日志文件: 趋势科技 HijackThis v2.0.0 (BETA) 保存时间: 8:54:02, on 2009-3-25 操作系统: Windows 2000 SP4 (WinNT 5.00.2195) 启动模式: 正常 正在运行的进程: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\PROGRAM FILES\RISING\RAV\ravmond.exe C:\WINNT\system32\watchclient.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\WINNT\System32\msdtc.exe C:\WINNT\system32\vrvrf_c.exe C:\WINNT\system32\VrvEdp_m.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\hidserv.exe C:\WINNT\System32\llssrv.exe C:\WINNT\system32\Vrvsafec.exe C:\WINNT\System32\nvsvc32.exe C:\WINNT\Explorer.EXE C:\Program Files\Rising\Rav\RavService.exe C:\WINNT\system32\regsvc.exe C:\Program Files\Rising\Rav\CCenter.exe C:\WINNT\system32\MSTask.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\Dfssvc.exe C:\WINNT\System32\inetsrv\inetinfo.exe C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe C:\WINNT\SOUNDMAN.EXE C:\Program Files\Rising\Rav\RavTray.exe C:\Program Files\EasyShutDownPro\EasyShutDownPro.exe C:\WINNT\system32\rundll32.exe C:\Program Files\Rising\Rav\RavTask.exe C:\WINNT\system32\ctfmon.exe C:\Program Files\Rising\Rav\Ravmon.exe C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe C:\WINNT\System32\svchost.exe C:\Program Files\360\360Safe\safemon\360tray.exe C:\WINNT\system32\conime.exe C:\Program Files\Rising\Rav\Rav.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINNT\System32\mdm.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.609\HA_HijackThisv2_PP\HiJackThis_v2.exe O2 - BHO: SafeMon Class - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} - C:\Program Files\360\360Safe\safemon\safemon.dll O3 - 工具栏: @msdxmLC.dll,-1@2052,电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx O4 - HKUS\.DEFAULT\..\Run: [Internat.exe] internat.exe (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user') O4 - Global Startup: 服务管理器.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe O8 - 扩展右键菜单项: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O14 - IERESET.INF: SEARCH_PAGE_URL= O14 - IERESET.INF: START_PAGE_URL= O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINNT\System32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINNT\System32\browseui.dll O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe O23 - Service: RavService - Beijing Rising Information Technology Co., Ltd. - C:\Program Files\Rising\Rav\RavService.exe O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Information Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe O23 - Service: Rising RealTime Monitor (RsRavMon) - Beijing Rising Information Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\Ravmond.exe O23 - Service: VRVWatchServer - Unknown owner - C:\WINNT\system32\watchclient.exe -- 文件结束 - 3603 字节