发表于: 2007-12-30 01:04 | 显示全部 短消息 资料
字号: 1楼

帮我看看 我是新收

Logfile of HijackThis v1.99.1
Scan saved at 0:33:15, on 2001-12-30
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\System\ffltuai.exe
C:\Program Files\Common Files\Microsoft Shared\kpuhdxi.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\conime.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Thunder\Program\Thunder5.exe
C:\Program Files\Common Files\Microsoft Shared\kpuhdxi.exe
C:\Program Files\0603.exe
C:\Program Files\Common Files\Microsoft Shared\kpuhdxi.exe
C:\Program Files\Internet Explorer\iexplore.exe
E:\ha_hijackthis_1991\H.exe

O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll
O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll
O2 - BHO: (no name) - {9963387B-212E-4643-B207-82DAEA0E713D} - C:\Program Files\Internet Explorer\PLUGINS\Wn_Sys8x.Sys
O4 - HKLM\..\Run: [qaxaocv] C:\Program Files\Common Files\System\ffltuai.exe
O4 - HKLM\..\Run: [edveokw] C:\Program Files\Common Files\Microsoft Shared\kpuhdxi.exe
O4 - HKLM\..\Run: [switch] c:\windows\system32\壁纸自动换.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WSockDrv32] C:\WINDOWS\WSockDrv32.exe
O4 - HKLM\..\Run: [Kvsc3] C:\WINDOWS\Kvsc3.exE
O4 - HKLM\..\Run: [AVPSrv] C:\WINDOWS\AVPSrv.exE
O4 - HKLM\..\Run: [DbgHlp32] C:\WINDOWS\DbgHlp32.exe
O4 - HKLM\..\Run: [mppds] C:\WINDOWS\mppds.exe
O4 - HKLM\..\Run: [MsPrint32D] C:\WINDOWS\MsPrint32D.exe
O4 - HKLM\..\Run: [cmdbcs] C:\WINDOWS\cmdbcs.exe
O4 - HKLM\..\Run: [upxdnd] C:\WINDOWS\upxdnd.exe
O4 - HKLM\..\Run: [WinSysM] C:\WINDOWS\338448M.exe
O4 - HKLM\..\Run: [msccrt] C:\WINDOWS\msccrt.exe
O4 - HKLM\..\Run: [MsIMMs32] C:\WINDOWS\MsIMMs32.exE
O4 - HKLM\..\Run: [PTSShell] C:\WINDOWS\PTSShell.exe
O4 - HKLM\..\Run: [LotusHlp] C:\WINDOWS\LotusHlp.exe
O4 - HKLM\..\Run: [NVDispDrv] C:\WINDOWS\NVDispDRV.EXE
O4 - HKLM\..\Run: [NAVMon32] C:\WINDOWS\NAVMon32.exE
O4 - HKLM\..\Run: [RegSrv64D] C:\WINDOWS\RegSrv64D.exE
O4 - HKLM\..\Run: [WINSvr32] C:\WINDOWS\WINSvr32.exE
O4 - HKLM\..\Run: [WinSysW] C:\WINDOWS\338448L.exe
O4 - HKLM\..\Run: [WinForm] C:\WINDOWS\WinForm.exE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: 使用迅雷下载 - C:\Program Files\Thunder\Program\geturl.htm
O8 - Extra context menu item: 使用迅雷下载全部链接 - C:\Program Files\Thunder\Program\getallurl.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O17 - HKLM\System\CCS\Services\Tcpip\..\{5C010B93-6AEC-465F-8DB7-D1792ED52CA6}: NameServer = 202.103.24.68 202.103.44.150
O20 - AppInit_DLLs: rarjepi.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: 286EE121 - Unknown owner - C:\WINDOWS\system32\792405C6.EXE
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe



[用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
最后编辑2007-12-30 09:21:37