HijackThis_zww汉化版扫描日志 V1.99.1
保存于 12:44:18, 日期 2006-8-18
操作系统: Windows XP SP2 (WinNT 5.01.2600)
浏览器: Internet Explorer v6.00 SP2 (6.00.2900.2180)
当前运行的进程:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\kav\KWatch.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
D:\kav\KAVStart.exe
C:\WINDOWS\system32\explorer.exe
C:\WINDOWS\system32\Srerver.exe
D:\kav\KPfwSvc.EXE
C:\Program Files\Microsoft\svhost32.exe
C:\WINDOWS\system32\slmdmsr.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\command\rundll32.exe
D:\kav\KMailMon.EXE
C:\WINDOWS\Config\svhost32.exe
C:\WINDOWS\system32\ctfmon.exe
D:\kav\KPFW32.EXE
C:\WINDOWS\system32\iExplorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\new\桌面\HijackThis1991zww.exe
O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\Program Files\Baidu\Bar\BaiduBar.dll
O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - d:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll
O3 - IE工具栏增项: 百度超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\Program Files\Baidu\Bar\BaiduBar.dll
O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - 启动项HKLM\\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - 启动项HKLM\\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - 启动项HKLM\\Run: [KavStart] "D:\kav\KAVStart.exe" -startup
O4 - 启动项HKLM\\Run: [explorer.exe] C:\WINDOWS\system32\explorer.exe
O4 - 启动项HKLM\\Run: [Systems32] C:\WINDOWS\system32\Srerver.exe
O4 - 启动项HKLM\\Run: [ms] C:\Program Files\Microsoft\svhost32.exe
O4 - 启动项HKLM\\Run: [_rx] C:\WINDOWS\command\rundll32.exe
O4 - 启动项HKLM\\Run: [fzg] C:\WINDOWS\Config\svhost32.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [KavPFW] "D:\kav\KPFW32.EXE"
O4 - HKCU\..\Run: [msq] C:\WINDOWS\system32\iExplorer.exe
O8 - IE右键菜单中的新增项目: &使用迅雷下载 - d:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm
O8 - IE右键菜单中的新增项目: &使用迅雷下载全部链接 - d:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm
O8 - IE右键菜单中的新增项目: 使用影音传送带下载 - C:\Program Files\Xi\NetTransport 2\NTAddLink.html
O8 - IE右键菜单中的新增项目: 使用影音传送带下载全部链接 - C:\Program Files\Xi\NetTransport 2\NTAddList.html
O8 - IE右键菜单中的新增项目: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - IE右键菜单中的新增项目: 用比特精灵下载(&B) - D:\Program Files\BitSpirit\bsurl.htm
O9 - 浏览器额外的按钮: 启动迅雷 - {0062C9BD-B349-40DE-91A0-755F37ACD559} - d:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - 浏览器额外的“工具”菜单项: 启动迅雷 - {0062C9BD-B349-40DE-91A0-755F37ACD559} - d:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - 浏览器额外的按钮: 微软 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.microsoft.com/china/index.htm (file missing)
O16 - DPF: {E689D735-1487-420D-9049-16ED198FE411} (vc Control) - http://update.viruschina.com/wmsj/vco.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{734391B5-5A23-42E8-BCBF-A15AD1152109}: NameServer = 202.198.16.3
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O23 - NT 服务: Kingsoft Personal Firewall Service (KPfwSvc) - Kingsoft Corporation - D:\kav\KPfwSvc.EXE
O23 - NT 服务: Kingsoft Antivirus KWatch Service (KWatchSvc) - Kingsoft Corporation - D:\kav\KWatch.EXE
O23 - NT 服务: Net Working Service (LoginService) - Unknown owner - C:\WINDOWS\svchost.exe (file missing)
O23 - NT 服务: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slmdmsr.exe
O23 - NT 服务: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
