coookielong - 2006-7-24 14:44:00
这是浏览日志:
Logfile of HijackThis v1.99.1
Scan saved at 2:25:09 PM, on 7/24/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2
(6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program
Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program
Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program
Files\ISS\issSensors\DesktopProtection\blackd.e
xe
C:\Program Files\NUS-VPN\cvpnd.exe
C:\Program Files\ewido\security
suite\ewidoctrl.exe
C:\Program Files\IBM\IBM Rapid Restore
Ultra\rrpcsb.exe
C:\Program Files\Trend Micro\OfficeScan
Client\ntrtscan.exe
C:\Program
Files\Intel\Wireless\Bin\OProtSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
C:\Program Files\Trend Micro\OfficeScan
Client\tmlisten.exe
C:\WINDOWS\System32\TPHDEXLG.EXE
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\Trend Micro\OfficeScan
Client\OfcPfwSvc.exe
C:\WINDOWS\TEMP\ZJ863E.EXE
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\conime.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\TpShocks.exe
C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\Program
Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1
\TpScrex.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\IBMTOOLS\UTILS\ibmprc.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program
Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\Program Files\Java\jre1.5.0_06
\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Trend Micro\OfficeScan
Client\Pccntmon.exe
C:\Program Files\DAEMON\daemon.exe
C:\Program Files\Common
Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\userinit.exe
D:\hijackthis\HijackThis.exe
R3 - Default URLSearchHook is missing
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\Program Files\Adobe\Acrobat 7.0
\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-
462C-B6EB-D4DAF1D92D43} - C:\Program
Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-
8998-1DD2C5261283} - C:\Program
Files\Thunder\ComDlls\XunLeiBHO_001.dll
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9
-0090271D075B} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-
01DD-4d91-8333-CF10577473F7} - c:\program
files\google\googletoolbar1.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-
11D5-8D29-0050BA6940E3} - C:\PROGRA~1
\FlashGet\fgiebar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-
9B18-009027A5CD4F} - c:\program
files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program
Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program
Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program
Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1
\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1
\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI
Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [UC_Start] C:\Program
Files\IBM\Updater\\ucstartup.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program
Files\Common Files\Sonic\Update
Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32
\dla\tfswctrl.exe
O4 - HKLM\..\Run: [IBMPRC]
C:\IBMTOOLS\UTILS\ibmprc.exe
O4 - HKLM\..\Run: [PWRMGRTR] rundll32
C:\PROGRA~1\ThinkPad\UTILIT~1
\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [IntelWireless] C:\Program
Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel
PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] C:\Program
Files\Intel\Wireless\Bin\EOUWiz.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched]
C:\Program Files\Java\jre1.5.0_06
\bin\jusched.exe
O4 - HKLM\..\Run: [IMJPMIG8.1]
"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil
/RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1]
C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002]
C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe
/SYNC
O4 - HKLM\..\Run: [PHIME2002ASync]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
/SYNC
O4 - HKLM\..\Run:
[BluetoothAuthenticationAgent] rundll32.exe
bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [OfficeScanNT Monitor]
"C:\Program Files\Trend Micro\OfficeScan
Client\Pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program
Files\DAEMON\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [TkBellExe] "C:\Program
Files\Common
Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe
coookielong - 2006-7-24 14:44:00
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program
Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Microsoft Office.lnk =
C:\Program Files\Microsoft Office\Office10
\OSA.EXE
O8 - Extra context menu item: &Google Search -
res://c:\program
files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate
English Word - res://c:\program
files\google\GoogleToolbar1.dll/cmwordtrans.htm
