1 .当我运行任何一个程序 在我D盘都会自动生成一个"pagefile"MS文件
2. 在我的C盘有个"caohui.hta"文件
HijackThis
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\ppks\mysql\bin\mysqld-nt.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
F:\游戏\New Folder\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
D:\software\HijackThis\HijackThis.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-
784B7D6BE0B3} - d:\software\电缱子邮书閈\rdinstall\安沧装癨
\Reader\ActiveX\AcroIEHelper.ocx (file missing)
O2 - BHO: NaviHelperObj Class - {3E422F49-1566-40D3-B43D-
077EF739AC32} - C:\WINDOWS\system32\NaviHelper.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} -
D:\software\QQ2005安装\anzhuang\QQIEHelper.dll (file missing)
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B}
- D:\software\FLASHGET\FLASHGET\jccatch.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-
0050BA6940E3} - D:\software\FLASHGET\FLASHGET\fgiebar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1
\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32
\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32
\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon
initialize
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common
Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DAEMON Tools-1033] "F:\游戏\New
Folder\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [KAVPersonal50] "D:\software\卡巴斯基\安装
\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe"
/background
O4 - HKCU\..\Run: [googletalk] "C:\Documents and Settings\Adam_PJ\
桌面\googletalk\googletalk.exe" /autostart
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control
Panel present
O8 - Extra context menu item: 上传到QQ网络硬盘 -
D:\software\QQ2006安装\安装\AddToNetDisk.htm
O8 - Extra context menu item: 使用网际快车下载 -
D:\software\FlashGet\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 -
D:\software\FlashGet\FlashGet\jc_all.htm
O8 - Extra context menu item: 导出到 Microsoft Excel(&x) -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ自定义面板 -
D:\software\QQ2006安装\安装\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\software\QQ2006安
装\安装\AddEmotion.htm
O8 - Extra context menu item: 用 - D:\software\QQ2005安装\安装
\QQ2005\SendMMS.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 -
D:\software\QQ2006安装\安装\SendMMS.htm
O9 - Extra button: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-
E800A446447A} - F:\游戏\浩方\HFGame3\GameClient.exe
O9 - Extra button: 卓越 - {8DE0FCD4-5EB5-11D3-AD25-00002100131B} -
D:\software\金鹕山酱词拾霸診\安沧装癨\IEPlugin.dll (file missing)
O9 - Extra button: 金山词霸 - {C8CE29C5-7589-11D3-B81B-
0080C8DC5DC8} - D:\software\金鹕山酱词拾霸診\安沧装癨\IEPlugin.dll
(file missing)
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} -
D:\software\QQ2006安装\anzhuang\QQ.EXE (file missing)
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-
00aa003c157b} - D:\software\QQ2006安装\anzhuang\QQ.EXE (file
missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-
0050BA6940E3} - D:\software\FLASHGET\FLASHGET\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29
-0050BA6940E3} - D:\software\FLASHGET\FLASHGET\flashget.exe
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-
4983E5A8AFE6} - D:\software\QQ2005安装\anzhuang\QQIEHelper.dll
(file missing)
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-
45d9-9460-4983E5A8AFE6} - D:\software\QQ2005安装
\anzhuang\QQIEHelper.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-
00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file
missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-
11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
(file missing)
O16 - DPF: FunshionCheckerCab -
http://www.funshion.com/download/FunshionChecker.CAB
O16 - DPF: {4770E24F-B363-4C88-87A8-265A5D93AA24}
(RSVideoPlayer.WindowControl) -
http://218.1.69.101/onlineview/video/viewer/include/RSVideoPlayer.
ocx
O16 - DPF: {7FC22A16-79E6-4787-9C96-B6359BB1106D} (DigitalTrafic
Control) - http://www.jt.sh.cn/trafficmap/jtj.cab
O16 - DPF: {C2664CD4-DA1C-11D3-9BE2-00A0C9E084E6} (Acme3D Control)
- http://www.microsova.com/i3dbox/i3dbox.cab
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon
Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: kavsvc - Kaspersky Lab - D:\software\卡巴斯基\安装
\Kaspersky Anti-Virus Personal Pro\kavsvc.exe
O23 - Service: mysqld - Unknown owner - C:\ppks\mysql\bin\mysqld-
nt.exe
O23 - Service: tomcat4 - Unknown owner -
C:\ppks\tomcat\bin\tomcat.exe (file missing)
我该怎么做:
