发表于: 2006-06-23 14:02 | 显示全部 短消息 资料
字号: 1楼

请大侠帮忙看看日志!瑞星杀毒软件竟然被删了!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\rising\rfw\rfwsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Rising\Rfw\rfwmain.exe
C:\HEROSOFT\Hero3000\SYSEXPLR.EXE
C:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE
C:\Program Files\Common Files\Sogou PXP\p2psvr.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\a\桌面\HijackThis.exe

R3 - URLSearchHook: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\Program Files\3721\Assist\asbar.dll
R3 - URLSearchHook: SgUrlSearHook Class - {BAB1AC41-6FF7-4F2E-A04E-5C592CCFEA7D} - C:\WINDOWS\System32\socul.dll
R3 - URLSearchHook: (no name) - {1C22060E-1BD8-4D8A-9351-EF813CA57E2C} - C:\WINDOWS\System32\Kwmja.dll (file missing)
R3 - URLSearchHook: (no name) - {600E1939-5763-41FF-AAF6-B42F2191C3E8} - C:\WINDOWS\System32\Fsxl.dll (file missing)
R3 - URLSearchHook: (no name) - {A8702C99-76AA-4567-89AC-35EEDD9FA411} - C:\WINDOWS\System32\Zsxnr.dll (file missing)
R3 - URLSearchHook: (no name) - {CC12EBEA-5094-48DA-80DD-5C48CCC9DD2D} - C:\WINDOWS\System32\Pcdaa.dll (file missing)
R3 - URLSearchHook: (no name) - {E27CDB55-2157-405B-BA59-EEA10340C279} - C:\WINDOWS\System32\Smvq.dll (file missing)
R3 - URLSearchHook: (no name) - {5B831BC2-E456-4586-A8C9-3C1707628977} - C:\WINDOWS\System32\Soprvn.dll (file missing)
R3 - URLSearchHook: (no name) - {C60494EC-8BF7-47DF-A1B8-BF4837592C69} - C:\WINDOWS\System32\Ncxl.dll (file missing)
R3 - URLSearchHook: (no name) - {6A1D8066-522C-4CF9-ACEB-5FF25A2C5041} - C:\WINDOWS\System32\Qnbp.dll (file missing)
R3 - URLSearchHook: (no name) - {B18B3B28-06B7-4458-99D8-2F399625EC62} - C:\WINDOWS\System32\Lpgxj.dll (file missing)
R3 - URLSearchHook: (no name) - {F0890F75-7EB6-45D4-B881-3588AA821516} - C:\WINDOWS\System32\Ocrv.dll
R3 - URLSearchHook: (no name) - {28E36C7B-45DF-4B4E-9078-140B83CC422C} - C:\WINDOWS\System32\Qbyrl.dll
R3 - URLSearchHook: (no name) - {FDD59CDC-02BD-441F-AE4D-AFCE9EE736C1} - C:\WINDOWS\System32\Btel.dll
R3 - URLSearchHook: (no name) - {99CF9519-1C8A-4CD4-8930-43388003B336} - C:\WINDOWS\System32\Vibwu.dll
R3 - URLSearchHook: (no name) - {B80D2B7D-2594-4963-94D3-8B88342A05F8} - C:\WINDOWS\System32\Rfxmjn.dll
R3 - URLSearchHook: (no name) - {916B7303-8F81-477C-963A-DA4D25E50764} - C:\WINDOWS\System32\Snrq.dll
R3 - URLSearchHook: (no name) - {608762AD-5025-459A-B36B-DE9B281D1750} - C:\WINDOWS\System32\Pahz.dll
R3 - URLSearchHook: (no name) - {C71E694C-9E84-4846-88D8-F3163FD7714D} - C:\WINDOWS\System32\Snmpkb.dll
R3 - URLSearchHook: (no name) - {C2674F49-1EDC-4CAC-883F-9CBD4B99286D} - C:\WINDOWS\System32\Tqzos.dll
R3 - URLSearchHook: (no name) - {FE73237B-FF38-40B4-88B3-0C26E7F0145E} - C:\WINDOWS\System32\Naka.dll
R3 - URLSearchHook: (no name) - {96A445BD-29B8-4123-8F1B-88396073E87B} - C:\WINDOWS\System32\Cuwgrg.dll
R3 - URLSearchHook: (no name) - {77116183-EEAC-43E0-A7A1-4541F9EDF975} - C:\WINDOWS\System32\Ewkhg.dll
R3 - URLSearchHook: (no name) - {BA97BA2F-6328-43FD-BB8E-A8A1D8D80578} - C:\WINDOWS\System32\Jcxu.dll
R3 - URLSearchHook: (no name) - {BB8F36BD-8F35-4DF0-9F99-D87992CEDE61} - C:\WINDOWS\System32\Hbsvc.dll
R3 - URLSearchHook: (no name) - {C7BDB2E5-0ABC-41FF-B298-BB85F6D360AE} - C:\WINDOWS\System32\Kbvjlx.dll
R3 - URLSearchHook: (no name) - {4F8E8504-F6FC-4458-B010-56BD4F9775B0} - C:\WINDOWS\System32\Accfkk.dll
R3 - URLSearchHook: (no name) - {5992A189-A720-4F89-8814-7599A601403C} - C:\WINDOWS\System32\Qprcs.dll
R3 - URLSearchHook: (no name) - {37E23211-5047-4997-B65D-536F59A2DB5A} - C:\WINDOWS\System32\Hmxhik.dll
