Logfile of HijackThis v1.99.1
Scan saved at 19:41:00, on 2007-4-26
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\system\SVCH0ST.EXE
D:\WINDOWS\system32\rundll32.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\WINDOWS\system32\RUNDLL32.EXE
D:\WINDOWS\system32\browser.exe
D:\WINDOWS\system32\conime.exe
D:\WINDOWS\system32\rundll32.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\WINDOWS\system32\taskmgr.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\DOCUME~1\zhang\LOCALS~1\Temp\hijackthis.zip 的临时目录 1\HijackThis.exe
R3 - URLSearchHook: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - D:\Program Files\Yahoo!\Assistant\Assist\yasbar.dll
R3 - URLSearchHook: ContextSearch Class - {88351CEF-BAC0-4A9B-8380-31A173E2926F} - D:\Program Files\yok\toolbar.dll
R3 - URLSearchHook: 7a62 - {DFCB34B6-902D-426E-AE2B-1B294AE19F4F} - D:\WINDOWS\system32\4db9ntos.dll
O2 - BHO: WebThunderBHO - {00000AAA-A363-466E-BEF5-9BB68697AA7F} - D:\迅雷\WebThunderBHO_016.dll
O2 - BHO: (no name) - {06814526-7a62-4db9-ae2b-1b294ae19f4f} - D:\WINDOWS\system32\4db9ntos.dll
O2 - BHO: KaoLaBar.KlbBho - {23CE480B-B9D5-4083-9A50-4A20A47208CA} - D:\Program Files\Brilliant\KaoLaBao\klb.dll
O2 - BHO: vgfv - {318A177A-BFB3-4B0F-9155-8C3D064D8DC3} - D:\PROGRA~1\bpoe\ftsi.dll (file missing)
O2 - BHO: yPhtb - {33BBE430-0E42-4f12-B075-8D21ACB10DCB} - D:\Program Files\Yahoo!\Assistant\Assist\yphtb.dll
O2 - BHO: Sodui Search - {35EC0410-555E-4402-B372-D9A6E0BF6795} - D:\WINDOWS\system32\winkji05.dll
O2 - BHO: Info cache - {385AB8C6-FB22-4D17-8834-064E2BA0A6F0} - D:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll
O2 - BHO: Anti Fish - {38928D50-8A48-44C2-945F-D2F23F771410} - D:\Program Files\Yahoo!\Assistant\Assist\yAngling.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - D:\QQ\QQIEHelper.dll
O2 - BHO: KAVAntiFishing - {55302805-482E-470E-8A57-6795A1487F90} - D:\KAV2006\KAVAFish.DLL (file missing)
O2 - BHO: MyFavor Web - {5537AA9F-7FE5-40E1-AEC7-D3B7E01FCA73} - D:\WINDOWS\system32\MyFavor.dll
O2 - BHO: YDragSearch - {62EED7C6-9F02-42f9-B634-98E2899E147B} - D:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL
O2 - BHO: (no name) - {635ea622-466c-4d32-8b0d-4e03f37a8dbf} - D:\WINDOWS\system32\4d32cfsb.dll (file missing)
O2 - BHO: YOK - {75FE2B5A-D3A4-4EFA-AC11-ADC9C9459688} - D:\Program Files\yok\toolbar.dll
O2 - BHO: Navigator Class - {76FC3938-C6CA-475D-8D3B-45F323A6B62B} - D:\Documents and Settings\All Users\Application Data\Microsoft\Office\NAVDATA\VCKINVcdq0webnav_2013.dll (file missing)
O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - D:\PROGRA~1\baidu\bar\baidubar.dll
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O2 - BHO: browser Class - {C86488AF-13D5-4FEF-9DDF-9FB88698CFC1} - D:\Documents and Settings\All Users\Application Data\Microsoft\Office\USERDATA\Xd55OZRJjd_2016.dll
O2 - BHO: Editor - {D92EB6BE-C6CA-475D-8D3B-45F323A6B62B} - D:\Documents and Settings\All Users\Application Data\Microsoft\Office\NAVDATA\aoblc62kWmwebnav_2013.dll
O2 - BHO: (no name) - {debd9a4c-5d75-4508-8b0d-4e03f37a8dbf} - D:\WINDOWS\system32\4508cfsb.dll
O2 - BHO: IEPlus Class - {E58B6AC6-2A5E-47C0-A645-3881DA698558} - D:\WINDOWS\system32\AUTPRX.DLL
O2 - BHO: AlxTB BHO - {F1FABE79-25FC-46de-8C5A-2C6DB9D64333} - D:\WINDOWS\system32\AlxTB1.dll
O2 - BHO: AssistHelper - {FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} - D:\Program Files\Yahoo!\Assistant\Assist\yassist.dll
O3 - Toolbar: 雅虎助手 - {406F94F0-504F-4A40-8DFD-58B0666ABEBD} - D:\Program Files\Yahoo!\Assistant\Assist\yasbar.dll
O3 - Toolbar: 百度超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - D:\PROGRA~1\baidu\bar\baidubar.dll
O3 - Toolbar: 考拉宝 - {1FA8CCF4-95A6-4BA1-B4F2-5E2AAFE3EA22} - D:\Program Files\Brilliant\KaoLaBao\klb.dll
O3 - Toolbar: Alexa - {3CEFF6CD-6F08-4e4d-BCCD-FF7415288C3B} - D:\WINDOWS\system32\SHDOCVW.DLL
O3 - Toolbar: 7a62 - {DFCB34B6-902D-426E-AE2B-1B294AE19F4F} - D:\WINDOWS\system32\4db9ntos.dll
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [yok.exe] D:\Program Files\yok\yok.exe
O4 - HKLM\..\Run: [YLive.exe] rem D:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
O4 - HKLM\..\Run: [yassistse] rem D:\Program Files\Yahoo!\Assistant\yAssistSe.exe
O4 - HKLM\..\Run: [WebThunder] D:\迅雷\WebThunder.exe
O4 - HKLM\..\RunServices: [RavMon] D:\Program Files\rising\rav\RavMon.exe /AUTO
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\getAllurl.htm
O8 - Extra context menu item: Alexa Web Search - http://client.alexa.com/holiday/script/actions/search.htm
O8 - Extra context menu item: Get Alexa Data - http://client.alexa.com/holiday/script/actions/sitedata.htm
O8 - Extra context menu item: Mail to a Friend... - http://client.alexa.com/holiday/script/actions/mailto.htm
O8 - Extra context menu item: See Related Links - http://client.alexa.com/holiday/script/actions/related.htm
O8 - Extra context menu item: Write a Review... - http://client.alexa.com/holiday/script/actions/review.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 使用Web迅雷下载 - D:\迅雷\GetUrl.htm
O8 - Extra context menu item: 使用Web迅雷下载全部链接 - D:\迅雷\GetAllUrl.htm
O8 - Extra context menu item: 使用网际快车下载 - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\QQ\AddEmotion.htm
O8 - Extra context menu item: 添加到雅虎订阅(&Y) - res://D:\Program Files\Yahoo!\Assistant\Assist\yrss.dll/YRSSMENUEXT
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\QQ\SendMMS.htm
O8 - Extra context menu item: 金山毒霸反钓鱼... - D:\KAV2006\KAF\ShowSet.htm
O8 - Extra context menu item: 雅虎搜索 - res://D:\Program Files\Yahoo!\Assistant\Assist\yasbar.dll/203
O9 - Extra button: 考拉宝 - {4C5114BB-D5A8-410d-B728-AF6232385661} - D:\Program Files\Brilliant\KaoLaBao\klb.dll
O9 - Extra 'Tools' menuitem: 启动考拉宝 - {4C5114BB-D5A8-410d-B728-AF6232385661} - D:\Program Files\Brilliant\KaoLaBao\klb.dll
O9 - Extra button: 雅虎助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://cn.zs.yahoo.com/start.htm?source=yzs_icon&btn=yassistnew (file missing)
O9 - Extra button: 启动Web迅雷 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - http://my.xunlei.com (file missing)
O9 - Extra 'Tools' menuitem: 启动Web迅雷 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - http://my.xunlei.com (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm (file missing)
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm (file missing)
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\QQ\QQ.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: 财富通 - {C1F0024B-8278-4999-B7E6-2718426D9FE6} - D:\Program Files\财富通\caifu.dll (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: d:\windows\system32\cdnns.dll
O16 - DPF: {E847C78C-C210-4195-8799-FBF3BF89797D} (金山毒霸在线产品升级) - http://www.duba.net/cab/KOSInit.cab
O18 - Protocol: KuGoo3 - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - E:\52kk\kugoo\KuGoo3\InExtend\KuGoo3DownXControl.ocx
O21 - SSODL: nyxq - {D4CCDF89-9FB2-4969-9027-95F6CD3EF5E9} - D:\PROGRA~1\mxwp\nyxq.dll
O21 - SSODL: wbwk - {12311512-2C1D-44b2-A044-872AD2AD5A61} - D:\PROGRA~1\mxwp\nyxq.dll
O23 - Service: Computer Browserex (Browserex) - Unknown owner - D:\WINDOWS\system32\browser.exe
O23 - Service: System Local Kernel Service (kernel) - Unknown owner - D:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\JiGvgo61qc.exe
O23 - Service: MICR0SOFT SVCH0ST (MS_SVCH0ST) - Unknown owner - D:\WINDOWS\system\SVCH0ST.EXE
