1   1  /  1  页   跳转

【求助】自动弹出广告~(附日志~)

收藏
tesla
头像
初生襁褓狮
  • 帖子:9
  • 注册: 2006-09-03
  • 来自:
发表于: 2006-09-03 15:07 | 显示全部 短消息 资料
字号: 1楼

【求助】自动弹出广告~(附日志~)

偶的电腦总是不定时自动弹出不同的广告~
就算不开ie也会自动弹出~
用了好几种掃毒和广告的軟件也没效~
希望在这里有哪位高手可以拯救一下小弟的电腦吧~
拜託了~
2006-09-03,00:18:33

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Runing Processes (Including process model information)
File Associations


Boot Items


Registry

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
(ctfmon.exe)(C:\WINDOWS\system32\ctfmon.exe) [Microsoft Corporation]
(Super Rabbit IEPro)(; C:\PROGRA~1\Super Rabbit\magicset\SRIECLI.EXE /LOAD) [Super Rabbit Soft]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
(load)() []
(run)() []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
(IMJPMIG8.1)(C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32) [Microsoft Corporation]
(MSPY2002)(C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC) []
(PHIME2002ASync)(; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC) [Microsoft Corporation]
(PHIME2002A)(; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName) [Microsoft Corporation]
(VTTimer)(VTTimer.exe) [S3 Graphics, Inc.]
(ASUS Probe)(C:\Program Files\ASUS\Probe\AsusProb.exe) []
(Smapp)(C:\Program Files\Analog Devices\SoundMAX\SMTray.exe) [Analog Devices, Inc.]
(iTunesHelper)("C:\Program Files\iTunes\iTunesHelper.exe") [Apple Computer, Inc.]
(QuickTime Task)("C:\Program Files\QuickTime\qttask.exe" -atboottime) [Apple Computer, Inc.]
(KernelFaultCheck)(%systemroot%\system32\dumprep 0 -k) []
(AVG7_CC)(C:\PROGRA~1\Grisoft\AVG Free\avgcc.exe /STARTUP) [GRISOFT, s.r.o.]
(Super Rabbit SRRestore)(C:\Program Files\Super Rabbit\magicset\srrest.exe /autosave) [Super Rabbit Soft]
(Windows Defender)("C:\Program Files\Windows Defender\MSASCui.exe" -hide) [Microsoft Corporation]
(Desktop)(C:\WINDOWS\system32\rundll32.exe "C:\Program Files\DeskAdTop\Run.dll" ,Rundll) []
(spoolsv)(C:\WINDOWS\system32\spoolsv\spoolsv.exe -printer) [?镀?獺мΤそ]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
(uninsrest)(C:\DOCUME~1\GAVINN~1.000\LOCALS~1\Temp\uninrest.exe) []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
(shell)(Explorer.exe) [Microsoft Corporation]
(Userinit)(C:\WINDOWS\system32\userinit.exe,) [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
(AppInit_DLLs)() []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
(UIHost)(logonui.exe) [Microsoft Corporation]


Startup Folders

[Adobe Gamma Loader]
(C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk)(H)
[Adobe Reader Speed Launch]
(C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk)(H)
[PowerReg Scheduler]
(C:\Documents and Settings\gavin.NEOTECH.000\Start Menu\Programs\Startup\PowerReg Scheduler.exe)(N)


Services

[AVG7 Alert Manager Server / Avg7Alrt]
(C:\PROGRA~1\Grisoft\AVG Free\avgamsvr.exe)(GRISOFT, s.r.o.)
[AVG7 Update Service / Avg7UpdSvc]
(C:\PROGRA~1\Grisoft\AVG Free\avgupsvc.exe)(GRISOFT, s.r.o.)
[ewido anti-spyware 4.0 guard / ewido anti-spyware 4.0 guard]
(C:\Program Files\ewido anti-spyware 4.0\guard.exe)(Anti-Malware Development a.s.)
[InstallDriver Table Manager / IDriverT]
("C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe")(Macrovision Corporation)
[iPodService / iPodService]
(C:\Program Files\iPod\bin\iPodService.exe)(Apple Computer, Inc.)
[Macromedia Licensing Service / Macromedia Licensing Service]
("C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe")(Macromedia)
[SoundMAX Agent Service / SoundMAX Agent Service (default)]
(C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe)(Analog Devices, Inc.)


Browser Add-ons

[MonitorURL Class]
{08A312BB-5409-49FC-9347-54BB7D069AC6} (C:\PROGRA~1\DeskAdTop\deskipn.dll, )
[MyIEHelper Class]
{16B770A0-0E87-4278-B748-2460D64A8386} (C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper_5027.dll, Microsoft Corporation)
[]
{53707962-6F74-2D53-2644-206D7942484F} (C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll, Safer Networking Limited)
[BHOImp Class]
{70AFF2CB-9DA2-499C-8D15-900729FCE83D} (C:\WINDOWS\system32\YHBO.dll, YHBO)
[IeCatch2 Class]
{A5366673-E8CA-11D3-9CD9-0090271D075B} (C:\PROGRA~1\FlashGet\jccatch.dll, Amaze Soft)
[Google Toolbar Helper]
{AA58ED58-01DD-4d91-8333-CF10577473F7} (c:\program files\google\googletoolbar1.dll, Google Inc.)
[HpqYewwf Class]
{B628F86D-905C-780A-E105-38170AE9CE97} (C:\WINDOWS\DOWNLO~1\sgypk.dll, pfxpasoft)
[Yahoo 1G mail]
{507F9113-CD77-4866-BA92-0E86DA3D0B97} (http://cn.mail.yahoo.com/promo/rd1, N/A)
[&Research]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} (C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL, Microsoft Corporation)
[ICQ Lite]
{B863453A-26C3-4e1f-A54D-A2CD196348E9} (C:\Program Files\ICQLite\ICQLite.exe, ICQ Ltd.)
[FlashGet]
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} (C:\PROGRA~1\FlashGet\flashget.exe, Amaze Soft)
[D.S.Lite]
{F8475519-8412-4D40-A46E-692D9D04DF7F} (C:\Documents and Settings\gavin.NEOTECH.000\Desktop\HINET Xuite 更盡ノㄣ\DSLite2\DSLite.exe, watermonster.org)
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} (C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation)
[FlashGet Bar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} (C:\PROGRA~1\FlashGet\fgiebar.dll, Amaze Soft)
[ICQ Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} (C:\Program Files\ICQToolbar\toolbaru.dll, ICQ Inc.)
[&Google]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} (c:\program files\google\googletoolbar1.dll, Google Inc.)
[ewidoOnlineScan Control]
{193C772A-87BE-4B19-A7BB-445B226FE9A1} (C:\WINDOWS\DOWNLO~1\ewidoOnlineScan.dll, Anti-Malware Development a.s.)
[MonitorURL Class]
{08A312BB-5409-49FC-9347-54BB7D069AC6} (C:\PROGRA~1\DeskAdTop\deskipn.dll, )
[MyIEHelper Class]
{16B770A0-0E87-4278-B748-2460D64A8386} (C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper_5027.dll, Microsoft Corporation)
[&Google]
{2318C2B1-4965-11D4-9B18-009027A5CD4F} (c:\program files\google\googletoolbar1.dll, Google Inc.)
[Tabular Data Control]
{333C7BC4-460F-11D0-BC04-0080C7055A83} (C:\WINDOWS\System32\tdc.ocx, Microsoft Corporation)
[]
{53707962-6F74-2D53-2644-206D7942484F} (C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll, Safer Networking Limited)
[Shell Name Space]
{55136805-B2DE-11D1-B9F2-00A0C98BC547} (%SystemRoot%\system32\SHDOCVW.DLL, N/A)
[BHOImp Class]
{70AFF2CB-9DA2-499C-8D15-900729FCE83D} (C:\WINDOWS\system32\YHBO.dll, YHBO)
[ICQ Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} (C:\Program Files\ICQToolbar\toolbaru.dll, ICQ Inc.)
[IeCatch2 Class]
{A5366673-E8CA-11D3-9CD9-0090271D075B} (C:\PROGRA~1\FlashGet\jccatch.dll, Amaze Soft)
[Google Toolbar Helper]
{AA58ED58-01DD-4D91-8333-CF10577473F7} (c:\program files\google\googletoolbar1.dll, Google Inc.)
[HpqYewwf Class]
{B628F86D-905C-780A-E105-38170AE9CE97} (C:\WINDOWS\DOWNLO~1\sgypk.dll, pfxpasoft)
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} (C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.)
[FlashGet Bar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} (C:\PROGRA~1\FlashGet\fgiebar.dll, Amaze Soft)
[E&xport to Microsoft Excel]
(res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000, N/A)
[ㄏノ FlashGet 更]
(C:\Program Files\FlashGet\jc_link.htm, N/A)
[场ㄏノ FlashGet 更]
(C:\Program Files\FlashGet\jc_all.htm, N/A)
最后编辑2006-09-04 05:54:36
分享到:
gototop
 
tesla
头像
初生襁褓狮
  • 帖子:9
  • 注册: 2006-09-03
  • 来自:
发表于: 2006-09-03 15:09 | 显示全部 短消息 资料
字号: 2楼

