请高手帮忙修理一下电脑~附日志，谢谢喔~ - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛请高手帮忙修理一下电脑~附日志，谢谢喔~

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

请高手帮忙修理一下电脑~附日志，谢谢喔~

晶晶Jane1 初生襁褓狮帖子:20 注册: 2006-05-09 来自:	发表于： 2007-05-07 21:23 \| 只看楼主短消息资料字号：小中大 1楼请高手帮忙修理一下电脑~附日志，谢谢喔~ Logfile of HijackThis v1.99.1 Scan saved at 21:04:55, on 2007-5-7 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Rising\Rav\CCenter.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE e:\program files\rising\rfw\rfwsrv.exe C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\CNNIC\Cdn\cdnup.exe e:\program files\rising\rfw\RfwMain.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\RhinoSoft.com\Serv-U\ServUDaemon.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Apoint2K\Apoint.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\VM_STI.EXE C:\Program Files\Rising\AntiSpyware\runiep.exe C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Apoint2K\Apntex.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\conime.exe C:\Program Files\MSN Messenger\usnsvc.exe D:\暴风影音\Storm Codec\mplayerc.exe C:\Program Files\Messenger\msmsgs.exe D:\maxthon\Maxthon.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Rising\Rav\Ravmond.exe C:\Program Files\Rising\Rav\RAVMON.EXE C:\Program Files\Rising\Rav\RavStub.exe C:\WINDOWS\system32\taskmgr.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wbem\wmiprvse.exe E:\HijackThis.exe F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: 61.152.108.76 www.work009.com O1 - Hosts: 61.152.108.76 my.m365m.com O1 - Hosts: 61.152.108.76 www.mh578.com O2 - BHO: ThunderBHO - {06849E9E-C8D7-4D59-B87D-784B7D6BE0B3} - F:\movie3\新建文件夹 \ComDlls\XunLeiBHO_007.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: IEMonitor Class - {08A312BB-5409-49FC-9347-54BB7D069AC6} - C:\WINDOWS\system32 \IESHEL~1.DLL (file missing) O2 - BHO: MyLoader Class - {09BA1AA9-CAD4-4C14-BDE6-922DFF5F6F38} - C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Office\SYSTEMDATA\5jDkOlXhaS_2002.dll O2 - BHO: Flash Object Class - {109B111C-371B-4267-AF19-BDEB6EDA0970} - C:\WINDOWS\Flash8.dll O2 - BHO: CNNIC 网络工具Drag - {352E3B3A-CAB5-4DBC-B940-C7F84D0447D8} - C:\PROGRA~1 \CNNIC\Cdn\cdndrag.dll O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - D:\qq2006\QQIEHelper.dll O2 - BHO: CdnForIE Class - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1 \CNNIC\Cdn\cdnforie.dll O2 - BHO: 实用搜索 - {6CFD436C-7AAD-4e50-992F-C0C87A94CAD2} - C:\Program Files\superutilbar\superutilbar.dll (file missing) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: browser Class - {C86488AF-13D5-4FEF-9DDF-9FB88698CFC1} - C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Office\USERDATA\fMM9iZ8eJD_2002.dll O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - C:\WINDOWS\DOWNLO~1\CnsHook.dll O2 - BHO: WMHlprObj Class - {F5824EFB-728A-4726-A5A5-85A68B20EDC3} - C:\PROGRA~1 \CNNIC\Cdn\wmhlpr.dll O2 - BHO: AdSwpr - {FCADDC14-BD46-408A-9842-CDBE1C6D37EB} - C:\PROGRA~1\IE修复~1\IERBar.dll O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O3 - Toolbar: 实用搜索工具条2.0 - {03465FF5-00AE-411a-9C34-960ED566EC03} - C:\Program 2007-05-07 21:36:52
晶晶Jane1 初生襁褓狮帖子:20 注册: 2006-05-09 来自:	分享到：

晶晶Jane1 初生襁褓狮帖子:20 注册: 2006-05-09 来自:	发表于： 2007-05-07 21:24 \| 只看楼主短消息资料字号：小中大 2楼 Files\superutilbar\superutilbar.dll (file missing) O3 - Toolbar: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - D:\三星荺\IEBand.dll (file missing) O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: &IE修复专家 - {123249EB-F891-44C4-946F-450064F9080E} - C:\PROGRA~1\IE修复~1 \IERBar.dll O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE USB PC Camera 301P O4 - HKLM\..\Run: [StormCodec_Helper] "D:\暴风影音\Storm Codec\StormSet.exe" /S /opti O4 - HKLM\..\Run: [runeip] C:\Program Files\Rising\AntiSpyware\runiep.exe O4 - HKLM\..\Run: [CdnCtr] C:\Program Files\CNNIC\Cdn\cdnup.exe O4 - HKLM\..\Run: [YLive.exe] C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe O4 - HKLM\..\Run: [helper.dll] C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721 \helper.dll,Rundll32 O4 - HKLM\..\Run: [CnsMHlp.exe] C:\WINDOWS\Downloaded Program files\CnsMHlp.exe O4 - HKLM\..\Run: [CnsMin] Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32 O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Startup: QQ游戏启动加速程序.lnk = D:\QQGame\Accel.exe O4 - Startup: 腾讯QQ.lnk = D:\qq2006\QQ.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\qq2006\AddToNetDisk.htm O8 - Extra context menu item: 添加到QQ自定义面板 - D:\qq2006\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - D:\qq2006\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\qq2006\SendMMS.htm O8 - Extra context menu item: 访问通用网址 - C:\Program Files\CNNIC\Cdn\cnnic.htm O9 - Extra button: Yahoo 3.5G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail (file missing) O9 - Extra button: 名品折扣 - {59BC54A2-56B3-44a0-93E5-432D58746E26} - http://adtaobao.allyes.com/main/adfclick? db=adtaobao&bid=138,140,18&cid=816,8,1&sid=5042&show=ignore&url=http://www.taobao.com/vertic al/mall/pro.php?allyesPara=816 (file missing) O9 - Extra button: 中文上网 - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1 \CNNIC\Cdn\cdnuc.exe O9 - Extra 'Tools' menuitem: 中文上网 - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnuc.exe O9 - Extra button: 雅虎助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist (file missing) O9 - Extra button: 雅虎WIDGET - {6354ABE6-05F1-49ed-B850-E423120EC338} - http://cn.widget.yahoo.com/index.htm?source=Cns (file missing) O9 - Extra button: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg (file missing) O9 - Extra button: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing) O9 - Extra 'Tools' menuitem: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing) O9 - Extra button: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing) O9 - Extra 'Tools' menuitem: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing) O10 - Unknown file in Winsock LSP: c:\windows\system32\cdnns.dll O11 - Options group: [!CNS] 中文上网 O11 - Options group: [CDNCLIENT] 中文上网 O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://angeljingjingjane.spaces.live.com/PhotoUpload/MsnPUpld.cab?10,0,912,0 O16 - DPF: {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (AxInputControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{59ACBA95-1468-48A5-BDE3-F2D4FD23E3F7}: NameServer = 202.116.64.2,202.116.64.3 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1 \MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1 \MSGRAP~1.DLL O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Rising Proxy Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - e:\program files\rising\rfw\rfwproxy.exe O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - e:\program files\rising\rfw\rfwsrv.exe O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe O23 - Service: Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe O23 - Service: Serv-U FTP Server (Serv-U) - Rhino Software, Inc. +1(262) 560-9627 - C:\Program Files\RhinoSoft.com\Serv-U\ServUDaemon.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Windows NT Service32 - Unknown owner - C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\NTService32.dll",Start (file missing)
晶晶Jane1 初生襁褓狮帖子:20 注册: 2006-05-09 来自:

╰☆不留名シ健康舞勺狮帖子:285 注册: 2007-04-30 来自:	发表于： 2007-05-07 21:32 \| 短消息资料字号：小中大 3楼下载arswp(Windows清理助手)和恶意软件清理助手清理下流氓软件， http://www.arswp.com/download/arswp/arswp.rar http://dl.pconline.com.cn/html_2/1/59/id=10897&pn=0&linkPage=1.html 再扫个SRE日志上来下载 System Repair Engineer， http://www.kztechs.com/sreng/download.html 1 解压缩sreng2.zip 2 运行SREng.exe 3 智能扫描=》扫描=》保存报告 4 把日志中的报告完整拷贝贴上来，不要修改日志一次发不完，请分次发上来
╰☆不留名シ健康舞勺狮帖子:285 注册: 2007-04-30 来自:

晶晶Jane1 初生襁褓狮帖子:20 注册: 2006-05-09 来自:	发表于： 2007-05-07 21:46 \| 只看楼主短消息资料字号：小中大 4楼喔...==
晶晶Jane1 初生襁褓狮帖子:20 注册: 2006-05-09 来自:

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT