系唔系中毒?
时间:2014-03-16
来源:互联网
唔知系唔系POST呢度...
近排唔知点解上YAHOO search 野禁左search,result出唔到,
最重要系成部机hang左, 禁个三粒制有时都弹唔到个工作管理员出黎,
叫我禁"Esc"/强制熄机...
想问系咩原因T_T...
同埋解决
麻烦哂!
[ 本帖最后由 ping0219 於 2014-1-22 08:46 PM 编辑 ]
近排唔知点解上YAHOO search 野禁左search,result出唔到,
最重要系成部机hang左, 禁个三粒制有时都弹唔到个工作管理员出黎,
叫我禁"Esc"/强制熄机...
想问系咩原因T_T...
同埋解决
麻烦哂!
[ 本帖最后由 ping0219 於 2014-1-22 08:46 PM 编辑 ]
作者: ping0219 发布时间: 2014-03-16
1. 下载/执行 RogueKiller
等候初次扫描完成>按下[扫描]>按下[删除]>贴报告
2. 下载/执行Malwarebytes' Anti-Malware
安装Malwarebytes (不需作任何变更) > 取消勾选升级到Pro版 > 更新资料库 > 执行完整扫描 > 贴报告
等候初次扫描完成>按下[扫描]>按下[删除]>贴报告
2. 下载/执行Malwarebytes' Anti-Malware
安装Malwarebytes (不需作任何变更) > 取消勾选升级到Pro版 > 更新资料库 > 执行完整扫描 > 贴报告
作者: GoodestEngilsh 发布时间: 2014-03-16
RogueKiller V8.8.0 [Dec 27 2013] tigzy 设计制作
电子邮件 : tigzyRK<at>gmail<dot>com
意见反应 : http://www.adlice.com/forum/
网站 : http://www.adlice.com/softwares/roguekiller/
部落格 : http://www.adlice.com
作业系统 : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
开始在 : 标准模式
使用�?� : Jenny Ho [系统�?�理员权限]
模式 : Remove -- 日期 : 01/15/2014 21:07:06
| ARK || FAK || MBR |
¤¤¤ 损坏的处理程序 : 0 ¤¤¤
¤¤¤ 系统登录项�? : 3 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : Viber ("C:\Users\Jenny Ho\AppData\Local\Viber\Viber.exe" StartMinimized [7][x]) -> 已删除
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> 已取代 (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> 已取代 (0)
¤¤¤ 计划任务 : 0 ¤¤¤
¤¤¤ 启动的项�? : 0 ¤¤¤
¤¤¤ Web�?�览器 : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ 特�?�档案/资料夹: ¤¤¤
¤¤¤ 驱动程式 : [未载入 0x0] ¤¤¤
¤¤¤ 外部 Hives: ¤¤¤
¤¤¤ 感染 : ¤¤¤
¤¤¤ HOSTS 档: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR 检查: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD7500BPVT-16HXZT3 +++++
--- User ---
[MBR] 38851368f69779365b0918b4e0ad344b
[BSP] 0893943ec9d263cb5e03f3316695f5a5 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 32768 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 67110912 | Size: 200 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 67520512 | Size: 341217 Mo
3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 766332928 | Size: 341217 Mo
User = LL1 ... OK!
User = LL2 ... OK!
�?�成 : << RKreport[0]_D_01152014_210706.txt >>
RKreport[0]_S_01152014_204440.txt
电子邮件 : tigzyRK<at>gmail<dot>com
意见反应 : http://www.adlice.com/forum/
网站 : http://www.adlice.com/softwares/roguekiller/
部落格 : http://www.adlice.com
作业系统 : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
开始在 : 标准模式
使用�?� : Jenny Ho [系统�?�理员权限]
模式 : Remove -- 日期 : 01/15/2014 21:07:06
| ARK || FAK || MBR |
¤¤¤ 损坏的处理程序 : 0 ¤¤¤
¤¤¤ 系统登录项�? : 3 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : Viber ("C:\Users\Jenny Ho\AppData\Local\Viber\Viber.exe" StartMinimized [7][x]) -> 已删除
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> 已取代 (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> 已取代 (0)
¤¤¤ 计划任务 : 0 ¤¤¤
¤¤¤ 启动的项�? : 0 ¤¤¤
¤¤¤ Web�?�览器 : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ 特�?�档案/资料夹: ¤¤¤
¤¤¤ 驱动程式 : [未载入 0x0] ¤¤¤
¤¤¤ 外部 Hives: ¤¤¤
¤¤¤ 感染 : ¤¤¤
¤¤¤ HOSTS 档: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR 检查: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD7500BPVT-16HXZT3 +++++
--- User ---
[MBR] 38851368f69779365b0918b4e0ad344b
[BSP] 0893943ec9d263cb5e03f3316695f5a5 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 32768 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 67110912 | Size: 200 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 67520512 | Size: 341217 Mo
3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 766332928 | Size: 341217 Mo
User = LL1 ... OK!
