.cab
O16 - DPF: {33331111-1111-1111-1111-611111193458} - file://c:\ex.cab
O16 - DPF: {33331111-1111-1111-1111-622221193458} - file://c:\ex.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1131079391140
O16 - DPF: {64311111-1111-1121-1111-111191113457} - file://c:\eied_s7.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1131081024390
O18 - Protocol: koboo - {7DEE9D05-FA0A-4416-A6F3-6537D0EAB6A6} - E:\WINDOWS\System32\mbprot.dll
O20 - AppInit_DLLs: apihookdll.dll
O21 - SSODL: SystemCheck2 - {54645654-2225-4455-44A1-9F4543D34546} - E:\WINDOWS\System32\vbsys2.dll
O23 - Service: EpsonBidirectionalService - Unknown owner - E:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Corporation Limited - E:\Program Files\Rising\Rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - rising - E:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - E:\PROGRAM FILES\RISING\RAV\Ravmond.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Update Manager - Unknown owner - E:\WINDOWS\svchost.exe

有没有人帮忙看下啊!急!!!!!!!!!!!

O23 - Service: Update Manager - Unknown owner - E:\WINDOWS\svchost.exe
鸽子
修复方法:
http://forum.ikaka.com/topic.asp?board=28&artid=6202404

            主题： 关于查杀“灰鸽子2005”的一点建议

重装就行了呗，这么麻烦！！！

引用:

【猎鹰渔民的贴子】重装就行了呗，这么麻烦！！！ ...........................

真会灌水啊!BS

【回复“子阳”的帖子】刚看完!现在去试试!不行还要请教!谢谢