HijackThis_zww汉化版扫描日志 V1.99.1
保存于 14:40:14, 日期 2006-02-21
操作系统: Windows XP SP2 (WinNT 5.01.2600)
浏览器: Internet Explorer v6.00 SP2 (6.00.2900.2180)
当前运行的进程:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rising\Rav\Ravmond.exe
c:\program files\rising\rfw\rfwsrv.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\rising\rfw\RfwMain.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Rising\Rav\RavStub.exe
C:\WINDOWS\system32\crypserv.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Kingsoft\KingPlayerShare\cdsprite.exe
C:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\ctfmon.exe
F:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\svchost.exe
F:\Program Files\Maxthon\Maxthon.exe
C:\Program Files\jj4\jjsvr4.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\new\LOCALS~1\Temp\Rar$EX00.602\HijackThis1991zww.exe
R3 - URLSearchHook: MyURLSearchHook Class - {982CB676-38F0-4D9A-BB72-D9371ABE876E} - C:\Program Files\P4P\ToolBar.dll (file missing)
O1 - Hosts: 66.249.89.104 www.google.com
O1 - Hosts: 207.46.19.60 www.microsoft.com
O1 - Hosts: 202.108.23.82 www.hao123.com
O1 - Hosts: 211.147.225.174 www.aqioo.com
O1 - Hosts: 207.46.19.60 www.microsoft.com
O1 - Hosts: 207.46.19.60 www.microsoft.com
O1 - Hosts: 211.147.5.89 jp.u88.cn
O1 - Hosts: 222.36.45.117 bbs.imobile.com.cn
O1 - Hosts: 207.46.19.60 www.microsoft.com
O1 - Hosts: 202.108.23.58 cache.baidu.com
O1 - Hosts: 207.46.19.60 www.microsoft.com
O1 - Hosts: 211.154.222.56 www.cctv.com
O1 - Hosts: 202.108.119.194 www3.xinhuanet.com
O1 - Hosts: 218.30.82.62 www.iciba.net
O1 - Hosts: 202.109.116.4 www.21softs.com
O1 - Hosts: 202.165.102.127 assistant.3721.com
O1 - Hosts: 211.93.137.139 down.sanhaoonline.com
O1 - Hosts: 218.16.120.18 www.linkwan.com
O1 - Hosts: 202.101.42.62 www.dreye.com.cn
O1 - Hosts: 61.135.152.20 bn.sina.com.cn
O1 - Hosts: 202.101.43.16 www.crsky.com
O1 - Hosts: 202.102.249.40 www.mydrivers.com
O1 - Hosts: 218.22.216.26 www.ftpdown.com
O1 - Hosts: 61.141.8.37 soft.winzheng.com
O1 - Hosts: 218.93.114.213 www.hanzify.org
O1 - Hosts: 218.15.189.70 www.ylmf.net
O1 - Hosts: 61.130.48.58 www.51ct.cn
O1 - Hosts: 61.130.48.58 www.51ct.cn
O1 - Hosts: 202.104.236.79 www.gz126.cn
O1 - Hosts: 61.184.104.252 www.papac.net
O1 - Hosts: 219.150.221.62 soft.mumayi.net
O1 - Hosts: 61.143.210.48 www.jujumao.com
O1 - Hosts: 218.107.216.116 bbs.winzheng.com
O1 - Hosts: 211.142.183.44 www.tomatolei.com
O1 - Hosts: 202.104.236.79 www.gz126.cn
O1 - Hosts: 218.75.46.230 liujing.qq.topzj.com
O1 - Hosts: 61.235.153.16 bbs.366tian.net
O1 - Hosts: 58.215.65.189 www.1dai.net
O1 - Hosts: 61.129.15.73 www.chinadforce.com
O1 - Hosts: 219.150.217.98 www.5icrack.com
O1 - Hosts: 218.85.133.140 bbs.wuyou.com
O1 - Hosts: 218.22.223.163 www.gupin.com
O1 - Hosts: 218.244.47.45 bbs.mumayi.net
O1 - Hosts: 202.111.171.89 www.jltg.com.cn
O1 - Hosts: 61.143.210.48 bt.jujumao.com
O1 - Hosts: 61.135.150.230 alumni.chinaren.com
O1 - Hosts: 218.30.82.62 www.iciba.net
O1 - Hosts: 218.62.81.131 www.psedu.com.cn
O1 - Hosts: 210.192.120.109 www.pscity.cn
O1 - Hosts: 218.62.82.99 www.pszx.com
O1 - Hosts: 202.105.31.85 www.tcyg.net
O1 - Hosts: 58.215.74.220 music.563.net
O1 - Hosts: 218.25.212.66 www.dbxk.com
O1 - Hosts: 221.8.18.8 www.cc163.net
O1 - Hosts: 59.36.96.157 www.tvren.com
O1 - Hosts: 218.65.22.51 v.77558.com
O1 - Hosts: 61.138.179.28 www.365online.com.cn
O1 - Hosts: 222.161.120.220 www.jlitw.com
O1 - Hosts: 222.162.227.3 www.jledu.com.cn
O1 - Hosts: 218.25.253.161 www.139shop.com
O1 - Hosts: 218.25.212.66 www.dbxk.com
O1 - Hosts: 202.98.5.130 www.jl.jl.cn
O1 - Hosts: 219.239.88.110 www.yesky.com
O1 - Hosts: 61.139.126.111 www.020sj.com
O1 - Hosts: 211.157.108.133 www.yougood.cn
O1 - Hosts: 210.51.168.81 www.jiji.com.cn
O1 - Hosts: 218.27.4.211 sh.shuangliao.gov.cn
O1 - Hosts: 210.22.14.79 www.znbao.com
O1 - Hosts: 210.51.187.65 lgch.hongbage.net
O1 - Hosts: 202.108.39.36 lanchun.114.163.com
O1 - Hosts: 60.28.24.70 tj.28.com
O1 - Hosts: 61.135.150.230 alumni.chinaren.com
O1 - Hosts: 211.152.51.64 www.zlhj.com
O1 - Hosts: 202.99.176.250 www.1ting.com
O1 - Hosts: 210.72.224.109 www.smartor.cn
O1 - Hosts: 220.181.31.3 liyulan.nease.net
O1 - Hosts: 219.133.37.148 www.liwenxiu.com
O1 - Hosts: 61.129.45.87 www.59ok.com
O1 - Hosts: 61.135.151.48 club.women.sohu.com
O1 - Hosts: 218.28.71.133 www.51gongwen.com
O1 - Hosts: 202.108.43.230 mail.sina.com.cn
O1 - Hosts: 222.84.119.167 www.lbsedu.com
O1 - Hosts: 218.3.207.8 www.fxjy.cn
O1 - Hosts: 211.144.44.15 www.ycjx.com
O1 - Hosts: 60.28.252.90 www.qihoo.com
O1 - Hosts: 219.133.41.135 love.qq.com
O1 - Hosts: 218.22.223.163 bbs.51ct.cn
O1 - Hosts: 218.5.78.250 www.xingming.net
O1 - Hosts: 210.52.223.98 www.newshop.com.cn
O1 - Hosts: 218.65.22.51 v.77558.com
O1 - Hosts: 222.73.4.70 www.zygb.com
O1 - Hosts: 222.73.10.66 www.chenxiangxie.com
O1 - Hosts: 61.128.196.137 www.cn-comic.com
O1 - Hosts: 61.128.169.83 www.manku8.com
O1 - Hosts: 210.72.239.168 bbs.hackbase.com
O1 - Hosts: 202.108.33.23 blog.sina.com.cn
O1 - Hosts: 210.22.14.79 www.uptu.com
O1 - Hosts: 220.189.232.226 bbs.comic.cn
O1 - Hosts: 219.153.18.143 www.galgame.net
O1 - Hosts: 218.108.238.106 ayumifans.home.sunbo.net
O1 - Hosts: 61.139.76.135 www.kj333.com
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v8.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - F:\Program Files\QQ2005\QQ\QQIEHelper.dll
O2 - BHO: DuDu.com - {6BDE1669-B490-48E3-B668-456314F2D6C3} - C:\Program Files\DuDu\DddClient\dddiemon.dll
O3 - IE工具栏增项: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\DOCUME~1\new\LOCALS~1\Temp\Rar$EX00.729\file\common\support\msdxm.ocx (file missing)
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [C-Media Speaker Configuration] G:\Sound\sound\1060100000200\WIN2K_XP\Setup.exe /SPEAKER
O4 - 启动项HKLM\\Run: [Cmaudio] RunDll32 cmicnfg.dll,CMICtrlWnd
O4 - 启动项HKLM\\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE USB PC Camera 301P
