|
查看: 609|回复: 3
|
[求助:监谍] My Hijack files
[复制链接]
|
|
|
Logfile of HijackThis v1.97.7
Scan saved at 10:08:43 PM, on 19/05/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\msbb.exe
C:\WINDOWS\sysupd.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\OSTWPPP.exe
C:\WINDOWS\System32\dminstm.exe
C:\WINDOWS\System32\actsrvx.exe
C:\WINDOWS\System32\_866c.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WinSoc.net\WSMain Aik.exe
C:\Documents and Settings\aj1\My Documents\HijackThis.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://seek.3721.com/srchcust.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://seek.3721.com/srchasst.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 222.222.222.1:3128
R3 - URLSearchHook: (no name) - {5D60FF48-95BE-4956-B4C6-6BB168A70310} - (no file)
O2 - BHO: IE Agent - {00000000-0000-0000-0000-000000000221} - C:\Program Files\Lycos\IEagent\CSIE.DLL
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1601.0\en-us\msntb.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [updater] C:\Program Files\Common files\updater\wupdater.exe
O4 - HKLM\..\Run: [msbb] C:\WINDOWS\System32\msbb.exe
O4 - HKLM\..\Run: [SysUpd] C:\WINDOWS\sysupd.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [uekrxe] C:\WINDOWS\UEKRXE.exe
O4 - HKLM\..\Run: [helper.dll] C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32
O4 - HKLM\..\Run: [OSTWPPP] C:\WINDOWS\System32\OSTWPPP.exe
O4 - HKLM\..\Run: [actsrvx] C:\WINDOWS\System32\actsrvx.exe
O4 - HKLM\..\Run: [dminstm] C:\WINDOWS\System32\dminstm.exe
O4 - HKLM\..\Run: [_866c] C:\WINDOWS\System32\_866c.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Short Message (HKLM)
O9 - Extra button: Instant Messenger (HKLM)
O9 - Extra button: 3721 Assistant (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra 'Tools' menuitem: Repair Browser (HKLM)
O9 - Extra 'Tools' menuitem: Clean Internet access record (HKLM)
O11 - Options group: [!CNS] Chinese keywords
O16 - DPF: {CA034DCC-A580-4333-B52F-15F98C42E04C} (Downloader Class) - http://www.stopzilla.com/_download/Auto_Installer/dwnldr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/p ... s/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B1689997-0712-4FC2-88D9-E6846C7BE6EB}: NameServer = 202.188.0.133,202.188.1.5
thank you.
[ Last edited by csl0612 on 19-5-2004 at 10:00 PM ] |
|
|
|
|
|
|
|
|
|
|
|
发表于 24-5-2004 12:38 PM
|
显示全部楼层
先下載并更新 SpyBot S&D。。。然后作出掃描!
若情況仍然一樣沒有改善,下載 HijackThis,然后
作出掃描一次,再 SAVE LOG,將內容回貼在此!
我會盡快的給你們回复。。。謝! |
|
|
|
|
|
|
|
|
|
|
|
发表于 24-5-2004 12:38 PM
|
显示全部楼层
先下載并更新 SpyBot S&D。。。然后作出掃描!
若情況仍然一樣沒有改善,下載 HijackThis,然后
作出掃描一次,再 SAVE LOG,將內容回貼在此!
我會盡快的給你們回复。。。謝! |
|
|
|
|
|
|
|
|
|
|
|
楼主 |
发表于 26-5-2004 11:23 PM
|
显示全部楼层
|
谢谢friend.我的朋友刚刚借我一种叫TZ spyware的软件,已将没有问题了!!谢谢你的回复。 |
|
|
|
|
|
|
|
|
|
| |
 本周最热论坛帖子
|
变色卡
千斤顶
2366 
59
