暗淡的光辉 - 2006-6-8 16:40:00
HijackThis_zww汉化版扫描日志 V1.99.1
保存于 16:31:11, 日期 2006-6-8
操作系统: Windows XP SP2 (WinNT 5.01.2600)
浏览器: Internet Explorer v7.00 (7.00.5346.0005)
当前运行的进程:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
f:\program files\rising\rfw\rfwsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
f:\program files\rising\rfw\RfwMain.exe
C:\windows\system32\wincfgs.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Ie2\Maxthon.exe
C:\Documents and Settings\sam\桌面\HijackThis1991zww.exe
F3 - REG:win.ini: load=C:\windows\system32\wincfgs.exe
O2 - BHO: wmpdrm - {0E674588-66B7-4E19-9D0E-2053B800F69F} - C:\WINDOWS\system32\wmpdrm.dll
O2 - BHO: std software - {6A512BF7-EC78-4e8d-9841-6C02E8FA9838} - C:\WINDOWS\SYSTEM32\stdup.dll
O4 - 启动项HKLM\\Run: [spoolsv] C:\WINDOWS\system32\spoolsv\spoolsv.exe -printer
O4 - 启动项HKLM\\Run: [Kaspersky Anti-Virus 2006 (Beta)] F:\卡巴斯基\avp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{34324B19-DE2C-4F7A-B0AA-4E851977ACAE}: NameServer = 202.106.46.151 202.106.0.20
O23 - NT 服务: AVP - Kaspersky Lab - F:\卡巴斯基\avp.exe
O23 - NT 服务: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - NT 服务: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - NT 服务: Rising Proxy Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - f:\program files\rising\rfw\rfwproxy.exe
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - f:\program files\rising\rfw\rfwsrv.exe
O23 - NT 服务: Sample NT Service (SampleService) - Ceramiche Ariostea - C:\WINDOWS\NTService.exe
© 2000 - 2025 Rising Corp. Ltd.