只要点击QQ程序,即使没有输入密码登入进去,就弹出一个两个系统消息来了,无非就是中大奖之类的.大概只要QQ程序不关掉,每隔一段时间就有个中大奖的消息给我,,,,烦死了!!
在网上下载了瑞星2009版的,官方下的.也没有删除成功,好象安装也出了问题啊??现在有多了一个麻烦,就是老弹出一个标志性的红色×,提示:没有找到comres,dll,因此这个应用程序未能启动,......."兰色标题栏提示的是hkcad.exe-无法找到组件和igfxtraywindow:igfxtray.exe-无法找到组件.... 每次开机至少要点30几次才关的掉这个红色叉叉!好象是我进程有有几个它就弹几个出来饿!!高手们帮我出出注意啊?

附件: aaaaa.txt (2009-5-18 15:17:35, 38.34 K)
该附件被下载次数 222

附件是SREngLOG.log
进程里头有个tt73609ext.exe
这个病毒老是无法删除啊?
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows Publisher]
    <IgfxTray><C:\WINDOWS\system32\igfxtray.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <HotKeysCmds><C:\WINDOWS\system32\hkcmd.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <Persistence><C:\WINDOWS\system32\igfxpers.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <SoundMAXPnP><C:\Program Files\Analog Devices\Core\smax4pnp.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <SoundMAX><"C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray>  [Analog Devices, Inc.]
    <cmxrdaemon><C:\Program Files\Netease\网易闪电邮\闪电邮\rdaemon.exe>  [File is missing]
    <WebInsight><C:\Program Files\IBE\WebInsight\WIDaemon.exe -auto>  []
    <RsTray><C:\WINDOWS\system32\scvhost.exe>  []
    <runeip><"C:\Program Files\Rising\AntiSpyware\runiep.exe" /startup>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><C:\WINDOWS\System32\SGCQ.dll,ieprot.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <{028A997C-4262-4107-BD46-2ABBC6143E8C}><C:\WINDOWS\system32\efc0c52cc1.dll>  []
    <{2E6ED9F9-D2F1-4B33-B505-478C63E3B53B}><C:\WINDOWS\system32\ys7auTeZqZ8W.dll>  []
    <{704C3595-DB85-40F6-A601-8D6F346907BD}><C:\WINDOWS\system32\704C3595.dll>  []
    <{E88AE11C-26DF-4F4D-8726-C043F513990E}><C:\WINDOWS\system32\yp77Tt3UCG74J.dll>  []
    <{56BC86C7-0692-4F94-A2C1-6CF1DBF8096C}><C:\WINDOWS\system32\56BC86C7.dll>  []
    <{76CBCF38-0583-44C7-A1AE-D463DFE625EC}><C:\WINDOWS\system32\skcfujQ5EDN.dll>  []
    <{71C4F360-FF1E-413E-B17A-0CA267A78E97}><C:\WINDOWS\system32\qB5BKZy7vR5m.dll>  []
    <{6EB6B154-5D10-4505-A998-E71419B05BE1}><C:\WINDOWS\system32\Hzs3R95W.dll>  []
    <{FBFAD3A6-0B1E-4122-9C2B-92A4623875EC}><C:\WINDOWS\system32\v6yj3gxacYQU.dll>  []
    <{36AC68E6-0C26-4D39-B98E-54B49DAB6BAA}><C:\WINDOWS\system32\dhDhwS7fFW.dll>  []
    <{A1A6BC2E-C6A1-43C1-8884-A31D772F42B8}><C:\WINDOWS\system32\A1A6BC2E.dll>  []
    <{E11FB24A-F766-4D0F-ADF5-237958FFA262}><C:\WINDOWS\fonts\f13ERxR2Urh.fon>  []
    <{4E5CFE74-700B-4A8B-B0BF-A6B47D896C18}><C:\WINDOWS\system32\GrTZqH5SnRhAt.dll>  []
    <{91F5C9DB-ACD1-4812-BAB9-6F5AE433930A}><C:\WINDOWS\fonts\MbsV2QQJe.fon>  []
    <{76B9BA7A-81D0-4979-8598-8471F2AB5186}><C:\WINDOWS\system32\76B9BA7A.dll>  []
    <{A0C86020-5935-4B87-B20E-0B656D450264}><C:\WINDOWS\system32\A0C86020.dll>  []
    <{EA25F4E7-8B67-452A-B9DD-B38C526250D3}><C:\WINDOWS\fonts\Q9UnbAWWNuSv4.fon>  []
    <{E4814792-EFA3-4C20-93D0-8B130A59F9A8}><C:\WINDOWS\system32\E4814792.dll>  []
    <{171565E3-F0BB-4FF0-9A42-C9406C79DB78}><C:\WINDOWS\system32\wF87W8XjgDW5Es6tuA.dll>  []
    <{122B901E-493F-4AD9-BC69-7DE8C3E52FCC}><C:\WINDOWS\system32\122B901E.dll>  []
    <{128E2D3D-887F-4259-A416-12973362F92D}><C:\WINDOWS\system32\Mc2CkZupTJ.dll>  []
    <{A5CA6C70-7185-4466-AB45-B1C34E7A37CA}><C:\WINDOWS\system32\ed78ab9.dll>  []
    <{C1CB394D-CECE-440B-9381-838D36862DE2}><C:\WINDOWS\fonts\J99sm27AQRa.fon>  []
    <{22A11E32-1FCB-4F54-A511-34253CB09A1A}><C:\WINDOWS\fonts\aBwruKPXHdP.fon>  []
    <{0FA40B34-8B9B-44ED-B85C-60A83F2C5D24}><C:\WINDOWS\system32\RV2MbKrHA.dll>  []
    <{C722AD57-35DA-4460-8353-328372F32AB2}><C:\WINDOWS\system32\ufQCU5.dll>  []
    <{737858A9-9AEA-4838-9B49-54DA731F7F37}><C:\WINDOWS\system32\BMsg6pdMD4ht.dll>  []
    <{B82E7FC1-A1BC-48ED-A977-53BAD6207AA5}><C:\WINDOWS\system32\GaZ2AKyYG.dll>  [File is missing]
    <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <WebCheck><%SystemRoot%\system32\webcheck.dll>  [(Verified)Microsoft Windows Publisher]
    <SysTray><C:\WINDOWS\system32\stobject.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    <WinlogonNotify: igfxcui><igfxdev.dll>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    <WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    <WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    <WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    <WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
    <浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\system32\logon.scr>  [(Verified)Microsoft Windows Publisher]