User = LL2 ... OK!
�?�成 : << RKreport[0]_D_01152014_210706.txt >>
RKreport[0]_S_01152014_204440.txt
作者: ping0219 发布时间: 2014-03-16
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
资料库版本: v2014.01.15.04
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Jenny Ho :: JENNYHO-PC [系统管理员]
15/1/2014 21:12:38
mbam-log-2014-01-15 (21-12-38).txt
扫描类型: 完全扫描 (C:\|D:\|)
启用扫描选项: 记忆体 | 启动 | 登录档 | 档案系统 | 启发式/额外 | 启发式/Shuriken 引擎 | PUP | PUM
停用扫描选项: P2P
被扫描物件数量: 377411
总共扫描时间: 1 小时, 19 分钟, 13 秒
被检测到记忆体进程数量: 0
(没有检测到有害项目)
被检测到记忆体模组数量: 0
(没有检测到有害项目)
被检测到登录档项目数量: 7
HKCU\Software\MozillaPlugins\@tnt2ghost.com/Plugin (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> 没有采取任何行动
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> 没有采取任何行动
HKCR\TypeLib\{ABB8A8A5-FF98-40F6-B573-5841B063EA37} (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
HKCR\Interface\{02F878DF-E2BE-4B85-8CB4-A0D2D4E2ED7F} (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{514A6652-B032-4328-945D-83D578D20F4B} (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
HKCR\CLSID\{0FEB2313-F89B-4AC6-8153-84025604A06A} (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
被检测到登录档值数量: 2
HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> 数据: {2E9E01D8-4902-11E2-9B8D-24EC99A5FE18} -> 没有采取任何行动
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> 数据: {2E9E01D8-4902-11E2-9B8D-24EC99A5FE18} -> 没有采取任何行动
被检测到登录档资料项目数量: 0
(没有检测到有害项目)
被检测到资料夹数量: 7
C:\Users\Jenny Ho\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Roaming\OpenCandy\D386697090064C8A9FF4C2A6D4A28A5B (PUP.Optional.OpenCandy) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2 (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627 (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\Common (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\Profiles (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\Profiles\10675 (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
被检测到档案数量: 34
C:\Users\Jenny Ho\AppData\Roaming\OpenCandy\D386697090064C8A9FF4C2A6D4A28A5B\chrome-Little-Alchemy_p1v1.exe (PUP.Optional.OpenCandy) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\Autorun.inf (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\GameApps.ini (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\GameConsole.exe (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\GameEngine.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\hmac.1.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\iehpr.1.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\iestage2.1.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\IEToolbar.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\IEToolbar64.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\log.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\MinecraftShims64.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\npTNT2.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\npTNT2Ghost.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\passport.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\passport64.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\progress.1.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\regsvr.1.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\sqlite.1.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\tnt2chrome.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\TNT2User.exe (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\TNT2UserPS.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\TNT2UserPS64.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\TntMagicDel.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\UnInjLib.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\UnInjLib64.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\UninstallDlg.1.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\untar.1.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\zipunzip.1.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\Common\GameConsole.exe (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\Profiles\10675\passport.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\Profiles\10675\passport64.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0\mgHelperGCFB.dll (PUP.Optional.SweetIM) -> 已成功隔离及删除
C:\Users\Jenny Ho\Dropbox\驱动程式\FunshionInstall2.6.5.17.exe (PUP.Funshion) -> 已成功隔离及删除
﹝结束﹞
禁错,,,扫完好多未DEL= =
BTW, thanks!
