HijackThis_815汉化版扫描日志 V1.99.1
保存于 13:32:22, 日期 2005-11-4
操作系统: Windows 2003 SP1 (WinNT 5.02.3790)
浏览器: Internet Explorer v6.00 SP1 (6.00.3790.1830)
当前运行的进程:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
e:\program files\rising\rfw\rfwsrv.exe
E:\WINDOWS\Explorer.EXE
e:\program files\rising\rfw\RfwMain.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for MS NT Server\avpcc.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for MS NT Server\avpm.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for MS NT Server\avpcc.exe
E:\Program Files\Common Files\Real\Update_OB\realsched.exe
E:\WINDOWS\system32\ctfmon.exe
E:\WINDOWS\system32\conime.exe
D:\Program Files\Super Rabbit\MagicSet\MagicSet.exe
E:\WINDOWS\regedit.exe
G:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
G:\Program Files\HijackThis中文\HijackThis1991zww.exe
R3 - URLSearchHook: (no name) - {1B0E7716-898E-48cc-9690-4E338E8DE1D3} - (no file)
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: (no name) - {1B0E7716-898E-48cc-9690-4E338E8DE1D3} - (no file)
O3 - IE工具栏增项: (no name) - {1B0E7716-898E-48cc-9690-4E338E8DE1D3} - (no file)
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "E:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [IMEKRMIG6.1] E:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - 启动项HKLM\\Run: [PHIME2002ASync] E:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] E:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [AVPCC] "E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for MS NT Server\avpcc.exe" /wait
O4 - 启动项HKLM\\Run: [RfwMain] "E:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - 启动项HKLM\\Run: [Super Rabbit SRRestore] D:\Program Files\Super Rabbit\MagicSet\srrest.exe /autosave
O4 - 启动项HKLM\\Run: [KFWE] E:\Program Files\safe123\kfwe\server\kfwetray.exe
O4 - 启动项HKLM\\Run: [SoundMan] ; SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [TkBellExe] "E:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - 启动项HKLM\\RunOnce: [SpybotSnD] "G:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck /autofix
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] G:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - 启动项HKCU\\RunOnce: [ICQ Lite] D:\PROGRA~1\ICQLite\ICQLite.exe -trayboot
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - G:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 使用 IDM 下载 - D:\Program Files\Internet Download Manager\IEExt.htm
O8 - IE右键菜单中的新增项目: 使用 IDM 下载所有链接 - D:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - G:\Program Files\Tencent\QQ\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - G:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - G:\Program Files\Tencent\QQ\SendMMS.htm
O8 - IE右键菜单中的新增项目: 用比特精灵下载(&B) - D:\Program Files\处理软件与网页素材\[游戏][图像处理][动画制作]\CS1.5中文硬盘版\CS1.5中文硬盘版\BitSpirit\bsurl.htm
O10 - 未知的文件在 Winsock LSP: e:\windows\system32\idmmbc.dll
O10 - 未知的文件在 Winsock LSP: e:\windows\system32\idmmbc.dll
O10 - 未知的文件在 Winsock LSP: e:\windows\system32\idmmbc.dll
O10 - 未知的文件在 Winsock LSP: e:\windows\system32\idmmbc.dll
O10 - 未知的文件在 Winsock LSP: e:\windows\system32\idmmbc.dll
O23 - NT 服务: AVP Control Centre Service (AVPCC) - Unknown owner - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for MS NT Server\avpcc.exe" /service (file missing)
O23 - NT 服务: KAV Monitor Service (KAVMonitorService) - Unknown owner - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for MS NT Server\avpm.exe" /service (file missing)
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Corporation Limited - e:\program files\rising\rfw\rfwsrv.exe
