F secure scan到毒但一clean就hang
有d 防毒軟件nod 32 , avg 直頭run唔到
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:09:07, on 4/2/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\conime.exe
C:\WINDOWS\temp\explorer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\drivers\TXPlatform.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\55555555555.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Explorer] C:\WINDOWS\system32\drivers\TXPlatform.exe
O4 - HKCU\..\Run: [uTorrent] "C:\uTorrent\uTorrent.exe"
O4 - HKLM\..\Policies\Explorer\Run: [23236] C:\WINDOWS\system32\55555555555.exe
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-1078081533-1767777339-725345543-1000\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-1078081533-1767777339-725345543-1000\..\Run: [uTorrent] "C:\uTorrent\uTorrent.exe" (User '?')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O13 - DefaultPrefix:
O13 - WWW Prefix:
O13 - Home Prefix:
O13 - Mosaic Prefix:
O13 - FTP Prefix:
O13 - Gopher Prefix:
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) -
http://support.f-secure.com/ols/fscax.cab
O21 - SSODL: C:\WINDOWS\system32\tkvvcbpr.dll - {DF12F8AB-9A00-469C-B9D4-425C1BE3E1E6} - C:\WINDOWS\system32\evgyjbsu.dll
O21 - SSODL: C:\WINDOWS\Fonts\afjgndan.dll - {B8F4C7B3-74C8-4380-80B6-B66E5486B904} - C:\WINDOWS\Fonts\hnlkesuv.dll
O21 - SSODL: C:\WINDOWS\Fonts\kciejxdt.dll - {4B3DA347-ACBB-497B-B62F-957C4D2B46D3} - C:\WINDOWS\Fonts\xbgzlcxj.dll
O21 - SSODL: C:\WINDOWS\system32\tzycezhh.dll - {01C52313-FF03-413E-A148-665C199D3279} - C:\WINDOWS\system32\nltikxel.dll
O21 - SSODL: C:\WINDOWS\Fonts\aikhfwla.dll - {A272F097-E24C-4A6E-8BCD-8C42839CE8DE} - C:\WINDOWS\Fonts\lboromxt.dll
O21 - SSODL: C:\WINDOWS\Fonts\kfixarog.dll - {4F72F83A-1C16-444C-8821-D01FF4759555} - C:\WINDOWS\Fonts\btaznqdu.dll
O21 - SSODL: C:\WINDOWS\system32\kmcpubsc.dll - {9E32A24D-BEFC-4BF9-A25D-91C37CEDE61B} - (no file)
O21 - SSODL: C:\WINDOWS\Fonts\xbgzlcxj.dll - {4B3DA347-ACBB-497B-B62F-957C4D2B46D3} - C:\WINDOWS\Fonts\xbgzlcxj.dll
O21 - SSODL: C:\WINDOWS\system32\nltikxel.dll - {01C52313-FF03-413E-A148-665C199D3279} - C:\WINDOWS\system32\nltikxel.dll
O21 - SSODL: C:\WINDOWS\system32\evgyjbsu.dll - {DF12F8AB-9A00-469C-B9D4-425C1BE3E1E6} - C:\WINDOWS\system32\evgyjbsu.dll
O21 - SSODL: C:\WINDOWS\Fonts\hnlkesuv.dll - {B8F4C7B3-74C8-4380-80B6-B66E5486B904} - C:\WINDOWS\Fonts\hnlkesuv.dll
O21 - SSODL: C:\WINDOWS\Fonts\lboromxt.dll - {A272F097-E24C-4A6E-8BCD-8C42839CE8DE} - C:\WINDOWS\Fonts\lboromxt.dll
O21 - SSODL: C:\WINDOWS\Fonts\btaznqdu.dll - {4F72F83A-1C16-444C-8821-D01FF4759555} - C:\WINDOWS\Fonts\btaznqdu.dll
O21 - SSODL: C:\WINDOWS\Fonts\mslvinsg.dll - {3CA7A137-35F8-46CD-B83B-534CD13D5A67} - C:\WINDOWS\Fonts\ttfqxphs.dll
O21 - SSODL: C:\WINDOWS\Fonts\ttfqxphs.dll - {3CA7A137-35F8-46CD-B83B-534CD13D5A67} - C:\WINDOWS\Fonts\ttfqxphs.dll
--
End of file - 3961 bytes