HijackThis_815汉化版扫描日志 V1.99.1
保存于 20:06:12, 日期 2006-7-13
操作系统: Windows XP SP2 (WinNT 5.01.2600)
浏览器: Internet Explorer v6.00 SP2 (6.00.2900.2180)
当前运行的进程:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rising\Rav\Ravmond.exe
C:\WINDOWS\Explorer.EXE
c:\program files\rising\rfw\rfwsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Rising\Rav\RavStub.exe
c:\program files\rising\rfw\RfwMain.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Program Files\木马清道夫\Trojanwall.exe
C:\Program Files\Rising\Rav\RavTask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\JetCar-v1.71\FlashGet.exe
D:\Program Files\Hijackthis1991zww\HijackThis1991zww.exe
O2 - BHO: (no name) - {01746EED-2FAF-4847-ACEF-00CEF266CCE4} - C:\WINDOWS\system32\Qdliw.dll
O2 - BHO: (no name) - {06BE65D2-7798-4D79-8358-008CAD08CDCA} - C:\WINDOWS\system32\Ueelv.dll (file missing)
O2 - BHO: (no name) - {08689B6C-8FCE-4FBE-B44E-18F991365349} - C:\WINDOWS\system32\Mlsie.dll
O2 - BHO: (no name) - {0E3DABB3-996B-406C-BB05-86AE16DA5A17} - C:\WINDOWS\system32\Guqrra.dll
O2 - BHO: (no name) - {108FB36B-121A-41BA-AE9B-C4CB54C08F3B} - C:\WINDOWS\system32\Wkkif.dll (file missing)
O2 - BHO: (no name) - {126666CB-455B-4B13-9018-FFB4963612EA} - C:\WINDOWS\system32\Estnbx.dll
O2 - BHO: (no name) - {20AAB7BD-9780-4528-AB88-88E999AA0F91} - C:\WINDOWS\system32\Sbozmf.dll (file missing)
O2 - BHO: (no name) - {218ED04E-AE8C-4AA1-B99B-8D19FF3E17C5} - C:\WINDOWS\system32\Vpvwc.dll (file missing)
O2 - BHO: BrowserHelper Class - {2D99E8F4-56B7-457B-9A92-61B5D247D263} - C:\WINDOWS\system32\WinDefendor.dll (file missing)
O2 - BHO: CNNIC_IDN - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll (file missing)
O2 - BHO: (no name) - {414E3255-8345-4F02-9E18-BCFCF8C9718F} - C:\WINDOWS\system32\Sqdk.dll (file missing)
O2 - BHO: (no name) - {438DECB4-50BE-48F5-8894-819BFF382954} - C:\WINDOWS\system32\Fcagwp.dll (file missing)
O2 - BHO: (no name) - {466649CE-ED40-4F3D-9D0E-F992CF4460AA} - C:\WINDOWS\system32\Juww.dll (file missing)
O2 - BHO: Yahoo Ie-Bar - {4FCE0A2B-6D48-4B22-AD7A-1ACACABC0B38} - C:\WINDOWS\twuenk_16.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - E:\Program Files\Tencent\QQ\QQIEHelper.dll
O2 - BHO: (no name) - {5B12488D-6808-41A8-AB82-39B4331CE8D9} - C:\WINDOWS\system32\Imse.dll (file missing)
O2 - BHO: (no name) - {6900707B-CC4D-43AA-B91D-C42E55B545C1} - C:\WINDOWS\system32\Ozyi.dll (file missing)
O2 - BHO: (no name) - {6F73DF53-A32C-416E-B403-D845F933F14F} - C:\WINDOWS\system32\Ujon.dll
O2 - BHO: (no name) - {71DDEECF-2C4D-4080-A77A-500D71F59238} - C:\WINDOWS\system32\Nvso.dll (file missing)
O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\PROGRA~1\baidu\bar\baidubar.dll
O2 - BHO: (no name) - {7B1A9691-7602-4A9E-8908-A0FCE6F3CD0C} - C:\WINDOWS\system32\Yobds.dll
O2 - BHO: (no name) - {7B702E33-DE6B-4A42-A963-D14CB632791A} - C:\WINDOWS\system32\Lmfzk.dll
O2 - BHO: (no name) - {7CAC3FC6-208A-497E-B834-125DE54ADB9A} - C:\WINDOWS\system32\Fanvw.dll (file missing)
O2 - BHO: (no name) - {7E06DC70-0E45-4D15-B80A-40FE2FCE1C07} - C:\WINDOWS\system32\Ryniqb.dll
O2 - BHO: (no name) - {95B82BFF-53DC-4664-A9E0-B32F66FD6796} - C:\WINDOWS\system32\Stcg.dll
O2 - BHO: (no name) - {95D1603C-4B78-4A17-9730-2F9CB60AFF96} - C:\WINDOWS\system32\Rzrofl.dll
