http://www.516.com/?c按兄弟们要求修改问题依旧！！ bbs.ikaka.com

自由边缘 - 2006-4-4 0:10:00

下面是扫描的log。我删掉temp下面的文件，但问题依旧！！！
Logfile of HijackThis v1.99.1
Scan saved at 00:05:35 上午, on 2006-4-4
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
d:\Program Files\Dassault Systemes\B15\intel_a\code\bin\CATSysDemon.exe
D:\Program Files\Alias\Maya7.0\docs\wrapper.exe
C:\Program Files\Eset\nod32krn.exe
D:\Program Files\Alias\Maya7.0\docs\jre\bin\java.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spool\ugplot\ugiipqd.exe
D:\Program Files\EDS\License Servers\UGNXFLEXlm\lmgrd.exe
D:\Program Files\EDS\License Servers\UGNXFLEXlm\uglmd.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\WINDOWS\system32\conime.exe
C:\Documents and Settings\Administrator\桌面\HijackThis.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PcSync] D:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [HijackThis startup scan] C:\Documents and Settings\Administrator\桌面\HijackThis.exe /startupsca
O8 - Extra context menu item: 使用网际快车下载 - C:\Program Files\flashget\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - C:\Program Files\flashget\jc_all.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\Program Files\Tencent\qq\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\Program Files\Tencent\qq\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\Program Files\Tencent\qq\SendMMS.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\flashget\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\flashget\flashget.exe
O16 - DPF: {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} (AxSubmitControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{42F70E33-6450-47CF-84FF-CDC317EACF85}: NameServer = 202.102.128.68,202.102.152.3
O17 - HKLM\System\CS1\Services\Tcpip\..\{42F70E33-6450-47CF-84FF-CDC317EACF85}: NameServer = 202.102.128.68,202.102.152.3
O17 - HKLM\System\CS2\Services\Tcpip\..\{42F70E33-6450-47CF-84FF-CDC317EACF85}: NameServer = 202.102.128.68,202.102.152.3
O18 - Filter: text/html - {0EB00690-8FA1-11D3-96C7-829E3EA50C29} - C:\WINDOWS\system32\mfc312u.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Backbone Service (BBDemon) - Dassault Systemes - d:\Program Files\Dassault Systemes\B15\intel_a\code\bin\CATSysDemon.exe
O23 - Service: ewido security suite guard - ewido networks - D:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Maya 7.0 Documentation Server (maya70docserver) - Unknown owner - D:\Program Files\Alias\Maya7.0\docs\wrapper.exe" -s "D:\Program Files\Alias\Maya7.0\docs\Wrapper.conf (file missing)
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Unigraphics Plot Server (ugiipqd) (ugiipqd) - Unigraphics Solutions, Inc - C:\WINDOWS\system32\spool\ugplot\ugiipqd.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Unigraphics License Server (uglmd) - Macrovision Corporation - D:\Program Files\EDS\License Servers\UGNXFLEXlm\lmgrd.exe

瑞星卡卡安全论坛