谢谢了!
HijackThis_815汉化版扫描日志 V1.99.1
保存于 9:41:47, 日期 2008-4-8
操作系统: Windows XP SP2 (WinNT 5.01.2600)
浏览器: Internet Explorer v6.00 SP2 (6.00.2900.2180)
当前运行的进程:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\JiangMin\kvnet\CltSrv.exe
C:\Program Files\JiangMin\AntiVirus\KVWSC.exe
C:\WINDOWS\system32\mnmsrvc.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\JiangMin\kvnet\KVTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\jj4\jjsvr4.exe
C:\Program Files\Wind's Soft\FreeICQ\Client\FICQ.exe
C:\WINDOWS\system32\DllHost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\conime.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\BigFix Enterprise\BES Client\BESClient.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\Administrator\桌面\HijackThis1991\HijackThis1991zww.exe
C:\Program Files\Internet Explorer\iexplore.exe
O2 - BHO: BrowseHelper Class - {80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9} - C:\Program Files\JiangMin\AntiVirus\KVshell.dll
O3 - IE工具栏增项: 江民杀毒工具栏 - {B5A34A93-D538-43A7-8371-864CB6148D12} - C:\Program Files\JiangMin\AntiVirus\KVshell.dll
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [KvMonXP] "C:\KVNET\KVMonXP.kxp" /auto
O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - 启动项HKLM\\Run: [KVTray.exe] C:\Program Files\JiangMin\kvnet\KVTray.exe
O4 - 启动项HKLM\\Run: [KVMON] "C:\Program Files\JiangMin\AntiVirus\KVMonXP.kxp"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [bgswitch] C:\WINDOWS\system32\bgswitch.exe
O4 - HKCU\..\Run: [pyjj] C:\Program Files\jj4\jjsvr4.exe
O4 - Startup: FreeICQ.lnk = C:\Program Files\Wind's Soft\FreeICQ\Client\FICQ.exe
O9 - 浏览器额外的按钮: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - 浏览器额外的“工具”菜单项: Sun Java 控制台 - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - 浏览器额外的按钮: 番茄花园 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.tomatolei.com (file missing)
O9 - 浏览器额外的“工具”菜单项: 番茄花园 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.tomatolei.com (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://www.microsoft.com/
O15 - 添加的受信任的 IP 地址范围: http://10.89.168.8
O15 - 添加的受信任的 IP 地址范围: http://10.89.168.20
O15 - 添加的受信任的 IP 地址范围: http://10.89.168.7
O16 - DPF: {05364DDD-F67A-4619-AE4C-B8E1615A6639} (Taoda Control) - http://10.89.168.20:9080/zhnt/jsp/dist/print/TaoDaP2.ocx
O16 - DPF: {3F166327-8030-4881-8BD2-EA25350E574A} (CellWeb5 Control) - http://10.89.168.20:9080/zhnt/jsp/call/genemng/report/cellweb5.cab
O16 - DPF: {A4D9BC76-39AE-4BC9-8D6E-FCEA471D6C44} (Project1.RunCmdPro) - http://10.89.168.8/scycportal/skins/default/RunCmd/RunCmd.CAB
O16 - DPF: {AE02FF7E-4DF3-4F92-90AD-839B560D6359} (LoadWord.LoadCOM) - http://10.89.168.7/hsoa/Share/Tools/LoadWord.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{6A3B11C8-88C4-4E75-A367-1D438382151F}: NameServer = 61.139.2.69
O23 - NT 服务: BES Client (BESClient) - BigFix Inc. - C:\Program Files\BigFix Enterprise\BES Client\BESClient.exe
O23 - NT 服务: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - NT 服务: KVNETClient - Jiangmin Co., Ltd. - C:\Program Files\JiangMin\kvnet\CltSrv.exe
O23 - NT 服务: KVSrvXP - Jiangmin Co., Ltd. - C:\Program Files\JiangMin\AntiVirus\kvsrvxp.exe
O23 - NT 服务: KVWSC - Jiangmin Co.,Ltd - C:\Program Files\JiangMin\AntiVirus\KVWSC.exe
[用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
