曙光之剑 - 2005-12-19 10:29:00
HijackThis_zww汉化版扫描日志 V1.99.1
保存于 10:26:46, 日期 2005-12-19
操作系统: Windows XP SP2 (WinNT 5.01.2600)
浏览器: Internet Explorer v6.00 SP2 (6.00.2900.2180)
当前运行的进程:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\IPInventory\Client\ipiclitray.exe
C:\Program Files\Rising\Rav\RavTimer.exe
C:\Program Files\Rising\Rav\RavTray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\WINLOGON.EXE
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\Program Files\IPInventory\Client\IPICliSvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Rising\Rav\RavService.exe
C:\Program Files\Rising\Rav\Rav.exe
C:\WINDOWS\System32\alg.exe
D:\Program Files\FlashGet\flashget.exe
E:\Program Files\HijackThis1991汉化版\HijackThis1991zww.exe
R3 - URLSearchHook: (no name) - {BB936323-19FA-4521-BA29-ECA6A121BC78}
- (no file)
F2 - REG:system.ini: Shell=Explorer.exe 1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
- C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: QQBrowserHelperObject Class - {54EBD53A-9BC1-480B-966A-
843A333CA162} - C:\Program Files\Tencent\qq\QQIEHelper.dll
O2 - BHO: YDragSearch - {62EED7C6-9F02-42f9-B634-98E2899E147B} - (no
file)
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} -
D:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-
CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - IE工具栏增项: (no name) - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} -
(no file)
O3 - IE工具栏增项: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-
D3AE55B4128C} - D:\Program Files\Kingsoft\FastAIT 2005\IEBand.dll
O3 - IE工具栏增项: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
c:\program files\google\googletoolbar1.dll
O4 - 启动项HKLM\\Run: [IPInventory Client] C:\Program
Files\IPInventory\Client\ipiclitray.exe
O4 - 启动项HKLM\\Run: [RavTimer] C:\Program
Files\Rising\Rav\RavTimer.exe
O4 - 启动项HKLM\\Run: [RavTray] C:\Program Files\Rising\Rav\RavTray.exe
O4 - 启动项HKLM\\Run: [RavMon] C:\Program Files\Rising\Rav\RavMon.exe
-system
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common
Files\Real\Update_OB\realsched.exe" -osboot
O4 - 启动项HKLM\\Run: [Torjan Program] C:\WINDOWS\WINLOGON.EXE
O4 - 启动项HKLM\\Run: [MSConfig]
C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN
Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] ; "C:\Program Files\Messenger\msmsgs.exe"
/background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program
Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
Office\Office10\OSA.EXE
O8 - IE右键菜单中的新增项目: Google 搜索(&G) - res://C:\Program
Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - D:\Program
Files\FlashGet\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - D:\Program
Files\FlashGet\jc_all.htm
O8 - IE右键菜单中的新增项目: 反向链接 - res://C:\Program
Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - IE右键菜单中的新增项目: 导出到 Microsoft Excel(&x) -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - IE右键菜单中的新增项目: 类似网页 - res://C:\Program
Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - IE右键菜单中的新增项目: 缓存的网页快照 - res://C:\Program
Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - IE右键菜单中的新增项目: 翻译英文字词(&T) - res://C:\Program
Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} -
C:\Program Files\Tencent\qq\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-
00aa003c157b} - C:\Program Files\Tencent\qq\QQ.EXE
O9 - 浏览器额外的按钮: FlashGet - {D6E814A0-E0C5-11d4-8D29-
0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe
O9 - 浏览器额外的“工具”菜单项: &FlashGet - {D6E814A0-E0C5-11d4-8D29-
0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe
O9 - 浏览器额外的按钮: (no name) - {ECF2E268-F28C-48d2-9AB7-
8F69C11CCB71}? - http://assistant.3721.com/security1.htm?fb=Cns (file
missing)
O9 - 浏览器额外的“工具”菜单项: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7
-8F69C11CCB71}? - http://assistant.3721.com/security1.htm?fb=Cns (file
missing)
O9 - 浏览器额外的按钮: Messenger - {FB5F1910-F110-11d2-BB9E-
00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - 浏览器额外的“工具”菜单项: Windows Messenger - {FB5F1910-F110-
11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - 浏览器额外的按钮: (no name) - {FD00D911-7529-4084-9946-
A29F1BDF4FE5}? - http://assistant.3721.com/clean1.htm?fb=Cns (file
missing)
O9 - 浏览器额外的“工具”菜单项: 清理上网记录 - {FD00D911-7529-4084-
9946-A29F1BDF4FE5}? - http://assistant.3721.com/clean1.htm?fb=Cns (file
missing)
O9 - 浏览器额外的按钮: 访问瑞星网站 - {FF2DE7A6-ECB1-4CBC-9C0E-
D92A9E66E444}? - http://www.rising.com.cn (file missing)
O9 - 浏览器额外的按钮: 访问卡卡社区 - {FF2DE7A6-ECB1-4CBC-9C0E-
D92A9E66E445}? - http://www.ikaka.com (file missing)
O16 - DPF: {1F831FA1-42FC-11D4-95A6-0080AD30DCE1} (InstaFred) -
file://C:\Program Files\AutoCAD 2002\InstFred.ocx
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday 控件) -
file://C:\Program Files\AutoCAD 2002\AcDcToday.ocx
O16 - DPF: {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} (AxSubmitControl
Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab
O16 - DPF: {AE563722-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) -
file://C:\Program Files\AutoCAD 2002\InstBanr.ocx
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview 控件) -
file://C:\Program Files\AutoCAD 2002\AcPreview.ocx
O18 - 列举现有的协议: msnim - {828030A1-22C1-4009-854F-8E305202313F} -
"C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: APIHookDll.dll
O20 - Winlogon Notify: PCANotify - C:\WINDOWS\SYSTEM32\PCANotify.dll
O23 - NT 服务: Autodesk Licensing Service - Unknown owner - C:\Program
Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - NT 服务: pcAnywhere Host Service (awhost32) - Symantec
Corporation - d:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 - NT 服务: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32
\drivers\CDAC11BA.EXE
O23 - NT 服务: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32
\DRIVERS\CDANTSRV.EXE
O23 - NT 服务: IP Inventory Client (IPICli) - Power House Programming -
C:\Program Files\IPInventory\Client\IPICliSvc.exe
O23 - NT 服务: NVIDIA Display Driver Service (NVSvc) - NVIDIA
Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - NT 服务: RavService - Unknown owner - C:\Program
Files\Rising\Rav\RavService.exe" /service (file missing)
O23 - NT 服务: Rising Process Communication Center (RsCCenter) -
Beijing Rising Technology Co., Ltd. - C:\Program
Files\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology
Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
© 2000 - 2025 Rising Corp. Ltd.