不知道怎么老弹出一些乱七八糟的窗口,都是那些关于图铃下载,购物啊,或者是其他广告推广的,烦死,用kaka无法拦截,而且上网速度感觉也明显变慢了,各位大侠帮帮忙吧,谢谢了
日志:
HijackThis_815汉化版扫描日志 V1.99.1
保存于 9:45:01, 日期 2006-3-26
操作系统: Windows XP SP1 (WinNT 5.01.2600)
浏览器: Internet Explorer v6.00 SP1 (6.00.2800.1106)
当前运行的进程:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Rising\Rav\CCenter.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Rising\Rav\Ravmond.exe
D:\WINDOWS\Explorer.EXE
d:\program files\rising\rfw\rfwsrv.exe
D:\Program Files\Rising\Rav\RavStub.exe
D:\WINDOWS\system32\spoolsv.exe
d:\program files\rising\rfw\RfwMain.exe
D:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\Rising\Rav\RavTask.exe
D:\Program Files\Rising\Rav\Ravmon.exe
F:\QQ\淘宝旺旺\WangWang.EXE
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Internet Explorer\iexplore.exe
E:\HijackThis1991汉化版\HijackThis1991zww.exe
O2 - BHO: wmpdrm - {0E674588-66B7-4E19-9D0E-2053B800F69F} - D:\WINDOWS\System32\wmpdrm.dll
O2 - BHO: wmpdrm - {0E674588-66B7-4E19-9D0E-2053B800F69F}? - (no file)
O2 - BHO: (no name) - {16A770A0-0E87-4278-B748-2460D64A8386}? - (no file)
O2 - BHO: Gmail网络磁盘文件分割器 - {19741013-C829-11D1-8233-0020AF3E97A0} - D:\WINDOWS\system32\ShellExt\GMailFC.dll
O2 - BHO: ME
objectSDT - {4136C3F6-7636-49bf-A122-D4DA53B1ADDF}? - (no file)
O2 - BHO: DTSvc Class - {6B280AC7-8B18-46A4-BF70-FC579A1B2F76} - D:\Program Files\DTSVC\DTS\DTS.dll
O2 - BHO: NewWeb Controller - {9ACEEE30-143F-471A-AA45-72B061FE7D60} - D:\WINDOWS\system32\AdvSC32.dll
O2 - BHO: ME
objectSDT - {D4D5C535-BA95-4327-870D-A33826FDD17A} - D:\WINDOWS\System32\obwbkya.dll
O3 - IE工具栏增项: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - IE工具栏增项: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - D:\WINDOWS\System32\kakatool.dll
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] D:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] D:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [RfwMain] "D:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - 启动项HKLM\\Run: [RavTask] "D:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [WangWang] "F:\QQ\淘宝旺旺\WangWang.EXE"
O4 - 启动项HKLM\\Run: [MSConfig] D:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - F:\IPQQ2005\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - F:\IPQQ2005\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - F:\IPQQ2005\AddEmotion.htm
O9 - 浏览器额外的按钮: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm
O9 - 浏览器额外的“工具”菜单项: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm
O16 - DPF: {88734439-46D0-42C0-A13F-7E881EE550CF} (Filetran Control) - http://www.bluesky.cn/download/filetran.cab
O16 - DPF: {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} (AxSubmitControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1B666931-69F1-4EDB-8961-BEECD2BB15DA}: NameServer = 202.103.225.68 202.103.224.68
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - d:\program files\rising\rfw\rfwsrv.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - D:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\Program Files\Rising\Rav\Ravmond.exe
O23 - NT 服务: SDAgent Service (SDAgentService) - 北京兴华基业软件技术有限公司 - D:\Program Files\Common Files\smartde\sde.exe
大侠帮忙吧,谢谢先了
