跪求哪位高手大哥帮忙看下日志,小女子跪谢了! bbs.ikaka.com

灰姑娘2006 - 2006-7-12 11:22:00

HijackThis@Qoo的扫描日志 V1.97.7
Scan saved at 10:58:27, on 2006-7-12
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wpabaln.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
D:\迅雷\Program\Thunder5.exe
C:\WINDOWS\system32\conime.exe
D:\KWatch.EXE
D:\KPfwSvc.EXE
D:\KMailMon.EXE
D:\KavPFW.exe
C:\DOCUME~1\肖海波\LOCALS~1\Temp\Rar$EX00.953\HijackThis.exe

O2 - BHO: (no name) - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v8.dll
O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - D:\
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Thunder] "D:\
O4 - HKLM\..\Run: [KavStart] "D:\KAVStart.exe" -startup
O4 - HKLM\..\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [KavPFW] "D:\KavPFW.exe"
O4 - HKLM\..\RunOnce: [KAV75RUNONCE] C:\DOCUME~1\
O8 - Extra context menu item: &使用迅雷下载 - D:\
O8 - Extra context menu item: &使用迅雷下载全部链接 - D:\
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://F:\OFFICE~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O17 - HKLM\System\CCS\Services\Tcpip\..\{BB68D8C0-96D9-4207-BA5E-7CA3B57A14AF}: NameServer = 202.99.224.8,202.99.224.68
O17 - HKLM\System\CS1\Services\Tcpip\..\{BB68D8C0-96D9-4207-BA5E-7CA3B57A14AF}: NameServer = 202.99.224.8,202.99.224.68
O17 - HKLM\System\CS2\Services\Tcpip\..\{BB68D8C0-96D9-4207-BA5E-7CA3B57A14AF}: NameServer = 202.99.224.8,202.99.224.68

瑞星卡卡安全论坛