日志文件 Trend Micro HijackThis v 2.0.2
日志保存时间: 11:16:28,2009-08-06
操作系统: Windows XP SP3 (WinNT 5.01.2600)
IE版本: Internet Explorer v8.00 (8.00.6001.18702)
启动模式: 正常
正在运行的进程:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
E:\Rising\Rav\RavTask.exe
E:\Rising\Rav\RavMonD.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
E:\Rising\Rav\rsnetsvr.exe
E:\Rising\Rav\RsTray.exe
C:\Program Files\Rising\AntiSpyware\rstray.exe
C:\WINDOWS\system32\ctfmon.exe
E:\POPO\MyPopo.exe
E:\Rising\Rav\ScanFrm.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\Administrator\「开始」菜单\程序\宽带加速法\IEAccelerator.EXE
E:\迅雷5\Program\Thunder.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\QQ\Bin\QQ.exe
D:\Program Files\QQ\Bin\TXPlatform.exe
C:\Documents and Settings\Administrator\桌面\HijackThis.exe
O2 - BHO: 卡卡上网安全助手 - {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} - C:\WINDOWS\system32\UrlFilter.dll
O2 - BHO: 中国工商银行BHO - {BB4491A2-D11A-4c6b-91C0-B53246A3122B} - C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\Icbc_AntiPhishing.dll
O4 - HKLM\..\Run: [RavTray] "E:\Rising\Rav\RsTray.exe" -system
O4 - HKLM\..\Run: [runeip] "C:\Program Files\Rising\AntiSpyware\rstray.exe" /startup
O4 - HKLM\..\Run: [QvodPlayer] C:\Program Files\QvodPlayer\QvodTerminal.exe
O4 - HKCU\..\Run: [popo6] "E:\POPO\Start.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O8 - 扩展右键菜单项: 使用迅雷下载 - E:\迅雷5\Program\GetUrl.htm
O8 - 扩展右键菜单项: 使用迅雷下载全部链接 - E:\迅雷5\Program\GetAllUrl.htm
O9 - 额外的按钮: (未命名) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - 额外的“工具”菜单项目: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O15 - Trusted Zone: http://www.ccb.com
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {1E0DFFCF-27FF-4574-849B-55007349FEDA} (iTrusPTA Class) - https://img.alipay.com/download/1101/aliedit.cab
O16 - DPF: {32D72994-45B9-42B5-8980-FB561D1BE2D0} (nEdit Control) - https://ekey.163.com/nEdit.cab
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (EditCtrl Class) - https://img.alipay.com/download/2121/aliedit.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/ ... e.cab?1234614794593
O16 - DPF: {654921BB-4DEA-41C7-BA97-9A1A5CDA9C72} (Uploader Control) - http://photo.163.com/photo/bin/Uploader.cab
O16 - DPF: {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} (AxSubmitControl Class) - https://mybank.icbc.com.cn/icbc/newperbank/AxSafeControls.cab
O16 - DPF: {AC414988-E5BB-4C2C-873B-EA53D2F3D23A} (CCTVUpdateInstall) - http://t.live.cctv.com/ieocx/CCTVUpdateInstall.dll
O18 - Protocol: mbox - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: mboxflash - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O20 - AppInit_DLLs: kmon.dll
O23 - NT 服务: Rav Process Communication Center (RavCCenter) - Unknown owner - C:\Program Files\Rising\Rav\CCENTER.EXE(文件不存在)
O23 - NT 服务: Rising RavTask Manager (RavTask) - Beijing Rising Information Technology Co., Ltd. - E:\Rising\Rav\RavTask.exe
O23 - NT 服务: Rising RealTime Monitor (RsRavMon) - Beijing Rising Information Technology Co., Ltd. - E:\Rising\Rav\RavMonD.exe
O23 - NT 服务: Rising Scan Service (RsScanSrv) - Beijing Rising Information Technology Co., Ltd. - E:\Rising\Rav\ScanFrm.exe
O24 - Desktop Component 0: 项目已经用 Ulead GIF Animator 创建 - C:\Documents and Settings\Administrator\Application Data\Ulead Systems\Ulead GIF Animator\5.05\ULEAD.DAT\gaadi001.gif
--
文件结束 - 4247 字节 |
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
照妖镜
