我的日志:
HijackThis_815汉化版扫描日志 V1.99.1
保存于 11:43:35, 日期 2006-7-27
操作系统: Windows XP SP2 (WinNT 5.01.2600)
浏览器: Internet Explorer v6.00 SP2 (6.00.2900.2180)
当前运行的进程:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
D:\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
D:\Rising\Rav\Ravmond.exe
d:\rising\rfw\rfwsrv.exe
D:\Rising\Rav\RavStub.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
d:\rising\rfw\RfwMain.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
D:\Rising\Rav\RavTask.exe
D:\Rising\Rav\RsAgent.exe
C:\WINDOWS\msagent\AgentSvr.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\千千静听\TTPlayer.exe
E:\nana\HijackThis1991zww.exe
R3 - URLSearchHook: (no name) - {CEAA4D69-49F7-419E-BBBB-E9CEDF5868CF} - C:\WINDOWS\system32\Hlbjbo.dll
R3 - URLSearchHook: (no name) - {565E366F-814A-4E82-9520-21AE3E88C120} - C:\WINDOWS\system32\Oadhpc.dll
R3 - URLSearchHook: (no name) - {7342EB55-1A6B-4FC9-AEC4-C46625B9592C} - C:\WINDOWS\system32\Orfpf.dll
R3 - URLSearchHook: (no name) - {FBE2B506-1A1D-40A3-8DD8-0C4465A79FCB} - C:\WINDOWS\system32\Npkyw.dll
R3 - URLSearchHook: (no name) - {25A56D00-D8E0-4133-8AB7-17EEFA04D480} - C:\WINDOWS\system32\Ekfyyr.dll
R3 - URLSearchHook: (no name) - {3541B1AD-E219-48A3-9D48-DE0BBF66DC13} - C:\WINDOWS\system32\Kats.dll
R3 - URLSearchHook: (no name) - {00A05FBB-6DD0-4ED9-8D26-65C8004401A8} - C:\WINDOWS\system32\Vgorms.dll (file missing)
R3 - URLSearchHook: (no name) - {9B082642-4BCA-4367-8C19-0EE0560157E6} - C:\WINDOWS\system32\Udrrle.dll (file missing)
R3 - URLSearchHook: (no name) - {73A63AA4-5B19-4392-A81E-1F4FFF3A4440} - C:\WINDOWS\system32\Ovyj.dll (file missing)
R3 - URLSearchHook: (no name) - {597C7295-DF4F-4F09-927C-D6D9A46E6D75} - C:\WINDOWS\system32\Bkpzr.dll (file missing)
R3 - URLSearchHook: (no name) - {8FFD42E5-C202-4193-A762-EBE49D60BD74} - C:\WINDOWS\system32\Nype.dll (file missing)
R3 - URLSearchHook: (no name) - {2D357372-BF23-4617-9A0D-0963A6922D1F} - C:\WINDOWS\system32\Ugjqh.dll (file missing)
R3 - URLSearchHook: (no name) - {813CE410-F457-465B-873B-AA10CE4E3171} - C:\WINDOWS\system32\Ojhcgq.dll (file missing)
R3 - URLSearchHook: (no name) - {67EF8FDC-2523-48A4-B332-A41845D20254} - C:\WINDOWS\system32\Nhtz.dll (file missing)
R3 - URLSearchHook: (no name) - {1A6CF60B-E659-42D4-B36B-896B5099545E} - C:\WINDOWS\system32\Oghsp.dll (file missing)
R3 - URLSearchHook: (no name) - {4C703C23-2D87-4C1E-8642-026433B9E9F2} - C:\WINDOWS\system32\Bner.dll (file missing)
R3 - URLSearchHook: (no name) - {447F08F6-FFC8-4DE3-99DF-FB4AED2573F4} - C:\WINDOWS\system32\Xdkuup.dll (file missing)
R3 - URLSearchHook: (no name) - {65C0633B-D789-419F-A352-12168CF03B2D} - C:\WINDOWS\system32\Kkrjav.dll (file missing)
R3 - URLSearchHook: (no name) - {6B7D30CE-9785-49FF-96D0-CA266608BB7B} - C:\WINDOWS\system32\Myioq.dll (file missing)
R3 - URLSearchHook: (no name) - {9E57CB44-36B9-4B5E-9990-8C530A1FD24B} - C:\WINDOWS\system32\Xeovuo.dll (file missing)
R3 - URLSearchHook: (no name) - {229CD936-84D4-47F4-BB6B-300CDB3F240D} - C:\WINDOWS\system32\Dhvf.dll (file missing)
R3 - URLSearchHook: (no name) - {C8B7D04C-A641-4139-B325-5DBF925E7437} - C:\WINDOWS\system32\Rnegi.dll (file missing)
R3 - URLSearchHook: (no name) - {13C1AED7-23E4-4835-8EC8-36461B9B0692} - C:\WINDOWS\system32\Bncgbr.dll (file missing)
R3 - URLSearchHook: (no name) - {10A189B1-B948-4333-83C5-C8042C75E0F2} - C:\WINDOWS\system32\Fcnb.dll
R3 - URLSearchHook: (no name) - {442492E6-684B-4B6F-AD2A-B1B70E9E191E} - C:\WINDOWS\system32\Jvnbmz.dll
R3 - URLSearchHook: (no name) - {9DCE5F53-F41D-42FA-B4EE-FE0B15AEEFB7} - C:\WINDOWS\system32\Cahyp.dll
R3 - URLSearchHook: (no name) - {9EEEF57E-F38E-448F-82B7-550D66EB678D} - C:\WINDOWS\system32\Zmly.dll
R3 - URLSearchHook: (no name) - {47B5BF23-FB0C-4ADA-899D-1B94DEC415CA} - C:\WINDOWS\system32\Imflkz.dll
R3 - URLSearchHook: (no name) - {39787249-6020-47B9-959F-3569A9649A96} - C:\WINDOWS\system32\Zyptho.dll
R3 - URLSearchHook: (no name) - {2A040B30-2A10-419D-92BE-762F7F996A41} - C:\WINDOWS\system32\Cfbkin.dll
R3 - URLSearchHook: (no name) - {004FC657-8149-4DA9-92D8-1D250B0DE34E} - C:\WINDOWS\system32\Zzte.dll
R3 - URLSearchHook: (no name) - {F809E618-97AB-48B2-83BE-7A4474A7FADA} - C:\WINDOWS\system32\Fpugzf.dll
R3 - URLSearchHook: (no name) - {F9B100C8-FD2F-4C68-ABFE-3C2817C7B8E1} - C:\WINDOWS\system32\Esdjnr.dll
R3 - URLSearchHook: (no name) - {56CA9EFD-89FB-4944-97F8-B97163AF53CE} - C:\WINDOWS\system32\Lqsw.dll
R3 - URLSearchHook: (no name) - {5F859A60-0CA9-4D03-88D7-5D76CB7FE92D} - C:\WINDOWS\system32\Vhok.dll
R3 - URLSearchHook: (no name) - {230149A8-0CEC-4C66-AA41-5E223F18DDD3} - C:\WINDOWS\system32\Ccfv.dll
R3 - URLSearchHook: (no name) - {41E03569-C2D6-4749-84B1-44E0F2111D4E} - C:\WINDOWS\system32\Pldgp.dll
R3 - URLSearchHook: (no name) - {CACB3C94-804C-4037-80B7-4B4CAD2E6D11} - C:\WINDOWS\system32\Cuiqty.dll
R3 - URLSearchHook: (no name) - {B7E97413-054C-4C80-B743-332F68B3E6ED} - C:\WINDOWS\system32\Lbfi.dll
R3 - URLSearchHook: (no name) - {621BACC8-5EAC-4E99-BA1A-CAE98BB6B7E5} - C:\WINDOWS\system32\Mduktu.dll
R3 - URLSearchHook: (no name) - {BB8450E5-15B2-4289-B9AD-7D345325D112} - C:\WINDOWS\system32\Ykazox.dll
R3 - URLSearchHook: (no name) - {CA31C81A-0CE3-436C-8A38-D3D444C372DC} - C:\WINDOWS\system32\Hcfvke.dll
R3 - URLSearchHook: (no name) - {470522AC-E0C3-4292-A581-B4BEDD44C07B} - C:\WINDOWS\system32\Oxubah.dll
R3 - URLSearchHook: (no name) - {D7E80D5B-FDD2-4915-A779-F7717FB6DBA6} - C:\WINDOWS\system32\Sdlz.dll
R3 - URLSearchHook: (no name) - {E29D010C-B587-49F8-B0AF-D9B211815159} - C:\WINDOWS\system32\Smmden.dll
R3 - URLSearchHook: (no name) - {656B9EAA-3342-49AD-B166-1432E59314B9} - C:\WINDOWS\system32\Eqwy.dll
R3 - URLSearchHook: (no name) - {DBFD4BB8-E2E8-4E96-A2B5-0DC7DE3E8E74} - C:\WINDOWS\system32\Kgay.dll
R3 - URLSearchHook: (no name) - {6856360B-1A2C-4FD3-93A9-139BA7655F1A} - C:\WINDOWS\system32\Pqhlw.dll
R3 - URLSearchHook: (no name) - {495AA796-832C-4E2F-BEC4-C1E19D3263AB} - C:\WINDOWS\system32\Bicyfb.dll
O2 - BHO: QQBrowserHelper
Object Class - {54EBD53A-9BC1-480B-966A-843A333CA162} - D:\QQ1\QQIEHelper.dll
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O2 - BHO: (no name) - {A9930D97-9CF0-42A0-A10D-4F28836579D5} - D:\kugoo\KuGoo3\KuGoo3DownXControl.ocx
O3 - IE工具栏增项: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [RfwMain] "D:\Rising\Rfw\rfwmain.exe" -Startup
O4 - 启动项HKLM\\Run: [RavTask] "D:\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - 启动项HKLM\\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - 启动项HKLM\\Run: [KuGoo3] D:\kugoo\KuGoo3\KuGoo.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - D:\QQ1\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 使用KuGoo3下载(&K) - D:\kugoo\KuGoo3\KuGoo3DownX.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - C:\Program Files\FlashGet\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - C:\Program Files\FlashGet\jc_all.htm
O8 - IE右键菜单中的新增项目: 在Foxmail中添加该RSS频道/频道组 - res://C:\WINDOWS\system32\fmrsslink.dll/201
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - D:\QQ1\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - D:\QQ1\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - D:\QQ1\SendMMS.htm
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\QQ1\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\QQ1\QQ.EXE
O9 - 浏览器额外的按钮: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\QQ1\QQIEHelper.dll
O9 - 浏览器额外的“工具”菜单项: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\QQ1\QQIEHelper.dll
O14 - IERESET.INF: START_PAGE_URL=
about:blank
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (CEditCtrl
Object) - https://img.alipay.com/download/1007/aliedit.cab
O16 - DPF: {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (Rising Web Scan
Object) - http://download.rising.com.cn/register/pcver/autoupgradepad/pcver2006new/OL2006.cab
O16 - DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} (pCastPanel Class) - http://ps.itv.mop.com/dn/files/pCastCtl_1.0.0.80_20060123.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AAB63BF8-828C-4E7D-83DF-E00C274C4901}: NameServer = 61.177.7.1 221.228.255.1
O23 - NT 服务: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - NT 服务: Rising Proxy Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - d:\rising\rfw\rfwproxy.exe
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - d:\rising\rfw\rfwsrv.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - D:\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\Rising\Rav\Ravmond.exe
