HijackThis_815汉化版扫描日志 V1.99.1
保存于 9:31:04, 日期 2006-9-12
操作系统: Windows XP SP2 (WinNT 5.01.2600)
浏览器: Internet Explorer v6.00 SP2 (6.00.2900.2180)
当前运行的进程:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
E:\瑞星杀毒\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
D:\Program Files\Rising\Rav\Ravmond.exe
d:\软件\瑞星防火墙\rising\rfw\rfwsrv.exe
C:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Rising\Rav\RavStub.exe
C:\WINDOWS\Explorer.EXE
d:\软件\瑞星防火墙\rising\rfw\RfwMain.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\Rising\Rav\RavTask.exe
D:\Program Files\Rising\Rav\Ravmon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\conime.exe
C:\WINDOWS\system32\taskmgr.exe
D:\软件\超级兔子\MagicSet\srtask.exe
C:\WINDOWS\system32\wscntfy.exe
F:\词霸豆豆\iciba\Iciba.exe
C:\Program Files\济宁货运网\济宁货运网\Client.exe
D:\Program Files\Rising\Rav\Rav.exe
D:\QQ2006软件2\QQ.exe
D:\QQ2006软件2\TIMPlatform.exe
D:\QQ2006软件2\QQ.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Thunder Network\WebThunder\WebThunder.exe
E:\全国物流网\wl2006.exe
D:\软件\木马克星\HijackThis1991zww.exe
R3 - 默认的URLSearchHook丢失。用HijackThis修复
O2 - BHO: (no name) - {2A0176FE-008B-4706-90F5-BBA532A49731} - (no file)
O3 - IE工具栏增项: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\kakatool.dll
O4 - 启动项HKLM\\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - 启动项HKLM\\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [ayi1qfw] RunDll32 "C:\WINDOWS\Downlo~1\ayi1qfw.dll",Run
O4 - 启动项HKLM\\Run: [RavTask] "D:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [tce0okc2] RunDll32 "C:\WINDOWS\Downlo~1\tce0okc2.dll",Run
O4 - 启动项HKLM\\Run: [Super Rabbit SRRestore] D:\软件\超级兔子\MAGICSET\SRRest.exe /autosave
O4 - 启动项HKLM\\Run: [Super Rabbit SafeEdit] D:\软件\超级兔子\MagicSet\SRFC.EXE /Load
O4 - 启动项HKLM\\Run: [hye] RunDll32 "C:\WINDOWS\Downlo~1\hye.dll",Run
O4 - 启动项HKLM\\Run: [giuj] RunDll32 "C:\WINDOWS\Downlo~1\giuj.dll",Run
O4 - 启动项HKLM\\Run: [hvw] RunDll32 "C:\WINDOWS\Downlo~1\hvw.dll",Run
O4 - 启动项HKLM\\Run: [ogag] RunDll32 "C:\WINDOWS\Downlo~1\ogag.dll",Run
O4 - 启动项HKLM\\Run: [ei5] RunDll32 "C:\WINDOWS\Downlo~1\ei5.dll",Run
O4 - 启动项HKLM\\Run: [m0ze70y7] RunDll32 "C:\WINDOWS\Downlo~1\m0ze70y7.dll",Run
O4 - 启动项HKLM\\Run: [m53gnq] RunDll32 "C:\WINDOWS\Downlo~1\m53gnq.dll",Run
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - 启动项HKLM\\Run: [m68] RunDll32 "C:\WINDOWS\Downlo~1\m68.dll",Run
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: 壁纸自动换.lnk = C:\WINDOWS\system32\bgswitch.exe
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - D:\QQ2006软件2\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - D:\QQ2006软件2\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - D:\QQ2006软件2\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - D:\QQ2006软件2\SendMMS.htm
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - NT 服务: Rising Proxy Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - d:\软件\瑞星防火墙\rising\rfw\rfwproxy.exe
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - d:\软件\瑞星防火墙\rising\rfw\rfwsrv.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - E:\瑞星杀毒\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\Program Files\Rising\Rav\Ravmond.exe
O23 - NT 服务: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe (file missing)
