瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 经常跳出乱七八糟的网页,还有好多莫名其妙的进程

1   1  /  1  页   跳转

经常跳出乱七八糟的网页,还有好多莫名其妙的进程

收藏
゛*мм戀ル
头像
拙长孩提狮
  • 帖子:152
  • 注册: 2006-03-26
  • 来自:
发表于: 2006-09-08 13:55 | 显示全部 短消息 资料
字号: 1楼

经常跳出乱七八糟的网页,还有好多莫名其妙的进程

2006-09-08,13:35:12

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 1 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<><regedit -s C:\$NtUninstallQ887678$\WINSYS.cer> []
<ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe> [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><C:\PROGRA~1\svhost32.exe> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [Microsoft Corporation]
<MSPY2002><C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC> []
<PHIME2002ASync><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [Microsoft Corporation]
<PHIME2002A><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [Microsoft Corporation]
<SoundMan><SOUNDMAN.EXE> [Realtek Semiconductor Corp.]
<MS-4011 Memory Patch><A:\RavSasser.exe -Patch> []
<HPDJ Taskbar Utility><C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe> [HP]
<QuickTime Task><"C:\Program Files\QuickTime\qttask.exe" -atboottime> [Apple Computer, Inc.]
<RealTray><C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER> []
<EssSpkPhone><esscw10.exe> []
<WlN32><regedit -s C:\$NtUninstallQ887678$\WINSYS.cer> []
<internat.exe><internat.exe> []
<SOUNDM><winsmd.exe> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
<WlN32><C:\$NtUninstallQ887678$\WINSYS.vbs> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<KernelFaultCheck><C:\WINDOWS\System32\msime.exe> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><KB273100M.LOG> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<DVDBurn><C:\WINDOWS\Downloaded Program Files\AfxEdit.dll> []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [Microsoft Corporation]
<PHIME2002A><; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [Microsoft Corporation]
<PHIME2002ASync><; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [Microsoft Corporation]
<RealTray><; C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER> []

==================================
启动文件夹
[柯达 EasyShare 软件]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\柯达 EasyShare 软件.lnk><N>
[Kodak software updater]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Kodak software updater.lnk><N>

==================================
服务
[Black Hole2005 Professional Version / Black Hole2005 Professional]
<C:\WINDOWS\性感的(清姐)疯狂自拍.exe><N/A>
[C-DillaCdaC11BA / C-DillaCdaC11BA]
<C:\WINDOWS\System32\drivers\CDAC11BA.EXE><Macrovision>
[Kodak Camera Connection Software / KodakCCS]
<C:\WINDOWS\system32\drivers\KodakCCS.exe><Eastman Kodak Company>
[ScsiAccess / ScsiAccess]
<C:\WINDOWS\System32\ScsiAccess.EXE><N/A>
[Update Service For Windows / winupdate]
<C:\WINDOWS\winupdate.exe><N/A>

==================================
浏览器加载项
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx, >
[IeCatch2 Class]
{A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft>
[SSBandLoader Class]
{D3A3C954-41C2-4AA1-B011-9D9B0306AC23} <C:\Program Files\RichSpark\StockStarFuGui\SSBand\StockStarBand.dll, StockStar>
[]
{E730189A-9973-4121-B046-AD1C161EC3AF} <C:\WINDOWS\system32\37211.dll, 3721公司<推荐使用>>
[StockStarToolBand Class]
{A2F82B60-F338-11D3-A74A-009027A7903D} <C:\Program Files\RichSpark\StockStarFuGui\SSBand\StockStarBand.dll, StockStar>
[@shdoclc.dll,-866]
{c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[FlashGet]
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\flashget.exe, Amaze Soft>
[电台(&R)]
{8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[FlashGet Bar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[StockStarToolBand Class]
{000FCCCE-C733-11D3-A704-009027A7903D} <C:\Program Files\RichSpark\StockStarFuGui\SSBand\StockStarBand.dll, StockStar>
[WSView Class]
{219A9041-2709-4FAB-96E4-93E4FA495E1E} <C:\WINDOWS\DOWNLO~1\WSViewer.dll, >
[SafeEngineCtl Class]
{B48B9648-E9F0-48A3-90A5-8C588CE0898F} <C:\WINDOWS\DOWNLO~1\SAFEEN~1.DLL, Shanghai Electronic Certificate Authority Center Co,Ltd>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[使用网际快车下载]
<C:\PROGRA~1\FLASHGET\jc_link.htm, N/A>
[使用网际快车下载全部链接]
<C:\PROGRA~1\FLASHGET\jc_all.htm, N/A>

==================================
正在运行的进程
[PID: 440][\SystemRoot\System32\smss.exe] <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 504][\??\C:\WINDOWS\system32\csrss.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 528][\??\C:\WINDOWS\system32\winlogon.exe] <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[C:\WINDOWS\KB273100M.LOG] <N/A><N/A>
[PID: 580][C:\WINDOWS\system32\services.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[C:\WINDOWS\KB273100M.LOG] <N/A><N/A>
[PID: 592][C:\WINDOWS\system32\lsass.exe] <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[C:\WINDOWS\KB273100M.LOG] <N/A><N/A>
[PID: 780][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[C:\WINDOWS\KB273100M.LOG] <N/A><N/A>
[PID: 836][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[C:\WINDOWS\KB273100M.LOG] <N/A><N/A>
[PID: 992][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[C:\WINDOWS\KB273100M.LOG] <N/A><N/A>
[PID: 1012][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[C:\WINDOWS\KB273100M.LOG] <N/A><N/A>
[PID: 1160][C:\WINDOWS\system32\spoolsv.exe] <Microsoft Corporation><5.1.2600.0 (XPClient.010817-1148)>
[C:\WINDOWS\KB273100M.LOG] <N/A><N/A>
[C:\WINDOWS\system32\hpzsnt05.dll] <HP><2,128,0,0>
[PID: 1280][C:\WINDOWS\System32\alg.exe] <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[C:\WINDOWS\KB273100M.LOG] <N/A><N/A>
[PID: 1332][C:\WINDOWS\System32\drivers\CDAC11BA.EXE] <Macrovision><4.20.020>
[C:\WINDOWS\KB273100M.LOG] <N/A><N/A>
[PID: 1380][C:\WINDOWS\system32\drivers\KodakCCS.exe] <Eastman Kodak Company><1.1.5100.0>
[C:\WINDOWS\KB273100M.LOG] <N/A><N/A>
[PID: 1432][C:\WINDOWS\System32\ScsiAccess.EXE] <N/A><N/A>
[PID: 1480][C:\WINDOWS\winupdate.exe] <N/A><N/A>
[C:\WINDOWS\KB273100M.LOG] <N/A><N/A>
[PID: 508][C:\WINDOWS\Explorer.EXE] <Microsoft Corporation><6.00.2800.1106 (xpsp1.020828-1920)>
[C:\WINDOWS\KB273100M.LOG] <N/A><N/A>
[C:\WINDOWS\System32\AcSignIcon.dll] <Autodesk><16.0.0.86>
[C:\WINDOWS\System32\ztdll.dll] <N/A><N/A>
[C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll] <Autodesk><16.0.0.86>
[C:\DOCUME~1\BLUEWA~1\LOCALS~1\Temp\IadHide5.dll] <BackWeb><Version 6.3.2 (Build 62R)>
[C:\WINDOWS\System32\KB2731006.LOG] <N/A><N/A>
[C:\PROGRA~1\FLASHGET\jccatch.dll] <Amaze Soft><1, 1, 4, 0>
[C:\WINDOWS\system32\37211.dll] <3721公司<推荐使用>><1.0.0.0>
[C:\Program Files\WinRAR\rarext.dll] <N/A><N/A>
[PID: 1000][C:\PROGRA~1\svhost32.exe] <N/A><N/A>
[C:\WINDOWS\KB273100M.LOG] <N/A><N/A>
[C:\WINDOWS\System32\ztdll.dll] <N/A><N/A>
[PID: 1080][C:\WINDOWS\System32\msime.exe] <Microsoft Corporation><5.1.2600.2180>
[C:\WINDOWS\KB273100M.LOG] <N/A><N/A>
[C:\WINDOWS\System32\ztdll.dll] <N/A><N/A>
[PID: 1364][C:\WINDOWS\SOUNDMAN.EXE] <Realtek Semiconductor Corp.><5.1.0.28>
[C:\WINDOWS\KB273100M.LOG] <N/A><N/A>
[C:\WINDOWS\System32\ztdll.dll] <N/A><N/A>
[PID: 1460][C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe] <HP><2,128,0,0>
[C:\WINDOWS\KB273100M.LOG] <N/A><N/A>
[C:\WINDOWS\System32\spool\drivers\w32x86\3\HPZR3205.DLL] <HP><2,128,0,0>
[C:\WINDOWS\System32\ztdll.dll] <N/A><N/A>
[PID: 1416][C:\Program Files\QuickTime\qttask.exe] <Apple Computer, Inc.><6.4>
[C:\WINDOWS\KB273100M.LOG] <N/A><N/A>
[C:\WINDOWS\System32\ztdll.dll] <N/A><N/A>
[C:\DOCUME~1\BLUEWA~1\LOCALS~1\Temp\IadHide5.dll] <BackWeb><Version 6.3.2 (Build 62R)>
[C:\Program Files\QuickTime\QTPlugin.ocx] <Apple Computer, Inc.><6.4>
[C:\WINDOWS\System32\QuickTime.qts] <Apple Computer, Inc.><6.4>
[C:\WINDOWS\system32\QuickTime\QuickTime3GPP.qtx] <Apple Computer, Inc.><6.4>
[C:\WINDOWS\system32\QuickTime\QuickTimeAuthoring.qtx] <Apple Computer, Inc.><6.4>
[C:\WINDOWS\system32\QuickTime\QuickTimeCapture.qtx] <Apple Computer, Inc.><6.4>
[C:\WINDOWS\system32\QuickTime\QuickTimeEffects.qtx] <Apple Computer, Inc.><6.4>
[C:\WINDOWS\system32\QuickTime\QuickTimeEssentials.qtx] <Apple Computer, Inc.><6.4>
[C:\WINDOWS\system32\QuickTime\QuickTimeImage.qtx] <Apple Computer, Inc.><6.4>
[C:\WINDOWS\system32\QuickTime\QuickTimeInternetExtras.qtx] <Apple Computer, Inc.><6.4>
[C:\WINDOWS\system32\QuickTime\QuickTimeMPEG.qtx] <Apple Computer, Inc><6.4>
[C:\WINDOWS\system32\QuickTime\QuickTimeMPEG4.qtx] <Apple Computer, Inc.><6.4>
[PID: 1592][C:\Program Files\Real\RealPlayer\RealPlay.exe] <RealNetworks, Inc.><6.0.9.584>
最后编辑2006-09-08 15:57:25
分享到:
gototop
 
゛*мм戀ル
头像
拙长孩提狮
  • 帖子:152
  • 注册: 2006-03-26
  • 来自:
发表于: 2006-09-08 13:55 | 显示全部 短消息 资料
字号: 2楼

[C:\WINDOWS\System32\PNCRT.dll] <Real Networks, Inc><6.0.0.0>
[C:\WINDOWS\KB273100M.LOG] <N/A><N/A>
[C:\Program Files\Real\RealPlayer\rpap3260.dll] <RealNetworks, Inc.><6.0.9.631>
[C:\Program Files\Common Files\Real\Common\pngu3266.dll] <RealNetworks, Inc.><6.6.0.556>
[C:\Program Files\Common Files\Real\Common\pnrs3260.dll] <RealNetworks, Inc.><6.0.9.852>
[C:\Program Files\Common Files\Real\Common\rpcl3260.dll] <RealNetworks, Inc.><6.0.9.724>
[C:\Program Files\Common Files\Real\Common\pnen3260.dll] <RealNetworks, Inc.><6.0.8.1649>
[C:\WINDOWS\System32\ztdll.dll] <N/A><N/A>
[C:\Program Files\Common Files\Real\Plugins\auth3260.dll] <RealNetworks, Inc.><6.0.7.2764>
[C:\Program Files\Common Files\Real\Plugins\http3260.dll] <RealNetworks, Inc.><6.0.7.2965>
[C:\Program Files\Common Files\Real\Plugins\memf3260.dll] <RealNetworks, Inc.><6.0.8.1640>
[C:\Program Files\Common Files\Real\Plugins\meta3260.dll] <RealNetworks, Inc.><6.0.8.1587>
[C:\Program Files\Common Files\Real\Plugins\smmr3260.dll] <RealNetworks, Inc.><6.0.8.1577>
[C:\Program Files\Common Files\Real\Plugins\pnxr3260.dll] <RealNetworks, Inc.><6.0.8.1780>
[C:\Program Files\Common Files\Real\Plugins\rare3260.dll] <RealNetworks, Inc.><6.0.9.509>
[C:\Program Files\Common Files\Real\Plugins\swff3260.dll] <RealNetworks, Inc.><6.0.8.2507>
[C:\Program Files\Common Files\Real\Plugins\rtff3260.dll] <RealNetworks, Inc.><6.0.7.2619>
[C:\Program Files\Common Files\Real\Plugins\pxcg3260.dll] <RealNetworks, Inc.><6.0.7.1540>
[C:\Program Files\Common Files\Real\Plugins\pxcj3260.dll] <RealNetworks, Inc.><6.0.7.1540>
[C:\Program Files\Common Files\Real\Plugins\pxcp3260.dll] <RealNetworks, Inc.><6.0.7.1320>
[C:\Program Files\Common Files\Real\Plugins\pxre3260.dll] <RealNetworks, Inc.><6.0.7.1533>
[C:\Program Files\Common Files\Real\Plugins\pxgf3260.dll] <RealNetworks, Inc.><6.0.7.1585>
[C:\Program Files\Common Files\Real\Plugins\pxgr3260.dll] <RealNetworks, Inc.><6.0.7.1583>
[C:\Program Files\Common Files\Real\Plugins\ppff3260.dll] <RealNetworks, Inc.><6.0.7.2595>
[C:\Program Files\Common Files\Real\Plugins\audp3260.dll] <RealNetworks, Inc.><6.0.7.2842>
[C:\Program Files\Common Files\Real\Plugins\vidp3260.dll] <RealNetworks, Inc.><6.0.9.508>
[C:\Program Files\Common Files\Real\Plugins\Dbc_hbrf.dll] <Digital Bitcasting Corporation.><1.2.24>
[C:\Program Files\Common Files\Real\Plugins\Dbc_hbrr.dll] <Digital Bitcasting, A division of EMC Media Solutions Group><1.2.23.00>
[C:\Program Files\Common Files\Real\Plugins\pxjf3260.dll] <RealNetworks, Inc.><6.0.7.1585>
[C:\Program Files\Common Files\Real\Plugins\mp3f3260.dll] <RealNetworks, Inc.><6.0.9.1856>
