gdzjcyy |
2006-10-26 09:24 |
HijackThis_zww汉化版扫描日志 V1.99.1 保存于 9:24:13, 日期 2006-10-26 操作系统: Windows XP SP2 (WinNT 5.01.2600) 浏览器: Internet Explorer v6.00 SP2 (6.00.2900.2180)
当前运行的进程: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\WINDOWS\stsystra.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Norton Ghost\Agent\GhostTray.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe D:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe D:\Program Files\ewido anti-spyware 4.0\ewido.exe C:\Program Files\Dell\QuickSet\Quickset.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis3a.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe C:\WINDOWS\system32\cisvc.exe d:\Program Files\ewido anti-spyware 4.0\guard.exe C:\WINDOWS\System32\GEARSec.exe C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe C:\Program Files\Norton Ghost\Agent\VProSvc.exe C:\Program Files\Agnitum\Outpost Firewall\outpost.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\tcpsvcs.exe C:\WINDOWS\System32\snmp.exe C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\System32\svchost.exe C:\Documents and Settings\yy\桌面\Portal.exe D:\Program Files\Maxthon2\Maxthon.exe C:\WINDOWS\system32\cidaemon.exe D:\Program Files\HijackThis1991汉化版\HijackThis1991zww.exe
O1 - Hosts: 210.22.14.109 dm.99770.com O1 - Hosts: 216.239.122.225 www.download.com O1 - Hosts: 202.120.58.178 vod.sjtu.edu.cn O1 - Hosts: 211.147.7.182 www.bearbuy.com.cn O1 - Hosts: 218.12.78.2 www.yydm.com O1 - Hosts: 219.153.35.25 www.qfmytv.com O1 - Hosts: 61.129.254.72 www.newegg.com.cn O1 - Hosts: 219.151.1.76 www.20xin.com O1 - Hosts: 61.152.248.16 www.doggiehome.com O1 - Hosts: 61.152.105.222 www.12gong.com O1 - Hosts: 202.102.234.71 www.7788com.com O1 - Hosts: 211.157.29.11 www.jrj.com.cn O1 - Hosts: 143.166.224.252 www1.ap.dell.com O1 - Hosts: 143.166.11.20 support.ap.dell.com O1 - Hosts: 203.127.132.36 support.dell.com.cn O1 - Hosts: 203.127.132.36 bbs.dell.com.cn O1 - Hosts: 143.166.11.20 support.ap.dell.com O1 - Hosts: 143.166.11.20 support.ap.dell.com O1 - Hosts: 143.166.11.20 support.ap.dell.com O1 - Hosts: 143.166.11.20 support.ap.dell.com O1 - Hosts: 143.166.11.20 support.ap.dell.com O1 - Hosts: 143.166.11.20 support.ap.dell.com O4 - 启动项HKLM\\Run: [IMJPMIG8.1] ; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - 启动项HKLM\\Run: [PHIME2002ASync] ; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - 启动项HKLM\\Run: [PHIME2002A] ; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - 启动项HKLM\\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - 启动项HKLM\\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - 启动项HKLM\\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - 启动项HKLM\\Run: [SigmatelSysTrayApp] stsystra.exe O4 - 启动项HKLM\\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - 启动项HKLM\\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - 启动项HKLM\\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - 启动项HKLM\\Run: [Norton Ghost 10.0] "C:\Program Files\Norton Ghost\Agent\GhostTray.exe" O4 - 启动项HKLM\\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - 启动项HKLM\\Run: [LiveUpatePower] rem MyUpdate.exe O4 - 启动项HKLM\\Run: [DVDLauncher] "d:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" O4 - 启动项HKLM\\Run: [msci] ; C:\DOCUME~1\yy\LOCALS~1\Temp\2006101523055_mcinfo.exe /insfin O4 - 启动项HKLM\\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe" O4 - 启动项HKLM\\Run: [CAVRID] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe" O4 - 启动项HKLM\\Run: [!ewido] "D:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - 启动项HKLM\\Run: [Outpost Firewall] C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe /waitservice O4 - 启动项HKLM\\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall\feedback.exe /dump:os_startup O4 - 启动项HKLM\\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\Quickset.exe O4 - 启动项HKLM\\Run: [pdfFactory Pro Dispatcher v3] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis3a.exe" /source=HKLM O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe O4 - Startup: desktop.ini O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: desktop.ini O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - IE右键菜单中的新增项目: &使用迅雷下载 - d:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm O8 - IE右键菜单中的新增项目: &使用迅雷下载全部链接 - d:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm O8 - IE右键菜单中的新增项目: 使用Web迅雷下载 - d:\Program Files\Thunder Network\WebThunder\GetUrl.htm O8 - IE右键菜单中的新增项目: 使用Web迅雷下载全部链接 - d:\Program Files\Thunder Network\WebThunder\GetAllUrl.htm O8 - IE右键菜单中的新增项目: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - 浏览器额外的按钮: 启动迅雷 - {0062C9BD-B349-40DE-91A0-755F37ACD559} - d:\Program Files\Thunder Network\Thunder\Thunder.exe O9 - 浏览器额外的“工具”菜单项: 启动迅雷 - {0062C9BD-B349-40DE-91A0-755F37ACD559} - d:\Program Files\Thunder Network\Thunder\Thunder.exe O9 - 浏览器额外的按钮: Sun Java 控制台 - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll O9 - 浏览器额外的“工具”菜单项: Sun Java 控制台 - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll O9 - 浏览器额外的按钮: Outpost Firewall Pro 快速调较 - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll O9 - 浏览器额外的按钮: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - 浏览器额外的“工具”菜单项: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - 浏览器额外的按钮: 启动Web迅雷 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - http://my.xunlei.com (file missing) O9 - 浏览器额外的“工具”菜单项: 启动Web迅雷 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - http://my.xunlei.com (file missing) O9 - 浏览器额外的按钮: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - d:\Program Files\Tencent\QQ\QQIEHelper.dll (file missing) O9 - 浏览器额外的“工具”菜单项: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - d:\Program Files\Tencent\QQ\QQIEHelper.dll (file missing) O9 - 浏览器额外的按钮: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - 浏览器额外的“工具”菜单项: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - 列举现有的协议: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - 列举现有的协议: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll O23 - NT 服务: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - NT 服务: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe O23 - NT 服务: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - NT 服务: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - NT 服务: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - NT 服务: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - NT 服务: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - d:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - NT 服务: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - NT 服务: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - NT 服务: McAfee.com McShield (McShield) - Unknown owner - (no file) O23 - NT 服务: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe O23 - NT 服务: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe O23 - NT 服务: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Program Files\Agnitum\Outpost Firewall\outpost.exe O23 - NT 服务: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - NT 服务: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - NT 服务: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - NT 服务: VET Message Service (VETMSGNT) - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe O23 - NT 服务: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe |
|