查看完整版本 : 中左snap.do毒,唔知點解中左,好想刪左佢

月bbbb 2013-4-30 12:08 AM

中左snap.do毒,唔知點解中左,好想刪左佢

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:05:14, on 30/4/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16476)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\alipay\SafeTransaction\Alipaybsm.exe
C:\Program Files (x86)\alipay\SafeTransaction\AlipaySafeTran.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\LO\Downloads\HijackThis.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 210.209.72.145 neulionms.vo.llnwd.net
O2 - BHO: VideoUrlSniffer - {00000ADA-7E0D-47C1-986C-F017D09C4304} - C:\Program Files (x86)\Common Files\Thunder Network\KanKan\VideoUrlSniffer.2.0.1.99.(144).dll
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
O2 - BHO: XlBrowserAddinBho.XlBrowserAddinBhoObject - {0EA37B17-6B8B-4085-8257-F3A4AA69C27A} - C:\Program Files (x86)\Thunder Network\Thunder\BHO\XlBrowserAddin1.0.8.71.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Snap.DoEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing)
O2 - BHO: 63B1A8D1-1189-B5E8-2C31-EE702E7EF1D4 Class - {63B1A8D1-1189-B5E8-2C31-EE702E7EF1D4} - C:\Program Files (x86)\QvodPlayer\AddIn\{63B1A8D1-1189-B5E8-2C31-EE702E7EF1D4}\QvodAddr.dll
O2 - BHO: XunleiBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - C:\Program Files (x86)\Thunder Network\Thunder\BHO\XunleiBHO7.2.12.3824.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ResourceKeywordMonitor.XlResourceKeywordMonitorBhoObject - {9AA238FE-8298-48c9-B188-05B6AEE76C3A} - C:\睖?\BHO\XlBrowserAddinKernel1.0.7.70.dll (file missing)
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: QvodExtend - {A8502600-B272-4F68-A67B-A0305D46D297} - C:\Program Files (x86)\QvodPlayer\QvodExtend.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (file missing)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QvodTerminal] "C:\Program Files (x86)\QvodPlayer\QvodTerminal.exe" -autorun
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [PPS Accelerator] C:\PPS\PPStream\PPSKernel.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
O4 - HKCU\..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe /minimized
O4 - HKCU\..\Run: [GarenaPlus] "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [Browser Infrastructure Helper] C:\Users\LO\AppData\Local\Smartbar\Application\SnapDo.exe startup
O4 - HKUS\S-1-5-18\..\Run: [PPS Accelerator] C:\PPS\PPStream\PPSKernel.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [PPS Accelerator] C:\PPS\PPStream\PPSKernel.exe (User 'Default user')
O4 - Startup: PPS.lnk = C:\PPS\PPStream\PPStream.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe

月bbbb 2013-4-30 12:09 AM

O8 - Extra context menu item: &使用&迅雷下载 - C:\Program Files (x86)\Thunder Network\Thunder\BHO\GetUrl.htm
O8 - Extra context menu item: &使用&迅雷下载全部链接 - C:\Program Files (x86)\Thunder Network\Thunder\BHO\GetAllUrl.htm
O8 - Extra context menu item: &使用&迅雷离线下载 - C:\Program Files (x86)\Thunder Network\Thunder\BHO\OfflineDownload.htm
O8 - Extra context menu item: &妏蚚&捃濘燭盄狟婥 - C:\Program Files (x86)\Thunder Network\Thunder\BHO\OfflineDownload.htm
O8 - Extra context menu item: &捃濘狟婥善忒儂 - [url]http://static.u.155.com/shoulei/shouleidl.htm[/url]
O8 - Extra context menu item: &迅雷下载到手机 - [url]http://static.u.155.com/shoulei/shouleidl.htm[/url]
O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
O8 - Extra context menu item: 使用迅雷看看播放器播放 - C:\Users\Public\Thunder Network\XMP4\Core\Program\XmpIEMenu.htm
O8 - Extra context menu item: 匯出至 Microsoft Excel(&X) - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {0000016b-c524-4050-81a0-243669a86b9f} - C:\Users\Public\Thunder Network\XMP4\Core\Program\XmpIEToolMenu.htm
O9 - Extra 'Tools' menuitem: ?雄捃濘艘艘畦溫? - {0000016b-c524-4050-81a0-243669a86b9f} - C:\Users\Public\Thunder Network\XMP4\Core\Program\XmpIEToolMenu.htm
O9 - Extra button: ?雄捃濘艘艘畦溫? - {0000026b-c524-4050-81a0-243669a86b9f} - C:\Users\Public\Thunder Network\XMP4\Core\Program\XmpIEToolBar.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: (no name) - {14c1d00e-0b92-4379-880b-444fa2d740dd} - C:\Users\Public\Thunder Network\XMP4\Core\Program\XmpIEToolMenu.htm
O9 - Extra 'Tools' menuitem: ?雄捃濘艘艘畦溫? - {14c1d00e-0b92-4379-880b-444fa2d740dd} - C:\Users\Public\Thunder Network\XMP4\Core\Program\XmpIEToolMenu.htm
O9 - Extra button: ?雄捃濘艘艘畦溫? - {24c1d00e-0b92-4379-880b-444fa2d740dd} - C:\Users\Public\Thunder Network\XMP4\Core\Program\XmpIEToolBar.htm
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (file missing)
O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.alipay.com
O15 - Trusted Zone: http://*.alisoft.com
O15 - Trusted Zone: [url]http://www.bankofchina.com[/url]
O15 - Trusted Zone: [url]http://www.boc.cn[/url]
O15 - Trusted Zone: http://*.taobao.com
O15 - Trusted Zone: http://*.alipay.com (HKLM)
O15 - Trusted Zone: http://*.alisoft.com (HKLM)
O15 - Trusted Zone: http://*.taobao.com (HKLM)
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Alipay security service (AlipaySecSvc) - Alipay Inc.  - C:\Program Files (x86)\alipay\alieditplus\AlipaySecSvc.exe
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Baidu Updater (BaiduUpdater) - Baidu.com, Inc. - C:\Program Files (x86)\Baidu\BaiduUpdate\bdupdate.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: Google 載陔督? (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google載陔 督? (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe

--
End of file - 14451 bytes

anlth2010 2013-5-2 12:42 AM

[u][color=red]Step 1 : 下載及安裝 Malwarebytes' Anti-Malware[/color][/u]

[list][*]下載 [color=blue]Malwarebytes' Anti-Malware
[/color][url=http://www.malwarebytes.org/mbam-download.php]http://www.malwarebytes.org/mbam-download.php[/url][*]儲存 [color=red]mbam-setup.exe[/color] 至桌面[*]執行 [color=red]mbam-setup.exe[/color] 開始進行安裝,安裝時請選擇 [color=darkgreen]English[/color] 作為安裝語言[*]按 [color=darkgreen]Next[/color],勾選 [color=darkgreen]I accept the agreement[/color] 後再按 [color=darkgreen]Next[/color][*]然後全部都按 [color=darkgreen]Next[/color],不需要更改任何設定[*]按 [color=darkgreen]Install[/color] 後等候安裝[*]按 [color=darkgreen]Finish[/color] 完成安裝,並進行更新[/list]
[u][color=red]Step 2 : 使用 Malwarebytes' Anti-Malware[/color][/u]

[list][*]勾選 [color=darkgreen]Perform full scan[/color],然後按 [color=darkgreen]Scan[/color][*]再按 [color=darkgreen]Scan[/color],進行掃瞄[*]等待掃瞄完成,按 [color=darkgreen]Show Results[/color],再按 [color=darkgreen]Remove Selected[/color] 進行清理[*]完成清理後會彈出掃描紀錄,請儲存掃描紀錄至桌面[*]關閉 [color=blue]Malwarebytes' Anti-Malware[/color][/list]
[u][color=red]Step 3 : 簡述情況及貼上報告[/color][/u]

[list][*]請簡述一下閣下電腦的狀況[*]請上傳下列報告至 [url=http://www.sendspace.com/]Sendspace[/url]:[/list]
[list=1][*][color=blue]HijackThis[/color][*][color=blue]Malwarebytes' Anti-Malware[/color][/list]

月bbbb 2013-5-6 10:38 AM

[url=http://www.sendspace.com/filegroup/h4TK8fFx9exysTj4lGn7iQ]http://www.sendspace.com/filegroup/h4TK8fFx9exysTj4lGn7iQ[/url]

我Malwarebytes' Anti-Malware掃到OK多毒
但係佢有d冇幫我勾選,所以我都冇DEL冇勾選嗰d
我重開機之後都重係有E個毒.....
都係解決唔到:')

[[i] 本帖最後由 月bbbb 於 2013-5-6 04:36 PM 編輯 [/i]]

anlth2010 2013-5-8 02:25 PM

[u][color=red]Step 1 : 下載及執行 SREng[/color][/u]

[list][*]下載 [url=http://www.kztechs.com/sreng/download.html]SREng[/url] 至桌面,並解壓縮檔案[*]執行 [color=blue]SREng[/color],並按一下[color=darkgreen]智慧掃瞄[/color][*]按一下[color=darkgreen]掃瞄[/color],[color=blue]SREng[/color] 會進行掃瞄,請耐心等待[*]按[color=darkgreen]保存報告[/color],並儲存它[/list]
[u][color=red]Step 2 : 簡述情況及貼上報告[/color][/u]

[list][*]請簡述一下閣下電腦的狀況[*]請上傳下列報告至 [url=http://www.sendspace.com/]Sendspace[/url]:[/list]
[list=1][*][color=blue]HijackThis[/color][*][color=blue]SREng[/color][/list]

月bbbb 2013-5-9 09:54 AM

[quote]原帖由 [i]anlth2010[/i] 於 2013-5-8 02:25 PM 發表 [url=http://computer.discuss.com.hk/redirect.php?goto=findpost&pid=360830403&ptid=21836851][img]http://computer.discuss.com.hk/images/common/back.gif[/img][/url]
Step 1 : 下載及執行 SREng

下載 SREng 至桌面,並解壓縮檔案執行 SREng,並按一下智慧
[align=center]掃瞄[/align]
按一下掃瞄,SREng 會進行掃瞄,請耐心等待按保存報告,並儲存它
Step 2 : 簡述情況及貼上報告請簡 ... [/quote]         THANK YOU CHING
但係我DOWN完入面全部都係都係亂馬
根本睇唔到邊制打邊個制

anlth2010 2013-5-9 09:55 PM

請查收 PM。
頁: [1]
查看完整版本: 中左snap.do毒,唔知點解中左,好想刪左佢