主題: 關於廣告清除
查看單個文章
舊 2004-11-01, 10:02 PM   #3 (permalink)
75514
註冊會員
榮譽勳章
UID - 4677
在線等級: 級別:12 | 在線時長:209小時 | 升級還需:12小時級別:12 | 在線時長:209小時 | 升級還需:12小時
註冊日期: 2002-12-07
VIP期限: 2008-09
住址: 新竹
文章: 210
精華: 0
現金: 5574 金幣
資產: 5774 金幣
預設
Logfile of HijackThis v1.98.2
Scan saved at 下午 10:06:24, on 2004/11/1
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
C:\WINNT\system32\regsvc.exe
C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
C:\WINNT\system32\MSTask.exe
C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\SymTray.exe
C:\WINNT\system32\mobsync.exe
C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\msnshell\msnshell.exe
C:\WINNT\system32\explorer32.exe
C:\WINNT\system32\csrss32.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe
C:\WINNT\system32\internat.exe
C:\WINNT\hagnv.exe
C:\Program Files\Yahoo!\Messenger\YPager.exe
C:\Program Files\Yahoo!\Messenger\YPager.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\FlashGet\flashget.exe
C:\Downloads\hijackthis\HijackThis.exe

O2 - BHO: LocalNRDObj Class - {00320615-B6C2-40A6-8F99-F1C52D674FAD} - C:\WINNT\localNRD.dll
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Messenger\ycomp5_1_5_0.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} - (no file)
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FLASHGET\jccatch.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: 收音機(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Messenger\ycomp5_1_5_0.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [MSNShell] C:\Program Files\msnshell\msnshell.exe autorun
O4 - HKLM\..\Run: [Microsoft Windows Explorer 32Bit] explorer32.exe
O4 - HKLM\..\Run: [conscorr] C:\WINNT\conscorr.exe
O4 - HKLM\..\Run: [Sp2 Personal Firewall] sp2firewall.exe
O4 - HKLM\..\Run: [Microsoft CSRSS32 Protocol] csrss32.exe
O4 - HKLM\..\Run: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\Symtray.exe SetReg
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AcctMgr] C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe /startup
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\RunServices: [Microsoft Windows Explorer 32Bit] explorer32.exe
O4 - HKLM\..\RunServices: [Sp2 Personal Firewall] sp2firewall.exe
O4 - HKLM\..\RunServices: [Microsoft CSRSS32 Protocol] csrss32.exe
O4 - HKLM\..\RunOnce: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\Symtrdr.exe
O4 - HKCU\..\Run: [Internat.exe] internat.exe
O4 - HKCU\..\Run: [Microsoft Windows Explorer 32Bit] explorer32.exe
O4 - HKCU\..\Run: [Sp2 Personal Firewall] sp2firewall.exe
O4 - HKCU\..\Run: [Microsoft CSRSS32 Protocol] csrss32.exe
O4 - HKCU\..\Run: [fj.exe] "C:\WINNT\ihmhmour.exe"
O4 - HKCU\..\Run: [fgvg.exe] "C:\WINNT\kzh.exe"
O4 - HKCU\..\Run: [ocrhf.exe] "C:\WINNT\ahpqg.exe"
O4 - HKCU\..\Run: [ovhgaabw.exe] "C:\WINNT\zzrz.exe"
O4 - HKCU\..\Run: [pflyev.exe] "C:\WINNT\ivpfcc.exe"
O4 - HKCU\..\Run: [dkixpgr.exe] "C:\WINNT\ynxrnqu.exe"
O4 - HKCU\..\Run: [vpksr.exe] "C:\WINNT\caawy.exe"
O4 - HKCU\..\Run: [khxsd.exe] "C:\WINNT\atb.exe"
O4 - HKCU\..\Run: [ihwlx.exe] "C:\WINNT\ytchli.exe"
O4 - HKCU\..\Run: [lcknv.exe] "C:\WINNT\noyggco.exe"
O4 - HKCU\..\Run: [fr.exe] "C:\WINNT\fvagq.exe"
O4 - HKCU\..\Run: [mswafwv.exe] "C:\WINNT\zdj.exe"
O4 - HKCU\..\Run: [lgtpij.exe] "C:\WINNT\sm.exe"
O4 - HKCU\..\Run: [anrdj.exe] "C:\WINNT\vl.exe"
O4 - HKCU\..\Run: [idmjb.exe] "C:\WINNT\vps.exe"
O4 - HKCU\..\Run: [qof.exe] "C:\WINNT\crx.exe"
O4 - HKCU\..\Run: [wjvevtgc.exe] "C:\WINNT\admqdxs.exe"
O4 - HKCU\..\Run: [nxgbmcsd.exe] "C:\WINNT\inzozge.exe"
O4 - HKCU\..\Run: [ercqct.exe] "C:\WINNT\ctqga.exe"
O4 - HKCU\..\Run: [nhamqkkg.exe] "C:\WINNT\uabts.exe"
O4 - HKCU\..\Run: [napyftg.exe] "C:\WINNT\ncsh.exe"
O4 - HKCU\..\Run: [okdrejvf.exe] "C:\WINNT\wercpzwq.exe"
O4 - HKCU\..\Run: [ws.exe] "C:\WINNT\atfcbx.exe"
O4 - HKCU\..\Run: [sle.exe] "C:\WINNT\qsy.exe"
O4 - HKCU\..\Run: [amvobzno.exe] "C:\WINNT\hagnv.exe"
O4 - HKCU\..\Run: [cupsa.exe] "C:\WINNT\jjvagz.exe"
O8 - Extra context menu item: 下載編碼內容(&D.S.Lite) - C:\Documents and Settings\Administrator\桌面\DSLite2\dl_text.html
O8 - Extra context menu item: 下載編碼檔案內容(&D.S.Lite) - C:\Documents and Settings\Administrator\桌面\DSLite2\dl_url.html
O8 - Extra context menu item: 使用 FlashGet 下載 - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 全部使用 FlashGet 下載 - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: 及時添加轉換用語 - res://C:\WINNT\system32\tcscconv.dll/wnaddindex
O8 - Extra context menu item: 更新用語轉碼檔案 - res://C:\WINNT\system32\tcscconv.dll/update
O8 - Extra context menu item: 龍之旅簡轉繁體(&T) - res://C:\WINNT\system32\tcscconv.dll/totrad
O8 - Extra context menu item: 龍之旅繁轉簡體(&S) - res://C:\WINNT\system32\tcscconv.dll/tosimp
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra button: D.S.Lite - {F8475519-8412-4D40-A46E-692D9D04DF7F} - C:\Documents and Settings\Administrator\桌面\DSLite2\DSLite.exe
O9 - Extra 'Tools' menuitem: &D.S.Lite - {F8475519-8412-4D40-A46E-692D9D04DF7F} - C:\Documents and Settings\Administrator\桌面\DSLite2\DSLite.exe
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_fi...16f17897c4ded1
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab31267.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab

ps這東西你要怎麼看壓?? 不懂耶~
75514 目前離線  
送花文章: 57, 收花文章: 3 篇, 收花: 5 次
回覆時引用此帖