www.malwarebytes.org
资料库版本: v2014.01.15.04
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Jenny Ho :: JENNYHO-PC [系统管理员]
15/1/2014 21:12:38
mbam-log-2014-01-15 (21-12-38).txt
扫描类型: 完全扫描 (C:\|D:\|)
启用扫描选项: 记忆体 | 启动 | 登录档 | 档案系统 | 启发式/额外 | 启发式/Shuriken 引擎 | PUP | PUM
停用扫描选项: P2P
被扫描物件数量: 377411
总共扫描时间: 1 小时, 19 分钟, 13 秒
被检测到记忆体进程数量: 0
(没有检测到有害项目)
被检测到记忆体模组数量: 0
(没有检测到有害项目)
被检测到登录档项目数量: 7
HKCU\Software\MozillaPlugins\@tnt2ghost.com/Plugin (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> 没有采取任何行动
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> 没有采取任何行动
HKCR\TypeLib\{ABB8A8A5-FF98-40F6-B573-5841B063EA37} (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
HKCR\Interface\{02F878DF-E2BE-4B85-8CB4-A0D2D4E2ED7F} (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{514A6652-B032-4328-945D-83D578D20F4B} (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
HKCR\CLSID\{0FEB2313-F89B-4AC6-8153-84025604A06A} (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
被检测到登录档值数量: 2
HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> 数据: {2E9E01D8-4902-11E2-9B8D-24EC99A5FE18} -> 没有采取任何行动
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> 数据: {2E9E01D8-4902-11E2-9B8D-24EC99A5FE18} -> 没有采取任何行动
被检测到登录档资料项目数量: 0
(没有检测到有害项目)
被检测到资料夹数量: 7
C:\Users\Jenny Ho\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Roaming\OpenCandy\D386697090064C8A9FF4C2A6D4A28A5B (PUP.Optional.OpenCandy) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2 (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627 (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\Common (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\Profiles (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\Profiles\10675 (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
被检测到档案数量: 34
C:\Users\Jenny Ho\AppData\Roaming\OpenCandy\D386697090064C8A9FF4C2A6D4A28A5B\chrome-Little-Alchemy_p1v1.exe (PUP.Optional.OpenCandy) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\Autorun.inf (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\GameApps.ini (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\GameConsole.exe (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\GameEngine.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\hmac.1.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\iehpr.1.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\iestage2.1.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\IEToolbar.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\IEToolbar64.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\log.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\MinecraftShims64.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\npTNT2.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\npTNT2Ghost.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\passport.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\passport64.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\progress.1.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\regsvr.1.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\sqlite.1.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\tnt2chrome.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\TNT2User.exe (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\TNT2UserPS.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\TNT2UserPS64.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\TntMagicDel.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\UnInjLib.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\UnInjLib64.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\UninstallDlg.1.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\untar.1.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\zipunzip.1.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\Common\GameConsole.exe (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\Profiles\10675\passport.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\TNT2\Profiles\10675\passport64.dll (PUP.Optional.TidyNetwork.A) -> 没有采取任何行动
C:\Users\Jenny Ho\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0\mgHelperGCFB.dll (PUP.Optional.SweetIM) -> 已成功隔离及删除
C:\Users\Jenny Ho\Dropbox\驱动程式\FunshionInstall2.6.5.17.exe (PUP.Funshion) -> 已成功隔离及删除
﹝结束﹞
禁错,,,扫完好多未DEL= =
BTW, thanks!
