felon110 - 2005-11-6 17:58:00
HijackThis_815汉化版扫描日志 V1.99.1
当前运行的进程:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\PROGRA~1\KV2005\KVSrvXP.exe
C:\Program Files\KV2005\kvwsc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\Program Files\KV2005\KVMonXP_3.kxp
D:\Program Files\NetSpeedBooster\dns.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Totem Shared\Uninstall0002\upd.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\迅雷\Thunder.exe
C:\Program Files\KV2005\TrojDie_1.kxp
C:\Program Files\KV2005\KRegEx.exe
C:\WINDOWS\system32\DllHost.exe
D:\Downloads\qq2005\腾讯QQ\QQ.exe
D:\Downloads\qq2005\qq2005\腾讯QQ\TIMPlatform.exe
D:\Downloads\qq2005\腾讯QQ\QQ.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\svchost.exe
D:\Downloads\HijackThis 1.99\HijackThis1991zww.exe
R3 - 默认的URLSearchHook丢失。用HijackThis修复
O1 - Hosts: 219.238.233.252 forum.ikaka.com
O1 - Hosts: 221.2.138.82 221.2.138.82
O1 - Hosts: 61.135.150.113 www.sohu.com
O1 - Hosts: 61.152.90.212 www.2dai.com
O1 - Hosts: 210.51.190.95 www.whwd.com
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v8.dll
O2 - BHO: BrowseHelper Class - {80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9} - C:\Program Files\KV2005\KvShell_1.dll
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O3 - IE工具栏增项: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - C:\PROGRA~1\Kingsoft\FastAIT\IEBand.dll
O3 - IE工具栏增项: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\FLASHG~1\fgiebar.dll
O3 - IE工具栏增项: 江民杀毒工具栏 - {B5A34A93-D538-43A7-8371-864CB6148D12} - C:\Program Files\KV2005\KvShell_1.dll
O4 - 启动项HKLM\\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - 启动项HKLM\\Run: [IMSCMIG40W] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40W\IMSCMIG.EXE /SetPreload /Log
O4 - 启动项HKLM\\Run: [KvMonXP] "C:\Program Files\KV2005\KVMonXP_3.kxp" /auto
O4 - 启动项HKLM\\Run: [dns] D:\Program Files\NetSpeedBooster\dns.exe
O4 - 启动项HKLM\\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [Uninstall0002] "C:\Program Files\Common Files\Totem Shared\Uninstall0002\upd.exe" LASTCALL!adverts.stripsaver.com!StatsStripSaver
O4 - 启动项HKLM\\Run: [Thunder] "D:\Program Files\迅雷\ThunderShell.exe" /s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: IDW Logging Tool.lnk = C:\WINDOWS\system32\idwlog.exe
O8 - IE右键菜单中的新增项目: &使用迅雷下载 - D:\Program Files\迅雷\geturl.htm
O8 - IE右键菜单中的新增项目: &使用迅雷下载全部链接 - D:\Program Files\迅雷\getallurl.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - D:\FLASHG~1\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - D:\FLASHG~1\jc_all.htm
O8 - IE右键菜单中的新增项目: 导出到 Microsoft Office Excel(&X) - res://D:\PROGRA~1\OFFICE~1\OFFICE11\EXCEL.EXE/3000
O9 - 浏览器额外的按钮: 江民在线杀毒 - {06926B30-424E-4f1c-8EE3-543CD96573DC} - http://club.jiangmin.com/kvscan/KvOnline.asp (file missing)
O9 - 浏览器额外的“工具”菜单项: 江民在线杀毒 - {06926B30-424E-4f1c-8EE3-543CD96573DC} - http://club.jiangmin.com/kvscan/KvOnline.asp (file missing)
O9 - 浏览器额外的按钮: 豪杰超级解霸9 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - E:\Program Files\豪杰解霸\STHSDVD.EXE
O9 - 浏览器额外的“工具”菜单项: 豪杰超级解霸9 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - E:\Program Files\豪杰解霸\STHSDVD.EXE
O9 - 浏览器额外的按钮: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\FLASHG~1\flashget.exe
O9 - 浏览器额外的“工具”菜单项: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\FLASHG~1\flashget.exe
O10 - 未知的文件在 Winsock LSP: c:\windows\system32\kvwspxp.dll
O10 - 未知的文件在 Winsock LSP: c:\windows\system32\kvwspxp.dll
O10 - 未知的文件在 Winsock LSP: c:\windows\system32\kvwspxp.dll
O11 - Options group: [!ANetSpeeder] NetSpeeder
O16 - DPF: {1C3DE665-D259-4C72-9D7D-C51FCB4CCFB9} (Panasonic Network Camera) - http://ioc.jpn.ph:81/IPV6CAM.CAB
O16 - DPF: {2EA6D939-4445-43F1-A12B-8CB3DDA8B855} (BlueskyVideo Control) - http://chat.whinfo.net.cn/download/v2_60.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - http://panasonic.biz/netsys/netwkcam/hcm311_for_java.html
O16 - DPF: {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} (AxSubmitControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab
O16 - DPF: {991481A7-4669-4E15-8C24-100404E1F5CB} (Blueskyvoice Control) - http://chat.whinfo.net.cn/download/blueskyvoice_60.cab
O16 - DPF: {EF6205C1-3F17-4829-BCB5-1336ED89E356} - http://club.jiangmin.com/kvscan/KvDown.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{DFC47AC5-4889-49CB-A277-5D28362B9E1F}: NameServer = 202.102.152.3 202.102.154.3
O18 - 列举现有的协议: mbox - {7DEE9D05-FA0A-4416-A6F3-6537D0EAB6A6} - (no file)
O23 - NT 服务: ewido security suite control - ewido networks - D:\Program Files\security suite\ewidoctrl.exe
O23 - NT 服务: KVSrvXP - JiangMin New Tech Ltd. - C:\PROGRA~1\KV2005\KVSrvXP.exe
O23 - NT 服务: KVWSC - Jiangmin Co.Ltd - C:\Program Files\KV2005\kvwsc.exe
O23 - NT 服务: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - NT 服务: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
© 2000 - 2025 Rising Corp. Ltd.