[C:\Program Files\Common Files\Real\Plugins\rmff3260.dll] <RealNetworks, Inc.><6.0.9.516>
[C:\Program Files\Common Files\Real\Plugins\rvre3260.dll] <RealNetworks, Inc.><6.0.9.616>
[C:\Program Files\Common Files\Real\Plugins\pnvi3260.dll] <RealNetworks, Inc.><6.0.3.190>
[C:\Program Files\Common Files\Real\Plugins\vsrl3260.dll] <RealNetworks, Inc.><6.0.7.2394>
[C:\Program Files\Common Files\Real\Plugins\zipf3260.dll] <RealNetworks><6.0.7.2167>
[C:\Program Files\Real\RealPlayer\pngui_cn.dll] <RealNetworks, Inc.><6.0.4.108>
[C:\Program Files\Real\RealPlayer\psethvy_cn.dll] <RealNetworks, Inc.><6.0.4.108>
[C:\Program Files\Real\RealPlayer\rnath_cn.dll] <RealNetworks, Inc.><6.0.4.108>
[C:\Program Files\Real\RealPlayer\rnmsg_cn.dll] <RealNetworks, Inc.><6.0.4.108>
[C:\Program Files\Real\RealPlayer\rpclsvc_cn.dll] <RealNetworks, Inc.><6.0.4.108>
[C:\Program Files\Real\RealPlayer\rpmnpane_cn.dll] <RealNetworks, Inc.><6.0.4.108>
[C:\Program Files\Real\RealPlayer\rpdestpn_cn.dll] <RealNetworks, Inc.><6.0.4.108>
[C:\Program Files\Real\RealPlayer\rnereg_cn.dll] <RealNetworks, Inc.><6.0.4.108>
[C:\Program Files\Real\RealPlayer\rpapp_cn.dll] <RealNetworks, Inc.><6.0.4.108>
[C:\Program Files\Real\RealPlayer\rpclutil_cn.dll] <RealNetworks, Inc.><6.0.4.108>
[C:\Program Files\Common Files\Real\Common\rjbviz_cn.dll] <RealNetworks, Inc.><6.0.4.108>
[C:\Program Files\Real\RealPlayer\rpplus_cn.dll] <RealNetworks, Inc.><6.0.4.108>
[C:\Program Files\Real\RealPlayer\rpupgrd_cn.dll] <RealNetworks, Inc.><6.0.4.108>
[C:\Program Files\Real\RealPlayer\embedgui_cn.dll] <RealNetworks, Inc.><6.0.4.108>
[C:\Program Files\Real\RealPlayer\rpwfalzr_cn.dll] <N/A><N/A>
[C:\Program Files\Real\RealPlayer\rpscalzr_cn.dll] <RealNetworks, Inc.><6.0.4.108>
[C:\Program Files\Real\RealPlayer\rpbdalzr_cn.dll] <RealNetworks, Inc.><6.0.4.108>
[C:\Program Files\Real\RealPlayer\rpb8alzr_cn.dll] <RealNetworks, Inc.><6.0.4.108>
[C:\Program Files\Real\RealPlayer\rnms3260.dll] <RealNetworks, Inc.><6.0.8.692>
[C:\Program Files\Real\RealPlayer\pnmi3260.dll] <RealNetworks, Inc.><6.0.9.571>
[C:\Program Files\Common Files\Real\Update\rnqu3260.dll] <RealNetworks, Inc.><6.0.9.262>
[C:\Program Files\Common Files\Real\Update\rpup3260.dll] <RealNetworks, Inc.><6.0.9.636>
[C:\Program Files\Common Files\Real\Update\upgr3260.dll] <RealNetworks, Inc.><6.0.9.621>
[C:\Program Files\Common Files\Real\Update\setu3260.dll] <RealNetworks, Inc.><6.0.9.753>
[PID: 1600][C:\WINDOWS\esscw10.exe] <N/A><N/A>
[C:\WINDOWS\KB273100M.LOG] <N/A><N/A>
[C:\WINDOWS\System32\ztdll.dll] <N/A><N/A>
gototop
 
゛*мм戀ル
头像
拙长孩提狮
  • 帖子:152
  • 注册: 2006-03-26
  • 来自:
发表于: 2006-09-08 13:56 | 显示全部 短消息 资料
字号: 3楼

