Tony
Logfile of HijackThis v1.99.1
Scan saved at 下午 10:50:13, on 2005/5/11
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
E:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
E:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
E:\Program Files\Common Files\Real\Update_OB\realsched.exe
E:\Program Files\Microsoft AntiSpyware\gcasServ.exe
E:\Program Files\Common Files\Symantec Shared\ccApp.exe
E:\WINDOWS\System32\ctfmon.exe
E:\Program Files\Messenger\msmsgs.exe
E:\WINDOWS\inertinfo.exe
E:\WINDOWS\System32\SMSSU.EXE
E:\WINDOWS\System32\Tmntsrv32.EXE
E:\Program Files\SEC\Natural Color\NaturalColorLoad.exe
E:\WINDOWS\System32\drivers\CDAC11BA.EXE
E:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
E:\Program Files\Norton AntiVirus\navapsvc.exe
E:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
E:\WINDOWS\System32\nvsvc32.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
E:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
E:\Program Files\Common Files\Real\Update_OB\rnathchk.exe
E:\Program Files\Internet Explorer\iexplore.exe
E:\Program Files\WinRAR\WinRAR.exe
E:\WINDOWS\system32\NOTEPAD.EXE
E:\Documents and Settings\fish\Desktop\HijackThis.exe
O2 - BHO: XMLDP Class - {60371670-81B9-4d06-9C42-4DEC1AABE62B} - E:\WINDOWS\xmllib.dll
O4 - HKLM\..\Run: [ViewMgr] E:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [sureshotpopupkiller] "E:\Program Files\Stop-the-Pop-Up Lite\stopthepop.exe" -minimized
O4 - HKLM\..\Run: [URLLSTCK.exe] E:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [TkBellExe] E:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot
O4 - HKLM\..\Run: [gcasServ] "E:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] E:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [ccApp] "E:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "E:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [inertinfo.exe] E:\WINDOWS\inertinfo.exe
O4 - HKCU\..\Run: [SMSSU] E:\WINDOWS\System32\SMSSU.EXE
O4 - HKCU\..\Run: [Tmntsrv32] E:\WINDOWS\System32\Tmntsrv32.EXE
O4 - Global Startup: NaturalColorLoad.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O12 - Plugin for .spop: E:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://free.aol.com
O16 - DPF: {610C8626-86E0-4082-A89F-F186C839B26F} (SingleTap Web Client) - http://lexus.singlet...Client_1050.dll
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg...ntrol_v1-32.cab
O19 - User stylesheet: (file missing)
O21 - SSODL: mtklefap - {2DFBB328-15C9-4D80-4BB5-5E494BFFD346} - E:\WINDOWS\System32\jies32.dll (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - E:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: C-DillaSrv - C-Dilla Ltd - E:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - E:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - E:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - E:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - E:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Norton Personal Firewall Proxy Service (SymProxySvc) - Unknown owner - E:\Program Files\Norton Personal Firewall\SymProxySvc.exe (file missing)
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe