Board logo

標題: [疑難排除] Hijack this log - 请帮我看一下 [打印本頁]

作者: SweetLemon    時間: 2010-6-14 08:30 AM     標題: Hijack this log - 请帮我看一下

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 上午 08:11:07, on 2010/6/14
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17055)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Trend Micro\WTP Add-On\tmproxy.exe
C:\Program Files\Trend Micro\WTP Add-On\TMWebProtect.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Trend Micro\WTP Add-On\TMWebProtectTray.exe
C:\Program Files\Google\Google Pinyin 2\googlepinyindaemon.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\BitComet\bitcomet.exe
C:\Program Files\SMC\SMCWUSB-G 802.11g Wireless USB 2.0 Adapter\smcwguti.exe
C:\Program Files\Google\Google Pinyin 2\GooglePinyinService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\WINDOWS\System32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} -
C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program
Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program
Files\BitComet\tools\BitCometBHO_1.4.1.27.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -
C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program
Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Windows Live 登入小幫手 - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program
Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program
Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program
Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program
Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program
Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program
Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program
Files\AVG\AVG9\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef
/Migration32
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Symantec\Norton Ghost 2003
\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0
\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TMWebProtectTray] "C:\Program Files\Trend Micro\WTP Add-
On\TMWebProtectTray.exe"
O4 - HKLM\..\Run: [Google Pinyin 2 Autoupdater] "C:\Program Files\Google\Google Pinyin 2
\GooglePinyinDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java
Update\jusched.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common
Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] ctfmon.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] ctfmon.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] ctfmon.exe (User 'Default user')
O8 - Extra context menu item: &使用BitComet下載 - res://C:\Program
Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &使用BitComet下載全部影片 - res://C:\Program
Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &使用BitComet下載全部連結 - res://C:\Program
Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: 匯出至 Microsoft Excel(&X) - res://C:\PROGRA~1\MICROS~4\Office12
\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4
\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program
Files\BitComet\tools\BitCometBHO_1.4.1.27.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network
Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -
C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=Http://www.synnex.com.tw/
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) -
http://picasaweb.google.com/s/v/60.07/uploader2.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9C9056C0-935E-4673-B761-A6B049F338ED}: NameServer =
168.95.192.1 168.95.1.1
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program
Files\AVG\AVG9\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program
Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} -
C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-
3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG9
\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program
Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost
2003\GhostStartService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. -
C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-
Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-
Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common
Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: 趨勢科技 Proxy 服務 (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend
Micro\WTP Add-On\TmProxy.exe
O23 - Service: Trend Micro WTP Add-On 服務 (TMWebProtect) - Trend Micro Inc. - C:\Program
Files\Trend Micro\WTP Add-On\TMWebProtect.exe
--
End of file - 8833 bytes
作者: playlord    時間: 2010-6-14 09:23 AM

一定有效方法:
抄錄所有重要資料後格式化電腦(FORMAT HD);
再重濯WINDOWS
作者: SweetLemon    時間: 2010-6-14 09:33 AM

That would be my last choice.
I used to be very good at this, this log I really dont see anything wrong with it
actually I am looking for castlemania..but its not in the log...
作者: norman.ho    時間: 2010-6-14 09:50 AM

So what is the problem?
作者: SweetLemon    時間: 2010-6-14 09:51 AM

slow, and freeze every 5minutes.
作者: norman.ho    時間: 2010-6-14 09:54 AM

Have you done a cold start, that is a proper power off, then reboot?
作者: SweetLemon    時間: 2010-6-14 09:57 AM

yes.  But even you dont see anything wrong with the log?
作者: norman.ho    時間: 2010-6-14 10:00 AM

Startup the Window Task Manager (Alt/Ctrl/Delete) see which process is using up most resource.
作者: norman.ho    時間: 2010-6-14 10:01 AM

There seems to be some update job that didn't complete, but need more time to look at it.  Installed any new software lately?
作者: SweetLemon    時間: 2010-6-14 10:07 AM

I update windows yesterday.
I am going offline after this.  Thanks Norman and Playlord,
作者: norman.ho    時間: 2010-6-14 11:13 AM

I don't think you need to format your C drive and reload windows.
There seems some update job had an abnormal end, or your BitTorrent is trying to grab the resource.  So I would check the C drive for spare space, or the drive where your bitTorrent download folder resides;  if there is plenty of room on the C drive and the pc is still freezing, then there might be some problem of the registry setup,  it's rather hard and time consuming to pinpoint; if your Norton comes with a registry tool, run it, usually the utility would ask you if you want to backup the registry, do that, then run the tool to clean the registry.
Then do a restart, and see how it goes.

If it is the bitTorrent client playing up, then save all your dl movies somewhere, remove all  torrent entries and data.
Then restart.

It's rather difficult to help you remotely, if problem still persists, see if you can get someone who is cluey on pc locally to help you, if all else fail, come back here, I'll see if there is anything I can help.




歡迎光臨 公仔箱論壇 (http://www3.tvboxnow.com/) Powered by Discuz! 7.0.0