HijackThis_zww汉化版扫描日志 V1.99.1
保存于      22:22:36, 日期 2007-7-27
操作系统：  Windows XP SP2 (WinNT 5.01.2600)
浏览器：    Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程：         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
C:\WINDOWS\system32\spoolsv.exe
D:\卡巴6.0\avp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
c:\windows\system32\bq10\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\WINDOWS\explorer.exe
D:\卡巴6.0\avp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\user\桌面\HijackThis1991zww.exe

O1 - Hosts: 218.153.65.158 localhost
O1 - Hosts: 218.153.65.158 www.dj3344.com
O1 - Hosts: 218.153.65.158 www.qq168.net
O1 - Hosts: 218.153.65.158 www.777888.com
O1 - Hosts: 218.153.65.158 www.5dsoft.com
O1 - Hosts: 218.153.65.158 www.wokoo.net
O1 - Hosts: 218.153.65.158 movie.sx.zj.cn
O1 - Hosts: 218.153.65.158 yeaple.com
O1 - Hosts: 218.153.65.158 xyxy68.8u8.net
O1 - Hosts: 218.153.65.158 www.youmiss.com
O1 - Hosts: 218.153.65.158 www.cctv8.net
O1 - Hosts: 218.153.65.158 www.kuliao.com
O1 - Hosts: 218.153.65.158 www.yyqy.com
O1 - Hosts: 218.153.65.158 winzheng.126.com
O1 - Hosts: 218.153.65.158 www.sunvod.com
O1 - Hosts: 218.153.65.158 www.t168.com
O1 - Hosts: 218.153.65.158 www.boliwo.com
O1 - Hosts: 218.153.65.158 www.coolcdrom.com
O1 - Hosts: 218.153.65.158 www.zhengdian.com
O1 - Hosts: 218.153.65.158 girlchinese.com
O1 - Hosts: 218.153.65.158 www.yibinren.com
O1 - Hosts: 218.153.65.158 www.mtv51.com
O1 - Hosts: 218.153.65.158 www.163[1].com
O1 - Hosts: 218.153.65.158 www.37021.com
O1 - Hosts: 218.153.65.158 www.cnqb.net
O1 - Hosts: 218.153.65.158 www.qq3344.com
O1 - Hosts: 218.153.65.158 www.qq3344.net
O1 - Hosts: 218.153.65.158 youlove.3322.net
O1 - Hosts: 218.153.65.158 www.58589.com
O1 - Hosts: 218.153.65.158 www.ftlink.net
O1 - Hosts: 218.153.65.158 home.kimo.com.tw/avnvyou520/
O1 - Hosts: 218.153.65.158 www.pixpox.com
O1 - Hosts: 218.153.65.158 www.k163.com
O1 - Hosts: 218.153.65.158 www.pk.com
O1 - Hosts: 218.153.65.158 www.xxx.com
O1 - Hosts: 218.153.65.158 204.177.92.68/rotate/r3.jhtml
O1 - Hosts: 218.153.65.158 www.fassia.net/wmed/index1.html
O1 - Hosts: 218.153.65.158 www.ehomeday.com
O1 - Hosts: 218.153.65.158 www.jinpin.net
O1 - Hosts: 218.153.65.158 www.cnqb.net
O1 - Hosts: 218.153.65.158 www.myxq.net
O1 - Hosts: 218.153.65.158 www.5dsoft.com
O1 - Hosts: 218.153.65.158 www.wokoo.net
O1 - Hosts: 218.153.65.158 movie.sx.zj.cn
O1 - Hosts: 218.153.65.158 h444.net
O1 - Hosts: 218.153.65.158 3721.com
O1 - Hosts: 218.153.65.158 3721.net
O1 - Hosts: 218.153.65.158 cnsmin.3721.com
O1 - Hosts: 218.153.65.158 cnsmin.3721.net
O1 - Hosts: 218.153.65.158 download.3721.com
O1 - Hosts: 218.153.65.158 download.3721.net
O1 - Hosts: 218.153.65.158 www.3721.com
O1 - Hosts: 218.153.65.158 www.3721.net
O1 - Hosts: 218.153.65.158 young-erotic.com
O1 - Hosts: 218.153.65.158 aifind.info
O1 - Hosts: 218.153.65.158 80pictures.com
O1 - Hosts: 218.153.65.158 www.88dvd.com
O1 - Hosts: 218.153.65.158 www.sex591.com
O1 - Hosts: 218.153.65.158 www.qq3344.com
O1 - Hosts: 218.153.65.158 www.dj3344.com
O1 - Hosts: 218.153.65.158 www.yysky.net
O1 - Hosts: 218.153.65.158 www.qq168.net
O1 - Hosts: 218.153.65.158 www.777888.com
O1 - Hosts: 218.153.65.158 www.5dsoft.com
O1 - Hosts: 218.153.65.158 www.wokoo.net
O1 - Hosts: 218.153.65.158 movie.sx.zj.cn
O1 - Hosts: 218.153.65.158 yeapple.com
O1 - Hosts: 218.153.65.158 xyxy68.8u8.net
O1 - Hosts: 218.153.65.158 www.youmiss.com
O1 - Hosts: 218.153.65.158 www.cctv8.net
O1 - Hosts: 218.153.65.158 xyxy68.8u8.net
O1 - Hosts: 218.153.65.158 www.youmiss.com
O1 - Hosts: 218.153.65.158 www.cctv8.net
O1 - Hosts: 218.153.65.158 www.kuliao.com
O1 - Hosts: 218.153.65.158 www.yyqy.com
O1 - Hosts: 218.153.65.158 winzheng.126.com
O1 - Hosts: 218.153.65.158 www.sunvod.com
O1 - Hosts: 218.153.65.158 www.t168.com
O1 - Hosts: 218.153.65.158 www.boliwo.com
O1 - Hosts: 218.153.65.158 www.coolcdrom.com
O1 - Hosts: 218.153.65.158 www.zhengdian.com
O1 - Hosts: 218.153.65.158 girlchinese.com
O1 - Hosts: 219.153.55.158 jd.54liumang.com
O1 - Hosts: 218.153.65.158 www.mtv51.com
O1 - Hosts: 218.153.65.158 www.163[1].com
O1 - Hosts: 218.153.65.158 www.37021.com
O1 - Hosts: 218.153.65.158 www.cnqb.net
O1 - Hosts: 218.153.65.158 www.qq3344.com
O1 - Hosts: 218.153.65.158 www.qq3344.net
O1 - Hosts: 218.153.65.158 youlove.3322.net
O1 - Hosts: 218.153.65.158 www.58589.com
O1 - Hosts: 218.153.65.158 www.ftlink.net
O1 - Hosts: 218.153.65.158 home.kimo.com.tw/avnvyou520/
O1 - Hosts: 218.153.65.158 www.pixpox.com
O1 - Hosts: 218.153.65.158 www.k163.com
O1 - Hosts: 218.153.65.158 www.pk.com
O1 - Hosts: 218.153.65.158 www.xxx.com
O1 - Hosts: 218.153.65.158 204.177.92.68/rotate/r3.jhtml
O1 - Hosts: 218.153.65.158 www.fassia.net/wmed/index1.html
O1 - Hosts: 218.153.65.158 www.ehomeday.com
O1 - Hosts: 218.153.65.158 www.jinpin.net
O3 - IE工具栏增项: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O4 - 启动项HKLM\\Run: [RTHDCPL] RTHDCPL.EXE
O4 - 启动项HKLM\\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - 启动项HKLM\\Run: [BigDog305] C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305)
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - 启动项HKLM\\Run: [AVP] "D:\卡巴6.0\avp.exe"
O4 - 启动项HKLM\\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [dianlei] "D:\点雷\dianlei.exe" -Tray
O4 - Startup: QQ游戏启动加速程序.lnk = D:\QQGAME\Accel.exe
O8 - IE右键菜单中的新增项目: &使用快车(FlashGet)下载 - d:\FLASHGET\jc_link.htm
O8 - IE右键菜单中的新增项目: &使用快车(FlashGet)下载全部链接 - d:\FLASHGET\jc_all.htm
O9 - 浏览器额外的按钮: Web反病 - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - D:\卡巴6.0\scieplugin.dll
O9 - 浏览器额外的按钮: 番茄花园 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://tomatolei.com (file missing)
O9 - 浏览器额外的按钮: 电雷超级下载 - {A6A84943-17AB-4363-A518-8D750FDF57C3} - "D:\点雷\dianlei.exe" (file missing)
O9 - 浏览器额外的“工具”菜单项: &电雷超级下载 - {A6A84943-17AB-4363-A518-8D750FDF57C3} - "D:\点雷\dianlei.exe" (file missing)
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE (file missing)
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE (file missing)
O9 - 浏览器额外的按钮: 快车 - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - d:\FLASHGET\FlashGet.exe
O9 - 浏览器额外的“工具”菜单项: 快车(FlashGet) - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - d:\FLASHGET\FlashGet.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{C13DA61F-E911-4862-AFF6-D73C767F2222}: NameServer = 61.235.70.98 211.98.4.1
O18 - 列举现有的协议: KuGoo3 - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - C:\PROGRA~1\KuGoo3\InExtend\KUGOO3~1.OCX
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O23 - NT 服务: 卡巴斯基反病毒6.0 (AVP) - Kaspersky Lab - D:\卡巴6.0\avp.exe
O23 - NT 服务: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - NT 服务: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - NT 服务: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - NT 服务: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
O23 - NT 服务: Volume Shadow Copyrebq10 (ServiceCopyrebq10) - Unknown owner - c:\windows\system32\bq10\svchost.exe



[用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)