‹‹ ÉÏÒ»Ö÷Ìâ | ÏÂÒ»Ö÷Ìâ ››
 83 123456
·¢Ð»°Ìâ
´òÓ¡

vip007½¨ÒéÄã¿ÉÒÔÔÚ´Ë°æ·¢²¼ÄãµÄ¼ÆËã»úµÄ½ø³Ì±¨¸æ

±¾Ö÷ÌâÓÉ chunwater ÓÚ 2007-12-6 19:32 ¼ÓÈ뾫»ª
xieyan

¸ß¼¶¹ó±ö

Rank: 5Rank: 5

Ìû×Ó
824 
»ý·Ö
1443 
×¢²áʱ¼ä
2006-2-18 
31# ´ó ÖРС ·¢±íÓÚ 2006-9-23 20:37  Ö»¿´¸Ã×÷Õß
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: &ʹÓñ©·çÏÂÔØÆ÷ÏÂÔØ - d:\Program Files\Ringz Studio\Storm Downloader\geturl.htm
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: ÉÏ´«µ½QQÍøÂçÓ²ÅÌ - D:\program files\Tencent\QQ\AddToNetDisk.htm
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: ʹÓÃÍø¼Ê¿ì³µÏÂÔØ - D:\program files\FlashGet\jc_link.htm
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: ʹÓÃÍø¼Ê¿ì³µÏÂÔØÈ«²¿Á´½Ó - D:\program files\FlashGet\jc_all.htm
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: ·¢Ë͵½ Bluetooth(&B) - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: Ìí¼Óµ½QQ×Ô¶¨ÒåÃæ°å - D:\program files\Tencent\QQ\AddPanel.htm
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: Ìí¼Óµ½QQ±íÇé - D:\program files\Tencent\QQ\AddEmotion.htm
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: ÓÃQQ²ÊÐÅ·¢Ë͸ÃͼƬ - D:\program files\Tencent\QQ\SendMMS.htm
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - ä¯ÀÀÆ÷¶îÍâµÄ¡°¹¤¾ß¡±²Ëµ¥Ïî: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: ¸üРThinkPad Èí¼þ - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\\PkgMgr.exe
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: Ò×Ȥ¹ºÎï - {DE607141-AC19-421e-863A-3D70ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=5 (file missing)
O9 - ä¯ÀÀÆ÷¶îÍâµÄ¡°¹¤¾ß¡±²Ëµ¥Ïî: Ò×Ȥ¹ºÎï - {DE607141-AC19-421e-863A-3D70ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=5 (file missing)
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - ä¯ÀÀÆ÷¶îÍâµÄ¡°¹¤¾ß¡±²Ëµ¥Ïî: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com/cn/zh/
O17 - HKLM\System\CCS\Services\Tcpip\..\{11FBFC37-EBBE-4EFD-ABF8-D38BE8BAA6EC}: NameServer = 192.168.100.6
O18 - ÁоÙÏÖÓеÄЭÒé: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - ÁоÙÏÖÓеÄЭÒé: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: tpfnf2 - C:\WINDOWS\SYSTEM32\notifyf2.dll
O20 - Winlogon Notify: tphotkey - C:\WINDOWS\SYSTEM32\tphklock.dll
O23 - NT ·þÎñ: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - NT ·þÎñ: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - NT ·þÎñ: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - NT ·þÎñ: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - NT ·þÎñ: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - NT ·þÎñ: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - NT ·þÎñ: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - NT ·þÎñ: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - NT ·þÎñ: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - NT ·þÎñ: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - NT ·þÎñ: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - NT ·þÎñ: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - NT ·þÎñ: IPS ºËÐÄ·þÎñ (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE
O23 - NT ·þÎñ: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - NT ·þÎñ: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - NT ·þÎñ: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - NT ·þÎñ: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - NT ·þÎñ: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - NT ·þÎñ: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - NT ·þÎñ: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.EXE
O23 - NT ·þÎñ: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
O23 - NT ·þÎñ: ThinkVantage System Update (UCLauncherService) - Unknown owner - C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe
 

TOP

tangdys

¸ß¼¶¹ó±ö

Rank: 5Rank: 5

Ìû×Ó
990 
»ý·Ö
1761 
×¢²áʱ¼ä
2005-12-30 
32# ´ó ÖРС ·¢±íÓÚ 2006-9-23 20:54  Ö»¿´¸Ã×÷Õß
ºÃÉî°Â£¬¿´²»¶®µÄ˵
¿××ÓÔ»£º´ò¼ÜÓÃשºõ~~²»ÒËÂÒºõ~~ÕÕ×ÅÄÔ´üºõ~~ºõ²»×ÅÔÙºõ~~ºõËÀÒ²~~
T60p CA3+X60s AS2+iPod Video 80G
 

TOP

xylose

¸ß¼¶¹ó±ö

Rank: 5Rank: 5

Ìû×Ó
»ý·Ö
208 
×¢²áʱ¼ä
2006-8-9 
33# ´ó ÖРС ·¢±íÓÚ 2006-9-24 00:09  Ö»¿´¸Ã×÷Õß
Ò²Âé·³007´ó¸ç°ïÎÒ¿´¿´°É

Logfile of HijackThis v1.99.1
Scan saved at 15:12:15, on 2006-9-25
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$CAMBRIDGESOFT\Binn\sqlservr.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
c:\program files\lenovo\system update\suservice.exe
C:\WINDOWS\System32\TPHDEXLG.EXE
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\TpShocks.exe
C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
C:\WINDOWS\system32\TpScrLk.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\ThinkPad\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\WinRAR\WinRAR.exe
D:\Temp\Rar$EX00.406\HijackThis.exe

R3 - URLSearchHook: SrchHook Class - {EED92A43-CFCE-4548-BD73-B0A405470ED5} - C:\PROGRA~1\CNNIC\Cdn\iesrch.dll
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - D:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll
O2 - BHO: internet explorer helper - {02C9B9AB-6372-46C5-B356-773FAF3B6B1E} - C:\WINDOWS\fonts\msshapi.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: LanKeexk Class - {4C0BA69F-F3DA-FAE8-1748-225F0E9B44FE} - C:\WINDOWS\DOWNLO~1\ezijridv.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: YDragSearch - {62EED7C6-9F02-42f9-B634-98E2899E147B} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL (file missing)
O2 - BHO: Vision - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll
O2 - BHO: stdup - {6A512BF7-EC78-4e8d-9841-6C02E8FA9838} - C:\WINDOWS\System32\stdup.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: RepliGoIEHelperCtl Class - {91DE4477-9CDC-4806-9BCB-28A963988E94} - D:\Program Files\Cerience\RepliGo\RepliGoIEHelper.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - D:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll
O3 - Toolbar: &RepliGo - {81F4066B-F330-4872-8094-3E9FBCCEC8C1} - D:\Program Files\Cerience\RepliGo\RepliGoIEBar.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [RavAV] C:\WINDOWS\RavMonE.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "c:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
O4 - HKLM\..\Run: [TPKBDLED] C:\WINDOWS\system32\TpScrLk.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe" /startup
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [IMSCMIG40W] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40W\IMSCMIG.EXE /SetPreload /Log
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: À¶ÑÀ¿ØÖÆÅÌ.lnk = ?

[ Last edited by xylose on 2006-9-25 at 15:15 ]
 

TOP

xylose

¸ß¼¶¹ó±ö

Rank: 5Rank: 5

Ìû×Ó
»ý·Ö
208 
×¢²áʱ¼ä
2006-8-9 
34# ´ó ÖРС ·¢±íÓÚ 2006-9-24 00:10  Ö»¿´¸Ã×÷Õß
O8 - Extra context menu item: >>²ÊÐÅ·¢ËÍ<< - res://C:\PROGRA~1\MMSASS~1\Mmsass~1.dll/mms.htm
O8 - Extra context menu item: ʹÓÃÍø¼Ê¿ì³µÏÂÔØ - C:\PROGRA~1\FlashGet\jc_link.htm
O8 - Extra context menu item: ʹÓÃÍø¼Ê¿ì³µÏÂÔØÈ«²¿Á´½Ó - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: ·¢Ë͵½ Bluetooth É豸(&B)... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: µ¼³öµ½ Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: ת»»Îª Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: ת»»ÎªÏÖÓÐ PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: ת»»Ñ¡¶¨µÄÁ´½ÓΪ Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: ת»»Ñ¡¶¨µÄÁ´½ÓΪÏÖÓÐ PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: ת»»Ñ¡ÏîΪ Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: ת»»Ñ¡ÏîΪÏÖÓÐ PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: ת»»Á´½ÓÄ¿±êΪ Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: ת»»Á´½ÓÄ¿±êΪÏÖÓÐ PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java ¿ØÖÆ̨ - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll
O9 - Extra 'Tools' menuitem: ²ÊE¾«ÁéÉèÖà - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll
O9 - Extra button: ÐÅÏ¢¼ìË÷ - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ¸üРThinkPad Èí¼þ - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\PkgMgr.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Ò×Ȥ¹ºÎï - {DE607145-AC19-425e-860A-0D70ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=5 (file missing)
O9 - Extra 'Tools' menuitem: Ò×Ȥ¹ºÎï - {DE607145-AC19-425e-860A-0D70ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=5 (file missing)
O9 - Extra button: Ò×Ȥ¹ºÎï - {EE60714F-AC17-427e-861A-FD60CBDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=86 (file missing)
O9 - Extra 'Tools' menuitem: Ò×Ȥ¹ºÎï - {EE60714F-AC17-427e-861A-FD60CBDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=86 (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com/cn/zh/
O17 - HKLM\System\CCS\Services\Tcpip\..\{4E93315D-D567-447E-B14D-2354BBAB5639}: NameServer = 202.120.2.101
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O20 - Winlogon Notify: AwayNotify - C:\Program Files\Lenovo\AwayTask\AwayNotify.dll
O20 - Winlogon Notify: psfus - C:\WINDOWS\SYSTEM32\psqlpwd.dll
O20 - Winlogon Notify: tpfnf2 - C:\WINDOWS\SYSTEM32\notifyf2.dll
O20 - Winlogon Notify: tphotkey - C:\WINDOWS\SYSTEM32\tphklock.dll
O21 - SSODL: Vision - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IPS ºËÐÄ·þÎñ (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE
O23 - Service: McAfee Framework ·þÎñ (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: System Update (SUService) -   - c:\program files\lenovo\system update\suservice.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe

[ Last edited by xylose on 2006-9-25 at 15:17 ]
 

TOP

cross_trauma

¼Î±ö»áÔ±

Rank: 4

Ìû×Ó
2248 
»ý·Ö
2266 
×¢²áʱ¼ä
2006-7-14 
35# ´ó ÖРС ·¢±íÓÚ 2006-10-9 23:00  Ö»¿´¸Ã×÷Õß
HijackThis_zwwºº»¯°æɨÃèÈÕÖ¾ V1.99.1
±£´æÓÚ      22:58:28, ÈÕÆÚ 2006-10-9
²Ù×÷ϵͳ£º  Windows XP SP1 (WinNT 5.01.2600)
ä¯ÀÀÆ÷£º    Internet Explorer v6.00 SP1 (6.00.2800.1106)

µ±Ç°ÔËÐеĽø³Ì£º         
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\System32\nvsvc32.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\SOUNDMAN.EXE
D:\WINDOWS\System32\Rundll32.exe
D:\WINDOWS\System32\ctfmon.exe
D:\WINDOWS\System32\RUNDLL32.EXE
e:\Logitech\MouseWare\system\em_exec.exe
D:\Program Files\MSN Messenger\msnmsgr.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Documents and Settings\zodiac\×ÀÃæ\HijackThis1991ºº»¯°æ\HijackThis1991zww.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - e:\QQ\QQIEHelper.dll
O2 - BHO: BrowseHelper Class - {80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9} - E:\KV2004\KvShell.dll (file missing)
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - E:\FLASHGET\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar1.dll
O3 - IE¹¤¾ßÀ¸ÔöÏî: ½­Ãñɱ¶¾¹¤¾ßÀ¸ - {B5A34A93-D538-43A7-8371-864CB6148D12} - E:\KV2004\KvShell.dll (file missing)
O3 - IE¹¤¾ßÀ¸ÔöÏî: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar1.dll
O3 - IE¹¤¾ßÀ¸ÔöÏî: µç̨(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O4 - Æô¶¯ÏîHKLM\\Run: [IMJPMIG8.1] "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - Æô¶¯ÏîHKLM\\Run: [PHIME2002ASync] D:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - Æô¶¯ÏîHKLM\\Run: [PHIME2002A] D:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - Æô¶¯ÏîHKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - Æô¶¯ÏîHKLM\\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - Æô¶¯ÏîHKLM\\Run: [nwiz] nwiz.exe /install
O4 - Æô¶¯ÏîHKLM\\Run: [Logitech Utility] Logi_MwX.Exe
O4 - Æô¶¯ÏîHKLM\\Run: [IMSCMig] D:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - Æô¶¯ÏîHKLM\\Run: [ExFilter] Rundll32.exe D:\WINDOWS\System32\hookdll.dll,ExecFilter solo
O4 - Æô¶¯ÏîHKLM\\Run: [KAVPersonal50] "e:\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - Global Startup: Adobe Gamma Loader.lnk = D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: Google ËÑË÷(&G) - res://d:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: ʹÓÃÍø¼Ê¿ì³µÏÂÔØ - E:\FLASHGET\jc_link.htm
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: ʹÓÃÍø¼Ê¿ì³µÏÂÔØÈ«²¿Á´½Ó - E:\FLASHGET\jc_all.htm
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: ·´ÏòÁ´½Ó - res://d:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: µ¼³öµ½ Microsoft Office Excel(&X) - res://E:\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: Ìí¼Óµ½QQ×Ô¶¨ÒåÃæ°å - e:\QQ\AddPanel.htm
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: Ìí¼Óµ½QQ±íÇé - e:\QQ\AddEmotion.htm
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: ÓÃQQ²ÊÐÅ·¢Ë͸ÃͼƬ - e:\QQ\SendMMS.htm
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: ÀàËÆÍøÒ³ - res://d:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: »º´æµÄÍøÒ³¿ìÕÕ - res://d:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: ·­ÒëÓ¢ÎÄ×Ö´Ê(&T) - res://d:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: Ãâ·Ñ¾«²ÊÊÓƵ³¬Á÷³©ÔÚÏß¹Û¿´ - {022C4009-5283-4365-97BF-144054B40E2E} - http://itv.mop.com (file missing)
O9 - ä¯ÀÀÆ÷¶îÍâµÄ¡°¹¤¾ß¡±²Ëµ¥Ïî: ²¥°ÔµçÊÓ - {022C4009-5283-4365-97BF-144054B40E2E} - http://itv.mop.com (file missing)
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: ÐÅÏ¢¼ìË÷ - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm
O9 - ä¯ÀÀÆ÷¶îÍâµÄ¡°¹¤¾ß¡±²Ëµ¥Ïî: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - e:\QQ\QQ.EXE
O9 - ä¯ÀÀÆ÷¶îÍâµÄ¡°¹¤¾ß¡±²Ëµ¥Ïî: ÌÚѶQQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - e:\QQ\QQ.EXE
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\FLASHGET\JETCAR.EXE
O9 - ä¯ÀÀÆ÷¶îÍâµÄ¡°¹¤¾ß¡±²Ëµ¥Ïî: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\FLASHGET\JETCAR.EXE
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: Ò×Ȥ¹ºÎï - {DE60714F-AC17-427e-861A-FD60CBDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing)
O9 - ä¯ÀÀÆ÷¶îÍâµÄ¡°¹¤¾ß¡±²Ëµ¥Ïî: Ò×Ȥ¹ºÎï - {DE60714F-AC17-427e-861A-FD60CBDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing)
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - e:\QQ\QQIEHelper.dll
O9 - ä¯ÀÀÆ÷¶îÍâµÄ¡°¹¤¾ß¡±²Ëµ¥Ïî: QQìŲʹ¤¾ßÌõÉèÖà - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - e:\QQ\QQIEHelper.dll
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\MSMSGS.EXE
O9 - ä¯ÀÀÆ÷¶îÍâµÄ¡°¹¤¾ß¡±²Ëµ¥Ïî: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} (pCastPanel Class) - http://ps.itv.mop.com/dn/files/pCastCtl-1.0.0.90-signed.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{381ECA66-AD99-429B-9648-0CDA81764337}: Domain = tongji.edu.cn
O17 - HKLM\System\CCS\Services\Tcpip\..\{381ECA66-AD99-429B-9648-0CDA81764337}: NameServer = 202.96.199.133 202.96.209.5
O17 - HKLM\System\CCS\Services\Tcpip\..\{8906A312-3FF5-4391-9665-CBA3FE58E1F4}: NameServer = 202.96.199.133,202.96.209.5
O17 - HKLM\System\CS1\Services\Tcpip\..\{381ECA66-AD99-429B-9648-0CDA81764337}: Domain = tongji.edu.cn
O17 - HKLM\System\CS1\Services\Tcpip\..\{381ECA66-AD99-429B-9648-0CDA81764337}: NameServer = 202.96.199.133 202.96.209.5
O18 - ÁоÙÏÖÓеÄЭÒé: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - ÁоÙÏÖÓеÄЭÒé: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - NT ·þÎñ: kavsvc - Kaspersky Lab - e:\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - NT ·þÎñ: KVSrvXP - Unknown owner - E:\KV2004\KVSrvXP.exe (file missing)
O23 - NT ·þÎñ: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
 

TOP

cross_trauma

¼Î±ö»áÔ±

Rank: 4

Ìû×Ó
2248 
»ý·Ö
2266 
×¢²áʱ¼ä
2006-7-14 
36# ´ó ÖРС ·¢±íÓÚ 2006-10-10 19:44  Ö»¿´¸Ã×÷Õß
HijackThis_zwwºº»¯°æɨÃèÈÕÖ¾ V1.99.1
±£´æÓÚ      19:05:10, ÈÕÆÚ 2006-10-10
²Ù×÷ϵͳ£º  Windows ME (Win9x 4.90.3000)
ä¯ÀÀÆ÷£º    Internet Explorer v6.00 SP1 (6.00.2800.1106)

µ±Ç°ÔËÐеĽø³Ì£º         
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\EXPLORER.EXE
E:\HIJACKTHIS1991ºº»¯°æ\HIJACKTHIS1991ZWW.EXE

R3 - URLSearchHook: BDSrchHook Class - {2C5AA40E-8814-4EB6-876E-7EFB8B3F9662} - C:\WINDOWS\DOWNLOADED PROGRAM FILES\BDSRHOOK.DLL
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRAM FILES\FLASHGET\JCCATCH.DLL
O2 - BHO: BDHlprObj Class - {CA92B524-BC8A-4610-BD2C-6BD3E28155D0} - C:\WINDOWS\DOWNLOADED PROGRAM FILES\BDHELPER.DLL.NEW
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\ACROBAT\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: °Ù¶ÈËÑ°Ô - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\WINDOWS\DOWNLOADED PROGRAM FILES\BAIDUBAR.DLL
O2 - BHO: IEBandObj Class - {D4F7605B-084D-4353-A1E1-C1BC3161938C} - C:\PROGRAM FILES\YAHOO!\MINIMSGR\YMINI.DLL
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\SYSTEM\XUNLEIBHO_V4.DLL
O2 - BHO: CNNIC_IDN - {35980F6E-A137-4E50-953D-813BB8556899} - C:\WINDOWS\SYSTEM\CDNIEHLP.DLL
O3 - IE¹¤¾ßÀ¸ÔöÏî: °Ù¶ÈËÑ°Ô - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\WINDOWS\DOWNLOADED PROGRAM FILES\BAIDUBAR.DLL
O3 - IE¹¤¾ßÀ¸ÔöÏî: µç̨(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - IE¹¤¾ßÀ¸ÔöÏî: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\FGIEBAR.DLL
O4 - Æô¶¯ÏîHKLM\\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - Æô¶¯ÏîHKLM\\Run: [ICSMGR] ICSMGR.EXE
O4 - Æô¶¯ÏîHKLM\\Run: [Norton Auto-Protect] C:\PROGRA~1\NORTON~1\NAVAPW32.EXE /LOADQUIET
O4 - Æô¶¯ÏîHKLM\\Run: [CApp] C:\WINDOWS\SYSTEM\capp.exe
O4 - Æô¶¯ÏîHKLM\\Run: [Bron-Spizaetus] "C:\WINDOWS\ShellNew\sempalong.exe"
O4 - HKCU\..\Run: [Tok-Cirrhatus] "C:\WINDOWS\Application Data\smss.exe"
O4 - Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Empty.pif = ?
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: ºÀ½Ü³¬¼¶½â°ÔV8ʵʱ²¥·Å - C:\Herosoft\HeroV8\MPURLGET.HTM
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: °Ù¶ÈËÑË÷ - res://C:\WINDOWS\DOWNLOADED PROGRAM FILES\BAIDUBAR.DLL/BAIDUSEARCH.HTM
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: °Ù¶ÈÐÂÎÅËÑË÷ - res://C:\WINDOWS\DOWNLOADED PROGRAM FILES\BAIDUBAR.DLL/BAIDUNEWS.HTM
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: °Ù¶ÈͼƬËÑË÷ - res://C:\WINDOWS\DOWNLOADED PROGRAM FILES\BAIDUBAR.DLL/BAIDUIMG.HTM
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: °Ù¶Èmp3ËÑË÷ - res://C:\WINDOWS\DOWNLOADED PROGRAM FILES\BAIDUBAR.DLL/BAIDUMP3.HTM
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: °Ù¶ÈFlashËÑË÷ - res://C:\WINDOWS\DOWNLOADED PROGRAM FILES\BAIDUBAR.DLL/FLASHSEARCH.HTM
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: °Ù¶ÈÐÅÏ¢¿ìµÝËÑË÷ - res://C:\WINDOWS\DOWNLOADED PROGRAM FILES\BAIDUBAR.DLL/BAIDUIE.HTM
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: ʹÓÃÍø¼Ê¿ì³µÏÂÔØ - C:\PROGRAM FILES\FLASHGET\jc_link.htm
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: ʹÓÃÍø¼Ê¿ì³µÏÂÔØÈ«²¿Á´½Ó - C:\PROGRAM FILES\FLASHGET\jc_all.htm
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: &ʹÓñ©·çÏÂÔØÆ÷ÏÂÔØ - C:\PROGRAM FILES\RINGZ STUDIO\STORM DOWNLOADER\geturl.htm
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - ä¯ÀÀÆ÷¶îÍâµÄ¡°¹¤¾ß¡±²Ëµ¥Ïî: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: ºÀ½Ü³¬¼¶½â°ÔV8 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - C:\Herosoft\HeroV8\STHSDVD.EXE (file missing)
O9 - ä¯ÀÀÆ÷¶îÍâµÄ¡°¹¤¾ß¡±²Ëµ¥Ïî: ºÀ½Ü³¬¼¶½â°ÔV8 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - C:\Herosoft\HeroV8\STHSDVD.EXE (file missing)
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: ½ðɽ´Ê°Ô - {C8CE29C5-7589-11D3-B81B-0080C8DC5DC8} - C:\PROGRA~1\KINGSOFT\XDICT\IEPLUGIN.DLL
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: ׿Խ - {8DE0FCD4-5EB5-11D3-AD25-00002100131B} - C:\PROGRA~1\KINGSOFT\XDICT\IEPLUGIN.DLL
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: ÑÅ»¢ÓÊÏäͨ - {D1B76CE4-CCCA-4B22-9ECB-09F85C140904} - yminimsgr:ClickIEBT (file missing)
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\FLASHGET.EXE
O9 - ä¯ÀÀÆ÷¶îÍâµÄ¡°¹¤¾ß¡±²Ëµ¥Ïî: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\FLASHGET.EXE
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: Ò×Ȥ¹ºÎï - {DE60714F-AC17-427e-861A-FD60CBDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing)
O9 - ä¯ÀÀÆ÷¶îÍâµÄ¡°¹¤¾ß¡±²Ëµ¥Ïî: Ò×Ȥ¹ºÎï - {DE60714F-AC17-427e-861A-FD60CBDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing)
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: ÖÐÎÄÓòÃû - {35980F6E-A137-4E50-953D-813BB8556899} - C:\WINDOWS\SYSTEM\CDNIEHLP.DLL
O9 - ä¯ÀÀÆ÷¶îÍâµÄ¡°¹¤¾ß¡±²Ëµ¥Ïî: ÖÐÎÄÓòÃû - {35980F6E-A137-4E50-953D-813BB8556899} - C:\WINDOWS\SYSTEM\CDNIEHLP.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - file://C:\Herosoft\HeroV8\DVDSkin\defskin\HTML\swflash.cab
 

TOP

xianzhj

¸ß¼¶¹ó±ö

Rank: 5Rank: 5

Ìû×Ó
135 
»ý·Ö
241 
×¢²áʱ¼ä
2005-8-17 
37# ´ó ÖРС ·¢±íÓÚ 2006-10-30 06:09  Ö»¿´¸Ã×÷Õß
Âé·³°æÖ÷Ò²°ïÎÒ¿´¿´°¡£¬ÎÒÏÖÔÚ»úÆ÷Æô¶¯¾ÞÂý£¬»ù±¾ÉÏÒª2·ÖÖÓ²ÅÓз´Ó¦
Ò»¸öÌû×Óд²»Ï£¬·ÖÁ½¸öÌû×Ó

Logfile of HijackThis v1.99.1
Scan saved at 22:03:45, on 29/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\mcshield.exe
C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TPHDEXLG.EXE
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ThinkPad\ConnectUtilities\AcMurocHlpr.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\TpShocks.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
C:\WINDOWS\system32\TpScrLk.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
D:\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Jun\Desktop\hijackthis\HijackThis.exe
T43 44U PM750-1.86G 1024M 80G 14.1SXGA  ATI X300 64M 56K/1Gb/802.11g/FPR/XPH COMBO 2.3KG
 

TOP

xianzhj

¸ß¼¶¹ó±ö

Rank: 5Rank: 5

Ìû×Ó
135 
»ý·Ö
241 
×¢²áʱ¼ä
2005-8-17 
38# ´ó ÖРС ·¢±íÓÚ 2006-10-30 06:10  Ö»¿´¸Ã×÷Õß
ÕâÊǵڶþ²¿·Ö£¬¶àл°æÖ÷

O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v8.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\TEXTware\QUICKF~1\PlugIns\IEHelp.dll
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [TPKBDLED] C:\WINDOWS\system32\TpScrLk.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Teclast WE PC Camera
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "D:\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Active Desktop Calendar] C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = %SystemRoot%\Installer\{AC76BA86-2052-0000-7760-100000000002}\SC_Acrobat.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = D:\Microsoft Office\OFFICE11\ONENOTEM.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &ʹÓÃѸÀ×ÏÂÔØ - C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm
O8 - Extra context menu item: &ʹÓÃѸÀ×ÏÂÔØÈ«²¿Á´½Ó - C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: ʹÓÃÍø¼Ê¿ì³µÏÂÔØ - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: ʹÓÃÍø¼Ê¿ì³µÏÂÔØÈ«²¿Á´½Ó - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: ÔÚFoxmailÖÐÌí¼Ó¸ÃRSSƵµÀ/ƵµÀ×é - res://C:\WINDOWS\system32\fmrsslink.dll/201
O8 - Extra context menu item: ת»»Îª Adobe PDF - res://D:\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: ת»»ÎªÏÖÓÐ PDF - res://D:\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: ת»»Ñ¡¶¨µÄÁ´½ÓΪ Adobe PDF - res://D:\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: ת»»Ñ¡¶¨µÄÁ´½ÓΪÏÖÓÐ PDF - res://D:\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: ת»»Ñ¡ÏîΪ Adobe PDF - res://D:\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: ת»»Ñ¡ÏîΪÏÖÓÐ PDF - res://D:\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: ת»»Á´½ÓÄ¿±êΪ Adobe PDF - res://D:\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: ת»»Á´½ÓÄ¿±êΪÏÖÓÐ PDF - res://D:\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: ???¡¥??¨¤¡Á - {0062C9BD-B349-40DE-91A0-755F37ACD559} - C:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra 'Tools' menuitem: ???¡¥??¨¤¡Á - {0062C9BD-B349-40DE-91A0-755F37ACD559} - C:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Software Installer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\PkgMgr.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/micr ... e.cab?1158192430859
O16 - DPF: {74FFE28D-2378-11D5-990C-006094235084} (IBM Access Support) - http://www-307.ibm.com/pc/support/IbmEgath.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: textwareilluminatorbase - {CE5CD329-1650-414A-8DB0-4CBF72FAED87} - C:\WINDOWS\system32\textwareilluminatorbaseProtocol.dll
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O20 - Winlogon Notify: tpfnf2 - C:\WINDOWS\SYSTEM32\notifyf2.dll
O20 - Winlogon Notify: tphotkey - C:\WINDOWS\SYSTEM32\tphklock.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - D:\MATLAB71\webserver\bin\win32\matlabserver.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
T43 44U PM750-1.86G 1024M 80G 14.1SXGA  ATI X300 64M 56K/1Gb/802.11g/FPR/XPH COMBO 2.3KG
 

TOP

ÂÞµÀ

¸ß¼¶¹ó±ö

Rank: 5Rank: 5

Ïò1200³å»÷

Ìû×Ó
363 
»ý·Ö
519 
×¢²áʱ¼ä
2006-9-5 
39# ´ó ÖРС ·¢±íÓÚ 2006-11-6 21:33  Ö»¿´¸Ã×÷Õß
HijackThis_zwwºº»¯°æɨÃèÈÕÖ¾ V1.99.1
±£´æÓÚ      21:31:57, ÈÕÆÚ 2006-11-6
²Ù×÷ϵͳ£º  Windows XP SP2 (WinNT 5.01.2600)
ä¯ÀÀÆ÷£º    Internet Explorer v6.00 SP2 (6.00.2900.2180)

µ±Ç°ÔËÐеĽø³Ì£º         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
c:\program files\lenovo\system update\suservice.exe
C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\WINDOWS\System32\TPHDEXLG.EXE
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\TpShocks.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\TpScrLk.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\svchost.exe
D:\Program Files\Tencent\TT\TTraveler.exe
D:\Program Files\Tencent\QQ\QQ.exe
D:\Program Files\Tencent\QQ\TIMPlatform.exe
C:\WINDOWS\system32\taskmgr.exe
D:\Program Files\Tencent\TT\TCPlus.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe
D:\Èí¼þ±¸·Ý\HB_Hijackthis1991zww814_Pconline.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
D:\Èí¼þ±¸·Ý\HijackThis1991ºº»¯°æ\HijackThis1991zww.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - d:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ThinkVantage Password Manager - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O4 - Æô¶¯ÏîHKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - Æô¶¯ÏîHKLM\\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - Æô¶¯ÏîHKLM\\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - Æô¶¯ÏîHKLM\\Run: [RavAV] C:\WINDOWS\RavMonE.exe
O4 - Æô¶¯ÏîHKLM\\Run: [TP4EX] tp4ex.exe
O4 - Æô¶¯ÏîHKLM\\Run: [LPManager] C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
O4 - Æô¶¯ÏîHKLM\\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - Æô¶¯ÏîHKLM\\Run: [ISUSPM Startup] c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - Æô¶¯ÏîHKLM\\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - Æô¶¯ÏîHKLM\\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
O4 - Æô¶¯ÏîHKLM\\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - Æô¶¯ÏîHKLM\\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - Æô¶¯ÏîHKLM\\Run: [PCSuiteTrayApplication] D:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - Æô¶¯ÏîHKLM\\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - Æô¶¯ÏîHKLM\\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - Æô¶¯ÏîHKLM\\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - Æô¶¯ÏîHKLM\\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - Æô¶¯ÏîHKLM\\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - Æô¶¯ÏîHKLM\\Run: [TPKBDLED] C:\WINDOWS\system32\TpScrLk.exe
O4 - Æô¶¯ÏîHKLM\\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - Æô¶¯ÏîHKLM\\Run: [PDService.exe] "C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe"
O4 - Æô¶¯ÏîHKLM\\Run: [MSConfig]
Ïò1200³å»÷
 

TOP

ÂÞµÀ

¸ß¼¶¹ó±ö

Rank: 5Rank: 5

Ïò1200³å»÷

Ìû×Ó
363 
»ý·Ö
519 
×¢²áʱ¼ä
2006-9-5 
40# ´ó ÖРС ·¢±íÓÚ 2006-11-6 21:34  Ö»¿´¸Ã×÷Õß
C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: desktop.ini
O4 - Global Startup: desktop.ini
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: &ʹÓÃѸÀ×ÏÂÔØ - d:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: &ʹÓÃѸÀ×ÏÂÔØÈ«²¿Á´½Ó - d:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: ÉÏ´«µ½QQÍøÂçÓ²ÅÌ - D:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: ·¢Ë͵½ Bluetooth É豸(&B)... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: µ¼³öµ½ Microsoft Office Excel(&X) - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: Ìí¼Óµ½QQ×Ô¶¨ÒåÃæ°å - D:\Program Files\Tencent\QQ\AddPanel.htm
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: Ìí¼Óµ½QQ±íÇé - D:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: ÓÃQQ²ÊÐÅ·¢Ë͸ÃͼƬ - D:\Program Files\Tencent\QQ\SendMMS.htm
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - ä¯ÀÀÆ÷¶îÍâµÄ¡°¹¤¾ß¡±²Ëµ¥Ïî: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: Æô¶¯Ñ¸À× - {0062C9BD-B349-40DE-91A0-755F37ACD559} - d:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - ä¯ÀÀÆ÷¶îÍâµÄ¡°¹¤¾ß¡±²Ëµ¥Ïî: Æô¶¯Ñ¸À× - {0062C9BD-B349-40DE-91A0-755F37ACD559} - d:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: Web·´²¡¶¾±£»¤ - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: ÐÅÏ¢¼ìË÷ - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Program Files\Tencent\QQ\QQ.EXE
O9 - ä¯ÀÀÆ÷¶îÍâµÄ¡°¹¤¾ß¡±²Ëµ¥Ïî: ÌÚѶQQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Program Files\Tencent\QQ\QQ.EXE
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - ä¯ÀÀÆ÷¶îÍâµÄ¡°¹¤¾ß¡±²Ëµ¥Ïî: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: ¸üРThinkPad Èí¼þ - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\PkgMgr.exe
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: Ò×Ȥ¹ºÎï - {DE60714F-AC17-427e-861A-FD60CBDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing)
O9 - ä¯ÀÀÆ÷¶îÍâµÄ¡°¹¤¾ß¡±²Ëµ¥Ïî: Ò×Ȥ¹ºÎï - {DE60714F-AC17-427e-861A-FD60CBDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing)
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - ä¯ÀÀÆ÷¶îÍâµÄ¡°¹¤¾ß¡±²Ëµ¥Ïî: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com/cn/zh/
O16 - DPF: {8686F2A6-DC01-4E8F-BDE3-DCC7DBBAD6AE} (163Uploader Control) - http://upload.photo.163.com/163Uploader.cab
O18 - ÁоÙÏÖÓеÄЭÒé: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - ÁоÙÏÖÓеÄЭÒé: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: tpfnf2 - C:\WINDOWS\SYSTEM32\notifyf2.dll
O20 - Winlogon Notify: tphotkey - C:\WINDOWS\SYSTEM32\tphklock.dll
O23 - NT ·þÎñ: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - NT ·þÎñ: ¿¨°Í˹»ù·´²¡¶¾6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
O23 - NT ·þÎñ: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - NT ·þÎñ: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - NT ·þÎñ: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - NT ·þÎñ: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - NT ·þÎñ: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe
O23 - NT ·þÎñ: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - NT ·þÎñ: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - NT ·þÎñ: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - NT ·þÎñ: System Update (SUService) -   - c:\program files\lenovo\system update\suservice.exe
O23 - NT ·þÎñ: ThinkVantage Registry Monitor Service - Unknown owner - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - NT ·þÎñ: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.EXE
O23 - NT ·þÎñ: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
O23 - NT ·þÎñ: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
O23 - NT ·þÎñ: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe

7ÐÖ£¬°ïæ¿´¿´£¬Ë³±ã°ÑÄÇЩÏîµÄ×÷ÓýâÊÍÒ»ÏÂŶ£¬»¹Óнâ¾öµÄ·½·¨£¬Ð»Ð»Å¶
Ïò1200³å»÷
 

TOP

vip007

ÓÎÄÁÈËEC

°æÖ÷

Rank: 7Rank: 7Rank: 7

Ìû×Ó
11760 
»ý·Ö
8936 
×¢²áʱ¼ä
2005-11-27 
41# ´ó ÖРС ·¢±íÓÚ 2006-11-9 19:15  Ö»¿´¸Ã×÷Õß
Çë²»Òª·¢ÔÚÕâ¸öÌùºóÃæ ²»È»»á±»ÎÒºöÊӵģ¡£¡£¡£¡
©³©Ó©·©³©Ó©·©³©Ó©·©³©Ó©·
©Ä°æ©Ì©ÄȨ©Ì©ÄËù©Ì©ÄÓЩÌ
©»©Û©¿©»©Û©¿©»©Û©¿©»©Û©¿
 

TOP

ÂÞµÀ

¸ß¼¶¹ó±ö

Rank: 5Rank: 5

Ïò1200³å»÷

Ìû×Ó
363 
»ý·Ö
519 
×¢²áʱ¼ä
2006-9-5 
42# ´ó ÖРС ·¢±íÓÚ 2006-11-12 17:25  Ö»¿´¸Ã×÷Õß
ÒѾ­·¢µ½Ö÷ÌâÁбíÁË
Ïò1200³å»÷
 

TOP

110458933

¸ß¼¶¹ó±ö

Rank: 5Rank: 5

Ìû×Ó
2845 
»ý·Ö
1504 
×¢²áʱ¼ä
2006-9-4 
43# ´ó ÖРС ·¢±íÓÚ 2006-11-19 16:52  Ö»¿´¸Ã×÷Õß
HijackThis_zwwºº»¯°æɨÃèÈÕÖ¾ V1.99.1
±£´æÓÚ      19:51:24, ÈÕÆÚ 2006-11-19
²Ù×÷ϵͳ£º  Windows XP SP2 (WinNT 5.01.2600)
ä¯ÀÀÆ÷£º    Internet Explorer v6.00 SP2 (6.00.2900.2180)

µ±Ç°ÔËÐеĽø³Ì£º         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
c:\program files\lenovo\system update\suservice.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\TPHDEXLG.EXE
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
C:\WINDOWS\system32\UAService.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\TpShocks.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
C:\WINDOWS\system32\TpScrLk.exe
C:\WINDOWS\VM303_STI.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACP.EXE
D:\Program Files\D-Tools\daemon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
D:\Program Files\Tencent\QQ\QQ.exe
d:\Program Files\Tencent\QQ\TIMPlatform.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\wzx\LOCALS~1\Temp\Rar$EX00.375\HijackThis1991zww.exe

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O4 - Æô¶¯ÏîHKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - Æô¶¯ÏîHKLM\\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - Æô¶¯ÏîHKLM\\Run: [TpShocks] TpShocks.exe
O4 - Æô¶¯ÏîHKLM\\Run: [TP4EX] tp4ex.exe
O4 - Æô¶¯ÏîHKLM\\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - Æô¶¯ÏîHKLM\\Run: [TPHOTKEY] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - Æô¶¯ÏîHKLM\\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - Æô¶¯ÏîHKLM\\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - Æô¶¯ÏîHKLM\\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - Æô¶¯ÏîHKLM\\Run: [LPManager] C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
O4 - Æô¶¯ÏîHKLM\\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - Æô¶¯ÏîHKLM\\Run: [ISUSPM Startup] c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - Æô¶¯ÏîHKLM\\Run: [ISUSScheduler] "c:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - Æô¶¯ÏîHKLM\\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - Æô¶¯ÏîHKLM\\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
O4 - Æô¶¯ÏîHKLM\\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - Æô¶¯ÏîHKLM\\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - Æô¶¯ÏîHKLM\\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - Æô¶¯ÏîHKLM\\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - Æô¶¯ÏîHKLM\\Run: [EPSON Stylus CX3700 Series (¸±±¾ 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACP.EXE /P35 "EPSON Stylus CX3700 Series (¸±±¾ 1)" /O6 "USB001" /M "Stylus CX3700"
O4 - Æô¶¯ÏîHKLM\\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
T2500- 2.0G 1G 80G 14.1SXGA+ ATI X1400 128M 56K/1Gb/802.11g/BT/XPH/ DVD-R(8X) 2.3
 

TOP

110458933

¸ß¼¶¹ó±ö

Rank: 5Rank: 5

Ìû×Ó
2845 
»ý·Ö
1504 
×¢²áʱ¼ä
2006-9-4 
44# ´ó ÖРС ·¢±íÓÚ 2006-11-19 16:54  Ö»¿´¸Ã×÷Õß
O4 - Æô¶¯ÏîHKLM\\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
O4 - Æô¶¯ÏîHKLM\\Run: [TPKBDLED] C:\WINDOWS\system32\TpScrLk.exe
O4 - Æô¶¯ÏîHKLM\\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - Æô¶¯ÏîHKLM\\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - Æô¶¯ÏîHKLM\\Run: [EPSON Stylus CX3700 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACP.EXE /P26 "EPSON Stylus CX3700 Series" /O6 "USB001" /M "Stylus CX3700"
O4 - Æô¶¯ÏîHKLM\\Run: [DAEMON Tools-2052] "D:\Program Files\D-Tools\daemon.exe"  -lang 1033
O4 - Æô¶¯ÏîHKLM\\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - Æô¶¯ÏîHKLM\\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NBJ] "D:\Program Files\nero\Nero BackItUp\NBJ.exe"
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: À¶ÑÀ¿ØÖÆÅÌ.lnk = ?
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: ÉÏ´«µ½QQÍøÂçÓ²ÅÌ - D:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: ·¢Ë͵½ Bluetooth É豸(&B)... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: µ¼³öµ½ Microsoft Office Excel(&X) - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: Ìí¼Óµ½QQ×Ô¶¨ÒåÃæ°å - D:\Program Files\Tencent\QQ\AddPanel.htm
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: Ìí¼Óµ½QQ±íÇé - D:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - IEÓÒ¼ü²Ëµ¥ÖеÄÐÂÔöÏîÄ¿: ÓÃQQ²ÊÐÅ·¢Ë͸ÃͼƬ - D:\Program Files\Tencent\QQ\SendMMS.htm
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: ÐÅÏ¢¼ìË÷ - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - ä¯ÀÀÆ÷¶îÍâµÄ¡°¹¤¾ß¡±²Ëµ¥Ïî: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: ¸üРThinkPad Èí¼þ - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\PkgMgr.exe
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - ä¯ÀÀÆ÷¶îÍâµÄ¡°¹¤¾ß¡±²Ëµ¥Ïî: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - ä¯ÀÀÆ÷¶îÍâµÄ°´Å¥: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - ä¯ÀÀÆ÷¶îÍâµÄ¡°¹¤¾ß¡±²Ëµ¥Ïî: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.microsoft.com/
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/wind ... e.cab?1162995935352
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O20 - Winlogon Notify: AwayNotify - C:\Program Files\Lenovo\AwayTask\AwayNotify.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: tpfnf2 - C:\WINDOWS\SYSTEM32\notifyf2.dll
O20 - Winlogon Notify: tphotkey - C:\WINDOWS\SYSTEM32\tphklock.dll
O23 - NT ·þÎñ: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - NT ·þÎñ: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - NT ·þÎñ: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - NT ·þÎñ: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - NT ·þÎñ: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - NT ·þÎñ: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - NT ·þÎñ: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - NT ·þÎñ: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - NT ·þÎñ: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - NT ·þÎñ: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - NT ·þÎñ: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - NT ·þÎñ: IPS ºËÐÄ·þÎñ (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE
O23 - NT ·þÎñ: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe
O23 - NT ·þÎñ: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - NT ·þÎñ: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - NT ·þÎñ: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - NT ·þÎñ: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - NT ·þÎñ: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - NT ·þÎñ: System Update (SUService) -   - c:\program files\lenovo\system update\suservice.exe
O23 - NT ·þÎñ: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - NT ·þÎñ: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.EXE
O23 - NT ·þÎñ: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
O23 - NT ·þÎñ: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
O23 - NT ·þÎñ: SecuROM User Access Service (UserAccess) - Unknown owner - C:\WINDOWS\system32\UAService.exe
T2500- 2.0G 1G 80G 14.1SXGA+ ATI X1400 128M 56K/1Gb/802.11g/BT/XPH/ DVD-R(8X) 2.3
 

TOP

sunmeng2007

¸ß¼¶¹ó±ö

Rank: 5Rank: 5

Ìû×Ó
148 
»ý·Ö
287 
×¢²áʱ¼ä
2006-7-16 
45# ´ó ÖРС ·¢±íÓÚ 2006-12-18 19:49  Ö»¿´¸