下载文件批量提取工具提取下面文件
http://bbs.ikaka.com/attachment.aspx?attachmentid=486266
C:\WINDOWS\system32\scvhost.exe
C:\WINDOWS\system32\efc0c52cc1.dll
C:\WINDOWS\system32\ys7auTeZqZ8W.dll
C:\WINDOWS\system32\704C3595.dll
C:\WINDOWS\system32\yp77Tt3UCG74J.dll
C:\WINDOWS\system32\56BC86C7.dll
C:\WINDOWS\system32\skcfujQ5EDN.dll
C:\WINDOWS\system32\qB5BKZy7vR5m.dll
C:\WINDOWS\system32\Hzs3R95W.dll
C:\WINDOWS\system32\v6yj3gxacYQU.dll
C:\WINDOWS\system32\dhDhwS7fFW.dll
C:\WINDOWS\system32\A1A6BC2E.dll
C:\WINDOWS\fonts\f13ERxR2Urh.fon
C:\WINDOWS\system32\GrTZqH5SnRhAt.dll
C:\WINDOWS\fonts\MbsV2QQJe.fon
C:\WINDOWS\system32\76B9BA7A.dll
C:\WINDOWS\system32\A0C86020.dll
C:\WINDOWS\fonts\Q9UnbAWWNuSv4.fon
C:\WINDOWS\system32\E4814792.dll
C:\WINDOWS\system32\wF87W8XjgDW5Es6tuA.dll
C:\WINDOWS\system32\122B901E.dll
C:\WINDOWS\system32\Mc2CkZupTJ.dll
C:\WINDOWS\system32\Mc2CkZupTJ.dll
C:\WINDOWS\fonts\J99sm27AQRa.fon
C:\WINDOWS\fonts\aBwruKPXHdP.fon
C:\WINDOWS\system32\RV2MbKrHA.dll
C:\WINDOWS\system32\ufQCU5.dll
C:\WINDOWS\system32\BMsg6pdMD4ht.dll

上传病毒样本到可疑文件交流区，地址为：http://bbs.ikaka.com/showforum-20002.aspx
或者直接发送给瑞星的邮件服务中心【病毒样本】地址为：http://mailcenter.rising.com.cn/uploadnew.aspx

提取了,不过运行提取工具软件的时候又弹出comres.dll无法运行的红叉叉提示.关了30几次才关掉

QQ没关,一直中大奖
每隔10多分钟弹一次,居然还是通过发系统消息给我的,
就是喇叭闪烁点开就看到中大奖 如上图
中大奖我不急领它着什么急催我撒

参考http://bbs.ikaka.com/showtopic-8502100.aspx
安装PE，进入PE删除并替换文件

删除以下文件:

c:\windows\tt93953ext.exe
c:\windows\fonts\abwrukpxhdp.fon
c:\windows\fonts\f13erxr2urh.fon
c:\windows\fonts\j99sm27aqra.fon
c:\windows\fonts\mbsv2qqje.fon
c:\windows\fonts\q9unbawwnusv4.fon
c:\windows\system32\122b901e.dll
c:\windows\system32\56bc86c7.dll
c:\windows\system32\704c3595.dll
c:\windows\system32\76b9ba7a.dll
c:\windows\system32\a0c86020.dll
c:\windows\system32\a1a6bc2e.dll
c:\windows\system32\bmsg6pdmd4ht.dll
c:\windows\system32\dhdhws7ffw.dll
c:\windows\system32\e4814792.dll
c:\windows\system32\ed78ab9.dll
c:\windows\system32\efc0c52cc1.dll
c:\windows\system32\grtzqh5snrhat.dll
c:\windows\system32\hzs3r95w.dll
c:\windows\system32\mc2ckzuptj.dll
c:\windows\system32\qb5bkzy7vr5m.dll
c:\windows\system32\rv2mbkrha.dll
c:\windows\system32\skcfujq5edn.dll
c:\windows\system32\ufqcu5.dll
c:\windows\system32\v6yj3gxacyqu.dll
c:\windows\system32\wf87w8xjgdw5es6tua.dll
c:\windows\system32\yp77tt3ucg74j.dll
c:\windows\system32\ys7autezqz8w.dll
c:\windows\system32\snav.dll
d:\ctfmen.exe
c:\windows\system32\scvhost.exe
c:\windows\system32\sgcq.dll,ieprot.dll
c:\windows\system32\gaz2akyyg.dll
c:\windows\system32\drivers\pcidump.sys
c:\windows\system32\drivers\askd.ahc
c:\windows\system32\pdg2.dll
c:\windows\downloaded program files\safeinput4jh.dll
c:\windows\system32\jfcheck.dll

并看看是否各分区上都存在autorun.inf和ctfmen.exe  如果有就全部删除

用正常相同系统文件appmgmts.dll、comres.dll替换c:\windows\system32\文件夹下的原文件。



删除重启后使用SREng修复下面各项：

    启动项目 －－ 注册表之如下项删除：
[{737858A9-9AEA-4838-9B49-54DA731F7F37}] 
[{C722AD57-35DA-4460-8353-328372F32AB2}] 
[{0FA40B34-8B9B-44ED-B85C-60A83F2C5D24}] 
[{22A11E32-1FCB-4F54-A511-34253CB09A1A}] 
[{C1CB394D-CECE-440B-9381-838D36862DE2}] 
[{A5CA6C70-7185-4466-AB45-B1C34E7A37CA}] 
[{128E2D3D-887F-4259-A416-12973362F92D}] 
[{122B901E-493F-4AD9-BC69-7DE8C3E52FCC}] 
[{171565E3-F0BB-4FF0-9A42-C9406C79DB78}] 
[{E4814792-EFA3-4C20-93D0-8B130A59F9A8}] 
[{EA25F4E7-8B67-452A-B9DD-B38C526250D3}] 
[{A0C86020-5935-4B87-B20E-0B656D450264}] 
[{76B9BA7A-81D0-4979-8598-8471F2AB5186}] 
[{91F5C9DB-ACD1-4812-BAB9-6F5AE433930A}] 
[{4E5CFE74-700B-4A8B-B0BF-A6B47D896C18}] 
[{E11FB24A-F766-4D0F-ADF5-237958FFA262}] 
[{A1A6BC2E-C6A1-43C1-8884-A31D772F42B8}] 
[{36AC68E6-0C26-4D39-B98E-54B49DAB6BAA}] 
[{FBFAD3A6-0B1E-4122-9C2B-92A4623875EC}] 
[{6EB6B154-5D10-4505-A998-E71419B05BE1}] 
[{71C4F360-FF1E-413E-B17A-0CA267A78E97}] 
[{76CBCF38-0583-44C7-A1AE-D463DFE625EC}] 
[{56BC86C7-0692-4F94-A2C1-6CF1DBF8096C}] 
[{E88AE11C-26DF-4F4D-8726-C043F513990E}] 
[{704C3595-DB85-40F6-A601-8D6F346907BD}] 
[{2E6ED9F9-D2F1-4B33-B505-478C63E3B53B}] 
[{028A997C-4262-4107-BD46-2ABBC6143E8C}] 
[RsTray] 
注意该项[AppInit_DLLs]修改：把<C:\WINDOWS\System32\SGCQ.dll,ieprot.dll>修改为<>即清空
[{B82E7FC1-A1BC-48ED-A977-53BAD6207AA5}]   

    启动项目 －－ 服务－－ 驱动程序之如下项删除：
[pcidump / pcidump] 
[askd / askd] 

    系统修复－－　浏览器加载项之如下项删除：
[Pdg2 Control]   
[SearchHook Class]
[SearchHook Class]
[Submit Class]   
[PIPI Link Helper]
[safeInput Class]
[PIPI Link Helper]

清理系统临时文件和IE临时文件夹
http://www.atribune.org/public-beta/ATF-Cleaner.exe
下载 windows清理助手清理一遍
http://www.arswp.com/download/arswp2/arswp2.zip

重新安装杀毒软件全盘杀毒一次

谢谢啊，搞定了，病毒全死光光啦
又恢复宁静了