Logfile of HijackThis v1.99.1
Scan saved at 10:46:31, on 2006-4-18
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
D:\WinXP\CPUCooL\CooLSrv.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
D:\WinXP\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\SkyNet\FireWall\pfw.exe
D:\WinXP\迷你迅雷 1.2.1.9\ThunderMini.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\ctfmon.exe
D:\WinXP\迷你迅雷 1.2.1.9\TDUpdate.exe
C:\Program Files\内存扫把\ram.exe
C:\WINDOWS\system32\conime.exe
C:\WINDOWS\system32\wuauclt.exe
D:\工具\HijackThi\HijackThis.exe

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O1 - Hosts: 219.150.115.194 www.yxwzsf.com # Additionally, comments Microsoft
O1 - Hosts: 219.150.115.194 yxwzsf.com #TS file
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v6.dll
O2 - BHO: (no name) - {A9930D97-9CF0-42A0-A10D-4F28836579D5} - D:\WinXP\KuGoo3\KuGoo3DownXControl.ocx
O3 - Toolbar: (no name) - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - (no file)
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\kakatool.dll
O4 - HKLM\..\Run: [SKYNET Personal FireWall] C:\PROGRA~1\SkyNet\FireWall\pfw.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [thunder_mini] D:\WinXP\迷你迅雷 1.2.1.9\ThunderMini.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: LAN.lnk = ?
O4 - Startup: 内存扫把.lnk = ?
O8 - Extra context menu item: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\getallurl.htm
O8 - Extra context menu item: &使用迷你迅雷下载 - D:\WinXP\迷你迅雷 1.2.1.9\geturl.htm
O8 - Extra context menu item: 使用KuGoo3下载(&K) - D:\WinXP\KuGoo3\KuGoo3DownX.htm
O9 - Extra button: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-E800A446447A} - D:\WinXP\浩方对战平台\GameClient.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {C661F36D-DF85-4EF4-83C7-E107B83D04B1} (WebActivater Control) - http://dl_dir.qq.com/3dshow/3DShowVM.cab
O16 - DPF: {E787FD25-8D7C-4693-AE67-9406BC6E22DF} (CPasswordEditCtrl Object) - https://www.tenpay.com/download/qqedit.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A5C9C936-B4E6-4835-A3DF-881966A01D63}: NameServer = 211.98.192.3 61.233.65.3
O23 - Service: CPUCooLServer Service (CPUCooLServer) - Unknown owner - D:\WinXP\CPUCooL\CooLSrv.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset  - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\WinXP\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe



谢谢了啊~~~~~~~~~~~~~~~~~~~~~~~

C:\WINDOWS\system32\UAService7.exe
这个是什么东东啊~

汗~~~ 我是最近几天才有这个进程的啊~~
郁闷了~~