1   1  /  1  页   跳转

大虾帮我看看

收藏
mdz2
头像
初生襁褓狮
  • 帖子:41
  • 注册: 2005-10-25
  • 来自:
发表于: 2005-12-27 14:23 | 显示全部 短消息 资料
字号: 1楼

大虾帮我看看

Logfile of HijackThis v1.99.1
Scan saved at 14:25:22, on 2005-12-23
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rising\Rav\Ravmond.exe
c:\program files\rising\rfw\rfwsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Rising\Rav\RavStub.exe
C:\WINDOWS\System32\Iemc.exe
C:\WINDOWS\System32\scsvc.exe
C:\WINDOWS\System32\Svcam.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Rising\Rav\Ravmon.exe
C:\Program Files\Rising\Rfw\rfwmain.exe
C:\WINDOWS\System32\RUNDLL32.exe
C:\WINDOWS\system32\WinShell.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\新建文件夹\Program Files\HijackThis\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\System32\xunleibho_v8.dll
O2 - BHO: IEHelpObj Class - {2D585C2F-24E6-4A88-A986-EE402F1A8EBF} - C:\WINDOWS\system32\IEHlpCom.dll
O2 - BHO: (no name) - {C435160E-DEE2-40B3-980E-377CA90D2D9F} - (no file)
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - C:\Program Files\Kingsoft\FastAIT 2005\IEBand.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] ; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [AudioDeck] ; C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [Super Rabbit SRRestore] C:\Program Files\Super Rabbit\MagicSet\srrest.exe /autosave
O4 - HKLM\..\Run: [TkBellExe] ; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [mscfs] RUNDLL32 C:\WINDOWS\System32\msibm\cfsys.dll,cfs
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [WinShell] C:\WINDOWS\system32\WinShell.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O8 - Extra context menu item: 访问通用网址 - C:\Program Files\CNNIC\Cdn\cnnic.htm
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O10 - Broken Internet access because of LSP provider 'c:\windows\system32\cdnns.dll' missing
O16 - DPF: {1C3DE665-D259-4C72-9D7D-C51FCB4CCFB9} (Panasonic Network Camera) - http://wcam1.iacm.gov.mo/SysCamInst.cab
O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} (KXHCM10 Control) - http://rick.viewnetcam.com/kxhcm10.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{4A01E9F7-F922-4C84-9FC2-E4536D7EE8D3}: NameServer = 218.2.135.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{4A01E9F7-F922-4C84-9FC2-E4536D7EE8D3}: NameServer = 218.2.135.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{4A01E9F7-F922-4C84-9FC2-E4536D7EE8D3}: NameServer = 218.2.135.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{4A01E9F7-F922-4C84-9FC2-E4536D7EE8D3}: NameServer = 218.2.135.1
O20 - Winlogon Notify: noitfy - C:\WINDOWS\SYSTEM32\LogonNotify.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: IEMC - Unknown owner - C:\WINDOWS\System32\Iemc.exe" -service (file missing)
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe
O23 - Service: scsvc - Unknown owner - C:\WINDOWS\System32\scsvc.exe
O23 - Service: Svcam - Unknown owner - C:\WINDOWS\System32\Svcam.exe
O23 - Service: Kerio WinRoute Firewall (WinRoute) - Unknown owner - C:\Program Files\Kerio\WinRoute Firewall\winroute.exe (file missing)

最后编辑2005-12-27 15:26:32
分享到:
gototop
 
mdz2
头像
初生襁褓狮
  • 帖子:41
  • 注册: 2005-10-25
  • 来自:
发表于: 2005-12-27 14:49 | 显示全部 短消息 资料
字号: 2楼

先谢谢
gototop
 
mdz2
头像
初生襁褓狮
  • 帖子:41
  • 注册: 2005-10-25
  • 来自:
发表于: 2005-12-27 15:13 | 显示全部 短消息 资料
字号: 3楼

已全部修复
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT