HijackThis_zww汉化版扫描日志 V1.99.1
保存于 22:48:41, 日期 2006-2-4
操作系统: Windows XP SP2 (WinNT 5.01.2600)
浏览器: Internet Explorer v6.00 SP2 (6.00.2900.2180)
当前运行的进程:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rising\Rav\Ravmond.exe
c:\program files\rising\rfw\rfwsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\Rising\Rav\RavStub.exe
C:\WINDOWS\Explorer.EXE
c:\program files\rising\rfw\RfwMain.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Rising\Rav\Ravmon.exe
E:\QQ 2006\QQ.exe
E:\QQ 2006\TIMPlatform.exe
E:\DuDu下载加速器 3.0\dudupros.exe
C:\WINDOWS\system32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\TDDownload\Movie\HijackThis1991zww.exe
R3 - URLSearchHook: (no name) - {982CB676-38F0-4D9A-BB72-D9371ABE876E} - (no file)
O1 - Hosts: 218.89.188.101 www.manba.net
O1 - Hosts: 210.51.190.173 www.epox.cn
O1 - Hosts: 61.129.77.235 www.jmusics.com
O1 - Hosts: 220.170.79.15 solar.mofile.com
O1 - Hosts: 210.51.212.67 mp3.5seecn.com
O1 - Hosts: 61.129.33.180 wg.park4u.com
O1 - Hosts: 61.151.255.102 download.pchome.net
O1 - Hosts: 222.73.4.56 www.focusme.cn
O1 - Hosts: 219.134.128.14 im.qq.com
O1 - Hosts: 218.16.119.99 search.sogua.com
O1 - Hosts: 202.108.29.94 mail.tom.com
O1 - Hosts: 61.155.107.103 a52av.27h.com
O1 - Hosts: 60.28.9.227 lib.verycd.com
O1 - Hosts: 61.136.143.184 net.itdoor.net
O1 - Hosts: 218.16.125.57 www.hb903.com
O1 - Hosts: 203.66.138.18 www.leadtek.com.tw
O1 - Hosts: 202.107.233.83 www.ting88.com
O1 - Hosts: 100.1.1.188 www1.lanlian.com.cn
O1 - Hosts: 61.135.158.237 games.tom.com
O1 - Hosts: 220.231.8.73 www.ent99.com
O1 - Hosts: 210.21.119.11 www.cartoon-sky.com
O1 - Hosts: 219.238.236.181 www.onlinedown.net
O1 - Hosts: 219.146.240.243 www3.skycn.com
O1 - Hosts: 219.136.244.114 dlc.pconline.com.cn
O1 - Hosts: 60.191.45.53 www.zrit.com
O1 - Hosts: 219.129.20.203 www.jmdmtq.com
O1 - Hosts: 61.172.193.25 bbs2.gamesoft.com.cn
O1 - Hosts: 61.129.55.238 patch.ali213.net
O1 - Hosts: 61.147.118.173 bbs.manmi.com
O1 - Hosts: 218.5.79.140 www.51sd.net
O1 - Hosts: 61.145.114.111 comic.skyhu.com
O1 - Hosts: 202.108.250.228 baidu.com
O1 - Hosts: 219.136.244.114 dlc.pcgames.com.cn
O1 - Hosts: 218.16.120.172 www.db23.com
O1 - Hosts: 202.102.249.40 www.mydrivers.com
O1 - Hosts: 208.254.3.166 n126.com
O2 - BHO: PPGou BHO - {00000000-0000-0000-0000-C4CA9A05F1E2} - E:\PPGou\PPGIECom2.dll (file missing)
O2 - BHO: ThunderIEHelper - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v13.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: NaviHelperObj Class - {3E422F49-1566-40D3-B43D-077EF739AC32} - C:\WINDOWS\NaviHelper.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - E:\QQ 2006\QQIEHelper.dll
O2 - BHO: DuDu.com - {6BDE1669-B490-48E3-B668-456314F2D6C3} - E:\DuDu下载加速器 3.0\dddiemon.dll
O3 - IE工具栏增项: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [Logitech Utility] Logi_MwX.Exe
O4 - 启动项HKLM\\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - 启动项HKLM\\Run: [nwiz] nwiz.exe /install
O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - 启动项HKLM\\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - IE右键菜单中的新增项目: &使用DuDu 加速器下载 - res://E:\DuDu下载加速器 3.0\dddmext.dll/202
O8 - IE右键菜单中的新增项目: &使用DuDu 加速器下载全部链接 - res://E:\DuDu下载加速器 3.0\dddmext.dll/203
O8 - IE右键菜单中的新增项目: &使用迅雷下载 - E:\迅 雷 5.1\geturl.htm
O8 - IE右键菜单中的新增项目: &使用迅雷下载全部链接 - E:\迅 雷 5.1\getallurl.htm
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - E:\QQ 2006\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - E:\QQ 2006\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - E:\QQ 2006\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - E:\QQ 2006\SendMMS.htm
O9 - 浏览器额外的按钮: 下载管理 - {3DB9F45E-AA74-4373-A466-C18A9F1C500D} - E:\DuDu下载加速器 3.0\DuDuAcc.exe
O9 - 浏览器额外的“工具”菜单项: 下载管理 - {3DB9F45E-AA74-4373-A466-C18A9F1C500D} - E:\DuDu下载加速器 3.0\DuDuAcc.exe
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\QQ 2006\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\QQ 2006\QQ.EXE
O9 - 浏览器额外的按钮: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - E:\QQ 2006\QQIEHelper.dll
O9 - 浏览器额外的“工具”菜单项: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - E:\QQ 2006\QQIEHelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{562B6BE4-1A0D-4745-8C82-4D67914B39BE}: NameServer = 10.113.1.108
O18 - 列举现有的协议: koboo - {7DEE9D05-FA0A-4416-A6F3-6537D0EAB6A6} - C:\WINDOWS\system32\mbprot.dll
O23 - NT 服务: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe
