|
初生襁褓狮
|
发表于:
2005-09-12 19:51
|
显示全部
短消息
资料
我用HijacThis扫出来的日志,请高手帮忙看下,哪些是不正常的!
Logfile of HijackThis v1.99.0
Scan saved at 19:48:11, on 2005-9-12
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
C:\PROGRAM FILES\RISING\RAV\RavStub.exe
c:\program files\rising\rfw\rfwsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
c:\program files\rising\rfw\RfwMain.exe
C:\PROGRA~1\RISING\RAV\RAVMON.EXE
C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
C:\Program Files\cFosSpeed\cFosSpeed.exe
C:\Program Files\cFosSpeed\spd.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
D:\Maxthon\Maxthon.exe
D:\qq3\腾讯QQ2005 Beta2 传美版\qq\QQ.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\TEMP\Rar$EX00.250\HijackThis.exe
R3 - Default URLSearchHook is missing
O2 - BHO: 好看123上网精灵 - {00000000-280E-445B-B051-A8B2DA7E798A} - D:\PROGRA~1\SUPERR~1\MagicSet\HAOKAN~1.DLL
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v5.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll
O3 - Toolbar: 新浪ViVi收藏夹 - {15DDE989-CD45-4561-BF99-D22C0D5C2B85} - C:\WINDOWS\Downlo~1\vivimin.dll
O3 - Toolbar: 好看123上网精灵 - {FEDF637B-F631-4583-A210-33CC828D42DB} - D:\PROGRA~1\SUPERR~1\MagicSet\HAOKAN~1.DLL
O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [RavMon] C:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM
O4 - HKLM\..\Run: [RavTimer] C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
O4 - HKLM\..\Run: [cFosSpeed] C:\Program Files\cFosSpeed\cFosSpeed.exe
O4 - HKLM\..\Run: [SoundMan] ; SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] ; RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] ; nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] ; RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &使用迅雷下载 - C:\Program Files\Thunder\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - C:\Program Files\Thunder\getAllurl.htm
O8 - Extra context menu item: 使用影音传送带下载 - C:\Program Files\Xi\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\qq3\腾讯QQ2005 Beta2 传美版\qq\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\qq3\腾讯QQ2005 Beta2 传美版\qq\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\qq3\腾讯QQ2005 Beta2 传美版\qq\SendMMS.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1122869150213
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1122869298604
O20 - AppInit_DLLs: apihookdll.dll
O23 - Service: cFosSpeed System Service - cFos Software GmbH - C:\Program Files\cFosSpeed\spd.exe
O23 - Service: Network Driver - Unknown - C:\WINDOWS\system32\netsvc.exe
O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Rising Personal Firewall Service - Beijing Rising Technology Corporation Limited - c:\program files\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center - rising - C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
O23 - Service: RsRavMon Service - Beijing Rising Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
 2005-09-12 21:54:10
|