作者: ping0219 发布时间: 2014-03-16
做多次 DEL返晒佢 
作者: GoodestEngilsh 发布时间: 2014-03-16
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
资料库版本: v2014.01.17.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Jenny Ho :: JENNYHO-PC [系统管理员]
17/1/2014 19:25:33
mbam-log-2014-01-17 (19-25-33).txt
扫描类型: 完全扫描 (C:\|D:\|)
启用扫描选项: 记忆体 | 启动 | 登录档 | 档案系统 | 启发式/额外 | 启发式/Shuriken 引擎 | PUP | PUM
停用扫描选项: P2P
被扫描物件数量: 379234
总共扫描时间: 1 小时, 30 分钟, 46 秒
被检测到记忆体进程数量: 0
(没有检测到有害项目)
被检测到记忆体模组数量: 0
(没有检测到有害项目)
被检测到登录档项目数量: 7
HKCU\Software\MozillaPlugins\@tnt2ghost.com/Plugin (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> 已成功隔离及删除
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> 已成功隔离及删除
HKCR\TypeLib\{ABB8A8A5-FF98-40F6-B573-5841B063EA37} (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
HKCR\Interface\{02F878DF-E2BE-4B85-8CB4-A0D2D4E2ED7F} (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{514A6652-B032-4328-945D-83D578D20F4B} (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
HKCR\CLSID\{0FEB2313-F89B-4AC6-8153-84025604A06A} (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
被检测到登录档值数量: 2
HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> 数据: {2E9E01D8-4902-11E2-9B8D-24EC99A5FE18} -> 已成功隔离及删除
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> 数据: {2E9E01D8-4902-11E2-9B8D-24EC99A5FE18} -> 已成功隔离及删除
被检测到登录档资料项目数量: 0
(没有检测到有害项目)
被检测到资料夹数量: 7
C:\Users\Jenny Ho\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Roaming\OpenCandy\D386697090064C8A9FF4C2A6D4A28A5B (PUP.Optional.OpenCandy) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2 (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627 (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\Common (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\Profiles (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\Profiles\10675 (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
被检测到档案数量: 32
C:\Users\Jenny Ho\AppData\Roaming\OpenCandy\D386697090064C8A9FF4C2A6D4A28A5B\chrome-Little-Alchemy_p1v1.exe (PUP.Optional.OpenCandy) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\Autorun.inf (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\GameApps.ini (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\GameConsole.exe (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\GameEngine.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\hmac.1.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\iehpr.1.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\iestage2.1.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\IEToolbar.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\IEToolbar64.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\log.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\MinecraftShims64.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\npTNT2.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\npTNT2Ghost.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\passport.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\passport64.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\progress.1.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\regsvr.1.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\sqlite.1.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\tnt2chrome.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\TNT2User.exe (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\TNT2UserPS.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\TNT2UserPS64.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\TntMagicDel.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\UnInjLib.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\UnInjLib64.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\UninstallDlg.1.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\untar.1.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\zipunzip.1.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\Common\GameConsole.exe (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\Profiles\10675\passport.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\Profiles\10675\passport64.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
﹝结束﹞
今次DEL哂啦,系唔系咁就搞掂架啦?
未敢再去YAHOO SEARCH野,因为每次HANG到要强制熄机
thanks!
www.malwarebytes.org
资料库版本: v2014.01.17.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Jenny Ho :: JENNYHO-PC [系统管理员]
17/1/2014 19:25:33
mbam-log-2014-01-17 (19-25-33).txt
扫描类型: 完全扫描 (C:\|D:\|)
启用扫描选项: 记忆体 | 启动 | 登录档 | 档案系统 | 启发式/额外 | 启发式/Shuriken 引擎 | PUP | PUM
停用扫描选项: P2P
被扫描物件数量: 379234
总共扫描时间: 1 小时, 30 分钟, 46 秒
被检测到记忆体进程数量: 0
(没有检测到有害项目)
被检测到记忆体模组数量: 0
(没有检测到有害项目)
被检测到登录档项目数量: 7
HKCU\Software\MozillaPlugins\@tnt2ghost.com/Plugin (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> 已成功隔离及删除
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> 已成功隔离及删除
HKCR\TypeLib\{ABB8A8A5-FF98-40F6-B573-5841B063EA37} (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
HKCR\Interface\{02F878DF-E2BE-4B85-8CB4-A0D2D4E2ED7F} (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{514A6652-B032-4328-945D-83D578D20F4B} (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
HKCR\CLSID\{0FEB2313-F89B-4AC6-8153-84025604A06A} (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
被检测到登录档值数量: 2
HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> 数据: {2E9E01D8-4902-11E2-9B8D-24EC99A5FE18} -> 已成功隔离及删除
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> 数据: {2E9E01D8-4902-11E2-9B8D-24EC99A5FE18} -> 已成功隔离及删除
被检测到登录档资料项目数量: 0
(没有检测到有害项目)
被检测到资料夹数量: 7
C:\Users\Jenny Ho\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Roaming\OpenCandy\D386697090064C8A9FF4C2A6D4A28A5B (PUP.Optional.OpenCandy) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2 (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627 (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\Common (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\Profiles (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\Profiles\10675 (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
被检测到档案数量: 32
C:\Users\Jenny Ho\AppData\Roaming\OpenCandy\D386697090064C8A9FF4C2A6D4A28A5B\chrome-Little-Alchemy_p1v1.exe (PUP.Optional.OpenCandy) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\Autorun.inf (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\GameApps.ini (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\GameConsole.exe (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\GameEngine.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\hmac.1.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\iehpr.1.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\iestage2.1.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\IEToolbar.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\IEToolbar64.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\log.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\MinecraftShims64.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\npTNT2.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\npTNT2Ghost.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\passport.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\passport64.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\progress.1.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\regsvr.1.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\sqlite.1.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\tnt2chrome.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\TNT2User.exe (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\TNT2UserPS.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\TNT2UserPS64.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\TntMagicDel.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\UnInjLib.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\UnInjLib64.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\UninstallDlg.1.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\untar.1.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\2.0.0.1627\zipunzip.1.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\Common\GameConsole.exe (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\Profiles\10675\passport.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
C:\Users\Jenny Ho\AppData\Local\TNT2\Profiles\10675\passport64.dll (PUP.Optional.TidyNetwork.A) -> 已成功隔离及删除
﹝结束﹞
今次DEL哂啦,系唔系咁就搞掂架啦?
未敢再去YAHOO SEARCH野,因为每次HANG到要强制熄机
thanks!
作者: ping0219 发布时间: 2014-03-16
1. 下载/执行Junkware Removal Tool扫毒。执行扫毒前请关闭所有浏览器同程式。(JRT会自动删除附於浏览器的恶意程式/档案/登录档)
请上载报告。
2. 下载连结 下载/执行 AdwCleaner 扫毒
*执行扫毒前请关闭所有浏览器同程式
>先按[Scan] > 后按[Delete]
>重启电脑 > 有log弹出
>上传log
请上载报告。
2. 下载连结 下载/执行 AdwCleaner 扫毒
*执行扫毒前请关闭所有浏览器同程式
>先按[Scan] > 后按[Delete]
>重启电脑 > 有log弹出
>上传log
作者: GoodestEngilsh 发布时间: 2014-03-16
# AdwCleaner v3.017 - Report created 18/01/2014 at 20:35:09
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Jenny Ho - JENNYHO-PC
# Running from : C:\Users\Jenny Ho\Downloads\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files (x86)\baidu
Folder Deleted : C:\Users\JENNYH~1\AppData\Local\Temp\baidu
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\Software\PIP
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Google Chrome v32.0.1700.76
[ File : C:\Users\Jenny Ho\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [3217 octets] - [18/01/2014 20:19:49]
AdwCleaner[R1].txt - [2045 octets] - [18/01/2014 20:33:57]
AdwCleaner[S0].txt - [1927 octets] - [18/01/2014 20:35:09]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1987 octets] ##########
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Jenny Ho - JENNYHO-PC
# Running from : C:\Users\Jenny Ho\Downloads\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files (x86)\baidu
Folder Deleted : C:\Users\JENNYH~1\AppData\Local\Temp\baidu
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\Software\PIP
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Google Chrome v32.0.1700.76
[ File : C:\Users\Jenny Ho\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [3217 octets] - [18/01/2014 20:19:49]
AdwCleaner[R1].txt - [2045 octets] - [18/01/2014 20:33:57]
AdwCleaner[S0].txt - [1927 octets] - [18/01/2014 20:35:09]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1987 octets] ##########
作者: ping0219 发布时间: 2014-03-16
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by Jenny Ho on 18/01/2014 周六 at 20:21:18.61
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-693099657-171850478-1358894106-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\baidu
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bundlesweetimsetup_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bundlesweetimsetup_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetpacksupdatemanager_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{05B0082B-69F6-4C7F-A357-1F6A0151939D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9D147604-CF5A-4800-97E6-88E228D0D9D5}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] "hkey_current_user\software\pip"
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\baidu"
Successfully deleted: [Folder] "C:\Users\Jenny Ho\AppData\Roaming\baidu"
Failed to delete: [Folder] "C:\Program Files (x86)\baidu"
Successfully deleted: [Empty Folder] C:\Users\Jenny Ho\appdata\local\{0669574F-42B0-4113-9652-18F7CAA663CF}
Successfully deleted: [Empty Folder] C:\Users\Jenny Ho\appdata\local\{0DE8C9B7-B9CA-4D46-B873-7BBA555278F7}
Successfully deleted: [Empty Folder] C:\Users\Jenny Ho\appdata\local\{16F6AA0D-C30E-4E06-BA59-0E1FB1ACB884}
Successfully deleted: [Empty Folder] C:\Users\Jenny Ho\appdata\local\{1FE78317-1376-4849-B8CB-74C6724C58D0}
Successfully deleted: [Empty Folder] C:\Users\Jenny Ho\appdata\local\{4EAC7867-0F11-4559-A39B-0A9A229D6F44}
Successfully deleted: [Empty Folder] C:\Users\Jenny Ho\appdata\local\{75235831-E11E-4E88-BE2C-A853E152AD91}
Successfully deleted: [Empty Folder] C:\Users\Jenny Ho\appdata\local\{7DFABAD4-2D43-4968-AAF7-AACA113F8EC7}
Successfully deleted: [Empty Folder] C:\Users\Jenny Ho\appdata\local\{87EB7B0D-FC84-4493-9AE6-D380A22383F8}
Successfully deleted: [Empty Folder] C:\Users\Jenny Ho\appdata\local\{B147D3BF-0D9C-4E7B-A0B1-7D67736C6004}
Successfully deleted: [Empty Folder] C:\Users\Jenny Ho\appdata\local\{B344439F-EEAB-475C-857A-05026C4C57D8}
Successfully deleted: [Empty Folder] C:\Users\Jenny Ho\appdata\local\{B4C4D9D9-2733-4731-AB12-9414C89F6062}
Successfully deleted: [Empty Folder] C:\Users\Jenny Ho\appdata\local\{CEA3A57D-EED7-4694-90B8-A0B25FFC16E4}
Successfully deleted: [Empty Folder] C:\Users\Jenny Ho\appdata\local\{E2B36FAB-1468-4720-9A51-97DB06DB9A73}
