本页主题: 这是什么动西,每次开机都报错 打印 | 加为IE收藏 | 复制链接 | 收藏主题 | 上一主题 | 下一主题

1970
级别: 圣骑士


精华: 0
发帖: 160
威望: 84 点
金钱: 754 静电币
支持度: 0 点
在线时间:40(小时)
注册时间:2002-12-03
最后登录:2021-04-09

 这是什么动西,每次开机都报错

Logfile of HijackThis v1.99.1
Scan saved at 11:39:19, on 2007-1-28
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rising\Rav\Ravmond.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rising\Rav\RavTask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\1xClient.dll
C:\WINDOWS\system32\conime.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Maxthon\Maxthon.exe
C:\Documents and Settings\m.M-04F99F7AC26D4\桌面\ha_hijackthis_1991\HijackThis.exe

O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O2 - BHO: jsss - {AB3BAE61-8BA9-4063-AC44-469A82D58F40} - C:\PROGRA~1\COMMON~1\syyi\wccm.dll (file missing)
O2 - BHO: 5999 - {DFCB34B6-902D-426E-AE2B-1B294AE19F4F} - C:\WINDOWS\system32\4c52ntos.dll
O3 - Toolbar: 华彩即时讯息通(&C) - {8666E0BE-132E-4712-B7BD-141153889CE1} - C:\WINDOWS\system32\smsband2005.dll (file missing)
O3 - Toolbar: 5999 - {DFCB34B6-902D-426E-AE2B-1B294AE19F4F} - C:\WINDOWS\system32\4c52ntos.dll
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\Tencent\qq\AddToNetDisk.htm
O8 - Extra context menu item: 使用网际快车下载 - C:\Program Files\FLASHGET\SubDirectory\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - C:\Program Files\FLASHGET\SubDirectory\jc_all.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\Tencent\qq\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\qq\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\Tencent\qq\SendMMS.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1149477333416
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1166249782531
O16 - DPF: {E787FD25-8D7C-4693-AE67-9406BC6E22DF} (CPasswordEditCtrl Object) - https://password.qq.com/download/qqedit.cab
O20 - Winlogon Notify: cryptimg - C:\WINDOWS\SYSTEM32\cryptimg.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - Service: Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe
O23 - Service: Provisioning Transaction Service (ttt_14) - Unknown owner - C:\WINDOWS\system32\win.exe (file missing)
寒风烈火更番过
地狱原来在我身
Posted: 2007-01-28 12:03 | [楼 主]
冰湖小生
生前何必久睡, 死后自会长眠
级别: 论坛版主


精华: 0
发帖: 1120
威望: 401 点
金钱: 557 静电币
支持度: 11976 点
在线时间:200(小时)
注册时间:2005-05-27
最后登录:2011-11-25

 

Quote:
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O2 - BHO: jsss - {AB3BAE61-8BA9-4063-AC44-469A82D58F40} - C:\PROGRA~1\COMMON~1\syyi\wccm.dll (file missing)
O2 - BHO: 5999 - {DFCB34B6-902D-426E-AE2B-1B294AE19F4F} - C:\WINDOWS\system32\4c52ntos.dll
O3 - Toolbar: 华彩即时讯息通(&C) - {8666E0BE-132E-4712-B7BD-141153889CE1} - C:\WINDOWS\system32\smsband2005.dll (file missing)
O3 - Toolbar: 5999 - {DFCB34B6-902D-426E-AE2B-1B294AE19F4F} - C:\WINDOWS\system32\4c52ntos.dll
O8 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\Tencent\qq\AddToNetDisk.htm
O8 - Extra context menu item: 使用网际快车下载 - C:\Program Files\FLASHGET\SubDirectory\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - C:\Program Files\FLASHGET\SubDirectory\jc_all.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\Tencent\qq\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\qq\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\Tencent\qq\SendMMS.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

以上项目可以安全修复。

特别要注意的是
Quote:
O20 - Winlogon Notify: cryptimg - C:\WINDOWS\SYSTEM32\cryptimg.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\

O23 - Service: Provisioning Transaction Service (ttt_14) - Unknown owner - C:\WINDOWS\system32\win.exe (file missing)

这三个初步怀疑为木马或病毒。请用安全卫士360再检查一遍。
偶尔出来吓一回人也无妨。。。
电脑有问题?到『电脑全方位』来吧!专家会给您满意的答复
Posted: 2007-01-28 13:38 | 1 楼
帖子浏览记录 版块浏览记录
狗狗静电BBS - wwW.DoGGiEhoMe.CoM » 电脑全方位 Computer Guide

沪ICP备05008186号
Powered by PHPWind Styled by MagiColor