我只会打开瑞星,然后按杀毒~接下来杀不了的偶不会了

引用:

【baohe的贴子】【回复“风信子精灵”的帖子】 病毒文件的路径很清楚。 请找到这些文件，用WINRAR和WINZIP打包，发到我的邮箱：baohelin@yahoo.com.cn. ...........................

很不幸,我打包的时候又遇到问题

偶没这么勇能干掉它们

请问一下如果这些病毒不杀对电脑有什么影响呢?

上回中过一次木马,结果被盗了一百多个Q币

又假如到最后搞不掂这些病毒,格了重装系统可以解决问题吗?

引用:

【baohe的贴子】 木马就是“小偷”、“破坏者”的同义词。 重装系统可以解决问题。不过，这样做，太麻烦了。 建议尝试DOS下杀毒。 ...........................

我也不想重装系统,因为那样会导致很多程序都要重装了,可是DOS下杀毒偶不晓得怎么做有没有详细教怎么在DOS下杀毒的帖子?

晚上试试,光盘被朋友借去还没要回来,谢谢baohe大哥先,麻烦你了

偶又来了~下午去朋友那,他把光盘又借给别人了~现在我手上只有瑞星的A盘可以么?

这是我用那个什么什么扫的,


Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
d:\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Ahead\InCD\InCD.exe
D:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
D:\PROGRA~1\RISING\RAV\RAVMON.EXE
C:\WINDOWS\VM_STI.EXE
C:\Program Files\CNNIC\Cdn\cdnup.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3H2.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\conime.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
D:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
D:\PROGRAM FILES\RISING\RAV\Ravmond.exe
C:\WINDOWS\system32\svchost.exe
D:\PROGRAM FILES\RISING\RAV\RavStub.exe
C:\WINDOWS\diskman.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Tencent\QQ\QQ.exe
C:\Program Files\Tencent\QQ\TIMPlatform.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Tencent\QQ\QQexternal.exe
C:\Program Files\Tencent\QQ\qqpet\qqpet.exe
C:\Program Files\Tencent\QQ\QQ.exe
C:\Program Files\Tencent\QQ\qqpet\qqpet.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Administrator\桌面\155847200541134207\HijackThis.exe

R3 - URLSearchHook: Tencent Url Search Hook - {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} - C:\WINDOWS\Downloaded Program Files\TBHMain.dll
O2 - BHO: Tencent Browser Helper - {0C7C23EF-A848-485B-873C-0ED954731014} - C:\WINDOWS\Downloaded Program Files\TBHMain.dll
O2 - BHO: i&Bar搜索引擎 - {2E7D3330-EB94-4518-B0FE-E05379A5C1DA} - C:\PROGRA~1\iBar\10002\iBar.dll
O2 - BHO: CNNIC_IDN - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O2 - BHO: MMSAssist - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\MMSASS~1.DLL
O2 - BHO: stdup - {6A512BF7-EC78-4e8d-9841-6C02E8FA9838} - C:\WINDOWS\system32\stdup.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FLASHGET\jccatch.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll
O3 - Toolbar: i&Bar搜索引擎 - {2E7D3330-EB94-4518-B0FE-E05379A5C1DA} - C:\PROGRA~1\iBar\10002\iBar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Program Files\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=110805 serial=DR12CRC-7032960-LBH lang=EN
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] d:\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [RavTimer] D:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
O4 - HKLM\..\Run: [RavMon] D:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM
O4 - HKLM\..\Run: [Windows内存整理] C:\Program Files\Windows优化大师 V6.3 1009 荒村听雨特别\WinMem.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE ZSMC USB PC Camera
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [CdnCtr] C:\Program Files\CNNIC\Cdn\cdnup.exe
O4 - HKLM\..\Run: [sysupate] C:\WINDOWS\system32\NtSysUpdate.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R210 Series (副本 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3H2.EXE /P39 "EPSON Stylus Photo R210 Series (副本 1)" /O6 "USB001" /M "Stylus Photo R210"
O4 - HKLM\..\Run: [EPSON Stylus Photo R210 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3H2.EXE /P30 "EPSON Stylus Photo R210 Series" /O6 "USB001" /M "Stylus Photo R210"
O4 - HKLM\..\Run: [Update] C:\WINDOWS\system32\Update.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: 娱乐心空.lnk = C:\Program Files\yulexk\Run.exe
O4 - Startup: 腾讯QQ.lnk = C:\Program Files\Tencent\QQ\QQ.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item:  >> 彩信发送 << - res://C:\PROGRA~1\MMSASS~1\MMSASS~1.DLL/mms.htm
O8 - Extra context menu item: 使用Kugoo下载 - F:\wds\KuGoo2\KugooDownX.htm
O8 - Extra context menu item: 使用网际快车下载 - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm
O9 - Extra button: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll
O9 - Extra 'Tools' menuitem: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll
O9 - Extra button: 常用网址 - {36B39F01-7B48-44AD-A165-5849CD8EF562} - C:\WINDOWS\system32\SHDOCVW.DLL
O9 - Extra button: 体验家园主页 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.xpboy.com (file missing)
O9 - Extra button: (no name) - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\MMSASS~1.DLL
O9 - Extra 'Tools' menuitem: MMSAssist工具条设置 - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\MMSASS~1.DLL
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\cdnns.dll
O11 - Options group: [CDNCLIENT]  中文上网
O11 - Options group: [TBH] QQ地址栏搜索
O16 - DPF: {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} (Edit Class) - https://www.sz1.cmbchina.com/download/CMBEdit.cab
O16 - DPF: {2354A44B-3CEB-4829-9940-545B03103538} (PowerPlr Control) - http://5151c.wz16300.com/plugin/PowerPlr.ocx
O16 - DPF: {3D8F74EE-8692-4F8F-B8D2-7522E732519E} (WebActivater Control) - http://game.qq.com/QQGame2.cab
O16 - DPF: {56A7DC70-E102-4408-A34A-AE06FEF01586} - http://iebar.t2t2.com/iebar.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1099213584793
O16 - DPF: {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (AxInputControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab
O16 - DPF: {E787FD25-8D7C-4693-AE67-9406BC6E22DF} (CPasswordEditCtrl Object) - https://tenpay.qq.com/download/qqedit.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BB4E66A6-749C-467E-9E0F-B9AE8B222784}: NameServer = 202.96.134.133 202.96.128.166
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - d:\Ahead\InCD\InCDsrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - rising - D:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\PROGRAM FILES\RISING\RAV\Ravmond.exe
O23 - Service: Universal Disk Manager - Unknown owner - C:\WINDOWS\diskman.exe

引用:

【cdbatti的贴子】先结束进程C:\WINDOWS\diskman.exe 然后修复O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O23 - Service: Universal Disk Manager - Unknown owner - C:\WINDOWS\diskman.exe PS:用SRENG扫描一个吧,那个更详细http://www.kztechs.com有下载 ...........................

那个进程我结束了,可是我不会你说的第二步,怎样修复?

引用:

【影子110的贴子】O4 - Startup: 娱乐心空.lnk = C:\Program Files\yulexk\Run.exe娱乐心空是什么东西？？（好像不是什么好东西~~） O2 - BHO: stdup - {6A512BF7-EC78-4e8d-9841-6C02E8FA9838} - C:\WINDOWS\system32\stdup.dll这项也须修复下~~~ 找到这个文件删除~~~ C:\WINDOWS\system32\stdup.dll ...........................

天地良心啊~偶也不知道这个娱乐心空中啥东东,电脑一启动就跟着启动了

今天弄了一天还是弄不好,明天决定重装系统算了

【回复“天天泡泡”的帖子】真的非常详细清楚,明天试试看,非常感谢!!!


【回复“bobo无极限”的帖子】这个娱乐心空这么恐怖,偶的电脑怎么会这么不幸