日不懂啊 - 2008-5-27 16:06:00
用附件的XDELBOX删除下面文件
C:\WINDOWS\system32\fmsiocps.dll
C:\WINDOWS\system32\plwoat.dll
C:\WINDOWS\system32\nyjpnb.dll
C:\WINDOWS\system32\tqlgcl.dll
C:\WINDOWS\system32\cjqksv.dll
C:\WINDOWS\system32\msosmnsf01.dll
C:\WINDOWS\system32\msoscqit01.dll
C:\WINDOWS\system32\msosfmsq00.dll
C:\WINDOWS\system32\msosptfs00.dll
C:\WINDOWS\system32\msosjtio00.dll
C:\WINDOWS\system32\vbirfa.dll
C:\WINDOWS\system32\9rcx.dll
C:\WINDOWS\system32\cuatgj.dll
C:\WINDOWS\system32\anistio.dll
C:\WINDOWS\system32\dionpis.dll
C:\WINDOWS\system32\fmsjhif.dll
C:\WINDOWS\system32\dbhlp32.dlL
C:\WINDOWS\system32\bincdwsa.dll
C:\WINDOWS\system32\fmsbbqi.dll
C:\WINDOWS\system32\hefcndy.dll
C:\WINDOWS\system32\ibmkyqcz.dll
C:\WINDOWS\system32\ptshell.dll
C:\WINDOWS\system32\yuiabct.dll
C:\WINDOWS\system32\ticisms.dll
C:\WINDOWS\system32\mfchlp64.dll
C:\WINDOWS\system32\dndsioc.dll
C:\WINDOWS\system32\fmbiost.dll
C:\WINDOWS\system32\isndntio.dll
C:\WINDOWS\system32\WINSvr64.dll
C:\WINDOWS\system32\huifitc.dll
C:\WINDOWS\system32\drivers\msosmsp2p32.sys
C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys
复制以上文件,从剪贴板导入,抑制再生,选择重起删除
删除以后,用SRENG
删除注册表中
<fmsiocps><C:\WINDOWS\fmsiocps.exe> []
<anistio><C:\WINDOWS\anistio.exE> []
<dionpis><C:\WINDOWS\dionpis.exe> []
<hefcndy><C:\WINDOWS\hefcndy.exe> []
<fmsbbqi><C:\WINDOWS\fmsbbqi.exe> []
<bincdwsa><C:\WINDOWS\bincdwsa.exe> []
<dbhlp32><C:\WINDOWS\dbhlp32.exe> []
<fmsjhif><C:\WINDOWS\fmsjhif.exe> []
<qebdtkwm><C:\WINDOWS\edkmezsm.exe> []
<ptshell><C:\WINDOWS\ptshell.exe> []
<ticisms><C:\WINDOWS\ticisms.exe> []
<yuiabct><C:\WINDOWS\yuiabct.exe> []
<mfchlp64><C:\WINDOWS\mfchlp64.exe> []
<dndsioc><C:\WINDOWS\dndsioc.exe> []
<WINSvr64><C:\WINDOWS\WINSvr64.exe> []
<fmbiost><C:\WINDOWS\fmbiost.exe> []
<isndntio><C:\WINDOWS\isndntio.exe> []
<huifitc><C:\WINDOWS\huifitc.exe> []
<51GG><C:\Program Files\51\Guagua\51GG.exe> [www.51.com]
编辑 <AppInit_DLLs><fmsiocps.dll,plwoat.dll,nyjpnb.dll,tqlgcl.dll,cjqksv.dll,msosping00.dll,msosmnsf01.dll,msosmhfp01.dll,msoscqit01.dll,nicozftp01.dll,msosfmsq00.dll,msosptfs00.dll,msosdrop01.dll,msosdohs01.dll,msosjtio00.dll,vbirfa.dll,ieprot.dll,cuatgj.dll> []为空
删除驱动
[2u3vf0 / 2u3vf0y][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\2u3vf0y.sys><N/A>
[cnprov / cnprov][Running/Boot Start]
<\SystemRoot\system32\drivers\cnprov.sys><中国互联网络信息中心(CNNIC)>
[cqit / cqit][Stopped/Auto Start]
<\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmpAE.tmp><N/A>
[dohs / dohs][Stopped/Auto Start]
<\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmpB2.tmp><N/A>
[drop / drop][Stopped/Auto Start]
<\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmpC0.tmp><N/A>
[fmsq / fmsq][Stopped/Auto Start]
<\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmpBE.tmp><N/A>
[hc6x / hc6x][Stopped/Boot Start]
<\SystemRoot\system32\drivers\hc6x.sys><N/A>
[idnaux / idnaux][Running/Auto Start]
<system32\drivers\idnaux.sys><中国互联网络信息中心(CNNIC)>
[jtio / jtio][Stopped/Auto Start]
<\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmpC2.tmp><N/A>
[mhfp / mhfp][Stopped/Auto Start]
<\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmpA5.tmp><N/A>
[mnsf / mnsf][Stopped/Auto Start]
<\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmpB0.tmp><N/A>
[msp2p32 / msp2p32][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\msosmsp2p32.sys><N/A>
[System event loader / ntptdb][Stopped/Auto Start]
<\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
[ping / ping][Stopped/Auto Start]
<\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmpBA.tmp><N/A>
[ptfs / ptfs][Stopped/Auto Start]
<\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmpB8.tmp><N/A>
[zftp / zftp][Stopped/Auto Start]
<\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmpAA.tmp><N/A>
找到文件c:\windows\win.ini
删除类似如图的内容
然后下载arswp(Windows清理助手)清理下..
http://www.arswp.com/download/arswp/arswp.rar
清理临时文件夹:
打开我的电脑-工具-文件夹选项-查看-显示隐藏文件-隐藏受保护的系统文件(勾去掉)-确定
重起进入安全模式(开机不停的按F8,选择安全模式启动) 清空下列临时文件夹中所有内容:
C:\Documents and Settings\用户名\Local Settings\Temporary Internet Files
C:\Documents and Settings\用户名\Local Settings\Temp
C:\WINDOWS\TEMP
安装 安全卫士360
下载:http://www.skycn.com/soft/21730.html
清理下插件和木马,修复IE
附件: xdelboxnN.rar
C:\WINDOWS\system32\fmsiocps.dll
C:\WINDOWS\system32\plwoat.dll
C:\WINDOWS\system32\nyjpnb.dll
C:\WINDOWS\system32\tqlgcl.dll
C:\WINDOWS\system32\cjqksv.dll
C:\WINDOWS\system32\msosmnsf01.dll
C:\WINDOWS\system32\msoscqit01.dll
C:\WINDOWS\system32\msosfmsq00.dll
C:\WINDOWS\system32\msosptfs00.dll
C:\WINDOWS\system32\msosjtio00.dll
C:\WINDOWS\system32\vbirfa.dll
C:\WINDOWS\system32\9rcx.dll
C:\WINDOWS\system32\cuatgj.dll
C:\WINDOWS\system32\anistio.dll
C:\WINDOWS\system32\dionpis.dll
C:\WINDOWS\system32\fmsjhif.dll
C:\WINDOWS\system32\dbhlp32.dlL
C:\WINDOWS\system32\bincdwsa.dll
C:\WINDOWS\system32\fmsbbqi.dll
C:\WINDOWS\system32\hefcndy.dll
C:\WINDOWS\system32\ibmkyqcz.dll
C:\WINDOWS\system32\ptshell.dll
C:\WINDOWS\system32\yuiabct.dll
C:\WINDOWS\system32\ticisms.dll
C:\WINDOWS\system32\mfchlp64.dll
C:\WINDOWS\system32\dndsioc.dll
C:\WINDOWS\system32\fmbiost.dll
C:\WINDOWS\system32\isndntio.dll
C:\WINDOWS\system32\WINSvr64.dll
C:\WINDOWS\system32\huifitc.dll
C:\WINDOWS\system32\drivers\msosmsp2p32.sys
C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys
复制以上文件,从剪贴板导入,抑制再生,选择重起删除
删除以后,用SRENG
删除注册表中
<fmsiocps><C:\WINDOWS\fmsiocps.exe> []
<anistio><C:\WINDOWS\anistio.exE> []
<dionpis><C:\WINDOWS\dionpis.exe> []
<hefcndy><C:\WINDOWS\hefcndy.exe> []
<fmsbbqi><C:\WINDOWS\fmsbbqi.exe> []
<bincdwsa><C:\WINDOWS\bincdwsa.exe> []
<dbhlp32><C:\WINDOWS\dbhlp32.exe> []
<fmsjhif><C:\WINDOWS\fmsjhif.exe> []
<qebdtkwm><C:\WINDOWS\edkmezsm.exe> []
<ptshell><C:\WINDOWS\ptshell.exe> []
<ticisms><C:\WINDOWS\ticisms.exe> []
<yuiabct><C:\WINDOWS\yuiabct.exe> []
<mfchlp64><C:\WINDOWS\mfchlp64.exe> []
<dndsioc><C:\WINDOWS\dndsioc.exe> []
<WINSvr64><C:\WINDOWS\WINSvr64.exe> []
<fmbiost><C:\WINDOWS\fmbiost.exe> []
<isndntio><C:\WINDOWS\isndntio.exe> []
<huifitc><C:\WINDOWS\huifitc.exe> []
<51GG><C:\Program Files\51\Guagua\51GG.exe> [www.51.com]
编辑 <AppInit_DLLs><fmsiocps.dll,plwoat.dll,nyjpnb.dll,tqlgcl.dll,cjqksv.dll,msosping00.dll,msosmnsf01.dll,msosmhfp01.dll,msoscqit01.dll,nicozftp01.dll,msosfmsq00.dll,msosptfs00.dll,msosdrop01.dll,msosdohs01.dll,msosjtio00.dll,vbirfa.dll,ieprot.dll,cuatgj.dll> []为空
删除驱动
[2u3vf0 / 2u3vf0y][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\2u3vf0y.sys><N/A>
[cnprov / cnprov][Running/Boot Start]
<\SystemRoot\system32\drivers\cnprov.sys><中国互联网络信息中心(CNNIC)>
[cqit / cqit][Stopped/Auto Start]
<\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmpAE.tmp><N/A>
[dohs / dohs][Stopped/Auto Start]
<\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmpB2.tmp><N/A>
[drop / drop][Stopped/Auto Start]
<\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmpC0.tmp><N/A>
[fmsq / fmsq][Stopped/Auto Start]
<\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmpBE.tmp><N/A>
[hc6x / hc6x][Stopped/Boot Start]
<\SystemRoot\system32\drivers\hc6x.sys><N/A>
[idnaux / idnaux][Running/Auto Start]
<system32\drivers\idnaux.sys><中国互联网络信息中心(CNNIC)>
[jtio / jtio][Stopped/Auto Start]
<\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmpC2.tmp><N/A>
[mhfp / mhfp][Stopped/Auto Start]
<\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmpA5.tmp><N/A>
[mnsf / mnsf][Stopped/Auto Start]
<\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmpB0.tmp><N/A>
[msp2p32 / msp2p32][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\msosmsp2p32.sys><N/A>
[System event loader / ntptdb][Stopped/Auto Start]
<\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
[ping / ping][Stopped/Auto Start]
<\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmpBA.tmp><N/A>
[ptfs / ptfs][Stopped/Auto Start]
<\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmpB8.tmp><N/A>
[zftp / zftp][Stopped/Auto Start]
<\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmpAA.tmp><N/A>
找到文件c:\windows\win.ini
删除类似如图的内容
然后下载arswp(Windows清理助手)清理下..
http://www.arswp.com/download/arswp/arswp.rar
清理临时文件夹:
打开我的电脑-工具-文件夹选项-查看-显示隐藏文件-隐藏受保护的系统文件(勾去掉)-确定
重起进入安全模式(开机不停的按F8,选择安全模式启动) 清空下列临时文件夹中所有内容:
C:\Documents and Settings\用户名\Local Settings\Temporary Internet Files
C:\Documents and Settings\用户名\Local Settings\Temp
C:\WINDOWS\TEMP
安装 安全卫士360
下载:http://www.skycn.com/soft/21730.html
清理下插件和木马,修复IE
附件: xdelboxnN.rar