Successfully deleted: [Empty Folder] C:\Users\Jenny Ho\appdata\local\{F4D1FE5C-5EA0-446D-BD2F-7044447971E8}
Successfully deleted: [Folder] "C:\ProgramData\ask"
~~~ Chrome
Successfully deleted: [Folder] C:\Users\Jenny Ho\appdata\local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18/01/2014 周六 at 20:32:29.69
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by Jenny Ho on 18/01/2014 周六 at 20:21:18.61
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-693099657-171850478-1358894106-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\baidu
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bundlesweetimsetup_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bundlesweetimsetup_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetpacksupdatemanager_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{05B0082B-69F6-4C7F-A357-1F6A0151939D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9D147604-CF5A-4800-97E6-88E228D0D9D5}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] "hkey_current_user\software\pip"
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\baidu"
Successfully deleted: [Folder] "C:\Users\Jenny Ho\AppData\Roaming\baidu"
Failed to delete: [Folder] "C:\Program Files (x86)\baidu"
Successfully deleted: [Empty Folder] C:\Users\Jenny Ho\appdata\local\{0669574F-42B0-4113-9652-18F7CAA663CF}
Successfully deleted: [Empty Folder] C:\Users\Jenny Ho\appdata\local\{0DE8C9B7-B9CA-4D46-B873-7BBA555278F7}
Successfully deleted: [Empty Folder] C:\Users\Jenny Ho\appdata\local\{16F6AA0D-C30E-4E06-BA59-0E1FB1ACB884}
Successfully deleted: [Empty Folder] C:\Users\Jenny Ho\appdata\local\{1FE78317-1376-4849-B8CB-74C6724C58D0}
Successfully deleted: [Empty Folder] C:\Users\Jenny Ho\appdata\local\{4EAC7867-0F11-4559-A39B-0A9A229D6F44}
Successfully deleted: [Empty Folder] C:\Users\Jenny Ho\appdata\local\{75235831-E11E-4E88-BE2C-A853E152AD91}
Successfully deleted: [Empty Folder] C:\Users\Jenny Ho\appdata\local\{7DFABAD4-2D43-4968-AAF7-AACA113F8EC7}
Successfully deleted: [Empty Folder] C:\Users\Jenny Ho\appdata\local\{87EB7B0D-FC84-4493-9AE6-D380A22383F8}
Successfully deleted: [Empty Folder] C:\Users\Jenny Ho\appdata\local\{B147D3BF-0D9C-4E7B-A0B1-7D67736C6004}
Successfully deleted: [Empty Folder] C:\Users\Jenny Ho\appdata\local\{B344439F-EEAB-475C-857A-05026C4C57D8}
Successfully deleted: [Empty Folder] C:\Users\Jenny Ho\appdata\local\{B4C4D9D9-2733-4731-AB12-9414C89F6062}
Successfully deleted: [Empty Folder] C:\Users\Jenny Ho\appdata\local\{CEA3A57D-EED7-4694-90B8-A0B25FFC16E4}
Successfully deleted: [Empty Folder] C:\Users\Jenny Ho\appdata\local\{E2B36FAB-1468-4720-9A51-97DB06DB9A73}
Successfully deleted: [Empty Folder] C:\Users\Jenny Ho\appdata\local\{F4D1FE5C-5EA0-446D-BD2F-7044447971E8}
Successfully deleted: [Folder] "C:\ProgramData\ask"
~~~ Chrome
Successfully deleted: [Folder] C:\Users\Jenny Ho\appdata\local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18/01/2014 周六 at 20:32:29.69
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
作者: ping0219 发布时间: 2014-03-16
贴启动
开始 > 输入msconfig > 到[启动]栏位 截图并贴上
贴工作管理员
Ctrl+Alt+Del > 工作管理员 > 处理程序 > 截图并贴上
贴图网:http://img.chinsin.com/
将论坛代码贴上
开始 > 输入msconfig > 到[启动]栏位 截图并贴上
贴工作管理员
Ctrl+Alt+Del > 工作管理员 > 处理程序 > 截图并贴上
贴图网:http://img.chinsin.com/
将论坛代码贴上
作者: GoodestEngilsh 发布时间: 2014-03-16
作者: ping0219 发布时间: 2014-03-16
作者: ping0219 发布时间: 2014-03-16
作者: ping0219 发布时间: 2014-03-16
作者: ping0219 发布时间: 2014-03-16
作者: ping0219 发布时间: 2014-03-16
取消勾选以下启动项目 ~
Microsoft Office x 2
daemon tool
adobe reader
bluesoleil
back monit....
制造商为Cyber Link x 3
Apple Push
baiduhelper
java
Microsoft Office x 2
daemon tool
adobe reader
bluesoleil
back monit....
制造商为Cyber Link x 3
Apple Push
baiduhelper
java
作者: GoodestEngilsh 发布时间: 2014-03-16
Thanks very much!!!
作者: ping0219 发布时间: 2014-03-16
睇下仲有冇问题
作者: GoodestEngilsh 发布时间: 2014-03-16
相关阅读 更多
热门阅读
-
office 2019专业增强版最新2021版激活秘钥/序列号/激活码推荐 附激活工具
阅读:74
-
如何安装mysql8.0
阅读:31
-
Word快速设置标题样式步骤详解
阅读:28
-
20+道必知必会的Vue面试题(附答案解析)
阅读:37
-
HTML如何制作表单
阅读:22
-
百词斩可以改天数吗?当然可以,4个步骤轻松修改天数!
阅读:31
-
ET文件格式和XLS格式文件之间如何转化?
阅读:24
-
react和vue的区别及优缺点是什么
阅读:121
-
支付宝人脸识别如何关闭?
阅读:21
-
腾讯微云怎么修改照片或视频备份路径?
阅读:28