R3 - URLSearchHook: (no name) - {8DF0EED0-0456-40F6-A6AF-016ECB3067E9} - C:\WINDOWS\System32\Aqby.dll (file missing)
R3 - URLSearchHook: (no name) - {164537C4-66F6-4E8D-A6AD-E93706A562E7} - C:\WINDOWS\System32\Onumtr.dll
R3 - URLSearchHook: (no name) - {00A34C7D-BC59-4400-A5DC-BC7EEA9A70BB} - C:\WINDOWS\System32\Wsulbs.dll
R3 - URLSearchHook: (no name) - {AE0E0EF2-3B62-4ADB-8705-132F69CFF086} - C:\WINDOWS\System32\Euvkv.dll
R3 - URLSearchHook: (no name) - {7799FCE9-F8CD-4936-A2A3-A716630978E8} - C:\WINDOWS\System32\Zxbd.dll
R3 - URLSearchHook: (no name) - {64A3C144-9EEC-43C4-B78E-745EED1C1D66} - C:\WINDOWS\System32\Bacmf.dll
R3 - URLSearchHook: (no name) - {B7B4E666-33B2-4B0E-A086-EAAC7D81FD28} - C:\WINDOWS\System32\Wjqa.dll
R3 - URLSearchHook: (no name) - {F4700073-6946-435E-9DF4-B8618DD1F2F0} - C:\WINDOWS\System32\Dwbjo.dll
R3 - URLSearchHook: Tencent SearchHook - {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} - C:\Program Files\TENCENT\Adplus\SSAddr.dll
R3 - URLSearchHook: (no name) - {C5E941C4-3042-4C4E-90C5-C45261D41572} - C:\WINDOWS\System32\Rupa.dll
R3 - URLSearchHook: (no name) - {2A25AFAA-DB53-41EE-BC8C-34CB0C093C82} - C:\WINDOWS\System32\Kcrrs.dll
O2 - BHO: CNNIC_IDN - {35980F6E-A137-4E50-953D-813BB8556899} - C:\WINDOWS\System32\CdnIEHlp.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\PROGRA~1\baidu\bar\baidubar.dll
O2 - BHO: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\Program Files\3721\Assist\asbar.dll
O2 - BHO: 好看123上网精灵 - {FEDF637B-F631-4583-A210-33CC828D42DB} - C:\PROGRA~1\SUPERR~1\MagicSet\HAOKAN~1.DLL
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\Program Files\3721\Assist\asbar.dll
O3 - Toolbar: 一搜工具条 - {115F6E46-FCBC-41ed-B3B5-3BDDD4AAB5E5} - C:\Program Files\yisou\yisou.dll
O3 - Toolbar: 百度超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\PROGRA~1\baidu\bar\baidubar.dll
O3 - Toolbar: 好看123上网精灵 - {FEDF637B-F631-4583-A210-33CC828D42DB} - C:\PROGRA~1\SUPERR~1\MagicSet\HAOKAN~1.DLL
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\System32\KakaTool.dll
O3 - Toolbar: 捜狗直通车 - {DBBB7978-AF21-4EF4-9AD1-B2F4BC75696C} - C:\Program Files\P4P\ToolBar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [SysExplr] C:\HEROSOFT\Hero3000\SYSEXPLR.EXE
O4 - HKLM\..\Run: [IdnMail] C:\WINDOWS\System32\IdnMail.exe
O4 - HKLM\..\Run: [CApp] C:\WINDOWS\System32\capp.exe
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Super Rabbit SRRestore] C:\Program Files\Super Rabbit\MagicSet\srrest.exe /autosave
O4 - HKLM\..\Run: [stup.exe] C:\PROGRA~1\TENCENT\Adplus\stup.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Super Rabbit IEPro] C:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE /LOAD
O4 - Startup: 腾讯QQ.lnk = C:\Program Files\Tencent\QQ\QQ.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm
O9 - Extra button: 中文域名 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\WINDOWS\System32\CdnIEHlp.dll
O9 - Extra 'Tools' menuitem: 中文域名 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\WINDOWS\System32\CdnIEHlp.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O11 - Options group: [!CNS]  上网助手-地址栏搜索
O11 - Options group: [TBH]  搜搜地址栏搜索
O16 - DPF: {52DF16E3-6C4F-4B22-8BAF-09263E463B48} (金山毒霸在线产品升级) - http://zs.kingsoft.com/KOSInit.cab
O20 - AppInit_DLLs: C:\WINDOWS\System32\SoDAHK.DLL
O20 - Winlogon Notify: igfxcui - igfxsrvc.dll (file missing)
O23 - Service: P4P Service - Sohu.com Inc. - C:\Program Files\Common Files\Sogou PXP\p2psvr.exe
O23 - Service: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe
O23 - Service: SmartLinkService (SLService) -  - C:\WINDOWS\SYSTEM32\slserv.exe

最后编辑2006-06-23 14:24:28