瑞星卡卡安全论坛

Logfile of HijackThis v1.99.1
Scan saved at 11:12:50, on 2006-7-7
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\mnsie.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CQMC\BroadBand\HNMainUI.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Founder\Emergency Center\Hotkey.exe
d:\uusee\mp4\usbscaner.exe
d:\uusee\mp4\DevMonApp.exe
C:\WINDOWS\system32\conime.exe
D:\KAV2005\KMailMon.EXE
F:\霸主外挂\简单霸主1.28免费PK版\JdBz.exe
F:\霸主外挂\简单霸主1.28免费PK版\JdBz.ini
F:\Legend of Mir\登陆器1.85.exe
D:\Maxthon\Maxthon.exe
D:\HijackThis.exe

R3 - URLSearchHook: (no name) - {BAB1AC41-6FF7-4F2E-A04E-5C592CCFEA7D} - (no file)
O1 - Hosts: 255.0.0.1 www.wg2046.com
O1 - Hosts: 255.0.0.1 wg2046.com
O4 - HKLM\..\Run: [KavStart] "d:\KAV2005\KAVStart.exe" -startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: 光e空间.lnk = C:\Program Files\CQMC\BroadBand\HelloNet.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &使用迅雷下载 - d:\Thunder\Program\GetUrl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - d:\Thunder\Program\GetAllUrl.htm
O8 - Extra context menu item: 添加到我的和讯网摘 - http://bookmark.hexun.com/inc/PostPage.aspx
O16 - DPF: {41973316-C6F3-11D7-A451-0050BABD8313} - http://activex.microsoft.com/objects/ocget.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{5B0408FD-2DE7-4D2E-B54E-B46961FDF0ED}: NameServer = 218.201.4.3 218.201.17.2
O20 - AppInit_DLLs: KB494002.LOG
O23 - Service: Sysbak hotkey Server (Sysbak_hotkey_Server) - Unknown owner - C:\Program Files\Founder\Emergency Center\Hotkey.exe
O23 - Service: UsbScaner Service  (UsbScaner) - Hoola Digital Media  Co.,Ltd - d:\uusee\mp4\usbscaner.exe



另外还有一个问题,我在C:\Program Files\Internet Explorer目录下发现一个东东:iedw.EXE
不知这个东西到底是干什么的,以前都没有的.另外我没开浏览器的时候IEXPLORE.EXE也被调用了,我怀疑中马了,而且很有可能和iedw有关.到网上搜索了一下,有的人说是iedw是微软的一个小工具,但是以前我电脑里都没有的啊.
请高手指点迷津.如果不介意我这是菜鸟可以加QQ讨论:178263926