RT
给我用Hijackthis扫描的日志,希望高手帮我分析一下!
HijackThis_815汉化版扫描日志 V1.99.1
保存于 0:12:34, 日期 2006-3-1
操作系统: Windows XP SP2 (WinNT 5.01.2600)
浏览器: Internet Explorer v6.00 SP2 (6.00.2900.2180)
当前运行的进程:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
d:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
d:\Program Files\Rising\Rav\Ravmond.exe
d:\program files\rising\rfw\rfwsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
d:\Program Files\Rising\Rav\RavStub.exe
d:\program files\rising\rfw\RfwMain.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Rising\Rav\RavTask.exe
D:\Program Files\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Tencent\qq\TIMPlatform.exe
D:\Program Files\Rising\Rav\Rav.exe
D:\Program Files\Maxthon\Maxthon.exe
d:\Program Files\jj4\jjsvr4.exe
G:\Documents and Settings\Eagle Wan\My Documents\系统工具\HijackThis1991zww\HijackThis1991zww.exe
O1 - Hosts: 202.104.236.88 www.36bbs.com
O1 - Hosts: 218.65.86.38 www.oklink.net
O1 - Hosts: 61.139.76.81 www.lilujun.com
O1 - Hosts: 218.93.16.119 www.jiangmin.com
O1 - Hosts: 202.118.65.26 www.online.dlut.edu.cn
O1 - Hosts: 61.152.160.224 www.oixiaomi.net
O1 - Hosts: 206.204.52.6 security.symantec.com
O1 - Hosts: 218.30.82.39 scan.kingsoft.com
O1 - Hosts: 222.170.47.110 www.jumpc.com
O1 - Hosts: 219.148.111.132 www.wallcoo.com
O1 - Hosts: 211.144.92.59 www.china-wallpaper.com
O1 - Hosts: 61.152.117.78 hsjojo.myrice.com
O1 - Hosts: 61.152.188.212 www.themex.net
O1 - Hosts: 61.145.112.11 www.dodo8.com
O1 - Hosts: 218.83.155.13 www.wall365.com
O1 - Hosts: 61.233.41.218 www.mydeskcity.com
O1 - Hosts: 221.8.18.2 desktop.cc163.net
O1 - Hosts: 222.77.177.56 www.17173.com
O1 - Hosts: 219.239.89.42 games.enet.com.cn
O1 - Hosts: 211.154.205.130 www.gamespot.com.cn
O1 - Hosts: 219.239.89.53 www.enet.com.cn
O1 - Hosts: 202.100.85.12 levelup.cn
O1 - Hosts: 211.147.5.14 www.nbago.net
O1 - Hosts: 61.129.81.64 www.chnren.com
O1 - Hosts: 211.147.5.14 nba.cpgl.net
O1 - Hosts: 61.135.158.237 games.tom.com
O1 - Hosts: 219.239.88.110 game.yesky.com
O1 - Hosts: 219.133.47.198 www.chinagames.net
O1 - Hosts: 61.140.60.83 game.21cn.com
O1 - Hosts: 218.30.66.61 games.sina.com.cn
O1 - Hosts: 61.129.55.227 www.cn0day.net
O1 - Hosts: 61.129.159.225 www.cga.com.cn
O1 - Hosts: 61.152.144.50 www.youxiyan.com
O1 - Hosts: 202.102.251.238 www.gameaxis.com.cn
O1 - Hosts: 60.191.254.45 game.bokee.com
O1 - Hosts: 220.181.28.43 game.163.com
O1 - Hosts: 202.107.233.55 www.ourgame.com
O1 - Hosts: 61.233.94.252 baicai.com
O1 - Hosts: 61.184.100.21 www.zhaoyangshop.com
O1 - Hosts: 64.20.41.163 www.windesktop.net
O1 - Hosts: 210.51.18.206 ctr.joyzone.com.cn
O1 - Hosts: 211.159.67.144 www.seethru.com.cn
O1 - Hosts: 219.136.244.101 www.pconline.com.cn
O1 - Hosts: 219.239.88.110 www.yesky.com
O1 - Hosts: 61.152.108.107 www.yesure.com
O1 - Hosts: 202.108.59.242 www.cfan.com.cn
O1 - Hosts: 210.51.25.213 www.topwallpaper.net
O1 - Hosts: 219.238.233.207 online.rising.com.cn
O1 - Hosts: 218.201.39.98 www.cpcw.com
O1 - Hosts: 61.157.96.27 www.dofile.com
O1 - Hosts: 211.152.52.34 www.duba.net
O1 - Hosts: 210.245.186.170 www.hkepc.com
O1 - Hosts: 219.239.89.11 www.enet.com.cn
O1 - Hosts: 211.147.5.178 www.ezit.com.cn
O1 - Hosts: 61.152.239.36 www.gzeasy.com
O1 - Hosts: 64.84.29.53 www.itfbi.com.cn
O1 - Hosts: 218.201.41.18 www.pcshow.net
O1 - Hosts: 219.142.106.11 www.cdbest.net
O1 - Hosts: 61.145.113.41 www.pconline.com.cn
O1 - Hosts: 211.99.201.135 www.popsoft.com.cn
O1 - Hosts: 219.150.217.131 www.beareyes.com.cn
O1 - Hosts: 61.152.188.106 www.jetway.com.cn
O1 - Hosts: 210.77.145.202 www.easydigi.net
O1 - Hosts: 202.102.251.230 price.beareyes.com.cn
O1 - Hosts: 61.129.112.173 www.abit.com.cn
O1 - Hosts: 210.51.214.68 www.pcom.cn
O1 - Hosts: 61.183.11.67 www.sunschina.com
O1 - Hosts: 61.136.62.40 bbs.xilu.com
O1 - Hosts: 210.51.24.102 www.sy01.net
O1 - Hosts: 61.178.171.248 www.ai358.com
O1 - Hosts: 218.200.117.69 bbs.cnyou.com
O1 - Hosts: 61.152.167.75 www.haobbs.net
O1 - Hosts: 219.150.217.102 www.51erji.com
O1 - Hosts: 221.229.127.30 up.01eee.com
O1 - Hosts: 207.46.250.185 update.microsoft.com
O1 - Hosts: 220.170.79.15 solar.mofile.com
O1 - Hosts: 210.51.2.53 www.imp3.net
O1 - Hosts: 221.0.171.218 www.mp3show.cn
O1 - Hosts: 210.74.232.88 free5.ys168.com
