日志文件: 趋势科技 HijackThis v2.0.0 (BETA) 保存时间: 11:44:32, on 2008-6-10 操作系统: Windows XP SP2 (WinNT 5.01.2600) 启动模式: 正常 正在运行的进程: C:\windows\System32\smss.exe C:\windows\system32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe C:\windows\System32\svchost.exe C:\windows\Explorer.EXE D:\Program Files\360safe\safemon\360tray.exe C:\Program Files\360Safebox\safeboxTray.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\windows\system32\ctfmon.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\windows\system32\nvsvc32.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe d:\Program Files\Tencent\QQ\TXPlatform.exe D:\Program Files\Maxthon2\Maxthon.exe D:\Program Files\Tencent\QQ\QQMusic.exe E:\工具\安全辅助工具\HijackThis\HiJackThis2.0.exe O2 - BHO: (未命名) - RsAutorunsDisabled - (没有文件) O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - d:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - d:\Program Files\FlashGet Network\FlashGet\ComDlls\bhoCATCH.dll O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - d:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll O2 - BHO: SafeMon Class - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} - D:\Program Files\360safe\safemon\safemon.dll O3 - 工具栏: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\windows\system32\kakatool.dll O4 - HKLM\..\Run: [360Safetray] d:\Program Files\360safe\safemon\360tray.exe /start O4 - HKLM\..\Run: [360Safebox] "C:\Program Files\360Safebox\safeboxTray.exe" /r O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" O4 - HKLM\..\Run: [NvCplDaemon] ; RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] ; RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O8 - 扩展右键菜单项: 使用快车(Flas&hGet)下载 - d:\Program Files\FlashGet Network\FlashGet\ComDlls\Bholink.htm O8 - 扩展右键菜单项: 使用快车(Flash&Get)下载全部链接 - d:\Program Files\FlashGet Network\FlashGet\ComDlls\Bhoall.htm O8 - 扩展右键菜单项: 使用迅雷下载 - d:\Program Files\Thunder Network\Thunder\Program\geturl.htm O8 - 扩展右键菜单项: 使用迅雷下载全部链接 - d:\Program Files\Thunder Network\Thunder\Program\getallurl.htm O8 - 扩展右键菜单项: 添加到QQ表情 - d:\Program Files\Tencent\QQ\AddEmotion.htm O9 - Extra button: Web 反病毒统计 - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll O9 - Extra button: IEFXZTool - {61F0024B-8278-4999-B7E6-2718426D9FE6} - d:\PROGRA~1\IEfxz\iefxz.dll (HKCU) O14 - IERESET.INF: START_PAGE_URL=http://www.microsoft.com/ O16 - DPF: {D82303B7-A754-4DCB-8AFC-8CF99435AACE} (KUpdateObj2 Class) - http://shadu.duba.net/kosclean_v2/KOSInit.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{D55FCE98-2CD7-468E-A1F6-87F1FEAD7F88}: NameServer = 202.100.192.68 202.100.199.8 O22 - SharedTaskScheduler: Browseui 预加载程序 - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\windows\system32\browseui.dll O22 - SharedTaskScheduler: 组件类别缓存程序 - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe O23 - Service: Contrl Center of Storm Media (ccosm) - 北京暴风网际科技有限公司 - C:\Program Files\StormII\stormliv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe O24 - Desktop Component RsAutorunsDisabled: (未命名) - (没有文件) -- 文件结束 - 4548 字节