Logfile of HijackThis v1.99.1
Scan saved at 17:04:15, on 2006-7-17
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\temp\vvsetup.exe
C:\WINDOWS\system32\Rtvcan.exe
C:\WINDOWS\System\svchost.exe
C:\WINDOWS\system32\uchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Tencent\TT\TTraveler.exe
F:\Program Files\TENCENT\QQ.exe
F:\Program Files\TENCENT\TIMPlatform.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\ServeHost.exe
C:\WINDOWS\System32\VIPTray.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\SearchNet\SearchNet.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\conime.exe
C:\Documents and Settings\mp\My Documents\ishare_user.exe
C:\Program Files\Tencent\TT\TTraveler.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Messenger\msmsgs.exe
I:\GSD song\HijackThis.exe
R3 - URLSearchHook: (no name) - {982CB676-38F0-4D9A-BB72-D9371ABE876E} - (no file)
R3 - URLSearchHook: (no name) - {BAB1AC41-6FF7-4F2E-A04E-5C592CCFEA7D} - (no file)
O2 - BHO: (no name) - {00014B58-338A-45F2-81E2-6A86F27399B7} - C:\PROGRA~1\INTERN~1\PLUGINS\BOBOHE~1.DLL
O2 - BHO: ThunderIEHelper - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v4.dll
O2 - BHO: MonitorURL Class - {08A312BB-5409-49FC-9347-54BB7D069AC6} - C:\PROGRA~1\DESKAD~1\deskipn.dll
O2 - BHO: ChajianHelper Class - {0CB66BA8-5E1F-4963-93D1-E1D6B78FE9A2} - C:\WINDOWS\system32\SYSREA~1.DLL
O2 - BHO: XBTP05430 - {1105C073-88DE-4b63-B795-07B06C5A7E7E} - C:\PROGRA~1\MY137T~1\my171.dll
O2 - BHO: IE Address Browser Helper - {2A0176FE-008B-4706-90F5-BBA532A49731} - C:\Program Files\SearchNet\SNHpr.dll
O2 - BHO: BrowserHelper Class - {2D99E8F4-56B7-457B-9A92-61B5D247D263} - C:\WINDOWS\system32\WinDefendor.dll
O2 - BHO: CAISHOW TOOLBAR - {3AF40CB8-B3BA-4E2D-8968-4BF8DB172997} - C:\Program Files\CaiShow Tech\CaiShow\BrowerHelper.dll
O2 - BHO: IE Browser Helper - {3CE496D1-1746-41CD-9489-3C0B93DF10E2} - C:\WINDOWS\Downlo~1\axs3u1.dll
O2 - BHO: Deliverer Class - {3E290290-1728-4C1E-863A-AA12526333F6} - C:\WINDOWS\system32\ControlPanel.{21EC2020-3AEA-1069-A2DD-08002B30309d}\ControlPanel\Addeliverer.dll
O2 - BHO: NaviHelperObj Class - {3E422F49-1566-40D3-B43D-077EF739AC32} - C:\WINDOWS\NaviHelper.dll
O2 - BHO: 网络加速 - {5673A7C0-95CC-4646-BB07-3BD71234CEF9} - C:\WINDOWS\system32\wuwebex.dll
O2 - BHO: Macrosoft Class - {58DB541D-F15A-4e95-A5D9-5DF5EE13920C} - c:\windows\system32\winlogin.dll
O2 - BHO: IHiu Class - {67A06BB1-027B-4E94-8C3D-2DCD5E808A28} - C:\WINDOWS\system32\Services.dll
O2 - BHO: Helper Class - {6E28339B-7A2A-47B6-AEB2-197004272379} - C:\WINDOWS\vchelper.dll
O2 - BHO: CpapView Class - {77962960-536E-47EC-9DDB-52651519705F} - C:\WINDOWS\system32\Rundll32.dll
