Logfile of HijackThis v1.99.1
Scan saved at 23:38:49, on 2006-1-27
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rising\Rav\Ravmond.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Rising\Rav\RavStub.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\RunDll32.exe
C:\WINDOWS\VM_STI.EXE
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\BCUP.exe
C:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Rising\Rav\Ravmon.exe
F:\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\WINDOWS\System32\msappview32.exe
C:\WINDOWS\System32\ctfmon.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
F:\Nokia PC Suite 6\PcSync2.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Tencent\QQ\QQ.exe
C:\Program Files\Tencent\QQ\TIMPlatform.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\System32\taskmgr.exe
C:\Documents and Settings\1\桌面\HijackThis.exe
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: 216.66.12.149 www.hkk789.com
O1 - Hosts: 216.66.12.149 hkk789.com
O1 - Hosts: 216.66.12.149 www.4499.com
O1 - Hosts: 216.66.12.149 4499.com
O1 - Hosts: 216.66.12.149 www.2266.cc
O1 - Hosts: 216.66.12.149 2266.cc
O1 - Hosts: 216.66.12.149 www.678kk.com
O1 - Hosts: 216.66.12.149 678kk.com
O1 - Hosts: 216.66.12.149 www.ip136.com
O1 - Hosts: 216.66.12.149 ip136.com
O1 - Hosts: 216.66.12.149 www.323.cc
O1 - Hosts: 216.66.12.149 323.cc
O1 - Hosts: 216.66.12.149 www.323.cn
O1 - Hosts: 216.66.12.149 323.cn
O1 - Hosts: 216.66.12.149 www.zq6655.com
O1 - Hosts: 216.66.12.149 zq6655.com
O1 - Hosts: 216.66.12.149 www.f5f8.com
O1 - Hosts: 216.66.12.149 f5f8.com
O1 - Hosts: 216.66.12.149 www.k8171.com
O1 - Hosts: 216.66.12.149 k8171.com
O1 - Hosts: 216.66.12.149 www.ip3721.com
O1 - Hosts: 216.66.12.149 ip3721.com
O1 - Hosts: 216.66.12.149 www.218678.com
O1 - Hosts: 216.66.12.149 218678.com
O1 - Hosts: 216.66.12.149 www.hk136.com
O1 - Hosts: 216.66.12.149 hk136.com
O1 - Hosts: 216.66.12.149 www.39639.com
O1 - Hosts: 216.66.12.149 39639.com
O1 - Hosts: 216.66.12.149 www.36300.com
O1 - Hosts: 216.66.12.149 36300.com
O1 - Hosts: 216.66.12.149 www.88257.com
O1 - Hosts: 216.66.12.149 88257.com
O1 - Hosts: 216.66.12.149 www.56987.com
O1 - Hosts: 216.66.12.149 56987.com
O1 - Hosts: 216.66.12.149 www.866877.com
O1 - Hosts: 216.66.12.149 866877.com
O1 - Hosts: 216.66.12.149 www.tk121.net
O1 - Hosts: 216.66.12.149 tk121.net
O1 - Hosts: 216.66.12.149 www.hk4558.com
O1 - Hosts: 216.66.12.149 hk4558.com
O1 - Hosts: 216.66.12.149 www.47999.com
O1 - Hosts: 216.66.12.149 47999.com
O1 - Hosts: 216.66.12.149 www.my330.com
O1 - Hosts: 216.66.12.149 my330.com
O1 - Hosts: 216.66.12.149 www.tm16888.com
O1 - Hosts: 216.66.12.149 tm16888.com
O1 - Hosts: 216.66.12.149 www.34348.com
O1 - Hosts: 216.66.12.149 34348.com
O1 - Hosts: 216.66.12.149 www.2266.cn
O1 - Hosts: 216.66.12.149 2266.cn
O1 - Hosts: 216.66.12.149 www.ok3310.com
O1 - Hosts: 216.66.12.149 ok3310.com
O1 - Hosts: 216.66.12.149 www.cnhklhc.com
O1 - Hosts: 216.66.12.149 cnhklhc.com
O1 - Hosts: 216.66.12.149 www.668998.com
O1 - Hosts: 216.66.12.149 668998.com
O1 - Hosts: 216.66.12.149 www.tk688.com
O1 - Hosts: 216.66.12.149 tk688.com
O1 - Hosts: 216.66.12.149 www.tk688.net
O1 - Hosts: 216.66.12.149 tk688.net
O1 - Hosts: 216.66.12.149 www.te89.com
O1 - Hosts: 216.66.12.149 te89.com
O1 - Hosts: 216.66.12.149 www.ma89.com
O1 - Hosts: 216.66.12.149 ma89.com
O1 - Hosts: 216.66.12.149 www.699899.com
O1 - Hosts: 216.66.12.149 699899.com
O1 - Hosts: 216.66.12.149 www.505888.com
O1 - Hosts: 216.66.12.149 505888.com
O1 - Hosts: 216.66.12.149 www.93988.com
