用MCAFEE 扫到有毒但系删唔到同隔唔到
时间:2014-01-23
来源:互联网
Logfile of Trend Micro HijackThis v2.0.2Scan saved at 21:04:14, on 13/12/2013Platform: Unknown Windows (WinNT 6.02.1008)MSIE: Internet Explorer v11.0 (11.00.9600.16384)Boot mode: NormalRunning processes:C:\Program Files (x86)\Garena Plus\ggdllhost.exeC:\Program Files (x86)\PPStream\PPSKernel.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exeC:\WINDOWS\syswow64\wwahost.exeC:\Program Files (x86)\Garena Plus\GarenaMessenger.exeC:\Program Files (x86)\Garena Plus\bbtalk\BBtalk.exeC:\WINDOWS\SysWOW64\rundll32.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Internet Explorer\IELowutil.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exeF2 - REG:system.ini: UserInit=userinit.exeO2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dllO2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllO2 - BHO: B0672207-781C-B75D-3621-B40D5F4436C0 Class - {B0672207-781C-B75D-3621-B40D5F4436C0} - C:\Program Files (x86)\Thunder Network\Thunder\BBInside\{B0672207-781C-B75D-3621-B40D5F4436C0}\AddressBar.dll (file missing)O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLLO2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllO4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkeyO4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"O4 - HKCU\..\Run: [PPS Accelerator] C:\Program Files (x86)\PPStream\PPSKernel.exeO4 - HKCU\..\Run: [GarenaPlus] "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunchO4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorunO4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exeO8 - Extra context menu item: &妏蚚&捃泞烛盄狟婥 - C:\Program Files (x86)\Thunder Network\Thunder\BHO\OfflineDownload.htmO8 - Extra context menu item: &妏蚚&捃泞狟婥 - C:\Program Files (x86)\Thunder Network\Thunder\BHO\geturl.htmO8 - Extra context menu item: &妏蚚&捃泞狟婥窒蝈诿 - C:\Program Files (x86)\Thunder Network\Thunder\BHO\GetAllUrl.htmO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000O8 - Extra context menu item: Foxy 下载 - res://C:\Program Files (x86)\Foxy\Foxy.exe/download.htmO8 - Extra context menu item: Foxy 搜寻 - res://C:\Program Files (x86)\Foxy\Foxy.exe/search.htmO8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dllO9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dllO9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dllO9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dllO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO13 - Gopher Prefix: O15 - ESC Trusted Zone: http://*.update.microsoft.comO18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLLO18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
[ 本帖最后由 断云 於 2013-12-13 09:08 PM 编辑 ]
[ 本帖最后由 断云 於 2013-12-13 09:08 PM 编辑 ]
作者: 断云 发布时间: 2014-01-23
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google§o·s aA°E (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google§o·s aA°E (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\actwiz\McAWFwk.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
--
End of file - 11606 bytes
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google§o·s aA°E (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google§o·s aA°E (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\actwiz\McAWFwk.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
--
End of file - 11606 bytes
作者: 断云 发布时间: 2014-01-23
旧野叫Artemis!C915C717919F
作者: 断云 发布时间: 2014-01-23
HI~
试下先更新防毒软件的资料库
然后重新开机 狂按F8 进入安全模式 (不需要有网络功能
再用Mcafee执行完整扫描
试下先更新防毒软件的资料库
然后重新开机 狂按F8 进入安全模式 (不需要有网络功能
再用Mcafee执行完整扫描
作者: GoodestEngilsh 发布时间: 2014-01-23
系安全模式个阵扫唔到呢旧野
但系用返正常就扫到
但系用返正常就扫到
作者: 断云 发布时间: 2014-01-23
artemis都系指可疑档案
通常都系误判 (即系唔系病毒
常常会出现系破解工具
如果真系电脑担心有毒
可以做一做以下扫毒程序
1. 执行Rkill
下载连结 http://www.bleepingcomputer.com/download/rkill/dl/11/
将档案储存於桌面>双击执行iExplore.exe>完成后会产生log (如果桌面无显示档案 另存於桌面)>稍后上传
2. 下载及安装Malwarebytes
下载连结 goo.gl/D1RRY
>将档案储存於桌面
>双击执行mbam-setup.exe
>选择繁体中文作为安装语言
>按 下一步 勾选 我同意 后再按 下一步
>然后全部都按 下一步,不需要更改任何设定
>按 安装 后等候安装
>按 完成 完成安装,并进行更新
>勾选 完整扫描,然后按 扫描
>等待扫瞄完成,按 显示结果,按下右键 按检查所有项目
>再按 清除已选择的项目 进行清理
>完成清理后会弹出扫描纪录,请储存扫描纪录至桌面
>关闭 Malwarebytes' Anti-Malware
>扫描完成后 会产生log 另存於桌面>稍后上传
通常都系误判 (即系唔系病毒
常常会出现系破解工具
如果真系电脑担心有毒
可以做一做以下扫毒程序
1. 执行Rkill
下载连结 http://www.bleepingcomputer.com/download/rkill/dl/11/
将档案储存於桌面>双击执行iExplore.exe>完成后会产生log (如果桌面无显示档案 另存於桌面)>稍后上传
2. 下载及安装Malwarebytes
下载连结 goo.gl/D1RRY
>将档案储存於桌面
>双击执行mbam-setup.exe
>选择繁体中文作为安装语言
>按 下一步 勾选 我同意 后再按 下一步
>然后全部都按 下一步,不需要更改任何设定
>按 安装 后等候安装
>按 完成 完成安装,并进行更新
>勾选 完整扫描,然后按 扫描
>等待扫瞄完成,按 显示结果,按下右键 按检查所有项目
>再按 清除已选择的项目 进行清理
>完成清理后会弹出扫描纪录,请储存扫描纪录至桌面
>关闭 Malwarebytes' Anti-Malware
>扫描完成后 会产生log 另存於桌面>稍后上传
作者: GoodestEngilsh 发布时间: 2014-01-23
Rkill 2.6.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 12/15/2013 05:28:22 PM in x64 mode.
Windows Version: Windows 8.1
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* No malware processes found to kill.
Checking Registry for malware related settings:
* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]
Backup Registry file created at:
C:\Users\chan1234565\Desktop\rkill\rkill-12-15-2013-05-28-31.reg
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* Windows Defender Disabled
[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001
Checking Windows Service Integrity:
* AllUserInstallAgent [Missing Service]
* SDRSVC [Missing Service]
* adp94xx [Missing Service]
* adpahci [Missing Service]
* adpu320 [Missing Service]
* arc [Missing Service]
* AsyncMac [Missing Service]
* discache [Missing Service]
* HdAudAddService [Missing Service]
* iirsp [Missing Service]
* LSI_SCSI [Missing Service]
* nfrd960 [Missing Service]
* PptpMiniport [Missing Service]
* RasAgileVpn [Missing Service]
* Rasl2tp [Missing Service]
* RasSstp [Missing Service]
* Wanarp [Missing Service]
* Wanarpv6 [Missing Service]
* Wd [Missing Service]
* AppMgmt [Missing Service]
* CSC [Missing Service]
* CscService [Missing Service]
* PeerDistSvc [Missing Service]
* SystemEventsBroker => %SystemRoot%\system32\svchost.exe -k DcomLaunch [Incorrect ImagePath]
* WSService => %SystemRoot%\System32\svchost.exe -k wsappx [Incorrect ImagePath]
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* No issues found.
Program finished at: 12/15/2013 05:29:56 PM
Execution time: 0 hours(s), 1 minute(s), and 34 seconds(s)
Rkill先,另外果个仲扫紧
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 12/15/2013 05:28:22 PM in x64 mode.
Windows Version: Windows 8.1
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* No malware processes found to kill.
Checking Registry for malware related settings:
* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]
Backup Registry file created at:
C:\Users\chan1234565\Desktop\rkill\rkill-12-15-2013-05-28-31.reg
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* Windows Defender Disabled
[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001
Checking Windows Service Integrity:
* AllUserInstallAgent [Missing Service]
* SDRSVC [Missing Service]
* adp94xx [Missing Service]
* adpahci [Missing Service]
* adpu320 [Missing Service]
* arc [Missing Service]
* AsyncMac [Missing Service]
* discache [Missing Service]
* HdAudAddService [Missing Service]
* iirsp [Missing Service]
* LSI_SCSI [Missing Service]
* nfrd960 [Missing Service]
* PptpMiniport [Missing Service]
* RasAgileVpn [Missing Service]
* Rasl2tp [Missing Service]
* RasSstp [Missing Service]
* Wanarp [Missing Service]
* Wanarpv6 [Missing Service]
* Wd [Missing Service]
* AppMgmt [Missing Service]
* CSC [Missing Service]
* CscService [Missing Service]
* PeerDistSvc [Missing Service]
* SystemEventsBroker => %SystemRoot%\system32\svchost.exe -k DcomLaunch [Incorrect ImagePath]
* WSService => %SystemRoot%\System32\svchost.exe -k wsappx [Incorrect ImagePath]
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* No issues found.
Program finished at: 12/15/2013 05:29:56 PM
Execution time: 0 hours(s), 1 minute(s), and 34 seconds(s)
Rkill先,另外果个仲扫紧
作者: 断云 发布时间: 2014-01-23
Malwarebytes Anti-Malware (试用) 1.75.0.1300
www.malwarebytes.org
资料库版本: v2013.12.15.02
Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16476
chan1234565 :: CHAN [系统管理员]
防护: 开启
15/12/2013 17:32:08
mbam-log-2013-12-15 (17-32-08).txt
扫描类型: 完全扫描 (C:\|D:\|E:\|)
启用扫描选项: 记忆体 | 启动 | 登录档 | 档案系统 | 启发式/额外 | 启发式/Shuriken 引擎 | PUP | PUM
停用扫描选项: P2P
被扫描物件数量: 428787
总共扫描时间: 2 小时, 9 分钟, 23 秒
被检测到记忆体进程数量: 0
(没有检测到有害项目)
被检测到记忆体模组数量: 0
(没有检测到有害项目)
被检测到登录档项目数量: 18
HKCR\AppID\{1DD31B76-C57E-49ba-94BC-BF53F0C82CD4} (PUP.Funshion) -> 没有采取任何行动
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1DD31B76-C57E-49ba-94BC-BF53F0C82CD4} (PUP.Funshion) -> 没有采取任何行动
HKCR\CLSID\{11CC93E4-0BE6-4f8f-82AA-D577FB955B05} (PUP.Funshion) -> 没有采取任何行动
HKCR\TypeLib\{F9BC0421-BB5C-447d-8547-BB45AFA80A4D} (PUP.Funshion) -> 没有采取任何行动
HKCR\Interface\{4D89001B-5B5B-4E76-A1F5-638E49DB7A58} (PUP.Funshion) -> 没有采取任何行动
HKCR\AddressSearch.JsObject.1 (PUP.Funshion) -> 没有采取任何行动
HKCR\AddressSearch.JsObject (PUP.Funshion) -> 没有采取任何行动
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11CC93E4-0BE6-4F8F-82AA-D577FB955B05} (PUP.Funshion) -> 没有采取任何行动
HKCR\CLSID\{91878E42-FC03-4785-B513-1F9E613D1027} (PUP.Funshion) -> 没有采取任何行动
HKCR\TypeLib\{D02E3AB9-7796-40cb-BDFC-20D834FE1F75} (PUP.Funshion) -> 没有采取任何行动
HKCR\Interface\{FCB380C4-D350-44BE-8791-50216F4747AC} (PUP.Funshion) -> 没有采取任何行动
HKCR\ASBarBroker.BDBroker.1 (PUP.Funshion) -> 没有采取任何行动
HKCR\ASBarBroker.BDBroker (PUP.Funshion) -> 没有采取任何行动
HKCR\CLSID\{FBEDBA6C-44A2-43b9-BD49-20EB6E0C4E86} (PUP.Funshion) -> 没有采取任何行动
HKCR\AddressSearch.SnavHttpProtocol.1 (PUP.Funshion) -> 没有采取任何行动
HKCR\AddressSearch.SnavHttpProtocol (PUP.Funshion) -> 没有采取任何行动
HKLM\SOFTWARE\lucky leap (PUP.Optional.LuckyLeap.A) -> 没有采取任何行动
HKCR\thunder (Trojan.Agent) -> 已成功隔离及删除
被检测到登录档值数量: 0
(没有检测到有害项目)
被检测到登录档资料项目数量: 0
(没有检测到有害项目)
被检测到资料夹数量: 0
(没有检测到有害项目)
被检测到档案数量: 8
C:\Users\chan1234565\Downloads\AutoCAD2013Win32bitCHT.rar.exe (PUP.Optional.InstalleRex) -> 没有采取任何行动
C:\Users\chan1234565\Downloads\DTLite4471-0335.exe (PUP.Optional.OpenCandy) -> 没有采取任何行动
C:\Users\chan1234565\Downloads\OnlineWeatherSetup-0SDfae4.exe (PUP.Optional.Somoto) -> 没有采取任何行动
C:\Users\chan1234565\Downloads\SoftonicDownloader_for_kmplayer.exe (PUP.Optional.Softonic) -> 没有采取任何行动
C:\Users\chan1234565\Downloads\GarenaTWLoL_Install_20130801\GarenaTWLoL_Install_20130801.exe (PUP.Adware.Agent) -> 没有采取任何行动
C:\Users\chan1234565\Downloads\SopCast\Setup-SopCast-3.8.3-2013-6-26.exe (PUP.Optional.Spigot.A) -> 没有采取任何行动
C:\Users\chan1234565\Downloads\AutoCAD 2013 Win64bit CHT\AutoCAD 2013 CRACK\xf-autocad-kg_x32.exe (RiskWare.Tool.CK) -> 已成功隔离及删除
D:\AutoCAD 2013 CRACK\xf-autocad-kg_x32.exe (RiskWare.Tool.CK) -> 在电脑重新启动时删除。
﹝结束﹞
www.malwarebytes.org
资料库版本: v2013.12.15.02
Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16476
chan1234565 :: CHAN [系统管理员]
防护: 开启
15/12/2013 17:32:08
mbam-log-2013-12-15 (17-32-08).txt
扫描类型: 完全扫描 (C:\|D:\|E:\|)
启用扫描选项: 记忆体 | 启动 | 登录档 | 档案系统 | 启发式/额外 | 启发式/Shuriken 引擎 | PUP | PUM
停用扫描选项: P2P
被扫描物件数量: 428787
总共扫描时间: 2 小时, 9 分钟, 23 秒
被检测到记忆体进程数量: 0
(没有检测到有害项目)
被检测到记忆体模组数量: 0
(没有检测到有害项目)
被检测到登录档项目数量: 18
HKCR\AppID\{1DD31B76-C57E-49ba-94BC-BF53F0C82CD4} (PUP.Funshion) -> 没有采取任何行动
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1DD31B76-C57E-49ba-94BC-BF53F0C82CD4} (PUP.Funshion) -> 没有采取任何行动
HKCR\CLSID\{11CC93E4-0BE6-4f8f-82AA-D577FB955B05} (PUP.Funshion) -> 没有采取任何行动
HKCR\TypeLib\{F9BC0421-BB5C-447d-8547-BB45AFA80A4D} (PUP.Funshion) -> 没有采取任何行动
HKCR\Interface\{4D89001B-5B5B-4E76-A1F5-638E49DB7A58} (PUP.Funshion) -> 没有采取任何行动
HKCR\AddressSearch.JsObject.1 (PUP.Funshion) -> 没有采取任何行动
HKCR\AddressSearch.JsObject (PUP.Funshion) -> 没有采取任何行动
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11CC93E4-0BE6-4F8F-82AA-D577FB955B05} (PUP.Funshion) -> 没有采取任何行动
HKCR\CLSID\{91878E42-FC03-4785-B513-1F9E613D1027} (PUP.Funshion) -> 没有采取任何行动
HKCR\TypeLib\{D02E3AB9-7796-40cb-BDFC-20D834FE1F75} (PUP.Funshion) -> 没有采取任何行动
HKCR\Interface\{FCB380C4-D350-44BE-8791-50216F4747AC} (PUP.Funshion) -> 没有采取任何行动
HKCR\ASBarBroker.BDBroker.1 (PUP.Funshion) -> 没有采取任何行动
HKCR\ASBarBroker.BDBroker (PUP.Funshion) -> 没有采取任何行动
HKCR\CLSID\{FBEDBA6C-44A2-43b9-BD49-20EB6E0C4E86} (PUP.Funshion) -> 没有采取任何行动
HKCR\AddressSearch.SnavHttpProtocol.1 (PUP.Funshion) -> 没有采取任何行动
HKCR\AddressSearch.SnavHttpProtocol (PUP.Funshion) -> 没有采取任何行动
HKLM\SOFTWARE\lucky leap (PUP.Optional.LuckyLeap.A) -> 没有采取任何行动
HKCR\thunder (Trojan.Agent) -> 已成功隔离及删除
被检测到登录档值数量: 0
(没有检测到有害项目)
被检测到登录档资料项目数量: 0
(没有检测到有害项目)
被检测到资料夹数量: 0
(没有检测到有害项目)
被检测到档案数量: 8
C:\Users\chan1234565\Downloads\AutoCAD2013Win32bitCHT.rar.exe (PUP.Optional.InstalleRex) -> 没有采取任何行动
C:\Users\chan1234565\Downloads\DTLite4471-0335.exe (PUP.Optional.OpenCandy) -> 没有采取任何行动
C:\Users\chan1234565\Downloads\OnlineWeatherSetup-0SDfae4.exe (PUP.Optional.Somoto) -> 没有采取任何行动
C:\Users\chan1234565\Downloads\SoftonicDownloader_for_kmplayer.exe (PUP.Optional.Softonic) -> 没有采取任何行动
C:\Users\chan1234565\Downloads\GarenaTWLoL_Install_20130801\GarenaTWLoL_Install_20130801.exe (PUP.Adware.Agent) -> 没有采取任何行动
C:\Users\chan1234565\Downloads\SopCast\Setup-SopCast-3.8.3-2013-6-26.exe (PUP.Optional.Spigot.A) -> 没有采取任何行动
C:\Users\chan1234565\Downloads\AutoCAD 2013 Win64bit CHT\AutoCAD 2013 CRACK\xf-autocad-kg_x32.exe (RiskWare.Tool.CK) -> 已成功隔离及删除
D:\AutoCAD 2013 CRACK\xf-autocad-kg_x32.exe (RiskWare.Tool.CK) -> 在电脑重新启动时删除。
﹝结束﹞
作者: 断云 发布时间: 2014-01-23
Hi ~
大概系因为xf-autocad-kg_x32.exe而
令到Mcafee扫毒有毒
报告显示已经被隔离
而家无事啦
大概系因为xf-autocad-kg_x32.exe而
令到Mcafee扫毒有毒
报告显示已经被隔离
而家无事啦
作者: GoodestEngilsh 发布时间: 2014-01-23
相关阅读 更多
热门阅读
-
office 2019专业增强版最新2021版激活秘钥/序列号/激活码推荐 附激活工具
阅读:74
-
如何安装mysql8.0
阅读:31
-
Word快速设置标题样式步骤详解
阅读:28
-
20+道必知必会的Vue面试题(附答案解析)
阅读:37
-
HTML如何制作表单
阅读:22
-
百词斩可以改天数吗?当然可以,4个步骤轻松修改天数!
阅读:31
-
ET文件格式和XLS格式文件之间如何转化?
阅读:24
-
react和vue的区别及优缺点是什么
阅读:121
-
支付宝人脸识别如何关闭?
阅读:21
-
腾讯微云怎么修改照片或视频备份路径?
阅读:28
