瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 【求助】魔法学徒救救我啊(附日志)

1   1  /  1  页   跳转

【求助】魔法学徒救救我啊(附日志)

收藏
3626
头像
初生襁褓狮
  • 帖子:40
  • 注册: 2005-12-21
  • 来自:
发表于: 2006-05-14 19:54 | 只看楼主 短消息 资料
字号: 1楼

【求助】魔法学徒救救我啊(附日志)

Logfile of HijackThis v1.99.1
Scan saved at 18:38:26, on 2006-5-14
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Chinanet\VnetClient.exe
C:\WINDOWS\SERVICES.EXE
c:\windows\alg.exe
C:\boot.exe
C:\WINDOWS\system32\mshta.exe
D:\Tencent\QQ\QQ.exe
D:\Tencent\QQ\TIMPlatform.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\user\LOCALS~1\Temp\Rar$EX00.426\HijackThis.exe

R3 - URLSearchHook: (no name) - {BB936323-19FA-4521-BA29-ECA6A121BC78} - (no file)
R3 - URLSearchHook: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
F3 - REG:win.ini: load=c:\windows\alg.exe
O1 - Hosts: This is 4489.CN Setting file!!!
O1 - Hosts: 61.152.252.24 53900.com
O1 - Hosts: 61.152.252.24 www.53900.com
O1 - Hosts: 61.152.252.24 tm286.com
O1 - Hosts: 61.152.252.24 www.tm286.com
O1 - Hosts: 61.152.252.24 555567.com
O1 - Hosts: 61.152.252.24 www.555567.com
O1 - Hosts: 61.152.252.24 k3333.net
O1 - Hosts: 61.152.252.24 www.k3333.net
O1 - Hosts: 61.152.252.24 556633.com
O1 - Hosts: 61.152.252.24 www.556633.com
O1 - Hosts: 61.152.252.24 t9666.com
O1 - Hosts: 61.152.252.24 www.t9666.com
O1 - Hosts: 61.152.252.24 0085200852.com
O1 - Hosts: 61.152.252.24 www.0085200852.com
O1 - Hosts: 61.152.252.24 tm466.com
O1 - Hosts: 61.152.252.24 www.tm466.com
O1 - Hosts: 61.152.252.24 ok8088.com
O1 - Hosts: 61.152.252.24 www.ok8088.com
O1 - Hosts: 61.152.252.24 y636.com
O1 - Hosts: 61.152.252.24 www.y636.com
O1 - Hosts: 61.152.252.24 777568.com
O1 - Hosts: 61.152.252.24 www.777568.com
O1 - Hosts: 61.152.252.24 22261.com
O1 - Hosts: 61.152.252.24 www.22261.com
O1 - Hosts: 61.152.252.24 22799.net
O1 - Hosts: 61.152.252.24 www.22799.net
O1 - Hosts: 61.152.252.24 34511.com
O1 - Hosts: 61.152.252.24 www.34511.com
O1 - Hosts: 61.152.252.24 87765.com
O1 - Hosts: 61.152.252.24 www.87765.com
O1 - Hosts: 61.152.252.24 557888.com
O1 - Hosts: 61.152.252.24 www.557888.com
O1 - Hosts: 61.152.252.24 k667.net
O1 - Hosts: 61.152.252.24 www.k667.net
O1 - Hosts: 61.152.252.24 t6668.com
O1 - Hosts: 61.152.252.24 www.t6668.com
O1 - Hosts: 61.152.252.24 38144.com
O1 - Hosts: 61.152.252.24 www.38144.com
O1 - Hosts: 61.152.252.24 00338.net
O1 - Hosts: 61.152.252.24 www.00338.net
O1 - Hosts: 61.152.252.24 58567.net
O1 - Hosts: 61.152.252.24 www.58567.net
O1 - Hosts: 61.152.252.24 000666.net
O1 - Hosts: 61.152.252.24 www.000666.net
O1 - Hosts: 61.152.252.24 00448.net
O1 - Hosts: 61.152.252.24 www.00448.net
O1 - Hosts: 61.152.252.24 8888789.com
O1 - Hosts: 61.152.252.24 www.8888789.com
O1 - Hosts: 61.152.252.24 263789.com
O1 - Hosts: 61.152.252.24 www.263789.com
O1 - Hosts: 61.152.252.24 160061.com
O1 - Hosts: 61.152.252.24 www.160061.com
O1 - Hosts: 61.152.252.24 138600.com
O1 - Hosts: 61.152.252.24 www.138600.com
O1 - Hosts: 61.152.252.24 09198.com
O1 - Hosts: 61.152.252.24 www.09198.com
O1 - Hosts: 61.152.252.24 kdy2008.com
O1 - Hosts: 61.152.252.24 www.kdy2008.com
O1 - Hosts: 61.152.252.24 3d757.com
O1 - Hosts: 61.152.252.24 www.3d757.com
O1 - Hosts: 61.152.252.24 568cp.com
O1 - Hosts: 61.152.252.24 www.568cp.com
O1 - Hosts: 61.152.252.24 658668.com
O1 - Hosts: 61.152.252.24 www.658668.com
O1 - Hosts: 61.152.252.24 cp2166.com
O1 - Hosts: 61.152.252.24 www.cp2166.com
O1 - Hosts: 61.152.252.24 cp34567.com
O1 - Hosts: 61.152.252.24 www.cp34567.com
O1 - Hosts: 61.152.252.24 48699.com
O1 - Hosts: 61.152.252.24 www.48699.com
O1 - Hosts: 61.152.252.24 56598.com
O1 - Hosts: 61.152.252.24 www.56598.com
O1 - Hosts: 61.152.252.24 258268.com
O1 - Hosts: 61.152.252.24 www.258268.com
O1 - Hosts: 61.152.252.24 345333.com
O1 - Hosts: 61.152.252.24 www.345333.com
O1 - Hosts: 61.152.252.24 454455.com
O1 - Hosts: 61.152.252.24 www.454455.com
O1 - Hosts: 61.152.252.24 82567.com
O1 - Hosts: 61.152.252.24 www.82567.com
O1 - Hosts: 61.152.252.24 10585.com
O1 - Hosts: 61.152.252.24 www.10585.com
O1 - Hosts: 61.152.252.24 tm4936.com
O1 - Hosts: 61.152.252.24 www.tm4936.com
O1 - Hosts: 61.152.252.24 kk4949.com
O1 - Hosts: 61.152.252.24 www.kk4949.com
O1 - Hosts: 61.152.252.24 332338.com
O1 - Hosts: 61.152.252.24 www.332338.com
O1 - Hosts: 61.152.252.24 00858.cc
O1 - Hosts: 61.152.252.24 www.00858.cc
O1 - Hosts: 61.152.252.24 992998.com
O1 - Hosts: 61.152.252.24 www.992998.com
O1 - Hosts: 61.152.252.24 444345.com
O1 - Hosts: 61.152.252.24 www.444345.com
O1 - Hosts: 61.152.252.24 55770.com
O1 - Hosts: 61.152.252.24 www.55770.com
O1 - Hosts: 61.152.252.24 611688.com
O1 - Hosts: 61.152.252.24 www.611688.com
O1 - Hosts: 61.152.252.24 772778.com
O1 - Hosts: 61.152.252.24 www.772778.com
O2 - BHO: SohuDAIEHelper - {0CA51D02-7739-43EA-8D9A-1E8AD4327B03} - C:\Program Files\P4P\sodaie.dll (file missing)
O2 - BHO: yPhtb - {33BBE430-0E42-4f12-B075-8D21ACB10DCB} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll
O2 - BHO: Anti Fish - {38928D50-8A48-44C2-945F-D2F23F771410} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll
O2 - BHO: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O2 - BHO: VnetCookie Class - {4E83D567-4697-4F7B-B1F0-A513B01DB89A} - c:\PROGRA~1\chinanet\VNETTR~1.DLL
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - D:\Tencent\QQ\QQIEHelper.dll
O2 - BHO: YDragSearch - {62EED7C6-9F02-42f9-B634-98E2899E147B} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL
O2 - BHO: (no name) - {A9930D97-9CF0-42A0-A10D-4F28836579D5} - D:\KuGoo3\KuGoo3DownXControl.ocx
O2 - BHO: CnsHook Class - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - C:\WINDOWS\downlo~1\CnsHook.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll

最后编辑2006-05-14 20:19:13
分享到:
gototop
 
3626
头像
初生襁褓狮
  • 帖子:40
  • 注册: 2005-12-21
  • 来自:
发表于: 2006-05-14 19:55 | 只看楼主 短消息 资料
字号: 2楼

O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [helper.dll] C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32
O4 - HKLM\..\Run: [CnsMin] Rundll32.exe C:\WINDOWS\downlo~1\CnsMin.dll,Rundll32
O4 - HKLM\..\Run: [YLive.exe] C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
O4 - HKLM\..\Run: [yassistse] "C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [ccenter] C:\Program Files\rising\Rav\CCenter.exe
O4 - HKLM\..\Run: [services] c:\windows\services.exe
O4 - HKLM\..\RunServices: [ccenter] C:\Program Files\rising\Rav\CCenter.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [services] c:\windows\services.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: !搜一搜(&S) - res://C:\Program Files\YiSou\yisou.dll/232
O8 - Extra context menu item: &Download by NetAnts - C:\PROGRA~1\NetAnts\NAGet.htm
O8 - Extra context menu item: Download &All by NetAnts - C:\PROGRA~1\NetAnts\NAGetAll.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 使用KuGoo3下载(&K) - D:\KuGoo3\KuGoo3DownX.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://c:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 添加到雅虎订阅(&Y) - res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrss.dll/YRSSMENUEXT
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\Tencent\QQ\SendMMS.htm
O8 - Extra context menu item: 雅虎搜索 - res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll/246
O9 - Extra button: Yahoo 1G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail (file missing)
O9 - Extra button: NetAnts - {57E91B47-F40A-11D1-B792-444553540000} - C:\PROGRA~1\NetAnts\NetAnts.exe
O9 - Extra 'Tools' menuitem: &NetAnts - {57E91B47-F40A-11D1-B792-444553540000} - C:\PROGRA~1\NetAnts\NetAnts.exe
O9 - Extra button: 寻宝乐趣多 - {59BC54A2-56B3-44a0-93E5-432D58746E26} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=taobao (file missing)
O9 - Extra button: 雅虎助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist (file missing)
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Tencent\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Tencent\QQ\QQ.EXE
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\Tencent\QQ\QQIEHelper.dll
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\Tencent\QQ\QQIEHelper.dll
O9 - Extra button: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/ (file missing)
O9 - Extra button: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing)
O9 - Extra 'Tools' menuitem: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing)
O9 - Extra 'Tools' menuitem: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing)
O11 - Options group: [!CNS]  上网助手-地址栏搜索
O16 - DPF: {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (Rising Web Scan Object) - http://download.rising.com.cn/register/pcver/autoupgradepad/pcver2006new/OL2006.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1458A6E0-B70F-4785-9B60-DBF94B8450A7}: NameServer = 202.103.225.68,202.103.224.68
O17 - HKLM\System\CCS\Services\Tcpip\..\{8630A599-B5BF-465C-A49B-60C3746791EA}: NameServer = 202.103.225.68 202.103.224.68
O17 - HKLM\System\CCS\Services\Tcpip\..\{A405C88C-9F77-4BD5-8A64-F19020C6E439}: NameServer = 202.103.224.68,202.103.225.68
O17 - HKLM\System\CS1\Services\Tcpip\..\{1458A6E0-B70F-4785-9B60-DBF94B8450A7}: NameServer = 202.103.225.68,202.103.224.68
O23 - Service: Decondary (Decondary Logon) - Unknown owner - C:\WINDOWS\alertter.exe
O23 - Service: Gray_Pigeon_Server (GrayPigeonServer) - Unknown owner - C:\WINDOWS\G_Server1.2.exe
gototop
 
我无邪
头像
高贵耄耋狮
  • 帖子:20720
  • 注册: 2004-06-10
  • 来自:广西玉林
发表于: 2006-05-14 20:19 | 短消息 资料
字号: 3楼

这一项如果你也不知道,建议修复。
O23 - Service: Decondary (Decondary Logon) - Unknown owner - C:\WINDOWS\alertter.exe
开始→运行→输入services.msc,打开“服务”→查找 Decondary,Gray_Pigeon_Server→双击→启动类型→禁止→停止→应用→确定。禁止Decondary,Gray_Pigeon_Server这2个服务 (每一个逗号隔开的就是一个病毒的服务,请逐一禁用)
请到www.27814939.ys168.com下载诺顿进程管理器终止C:\WINDOWS\SERVICES.EXE,c:\windows\alg.exe,C:\boot.exe的进程(注意目录,不要终止错。)
关闭所有浏览窗口以及一些不必要的程序
运行Hijackthis,扫描结束后在下列选项前打上勾,然后选"修复""
F3 - REG:win.ini: load=c:\windows\alg.exe
O1 - Hosts: This is 4489.CN Setting file!!!
O1 - Hosts: 61.152.252.24 53900.com
O1 - Hosts: 61.152.252.24 www.53900.com
O1 - Hosts: 61.152.252.24 tm286.com
O1 - Hosts: 61.152.252.24 www.tm286.com
O1 - Hosts: 61.152.252.24 555567.com
O1 - Hosts: 61.152.252.24 www.555567.com
O1 - Hosts: 61.152.252.24 k3333.net
O1 - Hosts: 61.152.252.24 www.k3333.net
O1 - Hosts: 61.152.252.24 556633.com
O1 - Hosts: 61.152.252.24 www.556633.com
O1 - Hosts: 61.152.252.24 t9666.com
O1 - Hosts: 61.152.252.24 www.t9666.com
O1 - Hosts: 61.152.252.24 0085200852.com
O1 - Hosts: 61.152.252.24 www.0085200852.com
O1 - Hosts: 61.152.252.24 tm466.com
O1 - Hosts: 61.152.252.24 www.tm466.com
O1 - Hosts: 61.152.252.24 ok8088.com
O1 - Hosts: 61.152.252.24 www.ok8088.com
O1 - Hosts: 61.152.252.24 y636.com
O1 - Hosts: 61.152.252.24 www.y636.com
O1 - Hosts: 61.152.252.24 777568.com
O1 - Hosts: 61.152.252.24 www.777568.com
O1 - Hosts: 61.152.252.24 22261.com
O1 - Hosts: 61.152.252.24 www.22261.com
O1 - Hosts: 61.152.252.24 22799.net
O1 - Hosts: 61.152.252.24 www.22799.net
O1 - Hosts: 61.152.252.24 34511.com
O1 - Hosts: 61.152.252.24 www.34511.com
O1 - Hosts: 61.152.252.24 87765.com
O1 - Hosts: 61.152.252.24 www.87765.com
O1 - Hosts: 61.152.252.24 557888.com
O1 - Hosts: 61.152.252.24 www.557888.com
O1 - Hosts: 61.152.252.24 k667.net
O1 - Hosts: 61.152.252.24 www.k667.net
O1 - Hosts: 61.152.252.24 t6668.com
O1 - Hosts: 61.152.252.24 www.t6668.com
O1 - Hosts: 61.152.252.24 38144.com
O1 - Hosts: 61.152.252.24 www.38144.com
O1 - Hosts: 61.152.252.24 00338.net
O1 - Hosts: 61.152.252.24 www.00338.net
O1 - Hosts: 61.152.252.24 58567.net
O1 - Hosts: 61.152.252.24 www.58567.net
O1 - Hosts: 61.152.252.24 000666.net
O1 - Hosts: 61.152.252.24 www.000666.net
O1 - Hosts: 61.152.252.24 00448.net
O1 - Hosts: 61.152.252.24 www.00448.net
O1 - Hosts: 61.152.252.24 8888789.com
O1 - Hosts: 61.152.252.24 www.8888789.com
O1 - Hosts: 61.152.252.24 263789.com
O1 - Hosts: 61.152.252.24 www.263789.com
O1 - Hosts: 61.152.252.24 160061.com
O1 - Hosts: 61.152.252.24 www.160061.com
O1 - Hosts: 61.152.252.24 138600.com
O1 - Hosts: 61.152.252.24 www.138600.com
O1 - Hosts: 61.152.252.24 09198.com
O1 - Hosts: 61.152.252.24 www.09198.com
O1 - Hosts: 61.152.252.24 kdy2008.com
O1 - Hosts: 61.152.252.24 www.kdy2008.com
O1 - Hosts: 61.152.252.24 3d757.com
O1 - Hosts: 61.152.252.24 www.3d757.com
O1 - Hosts: 61.152.252.24 568cp.com
O1 - Hosts: 61.152.252.24 www.568cp.com
O1 - Hosts: 61.152.252.24 658668.com
O1 - Hosts: 61.152.252.24 www.658668.com
O1 - Hosts: 61.152.252.24 cp2166.com
O1 - Hosts: 61.152.252.24 www.cp2166.com
O1 - Hosts: 61.152.252.24 cp34567.com
O1 - Hosts: 61.152.252.24 www.cp34567.com
O1 - Hosts: 61.152.252.24 48699.com
O1 - Hosts: 61.152.252.24 www.48699.com
O1 - Hosts: 61.152.252.24 56598.com
O1 - Hosts: 61.152.252.24 www.56598.com
O1 - Hosts: 61.152.252.24 258268.com
O1 - Hosts: 61.152.252.24 www.258268.com
O1 - Hosts: 61.152.252.24 345333.com
O1 - Hosts: 61.152.252.24 www.345333.com
O1 - Hosts: 61.152.252.24 454455.com
O1 - Hosts: 61.152.252.24 www.454455.com
O1 - Hosts: 61.152.252.24 82567.com
O1 - Hosts: 61.152.252.24 www.82567.com
O1 - Hosts: 61.152.252.24 10585.com
O1 - Hosts: 61.152.252.24 www.10585.com
O1 - Hosts: 61.152.252.24 tm4936.com
O1 - Hosts: 61.152.252.24 www.tm4936.com
O1 - Hosts: 61.152.252.24 kk4949.com
O1 - Hosts: 61.152.252.24 www.kk4949.com
O1 - Hosts: 61.152.252.24 332338.com
O1 - Hosts: 61.152.252.24 www.332338.com
O1 - Hosts: 61.152.252.24 00858.cc
O1 - Hosts: 61.152.252.24 www.00858.cc
O1 - Hosts: 61.152.252.24 992998.com
O1 - Hosts: 61.152.252.24 www.992998.com
O1 - Hosts: 61.152.252.24 444345.com
O1 - Hosts: 61.152.252.24 www.444345.com
O1 - Hosts: 61.152.252.24 55770.com
O1 - Hosts: 61.152.252.24 www.55770.com
O1 - Hosts: 61.152.252.24 611688.com
O1 - Hosts: 61.152.252.24 www.611688.com
O1 - Hosts: 61.152.252.24 772778.com
O1 - Hosts: 61.152.252.24 www.772778.com
O2 - BHO: SohuDAIEHelper - {0CA51D02-7739-43EA-8D9A-1E8AD4327B03} - C:\Program Files\P4P\sodaie.dll (file missing)
O4 - HKLM\..\Run: [services] c:\windows\services.exe
O4 - HKCU\..\Run: [services] c:\windows\services.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O23 - Service: Decondary (Decondary Logon) - Unknown owner - C:\WINDOWS\alertter.exe
O23 - Service: Gray_Pigeon_Server (GrayPigeonServer) - Unknown owner - C:\WINDOWS\G_Server1.2.exe

双击我的电脑--工具---文件夹选项--查看--单击选取"显示隐藏文件或文件夹"清除"隐藏受保护的操作系统文件(推荐)"复选框。在提示您确定更改时,单击“是”
(请按上述步骤操作,不要略过)
然后找到如下文件并删除(如果有的话)
删除
C:\WINDOWS\G_Server1.2.exe
C:\WINDOWS\alertter.exe
c:\windows\services.exe
C:\WINDOWS\SERVICES.EXE
c:\windows\alg.exe
C:\boot.exe
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT