• 瀏覽: 2,017
  • 回覆: 3
[隱藏]
Help~~~~點算...有咩解救方法????

用左Hijackthis, 個log掃左出黎係咁..... THX 各位大大

[ 本帖最後由 siaki 於 2013-6-18 12:03 AM 編輯 ]



回覆 引用 TOP

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:56:29, on 17/6/2013
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16839)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Users\Siaki\funshion\funshiontools\FSPAP.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVG SafeGuard toolbar\vprot.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\YouKu\youkuclient\YoukuMediaCenter.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe

R3 - URLSearchHook: Tencent SearchHook - {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} - C:\Program Files\TENCENT\SSPlus\SAddr.dll
O2 - BHO: VideoUrlSniffer - {00000ADA-7E0D-47C1-986C-F017D09C4304} - C:\Users\Public\Thunder Network\XMP4\Core\Program\VideoUrlSniffer.2.0.3.100.(243).dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: IE2EMBHO Class - {0A0DDBD3-6641-40B9-873F-BBDD26D6C14E} - C:\Program Files\easyMule\modules\IE2EM.dll (file missing)
O2 - BHO: 0D567756-1931-076F-A0AF-5E1FD05888A4 Class - {0D567756-1931-076F-A0AF-5E1FD05888A4} - C:\Program Files\QvodPlayer\AddIn\{0D567756-1931-076F-A0AF-5E1FD05888A4}\QvodAddr.dll
O2 - BHO: XlBrowserAddinBho.XlBrowserAddinBhoObject - {0EA37B17-6B8B-4085-8257-F3A4AA69C27A} - C:\Program Files\Thunder Network\Thunder\BHO\XlBrowserAddin1.0.8.71.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: DWABrowserHlprObj Class - {2709D830-B643-4e72-9A1E-701CFFFCF30C} - C:\Windows\system32\dwabho.dll
O2 - BHO: Tencent Browser Helper - {37A4B834-959E-87FD-569D-A504936F66AE} - C:\Program Files\TENCENT\SSPlus\SAddr.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (file missing)
O2 - BHO: BrowserHelper - {4BF2CB0E-658A-442B-AC83-A64EC2150BFC} - C:\ProgramData\PPBrowserHelper\BHO\TipsBHO.dll
O2 - BHO: QvodExtend - {53AC8551-0DE0-4606-8A1E-A51AF20ADD60} - C:\QvodPlayer\QvodExtend.dll (file missing)
O2 - BHO: (no name) - {669751ED-D558-49AE-B01A-3B374CC7910E} - C:\PROGRAM FILES\TENCENT\SSPLUS\SSUP.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Tencent Browser Helper - {78368C1D-0416-434D-F479-5815DF23E577} - C:\Program Files\TENCENT\SSPlus\SAddr.dll
O2 - BHO: XunleiBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - C:\Program Files\Thunder Network\Thunder\BHO\XunleiBHO7.2.10.3694.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O2 - BHO: QvodExtend - {A8502600-B272-4F68-A67B-A0305D46D297} - C:\Program Files\QvodPlayer\QvodExtend\5.0.86.0\QvodExtend.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Siaki\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Tencent Browser Helper - {F96E6D7B-030E-712D-7C99-FACD54D4C97B} - C:\Program Files\TENCENT\SSPlus\SAddr.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Web to PDF 6 - {F6AE6693-5C8F-4622-B88D-517F9FEA7DAA} - C:\Program Files\soft Xpansion\Web to PDF\iexp32.dll (file missing)
O3 - Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Keyboard & Mouse Driver\StartAutorun.exe KMConfig.exe
O4 - HKLM\..\Run: [UpdatePDRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\8.0"
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [yiwoshuju] C:\Users\Public\Tpag\Iojt.exe /yiwoshuju
O4 - HKLM\..\Run: [QvodTerminal] "C:\Program Files\QvodPlayer\QvodTerminal.exe" -autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG SafeGuard toolbar\vprot.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Desktop iCalendar Lite.exe] "C:\Program Files\desksware\Desktop iCalendar Lite\Desktop iCalendar Lite.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Users\Siaki\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [XMP] "C:\Users\Public\THUNDE~1\XMP4\Core\Program\XMP.exe" /embedding /sstartfrom Startup101
O4 - HKCU\..\Run: [Google Update] "C:\Users\Siaki\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Funshion] "C:\Program Files\Funshion Online\Funshion\Funshion.exe" startbywindows tray
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [ctfmon32.exe] C:\PROGRA~2\rundll32.exe C:\PROGRA~2\wowdo.dat,XFG00
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-21-1325425376-2200078715-3083590249-1001\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun (User '?')
O4 - HKUS\S-1-5-21-1325425376-2200078715-3083590249-1001\..\Run: [XMP] "C:\Users\Public\THUNDE~1\XMP4\Core\Program\XMP.exe" /embedding /sstartfrom Startup101 (User '?')
O4 - HKUS\S-1-5-21-1325425376-2200078715-3083590249-1001\..\Run: [Google Update] "C:\Users\Siaki\AppData\Local\Google\Update\GoogleUpdate.exe" /c (User '?')
O4 - HKUS\S-1-5-21-1325425376-2200078715-3083590249-1001\..\Run: [Funshion] "C:\Program Files\Funshion Online\Funshion\Funshion.exe" startbywindows tray (User '?')
O4 - HKUS\S-1-5-21-1325425376-2200078715-3083590249-1001\..\Run: [HydraVisionDesktopManager] "C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe" (User '?')
O4 - HKUS\S-1-5-21-1325425376-2200078715-3083590249-1001\..\Run: [ctfmon32.exe] C:\PROGRA~2\rundll32.exe C:\PROGRA~2\wowdo.dat,XFG00 (User '?')
O4 - S-1-5-21-1325425376-2200078715-3083590249-1001 Startup: regmonstd.lnk = C:\Windows\System32\rundll32.exe (User '?')
O4 - Startup: regmonstd.lnk = C:\Windows\System32\rundll32.exe