Running Processes

[PID: 780][\SystemRoot\System32\smss.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 836][\??\C:\WINDOWS\system32\csrss.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 860][\??\C:\WINDOWS\system32\winlogon.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[C:\WINDOWS\system32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
[C:\WINDOWS\system32\wshcon32.dll] ()(4, 1, 0, 0)
[PID: 908][C:\WINDOWS\system32\services.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[C:\WINDOWS\system32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
[C:\WINDOWS\system32\wshcon32.dll] ()(4, 1, 0, 0)
[C:\WINDOWS\system32\msplus.dll] ()(1, 0, 0, 1)
[C:\WINDOWS\system32\quartz32.dll] ()(4, 1, 0, 0)
[C:\WINDOWS\system32\msplus1.dll] ()(1, 0, 0, 1)
[PID: 920][C:\WINDOWS\system32\lsass.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[C:\WINDOWS\system32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
[C:\WINDOWS\system32\msplus1.dll] ()(1, 0, 0, 1)
[PID: 1076][C:\WINDOWS\system32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[C:\WINDOWS\system32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
[PID: 1152][C:\WINDOWS\system32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[C:\WINDOWS\system32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
[C:\WINDOWS\system32\wshcon32.dll] ()(4, 1, 0, 0)
[PID: 1260][C:\WINDOWS\System32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[C:\WINDOWS\System32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
[C:\WINDOWS\system32\wshcon32.dll] ()(4, 1, 0, 0)
[PID: 1372][C:\WINDOWS\System32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[C:\WINDOWS\System32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
[PID: 1492][C:\WINDOWS\System32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[C:\WINDOWS\System32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
[PID: 1632][C:\WINDOWS\system32\spoolsv.exe] (Microsoft Corporation)(5.1.2600.2696 (xpsp_sp2_gdr.050610-1519))
[C:\WINDOWS\system32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
[PID: 1780][C:\PROGRA~1\Grisoft\AVG Free\avgamsvr.exe] (GRISOFT, s.r.o.)(7,1,0,365)
[C:\PROGRA~1\Grisoft\AVG Free\avglog.dll] (GRISOFT, s.r.o.)(7,1,0,349)
[C:\Program Files\Grisoft\AVG Free\avgcfg.dll] (GRISOFT, s.r.o.)(7,1,0,404)
[C:\Program Files\Grisoft\AVG Free\avgklib.dll] (GRISOFT, s.r.o.)(7,1,0,321)
[C:\Program Files\Grisoft\AVG Free\avglng.dll] (GRISOFT, s.r.o.)(7,1,0,400)
[C:\Program Files\Grisoft\AVG Free\avgamint.dll] (GRISOFT, s.r.o.)(7,1,0,349)
[C:\Program Files\Grisoft\AVG Free\avgamsps.dll] (GRISOFT, s.r.o.)(7,1,0,285)
[PID: 1864][C:\PROGRA~1\Grisoft\AVG Free\avgupsvc.exe] (GRISOFT, s.r.o.)(7,1,0,349)
[PID: 1896][C:\Program Files\ewido anti-spyware 4.0\guard.exe] (Anti-Malware Development a.s.)(4, 0, 0, 172)
[C:\Program Files\ewido anti-spyware 4.0\engine.dll] (Anti-Malware Development a.s.)(4, 0, 0, 172)
[C:\WINDOWS\system32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
[PID: 1936][C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe] (Analog Devices, Inc.)(3, 2, 6, 0)
[PID: 1960][C:\WINDOWS\System32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[C:\WINDOWS\System32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
[C:\WINDOWS\system32\wsndp202.dll] ()(0, 9, 0, 1)
[PID: 2012][C:\WINDOWS\system32\wdfmgr.exe] (Microsoft Corporation)(5.2.3790.1230 built by: dnsrv(bld4act))
[PID: 532][C:\WINDOWS\Explorer.EXE] (Microsoft Corporation)(6.00.2900.2180 (xpsp_sp2_rtm.040803-2158))
[C:\WINDOWS\system32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
[C:\Program Files\WinRAR\rarext.dll] (N/A)(N/A)
[C:\WINDOWS\system32\RhinoShExt.dll] (Robert McNeel & Associates)(1, 0, 0, 1)
[C:\Program Files\ICQLite\ICQLiteShell.dll] ()(20, 34, 2321, 0)
[C:\Program Files\ewido anti-spyware 4.0\context.dll] (Anti-Malware Development a.s.)(4, 0, 0, 172)
[C:\Program Files\GlobalSCAPE\CuteFTP\Cuteshell.dll] (GlobalSCAPE, Inc.)(50, 6, 3, 2)
[C:\Program Files\Grisoft\AVG Free\avgse.dll] (GRISOFT, s.r.o.)(7,1,0,354)
[C:\PROGRA~1\FlashGet\jccatch.dll] (Amaze Soft)(1, 1, 4, 0)
[C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll] (Safer Networking Limited)(1, 4, 0, 0)
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] (Adobe Systems, Inc.)(7.0.0.0)
[C:\Program Files\Common Files\Adobe\Shell\PSICON.DLL] (Adobe Systems, Incorporated)(7.0)
[C:\WINDOWS\system32\msicn\msibm.dll] (?镀?獺мΤそ)(2, 0, 0, 1)
[C:\Program Files\Real\RealPlayer\rpshell.dll] (RealNetworks, Inc.)(1.0.1.2237)
[C:\WINDOWS\system32\PNCRT.dll] (Real Networks, Inc)(6.0.0.0)
[C:\PROGRA~1\a-squared\a2contmenu.dll] (N/A)(N/A)
[PID: 1212][C:\WINDOWS\system32\ctfmon.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[C:\WINDOWS\system32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
[C:\WINDOWS\system32\msicn\msibm.dll] (?镀?獺мΤそ)(2, 0, 0, 1)
[PID: 1360][C:\WINDOWS\System32\alg.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[C:\WINDOWS\System32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
[C:\WINDOWS\system32\wshcon32.dll] ()(4, 1, 0, 0)
[PID: 380][C:\WINDOWS\system32\VTTimer.exe] (S3 Graphics, Inc.)(1.04.06-1020)
[PID: 416][C:\Program Files\ASUS\Probe\AsusProb.exe] (N/A)(N/A)
[C:\WINDOWS\system\VCL35.bpl] (Borland International)(3.0.3.70)
[C:\WINDOWS\system\cp3240mt.dll] (Borland International)(4.0)
[C:\WINDOWS\system\borlndmm.dll] (Borland International)(3.0.3.70)
[C:\Program Files\ASUS\Probe\CODISK.DLL] (N/A)(N/A)
[C:\Program Files\ASUS\Probe\DiskIco.dll] (N/A)(N/A)
[C:\Program Files\ASUS\Probe\COLM7578.DLL] (N/A)(N/A)
[C:\WINDOWS\system\bcbsmp35.bpl] ()(1.0.0.0)
[C:\WINDOWS\system\vclx35.bpl] (Borland International)(3.0.3.70)
[C:\WINDOWS\system32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
gototop
 
tesla
头像
初生襁褓狮
  • 帖子:9
  • 注册: 2006-09-03
  • 来自:
发表于: 2006-09-03 15:09 | 显示全部 短消息 资料
字号: 3楼

[C:\Program Files\ASUS\Probe\Asus.dll] (ASUS)(3, 0, 0, 2)
[C:\Program Files\ASUS\Probe\ASMIAHD.dll] (ASUS)(3, 0, 0, 1)
[C:\Program Files\ASUS\Probe\AsmiCtrl.dll] (ASUS)(3, 0, 0, 1)
[C:\Program Files\ASUS\Probe\ASMIDMI.dll] (ASUS)(3, 1, 0, 1)
[C:\Program Files\ASUS\Probe\AsmiEnum.dll] (ASUS)(3, 0, 0, 1)
[C:\Program Files\ASUS\Probe\AsmiHwIo.dll] (ASUS)(3, 1, 0, 1)
[C:\Program Files\ASUS\Probe\AsmiVia.dll] (N/A)(N/A)
[C:\Program Files\ASUS\Probe\Asmi697h.dll] (N/A)(N/A)
[C:\Program Files\ASUS\Probe\COLMIco.dll] (N/A)(N/A)
[C:\Program Files\ASUS\Probe\CODMI.DLL] (N/A)(N/A)
[PID: 444][C:\Program Files\Analog Devices\SoundMAX\SMTray.exe] (Analog Devices, Inc.)(3, 2, 17, 0)
[C:\WINDOWS\system32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
[PID: 1916][C:\Program Files\iTunes\iTunesHelper.exe] (Apple Computer, Inc.)(5.0.1.4)
[C:\Program Files\iTunes\iTunesHelper.Resources\zh_TW.lproj\iTunesHelperLocalized.DLL] (Apple Computer, Inc.)(4.9.0.17)
[C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL] (Apple Computer, Inc.)(5.0.1.4)
[PID: 620][C:\Program Files\QuickTime\qttask.exe] (Apple Computer, Inc.)(7.0.2)
[PID: 912][C:\PROGRA~1\Grisoft\AVG Free\avgcc.exe] (GRISOFT, s.r.o.)(7,1,0,405)
[C:\PROGRA~1\Grisoft\AVG Free\AvgTMgr.dll] (GRISOFT, s.r.o.)(7,1,0,400)
[C:\PROGRA~1\Grisoft\AVG Free\AvgCtrl.dll] (GRISOFT, s.r.o.)(7,1,0,405)
[C:\PROGRA~1\Grisoft\AVG Free\AvgAbout.dll] (GRISOFT, s.r.o.)(7,1,0,400)
[C:\PROGRA~1\Grisoft\AVG Free\AvgTest.dll] (GRISOFT, s.r.o.)(7,1,0,400)
[C:\PROGRA~1\Grisoft\AVG Free\AvgTRes.dll] (GRISOFT, s.r.o.)(7,1,0,402)
[C:\PROGRA~1\Grisoft\AVG Free\AvgSet.dll] (N/A)(N/A)
[C:\WINDOWS\system32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
[C:\PROGRA~1\Grisoft\AVG Free\avglog.dll] (GRISOFT, s.r.o.)(7,1,0,349)
[C:\Program Files\Grisoft\AVG Free\avgcfg.dll] (GRISOFT, s.r.o.)(7,1,0,404)
[C:\Program Files\Grisoft\AVG Free\avgklib.dll] (GRISOFT, s.r.o.)(7,1,0,321)
[C:\Program Files\Grisoft\AVG Free\avglng.dll] (GRISOFT, s.r.o.)(7,1,0,400)
[C:\Program Files\Grisoft\AVG Free\AVGRES.DLL] (N/A)(N/A)
[C:\Program Files\Grisoft\AVG Free\avgcckrn.dll] (GRISOFT, s.r.o.)(7,1,0,400)
[C:\Program Files\Grisoft\AVG Free\avgvault.dll] (GRISOFT, s.r.o.)(7,1,0,285)
[C:\Program Files\Grisoft\AVG Free\avgscan.dll] (GRISOFT, s.r.o.)(7,1,0,403)
[C:\Program Files\Grisoft\AVG Free\avgunarc.dll] (GRISOFT, s.r.o.)(7,1,0,400)
[C:\Program Files\Grisoft\AVG Free\avgrep.dll] (GRISOFT, s.r.o.)(7,1,0,311)
[C:\PROGRA~1\Grisoft\AVG Free\avgxch32.dll] (GRISOFT, s.r.o.)(7,1,0,400)
[C:\Program Files\Grisoft\AVG Free\avgamsps.dll] (GRISOFT, s.r.o.)(7,1,0,285)
[C:\Program Files\Grisoft\AVG Free\avgf.dll] (N/A)(N/A)
[PID: 1796][C:\Program Files\iPod\bin\iPodService.exe] (Apple Computer, Inc.)(5.0.1.4)
[C:\Program Files\iPod\bin\iPodService.Resources\zh_TW.lproj\iPodServiceLocalized.DLL] (Apple Computer, Inc.)(4.9.0.17)
[C:\Program Files\iPod\bin\iPodService.Resources\iPodService.DLL] (Apple Computer, Inc.)(5.0.1.4)
[PID: 2088][C:\Program Files\MSN Messenger\msnmsgr.exe] (Microsoft Corporation)(7.5.0322)
[C:\WINDOWS\system32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
[C:\WINDOWS\system32\wshcon32.dll] ()(4, 1, 0, 0)
[C:\WINDOWS\system32\devenum.dll] (N/A)(N/A)
[C:\WINDOWS\system32\msdmo.dll] (N/A)(N/A)
[C:\WINDOWS\system32\msplus1.dll] ()(1, 0, 0, 1)
[PID: 2392][C:\Program Files\Mozilla Firefox\firefox.exe] (Mozilla Corporation)(1.8.0.6: 2006072814)
[C:\Program Files\Mozilla Firefox\js3250.dll] (Netscape Communications Corporation)(4.0)
[C:\Program Files\Mozilla Firefox\nspr4.dll] (Netscape Communications Corporation)(4.6.1)
[C:\Program Files\Mozilla Firefox\xpcom_core.dll] (Mozilla Foundation)(1.8.0.6: 2006072814)
[C:\Program Files\Mozilla Firefox\plc4.dll] (Netscape Communications Corporation)(4.6.1)
[C:\Program Files\Mozilla Firefox\plds4.dll] (Netscape Communications Corporation)(4.6.1)
[C:\Program Files\Mozilla Firefox\smime3.dll] (Netscape Communications Corporation)(3.10.2)
[C:\Program Files\Mozilla Firefox\nss3.dll] (Netscape Communications Corporation)(3.10.2)
[C:\Program Files\Mozilla Firefox\softokn3.dll] (Netscape Communications Corporation)(3.10.2)
[C:\Program Files\Mozilla Firefox\ssl3.dll] (Netscape Communications Corporation)(3.10.2)
[C:\Program Files\Mozilla Firefox\xpcom_compat.dll] (Mozilla Foundation)(1.8.0.6: 2006072814)
[C:\WINDOWS\system32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
[C:\WINDOWS\system32\wshcon32.dll] ()(4, 1, 0, 0)
[C:\Program Files\Mozilla Firefox\components\jar50.dll] (Mozilla Foundation)(1.8.0.6: 2006072814)
[C:\Documents and Settings\gavin.NEOTECH.000\Application Data\Mozilla\Firefox\Profiles\a92wt1uv.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll] (N/A)(N/A)
[C:\Program Files\Mozilla Firefox\xpcom.dll] (Mozilla Foundation)(1.8.0.6: 2006072814)
[C:\Program Files\Mozilla Firefox\nssckbi.dll] (Netscape Communications Corporation)(1.53)
[C:\Documents and Settings\gavin.NEOTECH.000\Application Data\Mozilla\Firefox\Profiles\a92wt1uv.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll] (N/A)(N/A)
[C:\WINDOWS\system32\msicn\msibm.dll] (?镀?獺мΤそ)(2, 0, 0, 1)
[C:\WINDOWS\system32\msplus1.dll] ()(1, 0, 0, 1)
[C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll] (N/A)(N/A)
[C:\WINDOWS\system32\Macromed\Common\SwSupport.dll] (Macromedia, Inc.)(10.1r11)
[PID: 3080][C:\Program Files\Windows Defender\MsMpEng.exe] (Microsoft Corporation)(1.1.1347.0)
[PID: 3220][C:\Program Files\Windows Defender\MSASCui.exe] (Microsoft Corporation)(1.1.1347.0)
[C:\WINDOWS\system32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
[C:\WINDOWS\system32\msplus1.dll] ()(1, 0, 0, 1)
[PID: 3664][C:\Program Files\Windows Media Player\wmplayer.exe] (Microsoft Corporation)(10.00.00.3802)
[C:\WINDOWS\system32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
[C:\WINDOWS\system32\quartz.dll] (N/A)(N/A)
[C:\WINDOWS\system32\msdmo.dll] (N/A)(N/A)
[C:\WINDOWS\system32\l3codeca.acm] (Fraunhofer Institut Integrierte Schaltungen IIS)(1, 9, 0, 0305)
[C:\WINDOWS\system32\devenum.dll] (N/A)(N/A)
[C:\Program Files\K-Lite Codec Pack\filters\ac3filter.ax] ()(1.01a)
[C:\Program Files\K-Lite Codec Pack\ffdshow\ffdshow.ax] (N/A)(1.0.2.2030)
[C:\Program Files\K-Lite Codec Pack\filters\vsfilter.dll] (Gabest)(1, 0, 1, 3)
[C:\WINDOWS\system32\msplus1.dll] ()(1, 0, 0, 1)
[PID: 3868][C:\WINDOWS\system32\conime.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[C:\WINDOWS\system32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
[PID: 2236][C:\Documents and Settings\gavin.NEOTECH.000\Desktop\FOR SCAN\SREng2\SREng.exe] (Smallfrogs Studio)(2.0.21.505)
[C:\WINDOWS\system32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
[C:\WINDOWS\system32\msplus1.dll] ()(1, 0, 0, 1)
gototop
 
tesla
头像
初生襁褓狮
  • 帖子:9
  • 注册: 2006-09-03
  • 来自:
发表于: 2006-09-03 15:10 | 显示全部 短消息 资料
字号: 4楼

File Associations

.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

Winsock Provider
gototop
 
tesla
头像
初生襁褓狮
  • 帖子:9
  • 注册: 2006-09-03
  • 来自:
发表于: 2006-09-03 15:10 | 显示全部 短消息 资料
字号: 5楼

Logfile of HijackThis v1.98.0
Scan saved at 上午 12:43:12, on 2006/9/3
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG Free\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG Free\avgupsvc.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\ASUS\Probe\AsusProb.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Grisoft\AVG Free\avgcc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\system32\conime.exe
C:\Documents and Settings\gavin.NEOTECH.000\Desktop\hijackthis23344.exe
gototop
 
tesla
头像
初生襁褓狮
  • 帖子:9
  • 注册: 2006-09-03
  • 来自:
发表于: 2006-09-03 15:11 | 显示全部 短消息 资料
字号: 6楼

O2 - BHO: MonitorURL Class - {08A312BB-5409-49FC-9347-54BB7D069AC6} - C:\PROGRA~1\DeskAdTop\deskipn.dll
O2 - BHO: MyIEHelper Class - {16B770A0-0E87-4278-B748-2460D64A8386} - C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper_5027.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: BHOImp Class - {70AFF2CB-9DA2-499C-8D15-900729FCE83D} - C:\WINDOWS\system32\YHBO.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: HpqYewwf Class - {B628F86D-905C-780A-E105-38170AE9CE97} - C:\WINDOWS\DOWNLO~1\sgypk.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: ICQ  Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] ; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] ; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG Free\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Super Rabbit SRRestore] C:\Program Files\Super Rabbit\magicset\srrest.exe /autosave
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Desktop] C:\WINDOWS\system32\rundll32.exe "C:\Program Files\DeskAdTop\Run.dll" ,Rundll
O4 - HKLM\..\Run: [spoolsv] C:\WINDOWS\system32\spoolsv\spoolsv.exe -printer
O4 - HKLM\..\RunOnce: [uninsrest] C:\DOCUME~1\GAVINN~1.000\LOCALS~1\Temp\uninrest.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Super Rabbit IEPro] ; C:\PROGRA~1\Super Rabbit\magicset\SRIECLI.EXE /LOAD
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 使用 FlashGet 下載 - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 全部使用 FlashGet 下載 - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: (no name) - {367E0A21-8601-4986-9C9A-153BF5ACA118} - (no file)
O9 - Extra button: Yahoo 1G mail - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.mail.yahoo.com/promo/rd1 (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: D.S.Lite - {F8475519-8412-4D40-A46E-692D9D04DF7F} - C:\Documents and Settings\gavin.NEOTECH.000\Desktop\HINET Xuite 下載專用工具\DSLite2\DSLite.exe
O9 - Extra 'Tools' menuitem: &D.S.Lite - {F8475519-8412-4D40-A46E-692D9D04DF7F} - C:\Documents and Settings\gavin.NEOTECH.000\Desktop\HINET Xuite 下載專用工具\DSLite2\DSLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\msplus1.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msplus1.dll
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Neotech.ca
O17 - HKLM\Software\..\Telephony: DomainName = Neotech.ca
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = Neotech.ca
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll"
gototop
 
tesla
头像
初生襁褓狮
  • 帖子:9
  • 注册: 2006-09-03
  • 来自:
发表于: 2006-09-04 06:01 | 显示全部 短消息 资料
字号: 7楼

我已进行修復了~
以下是復原後的日志~
麻煩大人幫小弟我看一下还有没有问題~
万分感謝啊~
2006-09-03,15:54:09

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Runing Processes (Including process model information)
File Associations


Boot Items


Registry

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
(ctfmon.exe)(C:\WINDOWS\system32\ctfmon.exe) [Microsoft Corporation]
(Super Rabbit IEPro)(; C:\PROGRA~1\Super Rabbit\magicset\SRIECLI.EXE /LOAD) [Super Rabbit Soft]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
(load)() []
(run)() []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
(IMJPMIG8.1)(; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32) [Microsoft Corporation]
(MSPY2002)(; C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC) []
(PHIME2002ASync)(; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC) [Microsoft Corporation]
(PHIME2002A)(; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName) [Microsoft Corporation]
(VTTimer)(; VTTimer.exe) [S3 Graphics, Inc.]
(ASUS Probe)(; C:\Program Files\ASUS\Probe\AsusProb.exe) []
(Smapp)(; C:\Program Files\Analog Devices\SoundMAX\SMTray.exe) [Analog Devices, Inc.]
(iTunesHelper)(; "C:\Program Files\iTunes\iTunesHelper.exe") [Apple Computer, Inc.]
(QuickTime Task)(; "C:\Program Files\QuickTime\qttask.exe" -atboottime) [Apple Computer, Inc.]
(KernelFaultCheck)(; %systemroot%\system32\dumprep 0 -k) []
(AVG7_CC)(; C:\PROGRA~1\Grisoft\AVG Free\avgcc.exe /STARTUP) [GRISOFT, s.r.o.]
(Super Rabbit SRRestore)(; C:\Program Files\Super Rabbit\magicset\srrest.exe /autosave) [Super Rabbit Soft]
(Desktop)(; C:\WINDOWS\system32\rundll32.exe "C:\Program Files\DeskAdTop\Run.dll" ,Rundll) []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
(shell)(Explorer.exe) [Microsoft Corporation]
(Userinit)(C:\WINDOWS\system32\userinit.exe,) [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
(AppInit_DLLs)() []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
(UIHost)(logonui.exe) [Microsoft Corporation]
gototop
 
tesla
头像
初生襁褓狮
  • 帖子:9
  • 注册: 2006-09-03
  • 来自:
发表于: 2006-09-04 06:02 | 显示全部 短消息 资料
字号: 8楼

Startup Folders

[Adobe Gamma Loader]
(C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk)(H)
[Adobe Reader Speed Launch]
(C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk)(H)
[PowerReg Scheduler]
(C:\Documents and Settings\gavin.NEOTECH.000\Start Menu\Programs\Startup\PowerReg Scheduler.exe)(N)


Services

[AVG7 Alert Manager Server / Avg7Alrt]
(C:\PROGRA~1\Grisoft\AVG Free\avgamsvr.exe)(GRISOFT, s.r.o.)
[AVG7 Update Service / Avg7UpdSvc]
(C:\PROGRA~1\Grisoft\AVG Free\avgupsvc.exe)(GRISOFT, s.r.o.)
[ewido anti-spyware 4.0 guard / ewido anti-spyware 4.0 guard]
(C:\Program Files\ewido anti-spyware 4.0\guard.exe)(Anti-Malware Development a.s.)
[InstallDriver Table Manager / IDriverT]
("C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe")(Macrovision Corporation)
[iPodService / iPodService]
(C:\Program Files\iPod\bin\iPodService.exe)(Apple Computer, Inc.)
[Macromedia Licensing Service / Macromedia Licensing Service]
("C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe")(Macromedia)
[SoundMAX Agent Service / SoundMAX Agent Service (default)]
(C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe)(Analog Devices, Inc.)


Browser Add-ons

[MyIEHelper Class]
{16B770A0-0E87-4278-B748-2460D64A8386} (C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper_5027.dll, Microsoft Corporation)
[Yahoo 1G mail]
{507F9113-CD77-4866-BA92-0E86DA3D0B97} (http://cn.mail.yahoo.com/promo/rd1, N/A)
[&Research]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} (C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL, Microsoft Corporation)
[ICQ Lite]
{B863453A-26C3-4e1f-A54D-A2CD196348E9} (C:\Program Files\ICQLite\ICQLite.exe, ICQ Ltd.)
[FlashGet]
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} (C:\PROGRA~1\FlashGet\flashget.exe, Amaze Soft)
[D.S.Lite]
{F8475519-8412-4D40-A46E-692D9D04DF7F} (C:\Documents and Settings\gavin.NEOTECH.000\Desktop\HINET Xuite 更盡ノㄣ\DSLite2\DSLite.exe, watermonster.org)
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} (C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation)
[FlashGet Bar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} (C:\PROGRA~1\FlashGet\fgiebar.dll, Amaze Soft)
[ICQ Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} (C:\Program Files\ICQToolbar\toolbaru.dll, ICQ Inc.)
[&Google]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} (c:\program files\google\googletoolbar1.dll, N/A)
[ewidoOnlineScan Control]
{193C772A-87BE-4B19-A7BB-445B226FE9A1} (C:\WINDOWS\DOWNLO~1\ewidoOnlineScan.dll, Anti-Malware Development a.s.)
[MonitorURL Class]
{08A312BB-5409-49FC-9347-54BB7D069AC6} (C:\PROGRA~1\DeskAdTop\deskipn.dll, N/A)
[MyIEHelper Class]
{16B770A0-0E87-4278-B748-2460D64A8386} (C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper_5027.dll, Microsoft Corporation)
[&Google]
{2318C2B1-4965-11D4-9B18-009027A5CD4F} (c:\program files\google\googletoolbar1.dll, N/A)
[Tabular Data Control]
{333C7BC4-460F-11D0-BC04-0080C7055A83} (C:\WINDOWS\System32\tdc.ocx, Microsoft Corporation)
[]
{53707962-6F74-2D53-2644-206D7942484F} (C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll, Safer Networking Limited)
[Shell Name Space]
{55136805-B2DE-11D1-B9F2-00A0C98BC547} (%SystemRoot%\system32\SHDOCVW.DLL, N/A)
[BHOImp Class]
{70AFF2CB-9DA2-499C-8D15-900729FCE83D} (C:\WINDOWS\system32\YHBO.dll, N/A)
[ICQ Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} (C:\Program Files\ICQToolbar\toolbaru.dll, ICQ Inc.)
[IeCatch2 Class]
{A5366673-E8CA-11D3-9CD9-0090271D075B} (C:\PROGRA~1\FlashGet\jccatch.dll, Amaze Soft)
[Google Toolbar Helper]
{AA58ED58-01DD-4D91-8333-CF10577473F7} (c:\program files\google\googletoolbar1.dll, N/A)
[HpqYewwf Class]
{B628F86D-905C-780A-E105-38170AE9CE97} (C:\WINDOWS\DOWNLO~1\sgypk.dll, N/A)
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} (C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.)
[FlashGet Bar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} (C:\PROGRA~1\FlashGet\fgiebar.dll, Amaze Soft)
[E&xport to Microsoft Excel]
(res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000, N/A)
[ㄏノ FlashGet 更]
(C:\Program Files\FlashGet\jc_link.htm, N/A)
[场ㄏノ FlashGet 更]
(C:\Program Files\FlashGet\jc_all.htm, N/A)


