这是什么动西,每次开机都报错电脑全方位 Computer Guide 狗狗静电BBS - wwW.DoGGiEhoMe.CoM

查看完整版本: [-- 这是什么动西,每次开机都报错 --]

狗狗静电BBS - wwW.DoGGiEhoMe.CoM -> 电脑全方位 Computer Guide -> 这是什么动西,每次开机都报错 [打印本页]

登录 -> 注册 -> 回复主题 -> 发表主题

1970

2007-01-28 12:03

Logfile of HijackThis v1.99.1
Scan saved at 11:39:19, on 2007-1-28
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rising\Rav\Ravmond.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rising\Rav\RavTask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\1xClient.dll
C:\WINDOWS\system32\conime.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Maxthon\Maxthon.exe
C:\Documents and Settings\m.M-04F99F7AC26D4\桌面\ha_hijackthis_1991\HijackThis.exe

O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O2 - BHO: jsss - {AB3BAE61-8BA9-4063-AC44-469A82D58F40} - C:\PROGRA~1\COMMON~1\syyi\wccm.dll (file missing)
O2 - BHO: 5999 - {DFCB34B6-902D-426E-AE2B-1B294AE19F4F} - C:\WINDOWS\system32\4c52ntos.dll
O3 - Toolbar: 华彩即时讯息通(&C) - {8666E0BE-132E-4712-B7BD-141153889CE1} - C:\WINDOWS\system32\smsband2005.dll (file missing)
O3 - Toolbar: 5999 - {DFCB34B6-902D-426E-AE2B-1B294AE19F4F} - C:\WINDOWS\system32\4c52ntos.dll
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\Tencent\qq\AddToNetDisk.htm
O8 - Extra context menu item: 使用网际快车下载 - C:\Program Files\FLASHGET\SubDirectory\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - C:\Program Files\FLASHGET\SubDirectory\jc_all.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\Tencent\qq\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\qq\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\Tencent\qq\SendMMS.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1149477333416
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1166249782531
O16 - DPF: {E787FD25-8D7C-4693-AE67-9406BC6E22DF} (CPasswordEditCtrl Object) - https://password.qq.com/download/qqedit.cab
O20 - Winlogon Notify: cryptimg - C:\WINDOWS\SYSTEM32\cryptimg.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - Service: Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe
O23 - Service: Provisioning Transaction Service (ttt_14) - Unknown owner - C:\WINDOWS\system32\win.exe (file missing)

冰湖小生

2007-01-28 13:38

Quote:

O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O2 - BHO: jsss - {AB3BAE61-8BA9-4063-AC44-469A82D58F40} - C:\PROGRA~1\COMMON~1\syyi\wccm.dll (file missing)
O2 - BHO: 5999 - {DFCB34B6-902D-426E-AE2B-1B294AE19F4F} - C:\WINDOWS\system32\4c52ntos.dll
O3 - Toolbar: 华彩即时讯息通(&C) - {8666E0BE-132E-4712-B7BD-141153889CE1} - C:\WINDOWS\system32\smsband2005.dll (file missing)
O3 - Toolbar: 5999 - {DFCB34B6-902D-426E-AE2B-1B294AE19F4F} - C:\WINDOWS\system32\4c52ntos.dll
O8 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\Tencent\qq\AddToNetDisk.htm
O8 - Extra context menu item: 使用网际快车下载 - C:\Program Files\FLASHGET\SubDirectory\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - C:\Program Files\FLASHGET\SubDirectory\jc_all.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\Tencent\qq\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\qq\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\Tencent\qq\SendMMS.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

以上项目可以安全修复。

特别要注意的是

Quote:

O20 - Winlogon Notify: cryptimg - C:\WINDOWS\SYSTEM32\cryptimg.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
和
O23 - Service: Provisioning Transaction Service (ttt_14) - Unknown owner - C:\WINDOWS\system32\win.exe (file missing)

这三个初步怀疑为木马或病毒。请用安全卫士360再检查一遍。

1970	2007-01-28 14:09
安全卫士360查不出,优化大师也不行

查看完整版本: [-- 这是什么动西,每次开机都报错 --] [-- top --]

Powered by PHPWind v6.0 Code © 2003-05 PHPWind
Gzip enabled

You can contact us