建议按步骤操作:
1、格式化C盘重装系统,并安装相关驱动程序;
2、
进入系统后不要直接访问任何驱动器,利用开始菜单的搜索命令(“高级选项”设置“搜索隐藏文件和文件夹”),找到每个非系统分区根目录下的两个隐藏文件autorun.inf及auto.exe,一一删除;
3、将QQ的安装目录(如果QQ安装在非系统分区下,一般为TENCENT这个文件夹)完整删除;
4、安装杀软及防火墙,并联网络升级到最新版本;
5、联网后,利用WINDOWS UPDATE安装操作系统补丁(盗版系统就别弄了);
6、重新安装各类应用软件(之前,非系统分区下除了绿色软件外,其他对注册表有写操作的软件安装目录一律删除)。
你的日志中异常内容如下,处理起来很麻烦,建议重装系统解决,既干净彻底,也节省时间:
==================================
注册表
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<nwiz><chmhp.exe> []
<dlnajjbdfa><C:\WINDOWS\system\llwzjy081118.exe> []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{122B901E-493F-4AD9-BC69-7DE8C3E52FCC}><122B901E.dll> [N/A]
<{C8FFD223-C0FB-40C5-94A0-FD7891AC18E9}><C8FFD223.dll> []
<{D7C79813-9233-4AE0-832C-99B2E8019673}><D7C79813.dll> [N/A]
<{F65BDEC7-4BF3-4512-840F-68B166B6D7AC}><F65BDEC7.dll> [N/A]
<{E4814792-EFA3-4C20-93D0-8B130A59F9A8}><E4814792.dll> []
<{755D0ED0-3996-4ADB-9B1F-AD8F0E9E4738}><755D0ED0.dll> [N/A]
<{9F684DE8-3E87-4174-9033-E02A3DFD8B61}><9F684DE8.dll> []
<{43ACDCC5-9009-4AF4-B80A-93BC656EF298}><43ACDCC5.dll> [N/A]
<{4FBFD5A4-5FE8-4444-8BD9-FD0FAFA64F96}><4FBFD5A4.dll> []
<{BA7EDF54-8408-4B21-B351-7B447B344BA4}><BA7EDF54.dll> []
<{DA63E650-537C-4042-87BB-9D19D844680B}><DA63E650.dll> []
<{B3721C07-62B3-411A-9DC7-F5F27E3E21FF}><B3721C07.dll> [N/A]
<{58FF3024-8A83-4B1A-88E9-302F47646EEE}><58FF3024.dll> []
<{66AFCB56-FAA9-42D2-8C72-2767A46C7FA8}><66AFCB56.dll> []
<{08223B03-1B38-4A33-A83A-A4D3CC1D6E4E}><08223B03.dll> []
<{9CA963CA-107C-4089-B0AB-31380F90D7E3}><9CA963CA.dll> [N/A]
<{2EF0D734-21FD-4225-A1A2-BCD296182AAF}><2EF0D734.dll> [N/A]
<{F6A454AE-156A-415E-9F89-3795677A8A91}><C:\Program Files\Internet Explorer\53u1ttMe.2ys> []
<{5934EA2B-B2C4-4BE7-BF7A-FBA781A12E40}><5934EA2B.dll> []
<{E1D19FCC-4777-4D71-B863-6A0A5B4E59BC}><E1D19FCC.dll> []
<{E3367679-4775-4244-A62E-4CFE58FC850B}><E3367679.dll> [N/A]
<{201476D0-2B18-462E-AB9F-3E2B0CC8732B}><201476D0.dll> []
<{70B0129E-726E-4789-A7C0-5DDC33241E94}><70B0129E.dll> [N/A]
<{16AF66EB-93C8-49F9-BB09-B4F87CEDCE46}><16AF66EB.dll> [N/A]
<{8566F82E-03A4-416E-AEAC-66600D8881F1}><8566F82E.dll> [N/A]
<{B8E83D3C-9466-4091-9AD1-1F89418A6EB7}><B8E83D3C.dll> [N/A]
<{3D144530-43DA-47CC-B7C7-A3A9F3B9A6B2}><3D144530.dll> [N/A]
<{DFEC5CB7-E2AA-4B0A-BEB3-D140E59ED53A}><DFEC5CB7.dll> [N/A]
<{202AEF39-2BFA-4A5F-B526-390FDE0BC675}><C:\Program Files\Internet Explorer\VitnNt64.987> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<Webcam><C:\Program Files\Messenger\msgswcam.dll> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwstub.exe]
<IFEO[rfwstub.exe]><svchost.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Thunder5.exe]
<IFEO[Thunder5.exe]><svchost.exe> [(Verified)Microsoft Windows Publisher]
==================================
驱动程序
[aliimz / aliimz][Stopped/Manual Start]
<System32\Drivers\aliimz.sys><N/A>
[c39e8db / c39e8db][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\c39e8db.sys><N/A>
[ca99d57 / ca99d57][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\ca99d57.sys><N/A>
[d7b49fa / d7b49fa][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\d7b49fa.sys><N/A>
[HBKernel32 Driver / HBKernel32][Stopped/Boot Start]
<\SystemRoot\system32\drivers\HBKernel32.sys><N/A>
[anti qqsg / antisg][Running/Disabled]
<\??\C:\Documents and Settings\牛叔\antisg.sys><N/A>
[d435fd4 / d435fd4][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\d435fd4.sys><N/A>
[de8296f / de8296f][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\de8296f.sys><N/A>
[f35ee9e / f35ee9e][Running/Manual Start]
<\??\C:\WINDOWS\system32\f35ee9e.sys><N/A>
==================================
浏览器加载项
[]
{202AEF39-2BFA-4A5F-B526-390FDE0BC675} <C:\Program Files\Internet Explorer\VitnNt64.987, N/A>
[]
{F6A454AE-156A-415E-9F89-3795677A8A91} <C:\Program Files\Internet Explorer\53u1ttMe.2ys, N/A>
[]
{09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <, >
[]
{202AEF39-2BFA-4A5F-B526-390FDE0BC675} <C:\Program Files\Internet Explorer\VitnNt64.987, N/A>
[]
{F6A454AE-156A-415E-9F89-3795677A8A91} <C:\Program Files\Internet Explorer\53u1ttMe.2ys, N/A>
==================================
正在运行的进程
C:\WINDOWS\system32\sh01019.dll
C:\WINDOWS\system32\sh02004.dll
C:\WINDOWS\system32\sh03003.dll
C:\WINDOWS\system32\sh05004.dll
C:\WINDOWS\system32\sh12007.dll
C:\WINDOWS\system32\sh14015.dll
C:\WINDOWS\system32\sh17019.dll
C:\WINDOWS\system32\sh18021.dll
C:\WINDOWS\system32\sh21012.dll
C:\WINDOWS\system32\sh23007.dll
C:\WINDOWS\system32\sh27006.dll
C:\WINDOWS\system32\chmhp.dll
C:\WINDOWS\system32\HBmhly.dll
C:\WINDOWS\system32\HBJTLQ.dll
C:\WINDOWS\system32\HBWOW.dll
C:\WINDOWS\system32\HBWD.dll
C:\WINDOWS\system32\HBTL.dll
C:\WINDOWS\system32\HBDNF.dll
C:\WINDOWS\system32\HBQQXX.dll
C:\WINDOWS\system32\HBQQSG.dll
C:\WINDOWS\system32\HBASKTAO.dll
C:\WINDOWS\system32\HBQQFFO.dll
C:\WINDOWS\system32\HBYY.dll
C:\WINDOWS\system32\HBXY2.dll
C:\WINDOWS\system32\08223B03.dll
C:\WINDOWS\system32\58FF3024.dll
C:\WINDOWS\system32\4FBFD5A4.dll
C:\WINDOWS\system32\201476D0.dll
C:\WINDOWS\system32\E1D19FCC.dll
C:\DOCUME~1\牛叔\LOCALS~1\Temp\767941
C:\Program Files\Internet Explorer\53u1ttMe.2ys
C:\Program Files\Internet Explorer\VitnNt64.987
c:\Autorun.inf
c:\auto.exe
d:\Autorun.inf
d:\auto.exe
e:\Autorun.inf
e:\auto.exe
f:\Autorun.inf
f:\auto.exe
==================================