O2 - BHO: win32core Class - {A297EEAE-A541-496B-B2AE-554AD0153B72} - C:\WINDOWS\system32\win32help02.dll
O2 - BHO: IEhlprObj Class - {A3803141-3CF5-4D66-B7EA-8D2674FE152C} - C:\WINDOWS\stdie.dll
O2 - BHO: internet explorer helper - {F7911E65-B01C-4A58-AEC7-53085ECA70A5} - C:\WINDOWS\system32\mshlink.dll
O3 - Toolbar: BitCometBar - {3F1ABCDB-A875-46c1-8345-B72A4567E486} - C:\Program Files\BitComet\BitCometBar\BitCometBar0.2.dll
O3 - Toolbar: My137Toolbar - {C49DD894-C6DE-4910-8C41-BA20F852D8BC} - C:\Program Files\My137Toolbar\my171.dll
O3 - Toolbar: Alexa - {3CEFF6CD-6F08-4e4d-BCCD-FF7415288C3B} - C:\WINDOWS\system32\SHDOCVW.DLL
O4 - HKLM\..\Run: [ShStatEXE> "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI> "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service> "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [SoundMan> SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon> RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz> nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter> RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe> "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [qcsszjcz> d:\chenhu2\chenqxms.exe
O4 - HKLM\..\Run: [WinDir> C:\WINDOWS\system32\WinDir.exe
O4 - HKLM\..\Run: [Servicest> C:\WINDOWS\system32\Servicest.exe
O4 - HKLM\..\Run: [untmsg> C:\WINDOWS\temp\vvsetup.exe
O4 - HKLM\..\Run: [cxz> RunDll32 "C:\WINDOWS\Downlo~1\cxz.dll",Run
O4 - HKLM\..\Run: [Desktop> C:\WINDOWS\system32\rundll32.exe "C:\Program Files\DeskAdTop\Run.dll" ,Rundll
O4 - HKLM\..\Run: [SearchNet_Up> "C:\Program Files\SearchNet\ServeUp.exe"
O4 - HKLM\..\Run: [Rtvcan> C:\WINDOWS\system32\Rtvcan.exe
O4 - HKLM\..\Run: [ourech6> C:\WINDOWS\System\svchost.exe
O4 - HKLM\..\Run: [DAEMON Tools> "E:\ABC\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [ATICardInit> VideoAti0.exe
O4 - HKLM\..\Run: [3721> C:\Program Files\systems\pvv.exe
O4 - HKLM\..\Run: [baidu> C:\Program Files\systems\Call.exe
O4 - HKLM\..\Run: [Str3> hongqt
O4 - HKLM\..\Run: [LongData> 焼�
O4 - HKLM\..\Run: [BinaryData> �"3D梯
O4 - HKLM\..\Run: [uchost> C:\WINDOWS\system32\uchost.exe
O4 - HKCU\..\Run: [LocalSystem> C:\WINDOWS\system\svchost.exe
O4 - HKCU\..\Run: [sys1> Rundll32.exe C:\WINDOWS\system32\Upsrv.dll,Run
O4 - HKCU\..\Run: [startkey> C:\WINDOWS\system32\server.exe
O4 - HKCU\..\Run: [msnnt> C:\WINDOWS\Updatec.exe
O4 - HKCU\..\Run: [ctfmon.exe> C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MyShares> c:\program Files\易虎\MyShares.exe /tray
O4 - HKCU\..\Run: [caishowmanage> C:\Program Files\CaiShow Tech\CaiShow\UpdateManager.EXE
O4 - HKCU\..\Run: [MSMSGS> "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: 腾讯QQ.lnk = F:\Program Files\TENCENT\QQ.exe
O4 - Global Startup: IE-BAR.lnk = ?
O8 - Extra context menu item: !搜一搜(&S) - res://C:\Program Files\YiSou\yisou.dll/232
O8 - Extra context menu item: >>彩信发送<< - res://C:\PROGRA~1\MMSASS~1\mmsass~1.dll/mms.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - F:\Program Files\TENCENT\AddToNetDisk.htm
O8 - Extra context menu item: 使用超级解霸播放 - C:\Program Files\Herosoft\Hero 9\MPURLGET.HTM
O8 - Extra context menu item: 使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\geturl.htm
O8 - Extra context menu item: 使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\getallurl.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ自定义面板 - F:\Program Files\TENCENT\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - F:\Program Files\TENCENT\AddEmotion.htm
O8 - Extra context menu item: 添加到雅虎订阅(&Y) - res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrss.dll/YRSSMENUEXT
O8 - Extra context menu item: 用QQ彩信发送该图片 - F:\Program Files\TENCENT\SendMMS.htm
O8 - Extra context menu item: 用炫彩图铃发送该图片 - C:\Program Files\CaiShow Tech\CaiShow\SendMMS.htm
O9 - Extra button: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-E800A446447A} - C:\Program Files\浩方对战平台\GameClient.exe
O9 - Extra button: 豪杰超级解霸9 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - C:\Program Files\Herosoft\Hero 9\STHSDVD.EXE
O9 - Extra 'Tools' menuitem: 豪杰超级解霸9 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - C:\Program Files\Herosoft\Hero 9\STHSDVD.EXE
O9 - Extra button: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: 中国最大小区互动平台 - {bf80e5ce-44f9-4954-9ec9-ca5bb86346cd} - (file missing)
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - F:\Program Files\TENCENT\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - F:\Program Files\TENCENT\QQ.EXE
O9 - Extra button: 易趣购物 - {DE607141-AC19-421e-861A-1D70ABDF119A} - (file missing)
O9 - Extra 'Tools' menuitem: 易趣购物 - {DE607141-AC19-421e-861A-1D70ABDF119A} - (file missing)
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - F:\Program Files\TENCENT\QQIEHelper.dll
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - F:\Program Files\TENCENT\QQIEHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\msplus.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\upfdll.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\upfdll.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msplus.dll
O16 - DPF: {5932517A-3326-4439-A708-1C98EDB5C549} (Downloader Class) - file://C:\Documents and Settings\All Users\Application Data\Share Helper\Cast\GGS\db62f9614a\js\iMopDl.cab
O16 - DPF: {A96C48EA-AA88-4BBD-B58C-7B41146A6EAC} (Qzone Media Tools) -
O16 - DPF: {F138084D-84D7-48CD-BEA8-04772457516E} (VqqSpeedDlProxy Class) -
O20 - AppInit_DLLs: C:\WINDOWS\system32\SoDAHK.DLL
O21 - SSODL: SysTime - {724C75F1-B757-408D-A50A-4CF99DA35D73} - C:\PROGRA~1\WinKld\WinKld.dll (file missing)
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee Framework 服务 (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Desktop Help Session Ma - Unknown owner - C:\Program Files\Internet Explorer\explore.exe
O23 - Service: Remote Log - Beijing zhongsou online software - C:\WINDOWS\system32\ServeHost.exe
O23 - Service: VIPTray - Unknown owner - C:\WINDOWS\System32\VIPTray.exe
O23 - Service: WinkldUP - Unknown owner - C:\DOCUME~1\mp\LOCALS~1\Temp\wz\wz.exe (file missing)
O23 - Service: YUGE_pigeon_server1.23 (YUGEPigeonServer1.23) - Unknown owner - C:\WINDOWS\G_Server1.23.exe
这样的机子能正常嘛..间谍软件、木马一堆堆的~~
下载恶意软件清理助手升级到最新版本在安全模式下强行删除流氓软件
并在安全模式下
R3 - URLSearchHook: (no name) - {982CB676-38F0-4D9A-BB72-D9371ABE876E} - (no file)
R3 - URLSearchHook: (no name) - {BAB1AC41-6FF7-4F2E-A04E-5C592CCFEA7D} - (no file)
O2 - BHO: (no name) - {00014B58-338A-45F2-81E2-6A86F27399B7} - C:\PROGRA~1\INTERN~1\PLUGINS\BOBOHE~1.DLL
O2 - BHO: ThunderIEHelper - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v4.dll
O2 - BHO: MonitorURL Class - {08A312BB-5409-49FC-9347-54BB7D069AC6} - C:\PROGRA~1\DESKAD~1\deskipn.dll
O2 - BHO: ChajianHelper Class - {0CB66BA8-5E1F-4963-93D1-E1D6B78FE9A2} - C:\WINDOWS\system32\SYSREA~1.DLL
O2 - BHO: XBTP05430 - {1105C073-88DE-4b63-B795-07B06C5A7E7E} - C:\PROGRA~1\MY137T~1\my171.dll
O2 - BHO: IE Address Browser Helper - {2A0176FE-008B-4706-90F5-BBA532A49731} - C:\Program Files\SearchNet\SNHpr.dll
O2 - BHO: BrowserHelper Class - {2D99E8F4-56B7-457B-9A92-61B5D247D263} - C:\WINDOWS\system32\WinDefendor.dll
O2 - BHO: CAISHOW TOOLBAR - {3AF40CB8-B3BA-4E2D-8968-4BF8DB172997} - C:\Program Files\CaiShow Tech\CaiShow\BrowerHelper.dll
O2 - BHO: IE Browser Helper - {3CE496D1-1746-41CD-9489-3C0B93DF10E2} - C:\WINDOWS\Downlo~1\axs3u1.dll
O2 - BHO: Deliverer Class - {3E290290-1728-4C1E-863A-AA12526333F6} - C:\WINDOWS\system32\ControlPanel.{21EC2020-3AEA-1069-A2DD-08002B30309d}\ControlPanel\Addeliverer.dll
O2 - BHO: NaviHelperObj Class - {3E422F49-1566-40D3-B43D-077EF739AC32} - C:\WINDOWS\NaviHelper.dll
O2 - BHO: 网络加速 - {5673A7C0-95CC-4646-BB07-3BD71234CEF9} - C:\WINDOWS\system32\wuwebex.dll
O2 - BHO: Macrosoft Class - {58DB541D-F15A-4e95-A5D9-5DF5EE13920C} - c:\windows\system32\winlogin.dll
O2 - BHO: IHiu Class - {67A06BB1-027B-4E94-8C3D-2DCD5E808A28} - C:\WINDOWS\system32\Services.dll
O2 - BHO: Helper Class - {6E28339B-7A2A-47B6-AEB2-197004272379} - C:\WINDOWS\vchelper.dll
O2 - BHO: CpapView Class - {77962960-536E-47EC-9DDB-52651519705F} - C:\WINDOWS\system32\Rundll32.dll
O2 - BHO: win32core Class - {A297EEAE-A541-496B-B2AE-554AD0153B72} - C:\WINDOWS\system32\win32help02.dll
O2 - BHO: IEhlprObj Class - {A3803141-3CF5-4D66-B7EA-8D2674FE152C} - C:\WINDOWS\stdie.dll
O2 - BHO: internet explorer helper - {F7911E65-B01C-4A58-AEC7-53085ECA70A5} - C:\WINDOWS\system32\mshlink.dll
O3 - Toolbar: BitCometBar - {3F1ABCDB-A875-46c1-8345-B72A4567E486} - C:\Program Files\BitComet\BitCometBar\BitCometBar0.2.dll
O3 - Toolbar: My137Toolbar - {C49DD894-C6DE-4910-8C41-BA20F852D8BC} - C:\Program Files\My137Toolbar\my171.dll
O3 - Toolbar: Alexa - {3CEFF6CD-6F08-4e4d-BCCD-FF7415288C3B} - C:\WINDOWS\system32\SHDOCVW.DLL
修复以上~~
O4 - HKLM\..\Run: [Servicest> C:\WINDOWS\system32\Servicest.exe
O4 - HKLM\..\Run: [untmsg> C:\WINDOWS\temp\vvsetup.exe
O4 - HKLM\..\Run: [cxz> RunDll32 "C:\WINDOWS\Downlo~1\cxz.dll",Run
O4 - HKLM\..\Run: [Desktop> C:\WINDOWS\system32\rundll32.exe "C:\Program Files\DeskAdTop\Run.dll" ,Rundll
O4 - HKLM\..\Run: [SearchNet_Up> "C:\Program Files\SearchNet\ServeUp.exe"
O4 - HKLM\..\Run: [Rtvcan> C:\WINDOWS\system32\Rtvcan.exe
O4 - HKLM\..\Run: [ourech6> C:\WINDOWS\System\svchost.exe
O4 - HKLM\..\Run: [ATICardInit> VideoAti0.exe
O4 - HKLM\..\Run: [3721> C:\Program Files\systems\pvv.exe
O4 - HKLM\..\Run: [baidu> C:\Program Files\systems\Call.exe
O4 - HKLM\..\Run: [Str3> hongqt
O4 - HKLM\..\Run: [LongData> 焼�
O4 - HKLM\..\Run: [BinaryData> �"3D梯
O4 - HKLM\..\Run: [uchost> C:\WINDOWS\system32\uchost.exe
O4 - HKCU\..\Run: [LocalSystem> C:\WINDOWS\system\svchost.exe
O4 - HKCU\..\Run: [sys1> Rundll32.exe C:\WINDOWS\system32\Upsrv.dll,Run
O4 - HKCU\..\Run: [msnnt> C:\WINDOWS\Updatec.exe
乱七八糟的软件一大堆~~修复!!
[ 本帖最后由 ght2811 于 2006-7-17 18:46 编辑 >
O23 - Service: Remote Desktop Help Session Ma - Unknown owner - C:\Program Files\Internet Explorer\explore.exe
O23 - Service: Remote Log - Beijing zhongsou online software - C:\WINDOWS\system32\ServeHost.exe
O23 - Service: VIPTray - Unknown owner - C:\WINDOWS\System32\VIPTray.exe
O23 - Service: WinkldUP - Unknown owner - C:\DOCUME~1\mp\LOCALS~1\Temp\wz\wz.exe (file missing)
O23 - Service: YUGE_pigeon_server1.23 (YUGEPigeonServer1.23) - Unknown owner - C:\WINDOWS\G_Server1.23.exe
有点矛眼递了~~~
强烈建议楼主重装系统了~~这机子整好也是残花败柳了!!
O23 - Service: Remote Desktop Help Session Ma - Unknown owner - C:\Program Files\Internet Explorer\explore.exe
关闭服务,删除文件,据说是鸽子,俺还是头一回看到这样的服务项!
O23 - Service: Remote Log - Beijing zhongsou online software - C:\WINDOWS\system32\ServeHost.exe
中搜那垃圾~
O23 - Service: VIPTray - Unknown owner - C:\WINDOWS\System32\VIPTray.exe
这个进程百度一下吧,太多了!!
O23 - Service: WinkldUP - Unknown owner - C:\DOCUME~1\mp\LOCALS~1\Temp\wz\wz.exe (file missing)
关闭服务,清空C:\DOCUME~1\mp\LOCALS~1\Temp下的所有东东!!
O23 - Service: YUGE_pigeon_server1.23 (YUGEPigeonServer1.23) - Unknown owner - C:\WINDOWS\G_Server1.23.exe
又是鸽子,见红桃的鸽子贴吧!!
偶就说一些重点吧!
修复删除以下项(并清空自已和系统的临时文件夹、IE缓存):
O23 - Service: VIPTray - Unknown owner - C:\WINDOWS\System32\VIPTray.exe
O23 - Service: WinkldUP - Unknown owner - C:\DOCUME~1\mp\LOCALS~1\Temp\wz\wz.exe (file missing)
O23 - Service: YUGE_pigeon_server1.23 (YUGEPigeonServer1.23) - Unknown owner - C:\WINDOWS\G_Server1.23.exe
O23 - Service: Remote Desktop Help Session Ma - Unknown owner - C:\Program Files\Internet Explorer\explore.exe
O23 - Service: Remote Log - Beijing zhongsou online software - C:\WINDOWS\system32\ServeHost.exe
O21 - SSODL: SysTime - {724C75F1-B757-408D-A50A-4CF99DA35D73} - C:\PROGRA~1\WinKld\WinKld.dll (file missing)
O4 - Global Startup: IE-BAR.lnk = ?
O4 - HKLM\..\Run: [3721> C:\Program Files\systems\pvv.exe
O4 - HKLM\..\Run: [baidu> C:\Program Files\systems\Call.exe
O4 - HKLM\..\Run: [Str3> hongqt
O4 - HKLM\..\Run: [LongData> 焼�
O4 - HKLM\..\Run: [BinaryData> �"3D梯
O4 - HKLM\..\Run: [uchost> C:\WINDOWS\system32\uchost.exe
O4 - HKCU\..\Run: [LocalSystem> C:\WINDOWS\system\svchost.exe
O4 - HKCU\..\Run: [sys1> Rundll32.exe C:\WINDOWS\system32\Upsrv.dll,Run
O4 - HKCU\..\Run: [startkey> C:\WINDOWS\system32\server.exe
O4 - HKLM\..\Run: [ATICardInit> VideoAti0.exe
O4 - HKLM\..\Run: [ourech6> C:\WINDOWS\System\svchost.exe
O4 - HKLM\..\Run: [WinDir> C:\WINDOWS\system32\WinDir.exe
O4 - HKLM\..\Run: [Servicest> C:\WINDOWS\system32\Servicest.exe
O4 - HKLM\..\Run: [untmsg> C:\WINDOWS\temp\vvsetup.exe
O4 - HKLM\..\Run: [cxz> RunDll32 "C:\WINDOWS\Downlo~1\cxz.dll",Run
O4 - HKLM\..\Run: [Desktop> C:\WINDOWS\system32\rundll32.exe "C:\Program Files\DeskAdTop\Run.dll" ,Rundll
O4 - HKLM\..\Run: [SearchNet_Up> "C:\Program Files\SearchNet\ServeUp.exe"
O3 - Toolbar: My137Toolbar - {C49DD894-C6DE-4910-8C41-BA20F852D8BC} - C:\Program Files\My137Toolbar\my171.dll
O2 - BHO: MonitorURL Class - {08A312BB-5409-49FC-9347-54BB7D069AC6} - C:\PROGRA~1\DESKAD~1\deskipn.dll
O2 - BHO: ChajianHelper Class - {0CB66BA8-5E1F-4963-93D1-E1D6B78FE9A2} - C:\WINDOWS\system32\SYSREA~1.DLL
O2 - BHO: XBTP05430 - {1105C073-88DE-4b63-B795-07B06C5A7E7E} - C:\PROGRA~1\MY137T~1\my171.dll
O2 - BHO: IE Address Browser Helper - {2A0176FE-008B-4706-90F5-BBA532A49731} - C:\Program Files\SearchNet\SNHpr.dll
O2 - BHO: BrowserHelper Class - {2D99E8F4-56B7-457B-9A92-61B5D247D263} - C:\WINDOWS\system32\WinDefendor.dll
O2 - BHO: CAISHOW TOOLBAR - {3AF40CB8-B3BA-4E2D-8968-4BF8DB172997} - C:\Program Files\CaiShow Tech\CaiShow\BrowerHelper.dll
O2 - BHO: IE Browser Helper - {3CE496D1-1746-41CD-9489-3C0B93DF10E2} - C:\WINDOWS\Downlo~1\axs3u1.dll
O2 - BHO: Deliverer Class - {3E290290-1728-4C1E-863A-AA12526333F6} - C:\WINDOWS\system32\ControlPanel.{21EC2020-3AEA-1069-A2DD-08002B30309d}\ControlPanel\Addeliverer.dll
O2 - BHO: NaviHelperObj Class - {3E422F49-1566-40D3-B43D-077EF739AC32} - C:\WINDOWS\NaviHelper.dll
O2 - BHO: 网络加速 - {5673A7C0-95CC-4646-BB07-3BD71234CEF9} - C:\WINDOWS\system32\wuwebex.dll
O2 - BHO: Macrosoft Class - {58DB541D-F15A-4e95-A5D9-5DF5EE13920C} - c:\windows\system32\winlogin.dll
O2 - BHO: IHiu Class - {67A06BB1-027B-4E94-8C3D-2DCD5E808A28} - C:\WINDOWS\system32\Services.dll
O2 - BHO: Helper Class - {6E28339B-7A2A-47B6-AEB2-197004272379} - C:\WINDOWS\vchelper.dll
O2 - BHO: CpapView Class - {77962960-536E-47EC-9DDB-52651519705F} - C:\WINDOWS\system32\Rundll32.dll
O2 - BHO: win32core Class - {A297EEAE-A541-496B-B2AE-554AD0153B72} - C:\WINDOWS\system32\win32help02.dll
O2 - BHO: IEhlprObj Class - {A3803141-3CF5-4D66-B7EA-8D2674FE152C} - C:\WINDOWS\stdie.dll
O2 - BHO: internet explorer helper - {F7911E65-B01C-4A58-AEC7-53085ECA70A5} - C:\WINDOWS\system32\mshlink.dll
谢谢两位了,我先试着修复一下,实在不行就重装了...
当然要先试一下了,练练手艺;装东西千万不能一劲的“下一步”,好多软件捆绑了流氓程序,一定要看清啊!!! |
|
设为首页
加入收藏
联系我们
打印本文 
返回顶部 
加入收藏 
关闭窗口
