Logfile of HijackThis v1.99.1
Scan saved at 12:58:40, on 2005-8-19
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
F:\瑞星\RAV\Ravmond.exe
F:\瑞星\RAV\RavStub.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\rav32.exe
C:\WINDOWS\System32\assiste.exe
C:\Program Files\Lenovo\幸福一键通\Kbdriver.exe
C:\Program Files\Lenovo\幸福一键通\FlyShuttle.exe
C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
F:\MP3\Winamp\winampa.exe
C:\Program Files\CNNIC\Cdn\cdnup.exe
C:\PROGRA~1\360so\360Main.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
F:\迅雷4\Thunder.exe
F:\瑞星\rav\RavMon.exe
F:\瑞星\RAV\CCENTER.EXE
C:\WINDOWS\System32\svchost.exe
E:\qq\2005珊瑚虫\qq\QQ.exe
E:\qq\2005珊瑚虫\qq\TIMPlatform.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\3721\assistse.exe
C:\Program Files\Internet Explorer\iexplore.exe
F:\截图\RdfSnap\RdfSnap.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\DOCUME~1\TENGQI~1\LOCALS~1\Temp\Rar$EX00.391\HijackThis.exe
R3 - URLSearchHook: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\Program Files\3721\Assist\asbar.dll
O1 - Hosts: 219.146.240.251 v.21cn.com
O1 - Hosts: 219.146.240.251 sms1.ctn.com.cn
O1 - Hosts: 219.146.240.251 sms2.ctn.com.cn
O1 - Hosts: 219.146.240.251 sms3.ctn.com.cn
O1 - Hosts: 219.146.240.251 cnsmin.3721,com
O1 - Hosts: 219.146.240.251 bar.baidu.com
O1 - Hosts: 219.146.240.251 adimg.163.com
O1 - Hosts: 219.146.240.251 cns.3721,com
O1 - Hosts: 219.146.240.251 popme.163.com
O1 - Hosts: 219.146.240.251 ad4.sina.com.cn
O1 - Hosts: 219.146.240.251 images.sohu.com
O1 - Hosts: 219.146.240.251 cn.yimg.com
O1 - Hosts: 219.146.240.251 ad.tom.com
O1 - Hosts: 219.146.240.251 image.cn.tom.com
O1 - Hosts: 219.146.240.251 popad.qq.com
O1 - Hosts: 219.146.240.251 tadsweb.tencent.com
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\System32\xunleibho_v5.dll
O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - F:\BT2\Plugins\RazaWebHook.dll
O2 - BHO: (no name) - {35980F6E-A137-4E50-953D-813BB8556899} - (no file)
O2 - BHO: Anti Fish - {38928D50-8A48-44C2-945F-D2F23F771410} - C:\Program Files\3721\Assist\Angling.dll
O2 - BHO: 360搜 - {472101C2-1109-43f4-9112-31F33E3F2127} - C:\Program Files\360so\360so.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - E:\qq\2005珊瑚虫\qq\QQIEHelper.dll
O2 - BHO: NetAnts.IE.Monitor - {57E91B41-F40A-11D1-B792-444553540000} - F:\蚂煲蚁蟎\NetAnts\AntAPI.dll (file missing)
O2 - BHO: 3721中文邮 - {6231D512-E4A4-4DF2-BE62-5B8F0EE348EF} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {B3ECCAC9-C7FA-462C-894B-8E9930A70E14} - F:\PROGRA~1\KuGoo\IEHELP~1.DLL
O2 - BHO: AssistII - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\Program Files\3721\Assist\asbar.dll
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - (no file)
O2 - BHO: YiSou - {EF1D17A9-089F-40cc-8D64-7324CDEBA0DB} - C:\PROGRA~1\YiSou\yisoub.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\Program Files\3721\Assist\asbar.dll
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: 一搜工具条 - {115F6E46-FCBC-41ed-B3B5-3BDDD4AAB5E5} - C:\PROGRA~1\YiSou\yisou.dll
O3 - Toolbar: (no name) - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - (no file)
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Lskbdrv] C:\Program Files\Lenovo\幸福一键通\Kbdriver.exe
O4 - HKLM\..\Run: [LenSoft] C:\Program Files\Lenovo\幸福一键通\FlyShuttle.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [internat.exe] internat.exe
O4 - HKLM\..\Run: [RavTime] C:\WINDOWS\system32\RavTime.hta
O4 - HKLM\..\Run: [rfw] F:\瑞星\防火墙\rfw\Rfw.exe
O4 - HKLM\..\Run: [RavTimer] F:\瑞星\RAV\RAVTIMER.EXE
O4 - HKLM\..\Run: [uc] rem F:\uc\UC\UC\UC.exe
O4 - HKLM\..\Run: [WinampAgent] F:\MP3\Winamp\winampa.exe
O4 - HKLM\..\Run: [CdnCtr] C:\Program Files\CNNIC\Cdn\cdnup.exe
O4 - HKLM\..\Run: [360Main.exe] C:\PROGRA~1\360so\360Main.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [RavMon] F:\瑞星\RAV\RAVMON.EXE -SYSTEM
O4 - HKLM\..\Run: [helper.dll] C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32
O4 - HKLM\..\Run: [assistse] "C:\PROGRA~1\3721\assistse.exe"
O4 - HKLM\..\RunOnce: [C:\PROGRA~1\3721\alrex.dll] regsvr32 /s C:\PROGRA~1\3721\alrex.dll
O4 - HKLM\..\RunOnce: [CnsMinKP] rundll32.exe C:\PROGRA~1\3721\ASSIST\KEEPMAIN.DLL,ReInstallKP
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Kugoo] rem F:\Program Files\KuGoo\kugoo.exe
O4 - HKCU\..\Run: [Shareaza] rem "F:\BT2\Shareaza.exe" -tray
O4 - Startup: 迅雷4.lnk = ?
O4 - Startup: 瑞星监控中心.lnk = ?
O4 - Startup: 腾讯QQ.lnk = E:\qq\2005b\QQ.exe