Running Processes

[PID: 584][\SystemRoot\System32\smss.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 640][\??\C:\WINDOWS\system32\csrss.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[PID: 664][\??\C:\WINDOWS\system32\winlogon.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[C:\WINDOWS\system32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
[PID: 712][C:\WINDOWS\system32\services.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[C:\WINDOWS\system32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
[PID: 724][C:\WINDOWS\system32\lsass.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[C:\WINDOWS\system32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
[PID: 884][C:\WINDOWS\system32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[C:\WINDOWS\system32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
[PID: 932][C:\WINDOWS\system32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[C:\WINDOWS\system32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
[PID: 1016][C:\WINDOWS\System32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[C:\WINDOWS\System32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
[PID: 1096][C:\WINDOWS\System32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[C:\WINDOWS\System32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
[PID: 1192][C:\WINDOWS\System32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[C:\WINDOWS\System32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
[PID: 1304][C:\WINDOWS\system32\spoolsv.exe] (Microsoft Corporation)(5.1.2600.2696 (xpsp_sp2_gdr.050610-1519))
[C:\WINDOWS\system32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
[PID: 1436][C:\PROGRA~1\Grisoft\AVG Free\avgamsvr.exe] (GRISOFT, s.r.o.)(7,1,0,365)
[C:\PROGRA~1\Grisoft\AVG Free\avglog.dll] (GRISOFT, s.r.o.)(7,1,0,349)
[C:\Program Files\Grisoft\AVG Free\avgcfg.dll] (GRISOFT, s.r.o.)(7,1,0,404)
[C:\Program Files\Grisoft\AVG Free\avgklib.dll] (GRISOFT, s.r.o.)(7,1,0,321)
[C:\Program Files\Grisoft\AVG Free\avglng.dll] (GRISOFT, s.r.o.)(7,1,0,400)
[PID: 1496][C:\PROGRA~1\Grisoft\AVG Free\avgupsvc.exe] (GRISOFT, s.r.o.)(7,1,0,349)
[PID: 1524][C:\Program Files\ewido anti-spyware 4.0\guard.exe] (Anti-Malware Development a.s.)(4, 0, 0, 172)
[C:\Program Files\ewido anti-spyware 4.0\engine.dll] (Anti-Malware Development a.s.)(4, 0, 0, 172)
[C:\WINDOWS\system32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
[PID: 1560][C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe] (Analog Devices, Inc.)(3, 2, 6, 0)
[PID: 1580][C:\WINDOWS\System32\svchost.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[C:\WINDOWS\System32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
[C:\WINDOWS\system32\wsndp202.dll] ()(0, 9, 0, 1)
[PID: 1592][C:\WINDOWS\system32\wdfmgr.exe] (Microsoft Corporation)(5.2.3790.1230 built by: dnsrv(bld4act))
[PID: 1840][C:\WINDOWS\Explorer.EXE] (Microsoft Corporation)(6.00.2900.2180 (xpsp_sp2_rtm.040803-2158))
[C:\WINDOWS\system32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] (Adobe Systems, Inc.)(7.0.0.0)
[C:\Program Files\WinRAR\rarext.dll] (N/A)(N/A)
[C:\WINDOWS\system32\RhinoShExt.dll] (Robert McNeel & Associates)(1, 0, 0, 1)
[C:\Program Files\ICQLite\ICQLiteShell.dll] ()(20, 34, 2321, 0)
[C:\Program Files\ewido anti-spyware 4.0\context.dll] (Anti-Malware Development a.s.)(4, 0, 0, 172)
[C:\Program Files\GlobalSCAPE\CuteFTP\Cuteshell.dll] (GlobalSCAPE, Inc.)(50, 6, 3, 2)
[C:\Program Files\Grisoft\AVG Free\avgse.dll] (GRISOFT, s.r.o.)(7,1,0,354)
[PID: 460][C:\WINDOWS\System32\alg.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[C:\WINDOWS\System32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
[PID: 492][C:\WINDOWS\system32\ctfmon.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[C:\WINDOWS\system32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
[PID: 1804][C:\WINDOWS\system32\wuauclt.exe] (Microsoft Corporation)(5.8.0.2469 built by: lab01_n(wmbla))
[C:\WINDOWS\system32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
[PID: 1188][C:\WINDOWS\system32\Notepad.exe] (Microsoft Corporation)(5.1.2600.2180 (xpsp_sp2_rtm.040803-2158))
[C:\WINDOWS\system32\SYNCOR11.DLL] (SoundMAX)(1.2.3)
[PID: 1204][C:\Documents and Settings\gavin.NEOTECH.000\Desktop\FOR SCAN\SREng2\SREng.exe] (Smallfrogs Studio)(2.0.21.505)
[C:\WINDOWS\system32\SYNCOR11.DLL] (SoundMAX)(1.2.3)


File Associations

.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

Winsock Provider
gototop
 
tesla
头像
初生襁褓狮
  • 帖子:9
  • 注册: 2006-09-03
  • 来自:
发表于: 2006-09-04 06:02 | 显示全部 短消息 资料
字号: 9楼

Logfile of HijackThis v1.98.0
Scan saved at 下午 03:53:04, on 2006/9/3
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG Free\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG Free\avgupsvc.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\gavin.NEOTECH.000\Desktop\FOR SCAN\hijackthis23344.exe

O2 - BHO: MyIEHelper Class - {16B770A0-0E87-4278-B748-2460D64A8386} - C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper_5027.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: ICQ  Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O4 - HKLM\..\Run: [IMJPMIG8.1] ; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] ; C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] ; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] ; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [VTTimer] ; VTTimer.exe
O4 - HKLM\..\Run: [ASUS Probe] ; C:\Program Files\ASUS\Probe\AsusProb.exe
O4 - HKLM\..\Run: [Smapp] ; C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [iTunesHelper] ; "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] ; "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] ; %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [AVG7_CC] ; C:\PROGRA~1\Grisoft\AVG Free\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Super Rabbit SRRestore] ; C:\Program Files\Super Rabbit\magicset\srrest.exe /autosave
O4 - HKLM\..\Run: [Desktop] ; C:\WINDOWS\system32\rundll32.exe "C:\Program Files\DeskAdTop\Run.dll" ,Rundll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Super Rabbit IEPro] ; C:\PROGRA~1\Super Rabbit\magicset\SRIECLI.EXE /LOAD
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 使用 FlashGet 下載 - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 全部使用 FlashGet 下載 - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: (no name) - {367E0A21-8601-4986-9C9A-153BF5ACA118} - (no file)
O9 - Extra button: Yahoo 1G mail - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.mail.yahoo.com/promo/rd1 (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: D.S.Lite - {F8475519-8412-4D40-A46E-692D9D04DF7F} - C:\Documents and Settings\gavin.NEOTECH.000\Desktop\HINET Xuite 下載專用工具\DSLite2\DSLite.exe
O9 - Extra 'Tools' menuitem: &D.S.Lite - {F8475519-8412-4D40-A46E-692D9D04DF7F} - C:\Documents and Settings\gavin.NEOTECH.000\Desktop\HINET Xuite 下載專用工具\DSLite2\DSLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Neotech.ca
O17 - HKLM\Software\..\Telephony: DomainName = Neotech.ca
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = Neotech.ca
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll"
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT