12   2  /  2  页   跳转

IE主页是乱码

收藏
秋日里的蓝天
头像
卡卡技术团队
  • 帖子:7349
  • 注册: 2004-09-30
  • 来自:
发表于: 2006-12-20 21:12 | 短消息 资料
字号: 11楼

请重新扫描上来
gototop
 
秋日里的蓝天
头像
卡卡技术团队
  • 帖子:7349
  • 注册: 2004-09-30
  • 来自:
发表于: 2006-12-20 21:15 | 短消息 资料
字号: 12楼

重启按F8进入安全模式下使用杀毒软件清理系统
gototop
 
慕容小燕
头像
初生襁褓狮
  • 帖子:53
  • 注册: 2004-05-29
  • 来自:
发表于: 2006-12-20 21:31 | 只看楼主 短消息 资料
字号: 13楼

2006-12-20,21:11:17

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2, v.2096 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><D:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    <MsnMsgr><"D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <TQ><D:\Program Files\TQ洽谈通\TQ.exe -FrmReg>  [北京商之讯]
    <TkBellExe><"D:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <YLive.exe><D:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe>  [Yahoo! China]
    <yassistse><"D:\PROGRA~1\Yahoo!\Assistant\yassistse.exe">  [Yahoo!]
    <WebThunder><D:\Program Files\Thunder Network\WebThunder\WebThunder.exe>  [深圳市迅雷网络技术有限公司]
    <svchost.exe><D:\WINDOWS\system32\svchost.exe>  [(Verified)Microsoft Corporation]
    <SoundMan><SOUNDMAN.EXE>  [(Verified)Realtek Semiconductor Corp.]
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  [N/A]
    <KAVPersonal50><D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize>  [Kaspersky Lab]
    <HotKeysCmds><; D:\WINDOWS\system32\hkcmd.exe>  [(Verified)Intel Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><D:\WINDOWS\system32\Userinit.exe>  [(Verified)Microsoft Corporation]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [(Verified)Microsoft Corporation]
    <{1A404685-7563-4d02-B0F6-58B308A406A9}><d:\program files\msn messenger\lzmqcnqv.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Corporation]
    <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Corporation]
    <WebCheck><%SystemRoot%\system32\webcheck.dll>  [(Verified)Microsoft Corporation]
    <SysTray><D:\WINDOWS\system32\stobject.dll>  [(Verified)Microsoft Corporation]
    <UPnPMonitor><D:\WINDOWS\system32\upnpui.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    <WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    <WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    <WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    <WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Corporation]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><D:\WINDOWS\System32\logon.scr>  [(Verified)Microsoft Corporation]
==================================
启动文件夹
[Microsoft Office]
  <D:\Documents and Settings\All Users\「开始」菜单\程序\启动\Microsoft Office.lnk --> D:\PROGRA~1\MICROS~2\Office10\OSA.EXE [Microsoft Corporation]><N>
[腾讯QQ]
  <D:\Documents and Settings\Administrator\「开始」菜单\程序\启动\腾讯QQ.lnk --> D:\陈守桓\重要文件\QQ.exe [TENCENT]><N>

==================================
服务
[Registry Protector / BRGNS]
  <D:\WINDOWS\SYSTEM32\RUNDLL32.EXE D:\WINDOWS\SYSTEM32\WBEM\IRJIT.DLL,Export 1087><N/A>
[Remote Registry Protect / ClipArt]
  <D:\WINDOWS\System32\svchost.exe -k netsvcs-->D:\WINDOWS\system32\spted.dll><N/A>
[Human Interface Device Access / HidServ]
  <D:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[kavsvc / kavsvc]
  <D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe><Kaspersky Lab>
[Windows DHCP Service / WinDHCPsvc]
  <D:\WINDOWS\system32\rundll32.exe windhcp.ocx,start><Microsoft Corporation>
[Windows_rejoice / Windows_rejoice]
  <D:\Program Files\Common Files\Microsoft Shared\MSINFO\rejoice4.exe><N/A>
[WinXP DHCP Service / WinXPDHCPsvc]
  <D:\WINDOWS\system32\rundll32.exe xpdhcp.dll,start><Microsoft Corporation>

==================================
驱动程序
[ADProt / ADProt]
  <\SystemRoot\system32\drivers\ADProt.sys><N/A>
[aeaudio / aeaudio]
  <system32\drivers\aeaudio.sys><Andrea Electronics Corporation>
[afibcffi / afibcffi]
  <\??\D:\WINDOWS\system32\drivers\afibcffi.sys><中国互联网络信息中心(CNNIC)>
[Service for WDM 3D Audio Driver / ALCXSENS]
  <system32\drivers\ALCXSENS.SYS><Sensaura Ltd>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[bhcfgidc / bhcfgidc]
  <\??\D:\WINDOWS\system32\drivers\bhcfgidc.sys><中国互联网络信息中心(CNNIC)>
[bjbcdgcc / bjbcdgcc]
  <\??\D:\WINDOWS\system32\drivers\bjbcdgcc.sys><中国互联网络信息中心(CNNIC)>
[ccajjeec / ccajjeec]
  <\??\D:\WINDOWS\system32\drivers\ccajjeec.sys><中国互联网络信息中心(CNNIC)>
[dhhfdicj / dhhfdicj]
  <\??\D:\WINDOWS\system32\drivers\dhhfdicj.sys><中国互联网络信息中心(CNNIC)>
[eidbebda / eidbebda]
  <\??\D:\WINDOWS\system32\drivers\eidbebda.sys><中国互联网络信息中心(CNNIC)>
[ejbjfahi / ejbjfahi]
  <\??\D:\WINDOWS\system32\drivers\ejbjfahi.sys><中国互联网络信息中心(CNNIC)>
[fbfdgjdh / fbfdgjdh]
  <\??\D:\WINDOWS\system32\drivers\fbfdgjdh.sys><中国互联网络信息中心(CNNIC)>
[fgcebjfc / fgcebjfc]
  <\??\D:\WINDOWS\system32\drivers\fgcebjfc.sys><中国互联网络信息中心(CNNIC)>
[gbejcgfb / gbejcgfb]
  <\??\D:\WINDOWS\system32\drivers\gbejcgfb.sys><中国互联网络信息中心(CNNIC)>
[ggjfggjb / ggjfggjb]
  <\??\D:\WINDOWS\system32\drivers\ggjfggjb.sys><中国互联网络信息中心(CNNIC)>
[hdegeefd / hdegeefd]
  <\??\D:\WINDOWS\system32\drivers\hdegeefd.sys><中国互联网络信息中心(CNNIC)>
[hjhgdehb / hjhgdehb]
  <\??\D:\WINDOWS\system32\drivers\hjhgdehb.sys><中国互联网络信息中心(CNNIC)>
[ialm / ialm]
  <system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[iddbiedf / iddbiedf]
  <\??\D:\WINDOWS\system32\drivers\iddbiedf.sys><中国互联网络信息中心(CNNIC)>
[jdjfadff / jdjfadff]
  <\??\D:\WINDOWS\system32\drivers\jdjfadff.sys><中国互联网络信息中心(CNNIC)>
[jegjfjgc / jegjfjgc]
  <\??\D:\WINDOWS\system32\drivers\jegjfjgc.sys><中国互联网络信息中心(CNNIC)>
[jfaihfaa / jfaihfaa]
  <\??\D:\WINDOWS\system32\drivers\jfaihfaa.sys><中国互联网络信息中心(CNNIC)>
[KLIF / KLIF]
  <\??\D:\WINDOWS\system32\drivers\klif.sys><Kaspersky Labs>
[Klmc / Klmc]
  <System32\drivers\klmc.sys><Kaspersky Lab>
[kmsinput / kmsinput]
  <\??\D:\WINDOWS\system32\drivers\kmsinput.sys><N/A>
[lfoemho / lfoemho]
  <\SystemRoot\\SystemRoot\System32\drivers\lfoemho.sys><N/A>
[npkcrypt / npkcrypt]
  <\??\D:\陈守桓\重要文件\npkcrypt.sys><N/A>
[Padus ASPI Shell / pfc]
  <system32\drivers\pfc.sys><Padus, Inc.>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Coolpad Mobile Phone Interface (PID 3197) / qcusbmdm]
  <system32\DRIVERS\qcusbmdm.sys><QUALCOMM Incorporated>
[Coolpad Diagnostic Port 3197 / qcusbser]
  <system32\DRIVERS\qcusbser.sys><QUALCOMM Incorporated>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv]
  <system32\DRIVERS\secdrv.sys><N/A>
[smwdm / smwdm]
  <system32\drivers\smwdm.sys><Analog Devices, Inc.>
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1]
  <system32\DRIVERS\SONYPVU1.SYS><Sony Corporation>
[TSP / TSP]
  <\??\D:\WINDOWS\system32\drivers\klif.sys><Kaspersky Labs>
gototop
 
慕容小燕
头像
初生襁褓狮
  • 帖子:53
  • 注册: 2004-05-29
  • 来自:
发表于: 2006-12-20 21:39 | 只看楼主 短消息 资料
字号: 14楼

浏览器加载项
[WebThunder Browser Helper]
  {00000AAA-A363-466E-BEF5-9BB68697AA7F} <D:\Program Files\Thunder Network\WebThunder\WebThunderBHO_015.dll, Thunder Networking Technologies,LTD>
[Yahoo!Photo]
  {33BBE430-0E42-4f12-B075-8D21ACB10DCB} <D:\PROGRA~1\Yahoo!\ASSIST~1\assist\yphtb.dll, Yahoo! China>
[AntiFish Class]
  {38928D50-8A48-44C2-945F-D2F23F771410} <D:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll, Yahoo.>
[雅虎助手]
  {406F94F0-504F-4a40-8DFD-58B0666ABEBD} <D:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, Yahoo!>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <D:\陈守桓\重要文件\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[DragSearch BHO]
  {62EED7C6-9F02-42f9-B634-98E2899E147B} <D:\PROGRA~1\Yahoo!\ASSIST~1\assist\YDRAGS~1.DLL, >
[超级兔子上网精灵]
  {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <D:\Program Files\Super Rabbit\MagicSet\haokanbar.dll, Xiang Feng Technology>
[CnsHook Class]
  {D157330A-9EF3-49F8-9A67-4141AC41ADD4} <D:\WINDOWS\Downloaded Program Files\CnsHook.dll, 北京三七二一科技有限公司>
[Yahoo 3.5G电邮]
  {507F9113-CD77-4866-BA92-0E86DA3D0B97} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail, N/A>
[名品折扣]
  {59BC54A2-56B3-44a0-93E5-432D58746E26} <http://adtaobao.allyes.com/main/adfclick?db=adtaobao&bid=138,140,18&cid=816,8,1&sid=5042&show=ignore&url=http://www.taobao.com/vertical/mall/pro.php?allyesPara=816, N/A>
[雅虎助手]
  {5D73EE86-05F1-49ed-B850-E423120EC338} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist, N/A>
[雅虎WIDGET]
  {6354ABE6-05F1-49ed-B850-E423120EC338} <http://cn.widget.yahoo.com/index.htm?source=Cns, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <D:\陈守桓\重要文件\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <D:\陈守桓\重要文件\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[情景聊天]
  {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg, N/A>
[]
  {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair, N/A>
[]
  {FD00D911-7529-4084-9946-A29F1BDF4FE5} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean, N/A>
[电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <D:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
[雅虎助手]
  {406F94F0-504F-4a40-8DFD-58B0666ABEBD} <D:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, Yahoo!>
[超级兔子上网精灵]
  {43869BB3-22FD-4F15-9B46-238106BA2F4E} <D:\Program Files\Super Rabbit\MagicSet\haokanbar.dll, Xiang Feng Technology>
[AxInputControl Class]
  {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <D:\WINDOWS\DOWNLO~1\INPUTC~1.DLL, >
[MsnMessengerSetupDownloadControl Class]
  {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} <D:\WINDOWS\Downloaded Program Files\MsnMessengerSetupDownloader.ocx, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <D:\WINDOWS\system32\Macromed\Flash\Flash8.ocx, Macromedia, Inc.>
[Rising Web Scan Object]
  {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <D:\WINDOWS\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[WebThunder Browser Helper]
  {00000AAA-A363-466E-BEF5-9BB68697AA7F} <D:\Program Files\Thunder Network\WebThunder\WebThunderBHO_015.dll, Thunder Networking Technologies,LTD>
[Microsoft Office Spreadsheet 9.0]
  {0002E510-0000-0000-C000-000000000046} <D:\PROGRA~1\MICROS~2\Office10\MSOWC.DLL, N/A>
[ActiveMovieControl Object]
  {05589FA1-C356-11CE-BF01-00AA0055595A} <D:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[MMCPlayer Class]
  {05C1004E-2596-48E5-8E26-39362985EEB9} <D:\WINDOWS\Downloaded Program Files\MMCShell.dll, Sohu.com Inc.>
[assist]
  {1B0E7716-898E-48CC-9690-4E338E8DE1D3} <D:\PROGRA~1\3721\Assist\assist.dll, >
[GDHidCtrl Class]
  {220ED87A-CB03-45A8-A81E-1C5597E11186} <D:\WINDOWS\system32\GDHidUsr\GDHidUsr.dll, >
[RealPlayer SMIL Download Handler]
  {224E833B-2CC6-42D9-AE39-90B6A38A4FA2} <D:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <D:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DownLoad Class]
  {276BF72D-CA22-4237-9BCF-593B4E490DE9} <D:\WINDOWS\Downloaded Program Files\AliTalk_WebUpdate.dll, >
[RealPlayer RAM Download Handler]
  {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <D:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[HtmlDlgSafeHelper Class]
  {3050F819-98B5-11CF-BB82-00AA00BDCE0B} <D:\WINDOWS\system32\mshtmled.dll, Microsoft Corporation>
[Tabular Data Control]
  {333C7BC4-460F-11D0-BC04-0080C7055A83} <D:\WINDOWS\system32\tdc.ocx, Microsoft Corporation>
[Yahoo!Photo]
  {33BBE430-0E42-4F12-B075-8D21ACB10DCB} <D:\PROGRA~1\Yahoo!\ASSIST~1\assist\yphtb.dll, Yahoo! China>
[MsHelp Class]
  {33C3992F-1963-49BE-88D7-974C8EE564B5} <D:\WINDOWS\system32\MsHelper.dll, Microsofts>
[{3676996C-D8C6-4356-B4BE-3A80400C606E}]
  {3676996C-D8C6-4356-B4BE-3A80400C606E} <D:\WINDOWS\DOWNLO~1\44DVD_~1.OCX, 17BoBo.com>
[Microsoft DirectAnimation Structured Graphics]
  {369303C2-D7AC-11D0-89D5-00A0C90833E6} <D:\WINDOWS\system32\Daxctle.ocx, Microsoft Corporation>
[IETag Factory]
  {38481807-CA0E-42D2-BF39-B33AF135CC4D} <D:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, Microsoft Corporation>
[AntiFish Class]
  {38928D50-8A48-44C2-945F-D2F23F771410} <D:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll, Yahoo.>
[雅虎助手]
  {406F94F0-504F-4A40-8DFD-58B0666ABEBD} <D:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll, Yahoo!>
[HHCtrl Object]
gototop
 
慕容小燕
头像
初生襁褓狮
  • 帖子:53
  • 注册: 2004-05-29
  • 来自:
发表于: 2006-12-20 21:40 | 只看楼主 短消息 资料
字号: 15楼

{41B23C28-488E-4E5C-ACE2-BB0BBABE99E8} <D:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[超级兔子上网精灵]
  {43869BB3-22FD-4F15-9B46-238106BA2F4E} <D:\Program Files\Super Rabbit\MagicSet\haokanbar.dll, Xiang Feng Technology>
[CEditCtrl Object]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <D:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <D:\陈守桓\重要文件\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Yahoo!Live]
  {57421194-58FB-49AE-9B4F-FD48869B9AD4} <D:\PROGRA~1\Yahoo!\ASSIST~1\YAlive.dll, >
[BitSrazt Class]
  {5F97431B-BAE3-50E2-AD13-D6A5BD7E5457} <D:\WINDOWS\DOWNLO~1\sfmgdu.dll, gjvkvsoft>
[DragSearch BHO]
  {62EED7C6-9F02-42F9-B634-98E2899E147B} <D:\PROGRA~1\Yahoo!\ASSIST~1\assist\YDRAGS~1.DLL, >
[AdPutHelper.AdHelper]
  {631EDC67-F035-49BA-B8BC-983B474E9BB4} <D:\WINDOWS\system32\AdPutHelper.dll, chuangya>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <D:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[CCtInf Class]
  {6DBB2904-082D-4DB0-944A-21C22BA121F4} <D:\WINDOWS\system32\BANKCE~1.DLL, >
[Active Desktop Mover]
  {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[超级兔子上网精灵]
  {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <D:\Program Files\Super Rabbit\MagicSet\haokanbar.dll, Xiang Feng Technology>
[AxInputControl Class]
  {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <D:\WINDOWS\DOWNLO~1\INPUTC~1.DLL, >
[VnetAnprIns Class]
  {74447F9C-5691-4A9A-8BE4-564092E40B03} <D:\WINDOWS\Downloaded Program Files\anprins.dll, 中国电信股份有限公司>
[AutoLive]
  {7CA83CF1-3AEA-42D0-A4E3-1594FC6E48B2} <D:\PROGRA~1\3721\autolive.dll, >
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <D:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[AxSubmitControl Class]
  {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <D:\WINDOWS\system32\SUBMIT~1.DLL, >
[XZR_Activex Control]
  {90F3B5B2-E796-4C8D-97D2-02790652534F} <D:\WINDOWS\DOWNLO~1\XZR_AC~1.OCX, Bol>
[LiveMediaOcx Control]
  {9242BB35-0DB0-43AC-8DFC-8EA07E63B92A} <D:\PROGRA~1\Tencent\QQLive\QQLive.ocx, N/A>
[photo_uploader Control]
  {A984ED9F-E8DA-44E5-BC18-C14B9ABEF79D} <D:\PROGRA~1\Netease\000\popo2004\PHOTO_~1.OCX, N/A>
[]
  {A9930D97-9CF0-42A0-A10D-4F28836579D5} <D:\PROGRA~1\KuGoo3\KUGOO3~1.OCX, N/A>
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <D:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <D:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[MsnMessengerSetupDownloadControl Class]
  {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} <D:\WINDOWS\Downloaded Program Files\MsnMessengerSetupDownloader.ocx, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[]
  {B69003B3-C55E-4B48-836C-BC5946FC3B28} <D:\Program Files\Messenger\msgsc.dll, Microsoft Corporation>
[Microsoft DirectAnimation Control]
  {B6FFC24C-7E13-11D0-9B47-00C04FC2F51D} <D:\WINDOWS\system32\danim.dll, Microsoft Corporation>
[3721]
  {B83FC273-3522-4CC6-92EC-75CC86678DA4} <D:\WINDOWS\Downloaded Program Files\CnsMin.dll, 北京三七二一科技有限公司>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <D:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[AUDIO__MID Moniker Class]
  {CD3AFA74-B84F-48F0-9393-7EDC34128127} <D:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <D:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <D:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
  {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <D:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <D:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[i-Nav IE Install Helper]
  {CE000998-A58C-4441-8938-744CD72AB27F} <, N/A>
[Ppinstall Control]
  {CF051549-EDE1-40F5-B440-BCD646CF2C25} <D:\WINDOWS\DOWNLO~1\PPINST~1.OCX, 网易 NetEase>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <D:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[CnsHook Class]
  {D157330A-9EF3-49F8-9A67-4141AC41ADD4} <D:\WINDOWS\Downloaded Program Files\CnsHook.dll, 北京三七二一科技有限公司>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <D:\WINDOWS\system32\Macromed\Flash\Flash8.ocx, Macromedia, Inc.>
[VnetAnpr Class]
  {E1207373-6721-4AAD-888B-C8C5A0209E17} <D:\WINDOWS\system32\.vnetplugin_\_0\anpr.dll, N/A>
[Csyshelper Object]
  {E16BB625-16F1-4338-AA38-098F6873AC24} <D:\WINDOWS\system32\syshelper.dll, TODO: <公司名>>
[CPasswordEditCtrl Object]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <D:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
[IcbcSslCacheCleanerCtrl Class]
  {E9707834-5BF7-4CFF-A639-398427DE1991} <D:\WINDOWS\Downloaded Program Files\IcbcSslCacheCleaner.dll, 中国工商银行>
[Msp Class]
  {EF9F1C48-1A63-495A-9317-B7B71B34A9CF} <D:\WINDOWS\Downloaded Program Files\dddmsp.dll, >
[WMHlprObj Class]
  {F5824EFB-728A-4726-A5A5-85A68B20EDC3} <D:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll, N/A>
[assist]
  {FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} <D:\PROGRA~1\Yahoo!\ASSIST~1\assist\yassist.dll, Yahoo!>
[上传到QQ网络硬盘]
  <D:\陈守桓\重要文件\AddToNetDisk.htm, N/A>
[使用Web迅雷下载]
  <D:\Program Files\Thunder Network\WebThunder\GetUrl.htm, N/A>
[使用Web迅雷下载全部链接]
  <D:\Program Files\Thunder Network\WebThunder\GetAllUrl.htm, N/A>
[添加到QQ自定义面板]
  <D:\陈守桓\重要文件\AddPanel.htm, N/A>
[添加到QQ表情]
  <D:\陈守桓\重要文件\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <D:\陈守桓\重要文件\SendMMS.htm, N/A>
==================================
正在运行的进程
[PID: 148][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2096 (xpsp_sp2_rc1.040311-2315)]
[PID: 212][\??\D:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2096 (xpsp_sp2_rc1.040311-2315)]
[PID: 236][\??\D:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2096 (xpsp_sp2_rc1.040311-2315)]
    [d:\program files\msn messenger\lzmqcnqv.dll]  [, 1, 0, 0, 11]
[PID: 280][D:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2096 (xpsp_sp2_rc1.040311-2315)]
[PID: 292][D:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2096 (xpsp_sp2_rc1.040311-2315)]
[PID: 464][D:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2096 (xpsp_sp2_rc1.040311-2315)]
[PID: 496][D:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2096 (xpsp_sp2_rc1.040311-2315)]
[PID: 572][D:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2096 (xpsp_sp2_rc1.040311-2315)]
[PID: 760][D:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2096 (xpsp_sp2_rc1.040311-2315)]
    [D:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\shellex.dll]  [Kaspersky Lab, 5.0.142.1]
    [D:\PROGRA~1\3721\assist\wiper.dll]  [N/A, 1, 0, 0, 1012]
    [D:\WINDOWS\DOWNLO~1\CnsMinIO.dll]  [北京三七二一科技有限公司, 1, 0, 3, 7]
    [d:\program files\msn messenger\lzmqcnqv.dll]  [, 1, 0, 0, 11]
[PID: 888][D:\程序\SREng2-v2.2\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["D:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
[D:\]
[autorun]
open=d:\mplay.com

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
gototop
 
秋日里的蓝天
头像
卡卡技术团队
  • 帖子:7349
  • 注册: 2004-09-30
  • 来自:
发表于: 2006-12-20 22:26 | 短消息 资料
字号: 16楼

重新启动电脑,自动检测完后, 按[F8]键(可以一直按到启动菜单出来为止), 选择安全模式(Safe Mode)进入Windows。)



关闭所有浏览窗口以及一些不必要的程序
运行SREng2,使用“启动项目”--注册表--选中以下的项删除
D:\WINDOWS\system32\svchost.exe
d:\program files\msn messenger\lzmqcnqv.dll


运行(双击)SRENG2,点“启动项目,服务,点“驱动程序”
勾选“隐藏已认证的微软项目”选中病毒服务
lfoemho
afibcffi
bhcfgidc / bhcfgidc]
bjbcdgcc / bjbcdgcc]
ccajjeec / ccajjeec]
dhhfdicj / dhhfdicj]
eidbebda / eidbebda]
ejbjfahi / ejbjfahi]
fbfdgjdh / fbfdgjdh]
fgcebjfc / fgcebjfc]
gbejcgfb / gbejcgfb]
ggjfggjb / ggjfggjb]
hdegeefd / hdegeefd]
hjhgdehb / hjhgdehb]
iddbiedf / iddbiedf]
jdjfadff / jdjfadff]
jegjfjgc / jegjfjgc]
jfaihfaa
选择“删除服务”
点“设置”选择“否”


运行(双击)SRENG2,点“启动项目,服务,点“Win32服务应用程序”
勾选“隐藏微软服务”选中病毒服务
Registry Protector
Remote Registry Protect
Windows DHCP Service
Windows_rejoice
WinXP DHCP Service 
,选择“删除服务”
点“设置”选择“否”


显示隐藏文件
删除:
D:\WINDOWS\SYSTEM32\WBEM\IRJIT.DLL
D:\WINDOWS\system32\spted.dll
D:\WINDOWS\system32\windhcp.ocx
D:\WINDOWS\system32\xpdhcp.dll
D:\WINDOWS\System32\drivers\lfoemho.sys
d:\program files\msn messenger\lzmqcnqv.dll
d:\mplay.com
d:\Autorun.inf
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\drivers\afibcffi.sys
D:\WINDOWS\system32\drivers\bhcfgidc.sys><中国互联网络信息中心(CNNIC)>
D:\WINDOWS\system32\drivers\bjbcdgcc.sys><中国互联网络信息中心(CNNIC)>
D:\WINDOWS\system32\drivers\ccajjeec.sys><中国互联网络信息中心(CNNIC)>
D:\WINDOWS\system32\drivers\dhhfdicj.sys><中国互联网络信息中心(CNNIC)>
D:\WINDOWS\system32\drivers\eidbebda.sys><中国互联网络信息中心(CNNIC)>
D:\WINDOWS\system32\drivers\ejbjfahi.sys><中国互联网络信息中心(CNNIC)>
D:\WINDOWS\system32\drivers\fbfdgjdh.sys><中国互联网络信息中心(CNNIC)>
D:\WINDOWS\system32\drivers\fgcebjfc.sys><中国互联网络信息中心(CNNIC)>
D:\WINDOWS\system32\drivers\gbejcgfb.sys><中国互联网络信息中心(CNNIC)>
D:\WINDOWS\system32\drivers\ggjfggjb.sys><中国互联网络信息中心(CNNIC)>
D:\WINDOWS\system32\drivers\hdegeefd.sys><中国互联网络信息中心(CNNIC)>
D:\WINDOWS\system32\drivers\hjhgdehb.sys
D:\WINDOWS\system32\drivers\iddbiedf.sys><中国互联网络信息中心(CNNIC)>
D:\WINDOWS\system32\drivers\jdjfadff.sys><中国互联网络信息中心(CNNIC)>
D:\WINDOWS\system32\drivers\jegjfjgc.sys><中国互联网络信息中心(CNNIC)>
D:\WINDOWS\system32\drivers\jfaihfaa.sys


下载个奇虎360清理一下插件
gototop
 
秋日里的蓝天
头像
卡卡技术团队
  • 帖子:7349
  • 注册: 2004-09-30
  • 来自:
发表于: 2006-12-20 22:39 | 短消息 资料
字号: 17楼

重新启动电脑,自动检测完后, 按[F8]键(可以一直按到启动菜单出来为止), 选择安全模式(Safe Mode)进入Windows。)


运行(双击)SRENG2,点“启动项目,服务,点“驱动程序”
勾选“隐藏已认证的微软项目”选中病毒服务
afibcffi
bhcfgidc
bjbcdgcc
ccajjeec
dhhfdicj
eidbebda
ejbjfahi
fbfdgjdh
fgcebjfc
gbejcgfb
ggjfggjb
hdegeefd
hjhgdehb
lfoemho
选择“删除服务”
点“设置”选择“否”


运行(双击)SRENG2,点“启动项目,服务,点“Win32服务应用程序”
勾选“隐藏微软服务”选中病毒服务
Registry Protector
Remote Registry Protect
Windows DHCP Service
WinXP DHCP Service 
,选择“删除服务”
点“设置”选择“否”


显示隐藏文件
删除:
D:\WINDOWS\SYSTEM32\WBEM\IRJIT.DLL
D:\WINDOWS\system32\spted.dll
D:\WINDOWS\system32\windhcp.ocx
D:\WINDOWS\system32\xpdhcp.dll
D:\WINDOWS\system32\drivers\ADProt.sys
D:\WINDOWS\System32\drivers\lfoemho.sys
d:\program files\msn messenger\lzmqcnqv.dll
d:\mplay.com
d:\Autorun.inf
D:\WINDOWS\system32\drivers\afibcffi.sys
D:\WINDOWS\system32\drivers\bhcfgidc.sys
D:\WINDOWS\system32\drivers\bjbcdgcc.sys
D:\WINDOWS\system32\drivers\ccajjeec.sys
D:\WINDOWS\system32\drivers\dhhfdicj.sys
D:\WINDOWS\system32\drivers\eidbebda.sys
D:\WINDOWS\system32\drivers\ejbjfahi.sys
D:\WINDOWS\system32\drivers\fbfdgjdh.sys
D:\WINDOWS\system32\drivers\fgcebjfc.sys
D:\WINDOWS\system32\drivers\gbejcgfb.sys
D:\WINDOWS\system32\drivers\ggjfggjb.sys
D:\WINDOWS\system32\drivers\hdegeefd.sys
D:\WINDOWS\system32\drivers\hjhgdehb.sys


下载个奇虎360清理一下插件
gototop
 
zhpyw139
头像
初生襁褓狮
  • 帖子:2
  • 注册: 2006-12-21
  • 来自:
发表于: 2006-12-21 00:13 | 短消息 资料
字号: 18楼

说一说,想一想,
  近年村里大变样。
  渔网换成英特网,
  村民个个挣钱忙。
  马擦擦刚建工厂,
  陶困困又盖洋房。
  挣了美金挣英镑,
  人人脸上喜洋洋。

  只是这好景并不长,
  有人在网上耍流氓。
  恶意软件肆虐猖狂,
  不明提示也不开腔。
  一不小心就被安装,
  未经允许强行捆绑。
  系统深处隐密躲藏,
  让你觉得防不胜防。

  恶意软件正肆虐猖狂,
  挨踢村网民心里发慌。
  孤立无援的寻求帮忙,
  期盼正义能有人伸张。

  应运而生是反流氓厂商,
  争先恐后都将责任来抗。
  村民们感恩戴德齐鼓掌,
  幸遇伸张正义的好心肠。

  后来事件让村民纳闷异常,
  反流氓厂商未把责任来担。
  流氓软件不仅未伏法当场,
  反觉得嚣张气焰越来越涨。

  "关系客户不杀、利益客户不挡"
  此类流言在挨踢村里此消彼长,
  "究竟谁该杀,谁又该继续滋长"。
  挨踢村民又再度陷入迷茫彷徨,

  反流氓厂商为己私心被曝威信尽丧,
  村长老现身说法一语道破黑暗隐藏。
  "小毛贼哭戚戚,大流氓却皮毛未伤"
  "此举貌遏制了流氓软件的一时逞强,
  实则是为真正大流氓扫除了发展路障"

  村长老一语道破天机,挨踢村民眼界大长,
  扫除流氓软件,不能依靠一己之私的厂商,
  若然村法规尽快出台,行业自律不耍流氓,
  相信终有一天换得村民幸福快乐村泰民康。
gototop
 
<<上一主题|下一主题>>
12   2  /  2  页   跳转
页面顶部
Powered by Discuz!NT