O1 - Hosts: 216.66.12.149 93988.com
O1 - Hosts: 216.66.12.149 www..hongkonglhc.com
O1 - Hosts: 216.66.12.149 .hongkonglhc.com
O1 - Hosts: 216.66.12.149 www.w8w888.com
O1 - Hosts: 216.66.12.149 w8w888.com
O1 - Hosts: 216.66.12.149 www.hk038.com
O1 - Hosts: 216.66.12.149 hk038.com
O1 - Hosts: 216.66.12.149 www.t3618.hk
O1 - Hosts: 216.66.12.149 t3618.hk
O1 - Hosts: 216.66.12.149 www.30787.com
O1 - Hosts: 216.66.12.149 30787.com
O1 - Hosts: 216.66.12.149 www.nnnkkk.com
O1 - Hosts: 216.66.12.149 nnnkkk.com
O1 - Hosts: 216.66.12.149 www.nnnkkk.net
O1 - Hosts: 216.66.12.149 nnnkkk.net
O1 - Hosts: 216.66.12.149 www.my116.net
O1 - Hosts: 216.66.12.149 my116.net
O1 - Hosts: 216.66.12.149 www.tm3366.com
O1 - Hosts: 216.66.12.149 tm3366.com
O1 - Hosts: 216.66.12.149 www.tm3366.net
O1 - Hosts: 216.66.12.149 tm3366.net
O1 - Hosts: 216.66.12.149 www.98990.com
O1 - Hosts: 216.66.12.149 98990.com
O1 - Hosts: 216.66.12.149 www.y66y66.com
O1 - Hosts: 216.66.12.149 y66y66.com
O1 - Hosts: 216.66.12.149 www.6zqm.com
O1 - Hosts: 216.66.12.149 6zqm.com
O1 - Hosts: 216.66.12.149 www.xg8858.com
O1 - Hosts: 216.66.12.149 xg8858.com
O1 - Hosts: 216.66.12.149 www.xg8858.com
O1 - Hosts: 216.66.12.149 xg8858.com
O1 - Hosts: 216.66.12.149 www.y7749.com
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\System32\kakatool.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [CM-SmWizard] C:\WINDOWS\System\SmWizard.exe
O4 - HKLM\..\Run: [KAVRun] C:\KAV5\KAVRun.EXE
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE ZSMC USB PC Camera
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [internat.exe] internat.exe
O4 - HKLM\..\Run: [YDTMain.exe] C:\PROGRA~1\YDT\YDTMain.exe
O4 - HKLM\..\Run: [internet.exe] C:/WINDOWS/system.hta
O4 - HKLM\..\Run: [BCUpdate] C:\WINDOWS\System32\BCUP.exe
O4 - HKLM\..\Run: [] regedit -s C:\$NtUninstallQ5926809$\sp4custom.dll
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [PCSuiteTrayApplication] F:\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [Microsoft Application Viewer] msappview32.exe
O4 - HKLM\..\RunServices: [Microsoft Application Viewer] msappview32.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [] regedit -s C:\$NtUninstallQ5926809$\sp4custom.dll
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [IEXPLORE.EXE] IEXPLORE.EXE Http://www.333tu.com
O4 - HKCU\..\Run: [PcSync] F:\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - Startup: 腾讯QQ.lnk = C:\Program Files\Tencent\QQ\QQ.exe
O8 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {2354A44B-3CEB-4829-9940-545B03103538} (PowerPlr Control) - http://bbsky.wuhan.net.cn/plugin/PowerPlr.ocx
O16 - DPF: {3D8F74EE-8692-4F8F-A8D2-7522B732519E} (WebActivater Control) - http://game.qq.com/QQGame.cab
O16 - DPF: {3D8F74EE-8692-4F8F-B8D2-7522E732519E} (WebActivater Control) - http://game.qq.com/QQGame2.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/10efd1f856df8e643d04/netzip/RdxIE601_cn.cab
O16 - DPF: {8819C261-5B61-4628-908C-9BE795EABEC3} (IE Class) - http://www.95599.cn/download/ABC.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash
Object) -
file://D:\程序\超级解霸\DVDSkin\defskin\HTML\swflash.cab
O16 - DPF: {DA984A6D-508E-11D6-AA49-0050FF3C628D} (Ravonline) - http://download.rising.com.cn/QQ/QQkill/rsonline.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{592FDBF9-7CD2-43B4-BC18-BA25FD9BCD39}: NameServer = 202.103.6.46 202.103.0.117
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: KB2357802.LOG
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
