怀疑中木马,但电脑无不正常现象
时间:2013-10-08
来源:互联网
近来试过gmail同某online game回报有不正常活动同异地登入,但电脑无不正常现象...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 下午 06:12:23, on 2013/8/20
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
H:\WINDOWS\System32\smss.exe
H:\PROGRA~1\AVG\AVG2012\avgrsx.exe
H:\Program Files\AVG\AVG2012\avgcsrvx.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\System32\Ati2evxx.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
H:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
H:\Program Files\AVG\AVG2012\avgwdsvc.exe
H:\Program Files\Bonjour\mDNSResponder.exe
H:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
H:\Program Files\Java\jre7\bin\jqs.exe
H:\WINDOWS\Explorer.EXE
H:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
H:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
H:\Program Files\AVG\AVG2012\avgnsx.exe
H:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
H:\Program Files\AVG\AVG2012\avgemcx.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\AVG\AVG2012\avgtray.exe
H:\Program Files\QNAP\Finder\iSCSIAgent.exe
H:\Program Files\Common Files\Java\Java Update\jusched.exe
H:\Program Files\iTunes\iTunesHelper.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\Skype\Phone\Skype.exe
H:\Program Files\iPod\bin\iPodService.exe
H:\Program Files\alipay\SafeTransaction\Alipaybsm.exe
H:\WINDOWS\system32\WgaTray.exe
H:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
H:\WINDOWS\system32\wuauclt.exe
H:\Program Files\Tencent\QQ\Bin\QQ.exe
H:\Program Files\alipay\alieditplus\AlipaySecSvc.exe
H:\Program Files\Mozilla Firefox\firefox.exe
H:\Program Files\Mozilla Firefox\plugin-container.exe
H:\Program Files\Adobe\Acrobat 7.0\Distillr\AcroTray.exe
H:\WINDOWS\system32\conime.exe
H:\Program Files\alipay\SafeTransaction\AlipaySafeTran.exe
H:\Program Files\Trend Micro\HijackThis\HijackThis.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - H:\Program Files\AVG\AVG2012\avgdtiex.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - H:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - H:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live 祅??鶄K? - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - H:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - H:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - H:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - H:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - H:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - H:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] ; "H:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [CJIMETIPSYNC] ; H:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\CHANGJIE\CINTLCFG.EXE /CJIMETIPSync
O4 - HKLM\..\Run: [PHIMETIPSYNC] ; H:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\PHONETIC\TINTLCFG.EXE /PHIMETIPSync
O4 - HKLM\..\Run: [ISUSPM Startup] H:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "H:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RTHDCPL] ; RTHDCPL.EXE
O4 - HKLM\..\Run: [APSDaemon] "H:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [AVG_TRAY] "H:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [iSCSIAgent] H:\Program Files\QNAP\Finder\iSCSIAgent.exe
O4 - HKLM\..\Run: [Alcmtr] ; ALCMTR.EXE
O4 - HKLM\..\Run: [IMJPMIG8.1] ; "H:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [InCD] ; H:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [LanguageShortcut] ; "H:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [LGODDFU] ; "H:\Program Files\lg_fwupdate\fwupdate.exe" blrun
O4 - HKLM\..\Run: [NeroFilterCheck] ; H:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [PHIME2002A] ; H:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PHIME2002ASync] ; H:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [RemoteControl] ; "H:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SecurDisc] ; H:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [StartCCC] ; "H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Thunder] ; "H:\Program Files\Thunder Network\Thunder\Thunder.exe" /s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "H:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "H:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "H:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] ; "H:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [MSMSGS] ; "H:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [MsnMsgr] "H:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Uniblue RegistryBooster2] ; H:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [swg] "H:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Skype] "H:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] H:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] H:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] H:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] H:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &使用BitComet下载 - res://H:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &使用BitComet下载全部连结 - res://H:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Convert link target to Adobe PDF - res://H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: (no name) - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - (no file)
O9 - Extra button: 发布至部落格 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - H:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: 使用 Windows Live Writer 发布至部落格(&B) - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - H:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 下午 06:12:23, on 2013/8/20
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
H:\WINDOWS\System32\smss.exe
H:\PROGRA~1\AVG\AVG2012\avgrsx.exe
H:\Program Files\AVG\AVG2012\avgcsrvx.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\System32\Ati2evxx.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
H:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
H:\Program Files\AVG\AVG2012\avgwdsvc.exe
H:\Program Files\Bonjour\mDNSResponder.exe
H:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
H:\Program Files\Java\jre7\bin\jqs.exe
H:\WINDOWS\Explorer.EXE
H:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
H:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
H:\Program Files\AVG\AVG2012\avgnsx.exe
H:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
H:\Program Files\AVG\AVG2012\avgemcx.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\AVG\AVG2012\avgtray.exe
H:\Program Files\QNAP\Finder\iSCSIAgent.exe
H:\Program Files\Common Files\Java\Java Update\jusched.exe
H:\Program Files\iTunes\iTunesHelper.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\Skype\Phone\Skype.exe
H:\Program Files\iPod\bin\iPodService.exe
H:\Program Files\alipay\SafeTransaction\Alipaybsm.exe
H:\WINDOWS\system32\WgaTray.exe
H:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
H:\WINDOWS\system32\wuauclt.exe
H:\Program Files\Tencent\QQ\Bin\QQ.exe
H:\Program Files\alipay\alieditplus\AlipaySecSvc.exe
H:\Program Files\Mozilla Firefox\firefox.exe
H:\Program Files\Mozilla Firefox\plugin-container.exe
H:\Program Files\Adobe\Acrobat 7.0\Distillr\AcroTray.exe
H:\WINDOWS\system32\conime.exe
H:\Program Files\alipay\SafeTransaction\AlipaySafeTran.exe
H:\Program Files\Trend Micro\HijackThis\HijackThis.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - H:\Program Files\AVG\AVG2012\avgdtiex.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - H:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - H:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live 祅??鶄K? - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - H:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - H:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - H:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - H:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - H:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - H:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] ; "H:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [CJIMETIPSYNC] ; H:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\CHANGJIE\CINTLCFG.EXE /CJIMETIPSync
O4 - HKLM\..\Run: [PHIMETIPSYNC] ; H:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\PHONETIC\TINTLCFG.EXE /PHIMETIPSync
O4 - HKLM\..\Run: [ISUSPM Startup] H:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "H:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RTHDCPL] ; RTHDCPL.EXE
O4 - HKLM\..\Run: [APSDaemon] "H:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [AVG_TRAY] "H:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [iSCSIAgent] H:\Program Files\QNAP\Finder\iSCSIAgent.exe
O4 - HKLM\..\Run: [Alcmtr] ; ALCMTR.EXE
O4 - HKLM\..\Run: [IMJPMIG8.1] ; "H:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [InCD] ; H:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [LanguageShortcut] ; "H:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [LGODDFU] ; "H:\Program Files\lg_fwupdate\fwupdate.exe" blrun
O4 - HKLM\..\Run: [NeroFilterCheck] ; H:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [PHIME2002A] ; H:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PHIME2002ASync] ; H:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [RemoteControl] ; "H:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SecurDisc] ; H:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [StartCCC] ; "H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Thunder] ; "H:\Program Files\Thunder Network\Thunder\Thunder.exe" /s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "H:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "H:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "H:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] ; "H:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [MSMSGS] ; "H:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [MsnMsgr] "H:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Uniblue RegistryBooster2] ; H:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [swg] "H:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Skype] "H:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] H:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] H:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] H:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] H:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &使用BitComet下载 - res://H:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &使用BitComet下载全部连结 - res://H:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Convert link target to Adobe PDF - res://H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: (no name) - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - (no file)
O9 - Extra button: 发布至部落格 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - H:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: 使用 Windows Live Writer 发布至部落格(&B) - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - H:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
作者: kkkiu 发布时间: 2013-10-08
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - H:\Program Files\AVG\AVG2012\avgdtiex.dll
O9 - Extra button: 参考资料 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://H:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) -
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
O16 - DPF: {1E0DFFCF-27FF-4574-849B-55007349FEDA} (iTrusPTA Class) - https://img.alipay.com/download/1101/aliedit.cab
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (EditCtrl Class) - https://img.alipay.com/download/2121/aliedit.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
O16 - DPF: {A22B8FD2-4CAA-4EFB-82F7-680CD656D9B0} (NowStarter Control) -
O16 - DPF: {A877BA28-1F7E-4876-B299-50B3199A1A5D} (UploadFilePartition Class) - http://m401.mail.qq.com/zh_CN/ac ... =0.5463183790676659
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - H:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - H:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - H:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Alipay security service (AlipaySecSvc) - Alipay Inc. - H:\Program Files\alipay\alieditplus\AlipaySecSvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - H:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - H:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - H:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - H:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - H:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - H:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bonjour 服务 (Bonjour Service) - Apple Inc. - H:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - H:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - H:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - H:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: iPod 服务 (iPod Service) - Apple Inc. - H:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - H:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - H:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - H:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - H:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - H:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - H:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - H:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - H:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - H:\Program Files\Skype\Updater\Updater.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - H:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
--
End of file - 14429 bytes
O9 - Extra button: 参考资料 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://H:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) -
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
O16 - DPF: {1E0DFFCF-27FF-4574-849B-55007349FEDA} (iTrusPTA Class) - https://img.alipay.com/download/1101/aliedit.cab
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (EditCtrl Class) - https://img.alipay.com/download/2121/aliedit.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
O16 - DPF: {A22B8FD2-4CAA-4EFB-82F7-680CD656D9B0} (NowStarter Control) -
O16 - DPF: {A877BA28-1F7E-4876-B299-50B3199A1A5D} (UploadFilePartition Class) - http://m401.mail.qq.com/zh_CN/ac ... =0.5463183790676659
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - H:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - H:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - H:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Alipay security service (AlipaySecSvc) - Alipay Inc. - H:\Program Files\alipay\alieditplus\AlipaySecSvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - H:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - H:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - H:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - H:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - H:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - H:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bonjour 服务 (Bonjour Service) - Apple Inc. - H:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - H:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - H:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - H:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: iPod 服务 (iPod Service) - Apple Inc. - H:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - H:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - H:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - H:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - H:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - H:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - H:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - H:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - H:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - H:\Program Files\Skype\Updater\Updater.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - H:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
--
End of file - 14429 bytes
作者: kkkiu 发布时间: 2013-10-08
SREngLOG.log
http://www.sendspace.com/file/9tx4sm
http://www.sendspace.com/file/9tx4sm
作者: kkkiu 发布时间: 2013-10-08
今天发现新问题,AVG的Identity Protection在开机时会停止,要我自己手动按启动才能开启。而且开启后威胁项目移除有4个,但Identity Protection无历程记录。
作者: kkkiu 发布时间: 2013-10-08
aVG免费版个只..唔建议使用..
要用就用AVAST 免费版黎比较好..当然最好要用收费版个D..卡巴/NOD32收费版
不过你清完4项病毒后仲出现咩问题?
要用就用AVAST 免费版黎比较好..当然最好要用收费版个D..卡巴/NOD32收费版
不过你清完4项病毒后仲出现咩问题?
作者: home81 发布时间: 2013-10-08
同意楼上,防毒都系比钱果d好d~~
起码扫完毒都搞唔掂都可以打去间公司问~~
起码扫完毒都搞唔掂都可以打去间公司问~~
作者: j32338 发布时间: 2013-10-08
相关阅读 更多
热门阅读
-
office 2019专业增强版最新2021版激活秘钥/序列号/激活码推荐 附激活工具
阅读:74
-
如何安装mysql8.0
阅读:31
-
Word快速设置标题样式步骤详解
阅读:28
-
20+道必知必会的Vue面试题(附答案解析)
阅读:37
-
HTML如何制作表单
阅读:22
-
百词斩可以改天数吗?当然可以,4个步骤轻松修改天数!
阅读:31
-
ET文件格式和XLS格式文件之间如何转化?
阅读:24
-
react和vue的区别及优缺点是什么
阅读:121
-
支付宝人脸识别如何关闭?
阅读:21
-
腾讯微云怎么修改照片或视频备份路径?
阅读:28
