查看完整版本 : 開機時出現 "APISUPPORT.DLL 發生問題"

laiykk 2014-9-17 09:22 PM

開機時出現 "APISUPPORT.DLL 發生問題"

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 21:16:45, on 17/9/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
CHROME: 37.0.2062.120
FIREFOX: 31.0 (x86 zh-TW)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files\QvodPlayer\QvodTerminal.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Windows\System32\D4Svr_ICBC.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Program Files\360\360sd\360sd.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Program Files\360\360sd\360rp.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\ICBCEbankTools\ICBCSetupIntegration\ICBCEBankAssist.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\360\360safe\safemon\360tray.exe
C:\Program Files\Q9W7B5ed\qtrayime.exe
C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\user\Downloads\HijackThis.exe

R3 - URLSearchHook: Tencent SearchHook - {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} - C:\Program Files\TENCENT\SSPlus\SAddr.dll
R3 - URLSearchHook: (no name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: 360sdbho Class - {0F4BF955-A127-41B7-A998-369904AA2578} - C:\Program Files\360\360sd\360sdbho.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: 瑞俴弝ⅰ畦溫摯狟婥郪璃 - {4ADBABBD-E1CA-4f11-BD01-73B0B6E4B5BA} - C:\Users\user\funshion\funshiontools\FunshionHelper.dll
O2 - BHO: Tencent Browser Helper - {6087D118-54E5-E6D7-44DB-4C23001F5A3E} - C:\Program Files\TENCENT\SSPlus\SAddr.dll
O2 - BHO: (no name) - {669751ED-D558-49AE-B01A-3B374CC7910E} - C:\Program Files\TENCENT\SSPlus\SSup.dll
O2 - BHO: 6BFD6B73-8F75-63D1-E005-891FCD59243A Class - {6BFD6B73-8F75-63D1-E005-891FCD59243A} - c:\program files\baidu\{6bfd6b73-8f75-63d1-e005-891fcd59243a}\addressbar.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Baidu Toolbar BHO - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\Program Files\Baidu\Toolbar\BaiduBarX.dll
O2 - BHO: XunleiBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - (no file)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: SafeMon Class - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} - C:\Program Files\360\360safe\safemon\safemon.dll
O2 - BHO: 笢弊馱妀窅俴BHO - {BB4491A2-D11A-4c6b-91C0-B53246A3122B} - C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\ICBC_WIN32\Icbc_AntiPhishing.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: EE5136CE-F6BB-E122-7E1F-362AB0B03290 Class - {EE5136CE-F6BB-E122-7E1F-362AB0B03290} - C:\Program Files\QvodPlayer\AddIn\{EE5136CE-F6BB-E122-7E1F-362AB0B03290}\QvodAddr.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: 啃僅馱撿戲 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\Program Files\Baidu\Toolbar\BaiduBarX.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [QvodTerminal] "C:\Program Files\QvodPlayer\QvodTerminal.exe" -autorun
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [D4Svr_ICBC.exe] D4Svr_ICBC.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKCU\..\Run: [360sd] "C:\Program Files\360\360sd\360sdrun.exe"

laiykk 2014-9-17 09:22 PM

O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
O4 - HKCU\..\Run: [TBHostSupport] "C:\Windows\system32\Rundll32.exe" "C:\Users\user\AppData\Local\TBHostSupport\TBHostSupport.dll",DLLRunTBHostSupportPlugin
O4 - HKCU\..\Run: [APISupport] "C:\Windows\system32\Rundll32.exe" "C:\Users\user\AppData\Local\TB\APISupport\APISupport.dll",DLLRunAPISupport
O4 - HKCU\..\Run: [GarenaPlus] "C:\Program Files\Garena Plus\GarenaMessenger.exe" -autolaunch
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_4E874A737D5662A34EBBEADB3A9C4A09] "C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = user\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: OneNote 2007 畫面剪輯器及啟動器.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: 九方快速啟動.lnk = C:\Windows\System32\QTRAYIME.EXE
O4 - Startup: 百度云管家.lnk = user\AppData\Roaming\Baidu\BaiduYunGuanjia\BaiduYunGuanjia.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O4 - Global Startup: 九方快速啟動.lnk = ?SystemRoot%\Installer\{6767EEFB-0C34-4ED4-BA23-5B44997D3BB5}\_524CEB32F50D1083D7BF67.exe
O8 - Extra context menu item: 匯出至 Microsoft Excel(&X) - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: 轉換為 Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: 轉換連結目標到現有 PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: 轉換連結目標為 Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: 轉換選定的連結到現有 PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: 轉換選定的連結為 Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: 轉換選擇內容到現有 PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: 轉換選擇內容為 Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: 附加至現有 PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: 傳送至 OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: 傳送至 OneNote(E) - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: 顯示或隱藏「HP Smart Web Printing」 - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\users\public\funacce\funacce.dll
O10 - Unknown file in Winsock LSP: c:\users\public\funacce\funacce.dll
O10 - Unknown file in Winsock LSP: c:\users\public\funacce\funacce.dll
O10 - Unknown file in Winsock LSP: c:\users\public\funacce\funacce.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O11 - Options group: [TBH] SOSO AddressBar Search
O15 - Trusted Zone: http://*.alipay.com
O15 - Trusted Zone: http://*.alisoft.com
O15 - Trusted Zone: [url]http://portalh2.police.gov.hk[/url]
O15 - Trusted Zone: http://*.taobao.com
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {060CA154-DF25-4F03-98AA-FBCDE9D27382} (TDRDV Class) - [url]https://vip.icbc.com.cn/icbc/ICBC_TDRDV.cab[/url]
O16 - DPF: {0EB487C8-E9AC-43A6-8C4C-083999B0622F} (certInStall Class) - [url]https://vip.icbc.com.cn/icbc/newperbank/certInStall.dll[/url]
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - [url]http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab[/url]
O16 - DPF: {2A0B9B82-D5C8-4D3D-8338-AD55B23662B1} (F5 Networks CacheCleaner) - [url]https://portalh2.police.gov.hk/public/download/cachecleaner.cab#7091[/url],2014,409,2153
O16 - DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} (F5 Networks VPN Manager) - [url]https://portalh2.police.gov.hk/public/download/urxvpn.cab#version=7091[/url],2014,409,2153

laiykk 2014-9-17 09:23 PM

O16 - DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} (F5 Networks Dynamic Application Tunnel Control) - [url]https://portalh2.police.gov.hk/public/download/f5tunsrv.cab#version=7091[/url],2014,409,2153
O16 - DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} (F5 Networks Auto Update) - [url]https://portalh2.police.gov.hk/public/download/InstallerControl.cab#7091[/url],2014,409,2153
O16 - DPF: {57C76689-F052-487B-A19F-855AFDDF28EE} (F5 Networks Policy Agent Host Class) - [url]https://portalh2.police.gov.hk/public/download/f5InspectionHost.cab#7091[/url],2014,409,2153
O16 - DPF: {746E471A-B6E4-44E3-8F3C-2A09B3A030B4} (Token Class) - [url]https://vip.icbc.com.cn/icbc/icbc_tdrusbkey.cab[/url]
O16 - DPF: {7E73BE8F-FD87-44EC-8E22-023D5FF960FF} (F5 Virtual Sandbox Class) - [url]https://portalh2.police.gov.hk/public/download/vdeskctrl.cab#Version=7091[/url],2014,0409,2153
O16 - DPF: {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} (AxSubmitControl Class) - [url]https://vip.icbc.com.cn/icbc/newperbank/AxSafeControls.cab[/url]
O16 - DPF: {A3CD7F74-93C9-4BC4-B892-CCDF1514F714} (Submit Class) - [url]https://pbank.95559.com.cn/personbank/ocx/safe_bankcomm.cab[/url]
O16 - DPF: {B1FBC1AD-5644-4084-882A-0F8BA85E7506} (InfoSecICBCNetSign Class) - [url]https://vip.icbc.com.cn/icbc/ICBC_NetSign.dll[/url]
O16 - DPF: {C00E3FF3-1F6A-423D-B5E0-17C198EF65E4} (BOCOM AxOEdit Class) - [url]https://pbank.95559.com.cn/personbank/ocx/x32.cab[/url]
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - [url]http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab[/url]
O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} (F5 Networks SuperHost Class) - [url]https://portalh2.police.gov.hk/public/download/urxshost.cab#7091[/url],2014,409,2153
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [url]http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab[/url]
O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} (F5 Networks Host Control) - [url]https://portalh2.police.gov.hk/public/download/urxhost.cab#version=7091[/url],2014,409,2153
O16 - DPF: {F87F9B52-A08F-4341-8658-AFDA16A06683} (ScreenCapture.UserControl1) - [url]http://onlineservice.95559.com.cn/consumer/consumer/cn/capscreen/ScreenCapture.CAB[/url]
O23 - Service: 360rp - 360.cn - C:\Program Files\360\360sd\360rps.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Tencent AddressBar Update Service (ARUpdate) - Tencent - C:\Program Files\TENCENT\AddrUpdate\AddrUpdate.exe
O23 - Service: Baidu Updater (BaiduUpdater) - Baidu.com, Inc. - C:\Program Files\Baidu\BaiduUpdate\bdupdate.exe
O23 - Service: Bonjour 服務 (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\system32\IntelCpHeciSvc.exe
O23 - Service: Microsoft Device Health Machine Service (DeviceHealth) - Unknown owner - C:\Program Files\Microsoft Device Health\DhMachineSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ICBC Daemon Service - Unknown owner - C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\ICBC_WIN32\IcbcDaemon.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod 服務 (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: OnKey Service _ICBC - Tendyron Corporation - C:\Windows\system32\D4Ser_ICBC.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - VIA Technologies, Inc. - C:\Windows\system32\viakaraokesrv.exe
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: 主?防御 (ZhuDongFangYu) - 360.cn - C:\Program Files\360\360safe\deepscan\zhudongfangyu.exe

--
End of file - 17679 bytes

laiykk 2014-9-30 07:51 AM

問題仍未解決, 請版主幫忙

laiykk 2014-10-1 09:21 PM

請版主幫忙

laiykk 2014-10-2 09:28 PM

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 21:26:55, on 2/10/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
CHROME: 37.0.2062.124
FIREFOX: 32.0.3 (x86 zh-TW)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Baidu\BaiduPlayer\4.0.1.85\bdyyProtect.exe
C:\Windows\Explorer.EXE
C:\Program Files\Baidu\BaiduPlayer\4.0.1.85\bdyyService.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files\QvodPlayer\QvodTerminal.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\System32\D4Svr_ICBC.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Program Files\360\360sd\360sd.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Program Files\ICBCEbankTools\ICBCSetupIntegration\ICBCEBankAssist.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\360\360sd\360rp.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Baidu\BaiduPlayer\4.0.1.85\BaiduPlayer.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Q9W7B5ed\qtrayime.exe
C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\360\360safe\safemon\360tray.exe
C:\Program Files\Baidu\BaiduPlayer\4.0.1.85\bpls.exe
C:\Program Files\Baidu\BaiduPlayer\4.0.1.85\bdbtray.exe
C:\Program Files\Baidu\BaiduPlayer\4.0.1.85\bpls.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\360\360safe\mobilemgr\360MobileMgr.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\user\Downloads\HijackThis (1).exe

R3 - URLSearchHook: Tencent SearchHook - {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} - C:\Program Files\TENCENT\SSPlus\SAddr.dll
R3 - URLSearchHook: (no name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: 360sdbho Class - {0F4BF955-A127-41B7-A998-369904AA2578} - C:\Program Files\360\360sd\360sdbho.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: 瑞俴弝ⅰ畦溫摯狟婥郪璃 - {4ADBABBD-E1CA-4f11-BD01-73B0B6E4B5BA} - C:\Users\user\funshion\funshiontools\FunshionHelper.dll
O2 - BHO: Tencent Browser Helper - {6087D118-54E5-E6D7-44DB-4C23001F5A3E} - C:\Program Files\TENCENT\SSPlus\SAddr.dll
O2 - BHO: (no name) - {669751ED-D558-49AE-B01A-3B374CC7910E} - C:\Program Files\TENCENT\SSPlus\SSup.dll
O2 - BHO: 6BFD6B73-8F75-63D1-E005-891FCD59243A Class - {6BFD6B73-8F75-63D1-E005-891FCD59243A} - c:\program files\baidu\{6bfd6b73-8f75-63d1-e005-891fcd59243a}\addressbar.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Baidu Toolbar BHO - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\Program Files\Baidu\Toolbar\BaiduBarX.dll
O2 - BHO: XunleiBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - (no file)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: SafeMon Class - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} - C:\Program Files\360\360safe\safemon\safemon.dll
O2 - BHO: 笢弊馱妀窅俴BHO - {BB4491A2-D11A-4c6b-91C0-B53246A3122B} - C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\ICBC_WIN32\Icbc_AntiPhishing.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: TTSIEBHO - {E1022531-9301-4071-A07A-F7237D0DE741} - C:\Users\user\AppData\Local\TaoTaoSou\TTK\TTSIEPlugin.dll
O2 - BHO: EE5136CE-F6BB-E122-7E1F-362AB0B03290 Class - {EE5136CE-F6BB-E122-7E1F-362AB0B03290} - C:\Program Files\QvodPlayer\AddIn\{EE5136CE-F6BB-E122-7E1F-362AB0B03290}\QvodAddr.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: 啃僅馱撿戲 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\Program Files\Baidu\Toolbar\BaiduBarX.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

laiykk 2014-10-2 09:29 PM

O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [QvodTerminal] "C:\Program Files\QvodPlayer\QvodTerminal.exe" -autorun
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [D4Svr_ICBC.exe] D4Svr_ICBC.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKCU\..\Run: [360sd] "C:\Program Files\360\360sd\360sdrun.exe"
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
O4 - HKCU\..\Run: [TBHostSupport] "C:\Windows\system32\Rundll32.exe" "C:\Users\user\AppData\Local\TBHostSupport\TBHostSupport.dll",DLLRunTBHostSupportPlugin
O4 - HKCU\..\Run: [APISupport] "C:\Windows\system32\Rundll32.exe" "C:\Users\user\AppData\Local\TB\APISupport\APISupport.dll",DLLRunAPISupport
O4 - HKCU\..\Run: [GarenaPlus] "C:\Program Files\Garena Plus\GarenaMessenger.exe" -autolaunch
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_4E874A737D5662A34EBBEADB3A9C4A09] "C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [BaiduMEDIA] "C:\Program Files\Baidu\BaiduPlayer\4.0.1.85\BaiduPlayer.exe" minimize
O4 - HKCU\..\Run: [BaiduMEDIASERVICE] "C:\Program Files\Baidu\BaiduPlayer\4.0.1.85\bdyyService.exe" -minihp -autoupdate
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = user\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: OneNote 2007 畫面剪輯器及啟動器.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: 九方快速啟動.lnk = C:\Windows\System32\QTRAYIME.EXE
O4 - Startup: 百度云管家.lnk = user\AppData\Roaming\Baidu\BaiduYunGuanjia\BaiduYunGuanjia.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O4 - Global Startup: 九方快速啟動.lnk = ?SystemRoot%\Installer\{6767EEFB-0C34-4ED4-BA23-5B44997D3BB5}\_524CEB32F50D1083D7BF67.exe
O8 - Extra context menu item: 匯出至 Microsoft Excel(&X) - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: 轉換為 Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: 轉換連結目標到現有 PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: 轉換連結目標為 Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: 轉換選定的連結到現有 PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: 轉換選定的連結為 Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: 轉換選擇內容到現有 PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: 轉換選擇內容為 Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: 附加至現有 PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: 傳送至 OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: 傳送至 OneNote(E) - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: 顯示或隱藏「HP Smart Web Printing」 - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\users\public\funacce\funacce.dll
O10 - Unknown file in Winsock LSP: c:\users\public\funacce\funacce.dll
O10 - Unknown file in Winsock LSP: c:\users\public\funacce\funacce.dll
O10 - Unknown file in Winsock LSP: c:\users\public\funacce\funacce.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O11 - Options group: [TBH] SOSO AddressBar Search

laiykk 2014-10-2 09:29 PM

O15 - Trusted Zone: http://*.alipay.com
O15 - Trusted Zone: http://*.alisoft.com
O15 - Trusted Zone: [url]http://portalh2.police.gov.hk[/url]
O15 - Trusted Zone: http://*.taobao.com
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {060CA154-DF25-4F03-98AA-FBCDE9D27382} (TDRDV Class) - [url]https://vip.icbc.com.cn/icbc/ICBC_TDRDV.cab[/url]
O16 - DPF: {0EB487C8-E9AC-43A6-8C4C-083999B0622F} (certInStall Class) - [url]https://vip.icbc.com.cn/icbc/newperbank/certInStall.dll[/url]
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - [url]http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab[/url]
O16 - DPF: {2A0B9B82-D5C8-4D3D-8338-AD55B23662B1} (F5 Networks CacheCleaner) - [url]https://portalh2.police.gov.hk/public/download/cachecleaner.cab#7091[/url],2014,409,2153
O16 - DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} (F5 Networks VPN Manager) - [url]https://portalh2.police.gov.hk/public/download/urxvpn.cab#version=7091[/url],2014,409,2153
O16 - DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} (F5 Networks Dynamic Application Tunnel Control) - [url]https://portalh2.police.gov.hk/public/download/f5tunsrv.cab#version=7091[/url],2014,409,2153
O16 - DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} (F5 Networks Auto Update) - [url]https://portalh2.police.gov.hk/public/download/InstallerControl.cab#7091[/url],2014,409,2153
O16 - DPF: {57C76689-F052-487B-A19F-855AFDDF28EE} (F5 Networks Policy Agent Host Class) - [url]https://portalh2.police.gov.hk/public/download/f5InspectionHost.cab#7091[/url],2014,409,2153
O16 - DPF: {746E471A-B6E4-44E3-8F3C-2A09B3A030B4} (Token Class) - [url]https://vip.icbc.com.cn/icbc/icbc_tdrusbkey.cab[/url]
O16 - DPF: {7E73BE8F-FD87-44EC-8E22-023D5FF960FF} (F5 Virtual Sandbox Class) - [url]https://portalh2.police.gov.hk/public/download/vdeskctrl.cab#Version=7091[/url],2014,0409,2153
O16 - DPF: {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} (AxSubmitControl Class) - [url]https://vip.icbc.com.cn/icbc/newperbank/AxSafeControls.cab[/url]
O16 - DPF: {A3CD7F74-93C9-4BC4-B892-CCDF1514F714} (Submit Class) - [url]https://pbank.95559.com.cn/personbank/ocx/safe_bankcomm.cab[/url]
O16 - DPF: {B1FBC1AD-5644-4084-882A-0F8BA85E7506} (InfoSecICBCNetSign Class) - [url]https://vip.icbc.com.cn/icbc/ICBC_NetSign.dll[/url]
O16 - DPF: {C00E3FF3-1F6A-423D-B5E0-17C198EF65E4} (BOCOM AxOEdit Class) - [url]https://pbank.95559.com.cn/personbank/ocx/x32.cab[/url]
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - [url]http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab[/url]
O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} (F5 Networks SuperHost Class) - [url]https://portalh2.police.gov.hk/public/download/urxshost.cab#7091[/url],2014,409,2153
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [url]http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab[/url]
O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} (F5 Networks Host Control) - [url]https://portalh2.police.gov.hk/public/download/urxhost.cab#version=7091[/url],2014,409,2153
O16 - DPF: {F87F9B52-A08F-4341-8658-AFDA16A06683} (ScreenCapture.UserControl1) - [url]http://onlineservice.95559.com.cn/consumer/consumer/cn/capscreen/ScreenCapture.CAB[/url]
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: 360rp - 360.cn - C:\Program Files\360\360sd\360rps.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Tencent AddressBar Update Service (ARUpdate) - Tencent - C:\Program Files\TENCENT\AddrUpdate\AddrUpdate.exe
O23 - Service: Baidu Updater (BaiduUpdater) - Baidu.com, Inc. - C:\Program Files\Baidu\BaiduUpdate\bdupdate.exe
O23 - Service: Bonjour 服務 (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\system32\IntelCpHeciSvc.exe
O23 - Service: Microsoft Device Health Machine Service (DeviceHealth) - Unknown owner - C:\Program Files\Microsoft Device Health\DhMachineSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ICBC Daemon Service - Unknown owner - C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\ICBC_WIN32\IcbcDaemon.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod 服務 (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: OnKey Service _ICBC - Tendyron Corporation - C:\Windows\system32\D4Ser_ICBC.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - VIA Technologies, Inc. - C:\Windows\system32\viakaraokesrv.exe
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: 主?防御 (ZhuDongFangYu) - 360.cn - C:\Program Files\360\360safe\deepscan\zhudongfangyu.exe

--
End of file - 19057 bytes

laiykk 2014-10-2 09:30 PM

請版主幫忙

laiykk 2014-10-3 11:00 PM

已經好多日啦,問題仍未解決, 請版主幫忙

laiykk 2014-10-6 11:11 AM

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 11:11:03, on 6/10/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
CHROME: 37.0.2062.124
FIREFOX: 32.0.3 (x86 zh-TW)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Baidu\BaiduPlayer\4.0.1.85\bdyyProtect.exe
C:\Program Files\Baidu\BaiduPlayer\4.0.1.85\bdyyService.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files\QvodPlayer\QvodTerminal.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Windows\System32\D4Svr_ICBC.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\360\360sd\360sd.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files\ICBCEbankTools\ICBCSetupIntegration\ICBCEBankAssist.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Program Files\360\360sd\360rp.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Program Files\360\360safe\safemon\360tray.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Baidu\BaiduPlayer\4.0.1.85\BaiduPlayer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Q9W7B5ed\qtrayime.exe
C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Baidu\BaiduPlayer\4.0.1.85\bpls.exe
C:\Program Files\Baidu\BaiduPlayer\4.0.1.85\bpls.exe
C:\Program Files\Baidu\BaiduPlayer\4.0.1.85\bdbtray.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\user\Downloads\HijackThis (3).exe
C:\Users\user\AppData\Local\TaoTaoSou\TTK\TTKMonitor.exe

R3 - URLSearchHook: Tencent SearchHook - {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} - C:\Program Files\TENCENT\SSPlus\SAddr.dll
R3 - URLSearchHook: (no name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: 360sdbho Class - {0F4BF955-A127-41B7-A998-369904AA2578} - C:\Program Files\360\360sd\360sdbho.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: 瑞俴弝ⅰ畦溫摯狟婥郪璃 - {4ADBABBD-E1CA-4f11-BD01-73B0B6E4B5BA} - C:\Users\user\funshion\funshiontools\FunshionHelper.dll
O2 - BHO: Tencent Browser Helper - {6087D118-54E5-E6D7-44DB-4C23001F5A3E} - C:\Program Files\TENCENT\SSPlus\SAddr.dll
O2 - BHO: (no name) - {669751ED-D558-49AE-B01A-3B374CC7910E} - C:\Program Files\TENCENT\SSPlus\SSup.dll
O2 - BHO: 6BFD6B73-8F75-63D1-E005-891FCD59243A Class - {6BFD6B73-8F75-63D1-E005-891FCD59243A} - c:\program files\baidu\{6bfd6b73-8f75-63d1-e005-891fcd59243a}\addressbar.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Baidu Toolbar BHO - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\Program Files\Baidu\Toolbar\BaiduBarX.dll
O2 - BHO: XunleiBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - (no file)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: SafeMon Class - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} - C:\Program Files\360\360safe\safemon\safemon.dll
O2 - BHO: 笢弊馱妀窅俴BHO - {BB4491A2-D11A-4c6b-91C0-B53246A3122B} - C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\ICBC_WIN32\Icbc_AntiPhishing.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: TTSIEBHO - {E1022531-9301-4071-A07A-F7237D0DE741} - C:\Users\user\AppData\Local\TaoTaoSou\TTK\TTSIEPlugin.dll
O2 - BHO: EE5136CE-F6BB-E122-7E1F-362AB0B03290 Class - {EE5136CE-F6BB-E122-7E1F-362AB0B03290} - C:\Program Files\QvodPlayer\AddIn\{EE5136CE-F6BB-E122-7E1F-362AB0B03290}\QvodAddr.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: 啃僅馱撿戲 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\Program Files\Baidu\Toolbar\BaiduBarX.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [QvodTerminal] "C:\Program Files\QvodPlayer\QvodTerminal.exe" -autorun
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [D4Svr_ICBC.exe] D4Svr_ICBC.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKCU\..\Run: [360sd] "C:\Program Files\360\360sd\360sdrun.exe"
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run

laiykk 2014-10-6 11:12 AM

O4 - HKCU\..\Run: [TBHostSupport] "C:\Windows\system32\Rundll32.exe" "C:\Users\user\AppData\Local\TBHostSupport\TBHostSupport.dll",DLLRunTBHostSupportPlugin
O4 - HKCU\..\Run: [APISupport] "C:\Windows\system32\Rundll32.exe" "C:\Users\user\AppData\Local\TB\APISupport\APISupport.dll",DLLRunAPISupport
O4 - HKCU\..\Run: [GarenaPlus] "C:\Program Files\Garena Plus\GarenaMessenger.exe" -autolaunch
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_4E874A737D5662A34EBBEADB3A9C4A09] "C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [BaiduMEDIA] "C:\Program Files\Baidu\BaiduPlayer\4.0.1.85\BaiduPlayer.exe" minimize
O4 - HKCU\..\Run: [BaiduMEDIASERVICE] "C:\Program Files\Baidu\BaiduPlayer\4.0.1.85\bdyyService.exe" -minihp -autoupdate
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = user\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: OneNote 2007 畫面剪輯器及啟動器.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: 九方快速啟動.lnk = C:\Windows\System32\QTRAYIME.EXE
O4 - Startup: 百度云管家.lnk = user\AppData\Roaming\Baidu\BaiduYunGuanjia\BaiduYunGuanjia.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O4 - Global Startup: 九方快速啟動.lnk = ?SystemRoot%\Installer\{6767EEFB-0C34-4ED4-BA23-5B44997D3BB5}\_524CEB32F50D1083D7BF67.exe
O8 - Extra context menu item: 匯出至 Microsoft Excel(&X) - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: 轉換為 Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: 轉換連結目標到現有 PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: 轉換連結目標為 Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: 轉換選定的連結到現有 PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: 轉換選定的連結為 Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: 轉換選擇內容到現有 PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: 轉換選擇內容為 Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: 附加至現有 PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: 傳送至 OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: 傳送至 OneNote(E) - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: 顯示或隱藏「HP Smart Web Printing」 - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\users\public\funacce\funacce.dll
O10 - Unknown file in Winsock LSP: c:\users\public\funacce\funacce.dll
O10 - Unknown file in Winsock LSP: c:\users\public\funacce\funacce.dll
O10 - Unknown file in Winsock LSP: c:\users\public\funacce\funacce.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O11 - Options group: [TBH] SOSO AddressBar Search
O15 - Trusted Zone: http://*.alipay.com
O15 - Trusted Zone: http://*.alisoft.com
O15 - Trusted Zone: [url]http://portalh2.police.gov.hk[/url]
O15 - Trusted Zone: http://*.taobao.com
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {060CA154-DF25-4F03-98AA-FBCDE9D27382} (TDRDV Class) - [url]https://vip.icbc.com.cn/icbc/ICBC_TDRDV.cab[/url]
O16 - DPF: {0EB487C8-E9AC-43A6-8C4C-083999B0622F} (certInStall Class) - [url]https://vip.icbc.com.cn/icbc/newperbank/certInStall.dll[/url]
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - [url]http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab[/url]
O16 - DPF: {2A0B9B82-D5C8-4D3D-8338-AD55B23662B1} (F5 Networks CacheCleaner) - [url]https://portalh2.police.gov.hk/public/download/cachecleaner.cab#7091[/url],2014,409,2153
O16 - DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} (F5 Networks VPN Manager) - [url]https://portalh2.police.gov.hk/public/download/urxvpn.cab#version=7091[/url],2014,409,2153
O16 - DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} (F5 Networks Dynamic Application Tunnel Control) - [url]https://portalh2.police.gov.hk/public/download/f5tunsrv.cab#version=7091[/url],2014,409,2153
O16 - DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} (F5 Networks Auto Update) - [url]https://portalh2.police.gov.hk/public/download/InstallerControl.cab#7091[/url],2014,409,2153
O16 - DPF: {57C76689-F052-487B-A19F-855AFDDF28EE} (F5 Networks Policy Agent Host Class) - [url]https://portalh2.police.gov.hk/public/download/f5InspectionHost.cab#7091[/url],2014,409,2153
O16 - DPF: {746E471A-B6E4-44E3-8F3C-2A09B3A030B4} (Token Class) - [url]https://vip.icbc.com.cn/icbc/icbc_tdrusbkey.cab[/url]
O16 - DPF: {7E73BE8F-FD87-44EC-8E22-023D5FF960FF} (F5 Virtual Sandbox Class) - [url]https://portalh2.police.gov.hk/public/download/vdeskctrl.cab#Version=7091[/url],2014,0409,2153
O16 - DPF: {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} (AxSubmitControl Class) - [url]https://vip.icbc.com.cn/icbc/newperbank/AxSafeControls.cab[/url]
O16 - DPF: {A3CD7F74-93C9-4BC4-B892-CCDF1514F714} (Submit Class) - [url]https://pbank.95559.com.cn/personbank/ocx/safe_bankcomm.cab[/url]
O16 - DPF: {B1FBC1AD-5644-4084-882A-0F8BA85E7506} (InfoSecICBCNetSign Class) - [url]https://vip.icbc.com.cn/icbc/ICBC_NetSign.dll[/url]
O16 - DPF: {C00E3FF3-1F6A-423D-B5E0-17C198EF65E4} (BOCOM AxOEdit Class) - [url]https://pbank.95559.com.cn/personbank/ocx/x32.cab[/url]
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - [url]http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab[/url]
O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} (F5 Networks SuperHost Class) - [url]https://portalh2.police.gov.hk/public/download/urxshost.cab#7091[/url],2014,409,2153
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [url]http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab[/url]
O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} (F5 Networks Host Control) - [url]https://portalh2.police.gov.hk/public/download/urxhost.cab#version=7091[/url],2014,409,2153
O16 - DPF: {F87F9B52-A08F-4341-8658-AFDA16A06683} (ScreenCapture.UserControl1) - [url]http://onlineservice.95559.com.cn/consumer/consumer/cn/capscreen/ScreenCapture.CAB[/url]
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

laiykk 2014-10-6 11:13 AM

O23 - Service: 360rp - 360.cn - C:\Program Files\360\360sd\360rps.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Tencent AddressBar Update Service (ARUpdate) - Tencent - C:\Program Files\TENCENT\AddrUpdate\AddrUpdate.exe
O23 - Service: Baidu Updater (BaiduUpdater) - Baidu.com, Inc. - C:\Program Files\Baidu\BaiduUpdate\bdupdate.exe
O23 - Service: Bonjour 服務 (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\system32\IntelCpHeciSvc.exe
O23 - Service: Microsoft Device Health Machine Service (DeviceHealth) - Unknown owner - C:\Program Files\Microsoft Device Health\DhMachineSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ICBC Daemon Service - Unknown owner - C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\ICBC_WIN32\IcbcDaemon.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod 服務 (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: OnKey Service _ICBC - Tendyron Corporation - C:\Windows\system32\D4Ser_ICBC.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - VIA Technologies, Inc. - C:\Windows\system32\viakaraokesrv.exe
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: 主?防御 (ZhuDongFangYu) - 360.cn - C:\Program Files\360\360safe\deepscan\zhudongfangyu.exe

--
End of file - 18992 bytes

laiykk 2014-10-6 11:14 AM

版主, 已經按你指示做了, 但問題仍然存在


原始短消息: 電腦中毒求助
引用:
由於為超過48小時未有回覆的帖已經沒有回覆功能,因此唯有發信息給版主

[url]http://computer.discuss.com.hk/viewthread.php?tid=23790353[/url]
下載、安裝此軟件,然後進行掃描、清理。

[url]https://www.malwarebytes.org/antimalware/[/url]

掃描之前請關閉其他軟件同埋斷線.

完成清理後睇下仲有冇問題.

geck789 2014-10-7 01:12 AM

下載 [b][color=blue]AdwCleaner[/b][/color] 至桌面

[url]https://toolslib.net/downloads/finish/1/[/url]

[b][color=blue]AdwCleaner[/b][/color] 使用步驟:

1. 用滑鼠右鍵點擊 [b][color=blue]AdwCleaner[/b][/color] ,再以[b]系統管理員[/b]執行程式.
2. [b][color=blue]AdwCleaner[/b][/color] 內按 [b]Scan[/b] 進行掃描. (掃描之前請關閉其他軟件及斷線.)
3. 完成掃描後按 [b]Clean[/b] 清理有害檔案.
4. 清理完成後 [b][color=blue]AdwCleaner[/b][/color] 會提示重啟電腦,按 [b]OK[/b] 重啟電腦.

重啟電腦後會彈出掃描記錄. 下次回覆時請附上掃描記錄.

laiykk 2014-10-7 01:29 PM

# AdwCleaner v3.311 - Report created 07/10/2014 at 13:19:17
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : user - USER-PC
# Running from : C:\Users\user\Desktop\adwcleaner_3.311.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\baidu
Folder Deleted : C:\ProgramData\StarApp
Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\Program Files\baidu
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\Funshion Online
Folder Deleted : C:\Program Files\MyPC Backup
Folder Deleted : C:\Program Files\tencent
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\users\user\AppData\Local\AskToolbar
Folder Deleted : C:\users\user\AppData\Local\Conduit
Folder Deleted : C:\users\user\AppData\Local\NativeMessaging
Folder Deleted : C:\users\user\AppData\Local\TBHostSupport
Folder Deleted : C:\users\user\AppData\Local\Temp\AskSearch
Folder Deleted : C:\users\user\AppData\Local\Temp\baidu
Folder Deleted : C:\users\user\AppData\Local\Temp\CT2776682
Folder Deleted : C:\users\user\AppData\LocalLow\AskToolbar
Folder Deleted : C:\users\user\AppData\LocalLow\baidu
Folder Deleted : C:\users\user\AppData\LocalLow\Conduit
Folder Deleted : C:\users\user\AppData\LocalLow\tencent
Folder Deleted : C:\users\user\AppData\Roaming\baidu
Folder Deleted : C:\users\user\AppData\Roaming\Tuneup Pro
Folder Deleted : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\w7oirg3c.default\ConduitCommon
Folder Deleted : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\w7oirg3c.default\Smartbar
Folder Deleted : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\w7oirg3c.default\ValueApps
Folder Deleted : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\w7oirg3c.default\CT2776682
Folder Deleted : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\w7oirg3c.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Folder Deleted : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\w7oirg3c.default\Extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}
Folder Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\naipdapbimiiikbbgjcpbgmfhnlbagpj
File Deleted : C:\Windows\system32\roboot.exe
File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal
File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage
File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage-journal
File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_images.search.conduit.com_0.localstorage
File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_images.search.conduit.com_0.localstorage-journal
File Deleted : C:\Users\user\AppData\Local\Google\Chrome\user data\default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage
File Deleted : C:\Users\user\AppData\Local\Google\Chrome\user data\default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage-journal
File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage
File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage
File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage-journal
File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****

Task Deleted : Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\naipdapbimiiikbbgjcpbgmfhnlbagpj
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [APISupport]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [TBHostSupport]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\BaiduBarEx.BDHomePage
Key Deleted : HKLM\SOFTWARE\Classes\BaiduBarEx.BDHomePage.4
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2776682
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4ADBABBD-E1CA-4F11-BD01-73B0B6E4B5BA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{669751ED-D558-49AE-B01A-3B374CC7910E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{77FEF28E-EB96-44FF-B511-3185DEA48697}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A7F05EE4-0426-454F-8013-C41E3596E9E9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B580CF65-E151-49C3-B73F-70B13FCA8E86}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4ADBABBD-E1CA-4F11-BD01-73B0B6E4B5BA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{669751ED-D558-49AE-B01A-3B374CC7910E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{77FEF28E-EB96-44FF-B511-3185DEA48697}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4ADBABBD-E1CA-4F11-BD01-73B0B6E4B5BA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{669751ED-D558-49AE-B01A-3B374CC7910E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{77FEF28E-EB96-44FF-B511-3185DEA48697}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B580CF65-E151-49C3-B73F-70B13FCA8E86}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}

laiykk 2014-10-7 01:30 PM

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4ADBABBD-E1CA-4F11-BD01-73B0B6E4B5BA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{669751ED-D558-49AE-B01A-3B374CC7910E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{77FEF28E-EB96-44FF-B511-3185DEA48697}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B580CF65-E151-49C3-B73F-70B13FCA8E86}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A7F05EE4-0426-454F-8013-C41E3596E9E9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9}]
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AskToolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\WEDLMNGR
Key Deleted : HKCU\Software\AppDataLow\AskToolbarInfo
Key Deleted : HKCU\Software\AppDataLow\Tencent
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\Tencent
Key Deleted : HKLM\SOFTWARE\APN
Key Deleted : HKLM\SOFTWARE\AskToolbar
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Myfree Codec
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Tencent
Key Deleted : HKLM\SOFTWARE\Tuneup Pro
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17280

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]

-\\ Mozilla Firefox v32.0.3 (x86 zh-TW)

[ File : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\w7oirg3c.default\prefs.js ]

Line Deleted : user_pref("CT2776682..clientLogIsEnabled", false);
Line Deleted : user_pref("CT2776682..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT2776682..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT2776682./9b+7e+x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2776682./9b+7e,x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2776682./9b+7e-x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2776682./9b+7e/x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2776682./9b+7e06cg5el8:.from_oldbar.enc", "bm1rcG1xcHZ1dg==");
Line Deleted : user_pref("CT2776682./9b+7e06cg5el;8i:k.from_oldbar.enc", "JH4tLyJqdHNxdnN3dnx7fCQvS0lHT0I1fV1cPQ==");
Line Deleted : user_pref("CT2776682./9b+7e0x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2776682./9b+7e1x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2776682./9b+7e2x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2776682./9b+7e3x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2776682./9b+7e4x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2776682./9b+7e5x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2776682./9b+7e6x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2776682./9b+7e7x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2776682./9b+7e8x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2776682./9b+7e9x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2776682./9b+7e:x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2776682./9b+7e;x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2776682./9b+7e<x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2776682./9b+7e=x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2776682./9b+7e>x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2776682./9b+7e?x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2776682./9b+[email]7e@x305.from_oldbar.enc[/email]", "JCM=");
Line Deleted : user_pref("CT2776682./9b+7eax305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2776682./9b+7ebe3g=;d9n9=d.from_oldbar.enc", "NywtMml1di46PHs6OUNKSUhBQ0smUUZJKWVQRlZJZXFzTTN9VlRROFBc");
Line Deleted : user_pref("CT2776682./9b+7ebx305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2776682./9b+7ecx305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2776682./9b+7edx305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2776682./9b+7etx305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2776682./9b-0?3g>d.from_oldbar.enc", "bGs+cEFybEB6d3h4RSBLfHt6JU17ISMqJiEoJ1ZbJyorLC0y");
Line Deleted : user_pref("CT2776682./9b-0?3g@6:5;.from_oldbar.enc", "AA==");
Line Deleted : user_pref("CT2776682./9b-0?3gfa7ef.from_oldbar.enc", "Ky4sPQ==");
Line Deleted : user_pref("CT2776682./9b-3=3eccja=f>.from_oldbar.enc", "JH4zPSxFL0E1J28pKiEsOT1EMHgyMyo1REhYTDojLjM+WGBPZFZgT2hSZFhYY15gTjdrcWdhcFk=");
Line Deleted : user_pref("CT2776682./9b/>01=9a6k6<im;[email]krie@pdawm.from_oldbar.enc[/email]", "bmpocHN0dXZ3");
Line Deleted : user_pref("CT2776682./9b3=>@44i48?.from_oldbar.enc", "NywtMml1djNCNjNBSEcgPj1HTk1MRUdPKlVKTS1YWFheS1VONmNSVk8=");
Line Deleted : user_pref("CT2776682./9b5ba==9cjag.from_oldbar.enc", "a3BoaW9vcXV6d3hGSHl0e0sgIE16");
Line Deleted : user_pref("CT2776682./9b6b11g4c56b>f;p;[email]anr@p.from_oldbar.enc[/email]", "bm1pcmxzbW5vdnh3dg==");
Line Deleted : user_pref("CT2776682./9b9643g3/9e.from_oldbar.enc", "ag==");
Line Deleted : user_pref("CT2776682./9b;45>:bi9i7ie.from_oldbar.enc", "Ky4sPQ==");
Line Deleted : user_pref("CT2776682./9b<:222h64<.from_oldbar.enc", "OT81Lz4=");
Line Deleted : user_pref("CT2776682./9b<:222h64<l8daj.from_oldbar.enc", "bXBwcHZzdHl1dCp6dHJ6enUgfg==");
Line Deleted : user_pref("CT2776682./9b=+03eh8h8j?:.from_oldbar.enc", "REM=");
Line Deleted : user_pref("CT2776682./9b?+e2a52d8.from_oldbar.enc", "NywtMml1di46PHs6OUNKSUhBQ0smUUZJKWVQRlZkcHJ5UVVeXlI=");
Line Deleted : user_pref("CT2776682./9b?b0d:8aj62<h.from_oldbar.enc", "bQ==");
Line Deleted : user_pref("CT2776682./9ba@0<0bi6a7gn:6@l?.from_oldbar.enc", "bA==");
Line Deleted : user_pref("CT2776682.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);

laiykk 2014-10-7 01:31 PM

Line Deleted : user_pref("CT2776682.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT2776682.BrowserCompStateIsOpen_129678129407612905", true);
Line Deleted : user_pref("CT2776682.BrowserCompStateIsOpen_129681725882385585", true);
Line Deleted : user_pref("CT2776682.BrowserCompStateIsOpen_129736214107504978", true);
Line Deleted : user_pref("CT2776682.BrowserCompStateIsOpen_129762727427121022", true);
Line Deleted : user_pref("CT2776682.BrowserCompStateIsOpen_130004707559712360", true);
Line Deleted : user_pref("CT2776682.BrowserCompStateIsOpen_130100684460075059", true);
Line Deleted : user_pref("CT2776682.BrowserCompStateIsOpen_1359634298000", true);
Line Deleted : user_pref("CT2776682.CT2776682.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT2776682&octid=CT2776682&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_I[...]
Line Deleted : user_pref("CT2776682.CTID", "CT2776682");
Line Deleted : user_pref("CT2776682.ConfigurationLastCheckTime", "Sat Dec 14 2013 13:49:18 GMT+0800");
Line Deleted : user_pref("CT2776682.CurrentServerDate", "14-12-2013");
Line Deleted : user_pref("CT2776682.DSInstall", false);
Line Deleted : user_pref("CT2776682.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT2776682.DialogsGetterLastCheckTime", "Sat Dec 14 2013 13:49:18 GMT+0800");
Line Deleted : user_pref("CT2776682.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT2776682.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2776682.FirstServerDate", "25-2-2012");
Line Deleted : user_pref("CT2776682.FirstTime", "true");
Line Deleted : user_pref("CT2776682.FirstTimeFF3", "true");
Line Deleted : user_pref("CT2776682.FixPageNotFoundErrors", true);
Line Deleted : user_pref("CT2776682.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT2776682.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT2776682.HPInstall", false);
Line Deleted : user_pref("CT2776682.HasUserGlobalKeys", true);
Line Deleted : user_pref("CT2776682.HomePageProtectorEnabled", false);
Line Deleted : user_pref("CT2776682.HomepageBeforeUnload", "chrome://branding/locale/browserconfig.properties");
Line Deleted : user_pref("CT2776682.Initialize", true);
Line Deleted : user_pref("CT2776682.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT2776682.InstallationAndCookieDataSentCount", 3);
Line Deleted : user_pref("CT2776682.InstallationId", "ct2776682_brothersoft_extreme.exe");
Line Deleted : user_pref("CT2776682.InstallationType", "ConduitXPEIntegration");
Line Deleted : user_pref("CT2776682.InstalledDate", "Sat Feb 25 2012 23:27:30 GMT+0800");
Line Deleted : user_pref("CT2776682.InvalidateCache", false);
Line Deleted : user_pref("CT2776682.IsAlertDBUpdated", true);
Line Deleted : user_pref("CT2776682.IsGrouping", false);
Line Deleted : user_pref("CT2776682.IsInitSetupIni", true);
Line Deleted : user_pref("CT2776682.IsMulticommunity", false);
Line Deleted : user_pref("CT2776682.IsOpenThankYouPage", false);
Line Deleted : user_pref("CT2776682.IsOpenUninstallPage", true);
Line Deleted : user_pref("CT2776682.LanguagePackLastCheckTime", "Sat Dec 14 2013 13:49:18 GMT+0800");
Line Deleted : user_pref("CT2776682.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT2776682.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT2776682.LastLogin_3.10.0.1", "Mon Sep 30 2013 21:03:24 GMT+0800");
Line Deleted : user_pref("CT2776682.LastLogin_3.20.0.4", "Sat Dec 14 2013 13:49:18 GMT+0800");
Line Deleted : user_pref("CT2776682.LatestVersion", "3.20.0.4");
Line Deleted : user_pref("CT2776682.Locale", "en");
Line Deleted : user_pref("CT2776682.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT2776682.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT2776682.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT2776682.MyStuffEnabledAtInstallation", true);
Line Deleted : user_pref("CT2776682.OriginalFirstVersion", "3.10.0.1");
Line Deleted : user_pref("CT2776682.RadioIsPodcast", false);
Line Deleted : user_pref("CT2776682.RadioLastCheckTime", "Tue Oct 01 2013 23:11:14 GMT+0800");
Line Deleted : user_pref("CT2776682.RadioLastUpdateIPServer", "3");
Line Deleted : user_pref("CT2776682.RadioLastUpdateServer", "3");
Line Deleted : user_pref("CT2776682.RadioMediaID", "9962");
Line Deleted : user_pref("CT2776682.RadioMediaType", "Media Player");
Line Deleted : user_pref("CT2776682.RadioMenuSelectedID", "EBRadioMenu_CT27766829962");
Line Deleted : user_pref("CT2776682.RadioShrinkedFromSetup", false);
Line Deleted : user_pref("CT2776682.RadioStationName", "California%20Rock");
Line Deleted : user_pref("CT2776682.RadioStationURL", "hxxp://feedlive.net/california.asx");
Line Deleted : user_pref("CT2776682.RestartDialogFirstTime", "false");
Line Deleted : user_pref("CT2776682.RestartDialogShouldDisplay", "false");
Line Deleted : user_pref("CT2776682.SearchAPILastCheckTime", "Sat Dec 14 2013 13:49:18 GMT+0800");
Line Deleted : user_pref("CT2776682.SearchCaption", "BrotherSoft Extreme Customized Web Search");
Line Deleted : user_pref("CT2776682.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");
Line Deleted : user_pref("CT2776682.SearchFromAddressBarIsInit", true);

laiykk 2014-10-7 01:31 PM

Line Deleted : user_pref("CT2776682.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2776682&SearchSource=2&q=");
Line Deleted : user_pref("CT2776682.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT2776682.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT2776682.SearchInNewTabLastCheckTime", "Mon Sep 30 2013 14:00:46 GMT+0800");
Line Deleted : user_pref("CT2776682.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
Line Deleted : user_pref("CT2776682.SearchInNewTabURLFromSearchAPI", "hxxp://search.conduit.com/?ctid=CT2776682&octid=CT2776682&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_ID");
Line Deleted : user_pref("CT2776682.SearchProtectorEnabled", false);
Line Deleted : user_pref("CT2776682.SearchProtectorToolbarDisabled", false);
Line Deleted : user_pref("CT2776682.SendProtectorDataViaLogin", true);
Line Deleted : user_pref("CT2776682.ServiceMapLastCheckTime", "Sat Dec 14 2013 13:49:18 GMT+0800");
Line Deleted : user_pref("CT2776682.SettingsLastCheckTime", "Sat Dec 14 2013 13:49:10 GMT+0800");
Line Deleted : user_pref("CT2776682.SettingsLastUpdate", "1386055187");
Line Deleted : user_pref("CT2776682.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2776682&SearchSource=13");
Line Deleted : user_pref("CT2776682.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT2776682.ThirdPartyComponentsLastCheck", "Mon Sep 30 2013 14:00:46 GMT+0800");
Line Deleted : user_pref("CT2776682.ThirdPartyComponentsLastUpdate", "1331805997");
Line Deleted : user_pref("CT2776682.ToolbarShrinkedFromSetup", false);
Line Deleted : user_pref("CT2776682.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
Line Deleted : user_pref("CT2776682.UserID", "UN85432149712201131");
Line Deleted : user_pref("CT2776682.ValidationData_Toolbar", 2);
Line Deleted : user_pref("CT2776682._9b90e_.3c;7b=?ofb>>rhiqs.from_oldbar.enc", "OT81Lz4=");
Line Deleted : user_pref("CT2776682._9b_7e.:2z527.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2776682._9b_7e.x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2776682.addressBarTakeOverEnabledInHidden", "true");
Line Deleted : user_pref("CT2776682.alertChannelId", "1168776");
Line Deleted : user_pref("CT2776682.autoDisableScopes", -1);
Line Deleted : user_pref("CT2776682.autocompletepro_enable.from_oldbar.enc", "MQ==");
Line Deleted : user_pref("CT2776682.autocompletepro_enable_auto.from_oldbar.enc", "MQ==");
Line Deleted : user_pref("CT2776682.backendstorage./9b+7e+x305", "2423");
Line Deleted : user_pref("CT2776682.backendstorage./9b+7e,x305", "2423");
Line Deleted : user_pref("CT2776682.backendstorage./9b+7e-x305", "2423");
Line Deleted : user_pref("CT2776682.backendstorage./9b+7e.:2z527", "2423");
Line Deleted : user_pref("CT2776682.backendstorage./9b+7e.x305", "2423");
Line Deleted : user_pref("CT2776682.backendstorage./9b+7e/x305", "2423");
Line Deleted : user_pref("CT2776682.backendstorage./9b+7e06cg5el8:", "6E6D6B706D7170767576");
Line Deleted : user_pref("CT2776682.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A747371767377767C7B7C242F4B49474F42357D5D5C3D");
Line Deleted : user_pref("CT2776682.backendstorage./9b+7e0x305", "2423");
Line Deleted : user_pref("CT2776682.backendstorage./9b+7e1x305", "2423");
Line Deleted : user_pref("CT2776682.backendstorage./9b+7e2x305", "2423");
Line Deleted : user_pref("CT2776682.backendstorage./9b+7e3x305", "2423");
Line Deleted : user_pref("CT2776682.backendstorage./9b+7e4x305", "2423");
Line Deleted : user_pref("CT2776682.backendstorage./9b+7e5x305", "2423");
Line Deleted : user_pref("CT2776682.backendstorage./9b+7e6x305", "2423");
Line Deleted : user_pref("CT2776682.backendstorage./9b+7e7x305", "2423");
Line Deleted : user_pref("CT2776682.backendstorage./9b+7e8x305", "2423");
Line Deleted : user_pref("CT2776682.backendstorage./9b+7e9x305", "2423");
Line Deleted : user_pref("CT2776682.backendstorage./9b+7e:x305", "2423");
Line Deleted : user_pref("CT2776682.backendstorage./9b+7e;x305", "2423");
Line Deleted : user_pref("CT2776682.backendstorage./9b+7e<x305", "2423");
Line Deleted : user_pref("CT2776682.backendstorage./9b+7e=x305", "2423");
Line Deleted : user_pref("CT2776682.backendstorage./9b+7e>x305", "2423");
Line Deleted : user_pref("CT2776682.backendstorage./9b+7e?x305", "2423");
Line Deleted : user_pref("CT2776682.backendstorage./9b+7e@x305", "2423");
Line Deleted : user_pref("CT2776682.backendstorage./9b+7eax305", "2423");
Line Deleted : user_pref("CT2776682.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D337D56545138505C");
Line Deleted : user_pref("CT2776682.backendstorage./9b+7ebx305", "2423");
Line Deleted : user_pref("CT2776682.backendstorage./9b+7ecx305", "2423");
Line Deleted : user_pref("CT2776682.backendstorage./9b+7edx305", "2423");
Line Deleted : user_pref("CT2776682.backendstorage./9b+7etx305", "2423");
Line Deleted : user_pref("CT2776682.backendstorage./9b-0?3g>d", "6C6B3E7041726C407A77787845204B7C7B7A254D7B21232A26212827565B272A2B2C2D32");
Line Deleted : user_pref("CT2776682.backendstorage./9b-0?3g@6:5;", "");
Line Deleted : user_pref("CT2776682.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
Line Deleted : user_pref("CT2776682.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332A354448584C3A232E333E58604F6456604F6852645858635E604E376B7167617059");
Line Deleted : user_pref("CT2776682.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6E6A68707374757677");
Line Deleted : user_pref("CT2776682.backendstorage./9b3=>@44i48?", "372C2D3269757633423633414847203E3D474E4D4C45474F2A554A4D2D5858585E4B554E366352564F");
Line Deleted : user_pref("CT2776682.backendstorage./9b5ba==9cjag", "6B7068696F6F71757A7778464879747B4B20204D7A");
Line Deleted : user_pref("CT2776682.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D69726C736D6E6F76787776");
Line Deleted : user_pref("CT2776682.backendstorage./9b90e@.3c;7b=?ofb>>rhiqs", "393F352F3E");
Line Deleted : user_pref("CT2776682.backendstorage./9b9643g3/9e", "6A");
Line Deleted : user_pref("CT2776682.backendstorage./9b;45>:bi9i7ie", "2B2E2C3D");
Line Deleted : user_pref("CT2776682.backendstorage./9b<:222h64<", "393F352F3E");
Line Deleted : user_pref("CT2776682.backendstorage./9b<:222h64<l8daj", "6D7070707673747975742A7A74727A7A75207E");
Line Deleted : user_pref("CT2776682.backendstorage./9b=+03eh8h8j?:", "4443");
Line Deleted : user_pref("CT2776682.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52");
Line Deleted : user_pref("CT2776682.backendstorage./9b?b0d:8aj62<h", "6D");
Line Deleted : user_pref("CT2776682.backendstorage./9ba@0<0bi6a7gn:6@l?", "6C");
Line Deleted : user_pref("CT2776682.backendstorage.autocompletepro_enable", "31");
Line Deleted : user_pref("CT2776682.backendstorage.autocompletepro_enable_auto", "31");
Line Deleted : user_pref("CT2776682.backendstorage.cb_experience_000", "32");
Line Deleted : user_pref("CT2776682.backendstorage.cb_firstuse0100", "31");
Line Deleted : user_pref("CT2776682.backendstorage.cb_user_id_000", "43423332393935393933333630305F313338303634313033363033305F46697265666F78");
Line Deleted : user_pref("CT2776682.backendstorage.cbcountry_001", "484B");
Line Deleted : user_pref("CT2776682.backendstorage.cbfirsttime", "5361742046656220323520323031322032333A32373A333420474D542B30383030");

laiykk 2014-10-7 01:32 PM

Line Deleted : user_pref("CT2776682.backendstorage.ct2776682ads1", "25374225323261647325323225334125354225374225323261696425323225334125323233313031322532322532432532327469746C652532322533412532322575323032322532302[...]
Line Deleted : user_pref("CT2776682.backendstorage.ct2776682current_term", "");
Line Deleted : user_pref("CT2776682.backendstorage.ct2776682isadsdisabled", "66616C7365");
Line Deleted : user_pref("CT2776682.backendstorage.ct2776682sdate", "32");
Line Deleted : user_pref("CT2776682.backendstorage.hxxp://storage_conduit_com/marketplace/83/6d/8399d181-be98-42f2-b035-1616f617316d/.pricesparrowuuid", "39384345313143432D394638312D344635342D384534382D3633414237463[...]
Line Deleted : user_pref("CT2776682.backendstorage.mam_gk_appsdata", "7B2261707073223A5B7B226964223A225072696365476F6E67222C2275726C223A22687474703A2F2F7072696365676F6E672E636F6E64756974617070732E636F6D2F4D414D2F763[...]
Line Deleted : user_pref("CT2776682.backendstorage.mam_gk_appsdefaultenabled", "6E756C6C");
Line Deleted : user_pref("CT2776682.backendstorage.mam_gk_appstate_couponbuddy", "6F6E");
Line Deleted : user_pref("CT2776682.backendstorage.mam_gk_appstate_easytobook", "6F6E");
Line Deleted : user_pref("CT2776682.backendstorage.mam_gk_appstate_easytobook_targeted", "6F6E");
Line Deleted : user_pref("CT2776682.backendstorage.mam_gk_appstate_pricegong", "6F6E");
Line Deleted : user_pref("CT2776682.backendstorage.mam_gk_appstatereporttime", "31333830373138373636383435");
Line Deleted : user_pref("CT2776682.backendstorage.mam_gk_calledsetupservice", "31");
Line Deleted : user_pref("CT2776682.backendstorage.mam_gk_configuration", "7B22636F6E66696775726174696F6E223A5B7B226964223A2245617379746F626F6F6B5F7461726765746564222C22637269746572696173223A5B7B22637269746572696149[...]
Line Deleted : user_pref("CT2776682.backendstorage.mam_gk_currentversion", "312E31302E342E30");
Line Deleted : user_pref("CT2776682.backendstorage.mam_gk_existingusersrecoverydone", "31");
Line Deleted : user_pref("CT2776682.backendstorage.mam_gk_first_time", "31");
Line Deleted : user_pref("CT2776682.backendstorage.mam_gk_lastlogintime", "31333830373138373633333238");
Line Deleted : user_pref("CT2776682.backendstorage.mam_gk_localization", "7B22676164676574436F6E74656E74506F6C696379223A7B2254657874223A22436F6E74656E7420506F6C696379227D2C226761646765744465736372697074696F6E5072696[...]
Line Deleted : user_pref("CT2776682.backendstorage.mam_gk_mamenabled", "74727565");
Line Deleted : user_pref("CT2776682.backendstorage.mam_gk_settings1.10.4.0", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A2235345F30222C22697354657374223[...]
Line Deleted : user_pref("CT2776682.backendstorage.mam_gk_settings1.4.4.6", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A2236315F2D31222C2269735465737422[...]
Line Deleted : user_pref("CT2776682.backendstorage.mam_gk_settings1.8.0.4", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A22315F30222C22697354657374223A74[...]
Line Deleted : user_pref("CT2776682.backendstorage.mam_gk_showclosebutton", "74727565");
Line Deleted : user_pref("CT2776682.backendstorage.mam_gk_showwelcomegadget", "66616C7365");
Line Deleted : user_pref("CT2776682.backendstorage.mam_gk_user_approval_interacted", "31");
Line Deleted : user_pref("CT2776682.backendstorage.mam_gk_userid", "38346339663536622D363132622D343663652D386631312D353161326633326333656364");
Line Deleted : user_pref("CT2776682.backendstorage.mam_gk_welcomedialogmode", "31");
Line Deleted : user_pref("CT2776682.backendstorage.pg_enable", "74727565");
Line Deleted : user_pref("CT2776682.backendstorage.printitgreenstatus", "74727565");
Line Deleted : user_pref("CT2776682.backendstorage.searchappstate", "32");
Line Deleted : user_pref("CT2776682.backendstorage.searchapptracking", "73656E74");
Line Deleted : user_pref("CT2776682.backendstorage.shoppingapp.gk.exipres", "53756E2053657020323320323031322032303A32303A343720474D542B30383030");
Line Deleted : user_pref("CT2776682.backendstorage.shoppingapp.gk.geolocation", "686F6E67206B6F6E67");
Line Deleted : user_pref("CT2776682.backendstorage.url_history0001", "687474703A2F2F7365617263682E7961686F6F2E636F6D2F722F5F796C743D41326F4B6D4C6350347531506A796F4150714B7A7967742E3B5F796C753D58336F444D5445316344647[...]
Line Deleted : user_pref("CT2776682.cb_experience_000.from_oldbar.enc", "Mg==");
Line Deleted : user_pref("CT2776682.cb_firstuse0100.from_oldbar.enc", "MQ==");
Line Deleted : user_pref("CT2776682.cb_user_id_000.from_oldbar.enc", "Q0IzMjk5NTk5MzM2MDBfMTM4MDY0MTAzNjAzMF9GaXJlZm94");
Line Deleted : user_pref("CT2776682.cbcountry_001.from_oldbar.enc", "SEs=");
Line Deleted : user_pref("CT2776682.cbfirsttime.from_oldbar.enc", "U2F0IEZlYiAyNSAyMDEyIDIzOjI3OjM0IEdNVCswODAw");
Line Deleted : user_pref("CT2776682.countryCode", "HK");
Line Deleted : user_pref("CT2776682.ct2776682ads1.from_oldbar.enc", "JTdCJTIyYWRzJTIyJTNBJTVCJTdCJTIyYWlkJTIyJTNBJTIyMzEwMTIlMjIlMkMlMjJ0aXRsZSUyMiUzQSUyMiV1MjAyMiUyMCV1NEY2MCV1NjcwOSV1RkYwODEldUZGMDkldTc2ODRpUGFkJX[...]
Line Deleted : user_pref("CT2776682.ct2776682current_term.from_oldbar.enc", "AA==");
Line Deleted : user_pref("CT2776682.ct2776682isadsdisabled.from_oldbar.enc", "ZmFsc2U=");
Line Deleted : user_pref("CT2776682.ct2776682sdate.from_oldbar.enc", "Mg==");
Line Deleted : user_pref("CT2776682.firstTimeDialogOpened", true);
Line Deleted : user_pref("CT2776682.fixPageNotFoundErrorByUser", "TRUE");
Line Deleted : user_pref("CT2776682.fixPageNotFoundErrorInHidden", "true");
Line Deleted : user_pref("CT2776682.fullUserID", "UN85432149712201131.UP.207502");
Line Deleted : user_pref("CT2776682.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Line Deleted : user_pref("CT2776682.globalFirstTimeInfoLastCheckTime", "Mon Sep 30 2013 14:00:49 GMT+0800");
Line Deleted : user_pref("CT2776682.homepageProtectorEnableByLogin", true);
Line Deleted : user_pref("CT2776682.hxxp___storage_conduit_com_marketplace_83_6d_8399d181_be98_42f2_b035_1616f617316d_.pricesparrowuuid.from_oldbar.enc", "OThDRTExQ0MtOUY4MS00RjU0LThFNDgtNjNBQjdGNzU5MDk1");
Line Deleted : user_pref("CT2776682.initDone", true);
Line Deleted : user_pref("CT2776682.installId", "ct2776682_brothersoft_extreme.exe");
Line Deleted : user_pref("CT2776682.installType", "ConduitXPEIntegration");
Line Deleted : user_pref("CT2776682.isAppTrackingManagerOn", false);
Line Deleted : user_pref("CT2776682.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT2776682.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2776682.isFirstRadioInstallation", false);
Line Deleted : user_pref("CT2776682.isFirstTimeToolbarLoading", "false");
Line Deleted : user_pref("CT2776682.isPerformedSmartBarTransition", "true");
Line Deleted : user_pref("CT2776682.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT2776682.keyword", true);
Line Deleted : user_pref("CT2776682.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://www.trovigo.com/?gd=&ctid=CT2776682&octid=CT2776682&ISID=ISID_ID&SearchSource=15&CUI=UN85432149712201131&Lay=1&UM=[...]
Line Deleted : user_pref("CT2776682.lastVersion", "10.34.0.503");
Line Deleted : user_pref("CT2776682.mam_gk_appsdata.from_oldbar.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY29tL01BTS92MS9odG1sX2NvbXAuaHRtbCIsInNjcmlwdFVybCI6bnVsbCwi[...]
Line Deleted : user_pref("CT2776682.mam_gk_appsdefaultenabled.from_oldbar.enc", "bnVsbA==");
Line Deleted : user_pref("CT2776682.mam_gk_appstate_couponbuddy.from_oldbar.enc", "b24=");

laiykk 2014-10-7 01:33 PM

Line Deleted : user_pref("CT2776682.mam_gk_appstate_easytobook.from_oldbar.enc", "b24=");
Line Deleted : user_pref("CT2776682.mam_gk_appstate_easytobook_targeted.from_oldbar.enc", "b24=");
Line Deleted : user_pref("CT2776682.mam_gk_appstate_pricegong.from_oldbar.enc", "b24=");
Line Deleted : user_pref("CT2776682.mam_gk_appstatereporttime.from_oldbar.enc", "MTM4MDcxODc2Njg0NQ==");
Line Deleted : user_pref("CT2776682.mam_gk_calledsetupservice.from_oldbar.enc", "MQ==");
Line Deleted : user_pref("CT2776682.mam_gk_configuration.from_oldbar.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkVhc3l0b2Jvb2tfdGFyZ2V0ZWQiLCJjcml0ZXJpYXMiOlt7ImNyaXRlcmlhSWQiOiI0OGVjYTIxMS01YWE1LTQ4NGYtOWYzZS04YTcwODM[...]
Line Deleted : user_pref("CT2776682.mam_gk_currentversion.from_oldbar.enc", "MS4xMC40LjA=");
Line Deleted : user_pref("CT2776682.mam_gk_existingusersrecoverydone.from_oldbar.enc", "MQ==");
Line Deleted : user_pref("CT2776682.mam_gk_first_time.from_oldbar.enc", "MQ==");
Line Deleted : user_pref("CT2776682.mam_gk_lastlogintime.from_oldbar.enc", "MTM4MDcxODc2MzMyOA==");
Line Deleted : user_pref("CT2776682.mam_gk_localization.from_oldbar.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50IFBvbGljeSJ9LCJnYWRnZXREZXNjcmlwdGlvblByaW1hcnkiOnsiVGV4dCI6IlZhbHVlIEFwcHMgZW5yaWNoZXMg[...]
Line Deleted : user_pref("CT2776682.mam_gk_mamenabled.from_oldbar.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT2776682.mam_gk_showclosebutton.from_oldbar.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT2776682.mam_gk_showwelcomegadget.from_oldbar.enc", "ZmFsc2U=");
Line Deleted : user_pref("CT2776682.mam_gk_user_approval_interacted.from_oldbar.enc", "MQ==");
Line Deleted : user_pref("CT2776682.mam_gk_userid.from_oldbar.enc", "ODRjOWY1NmItNjEyYi00NmNlLThmMTEtNTFhMmYzMmMzZWNk");
Line Deleted : user_pref("CT2776682.mam_gk_welcomedialogmode.from_oldbar.enc", "MQ==");
Line Deleted : user_pref("CT2776682.myStuffEnabled", "Q");
Line Deleted : user_pref("CT2776682.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT2776682.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT2776682.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT2776682.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT2776682.navigateToUrlOnSearch", false);
Line Deleted : user_pref("CT2776682.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://BrotherSoftExtreme.OurToolbar.com/\",\[...]
Line Deleted : user_pref("CT2776682.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2776682.oldAppsList", "129288498392881552,129288498393350308,111,129625171796543175,129681725882385585,129861073572888127,129762727427121022,129378290255256948,129288498426163451,12934805[...]
Line Deleted : user_pref("CT2776682.originalHomepage", "chrome://branding/locale/browserconfig.properties");
Line Deleted : user_pref("CT2776682.originalSearchAddressUrl", "");
Line Deleted : user_pref("CT2776682.originalSearchEngine", "chrome://browser-region/locale/region.properties");
Line Deleted : user_pref("CT2776682.performedDomainChangesMigration", "true");
Line Deleted : user_pref("CT2776682.pg_enable.from_oldbar.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT2776682.printitgreenstatus.from_oldbar.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT2776682.revertSettingsEnabled", true);
Line Deleted : user_pref("CT2776682.searchFromAddressBarEnabledByUser", "true");
Line Deleted : user_pref("CT2776682.searchInNewTabEnabledByUser", "true");
Line Deleted : user_pref("CT2776682.searchInNewTabEnabledInHidden", "true");
Line Deleted : user_pref("CT2776682.searchProtectorDialogDelayInSec", 10);
Line Deleted : user_pref("CT2776682.searchProtectorEnableByLogin", true);
Line Deleted : user_pref("CT2776682.searchSuggestEnabledByUser", "true");
Line Deleted : user_pref("CT2776682.searchappstate.from_oldbar.enc", "Mg==");
Line Deleted : user_pref("CT2776682.searchapptracking.from_oldbar.enc", "c2VudA==");
Line Deleted : user_pref("CT2776682.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2776682.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2776682.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT2776682.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2776682\"}");
Line Deleted : user_pref("CT2776682.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://BrotherSoftExtreme.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT2776682.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"BrotherSoft Extreme \"}");
Line Deleted : user_pref("CT2776682.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2776682.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT2776682.serviceLayer_services_Configuration_lastUpdate", "1412591608070");
Line Deleted : user_pref("CT2776682.serviceLayer_services_login_10.20.101.5_lastUpdate", "1387210279065");
Line Deleted : user_pref("CT2776682.serviceLayer_services_login_10.23.0.822_lastUpdate", "1396532901072");
Line Deleted : user_pref("CT2776682.serviceLayer_services_login_10.29.0.520_lastUpdate", "1399378660931");
Line Deleted : user_pref("CT2776682.serviceLayer_services_login_10.30.1.502_lastUpdate", "1401423193090");
Line Deleted : user_pref("CT2776682.serviceLayer_services_login_10.31.2.501_lastUpdate", "1404393891554");
Line Deleted : user_pref("CT2776682.serviceLayer_services_login_10.33.0.505_lastUpdate", "1410086102927");
Line Deleted : user_pref("CT2776682.serviceLayer_services_login_10.33.0.517_lastUpdate", "1412080467733");
Line Deleted : user_pref("CT2776682.serviceLayer_services_login_10.34.0.503_lastUpdate", "1412591606975");
Line Deleted : user_pref("CT2776682.serviceLayer_services_searchAPI_lastUpdate", "1412591607753");
Line Deleted : user_pref("CT2776682.serviceLayer_services_serviceMap_lastUpdate", "1412591606841");
Line Deleted : user_pref("CT2776682.serviceLayer_services_toolbarSettings_lastUpdate", "1412591606311");
Line Deleted : user_pref("CT2776682.serviceLayer_services_translation_lastUpdate", "1412591606741");
Line Deleted : user_pref("CT2776682.settingsINI", true);
Line Deleted : user_pref("CT2776682.showToolbarPermission", "false");
Line Deleted : user_pref("CT2776682.smartbar.CTID", "CT2776682");
Line Deleted : user_pref("CT2776682.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT2776682.smartbar.toolbarName", "BrotherSoft Extreme ");
Line Deleted : user_pref("CT2776682.testingCtid", "");
Line Deleted : user_pref("CT2776682.toolbarAppMetaDataLastCheckTime", "Sat Dec 14 2013 13:49:18 GMT+0800");
Line Deleted : user_pref("CT2776682.toolbarBornServerTime", "25-2-2012");
Line Deleted : user_pref("CT2776682.toolbarContextMenuLastCheckTime", "Mon Sep 30 2013 14:00:48 GMT+0800");
Line Deleted : user_pref("CT2776682.toolbarCurrentServerTime", "6-10-2014");
Line Deleted : user_pref("CT2776682.toolbarLoginClientTime", "Sun Dec 15 2013 22:13:11 GMT+0800");
Line Deleted : user_pref("CT2776682.upgradeFromOBVersion", true);
Line Deleted : user_pref("CT2776682.url_history0001.from_oldbar.enc", "aHR0cDovL3NlYXJjaC55YWhvby5jb20vci9feWx0PUEyb0ttTGNQNHUxUGp5b0FQcUt6eWd0LjtfeWx1PVgzb0RNVEUxY0Rkck1teHdCSE5sWXdOemNnUndiM01ETWdSamIyeHZBM05uTXdS[...]
Line Deleted : user_pref("CT2776682.usagesFlag", 2);
Line Deleted : user_pref("CT2776682_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1412591601905,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2776682/CT2776682", "\"f47bb3c6ed58077e898dbc17e4575b9e3\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1168776/1164461/HK", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2776682", "\"1365594846\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "C5ZJe6gL80JBW5CuLy+wkg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en&ctid=CT2776682", "b5I8zzzMgsg0XG/fawLlFw==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "mfQ70fvlD2zuBxSBj8rQqA==");

laiykk 2014-10-7 01:34 PM

Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en&ctid=CT2776682", "9uXRY86McHhmOreOHsv6MA==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "k9un27OkAvkwB2ZmvXxTnA==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en&ctid=CT2776682", "I1tfz7EBg4DmNytL9x55lQ==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "FqddrIU7eyJgaaLyHDeVMQ==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en&ctid=CT2776682", "ZI41WLbm1fFgx4gn0bs99Q==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"ea2cd4d5b586ce1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10.0.1", "\"97e416bb586ce1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.20.0.4", "\"9f8d2729abc2ce1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://ip2location.conduit-services.com/ip/?ctid=CT2776682&ver=3.20.0.4&client=ToolbarConfiguration", "\"47bd47bc45acc25f46225f9df9d4f18d\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2776682", "\"52c3f1538cb4af4ada257fcbc6b15d49\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE", "\"570022812a2886069d9aec5f179dd5a2\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"968402cf2834e7ec0f38a19f0e9a9eb0\"");
Line Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\user\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\w7oirg3c.default\\conduitCommon\\modules\\3.20.0.4");
Line Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.20.0.4");
Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2776682");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2776682");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2776682");
Line Deleted : user_pref("CommunityToolbar.globalUserId", "5019ae60-0f18-49f3-869c-2fc6f1529513");
Line Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2776682");
Line Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Sep 30 2013 14:00:48 GMT+0800");
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Tue Oct 01 2013 23:10:52 GMT+0800");
Line Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Line Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Tue Oct 01 2013 23:10:44 GMT+0800");
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Line Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Line Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Line Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Line Deleted : user_pref("CommunityToolbar.notifications.userId", "567e8326-252a-4b70-a3a6-2348d225fc16");
Line Deleted : user_pref("CommunityToolbar.originalHomepage", "chrome://branding/locale/browserconfig.properties");
Line Deleted : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT2776682");
Line Deleted : user_pref("keyword.URL", "hxxp://trovi.com/ResultsExt.aspx?ctid=CT2776682&SearchSource=2&CUI=UN85432149712201131&UM=&q=");
Line Deleted : user_pref("plugin.state.npconduitfirefoxplugin", 2);
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT2776682");
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2776682&SearchSource=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2776682&SearchSource=2&CU[...]
Line Deleted : user_pref("smartbar.machineId", "LUUL9ZQ6YX2LI1OIYUNX69CIYMCT1LC3DC9I0BOUJUPUKVPR1HJMRV8BUAGG3JHSMABCV+C8X1JGTA6ZUFJ2DA");
Line Deleted : user_pref("smartbar.searchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2776682&SearchSource=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2776682&SearchSource=2&CUI=UN854[...]
Line Deleted : user_pref("valueApps.CT2776682.mam_gk_currentVersion", "312E31342E312E36");
Line Deleted : user_pref("valueApps.CT2776682.mam_gk_currentVersion.storedInFile", false);
Line Deleted : user_pref("valueApps.CT2776682.mam_gk_migrated_from_ls", "31");
Line Deleted : user_pref("valueApps.CT2776682.mam_gk_migrated_from_ls.storedInFile", false);
Line Deleted : user_pref("valueApps.CT2776682.mam_gk_userBornDate", "4E2F41");
Line Deleted : user_pref("valueApps.CT2776682.mam_gk_userBornDate.storedInFile", false);
Line Deleted : user_pref("valueApps.CT2776682.mam_gk_userId", "38346339663536622D363132622D343663652D386631312D353161326633326333656364");
Line Deleted : user_pref("valueApps.CT2776682.mam_gk_userId.storedInFile", false);

-\\ Google Chrome v

[ File : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [52649 octets] - [07/10/2014 13:13:11]
AdwCleaner[S0].txt - [53637 octets] - [07/10/2014 13:19:17]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [53698 octets] ##########

laiykk 2014-10-7 01:41 PM

非常非常感謝 Malware Fighter 資深版主的幫忙, 問題已經解決

:loveliness:

geck789 2014-10-8 12:28 AM

OK.

之前 AdwCleaner 刪除左以下軟件,如果有需要,請你自行重新安裝。

Baidu
AskToolbar

如無問題,打開 AdwCleaner,按 [b]Uninstall[/b],再按 [b]Yes[/b] 缷載 AdwCleaner
頁: [1]
查看完整版本: 開機時出現 "APISUPPORT.DLL 發生問題"