l
O8 - Extra context menu item: &使用迅雷下载 -
C:\Program Files\Thunder\Program\GetUrl.htm
O8 - Extra context menu item: &使用迅雷下载全部
链接 - C:\Program
Files\Thunder\Program\GetAllUrl.htm
O8 - Extra context menu item: Backward Links -
res://c:\program
files\google\GoogleToolbar1.dll/cmbacklinks.htm
l
O8 - Extra context menu item: Cached Snapshot
of Page - res://c:\program
files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to
Microsoft Excel - res://C:\PROGRA~1\MICROS~3
\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages -
res://c:\program
files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page
into English - res://c:\program
files\google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: 使用网际快车下载
- C:\PROGRA~1\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载
全部链接 - C:\PROGRA~1\FlashGet\jc_all.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-
11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-
11d4-8D29-0050BA6940E3} - C:\PROGRA~1
\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet -
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} -
C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-
11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger
- {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF:
START_PAGE_URL=http://www.nus.edu.sg
O16 - DPF: {17492023-C23A-453E-A040-
C7C580BBF700} (Windows Genuine Advantage
Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204
O17 -
HKLM\System\CCS\Services\Tcpip\Parameters:
Domain = stu.nus.edu.sg
O17 - HKLM\Software\..\Telephony: DomainName =
stu.nus.edu.sg
O17 - HKLM\System\CS1
\Services\Tcpip\Parameters: Domain =
stu.nus.edu.sg
O17 - HKLM\System\CS2
\Services\Tcpip\Parameters: Domain =
stu.nus.edu.sg
O17 - HKLM\System\CS3
\Services\Tcpip\Parameters: Domain =
stu.nus.edu.sg
O18 - Protocol: msnim - {828030A1-22C1-4009-
854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1
\msgrapp.dll" (file missing)
O20 - Winlogon Notify: IntelWireless -
C:\Program
Files\Intel\Wireless\Bin\LgNotify.dll
O20 - Winlogon Notify: tphotkey -
C:\WINDOWS\SYSTEM32\tphklock.dll
O20 - Winlogon Notify: WgaLogon -
C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI
Technologies Inc. - C:\WINDOWS\system32
\Ati2evxx.exe
O23 - Service: BlackICE - Internet Security
Systems, Inc. - C:\Program
Files\ISS\issSensors\DesktopProtection\blackd.e
xe
O23 - Service: Cisco Systems, Inc. VPN Service
(CVPND) - Cisco Systems, Inc. - C:\Program
Files\NUS-VPN\cvpnd.exe
O23 - Service: EvtEng - Intel Corporation -
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: ewido security suite control -
ewido networks - C:\Program
Files\ewido\security suite\ewidoctrl.exe
O23 - Service: IBM Rapid Restore Ultra Service
- Unknown owner - C:\Program Files\IBM\IBM
Rapid Restore Ultra\rrpcsb.exe
O23 - Service: IBM PM Service (IBMPMSVC) -
Unknown owner - C:\WINDOWS\system32
\ibmpmsvc.exe
O23 - Service: Kodak Camera Connection Software
(KodakCCS) - Eastman Kodak Company -
C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Macromedia Licensing Service -
Unknown owner - C:\Program Files\Common
Files\Macromedia Shared\Service\Macromedia
Licensing.exe
O23 - Service: OfficeScanNT RealTime Scan
(ntrtscan) - Trend Micro Inc. - C:\Program
Files\Trend Micro\OfficeScan
Client\ntrtscan.exe
O23 - Service: OfficeScanNT Personal Firewall
(OfcPfwSvc) - Trend Micro Inc. - C:\Program
Files\Trend Micro\OfficeScan
Client\OfcPfwSvc.exe
O23 - Service: OwnershipProtocol - Intel
Corporation - C:\Program
Files\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: IBM PSA Access Driver Control
(PsaSrv) - Unknown owner - C:\WINDOWS\system32
\PsaSrv.exe (file missing)
O23 - Service: RapApp - Internet Security
Systems, Inc. - C:\Program
Files\ISS\issSensors\DesktopProtection\RapApp.e
xe
O23 - Service: RegSrvc - Intel Corporation -
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor
(S24EventMonitor) - Intel Corporation -
C:\Program
Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: OfficeScanNT Listener (tmlisten)
- Trend Micro Inc. - C:\Program Files\Trend
Micro\OfficeScan Client\tmlisten.exe
O23 - Service: IBM HDD APS Logging Service
(TPHDEXLGSVC) - IBM Corporation -
C:\WINDOWS\System32\TPHDEXLG.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) -
Unknown owner - C:\WINDOWS\system32
\TpKmpSVC.exe
O23 - Service: URT Client Service
(urtclientservice) - Unknown owner -
C:\WINDOWS\System32\urtclsvc.exe (file missing)
O23 - Service: WLANKEEPER - Intel? Corporation
- C:\Program
Files\Intel\Wireless\Bin\WLKeeper.exe
coookielong - 2006-7-24 14:47:00
还有,我在装kapersky 6的时候,老是让我重启,说要卸载不兼容的officescan. 后来载点击安装时,直接报错,不能安装了!!!
怎么回事啊????
谢谢!!!
© 2000 - 2026 Rising Corp. Ltd.