我把电脑正在运行的软体扫描了一遍,以下为目录:
Logfile of HijackThis v1.99.1
Scan saved at 3:06:08 AM, on 2/21/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SERVICES.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\BigFix\BigFix.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Owner\My Documents\driver\HijackThis.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\SERVICES.EXE,C:\WINDOWS\system32\userinit.exe
O1 - Hosts: 210.74.232.156 www.sougua.com
O1 - Hosts: 210.74.232.156 mp3.baidu.com
O1 - Hosts: 210.74.232.156 www.sogua.com
O1 - Hosts: 210.74.232.156 music.yahoo.com.cn
O1 - Hosts: 210.74.232.156 d.sogou.com
O1 - Hosts: 210.74.232.156 www.qq163.com
O1 - Hosts: 210.74.232.156 www.haoting.com
O1 - Hosts: 210.74.232.156 www.nowok.net
O1 - Hosts: 210.74.232.156 www.yymp3.com
O1 - Hosts: 210.74.232.156 music.feifa.com
O1 - Hosts: 210.74.232.156 www.tt67.com
O1 - Hosts: 210.74.232.156 www.kugoo.com
O1 - Hosts: 210.74.232.156 www.9sky.com
O1 - Hosts: 210.74.232.156 www.13139.com
O1 - Hosts: 210.74.232.156 www.mtvtop.com
O1 - Hosts: 210.74.232.156 www.6621.com
O1 - Hosts: 210.74.232.156 www.1ting.com
O1 - Hosts: 210.74.232.156 www.cococ.com
O1 - Hosts: 210.74.232.156 www.520music.com
O1 - Hosts: 210.74.232.156 www.7xi.net
O1 - Hosts: 210.74.232.156 www.st020.cn
O1 - Hosts: 210.74.232.156 www.9flash.com
O1 - Hosts: 210.74.232.156 www.7t7t.com
O1 - Hosts: 210.74.232.156 www.chinamp3.com
O1 - Hosts: 210.74.232.156 verycd.com
O1 - Hosts: 210.74.232.156 www.verycd.com
O1 - Hosts: 210.74.232.156 movie.poco.cn
O1 - Hosts: 210.74.232.156 pp365.net
O1 - Hosts: 210.74.232.156 www.pp365.net
O1 - Hosts: 210.74.232.156 btchina.net
O1 - Hosts: 210.74.232.156 bbs.btbbt.com
O1 - Hosts: 210.74.232.156 btz.cn
O1 - Hosts: 210.74.232.156 www.btz.cn
O1 - Hosts: 210.74.232.156 fkee.com
O1 - Hosts: 210.74.232.156 www.fkee.com
O1 - Hosts: 210.74.232.156 bt.kaicn.com
O1 - Hosts: 210.74.232.156 bt.acnow.net
O1 - Hosts: 210.74.232.156 movie.pcpop.com
O1 - Hosts: 210.74.232.156 bbs.cnxp.com
O1 - Hosts: 210.74.232.156 bt.sogua.com
O1 - Hosts: 210.74.232.156 gamedown.yesky.com
O1 - Hosts: 210.74.232.156 games.enet.com.cn
O1 - Hosts: 210.74.232.156 download.pchome.net
O1 - Hosts: 210.74.232.156 www.yxdown.com
O1 - Hosts: 210.74.232.156 movie.baidu.com
O1 - Hosts: 210.74.232.156 vagaa.com
O1 - Hosts: 210.74.232.156 www.vagaa.com
O1 - Hosts: 210.74.232.156 hnnn.net
O1 - Hosts: 210.74.232.156 www.hnnn.net
O1 - Hosts: 210.74.232.156 cn-see.com
O1 - Hosts: 210.74.232.156 www.cn-see.com
O1 - Hosts: 210.74.232.156 100bao.com
O1 - Hosts: 210.74.232.156 www.100bao.com
O1 - Hosts: 210.74.232.156 ent.163.com
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v5.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: AdPopup - {11F09AFD-75AD-4E51-AB43-E09E9351CE16} - C:\Program Files\Common Files\CPUSH\cpush0.dll
O2 - BHO: Info cache - {385AB8C6-FB22-4D17-8834-064E2BA0A6F0} - C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll
O2 - BHO: Advance Helper - {8E25AC4A-B129-451B-BEE2-3B510BB751DA} - C:\WINDOWS\system32\NTDLL32.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: IE Browser Helper - {D0903A3B-F0EA-434a-9742-98C5335C7946} - C:\WINDOWS\system32\IEHelper.dll
O2 - BHO: Flasher - {E29F0B13-0D84-45aa-81EC-CC629BC07566} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\Flasher0.dll
O3 - Toolbar: (no name) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - (no file)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -o*****oot
O4 - HKLM\..\Run: [H5Games] C:\Program Files\FancyBoxII Games\system\ShellOfMSN_V02.exe
O4 - HKLM\..\Run: [IEBarUp] RunDll32 "C:\WINDOWS\system32\IeBar1.dll",Run
O4 - HKLM\..\Run: [Desktop] "C:\WINDOWS\system32\internet.exe"
O4 - HKLM\..\Run: [Internet] "C:\WINDOWS\system32\internet.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\getAllurl.htm
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra button: kele8 - {84920E5F-3788-49cd-A274-E365578DF174} - http://www.kele8.com/ (file missing)
O9 - Extra 'Tools' menuitem: kele8 - {84920E5F-3788-49cd-A274-E365578DF174} - http://www.kele8.com/ (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs: C:\WINDOWS\system32\NTDLL32.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS