文章中心 -> 电脑常识

文章正文

Logfile of HijackThis v1.99.0
Scan saved at 13:25:59, on 2012-09-17
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\system32\svchost.exe
D:\tools\360Safe\360Safe\deepscan\zhudongfangyu.exe
C:\windows\system32\spoolsv.exe
C:\windows\Explorer.EXE
C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\ICBC_WIN32\IcbcDaemon.exe
D:\tools\360Safe\360Safe\safemon\360Tray.exe
C:\windows\system32\ctfmon.exe
D:\tools\360Safe\360sd\360sd.exe
D:\tools\flashmail\FlashMail.exe
C:\windows\system32\svchost.exe
D:\tools\360Safe\360sd\360rp.exe
D:\tools\360Safe\360se3\360se.exe
D:\tools\360Safe\360se3\360se.exe
D:\tools\桌面日历秀\XDeskCal.exe
D:\tools\QQ2012\Bin\QQ.exe
D:\tools\QQ2012\Bin\QQ.exe
D:\tools\360Safe\360se3\SafeCentral\urlproc.exe
D:\tools\FeedDemon\FeedDemon.exe
D:\tools\qq\Bin\TXPlatform.exe
D:\tools\CuteFTP8Professional\CuteFTP8Professional\cuteftppro.exe
D:\tools\CuteFTP8Professional\CuteFTP8Professional\ftpte.exe
D:\tools\360Safe\360se3\360se.exe
D:\tools\SPX Instant Screen Capture\spx.exe
D:\tools\360Safe\360se3\360se.exe
C:\windows\system32\conime.exe
D:\tools\360Safe\360se3\360se.exe
D:\tools\rar\WinRAR.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.593\HijackThis v1.99.exe
D:\tools\360Safe\360sd\360sdUpd.exe

O2 - BH WebProtect.IEHlpObj - {53763D1D-9CA8-4C7C-9756-A8E6B8FC063B} - C:\Program Files\CMBCHINA\WebProtect\WebProtect.dll
O2 - BH 中国工商银行BHO - {BB4491A2-D11A-4c6b-91C0-B53246A3122B} - C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\ICBC_WIN32\Icbc_AntiPhishing.dll
O4 - HKLM\..\Run: [360Safetray] "D:\tools\360Safe\360Safe\safemon\360Tray.exe" /start
O4 - HKLM\..\Run: [ICBCEBankAssist] "C:\Program Files\ICBCEbankTools\ICBCSetupIntegration\RunEBank.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [360sd] "D:\tools\360Safe\360sd\360sd.exe" /autorun
O4 - HKCU\..\Run: [FlashMail] "D:\tools\flashmail\Start.exe" /auto
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: 使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\BHO\geturl.htm
O8 - Extra context menu item: 添加为阿里旺旺表情 - C:\Program Files\AliWangWang\7.20.13C\AddNewEmotion.htm
O8 - Extra context menu item: 添加到闪电邮服务中心 - D:\tools\flashmail\data\geturl.htm
O8 - Extra context menu item: 通过网易闪电邮发送 - D:\tools\flashmail\data\getcontent.htm
O10 - Unknown file in Winsock LSP: c:\program files\sangfor\ssl\clientcomponent\sangfornsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\sangfor\ssl\clientcomponent\sangfornsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\sangfor\ssl\clientcomponent\sangfortcp.dll
O10 - Unknown file in Winsock LSP: c:\program files\sangfor\ssl\clientcomponent\sangfortcp.dll
O10 - Unknown file in Winsock LSP: c:\program files\sangfor\ssl\clientcomponent\sangfortcp.dll
O10 - Unknown file in Winsock LSP: c:\program files\sangfor\ssl\clientcomponent\sangfortcp.dll
O10 - Unknown file in Winsock LSP: c:\program files\sangfor\ssl\clientcomponent\sangfortcp.dll
O10 - Unknown file in Winsock LSP: c:\program files\sangfor\ssl\clientcomponent\sangfortcp.dll
O15 - Trusted Zone: http://easyabc.95599.cn
O15 - Trusted Zone: http://www.95599.cn
O15 - Trusted Zone: http://www.95599.sh.cn
O15 - Trusted Zone: http://www.abchina.com
O16 - DPF: HighSpeedDownloadIE - http://st2.dbank.com/netdisk/plugin/1011/DBank_downloadplugin.CAB
O16 - DPF: {05F5F404-7C24-4B39-B5CC-340CEDEB9C0D} (PhotoDrawEx Class) - http://ctc.qzs.qq.com/qzone/client/photo/pages/QQPhotoDrawEx.cab
O16 - DPF: {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} (Edit Class) - https://site.cmbchina.com/download/CMBEdit.cab
O16 - DPF: {1DABF8D5-8430-4985-9B7F-A30E53D709B3} - http://dl_dir.qq.com/qqtv/MMInstaller.cab
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (EditCtrl Class) - https://download.alipay.com/aliedit/aliedit/2401/aliedit.cab
O16 - DPF: {5157896D-FCA4-40C8-BFCF-34CD3BAEE25A} (AxGdbEdit Class) - https://ebanks.cgbchina.com.cn/perbank/cab/CgbEditx86.cab
O16 - DPF: {76829652-B688-4176-AD87-3628D9ABC36A} (SmartReader Class) - https://vip.icbc.com.cn/icbc/newperbank/SmartCardControll.cab
O16 - DPF: {7978461C-CC22-48F2-BC69-02220D3E101D} (CertEnroll Class) - https://download.alipay.com/itrusenroll.cab
O16 - DPF: {7CCE07A5-A590-4554-B5C3-082840D7012E} (GDGetVer Class) - https://vip.icbc.com.cn/icbc/icbc_gdgetdv.dll
O16 - DPF: {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} (AxSubmitControl Class) - https://vip.icbc.com.cn/icbc/newperbank/AxSafeControls.cab
O16 - DPF: {B1FBC1AD-5644-4084-882A-0F8BA85E7506} (InfoSecICBCNetSign Class) - https://vip.icbc.com.cn/icbc/ICBC_NetSign.dll
O16 - DPF: {BCD8A973-8E6A-4A86-ACE0-73389E9FEDD1} (WinClient) - https://kvm.hypo.cn/iClientAx.cab?pid=F959DB3F9F2260BDCDA9
O16 - DPF: {BDEACC50-F56D-4D60-860F-CF6ED1766D65} (FTNUpload Class) - http://m312.mail.qq.com/zh_CN/activex/TencentMailActiveX.cab?r=0.5466043766717734
O16 - DPF: {EF0D1A14-1033-41A2-A589-240C01EDC078} (PPLive Lite Class) - http://download.pplive.com/config/pplite/pluginsetup.cab
O18 - Protocol: KuGoo - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - C:\WINDOWS\system32\KuGoo3DownXControl.ocx
O18 - Protocol: KuGoo3 - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - C:\WINDOWS\system32\KuGoo3DownXControl.ocx
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\windows\system32\WPDShServiceObj.dll
O23 - Service: 360 杀毒实时防护服务 - 360.cn - D:\tools\360Safe\360sd\360rps.exe
O23 - Service: Adobe Flash Player Update Service - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour 服务 - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BlueStacks Android Service - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-LogRotatorService.exe
O23 - Service: Cmb WebProtect Support - China Merchants Bank - C:\Program Files\CMBCHINA\WebProtect\WPService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ICBC Daemon Service - Unknown - C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\ICBC_WIN32\IcbcDaemon.exe
O23 - Service: iPod 服务 - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\Documents and Settings\Administrator\桌面\O&O_Defrag\O&O_Defrag\oodag.exe
O23 - Service: Oray SunLogin Remote Service - 上海贝锐信息科技有限公司 - C:\Program Files\Oray\SunLogin\RemoteClient\OrayRemoteService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) - Unknown - %ProgramFiles%\WinPcap\rpcapd.exe (file missing)
O23 - Service: CLCV0 - Unknown - C:\windows\system32\UTSCSI.EXE
O23 - Service: 主动防御 - 360.cn - D:\tools\360Safe\360Safe\deepscan\zhudongfangyu.exe

 

文章来自绿盟(xDowns.com)转载请注明来路。

上一篇文章:word文档,excel文档打开慢解决方法 []

相关文章