日志文件 Trend Micro HijackThis v 2.0.2
日志保存时间: 14:39:51,2011/11/6
操作系统: Unknown Windows (WinNT 6.01.3505 SP1)
IE版本: Internet Explorer v9.00 (9.00.8112.16421)
启动模式: 正常
正在运行的进程:
C:\Program Files (x86)\360\360Safe\deepscan\zhudongfangyu.exe
C:\Windows\SysWOW64\ABC\ABC SAFE CSP v3.2\WDKeyMonitorABC.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files (x86)\Launch Manager\LMutilps32.exe
C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe
D:\Program Files (x86)\360\360sd\360sd.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\NTI\Gateway MyBackup\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\360\360Safe\safemon\360Tray.exe
C:\Windows\SysWOW64\svchost.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
d:\Program Files (x86)\360\360sd\360rp.exe
D:\QQ游戏\地下城与勇士\start\TenProtect\TenSafe.exe
D:\QQ游戏\地下城与勇士\DNF.exe
d:\Program Files (x86)\Tencent\QQ\Bin\TXPlatform.exe
C:\Program Files (x86)\SogouInput\6.0.0.6203\SogouCloud.exe
C:\Users\gateway\AppData\Roaming\360se\bin\360se.exe
C:\Users\gateway\AppData\Roaming\360se\bin\SafeCentral\urlproc.exe
C:\Users\gateway\AppData\Roaming\360Notify\Bin\360seNotify.exe
C:\Users\gateway\AppData\Roaming\360se\bin\360se.exe
C:\Users\gateway\AppData\Roaming\360se\bin\360se.exe
E:\电影\hijackthis.exe
C:\Users\gateway\AppData\Local\Temp\nsaC035.tmp\hijackthis.exe
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: MediaMonitor.XlMediaMonitorBhoObject - {0EA37B17-6B8B-4085-8257-F3A4AA69C27A} - d:\Program Files (x86)\Thunder Network\Thunder\BHO\XlBrowserAddin1.0.1.29.dll
O2 - BHO: XunleiBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - d:\Program Files (x86)\Thunder Network\Thunder\BHO\XunleiBHO7.1.8.2302.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: DownloadAssistant.XlDownloadAssistantBhoObject - {B0E2F470-0B07-48f0-B3B1-5749505FAE9B} - d:\Program Files (x86)\Thunder Network\Thunder\BHO\XlBrowserAddin1.0.1.29.dll
O2 - BHO: SafeMon Class - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} - C:\Program Files (x86)\360\360Safe\safemon\safemon.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Gateway MyBackup\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [360Safetray] "C:\Program Files (x86)\360\360Safe\safemon\360Tray.exe" /start
O4 - HKLM\..\Run: [wdcertm_abc] C:\Windows\system32\ABC\ABC SAFE CSP v3.2\WDCertM_ABC.exe
O4 - HKCU\..\Run: [360sd] "D:\Program Files (x86)\360\360sd\360sd.exe" /autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - 扩展右键菜单项: 使用迅雷下载 - d:\Program Files (x86)\Thunder Network\Thunder\BHO\geturl.htm
O8 - 扩展右键菜单项: 使用迅雷下载全部链接 - d:\Program Files (x86)\Thunder Network\Thunder\BHO\GetAllUrl.htm
O8 - 扩展右键菜单项: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~2\MICROS~4\OFFICE11\EXCEL.EXE/3000
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O13 - Gopher Prefix:
O15 - Trusted Zone:
http://easyabc.95599.cnO15 - Trusted Zone:
http://www.95599.cnO15 - Trusted Zone:
http://www.abchina.comO15 - Trusted Zone: http://*.taobao.com
O15 - Trusted Zone: http://*.alipay.com (HKLM)
O15 - Trusted Zone: http://*.alisoft.com (HKLM)
O15 - Trusted Zone: http://*.taobao.com (HKLM)
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - NT 服务: 360 杀毒实时防护服务 (360rp) - 360.cn - d:\Program Files (x86)\360\360sd\360rp.exe
O23 - NT 服务: ABC V3.2 (ABCMonitor) - Agricultural Bank of China - C:\Windows\SysWOW64\ABC\ABC SAFE CSP v3.2\WDKeyMonitorABC.exe
O23 - NT 服务: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe(文件不存在)
O23 - NT 服务: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - NT 服务: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - NT 服务: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe(文件不存在)
O23 - NT 服务: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
O23 - NT 服务: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe(文件不存在)
O23 - NT 服务: GREGService - Acer Incorporated - C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
O23 - NT 服务: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - NT 服务: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe(文件不存在)
O23 - NT 服务: Live Updater Service - Acer Incorporated - C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
O23 - NT 服务: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - NT 服务: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe(文件不存在)
O23 - NT 服务: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - NT 服务: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe(文件不存在)
O23 - NT 服务: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe
O23 - NT 服务: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe(文件不存在)
O23 - NT 服务: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - NT 服务: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe(文件不存在)
O23 - NT 服务: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe(文件不存在)
O23 - NT 服务: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe(文件不存在)
O23 - NT 服务: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe(文件不存在)
O23 - NT 服务: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe(文件不存在)
O23 - NT 服务: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe(文件不存在)
O23 - NT 服务: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - NT 服务: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe(文件不存在)
O23 - NT 服务: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - NT 服务: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe(文件不存在)
O23 - NT 服务: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe(文件不存在)
O23 - NT 服务: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe(文件不存在)
O23 - NT 服务: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe(文件不存在)
O23 - NT 服务: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe(文件不存在)
O23 - NT 服务: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe(文件不存在)
O23 - NT 服务: 主动防御 (ZhuDongFangYu) - 360.cn - C:\Program Files (x86)\360\360Safe\deepscan\zhudongfangyu.exe
--
文件结束 - 9016 字节
用户系统信息:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; BRI/2; MAGW; 360SE)
