1   1  /  1  页   跳转

hijackthis扫描报告请帮忙分析

hijackthis扫描报告请帮忙分析

Logfile of HijackThis v1.99.1
Scan saved at 22:51:25, on 2012-12-17
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v1.02 (1.02.0000.0056)


Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program files\KSafe\KSafeSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program files\KSafe\KSafeTray.exe
C:\WINDOWS\system32\DBSvr_ABC.exe
C:\Program Files\alipay\alieditplus\AlipaySecSvc.exe
C:\Program Files\95599 Certificate Tools\Watertek\c20ukdrwsvr.exe
d:\Program Files\MyDrivers\DriverGenius2011\DgService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe
C:\Program Files\Norton 360\Engine\6.4.0.9\ccSvcHst.exe
C:\WINDOWS\system32\DBSer_ABC.exe
C:\WINDOWS\system32\DBMON_ABC.exe
C:\Program Files\Motorola\MotoConnectService\MotoConnect.exe
C:\Program Files\Norton 360\Engine\6.4.0.9\ccSvcHst.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\China Unicom\Cncmax\FlammeClient.exe
C:\WINDOWS\system32\svchost.exe
d:\Program Files\China Unicom\UnicomUpdater.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSound_XP.exe
C:\Program Files\alipay\SafeTransaction\Alipaybsm.exe
C:\Program Files\TaoBrowser\1.2.0.56\Miser\AliimSafe.exe
C:\WINDOWS\system32\conime.exe
C:\Program Files\OO Software\Defrag\oodag.exe
C:\Program Files\TTPlayer\TTPlayer.exe
C:\Program Files\alipay\SafeTransaction\AlipaySafeTran.exe
C:\Program Files\TaoBrowser\TaoBrowser.exe
C:\Program Files\TaoBrowser\TaoBrowser.exe
C:\Program Files\TaoBrowser\TaoBrowser.exe
C:\Program Files\TaoBrowser\TaoBrowser.exe
D:\My Documents\ha_hijackthis_1991\HijackThis.exe


O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll
O2 - BHO: 30C3E871-AA48-3438-78D7-DFA3537B3D32 Class - {30C3E871-AA48-3438-78D7-DFA3537B3D32} - d:\Program Files\QvodPlayer\AddIn\{B610386A-43C1-43CE-D82B-3D7E2531FE7A}\QvodAddr.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\6.4.0.9\coIEPlg.dll
O2 - BHO: Tencent Browser Helper - {686110FB-B0CD-0CC3-22FB-955B0CE06882} - C:\Program Files\TENCENT\SSPlus\SAddr.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\6.4.0.9\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Poper Class - {779322F5-6D5C-456e-9483-DF830D6BAFD5} - d:\Program Files\GVOD\bin\VAPoper_now.dll
O2 - BHO: 如意淘BHO - {876D0712-C780-4347-B56D-C30C520033C5} - C:\Program Files\ShoppingAssistant\ruyitao\3.2.9.12\ShoppingAssistant.dll
O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll
O2 - BHO: QvodExtend - {A8502600-B272-4F68-A67B-A0305D46D297} - d:\Program Files\QvodPlayer\QvodExtend.dll
O2 - BHO: AAF05DD3-9669-8C54-9EC9-A1F6CC1D8ECE Class - {AAF05DD3-9669-8C54-9EC9-A1F6CC1D8ECE} - d:\Program Files\QvodPlayer\AddIn\{B610386A-43C1-43CE-D82B-3D7E2531FE7A}\QvodAddr.dll
O2 - BHO: B610386A-43C1-43CE-D82B-3D7E2531FE7A Class - {B610386A-43C1-43CE-D82B-3D7E2531FE7A} - d:\Program Files\QvodPlayer\AddIn\{B610386A-43C1-43CE-D82B-3D7E2531FE7A}\QvodAddr.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [KSafeTray] "C:\Program files\KSafe\KSafeTray.exe" -autorun
O4 - HKLM\..\Run: [DBSvr_ABC.exe] DBSvr_ABC.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [FlammeClient] d:\Program Files\China Unicom\Cncmax\FlammeClient.exe
O4 - Global Startup: SRS Premium Sound.lnk = C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSound_XP.exe
O8 - Extra context menu item: &使用115优蛋 3下载 - D:\Program Files\115\UDown\getUrl.htm
O8 - Extra context menu item: &使用115优蛋 3下载全部链接 - D:\Program Files\115\UDown\getAllUrl.htm
O8 - Extra context menu item: 使用迅雷下载 - C:\Program Files\Thunder\Program\geturl.htm
O8 - Extra context menu item: 使用迅雷下载全部链接 - C:\Program Files\Thunder\Program\getallurl.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 添加为阿里旺旺表情 - C:\Program Files\AliWangWang\7.20.22C\AddNewEmotion.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\Program Files\Tencent\QQ\AddEmotion.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O10 - Unknown file in Winsock LSP: d:\program files\youku\youkuclient\ikutm.dll
O10 - Unknown file in Winsock LSP: d:\program files\youku\youkuclient\ikutm.dll
O10 - Unknown file in Winsock LSP: d:\program files\youku\youkuclient\ikutm.dll
O11 - Options group: [INTERNATIONAL] International
O11 - Options group: [TBH] 搜搜e点通
O15 - Trusted Zone: http://easyabc.95599.cn
O15 - Trusted Zone: http://www.95599.cn
O15 - Trusted Zone: http://www.95599.sh.cn
O15 - Trusted Zone: http://www.abchina.com
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com.cn/select/asusTek_sys_ctrl3.cab
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (EditCtrl Class) - https://img.alipay.com/download/2121/aliedit.cab
O16 - DPF: {AC414988-E5BB-4C2C-873B-EA53D2F3D23A} (CCTVUpdateInstall) - http://t.live.cntv.cn/ieocx/CCTVUpdateInstall.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Alipay security service (AlipaySecSvc) - Alipay Inc.  - C:\Program Files\alipay\alieditplus\AlipaySecSvc.exe
O23 - Service: Tencent AddressBar Update Service (ARUpdate) - Tencent - C:\Program Files\TENCENT\AddrUpdate\AddrUpdate.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: c20ukdrwsvc - Unknown owner - C:\Program Files\95599 Certificate Tools\Watertek\c20ukdrwsvr.exe
O23 - Service: DriverGenius PNP Service (DGPNPSEV) - MyDrivers.com - d:\Program Files\MyDrivers\DriverGenius2011\DgService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: KSafe service (KSafeSvc) - Unknown owner - C:\Program files\KSafe\KSafeSvc.exe" -svc (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MotoConnect Service - Unknown owner - C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe
O23 - Service: Norton 360 (N360) - Unknown owner - C:\Program Files\Norton 360\Engine\6.4.0.9\ccSvcHst.exe" /s "N360" /m "C:\Program Files\Norton 360\Engine\6.4.0.9\diMaster.dll" /prefetch:1 (file missing)
O23 - Service: OnKey Service of DB USB KEY for ABC - Unknown owner - C:\WINDOWS\system32\DBSer_ABC.exe
O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: UnicomUpdater - 中国联合通信有限公司北京分公司 - d:\Program Files\China Unicom\UnicomUpdater.exe
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

附件: hijackthis.log (2012-12-17 22:59:28, 8.37 K)
该附件被下载次数 309





用户系统信息:Mozilla/5.0 (Windows NT 5.1) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.100  Safari/534.30 TaoBrowser/1.2
分享到:
gototop
 

回复 1F 消灭来敌 的帖子

请详细描述一下系统问题,日志不是万能的。
gototop
 
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT