【回复“txws”的帖子】
结束如下进程:
C:\WINDOWS\System32\ServeHost.exe
C:\Program Files\SearchNet\SearchNet.exe
C:\WINDOWS\temp\realsched.exe
C:\Program Files\HuaCi\huaci\zsearch.exe
C:\WINDOWS\System32\downs.exe
C:\PROGRA~1\baigoo\bgoomain.exe
修复
R3 - URLSearchHook: VeryCD Search Class - {88351CEF-BAC0-4A9B-8380-31A173E2926F} - C:\PROGRA~1\YOK.com\SUPERS~1\YOK_SuperSearch.dll
O2 - BHO: MonitorURL Class - {08A312BB-5409-49FC-9347-54BB7D069AC6} - C:\PROGRA~1\DESKAD~1\deskipn.dll
O2 - BHO: wmpdrm - {0E674588-66B7-4E19-9D0E-2053B800F69F} - C:\WINDOWS\System32\wmpdrm.dll
O2 - BHO: WinSearch - {27E96DE0-8211-42CF-9A1E-FA6246A95B77} - C:\WINDOWS\System32\winsearch.dll
O2 - BHO: IE Address Browser Helper - {2A0176FE-008B-4706-90F5-BBA532A49731} - C:\Program Files\SearchNet\SNHpr.dll
O2 - BHO: KC32Helper - {33559EBD-C831-4731-952F-E2BC2CC7B42F} - C:\WINDOWS\System32\enhp32.dll
O2 - BHO: IE Browser Helper - {3CE496D1-1746-41CD-9489-3C0B93DF10E2} - C:\WINDOWS\Downlo~1\uvaof6l.dll
O2 - BHO: Vision - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll
O2 - BHO: stdup - {6A512BF7-EC78-4e8d-9841-6C02E8FA9838} - C:\WINDOWS\System32\stdup.dll
O2 - BHO: MSHlper Class - {721E6521-4CAD-4A8D-A7F1-4E230B31EF19} - C:\WINDOWS\System32\MSHLP.DLL
O2 - BHO: VeryCD超级搜索 - {75FE2B5A-D3A4-4EFA-AC11-ADC9C9459688} - C:\PROGRA~1\YOK.com\SUPERS~1\YOK_SuperSearch.dll
O2 - BHO: CpapView Class - {77962960-536E-47EC-9DDB-52651519705F} - C:\WINDOWS\System32\cacb.dll
O2 - BHO: bg - {7BDAF75A-0D6F-4F50-AFE9-333D08DF4005} - C:\Program Files\baigoo\BGooBHO.dll
O2 - BHO: NewWeb Controller - {9ACEEE30-143F-471A-AA45-72B061FE7D60} - C:\WINDOWS\system32\AdvSC.dll (file missing)
O2 - BHO: NewWeb Controller - {9ACEEE31-1440-471B-AA46-72B061FE7D61} - C:\WINDOWS\system32\WinSC32.dll
O2 - BHO: Internet_Explorer_Service - {9E1E1371-9D8F-4421-81B9-F8D2E1773A59} - C:\WINDOWS\system32\HelperService.dll (file missing)
O2 - BHO: HB
Object Class - {AE22AFE5-1EF4-4D25-9E23-D2825FB17DA1} - C:\PROGRA~1\hbclient\tbhelper.dll
O2 - BHO: 金山超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\Program Files\Kingsoft\PowerWord 2006\BaiduBar.dll (file missing)
O2 - BHO: internet explorer helper - {F7911E65-B01C-4A58-AEC7-53085ECA70A5} - C:\WINDOWS\System32\mshlink.dll
O3 - IE工具栏增项: 金山超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\Program Files\Kingsoft\PowerWord 2006\BaiduBar.dll (file missing)
O3 - IE工具栏增项: BitCometBar - {3F1ABCDB-A875-46c1-8345-B72A4567E486} - D:\BIT\BitComet\BitCometBar\BitCometBar0.2.dll (file missing)
O3 - IE工具栏增项: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - IE工具栏增项: VeryCD超级搜索 - {F869BB38-FFEF-4589-B986-610B7AD0ADA2} - C:\PROGRA~1\YOK.com\SUPERS~1\YOK_SuperSearch.dll
O3 - IE工具栏增项: 系统标准按钮(&E) - {6B2455FD-3669-4555-8DF8-69FD5BC846F8} - C:\WINDOWS\system32\SystemToolbar.dll (file missing)
O4 - 启动项HKLM\\Run: [YDTMain.exe] C:\PROGRA~1\YDT\YDTMain.exe
O4 - 启动项HKLM\\Run: [YOKAssiant] Rundll32.exe C:\PROGRA~1\YOK.com\SUPERS~1\YOK_SuperSearch.dll,YOKAssiant
O4 - 启动项HKLM\\Run: [MSService_v1.0] C:\WINDOWS\temp\realsched.exe
O4 - 启动项HKLM\\Run: [MoveSearch] C:\Program Files\HuaCi\huaci\zsearch.exe
O4 - 启动项HKLM\\Run: [Desktop] C:\WINDOWS\System32\rundll32.exe "C:\Program Files\DeskAdTop\Run.dll" ,Rundll
O4 - 启动项HKLM\\Run: [spoolsv] C:\WINDOWS\System32\spoolsv\spoolsv.exe -printer
O4 - 启动项HKLM\\Run: [downs] C:\WINDOWS\System32\downs.exe
O4 - 启动项HKLM\\Run: [RichMedia] C:\WINDOWS\System32\Rundll32.exe "C:\PROGRA~1\hbclient\tbhelper.dll",WaitWindows
O4 - 启动项HKLM\\Run: [r4tzc] RunDll32 "C:\WINDOWS\Downlo~1\evl0.dll",Run
O4 - 启动项HKLM\\Run: [SearchNet_Up] "C:\Program Files\SearchNet\ServeUp.exe"
O4 - 启动项HKLM\\Run: [bgoomain.exe] C:\PROGRA~1\baigoo\bgoomain.exe
O4 - HKCU\..\Run: [MyShares] c:\program Files\易虎\MyShares.exe /tray
O4 - HKCU\..\Run: [LocalSystem] C:\WINDOWS\system\svchost.exe
O4 - HKCU\..\Run: [Syss] C:\DOCUME~1\ckm\LOCALS~1\Temp\ehuupdate.exe
O4 - Startup: 划词搜索.lnk = C:\Program Files\HuaCi\huaci\zsearch.exe
O4 - Global Startup: iMop.lnk = ?ProgramFiles%\Mop\iMop\iMop.exe
O8 - IE右键菜单中的新增项目: >>彩信发送<< - res://C:\PROGRA~1\MMSASS~1\Mmsass~1.dll/mms.htm
O23 - NT 服务: houst - Unknown owner - (no file)
===========
http://www.cexx.org/lspfix.exe
下载lspfix.exe修复如下两个文件:
c:\windows\system32\msplus.dll
c:\windows\system32\engt32.dll
修复方法参考图片
注意这次应该选中msplus.dll和engt32.dll
============
卸载
C:\Program Files\SearchNet\
C:\Program Files\HuaCi\
C:\Program Files\baigoo\
C:\Program Files\YDT\
C:\Program Files\YOK.com\
C:\Program Files\DeskAdTop\
C:\Program Files\hbclient\
c:\program Files\易虎\
C:\Program Files\Mop\
C:\Program Files\MMSASSIST\
=======
删除
C:\Program Files\SearchNet\
C:\Program Files\HuaCi\
C:\Program Files\baigoo\
C:\Program Files\YDT\
C:\Program Files\YOK.com\
C:\Program Files\DeskAdTop\
C:\Program Files\hbclient\
c:\program Files\易虎\
C:\Program Files\Mop\
C:\Program Files\MMSASSIST\
C:\WINDOWS\System32\ServeHost.exe
C:\WINDOWS\temp\realsched.exe
C:\WINDOWS\System32\downs.exe
C:\WINDOWS\System32\wmpdrm.dll
C:\WINDOWS\System32\winsearch.dll
C:\WINDOWS\System32\enhp32.dll
C:\WINDOWS\Downloaded Program Files\uvaof6l.dll
C:\WINDOWS\System32\stdup.dll
C:\WINDOWS\System32\MSHLP.DLL
C:\WINDOWS\System32\cacb.dll
C:\WINDOWS\system32\WinSC32.dll
C:\WINDOWS\System32\mshlink.dll
C:\WINDOWS\System32\spoolsv\
C:\WINDOWS\Downloaded Program Files\evl0.dll
C:\DOCUME~1\ckm\LOCALS~1\Temp\ehuupdate.exe
以及C:\DOCUME~1\ckm\LOCALS~1\Temp\下的所有文件及文件夹
以及C:\WINDOWS\temp\下的所有文件及文件夹
==========
相关参考:
C:\WINDOWS\SYSTEM32\stdup.dll是间谍广告插件
具体操作参考
http://forum.ikaka.com/topic.asp?board=28&artid=7971417
C:\Program Files\HBClient\是很棒小秘书流氓软件
具体操作参考
http://forum.ikaka.com/topic.asp?board=28&artid=7795226
C:\Program Files\SearchNet\是中搜流氓
具体操作参考
http://forum.ikaka.com/topic.asp?board=28&artid=8049319
C:\WINDOWS\Downloaded Program Files\uvaof6l.dll
C:\WINDOWS\Downloaded Program Files\evl0.dll
这两个文件或许找不到
如何删除操作如下:
ttp://www.xfocus.net/tools/200605/1161.html
下载后打开IceSword
用IceSword查找后删除即可
===========
晕
怎么不能上传图片了?
