【回复“cukeman”的帖子】
HijackThis_zww汉化版扫描日志 V1.99.1
保存于 11:18:54, 日期 2006-10-28
操作系统: Windows XP SP2 (WinNT 5.01.2600)
浏览器: Internet Explorer v6.00 SP2 (6.00.2900.2180)
当前运行的进程:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ZarvaSoft\Smart Update Utility\Ahnsdsv.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
D:\Oracle\Ora81\BIN\TNSLSNR.exe
d:\oracle\ora81\bin\ORACLE.EXE
D:\Oracle\Ora81\BIN\OWASTSVR.EXE
D:\Oracle\Ora81\bin\oradim.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Thunder Network\Thunder\Program\Thunder5.exe
C:\Program Files\WinRAR\WinRAR.exe
F:\tmp\hijackthis1.99.1汉化第二版(7月16日).exe
C:\Program Files\HijackThis1991汉化版\HijackThis1991zww.exe
O3 - IE工具栏增项: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - IE工具栏增项: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - IE工具栏增项: (no name) - {2E2930AD-36FA-479D-89A6-97A2D5BAD1C1} - (no file)
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: 27BC04.exe
O4 - Global Startup: 27BC04.exe
O8 - IE右键菜单中的新增项目: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm
O8 - IE右键菜单中的新增项目: &使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm
O9 - 浏览器额外的按钮: 启动迅雷 - {0062C9BD-B349-40DE-91A0-755F37ACD559} - C:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - 浏览器额外的“工具”菜单项: 启动迅雷 - {0062C9BD-B349-40DE-91A0-755F37ACD559} - C:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - 浏览器额外的按钮: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\WINDOWS\system32\shdocvw.dll
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\WINDOWS\system32\shdocvw.dll
O9 - 浏览器额外的按钮: 浙江政务通 - {E304AA89-81CF-400f-B713-922B98BC3646} - C:\Program Files\commnet\Rss.exe
O9 - 浏览器额外的“工具”菜单项: 浙江政务通 - {E304AA89-81CF-400f-B713-922B98BC3646} - C:\Program Files\commnet\Rss.exe
O15 - 添加的受信任的 IP 地址范围: 10.25.5.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{B7011F7D-36BF-4FF2-A2D2-D5B42CC3032F}: NameServer = 218.74.122.75,218.74.122.74
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O23 - NT 服务: Ahnlab Task Scheduler - Ahnlab, Inc. - C:\Program Files\ZarvaSoft\Smart Update Utility\Ahnsdsv.exe
O23 - NT 服务: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - NT 服务: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
O23 - NT 服务: OracleOraHome81Agent - oracle - D:\Oracle\Ora81\bin\dbsnmp.exe
O23 - NT 服务: OracleOraHome81ClientCache - Unknown owner - D:\Oracle\Ora81\BIN\ONRSD.EXE
O23 - NT 服务: OracleOraHome81DataGatherer - Unknown owner - D:\Oracle\Ora81\bin\vppdc.exe
O23 - NT 服务: OracleOraHome81ManagementServer - Unknown owner - D:\Oracle\Ora81\bin\OMSNTsrv.exe
O23 - NT 服务: OracleOraHome81TNSListener - Unknown owner - D:\Oracle\Ora81\BIN\TNSLSNR.exe
O23 - NT 服务: OracleServiceJNXGSJ - Oracle Corporation - d:\oracle\ora81\bin\ORACLE.EXE
O23 - NT 服务: OracleWebAssistant0 - Oracle Corporation - D:\Oracle\Ora81\BIN\OWASTSVR.EXE