O1 - Hosts: 207.46.20.30 www.microsoft.com
O1 - Hosts: 207.68.173.241 www.live.com
O1 - Hosts: 207.46.19.60 www.microsoft.com
O1 - Hosts: 61.128.234.38 bbs.pckoo.com
O1 - Hosts: 61.152.250.232 hompy.etang.com
O1 - Hosts: 218.201.44.224 www.51bak.net
O1 - Hosts: 202.165.102.127 assistant.3721.com
O1 - Hosts: 61.183.246.187 www.cctv.com
O1 - Hosts: 202.104.236.222 2.eop.cn
O1 - Hosts: 61.129.53.48 www.ebay.com.cn
O1 - Hosts: 220.181.26.132 www.sohu.com
O1 - Hosts: 61.151.243.245 www.china.com
O1 - Hosts: 61.152.246.161 www.chinabbs.com
O1 - Hosts: 222.222.174.122 www.800buy.com.cn
O1 - Hosts: 61.128.196.134 www.blogchina.com
O1 - Hosts: 221.236.9.135 www.icctv.cn
O1 - Hosts: 61.139.76.81 www.bbsaa.com
O1 - Hosts: 202.103.24.116 www.wuhan.net.cn
O1 - Hosts: 218.78.208.83 www.taobao.com
O1 - Hosts: 207.46.18.30 www.microsoft.com
O1 - Hosts: 220.181.28.42 www.163.com
O1 - Hosts: 61.172.243.71 www.qq.com
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v13.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - IE工具栏增项: CyberArticle Express - {769A6A36-ED24-4376-BC7C-80225BF35698} - d:\Program Files\CyberArticle\CAExp.dll
O3 - IE工具栏增项: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - IE工具栏增项: (no name) - {F869BB38-FFEF-4589-B986-610B7AD0ADA2} - (no file)
O3 - IE工具栏增项: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - IE工具栏增项: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O4 - 启动项HKLM\\Run: [RfwMain] "d:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - 启动项HKLM\\Run: [RavTask] "d:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - 启动项HKLM\\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: ADSL.lnk = ?
O4 - Startup: 腾讯QQ珊瑚虫版.lnk = D:\Program Files\Tencent\qq\CoralQQ.exe
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - D:\Program Files\Tencent\qq\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 使用迅雷下载 - D:\Program Files\Thunder Network\Thunder\geturl.htm
O8 - IE右键菜单中的新增项目: 使用迅雷下载全部链接 - D:\Program Files\Thunder Network\Thunder\getallurl.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - D:\Program Files\Tencent\qq\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - D:\Program Files\Tencent\qq\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - D:\Program Files\Tencent\qq\SendMMS.htm
O8 - IE右键菜单中的新增项目: 用比特精灵下载(&B) - D:\Program Files\BitSpirit\bsurl.htm
O9 - 浏览器额外的按钮: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-E800A446447A} - E:\Program Files\浩方对战平台\GameClient.exe
O9 - 浏览器额外的按钮: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} -
file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - 浏览器额外的“工具”菜单项: RoboForm工具栏 - {724d43aa-0d85-11d4-9908-00400523e39a} -
file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O16 - DPF: {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} (Edit Class) - https://www.sz1.cmbchina.com/download/CMBEdit.cab
O16 - DPF: {2354A44B-3CEB-4829-9940-545B03103538} (PowerPlr Control) - http://bbsky.wuhan.net.cn/plugin/PowerPlr.ocx
O16 - DPF: {3D8F74EE-8692-4F8F-B8D2-7522E732519E} (WebActivater Control) - http://game.qq.com/QQGame2.cab
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (CEditCtrl
Object) - https://img.alipay.com/download/aliedit.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by114fd.bay114.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1133620808421
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1139974591234
O16 - DPF: {87CCFDB0-C4BE-4BC2-A78C-9EAA7CF96667} (pcastup Class) - http://ps.itv.mop.com/dn/files/vodupdate_1.0.0.8_20051009.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A53F3E79-6DF0-4717-9688-C2E1B4243287}: NameServer = 202.103.0.68 202.103.24.68
O18 - 列举现有的协议: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - 列举现有的协议: talkto - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - NT 服务: Rising Proxy Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - d:\program files\rising\rfw\rfwproxy.exe
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - d:\program files\rising\rfw\rfwsrv.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - d:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - d:\Program Files\Rising\Rav\Ravmond.exe
O23 - NT 服务: Windows Updata - Unknown owner - C:\WINDOWS\updata.exe