回覆 引用 TOP

O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &妏蚚&捃濘燭盄狟婥 - C:\Program Files\Thunder Network\Thunder\BHO\OfflineDownload.htm
O8 - Extra context menu item: &妏蚚&捃濘狟婥 - C:\Program Files\Thunder Network\Thunder\BHO\geturl.htm
O8 - Extra context menu item: &妏蚚&捃濘狟婥�窒蟈諉 - C:\Program Files\Thunder Network\Thunder\BHO\GetAllUrl.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Foxy ?? - res://C:\Program Files\Foxy\Foxy.exe/download.htm
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: 使用快車3下載 - C:\Users\Siaki\AppData\Roaming\FlashGetBHO\GetUrl.htm
O8 - Extra context menu item: 使用快車3下載全部鏈結 - C:\Users\Siaki\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
O8 - Extra context menu item: 使用迅雷看看播放器播放 - C:\Users\Public\Thunder Network\XMP4\Core\Program\XmpIEMenu.htm
O8 - Extra context menu item: 匯出至 Microsoft Excel(&X) - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: 打?客?端至??器 &1 - C:\Windows\web\AOpenClient.htm
O8 - Extra context menu item: 打?客?端至??器 &2 - C:\Windows\web\AOpenClient.htm
O9 - Extra button: (no name) - {07ba8f6d-cb54-424b-839c-c2a6c8e6b436} - C:\Users\Public\Thunder Network\XMP4\Core\Program\XmpIEToolMenu.htm
O9 - Extra 'Tools' menuitem: ??迅雷看看播放器 - {07ba8f6d-cb54-424b-839c-c2a6c8e6b436} - C:\Users\Public\Thunder Network\XMP4\Core\Program\XmpIEToolMenu.htm
O9 - Extra button: 迅雷看看播放器 - {08ba8f6d-cb54-424b-839c-c2a6c8e6b436} - C:\Users\Public\Thunder Network\XMP4\Core\Program\XmpIEToolBar.htm
O9 - Extra button: (no name) - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - (no file)
O9 - Extra button: (no name) - {0A155D3C-68E2-4215-A47A-E800A446447A} - (no file)
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: 迅雷看看 - {5D578929-E74E-46A2-A810-4F33D011DC52} - C:\Program Files\Common Files\Thunder Network\Kankan\XLStartKankan.exe
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPTV\PPLive.exe
O9 - Extra 'Tools' menuitem: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPTV\PPLive.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing)
O9 - Extra button: 顯示或隱藏「HP Smart Web Printing」 - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\youku\youkuclient\ikutm.dll
O10 - Unknown file in Winsock LSP: c:\program files\youku\youkuclient\ikutm.dll
O10 - Unknown file in Winsock LSP: c:\program files\youku\youkuclient\ikutm.dll
O11 - Options group: [TBH] SOSO AddressBar Search
O13 - Gopher Prefix:
O15 - Trusted Zone: http://cache.tv.qq.com (HKLM)
O15 - Trusted Zone: http://qqlivecaption.qq.com (HKLM)
O15 - Trusted Zone: http://qqlivehabit.qq.com (HKLM)
O15 - Trusted Zone: http://qqlivesearch.qq.com (HKLM)
O15 - Trusted Zone: http://video_1.qq.com (HKLM)
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\Windows\System32\appdrvrem01.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - www.BitComet.com - C:\Program Files\BitComet\tools\BitCometService.exe
O23 - Service: Bonjour 服務 (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-LogRotatorService.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod 服務 (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Keyboard & Mouse Driver\KMWDSrv.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: soft Xpansion Dispatch Service (SXDS10) - soft Xpansion - C:\Program Files\Common Files\soft Xpansion\sxds10.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: vToolbarUpdater15.2.0 - AVG Secure Search - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe

--
End of file - 17653 bytes



回覆 引用 TOP

Step 1 : 開啟 HijackThis 修復項目

  • 開啟 HijackThis,按一下 Do a system scan only
  • 在左方的小格,勾選以下項目:
    引用:
    R3 - URLSearchHook: Tencent SearchHook - {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} - C:\Program Files\TENCENT\SSPlus\SAddr.dll

    O2 - BHO: DWABrowserHlprObj Class - {2709D830-B643-4e72-9A1E-701CFFFCF30C} - C:\Windows\system32\dwabho.dll

    O2 - BHO: Tencent Browser Helper - {37A4B834-959E-87FD-569D-A504936F66AE} - C:\Program Files\TENCENT\SSPlus\SAddr.dll

    O2 - BHO: BrowserHelper - {4BF2CB0E-658A-442B-AC83-A64EC2150BFC} - C:\ProgramData\PPBrowserHelper\BHO\TipsBHO.dll

    O2 - BHO: (no name) - {669751ED-D558-49AE-B01A-3B374CC7910E} - C:\PROGRAM FILES\TENCENT\SSPLUS\SSUP.DLL

    O2 - BHO: Tencent Browser Helper - {78368C1D-0416-434D-F479-5815DF23E577} - C:\Program Files\TENCENT\SSPlus\SAddr.dll

    O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)

    O2 - BHO: Tencent Browser Helper - {F96E6D7B-030E-712D-7C99-FACD54D4C97B} - C:\Program Files\TENCENT\SSPlus\SAddr.dll

    O3 - Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)

    O4 - HKCU\..\Run: [ctfmon32.exe] C:\PROGRA~2\rundll32.exe C:\PROGRA~2\wowdo.dat,XFG00

    O4 - Startup: regmonstd.lnk = C:\Windows\System32\rundll32.exe
  • 接一下 Fix checked,然後再按
  • 關閉 HijackThis

Step 2 : 重新啟動電腦

  • 重新啟動電腦
  • 請進入安全模式

Step 3 : 刪除檔案

  • 下載 OTM 至桌面,並執行 OTM
  • 複製下列文字,並貼上於 Paste Instructions for Items to be Moved 之框格內:
    引用:
    :files
    C:\Program Files\TENCENT\SSPlus\SAddr.dll
    C:\Windows\system32\dwabho.dll
    C:\ProgramData\PPBrowserHelper\BHO\TipsBHO.dll
    C:\PROGRAM FILES\TENCENT\SSPLUS\SSUP.DLL
    C:\PROGRA~2\wowdo.dat
  • 按一下 MoveIt!,再按 OK,並重新啟動電腦

Step 4 : 簡述情況及貼上報告

  • 請簡述一下閣下電腦的狀況
  • 請上傳下列報告至 Sendspace

  • HijackThis



回覆 引用 TOP

[按此隱藏 Google 建議的相符內容]