[PID: 1768][C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe] <Eastman Kodak Company><2, 0, 21, 49>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\SpiffyExt.dll] <><1, 0, 4, 254>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaDB.dll] <Eastman Kodak Company><1, 0, 21, 49>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\Atlas.dll] <Eastman Kodak><1, 0, 4, 269>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\pjObjDB.dll] <Eastman Kodak Company><1, 0, 4, 263>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\MediaEngine.dll] <SolidFX><4, 0, 1, 7>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\ipworks5.dll] </n software inc. - www.nsoftware.com><5.0.0.625>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaImage.dll] <Eastman Kodak Company><1, 0, 4, 294>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\KCat40.dll] <Eastman Kodak Company><4, 0, 4, 274>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\kcor40.dll] <Eastman Kodak Company><4, 0, 4, 252>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\LTDIS10N.dll] <LEAD Technologies, Inc.><10.0.0.024>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\LTKRN10N.dll] <LEAD Technologies, Inc.><10.0.0.024>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\LTFIL10N.DLL] <LEAD Technologies, Inc.><10.0.0.024>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\LTIMG10N.dll] <LEAD Technologies, Inc.><10.0.0.018>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\LTEFX10N.dll] <LEAD Technologies, Inc.><10.0.0.018>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaControls.dll] <><1, 0, 4, 295>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\LocVista.dll] <Eastman Kodak Co.><1, 0, 4, 108>
[C:\WINDOWS\KB273100M.LOG] <N/A><N/A>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaCollection.dll] <Eastman Kodak Company><1, 0, 21, 56>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaCDBackup.dll] <><1, 0, 4, 214>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\LocVistaCDBackup.dll] <Eastman Kodak Co.><1, 0, 4, 82>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\AcqMod.dll] <Eastman Kodak Company><1, 0, 21, 55>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\KPCDInterface.dll] <><1, 0, 4, 207>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\LocAcqMod.dll] <><1, 0, 4, 111>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaCameraUploadSysx.syx] <><1, 0, 4, 119>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\LocVistaCameraUploadSysx.dll] <Eastman Kodak Co.><1, 0, 4, 99>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\LocVistaCollection.dll] <Eastman Kodak Co.><1, 0, 4, 94>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\LocVistaCameraUploadCamBack.dll] <><1, 0, 4, 103>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaPrint.dll] <Eastman Kodak Company><1, 0, 21, 8>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\kpri40.dll] <><4, 0, 21, 15>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\LocVistaPrint.dll] <Eastman Kodak Co.><1, 0, 21, 27>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaPrintOnLine.dll] <><1, 0, 4, 302>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnlineHelper40.dll] <><4, 0, 4, 285>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnline.dll] <><1, 0, 4, 293>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\LocVistaPrintOnLine.dll] <Eastman Kodak Co.><1, 0, 4, 107>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaEmail.dll] <><1, 0, 4, 298>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\keml40.dll] <><4, 0, 4, 265>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\LocVistaEmail.dll] <Eastman Kodak Co.><1, 0, 4, 107>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaBrowser.syx] <Eastman Kodak Company><1, 0, 4, 196>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\LocVistaBrowser.dll] <Eastman Kodak Co.><1, 0, 4, 82>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\cameratodos.syx] <><1, 0, 4, 191>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\LocCameraToDos.dll] <Eastman Kodak Co.><1, 0, 4, 82>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\LocCameraToDosCamBack.dll] <><1, 0, 4, 105>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\PCDSYSX.syx] <Eastman Kodak Company><1, 0, 4, 199>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\LocPCDsysx.dll] <Eastman Kodak Co.><1, 0, 4, 82>
[C:\DOCUME~1\BLUEWA~1\LOCALS~1\Temp\IadHide5.dll] <BackWeb><Version 6.3.2 (Build 62R)>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaCameraCenter.syx] <><1, 0, 21, 45>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\LocVistaCameraCenter.dll] <Eastman Kodak Co.><1, 0, 4, 57>
[C:\Program Files\Kodak\Kodak EasyShare software\bin\PCDLaunchSysX.syx] <><1, 0, 4, 91>
[C:\WINDOWS\System32\ztdll.dll] <N/A><N/A>
[C:\WINDOWS\System32\AcSignIcon.dll] <Autodesk><16.0.0.86>
[C:\Program Files\Kodak\Kodak Easyshare Software\bin\Escom.dll] <><1, 0, 4, 243>
[PID: 1788][C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe] <N/A><N/A>
[C:\WINDOWS\KB273100M.LOG] <N/A><N/A>
[C:\Program Files\Kodak\Kodak Software Updater\7288971\6.3.2.62-7288971L\Program\backWeb.dll] <BackWeb Technologies Inc.><Version 6.3.2 (Build 62R)>
[C:\Program Files\Kodak\Kodak Software Updater\7288971\6.3.2.62-7288971L\Program\bwsec.dll] <BackWeb><Version 6.3.2 (Build 62R)>
[C:\Program Files\Kodak\Kodak Software Updater\7288971\6.3.2.62-7288971L\Program\clntutil.dll] <N/A><N/A>
[C:\PROGRA~1\Kodak\KODAKS~1\7288971\632~1.62-\program\EN\ClientRC.dll] <BackWeb Technologies Inc.><Version 6.3.2 (Build 62R)>
[C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\BWfiles-7288971.dll] <N/A><N/A>
[C:\Program Files\Kodak\Kodak Software Updater\7288971\6.3.2.62-7288971L\Program\BWfiles.dll] <><Version 6.3.2 (Build 62R)>
[C:\DOCUME~1\BLUEWA~1\LOCALS~1\Temp\IadHide5.dll] <BackWeb><Version 6.3.2 (Build 62R)>
[C:\WINDOWS\System32\ztdll.dll] <N/A><N/A>
[C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\frext-7288971.dll] <N/A><N/A>
[C:\Program Files\Kodak\Kodak Software Updater\7288971\6.3.2.62-7288971L\Program\frext.dll] <><Version 6.3.2 (Build 62R)>
[C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\bwclext.dll] <Eastman Kodak Company><1.0.0.5>
[C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\BWTargetInf.dll] <><1, 0, 0, 1>
[PID: 1664][C:\WINDOWS\System32\ctfmon.exe] <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[C:\WINDOWS\KB273100M.LOG] <N/A><N/A>
[C:\WINDOWS\System32\ztdll.dll] <N/A><N/A>
[PID: 2224][C:\WINDOWS\System32\conime.exe] <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[C:\WINDOWS\KB273100M.LOG] <N/A><N/A>
[C:\DOCUME~1\BLUEWA~1\LOCALS~1\Temp\IadHide5.dll] <BackWeb><Version 6.3.2 (Build 62R)>
[C:\WINDOWS\System32\ztdll.dll] <N/A><N/A>
[PID: 1372][C:\WINDOWS\ctfmon.exe] <N/A><N/A>
[C:\WINDOWS\KB273100M.LOG] <N/A><N/A>
[C:\WINDOWS\Downloaded Program Files\swflash.dll] <N/A><N/A>
[PID: 1068][C:\WINDOWS\System32\VKTServ.exe] <Microsoft Corporation><1.1.2600.2180>
[C:\WINDOWS\KB273100M.LOG] <N/A><N/A>
[PID: 2092][C:\PROGRA~1\FLASHGET\flashget.exe] <Amaze Soft><1, 4, 0, 0>
[C:\WINDOWS\KB273100M.LOG] <N/A><N/A>
[C:\DOCUME~1\BLUEWA~1\LOCALS~1\Temp\IadHide5.dll] <BackWeb><Version 6.3.2 (Build 62R)>
[C:\WINDOWS\System32\ztdll.dll] <N/A><N/A>
[C:\WINDOWS\System32\AcSignIcon.dll] <Autodesk><16.0.0.86>
[PID: 3164][C:\Downloads\sreng2\SREng2\SREng.exe] <Smallfrogs Studio><2.0.21.505>
[C:\WINDOWS\KB273100M.LOG] <N/A><N/A>
[C:\DOCUME~1\BLUEWA~1\LOCALS~1\Temp\IadHide5.dll] <BackWeb><Version 6.3.2 (Build 62R)>
[C:\WINDOWS\System32\ztdll.dll] <N/A><N/A>

==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR Error. [AutoCADScriptFile]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================
gototop
 
゛*мм戀ル
头像
拙长孩提狮
  • 帖子:152
  • 注册: 2006-03-26
  • 来自:
发表于: 2006-09-08 14:25 | 显示全部 短消息 资料
字号: 4楼

HijackThis_zww汉化版扫描日志 V1.99.1
保存于      14:14:45, 日期 2006-9-8
操作系统:  Windows XP SP1 (WinNT 5.01.2600)
浏览器:    Internet Explorer v6.00 SP1 (6.00.2800.1106)

当前运行的进程:         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\svhost32.exe
C:\WINDOWS\System32\msime.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\esscw10.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\conime.exe
C:\WINDOWS\ctfmon.exe
C:\WINDOWS\System32\VKTServ.exe
C:\WINDOWS\winupdate.exe
C:\Documents and Settings\Bluewater\桌面\HijackThis1[1].99.1\HijackThis1991zww.exe
C:\WINDOWS\winupdate.exe

F3 - REG:win.ini: load=C:\PROGRA~1\svhost32.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FLASHGET\jccatch.dll
O2 - BHO: (no name) - {D3931E9E-AE61-46B1-99BA-91C438A2C855} - C:\WINDOWS\system32\wp237211.dll
O2 - BHO: SSBandLoader Class - {D3A3C954-41C2-4AA1-B011-9D9B0306AC23} - C:\Program Files\RichSpark\StockStarFuGui\SSBand\StockStarBand.dll
O2 - BHO: (no name) - {E730189A-9973-4121-B046-AD1C161EC3AF} - C:\WINDOWS\system32\37211.dll
O3 - IE工具栏增项: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - IE工具栏增项: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll
O3 - IE工具栏增项: StockStarToolBand Class - {000FCCCE-C733-11D3-A704-009027A7903D} - C:\Program Files\RichSpark\StockStarFuGui\SSBand\StockStarBand.dll
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] ; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002ASync] ; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] ; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [MS-4011 Memory Patch] A:\RavSasser.exe -Patch
O4 - 启动项HKLM\\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - 启动项HKLM\\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - 启动项HKLM\\Run: [RealTray] ; C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - 启动项HKLM\\Run: [EssSpkPhone] esscw10.exe
O4 - 启动项HKLM\\Run: [WlN32] regedit -s C:\$NtUninstallQ887678$\WINSYS.cer
O4 - 启动项HKLM\\Run: [internat.exe] internat.exe
O4 - 启动项HKLM\\Run: [SOUNDM] winsmd.exe
O4 - 启动项HKLM\\RunOnce: [WlN32] C:\$NtUninstallQ887678$\WINSYS.vbs
O4 - HKCU\..\Run: [] regedit -s C:\$NtUninstallQ887678$\WINSYS.cer
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Global Startup: 柯达 EasyShare 软件.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - C:\PROGRA~1\FLASHGET\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - C:\PROGRA~1\FLASHGET\jc_all.htm
O9 - 浏览器额外的按钮: 财神通 - {A2F82B60-F338-11D3-A74A-009027A7903D} - C:\Program Files\RichSpark\StockStarFuGui\SSBand\StockStarBand.dll
O9 - 浏览器额外的按钮: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - 浏览器额外的“工具”菜单项: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - 浏览器额外的按钮: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - 浏览器额外的“工具”菜单项: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O16 - DPF: {219A9041-2709-4FAB-96E4-93E4FA495E1E} (WSView Class) - http://www.csj.sh.gov.cn/shuiy/WSViewer.cab
O16 - DPF: {B48B9648-E9F0-48A3-90A5-8C588CE0898F} (SafeEngineCtl Class) - http://www.csj.sh.gov.cn/shuiy/SafeEngineCOM.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0FD09B1B-0F01-476D-9FAB-8953FF5F3427}: NameServer = 202.96.209.5 202.96.209.133
O17 - HKLM\System\CCS\Services\Tcpip\..\{AD3544C5-017F-4A30-A4C8-17A26976DA20}: NameServer = 202.96.209.5,202.96.209.133
O17 - HKLM\System\CS1\Services\Tcpip\..\{0FD09B1B-0F01-476D-9FAB-8953FF5F3427}: NameServer = 202.96.209.5 202.96.209.133
O20 - AppInit_DLLs: KB273100M.LOG
O21 - SSODL: DVDBurn - {790448C3-4239-45AF-C98B-367991A8B103} - C:\WINDOWS\Downloaded Program Files\AfxEdit.dll
O23 - NT 服务: Black Hole2005 Professional Version (Black Hole2005 Professional) - Unknown owner - C:\WINDOWS\性感的(清姐)疯狂自拍.exe
O23 - NT 服务: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - NT 服务: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - NT 服务: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
O23 - NT 服务: Update Service For Windows (winupdate) - Unknown owner - C:\WINDOWS\winupdate.exe
gototop
 
゛*мм戀ル
头像
拙长孩提狮
  • 帖子:152
  • 注册: 2006-03-26
  • 来自:
发表于: 2006-09-08 15:05 | 显示全部 短消息 资料
字号: 5楼

大家帮我看下额,谢谢,我修复过了
HijackThis_zww汉化版扫描日志 V1.99.1
保存于      14:54:18, 日期 2006-9-8
操作系统:  Windows XP SP1 (WinNT 5.01.2600)
浏览器:    Internet Explorer v6.00 SP1 (6.00.2800.1106)

当前运行的进程:         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Documents and Settings\Bluewater\桌面\HijackThis1[1].99.1\HijackThis1991zww.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FLASHGET\jccatch.dll
O2 - BHO: (no name) - {D3931E9E-AE61-46B1-99BA-91C438A2C855} - C:\WINDOWS\system32\wp237211.dll
O2 - BHO: SSBandLoader Class - {D3A3C954-41C2-4AA1-B011-9D9B0306AC23} - C:\Program Files\RichSpark\StockStarFuGui\SSBand\StockStarBand.dll
O3 - IE工具栏增项: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - IE工具栏增项: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll
O3 - IE工具栏增项: StockStarToolBand Class - {000FCCCE-C733-11D3-A704-009027A7903D} - C:\Program Files\RichSpark\StockStarFuGui\SSBand\StockStarBand.dll
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] ; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002ASync] ; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] ; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [MS-4011 Memory Patch] A:\RavSasser.exe -Patch
O4 - 启动项HKLM\\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - 启动项HKLM\\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - 启动项HKLM\\Run: [RealTray] ; C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - 启动项HKLM\\Run: [EssSpkPhone] ; esscw10.exe
O4 - 启动项HKLM\\Run: [internat.exe] internat.exe
O4 - 启动项HKLM\\Run: [SOUNDM] winsmd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Global Startup: 柯达 EasyShare 软件.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - C:\PROGRA~1\FLASHGET\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - C:\PROGRA~1\FLASHGET\jc_all.htm
O9 - 浏览器额外的按钮: 财神通 - {A2F82B60-F338-11D3-A74A-009027A7903D} - C:\Program Files\RichSpark\StockStarFuGui\SSBand\StockStarBand.dll
O9 - 浏览器额外的按钮: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - 浏览器额外的“工具”菜单项: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - 浏览器额外的按钮: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - 浏览器额外的“工具”菜单项: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O16 - DPF: {219A9041-2709-4FAB-96E4-93E4FA495E1E} (WSView Class) - http://www.csj.sh.gov.cn/shuiy/WSViewer.cab
O16 - DPF: {B48B9648-E9F0-48A3-90A5-8C588CE0898F} (SafeEngineCtl Class) - http://www.csj.sh.gov.cn/shuiy/SafeEngineCOM.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0FD09B1B-0F01-476D-9FAB-8953FF5F3427}: NameServer = 202.96.209.5 202.96.209.133
O17 - HKLM\System\CCS\Services\Tcpip\..\{AD3544C5-017F-4A30-A4C8-17A26976DA20}: NameServer = 202.96.209.5,202.96.209.133
O17 - HKLM\System\CS1\Services\Tcpip\..\{0FD09B1B-0F01-476D-9FAB-8953FF5F3427}: NameServer = 202.96.209.5 202.96.209.133
O23 - NT 服务: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - NT 服务: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - NT 服务: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
O23 - NT 服务: VKTServ - Unknown owner - C:\WINDOWS\System32\VKTServ.exe (file missing)
gototop
 
゛*мм戀ル
头像
拙长孩提狮
  • 帖子:152
  • 注册: 2006-03-26
  • 来自:
发表于: 2006-09-08 16:05 | 显示全部 短消息 资料
字号: 6楼

又修复了一下...谢谢大家帮忙看看...

HijackThis_zww汉化版扫描日志 V1.99.1
保存于      15:55:20, 日期 2006-9-8
操作系统:  Windows XP SP1 (WinNT 5.01.2600)
浏览器:    Internet Explorer v6.00 SP1 (6.00.2800.1106)

当前运行的进程:         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Bluewater\桌面\HijackThis1[1].99.1\HijackThis1991zww.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FLASHGET\jccatch.dll
O2 - BHO: (no name) - {D3931E9E-AE61-46B1-99BA-91C438A2C855} - C:\WINDOWS\system32\wp237211.dll
O2 - BHO: SSBandLoader Class - {D3A3C954-41C2-4AA1-B011-9D9B0306AC23} - C:\Program Files\RichSpark\StockStarFuGui\SSBand\StockStarBand.dll
O3 - IE工具栏增项: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - IE工具栏增项: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll
O3 - IE工具栏增项: StockStarToolBand Class - {000FCCCE-C733-11D3-A704-009027A7903D} - C:\Program Files\RichSpark\StockStarFuGui\SSBand\StockStarBand.dll
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] ; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002ASync] ; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] ; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [MS-4011 Memory Patch] A:\RavSasser.exe -Patch
O4 - 启动项HKLM\\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - 启动项HKLM\\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - 启动项HKLM\\Run: [RealTray] ; C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - 启动项HKLM\\Run: [EssSpkPhone] ; esscw10.exe
O4 - 启动项HKLM\\Run: [internat.exe] internat.exe
O4 - 启动项HKLM\\Run: [SOUNDM] winsmd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Global Startup: 柯达 EasyShare 软件.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - C:\PROGRA~1\FLASHGET\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - C:\PROGRA~1\FLASHGET\jc_all.htm
O9 - 浏览器额外的按钮: 财神通 - {A2F82B60-F338-11D3-A74A-009027A7903D} - C:\Program Files\RichSpark\StockStarFuGui\SSBand\StockStarBand.dll
O9 - 浏览器额外的按钮: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - 浏览器额外的“工具”菜单项: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - 浏览器额外的按钮: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - 浏览器额外的“工具”菜单项: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O16 - DPF: {219A9041-2709-4FAB-96E4-93E4FA495E1E} (WSView Class) - http://www.csj.sh.gov.cn/shuiy/WSViewer.cab
O16 - DPF: {B48B9648-E9F0-48A3-90A5-8C588CE0898F} (SafeEngineCtl Class) - http://www.csj.sh.gov.cn/shuiy/SafeEngineCOM.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0FD09B1B-0F01-476D-9FAB-8953FF5F3427}: NameServer = 202.96.209.5 202.96.209.133
O17 - HKLM\System\CCS\Services\Tcpip\..\{AD3544C5-017F-4A30-A4C8-17A26976DA20}: NameServer = 202.96.209.5,202.96.209.133
O17 - HKLM\System\CS1\Services\Tcpip\..\{0FD09B1B-0F01-476D-9FAB-8953FF5F3427}: NameServer = 202.96.209.5 202.96.209.133
O23 - NT 服务: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - NT 服务: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - NT 服务: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT