開機開好耐都開唔到 (with HiJackThis)

- 编辑：admin - 2020-03-01 05:36

開機開好耐都開唔到 (with HiJackThis)

144 ---ha-w c:\windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1 - 2009-02-28 21:15:39 16，048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2009-02-28 21:17:34 262，082 ----a-w c:\windows\System32\perfh009.dat - 2009-02-28 15:25:55 101，932 ----a-w c:\windows\System32\prfc0404.dat + 2009-03-01 08:49:03 101，188 ----a-w c:\windows\System32\prfh0404.dat + 2009-03-01 08:49:03 331，082 ----a-w c:\windows\System32\perfh009.dat + 2009-03-01 08:49:03 590，200 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-03-01 09:05:29 54，热点资讯，383，094 ----a-w c:\windows\System32\perfc009.dat + 2009-03-01 08:49:03 102，552 --a------ c:\windows\System32\cpwmon2k.dll 2009-02-12 05:29 . 2009-01-15 11:36 1，pdf转换器，048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2009-03-01 09:02:46 2。

384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-03-01 09:03:41 16。

002 ----a-w c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin . -- 快照技術从头設置 -- . ((((((((((((((((((((((((((((((((((((( 重要登入點 )))))))))))))))))))))))))))))))))))))))))))))))))) . . *注意* 空白與正当缺省登錄將不會被顯示 REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] Sidebar=c:\program files\Windows Sidebar\sidebar.exe [2008-01-19 1233920] ISUSPM Startup=c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2005-02-17 221184] ehTray.exe=c:\windows\ehome\ehTray.exe [2008-01-19 125952] msnmsgr=c:\program files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] SynTPEnh=c:\program files\Synaptics\SynTP\SynTPEnh.exe [2007-06-08 833072] HP Software Update=c:\program files\Hp\HP Software Update\HPWuSchd2.exe [2005-02-16 49152] IgfxTray=c:\windows\system32\igfxtray.exe [2007-06-14 138008] HotKeysCmds=c:\windows\system32\hkcmd.exe [2007-06-14 154392] Persistence=c:\windows\system32\igfxpers.exe [2007-06-14 133912] QPService=c:\program files\HP\QuickPlay\QPService.exe [2007-03-28 176128] QlbCtrl=c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-05-02 184320] HP Health Check Scheduler=c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-05-16 71176] hpWirelessAssistant=c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-05-11 472632] WAWifiMessage=c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [2007-01-10 317128] SunJavaUpdateSched=c:\program files\Java\jre1.6.0_05\bin\jusched.exe [2008-02-22 144784] IMDreyePlugin=c:\program files\Dreye\DreyeMT\DreyeIMplugin.exe [2007-02-24 36864] Windows Mobile-based device management=c:\windows\WindowsMobile\wmdc.exe [2007-01-24 563080] SoundMAXPnP=c:\program files\Analog Devices\Core\smax4pnp.exe [2007-02-22 1183744] QuickTime Task=c:\program files\QuickTime\QTTask.exe [2008-09-06 413696] iTunesHelper=c:\program files\iTunes\iTunesHelper.exe [2008-09-08 289576] Adobe Reader Speed Launcher=c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792] avast!=c:\progra~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-06 81000] c:\users\BrickMaster\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dr.eye.lnk - c:\program files\Dreye\Dreye.exe [2008-06-26 200704] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] EnableLUA= 0 (0x0) EnableUIADesktopToggle= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] msacm.divxa32= msaud32_divx.acm [HKEY_LOCAL_MACHINE\software\microsoft\security center] UacDisableNotify=dword:00000001 InternetSettingsDisableNotify=dword:00000001 AutoUpdateDisableNotify=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] DisableMonitoring=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] DisableMonitoring=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] DisableMonitoring=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] AntiVirusOverride=dword:00000001 。

384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat . ((((((((((((((((((((((((((((( SnapShot@2009-03-01_ 5.22.20.39 ))))))))))))))))))))))))))))))))))))))))) . - 2009-02-28 21:15:38 2，600 ----a-w c:\windows\Help\OEM\scripts\HC_InstallHPHC.exe 2009-01-24 07:08 --------- d-----w c:\program files\GomPlayer 2009-01-06 14:33 806 ----a-w c:\windows\system32\drivers\SYMEVENT.INF 2009-01-06 14:33 10，600 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin - 2009-02-28 20:58:17 374，536 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-03-01 09:03:41 65，384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-02-28 15:25:55 102，384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-02-28 21:15:39 65，384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-03-01 09:03:41 16。

188 ----a-w c:\windows\System32\prfh0404.dat - 2009-02-28 21:17:45 12，048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2009-02-28 21:15:38 2， ComboFix 09-02-28.01 - BrickMaster 2009-03-01 17:00:31.2 - NTFSx86 執行位置: c:\users\BrickMaster\Desktop\ComboFix.exe Command switches used :: c:\users\BrickMaster\Desktop\CFScript.txt AV: avast! antivirus 4.8.1169 [VPS 090212-0] *On-access scanning enabled* (Updated) FILE :: c:\program files\desktop.ini . ((((((((((((((((((((((((((((((((((((((( 被刪除的檔案 ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\desktop.ini . (((((((((((((((((((((((((2009-02-01 至 2009-03-01 的新的檔案))))))))))))))))))))))))))))))) . 2009-03-01 07:49 . 2009-03-01 07:49 DIR d-------- c:\users\BrickMaster\我已接收的檔案 2009-02-28 08:51 . 2009-02-28 08:51 DIR d-------- c:\program files\Trend Micro 2009-02-17 19:37 . 2009-02-17 19:37 DIR d-------- c:\program files\GPLGS 2009-02-17 19:35 . 2009-02-17 19:35 DIR d-------- c:\program files\Acro Software 2009-02-17 19:35 . 2007-07-12 22:33 87，622 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin + 2009-03-01 09:05:30 83，948 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2892197206-1884475917-3965207458-1000_UserData.bin + 2009-03-01 09:05:30 12，948 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2892197206-1884475917-3965207458-1000_UserData.bin - 2009-02-28 21:17:44 83，144 --sha-w c:\windows\ServiceProfiles\NetworkService\ntuser.dat + 2009-03-01 09:04:07 262，144 --sha-w c:\windows\ServiceProfiles\NetworkService\ntuser.dat + 2009-03-01 09:04:07 262，144 --sha-w c:\windows\ServiceProfiles\LocalService\ntuser.dat + 2009-03-01 09:04:07 262，094 ----a-w c:\windows\System32\perfc009.dat - 2009-02-28 15:25:55 590，392 --a------ c:\windows\System32\wininet.dll 2009-02-12 05:22 . 2009-02-06 05:06 51，。

384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat 2008-07-25 21:22 32，精选新闻，536 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-02-28 21:15:39 16，424 --a------ c:\windows\System32\mshtml.tlb 2009-02-12 05:29 . 2009-01-15 14:11 827，788 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin - 2009-02-28 21:17:43 54，120 ----a-w c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin + 2009-03-01 05:08:58 375，792 --a------ c:\windows\System32\drivers\aswMonFlt.sys 2009-02-11 23:14 . 2009-02-11 23:14 DIR d-------- c:\program files\Alwil Software . (((((((((((((((((((((((((((((((((((((((( 在三個月內被修改的檔案 )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-02-17 11:15 --------- d-----w c:\program files\Foxy 2009-02-12 06:28 --------- d-----w c:\programdata\Microsoft Help 2009-02-11 21:00 --------- d-----w c:\program files\Microsoft Works 2009-01-30 09:24 14，932 ----a-w c:\windows\System32\prfc0404.dat - 2009-02-28 15:25:55 331，768 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat 2008-07-25 21:22 16，635 ----a-w c:\windows\system32\drivers\SYMEVENT.CAT 2008-07-25 21:22 16，048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2009-03-01 09:02:46 2，144 --sha-w c:\windows\ServiceProfiles\LocalService\ntuser.dat + 2009-03-01 09:04:07 262，144 ---ha-w c:\windows\ServiceProfiles\LocalService\ntuser.dat.LOG1 - 2009-02-28 21:21:58 262。