12   2  /  2  页   跳转

快救救我,差点上不来了!!!

收藏
天空和小草
头像
拙长孩提狮
  • 帖子:75
  • 注册: 2005-04-24
  • 来自:
发表于: 2006-09-08 20:54 | 只看楼主 短消息 资料
字号: 11楼

[PID: 3696][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  <RealNetworks, Inc.><0.1.0.3510>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <Yahoo! China><3, 0, 2, 1020>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll]  <Yahoo! China><3, 0, 7, 1013>
    [C:\Program Files\Internet Explorer\PLUGINS\system.sys]  <N/A><N/A>
    [C:\Program files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
    [C:\Program Files\KV2006\KVHookG_1.dll]  <Jiangmin Co.Ltd><9.0.0.1226>
[PID: 2416][C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe]  <Yahoo! China><3, 0, 7, 1013>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll]  <Yahoo! China><3, 0, 7, 1013>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <Yahoo! China><3, 0, 2, 1020>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\YAlive.dll]  <yahoo! china><3, 3, 1, 1082>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll]  <Yahoo! China><3, 0, 1, 1010>
    [C:\Program Files\Internet Explorer\PLUGINS\system.sys]  <N/A><N/A>
    [C:\Program files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
    [C:\Program Files\KV2006\KVHookG_1.dll]  <Jiangmin Co.Ltd><9.0.0.1226>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\ynotifier.dll]  <yahoo! china><3, 0, 0, 1000>
[PID: 2956][C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe]  <Yahoo! China><3, 0, 1, 1002>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <Yahoo! China><3, 0, 2, 1020>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll]  <Yahoo! China><3, 0, 7, 1013>
    [C:\Program files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
    [C:\PROGRA~1\Yahoo!\Assistant\shell\yAsMenu.dll]  <Yahoo! China><3, 0, 0, 1001>
    [C:\PROGRA~1\Yahoo!\Assistant\shell\yAssecblk.dll]  <Yahoo! China><3, 0, 2, 1004>
    [C:\PROGRA~1\Yahoo!\Assistant\shell\yIEAngel.dll]  <Yahoo! China><3, 0, 1, 1001>
    [C:\PROGRA~1\Yahoo!\Assistant\shell\yMenuInfo.dll]  <Yahoo! China><3, 0, 0, 1000>
    [C:\Program Files\Internet Explorer\PLUGINS\system.sys]  <N/A><N/A>
    [C:\Program Files\KV2006\KVHookG_1.dll]  <Jiangmin Co.Ltd><9.0.0.1226>
[PID: 2884][C:\WINDOWS\system32\ctfmon.exe]  <Microsoft Corporation><5.1.2600.2096 (xpsp_sp2_rc1.040311-2315)>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <Yahoo! China><3, 0, 2, 1020>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll]  <Yahoo! China><3, 0, 7, 1013>
    [C:\Program Files\Internet Explorer\PLUGINS\system.sys]  <N/A><N/A>
    [C:\Program files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
    [C:\Program Files\KV2006\KVHookG_1.dll]  <Jiangmin Co.Ltd><9.0.0.1226>
    [C:\Program Files\KV2006\TrojDie.kxp]  <Jiangmin Co.Ltd><9.0.6.0413>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <Yahoo! China><3, 0, 2, 1020>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll]  <Yahoo! China><3, 0, 7, 1013>
    [C:\Program Files\Internet Explorer\PLUGINS\system.sys]  <N/A><N/A>
    [C:\Program files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
    [C:\Program Files\KV2006\UpdateX.dll]  <JiangMin Co.Ltd.><9, 0, 5, 831>
    [C:\Program Files\KV2006\lang\TrojDie0804.lng]  <Jiangmin Co.Ltd><9.0.0.0813>
    [C:\Program Files\KV2006\GUIExt.dll]  <Jiangmin Co.Ltd><9, 0, 5, 927>
    [C:\Program Files\KV2006\lang\GUIExt0804.lng]  <JiangMin Ltd.><7, 1, 0, 200>
    [C:\Program Files\KV2006\PProtect.dll]  <Jiangmin Co. Ltd.><9.0.0.921>
    [C:\Program Files\KV2006\KVHookG_1.dll]  <Jiangmin Co.Ltd><9.0.0.1226>
[PID: 824][C:\Program Files\KV2006\KRegEx.exe]  <Jiangmin Co.Ltd><9.0.6.210>
    [C:\Program Files\KV2006\KRegEx.dll]  <Jiangmin Co. Ltd.><9.0.6.0119>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <Yahoo! China><3, 0, 2, 1020>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll]  <Yahoo! China><3, 0, 7, 1013>
    [C:\Program Files\Internet Explorer\PLUGINS\system.sys]  <N/A><N/A>
    [C:\Program files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
    [C:\Program Files\KV2006\KRegTrust.dll]  <Jiangmin Co. Ltd.><9.0.0.825>
    [C:\Program Files\KV2006\KVHookG_1.dll]  <Jiangmin Co.Ltd><9.0.0.1226>
[PID: 3016][C:\Program Files\Internet Explorer\iexplore.exe]  <Microsoft Corporation><6.00.2900.2096 (xpsp_sp2_rc1.040311-2315)>
    [C:\Program Files\KV2006\KVHookG_1.dll]  <Jiangmin Co.Ltd><9.0.0.1226>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <Yahoo! China><3, 0, 2, 1020>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\yscrblock.dll]  <Yahoo! China><3, 0, 0, 1000>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll]  <Yahoo! China><3, 0, 7, 1013>
    [C:\Program Files\Internet Explorer\PLUGINS\system.sys]  <N/A><N/A>
    [C:\Program files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\YAlive.dll]  <yahoo! china><3, 3, 1, 1082>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll]  <Yahoo! China><3, 0, 1, 1010>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll]  <yahoo! china><3, 1, 0, 1054>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ysearch.dll]  <Yahoo! China><3, 0, 4, 1005>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasnoad.dll]  <yahoo! china><3, 0, 1, 1003>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yzsNetProto.dll]  <Yahoo! China><3, 0, 0, 1000>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yphtb.dll]  <Yahoo! China><3, 0, 3, 1005>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yrss.dll]  <Yahoo! China><3, 0, 0, 1000>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yaswiper.dll]  <Yahoo! China><3, 0, 1, 1001>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasiesec.dll]  <Yahoo! China><3, 0, 1, 1001>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ysettings.dll]  <yahoo! china><3, 0, 4, 1007>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\ymailp.dll]  <Yahoo! China><3.0.0.1006>
    [C:\WINDOWS\system32\kakatool.dll]  <Beijing Rising Technology Co., Ltd.><2, 0, 0, 9>
    [C:\WINDOWS\system32\xunleibho_v5.dll]  <><4, 3, 3, 30>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yangling.dll]  <yahoo! china><3, 0, 2, 1003>
    [C:\Program Files\KV2006\KVBHO_1.dll]  <Jiangmin Co.Ltd><9.0.6.0113>
    [C:\Program Files\KV2006\KVAddrDb.dll]  <Jiangmin Co.Ltd><9, 0, 0, 1018>
    [D:\QQ\QQIEHelper.dll]  <深圳市腾讯计算机系统有限公司><1, 1, 0, 5>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\YDRAGS~1.DLL]  <yahoo! china><3, 0, 1, 1001>
    [C:\Program Files\KV2006\KvShell.dll]  <Jiangmin Co.Ltd><9, 0, 5, 830>
    [C:\Program Files\KV2006\UpdateX.dll]  <JiangMin Co.Ltd.><9, 0, 5, 831>
    [C:\Program Files\KV2006\lang\Kvxp0804_1.lng]  <N/A><N/A>
    [C:\Program Files\KV2006\APIImpl.dll]  <JiangMin Ltd.><9.0.0.500>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yassist.dll]  <Yahoo! China><3, 0, 9, 1014>
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  <Adobe Systems, Inc.><9,0,16,0>
[PID: 3812][D:\pp\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>
    [C:\Program Files\KV2006\KVHookG_1.dll]  <Jiangmin Co.Ltd><9.0.0.1226>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <Yahoo! China><3, 0, 2, 1020>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll]  <Yahoo! China><3, 0, 7, 1013>
    [C:\Program Files\Internet Explorer\PLUGINS\system.sys]  <N/A><N/A>
    [C:\Program files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
[PID: 1448][C:\WINDOWS\system32\cmd.exe]  <Microsoft Corporation><5.1.2600.2096 (xpsp_sp2_rc1.040311-2315)>
[PID: 3164][C:\WINDOWS\system32\conime.exe]  <Microsoft Corporation><5.1.2600.2096 (xpsp_sp2_rc1.040311-2315)>
    [C:\Program Files\KV2006\KVHookG_1.dll]  <Jiangmin Co.Ltd><9.0.0.1226>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <Yahoo! China><3, 0, 2, 1020>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll]  <Yahoo! China><3, 0, 7, 1013>
    [C:\Program Files\Internet Explorer\PLUGINS\system.sys]  <N/A><N/A>
    [C:\Program files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
[PID: 3400][C:\WINDOWS\system32\taskmgr.exe]  <Microsoft Corporation><5.1.2600.2096 (xpsp_sp2_rc1.040311-2315)>
    [C:\Program Files\KV2006\KVHookG_1.dll]  <Jiangmin Co.Ltd><9.0.0.1226>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <Yahoo! China><3, 0, 2, 1020>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ypatch.dll]  <Yahoo! China><3, 0, 7, 1013>
    [C:\Program Files\Internet Explorer\PLUGINS\system.sys]  <N/A><N/A>
    [C:\Program files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
[PID: 2668][C:\WINDOWS\system32\Realplayer.exe]  <N/A><N/A>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================
gototop
 
我无邪
头像
高贵耄耋狮
  • 帖子:20720
  • 注册: 2004-06-10
  • 来自:广西玉林
发表于: 2006-09-08 21:17 | 短消息 资料
字号: 12楼

C:\WINDOWS\system32\Realplayer.exe
C:\WINDOWS\system32\Ravdm.exe
这两项,分别看以下两个帖子
http://forum.ikaka.com/topic.asp?board=67&artid=8162074
http://forum.ikaka.com/topic.asp?board=28&artid=8156736
打开System Repair Engineer(也就是你的扫描日志软件SREng.exe),点“启动项目,服务,点“Win32服务应用程序”勾选“隐藏微软服务”选中病毒服务GrayPigeon_LC,选择“删除服务”点“设置”选择“否”

请到www.27814939.ys168.com,点“我的软件”下载KillBox.exe
重新启动电脑, 开机检测完后, 按[F8]键(可以一直按到启动菜单出来为止), 选择安全模式进入Windows
双击打开KillBox.exe,分别删除
C:\Program files\Internet Explorer\PLUGINS\new123.sys
C:\Program Files\Internet Explorer\PLUGINS\system.sys
C:\WINDOWS\LC.exe
(删除时勾选“删除前先结束Explorer.EXE进程”不行再试着勾选"删除DLL文件前反注册此文件"
给菜鸟的东东—KillBox的使用技巧
http://forum.ikaka.com/topic.asp?board=28&artid=8160799

打开System Repair Engineer(也就是你的扫描日志软件SREng.exe),使用“系统修复,浏览器加载项”来删除以下选项。
C:\Program files\Internet Explorer\PLUGINS\new123.sys
C:\Program Files\Internet Explorer\PLUGINS\system.sys
完后重启,再扫个日志粘上来。
gototop
 
天空和小草
头像
拙长孩提狮
  • 帖子:75
  • 注册: 2005-04-24
  • 来自:
发表于: 2006-09-08 22:56 | 只看楼主 短消息 资料
字号: 13楼

使用“系统修复,浏览器加载项”来删除以下选项。
这步没找到。(“new123.sys”,“system.sys”)


应该没问题了吧,谢谢两位!!
再贴份报告:
Logfile of HijackThis v1.99.1
Scan saved at 22:42:58, on 2006-9-8
Platform: Windows XP SP2, v.2096 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2096)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\KV2006\KVSrvXP.exe
C:\Program Files\KV2006\kvwsc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\KV2006\KVMonXP.kxp
C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe
C:\Program Files\KV2006\TrojDie.kxp
C:\Program Files\KV2006\KRegEx.exe
C:\Program Files\KV2006\UIHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Yahoo!\ASSIST~1\ylive.exe
C:\WINDOWS\system32\svchost.exe
D:\pp\HijackThis.exe

R3 - URLSearchHook: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v5.dll
O2 - BHO: yPhtb - {33BBE430-0E42-4f12-B075-8D21ACB10DCB}? - (no file)
O2 - BHO: Anti Fish - {38928D50-8A48-44C2-945F-D2F23F771410} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yangling.dll
O2 - BHO: FiltrateWebObj Class - {42AFACEE-2A77-41EB-9EE2-D9F8AF827F90} - C:\Program Files\KV2006\KVBHO_1.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - D:\QQ\QQIEHelper.dll
O2 - BHO: YDragSearch - {62EED7C6-9F02-42f9-B634-98E2899E147B} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\YDRAGS~1.DLL
O2 - BHO: BrowseHelper Class - {80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9} - C:\Program Files\KV2006\KvShell.dll
O2 - BHO: AssistHelper - {FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yassist.dll
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: 江民杀毒工具栏 - {B5A34A93-D538-43A7-8371-864CB6148D12} - C:\Program Files\KV2006\KvShell.dll
O3 - Toolbar: 雅虎助手 - {406F94F0-504F-4A40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\kakatool.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] ; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] ; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] ; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [MSPY2002] ; C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [KvMonXP] "C:\Program Files\KV2006\KVMonXP.kxp" /auto
O4 - HKLM\..\Run: [CnsMin] ; Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32
O4 - HKLM\..\Run: [StormCodec_Helper] ; "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - HKLM\..\Run: [helper.dll] ; C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32
O4 - HKLM\..\Run: [TkBellExe] ; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [YLive.exe] ; C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
O4 - HKLM\..\Run: [yassistse] "C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe"
O4 - HKLM\..\Run: [Realplayer.exe] ; C:\WINDOWS\system32\Realplayer.exe
O4 - HKCU\..\Run: [ctfmon.exe] ; C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [KVFW] ; C:\Program Files\KVFW\kvfw.exe -silent
O4 - HKCU\..\Run: [KvXP] ; "C:\Program Files\KV2006\KvXP.kxp" /ScanBoot /ScanSys
O4 - Startup: 腾讯QQ.lnk = D:\QQ\QQ.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &使用迅雷下载 - C:\Program Files\Sandai Technologies Inc\Thunder\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - C:\Program Files\Sandai Technologies Inc\Thunder\getAllurl.htm
O9 - Extra button: Yahoo 3.5G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail (file missing)
O9 - Extra button: 寻宝乐趣多 - {59BC54A2-56B3-44a0-93E5-432D58746E26} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=taobao (file missing)
O9 - Extra button: 雅虎助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg (file missing)
O9 - Extra button: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing)
O9 - Extra 'Tools' menuitem: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing)
O9 - Extra button: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing)
O9 - Extra 'Tools' menuitem: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing)
O11 - Options group: [!CNS]  中文上网
O17 - HKLM\System\CCS\Services\Tcpip\..\{0D09BC90-4FA4-4802-9272-168659A52828}: NameServer = 202.96.134.133,202.96.128.68
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: KVSrvXP - Jiangmin Co. Ltd - C:\Program Files\KV2006\KVSrvXP.exe
O23 - Service: KVWSC - Jiangmin Co.Ltd - C:\Program Files\KV2006\kvwsc.exe
gototop
 
我无邪
头像
高贵耄耋狮
  • 帖子:20720
  • 注册: 2004-06-10
  • 来自:广西玉林
发表于: 2006-09-08 23:11 | 短消息 资料
字号: 14楼

还有 C:\WINDOWS\system32\Realplayer.exe
你是否这样做了
打开System Repair Engineer(也就是你的扫描日志软件SREng.exe),使用“启动项目,注册表”来删除以下选项。
C:\WINDOWS\system32\Realplayer.exe

建议
重启后
System Repair Engineer扫份日志粘上来。
gototop
 
天空和小草
头像
拙长孩提狮
  • 帖子:75
  • 注册: 2005-04-24
  • 来自:
发表于: 2006-09-08 23:52 | 只看楼主 短消息 资料
字号: 15楼

忘了说了,这步我没做。
用了助手截它。马上做
gototop
 
天空和小草
头像
拙长孩提狮
  • 帖子:75
  • 注册: 2005-04-24
  • 来自:
发表于: 2006-09-09 00:02 | 只看楼主 短消息 资料
字号: 16楼

晕,
开了QQ后,有出现这个了:

附件附件:

下载次数:230
文件类型:image/pjpeg
文件大小:
上传时间:2006-9-9 0:02:59
描述:
gototop
 
天空和小草
头像
拙长孩提狮
  • 帖子:75
  • 注册: 2005-04-24
  • 来自:
发表于: 2006-09-09 00:38 | 只看楼主 短消息 资料
字号: 17楼

我直接删了TIMPlatform.exe。
现在又没出现了。
Logfile of HijackThis v1.99.1
Scan saved at 0:18:33, on 2006-9-9
Platform: Windows XP SP2, v.2096 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2096)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\KV2006\KVMonXP.kxp
C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\KV2006\KVSrvXP.exe
C:\Program Files\KV2006\kvwsc.exe
C:\Program Files\KV2006\TrojDie.kxp
C:\Program Files\KV2006\KRegEx.exe
C:\Program Files\KV2006\UIHost.exe
C:\WINDOWS\system32\wuauclt.exe
D:\QQ\QQ.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Yahoo!\ASSIST~1\ylive.exe
D:\pp\HijackThis.exe

R3 - URLSearchHook: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v5.dll
O2 - BHO: yPhtb - {33BBE430-0E42-4f12-B075-8D21ACB10DCB}? - (no file)
O2 - BHO: Anti Fish - {38928D50-8A48-44C2-945F-D2F23F771410} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yangling.dll
O2 - BHO: FiltrateWebObj Class - {42AFACEE-2A77-41EB-9EE2-D9F8AF827F90} - C:\Program Files\KV2006\KVBHO_1.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - D:\QQ\QQIEHelper.dll
O2 - BHO: YDragSearch - {62EED7C6-9F02-42f9-B634-98E2899E147B} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\YDRAGS~1.DLL
O2 - BHO: BrowseHelper Class - {80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9} - C:\Program Files\KV2006\KvShell.dll
O2 - BHO: AssistHelper - {FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yassist.dll
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: 江民杀毒工具栏 - {B5A34A93-D538-43A7-8371-864CB6148D12} - C:\Program Files\KV2006\KvShell.dll
O3 - Toolbar: 雅虎助手 - {406F94F0-504F-4A40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\kakatool.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] ; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] ; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] ; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [MSPY2002] ; C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [KvMonXP] "C:\Program Files\KV2006\KVMonXP.kxp" /auto
O4 - HKLM\..\Run: [CnsMin] ; Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32
O4 - HKLM\..\Run: [StormCodec_Helper] ; "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - HKLM\..\Run: [helper.dll] ; C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32
O4 - HKLM\..\Run: [TkBellExe] ; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [YLive.exe] ; C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
O4 - HKLM\..\Run: [yassistse] "C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe"
O4 - HKCU\..\Run: [ctfmon.exe] ; C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [KVFW] ; C:\Program Files\KVFW\kvfw.exe -silent
O4 - HKCU\..\Run: [KvXP] ; "C:\Program Files\KV2006\KvXP.kxp" /ScanBoot /ScanSys
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &使用迅雷下载 - C:\Program Files\Sandai Technologies Inc\Thunder\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - C:\Program Files\Sandai Technologies Inc\Thunder\getAllurl.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\QQ\SendMMS.htm
O9 - Extra button: Yahoo 3.5G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail (file missing)
O9 - Extra button: 寻宝乐趣多 - {59BC54A2-56B3-44a0-93E5-432D58746E26} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=taobao (file missing)
O9 - Extra button: 雅虎助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg (file missing)
O9 - Extra button: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing)
O9 - Extra 'Tools' menuitem: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing)
O9 - Extra button: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing)
O9 - Extra 'Tools' menuitem: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing)
O11 - Options group: [!CNS]  中文上网
O17 - HKLM\System\CCS\Services\Tcpip\..\{0D09BC90-4FA4-4802-9272-168659A52828}: NameServer = 202.96.134.133,202.96.128.68
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: KVSrvXP - Jiangmin Co. Ltd - C:\Program Files\KV2006\KVSrvXP.exe
O23 - Service: KVWSC - Jiangmin Co.Ltd - C:\Program Files\KV2006\kvwsc.exe
gototop
 
秋日里的蓝天
头像
卡卡技术团队
  • 帖子:7349
  • 注册: 2004-09-30
  • 来自:
发表于: 2006-09-09 00:42 | 短消息 资料
字号: 18楼

把06项修复一下就行了,日志看不出问题
gototop
 
天空和小草
头像
拙长孩提狮
  • 帖子:75
  • 注册: 2005-04-24
  • 来自:
发表于: 2006-09-09 01:18 | 只看楼主 短消息 资料
字号: 19楼

总之感谢了!!!
gototop
 
<<上一主题|下一主题>>
12   2  /  2  页   跳转
页面顶部
Powered by Discuz!NT