|
楼主 |
发表于 2007-11-23 19:40:55
|
显示全部楼层
Logfile of HijackThis v1.99.1
Scan saved at 19:37:54, on 2007-11-23
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Running processes:
C:\\WINDOWS\\System32\\smss.exe
C:\\WINDOWS\\system32\\winlogon.exe
C:\\WINDOWS\\system32\\services.exe
C:\\WINDOWS\\system32\\lsass.exe
C:\\WINDOWS\\system32\\svchost.exe
C:\\WINDOWS\\System32\\svchost.exe
C:\\WINDOWS\\system32\\spoolsv.exe
C:\\WINDOWS\\Explorer.EXE
C:\\WINDOWS\\system32\\RUNDLL32.EXE
C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe
C:\\PROGRA~1\\Nokia\\NOKIAP~1\\LAUNCH~1.EXE
C:\\Program Files\\Hewlett-Packard\\HP Deskjet 1280\\Toolbox\\mpm.exe
C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe
C:\\WINDOWS\\system32\\ctfmon.exe
C:\\Program Files\\Nokia\\Nokia PC Suite 6\\PcSync2.exe
C:\\Program Files\\Messenger\\msmsgs.exe
C:\\PROGRA~1\\COMMON~1\\Nokia\\MPAPI\\MPAPI3s.exe
C:\\Program Files\\Common Files\\Autodesk Shared\\Service\\AdskScSrv.exe
C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe
C:\\WINDOWS\\system32\\drivers\\CDAC11BA.EXE
C:\\WINDOWS\\system32\\nvsvc32.exe
C:\\Program Files\\Common Files\\PCSuite\\Services\\ServiceLayer.exe
C:\\WINDOWS\\system32\\wscntfy.exe
D:\\Program Files\\Thunder Network\\Thunder\\Program\\Thunder5.exe
C:\\Program Files\\WinRAR\\WinRAR.exe
C:\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\Rar$EX00.453\\HijackThis.exe
O2 - BHO: ThunderBHO - {2F364305-AA45-47B5-9F9D-39A8B94E7EF7} - D:\\Program Files\\Thunder Network\\Thunder\\ComDlls\\XunLeiBHO_006.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\\Program Files\\FlashGet\\jccatch.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\\Program Files\\FlashGet\\getflash.dll
O4 - HKLM\\..\\Run: [IMJPMIG8.1] "C:\\WINDOWS\\IME\\imjp8_1\\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\\..\\Run: [PHIME2002ASync] C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /SYNC
O4 - HKLM\\..\\Run: [PHIME2002A] C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /IMEName
O4 - HKLM\\..\\Run: [NvCplDaemon] RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup
O4 - HKLM\\..\\Run: [nwiz] nwiz.exe /install
O4 - HKLM\\..\\Run: [NvMediaCenter] RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\\..\\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\\..\\Run: [TkBellExe] "C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe" -osboot
O4 - HKLM\\..\\Run: [PCSuiteTrayApplication] C:\\PROGRA~1\\Nokia\\NOKIAP~1\\LAUNCH~1.EXE -startup
O4 - HKLM\\..\\Run: [HPWS myPrintMileage Agent] C:\\Program Files\\Hewlett-Packard\\HP Deskjet 1280\\Toolbox\\mpm.exe
O4 - HKLM\\..\\Run: [AVP] "C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe"
O4 - HKCU\\..\\Run: [ctfmon.exe] C:\\WINDOWS\\system32\\ctfmon.exe
O4 - HKCU\\..\\Run: [PcSync] C:\\Program Files\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog
O4 - HKCU\\..\\Run: [MSMSGS] "C:\\Program Files\\Messenger\\msmsgs.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\\Program Files\\Common Files\\Adobe\\Calibration\\Adobe Gamma Loader.exe
O8 - Extra context menu item: &使用快车(FlashGet)下载 - C:\\Program Files\\FlashGet\\jc_link.htm
O8 - Extra context menu item: &使用快车(FlashGet)下载全部链接 - C:\\Program Files\\FlashGet\\jc_all.htm
O8 - Extra context menu item: &使用迅雷下载 - D:\\Program Files\\Thunder Network\\Thunder\\Program\\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - D:\\Program Files\\Thunder Network\\Thunder\\Program\\getallurl.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\\PROGRA~1\\MICROS~2\\OFFICE11\\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到网络硬盘 - d:\\Program Files\\Tencent\\AddToNetDisk.htm
O9 - Extra button: Web 反病毒统计 - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\SCIEPlgn.dll
O9 - Extra button: 快车 - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\\Program Files\\FlashGet\\FlashGet.exe
O9 - Extra 'Tools' menuitem: 快车(FlashGet) - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\\Program Files\\FlashGet\\FlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\Program Files\\Messenger\\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\Program Files\\Messenger\\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: http://www.icbc.com.cn
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (EditCtrl Class) - https://img.alipay.com/download/1101/aliedit.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/wind ... e.cab?1167698385234
O16 - DPF: {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (AxInputControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AXSafeControls.cab
O16 - DPF: {7F2E5F51-3FC5-44EC-BA28-087A594E5989} (SafeCtrls Control) - http://cnc.ka365.com/Safecode.ocx
O16 - DPF: {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} (AxSubmitControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab
O16 - DPF: {B4D9857D-8A55-4442-A577-6B3ED5D4E41B} (ScreenCapture Class) - http://m29.mail.qq.com/zh_CN/activex/TencentMailActiveX.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.co ... current/swflash.cab
O16 - DPF: {E787FD25-8D7C-4693-AE67-9406BC6E22DF} - https://www.tenpay.com/download/qqedit.cab
O18 - Protocol: KuGoo - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - C:\\WINDOWS\\system32\\KuGoo3DownXControl.ocx
O18 - Protocol: KuGoo3 - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - C:\\WINDOWS\\system32\\KuGoo3DownXControl.ocx
O20 - Winlogon Notify: klogon - C:\\WINDOWS\\system32\\klogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\\WINDOWS\\system32\\WPDShServiceObj.dll
O23 - Service: Autodesk Licensing Service - Unknown owner - C:\\Program Files\\Common Files\\Autodesk Shared\\Service\\AdskScSrv.exe
O23 - Service: 卡巴斯基反病毒软件 7.0 (AVP) - Unknown owner - C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe" -r (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\\WINDOWS\\system32\\drivers\\CDAC11BA.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\\WINDOWS\\system32\\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\\Program Files\\Common Files\\PCSuite\\Services\\ServiceLayer.exe |
|