Logfile of HijackThis v1.99.1 Scan saved at 19:00:00, on 16/3/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: F:\WINDOWS\System32\smss.exe F:\WINDOWS\system32\csrss.exe F:\WINDOWS\system32\winlogon.exe F:\WINDOWS\system32\services.exe F:\WINDOWS\system32\lsass.exe F:\WINDOWS\system32\Ati2evxx.exe F:\WINDOWS\system32\svchost.exe F:\WINDOWS\system32\svchost.exe F:\WINDOWS\System32\svchost.exe F:\WINDOWS\system32\svchost.exe F:\WINDOWS\system32\Ati2evxx.exe F:\WINDOWS\system32\svchost.exe F:\WINDOWS\system32\spoolsv.exe F:\WINDOWS\Explorer.EXE F:\Program Files\Common Files\Real\Update_OB\realsched.exe F:\Program Files\Java\jre1.6.0_03\bin\jusched.exe F:\WINDOWS\RTHDCPL.EXE F:\Program Files\Spyware Doctor\pctsTray.exe F:\Program Files\McAfee.com\Agent\mcagent.exe F:\WINDOWS\system32\ctfmon.exe F:\Program Files\Google\Google Updater\GoogleUpdater.exe F:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe F:\Program Files\Common Files\LightScribe\LSSrvc.exe F:\PROGRA~1\McAfee\MSC\mcmscsvc.exe f:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe f:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe F:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe F:\Program Files\McAfee\MPF\MPFSrv.exe F:\Program Files\Spyware Doctor\pctsAuxs.exe F:\Program Files\Spyware Doctor\pctsSvc.exe F:\Program Files\SiteAdvisor\6172\SAService.exe F:\WINDOWS\system32\wdfmgr.exe F:\WINDOWS\system32\svchost.exe F:\WINDOWS\System32\alg.exe F:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe F:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe F:\WINDOWS\system32\mmc.exe F:\WINDOWS\system32\DfrgNtfs.exe F:\Program Files\Internet Explorer\iexplore.exe F:\Documents and Settings\Yips\\穝戈Ж\hijackthis_sfx\HijackThis.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - F:\Program Files\SiteAdvisor\6172\SiteAdv.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - F:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - F:\Program Files\McAfee\VirusScan\scriptsn.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - f:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - F:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - f:\program files\google\googletoolbar1.dll O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - F:\Program Files\SiteAdvisor\6172\SiteAdv.dll O4 - HKLM\..\Run: [IMJPMIG8.1] "F:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [TkBellExe] "F:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NeroFilterCheck] F:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [Easy-PrintToolBox] F:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [CJIMETIPSYNC] F:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\CHANGJIE\CINTLCFG.EXE /CJIMETIPSync O4 - HKLM\..\Run: [PHIMETIPSYNC] F:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\PHONETIC\TINTLCFG.EXE /PHIMETIPSync O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [ISTray] "F:\Program Files\Spyware Doctor\pctsTray.exe" O4 - HKLM\..\Run: [mcagent_exe] F:\Program Files\McAfee.com\Agent\mcagent.exe /runkey O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: &ㄏノBitComet更セ跌癟 - res://F:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: ㄏノBitComet更场硈挡 - res://F:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: ㄏノBitComet更硈挡(&B) - res://F:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: 蹲 Microsoft Office Excel(&X) - res://F:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java 北 - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: 把σ戈 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://F:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1202125585312 O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5252/mcfscan.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - F:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - F:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - F:\Program Files\SiteAdvisor\6172\SiteAdv.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - F:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Google Updater Service (gusvc) - Google - F:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - F:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - F:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - F:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - f:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - F:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - f:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - F:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - F:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - F:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: NMIndexingService - Nero AG - F:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - F:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - F:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: SiteAdvisor Service - Unknown owner - F:\Program Files\SiteAdvisor\6172\SAService.exe