O4 - 启动项HKLM\\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - 启动项HKLM\\Run: [kpcdst] C:\Program Files\Kingsoft\KingPlayerShare\cdsprite.exe
O4 - 启动项HKLM\\Run: [NMGameX_AutoRun] ; C:\WINDOWS\system32\Rundll32.exe NMGameX.dll,LiveProcess /aa
O4 - 启动项HKLM\\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [boot-hf] c:\windows\BOOT-hf.exe
O4 - HKCU\..\Run: [Super Rabbit IEPro] F:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE /LOAD
O4 - Startup: 新浪UC.lnk = F:\Program Files\sina\UC\uc.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: DuDu下载加速器.lnk = C:\Program Files\DuDu\DddClient\DuDuAcc.exe
O8 - IE右键菜单中的新增项目: 使用KuGoo3下载(&K) - F:\酷狗(KuGoo) V3.100(去广告)绿色\KuGoo3DownX.htm
O8 - IE右键菜单中的新增项目: 使用迅雷下载 - F:\Program Files\Thunder Network\Thunder\geturl.htm
O8 - IE右键菜单中的新增项目: 使用迅雷下载全部链接 - F:\Program Files\Thunder Network\Thunder\getAllurl.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - F:\Program Files\QQ2005\QQ\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用比特精灵下载(&B) - F:\Program Files\BitSpirit\bsurl.htm
O9 - 浏览器额外的按钮: 新浪UC - {2253922F-1B26-4C74-8B57-E3AEE748DBB8} - F:\Program Files\sina\UC\uc.exe
O9 - 浏览器额外的按钮: Yahoo 1G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail (file missing)
O9 - 浏览器额外的按钮: 寻宝乐趣多 - {59BC54A2-56B3-44a0-93E5-432D58746E26} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=taobao (file missing)
O9 - 浏览器额外的按钮: 雅虎助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist (file missing)
O9 - 浏览器额外的按钮: (no name) - {D5C1CCC2-811B-4bf2-BF22-0D3B89600F5B} - (no file)
O9 - 浏览器额外的按钮: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - F:\Program Files\QQ2005\QQ\QQIEHelper.dll
O9 - 浏览器额外的“工具”菜单项: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - F:\Program Files\QQ2005\QQ\QQIEHelper.dll
O9 - 浏览器额外的按钮: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/ (file missing)
O9 - 浏览器额外的按钮: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing)
O9 - 浏览器额外的“工具”菜单项: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing)
O9 - 浏览器额外的按钮: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing)
O9 - 浏览器额外的“工具”菜单项: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing)
O16 - DPF: {3D8F74EE-8692-4F8F-B8D2-7522E732519E} (WebActivater Control) - http://game.qq.com/QQGame2.cab
O16 - DPF: {88734439-46D0-42C0-A13F-7E881EE550CF} (Filetran Control) - http://www.bluesky.cn/download/filetran.cab
O16 - DPF: {D0A29C6C-AA71-4423-8C4A-5998B774C448} (IEDown Class) - http://download.ourgame.com/IEDown4.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5DBA23D7-D972-4B21-803E-62C73DF94D0E}: NameServer = 202.98.0.68 202.98.5.68
O20 - Winlogon Notify: System Safety Monitor - C:\WINDOWS\SYSTEM32\SSMWinlogonEx.dll
O23 - NT 服务: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - NT 服务: Rising Proxy Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe
O23 - NT 服务: System Safety Monitor (SSM) - System Safety - F:\Program Files\System Safety Monitor\SSMService.exe