O2 - BHO: (no name) - {98EFDDD6-F5D4-4E49-94C4-AD039550825F} - C:\WINDOWS\system32\Owsir.dll
O2 - BHO: (no name) - {9B4CAB64-C013-4B38-94D2-96BB41535378} - C:\WINDOWS\system32\Daeeew.dll (file missing)
O2 - BHO: (no name) - {A11CA416-4250-44AD-AE6A-EF4DA045FB61} - C:\WINDOWS\system32\Dovjz.dll (file missing)
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O2 - BHO: (no name) - {B6884266-8D28-40E9-B2A5-9B769A7B7292} - C:\WINDOWS\system32\Mdlhu.dll (file missing)
O2 - BHO: (no name) - {BD3F3001-7BC0-4676-81C6-A79C31290759} - C:\WINDOWS\system32\Bubw.dll (file missing)
O2 - BHO: (no name) - {D188BB0F-AB8B-42AA-9F0E-C7C1BFAD3588} - C:\WINDOWS\system32\Cnnjlr.dll
O2 - BHO: (no name) - {E4AE99AD-57E7-4C5F-B5AB-BF3E56114339} - C:\WINDOWS\system32\Podhw.dll (file missing)
O2 - BHO: (no name) - {E5E81550-A5E7-47C7-9E39-5F5C408024E3} - C:\WINDOWS\system32\Xrqhbz.dll (file missing)
O2 - BHO: (no name) - {F2E14B18-07BD-4799-8E68-27EB817FC2A6} - C:\WINDOWS\system32\Ukbuwa.dll (file missing)
O2 - BHO: (no name) - {F8A4FFFC-8BDE-4311-82A6-5B4031B3D44F} - C:\WINDOWS\system32\Cmpgrr.dll
O3 - IE工具栏增项: 百度超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\PROGRA~1\baidu\bar\baidubar.dll
O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - 启动项HKLM\\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - 启动项HKLM\\Run: [桌面图标文字自动透明] D:\Program Files\优化大师\wom\WinMem.exe XP
O4 - 启动项HKLM\\Run: [Windows木马防火墙] D:\Program Files\木马清道夫\Trojanwall.exe
O4 - 启动项HKLM\\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - 启动项HKLM\\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\RunOnce: [RavStub] "C:\Program Files\Rising\Rav\ravstub.exe" /RUNONCE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - E:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - D:\Program Files\JetCar-v1.71\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - D:\Program Files\JetCar-v1.71\jc_all.htm
O8 - IE右键菜单中的新增项目: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - E:\Program Files\Tencent\QQ\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - E:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - E:\Program Files\Tencent\QQ\SendMMS.htm
O9 - 浏览器额外的按钮: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll (file missing)
O9 - 浏览器额外的“工具”菜单项: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll (file missing)
O9 - 浏览器额外的按钮: 微软 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.microsoft.com/china/index.htm (file missing)
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\Program Files\Tencent\QQ\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\Program Files\Tencent\QQ\QQ.EXE
O9 - 浏览器额外的按钮: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - E:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - 浏览器额外的“工具”菜单项: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - E:\Program Files\Tencent\QQ\QQIEHelper.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O17 - HKLM\System\CCS\Services\Tcpip\..\{41599A2C-F925-48CD-9E77-E199E0CEF8B8}: NameServer = 202.103.225.68,202.103.224.68
O17 - HKLM\System\CCS\Services\Tcpip\..\{53286206-7D29-4A43-994F-402DFCD2D071}: NameServer = 202.103.225.68 202.103.224.68
O18 - 列举现有的协议: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Corporation Limited - c:\program files\rising\rfw\rfwsrv.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe
