哪位高手可以帮我看HijackThis v1.99.1,删除Backdoor.Nemesi.a,多谢帮忙!!
HijackThis_815汉化版扫描日志 V1.99.1
保存于 9:02:00, 日期 2005-9-22
操作系统: Windows XP SP2 (WinNT 5.01.2600)
浏览器: Internet Explorer v6.00 SP2 (6.00.2900.2180)
当前运行的进程:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
c:\program files\rising\rfw\rfwsrv.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\rising\rfw\RfwMain.exe
C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
C:\PROGRAM FILES\RISING\RAV\RavStub.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\rising\rav\RavMon.exe
F:\xyj\冒险岛\System Safety Monitor\System Safety Monitor\HA_SSM196b2_CZ.EXE
C:\Program Files\Internet Explorer\iexplore.exe
F:\xyj\冒险岛\1\HijackThis1991zww.exe
R3 - 默认的URLSearchHook丢失。用HijackThis修复
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\System32\xunleibho_v5.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - e:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O3 - IE工具栏增项: 卡卡安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\kakatool.dll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SysSafe] F:\xyj\冒险岛\System Safety Monitor\System Safety Monitor\HA_SSM196b2_CZ.EXE
O8 - IE右键菜单中的新增项目: &使用迅雷下载 - E:\Program Files\Thunder Network\Thunder\geturl.htm
O8 - IE右键菜单中的新增项目: &使用迅雷下载全部链接 - E:\Program Files\Thunder Network\Thunder\getAllurl.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - E:\Program Files\FlashGet\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - E:\Program Files\FlashGet\jc_all.htm
O9 - 浏览器额外的按钮: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - 浏览器额外的“工具”菜单项: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {28E0FA88-ABA8-4937-A247-3031F1A11165} - http://dl.51.net/download/diybar2.cab
O16 - DPF: {40CFEA79-ED5B-4B2B-8B8D-B567E40AF812} (sslclient Control) - http://class1.tol24.com/download/ocx/sslclientnew.cab
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (CEditCtrl
Object) - https://www.alipay.com/download/aliedit.cab
O16 - DPF: {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (AxInputControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab
O16 - DPF: {ACFE8232-03C5-4AEC-AF5E-42B806724096} (KSHScan Control) - http://scan.kingsoft.com/scan/fangyi/KAllScan.CAB
O16 - DPF: {AE822EB9-CD38-4B81-AC7F-F468E78BA681} (Anyctrl Control) - http://vodlook.kpcatv.com/software/anyctrl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {DA984A6D-508E-11D6-AA49-0050FF3C628D} (Ravonline) - http://download.rising.com.cn/ravkill/rsonline.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2302FADB-8140-4D88-84DD-3B0F165351CA}: NameServer = 10.41.1.201,210.21.4.131
O17 - HKLM\System\CCS\Services\Tcpip\..\{3DA20EE2-C0CC-4C1F-B5A3-4392F6014A44}: NameServer = 10.41.1.201,10.41.1.143
O17 - HKLM\System\CCS\Services\Tcpip\..\{D417856E-FA2A-45ED-93BE-A32615B306B1}: NameServer = 10.41.1.201,210.21.4.131
O17 - HKLM\System\CS1\Services\Tcpip\..\{2302FADB-8140-4D88-84DD-3B0F165351CA}: NameServer = 10.41.1.201,210.21.4.131
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Corporation Limited - c:\program files\rising\rfw\rfwsrv.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - rising - C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
