Scan saved at 9:43:02, on 2004-6-17
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
E:\WINNT\System32\smss.exe
E:\WINNT\system32\winlogon.exe
E:\WINNT\system32\services.exe
E:\WINNT\system32\lsass.exe
E:\WINNT\System32\SCardSvr.exe
E:\WINNT\system32\Ati2evxx.exe
E:\WINNT\system32\svchost.exe
E:\WINNT\system32\spoolsv.exe
E:\WINNT\System32\svchost.exe
D:\KAV2003\KAVSvc.EXE
E:\WINNT\system32\regsvc.exe
E:\WINNT\system32\MSTask.exe
E:\WINNT\System32\WBEM\WinMgmt.exe
E:\WINNT\system32\svchost.exe
E:\WINNT\system32\inetsrv\inetinfo.exe
E:\WINNT\Explorer.EXE
E:\WINNT\system32\internat.exe
D:\KAV2003\KAVSvcUI.EXE
E:\Program Files\MSN Messenger\msnmsgr.exe
D:\KAV2003\MailMon.exe
E:\Program Files\Outlook Express\msimn.exe
E:\WINNT\System32\svchost.exe
E:\WINNT\explorer.exe
E:\WINNT\system32\mdm.exe
C:\Downloads\HijackThis.exe
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\FLASHGET\jccatch.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - e:\program files\google\googletoolbar2.dll
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - E:\WINNT\DOWNLO~1\CONFLICT.6\CnsHook.dll
O3 - Toolbar: ????? - {8E718888-423F-11D2-876E-00A0C9082467} - E:\WINNT\System32\msdxm.ocx
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\fgiebar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - e:\program files\google\googletoolbar2.dll
O3 - Toolbar: ????? - {A9BE2902-C447-420A-BB7F-A5DE921E6138} - D:\KAV2003\KAIEPlus.DLL
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [iDuba Personal FireWall] D:\KAV2003\KAVPFW.EXE
O4 - HKLM\..\Run: [KAVRUN] D:\KAV2003\KAVRun.EXE
O4 - HKLM\..\Run: [msstart] E:\WINNT\system32\msstart.exe
O4 - HKLM\..\Run: [CnsMin] Rundll32.exe E:\WINNT\DOWNLO~1\CONFLICT.6\CnsMin.dll,Rundll32
O4 - HKCU\..\Run: [Internat.exe] internat.exe
O4 - HKCU\..\Run: [msnmsgr] "E:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: NTUSER.DAT
O4 - Startup: ntuser.dat.LOG
O4 - Startup: ntuser.ini
O4 - Startup: AdobeWeb.log
O4 - Startup: .plugin140_01.trace
O4 - Global Startup: ntuser.pol
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O8 - Extra context menu item: &Google Search - res://e:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://e:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://e:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://e:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: 使用网际快车下载 - D:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - D:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: Real.com (HKLM)
O9 - Extra 'Tools' menuitem: Real.com (HKLM)
O9 - Extra button: FlashGet (HKLM)
O9 - Extra 'Tools' menuitem: FlashGet (HKLM)
O10 - Unknown file in Winsock LSP: e:\winnt\system32\ws2_64.dll
O10 - Unknown file in Winsock LSP: e:\winnt\system32\ws2_64.dll
O10 - Unknown file in Winsock LSP: e:\winnt\system32\ws2_64.dll
O10 - Unknown file in Winsock LSP: e:\winnt\system32\ws2_64.dll
O10 - Unknown file in Winsock LSP: e:\winnt\system32\ws2_64.dll
O11 - Options group: [!CNS]
O11 - Options group: [!IESearch] !IESearch
O16 - DPF: {0EB487C8-E9AC-43A6-8C4C-083999B0622F} (InfosecCertInstall Class) - https://mybank.icbc....certInStall.dll
O16 - DPF: {15DDE989-CD45-4561-BF99-D22C0D5C2B74} - http://image2.sina.c...rce/sinaddt.cab
O16 - DPF: {2A32B14F-4D29-4EA3-AC54-E9B19F436CE7} (Scanner Class) - http://www.trojansca...an/TDECntrl.CAB
O16 - DPF: {5FDE5079-BB94-4B8C-9ACE-239EE4FBF1F2} (InstallCert Class) - http://www.ca365.com/RootCertCA365.cab
O16 - DPF: {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (AxInputControl Class) - https://mybank.icbc....afeControls.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (
O16 - DPF: {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - http://bar.baidu.com...te/IESearch.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macr...ash/swflash.cab
O16 - DPF: {EDB827C2-C076-4480-8A5C-8FB6C7A41604} (clsInsCert Class) - https://ca1.cnca.net...ert/RegCert.cab