HijackThis_815汉化版扫描日志 V1.99.1
保存于 16:38:04, 日期 2006-6-28
操作系统: Windows 2000 SP4 (WinNT 5.00.2195)
浏览器: Internet Explorer v6.00 SP1 (6.00.2800.1106)
当前运行的进程:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\system32\NxpAuxSvc.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\system32\iscsiexe.exe
C:\WINNT\system32\iscsinxp.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\Explorer.EXE
C:\Program Files\D-Tools\daemon.exe
C:\WINNT\system32\Clsmn.exe
C:\WINNT\system32\internat.exe
C:\WINNT\system32\climan.exe
C:\WINNT\system32\conime.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Administrator\桌面\HijackThis1991zww.exe
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINNT\system32\xunleibho_v8.dll
O2 - BHO: yPhtb - {33BBE430-0E42-4f12-B075-8D21ACB10DCB} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yphtb.dll (file missing)
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - E:\Program Files\Tencent\qq\QQIEHelper.dll
O2 - BHO: YDragSearch - {62EED7C6-9F02-42f9-B634-98E2899E147B} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\YDRAGS~1.DLL (file missing)
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: MacroMediapd - {B8CCDD47-38E4-4CD2-B7FA-3B4B690F74BD} - C:\WINNT\system32\microapmddt.dll
O3 - IE工具栏增项: @msdxmLC.dll,-1@2052,电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O4 - 启动项HKLM\\Run: [DAEMON Tools-2052> "C:\Program Files\D-Tools\daemon.exe" -lang 2052
O4 - 启动项HKLM\\Run: [wxClient> C:\WINNT\system32\Clsmn.exe
O4 - 启动项HKLM\\Run: [NMGameX_AutoRun> C:\WINNT\system32\Rundll32.exe NMGameX.dll,LiveProcess /aa
O4 - 启动项HKLM\\Run: [Synchronization Manager> mobsync.exe /logon
O4 - HKCU\..\Run: [Internat.exe> internat.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - E:\Program Files\Tencent\qq\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - E:\Program Files\Tencent\qq\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - E:\Program Files\Tencent\qq\SendMMS.htm
O9 - 浏览器额外的按钮: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-E800A446447A} - D:\Program Files\浩方对战平台\GameClient.exe
O9 - 浏览器额外的按钮: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - 浏览器额外的“工具”菜单项: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\Program Files\Tencent\qq\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\Program Files\Tencent\qq\QQ.EXE
O9 - 浏览器额外的按钮: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - E:\Program Files\Tencent\qq\QQIEHelper.dll
O9 - 浏览器额外的“工具”菜单项: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - E:\Program Files\Tencent\qq\QQIEHelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{0001540A-D8BA-4B9A-9AB6-E5272E17ECB5}: NameServer = 202.102.192.68,202.102.199.68
O17 - HKLM\System\CCS\Services\Tcpip\..\{024BD82B-5880-4416-B470-D4A4186164FE}: NameServer = 202.102.192.68,202.102.199.68
O17 - HKLM\System\CCS\Services\Tcpip\..\{BD852477-DF68-46F1-A5D0-444950EAAA32}: NameServer = 202.102.192.68,202.102.199.68
O17 - HKLM\System\CS1\Services\Tcpip\..\{0001540A-D8BA-4B9A-9AB6-E5272E17ECB5}: NameServer = 202.102.192.68,202.102.199.68
O17 - HKLM\System\CS2\Services\Tcpip\..\{0001540A-D8BA-4B9A-9AB6-E5272E17ECB5}: NameServer = 202.102.192.68,202.102.199.68
O23 - NT 服务: Ati HotKey Poller - ATI Technologies Inc. - C:\WINNT\system32\Ati2evxx.exe
O23 - NT 服务: ATI Smart - Unknown owner - C:\WINNT\system32\ati2sgag.exe
O23 - NT 服务: NetZone NxD 系统辅助服务 (AuxNxpSvc) - Unknown owner - C:\WINNT\system32\NxpAuxSvc.exe
O23 - NT 服务: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - NT 服务: NetZone NxD iSCSI客户端 (nzNxPiSCSI) - Unknown owner - C:\WINNT\system32\iscsinxp.exe
2006-06-28,16:40:53
System Repair Engineer 2.0.12.350 (2.0 RC 1)
Windows 2000 Professional Service Pack 4 - 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run>
<Internat.exe><internat.exe>
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows>
<load><>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run>
<DAEMON Tools-2052><"C:\Program Files\D-Tools\daemon.exe" -lang 2052>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run>
<wxClient><C:\WINNT\system32\Clsmn.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run>
<NMGameX_AutoRun><C:\WINNT\system32\Rundll32.exe NMGameX.dll,LiveProcess /aa>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run>
<Synchronization Manager><mobsync.exe /logon>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon>
<shell><Explorer.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon>
<Userinit><C:\WINNT\system32\userinit.exe,>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon>
<GinaDLL><C:\WINNT\system32\LogUser.dll>
==================================
启动文件夹
服务
[Ati HotKey Poller / Ati HotKey Poller>
<C:\WINNT\system32\Ati2evxx.exe><ATI Technologies Inc.>
[ATI Smart / ATI Smart>
<C:\WINNT\system32\ati2sgag.exe><>
[NetZone NxD 系统辅助服务 / AuxNxpSvc>
<C:\WINNT\system32\NxpAuxSvc.exe><N/A>
[Logical Disk Manager Administrative Service / dmadmin>
<C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[NetZone NxD iSCSI客户端 / nzNxPiSCSI>
<C:\WINNT\system32\iscsinxp.exe><N/A>
==================================
浏览器加载项
[ThunderIEHelper Class>
C:\WINNT\system32\Clsmn.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
这两个好象有点问题...
从hijackthi报告中未见异常。
谢谢各位~~~~~~~~~~~~~~~ |
|
设为首页
加入收藏
联系我们
打印本文 
返回顶部 
加入收藏 
关闭窗口
