这里下载费尔木马强力清除助手,点选“抑制文件再生”删除下面文件。
附件:
费 尔.rar(内附说明)(右键选择“目标另存为”下载)本链接不支持迅雷等下载工具下载
删除:
C:\WINDOWS\system32\fcbe.dll
C:\Documents and Settings\All Users\「开始」菜单\程序\启动\PGY.vbe
C:\Documents and Settings\All Users\「开始」菜单\程序\启动\run.jse
C:\Documents and Settings\All Users\「开始」菜单\程序\启动\TSPS.lnk
C:\WINDOWS\system32\eeed.exe
C:\WINDOWS\system32\bhoexe.dll
C:\WINDOWS\system32\fe4o.dll
C:\WINDOWS\Tasks\ms.job
不论删除结果如何立即重启电脑
下面是日志中的异常项目
==================================
启动文件夹
[PGY]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\PGY.vbe --> [File is missing]><N>
[run]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\run.jse --> [File is missing]><N>
[TSPS]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\TSPS.lnk --> [File is missing]><N>
==================================
服务
[OSS / OSS][Stopped/Auto Start]
<C:\WINDOWS\system32\eeed.exe><N/A>
==================================
浏览器加载项
[BHOApp Class]
{CE7C3CEF-4B15-11D1-ABED-FA4C0C0931ED} <C:\WINDOWS\system32\bhoexe.dll, N/A>
[CFunPlayer Object]
{ED493CC4-E87B-4D8C-AC59-2A87A14237A0} <C:\WINDOWS\system32\fe4o.dll, Beijing Angels Technology ltd.>
==================================
计划任务
[已启用] ms.job
rundll32
