--------------------
閱讀本主題的最佳解答--------------------
只要一開火狐狸視窗
瀏覽任何網頁
就出現
重新安裝也沒用
請看我的log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 下午 04:53:51, on 2014/6/2
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\USIM Editor\iconcs226656.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
C:\WINDOWS\vVX1000.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
C:\Program Files\BlueStacks\HD-Agent.exe
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\program files\real\realone player\update\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\ATnotes\ATnotes.exe
C:\WINDOWS\system32\OSK.exe
C:\WINDOWS\system32\MSSWCHX.EXE
C:\Program Files\Google\Drive\googledrivesync.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\BlueStacks\HD-LogRotatorService.exe
C:\Program Files\BlueStacks\HD-UpdaterService.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXE
C:\WINDOWS\system32\KaraokeSer.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\conime.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\QvodPlayer\QvodPlayer.exe
C:\Program Files\QvodPlayer\QvodTerminal.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
C:\Documents and Settings\Edward Nygma\My Documents\program files\Q-Dir\Q-Dir.exe
Z:\HiJackThis.exe
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - Z:\BitComet\tools\bitcometbho.dll (file missing)
O2 - BHO: 4D3A8BB0-0EE8-5D71-F64D-4643CA0BE7D9 Class - {4D3A8BB0-0EE8-5D71-F64D-4643CA0BE7D9} - C:\Program Files\QvodPlayer\AddIn\{4D3A8BB0-0EE8-5D71-F64D-4643CA0BE7D9}\QvodAddr.dll
O2 - BHO: QvodExtend - {A8502600-B272-4F68-A67B-A0305D46D297} - C:\Program Files\QvodPlayer\QvodExtend\5.0.97.0\QvodExtend.dll
O2 - BHO: B4C229C4-2FB2-A387-9F53-0783EDDE2298 Class - {B4C229C4-2FB2-A387-9F53-0783EDDE2298} - C:\Program Files\QvodPlayer\AddIn\{4D3A8BB0-0EE8-5D71-F64D-4643CA0BE7D9}\QvodAddr.dll
O2 - BHO: Xunlei BHO Platform - {DE05CF4A-7B0A-4775-B5E5-396244938679} - C:\Program Files\Thunder Network\Thunder\Thunder BHO Platform\np_tdieplat.dll
O3 - Toolbar: SiteFinder - {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} - C:\Program Files\SiteFinder\SiteFinder.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [USBestCR] C:\Program Files\USIM Editor\iconcs226656.exe RunFromReg
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [Creative Launcher] C:\Program Files\Creative\SBLive\Launcher\CTLauncher.exe
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [AudioHQ] C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [IME14 CHT Setup] C:\PROGRA~1\COMMON~1\MICROS~1\IME14\SHARED\IMEKLMG.EXE /SetPreload /CHT /Log
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realone player\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [ATnotes.exe] C:\Program Files\ATnotes\ATnotes.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [Facebook Update] "C:\Documents and Settings\Edward Nygma\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Tango] C:\Program Files\Tango\Tango.exe -r
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &使用BitComet下載 - res://Z:\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &使用BitComet下載全部連結 - res://Z:\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &使用迅雷下載 - C:\Program Files\Thunder Network\Thunder\BHO\geturl.htm
O8 - Extra context menu item: &使用迅雷下載全部鏈接 - C:\Program Files\Thunder Network\Thunder\BHO\GetAllUrl.htm
O8 - Extra context menu item: &使用迅雷離線下載 - C:\Program Files\Thunder Network\Thunder\BHO\OfflineDownload.htm
O8 - Extra context menu item: 匯出至 Microsoft Excel(&X) - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Site Finder - {CCC7B152-1D8C-11E3-B2AD-F3EF3D58318D} - C:\Program Files\SiteFinder\SiteFinder.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://Z:\BitComet\tools\bitcometbho.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\youku\youkuclient\ikutm.dll
O10 - Unknown file in Winsock LSP: c:\program files\youku\youkuclient\ikutm.dll
O10 - Unknown file in Winsock LSP: c:\program files\youku\youkuclient\ikutm.dll
O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
O15 - ESC Trusted Zone:
http://*.update.microsoft.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{13CB4888-2EE2-4283-BFFC-FCF6977E99A3}: NameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{13CB4888-2EE2-4283-BFFC-FCF6977E99A3}: NameServer = 8.8.8.8 8.8.4.4
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Afa Card Reader Service (AfaService) - Unknown owner - C:\WINDOWS\system32\afasrv32.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-UpdaterService.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Google更新 服務 (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google更新 服務 (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: VIA Karaoke digital mixer Service (KaraokeService) - VIA Technologies, Inc. - C:\WINDOWS\system32\KaraokeSer.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
--
End of file - 12331 bytes