求助 - 麻煩各位大大鑑賞= =感恩...

頭目 · 2007-12-18, 09:07 PM

Scan saved at 下午 09:04:36, on 2005/12/18
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system\svchost.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\05db1.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\vcplay.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Raxco\PerfectDisk\PDSched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACP.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\conime.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\rundll.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Administrator\桌面\HiJackThis.exe

F2 - REG:system.ini: Shell=Explorer.exe vchelp.exe
F2 - REG:system.ini: UserInit=userinit.exe,C:\WINDOWS\system\svchost.exe
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: AdPopup - {11F09AFD-75AD-4E51-AB43-E09E9351CE16} - C:\Program Files\Common Files\CPUSH\cpush0.dll
O2 - BHO: Info cache - {385AB8C6-FB22-4D17-8834-064E2BA0A6F0} - C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: ff Class - {B9751A53-4494-4d7c-9732-AE3058D8145F} - C:\WINDOWS\system32\3051.dll
O2 - BHO: Windows Messenger Assistant - {C86488AF-13D5-4FEF-9DDF-9FB88698CFC1} - C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_3104.dll
O2 - BHO: ALiBaBar_Helper - {CE439C63-384A-747A-A357-23D96B5D652B} - C:\PROGRA~1\ALiBaBar\ALiBaBar.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: ALiBaBar - {0A1375E1-56C2-11D6-8E45-8933A0FB5235} - C:\PROGRA~1\ALiBaBar\ALiBaBar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] ; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [EPSON Stylus CX3700 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACP.EXE /P26 "EPSON Stylus CX3700 Series" /O6 "USB001" /M "Stylus CX3700"
O4 - HKLM\..\Run: [CJIMETIPSYNC] C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\CHANGJIE\CINTLCFG.EXE /CJIMETIPSync
O4 - HKLM\..\Run: [PHIMETIPSYNC] C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\PHONETIC\TINTLCFG.EXE /PHIMETIPSync
O4 - HKLM\..\Run: [AVPSrv] C:\WINDOWS\AVPSrv.exE
O4 - HKLM\..\Run: [SSLDyn] C:\WINDOWS\SSLDyn.exe
O4 - HKLM\..\Run: [Kvsc3] C:\WINDOWS\Kvsc3.exE
O4 - HKLM\..\Run: [DbgHlp32] C:\WINDOWS\DbgHlp32.exe
O4 - HKLM\..\Run: [mppds] C:\WINDOWS\mppds.exe
O4 - HKLM\..\Run: [NVDispDrv] C:\WINDOWS\NVDispDRV.EXE
O4 - HKLM\..\Run: [cmdbcs] C:\WINDOWS\cmdbcs.exe
O4 - HKLM\..\Run: [upxdnd] C:\WINDOWS\upxdnd.exe
O4 - HKLM\..\Run: [msccrt] C:\WINDOWS\msccrt.exe
O4 - HKLM\..\Run: [MsIMMs32] C:\WINDOWS\MsIMMs32.exE
O4 - HKLM\..\Run: [PTSShell] C:\WINDOWS\PTSShell.exe
O4 - HKLM\..\Run: [LotusHlp] C:\WINDOWS\LotusHlp.exe
O4 - HKLM\..\Run: [MsPrint32D] C:\WINDOWS\MsPrint32D.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [kava] C:\WINDOWS\system32\kavo.exe
O4 - HKLM\..\Policies\Explorer\Run: [MSDEG32] LYLoader.exe
O4 - HKLM\..\Policies\Explorer\Run: [MSDWG32] LYLoadbr.exe
O4 - HKLM\..\Policies\Explorer\Run: [MSDCG32 ] LYLeador.exe
O4 - HKLM\..\Policies\Explorer\Run: [MSDOG32] LYLoador.exe
O4 - HKLM\..\Policies\Explorer\Run: [MSDSG32] LYLoadar.exe
O4 - HKLM\..\Policies\Explorer\Run: [MSDMG32] LYLoadmr.exe
O4 - HKLM\..\Policies\Explorer\Run: [MSDHG32] LYLoadhr.exe
O4 - HKLM\..\Policies\Explorer\Run: [MSDQG32] LYLoadqr.exe
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] ctfmon.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] ctfmon.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] ctfmon.exe (User 'Default user')
O8 - Extra context menu item: Foxy 下載 - res://D:\雜七雜八\Foxy\Foxy.exe/download.htm
O8 - Extra context menu item: Foxy 搜尋 - res://D:\雜七雜八\Foxy\Foxy.exe/search.htm
O8 - Extra context menu item: 剪貼簿文字: 簡 > 繁 - res://C:\Program Files\ALiBaBar\ALiBaBar.dll/RT_HTML/ClipToTrad
O8 - Extra context menu item: 剪貼簿文字: 繁 > 簡 - res://C:\Program Files\ALiBaBar\ALiBaBar.dll/RT_HTML/ClipToSim
O8 - Extra context menu item: 匯出至 Microsoft Office Excel(&X) - res://D:\雜七雜八\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 眢劃昜 - C:\Program Files\AD4All\link1\eachlink.htm
O8 - Extra context menu item: 網頁: [簡體] 顯示 - res://C:\Program Files\ALiBaBar\ALiBaBar.dll/RT_HTML/PageToSim
O8 - Extra context menu item: 網頁: [繁體] 顯示 - res://C:\Program Files\ALiBaBar\ALiBaBar.dll/RT_HTML/PageToTrad
O9 - Extra button: 珨懂秞氈扦 - {7DBC6ADB-5788-4FB9-AEC3-B40A58AC11DF} - http://www.yiqilai.com (file missing)
O9 - Extra button: 參考資料 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\雜七雜八\OFFICE11\REFIEBAR.DLL (file missing)
O9 - Extra button: 眢劃昜 - {EE60714F-AC17-427e-861A-FD60CBDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=824 (file missing)
O9 - Extra 'Tools' menuitem: 眢劃昜 - {EE60714F-AC17-427e-861A-FD60CBDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=824 (file missing)
O14 - IERESET.INF: START_PAGE_URL=tw.yahoo.com
O23 - Service: 2A3F0910 - Unknown owner - C:\WINDOWS\system32\796A0F30.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Fax 2Client (ms_2fax) - Unknown owner - C:\WINDOWS\system32\05db1.exe
O23 - Service: WinFast(R) Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDSched.exe
O23 - Service: ServicevcHelp - Unknown owner - C:\WINDOWS\system32\vcplay.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: 珨懂秞氈翑忒 (Yiqilai) - Unknown owner - C:\Program Files\Yiqilai\wmp\YiqilaiLyrics.exe (file missing)

--
End of file - 8086 bytes

可怕的大陸網站!都會跳出東西...麻煩您了= =聖誕節的感恩^^"

plunderer · 2007-12-18, 10:25 PM

F2 - REG:system.ini: Shell=Explorer.exe vchelp.exe

F2 - REG:system.ini: UserInit=userinit.exe,C:\WINDOWS\system\svchost.exe

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: AdPopup - {11F09AFD-75AD-4E51-AB43-E09E9351CE16} - C:\Program Files\Common Files\CPUSH\cpush0.dll

O2 - BHO: Info cache - {385AB8C6-FB22-4D17-8834-064E2BA0A6F0} - C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll

O2 - BHO: ff Class - {B9751A53-4494-4d7c-9732-AE3058D8145F} - C:\WINDOWS\system32\3051.dll

O2 - BHO: Windows Messenger Assistant - {C86488AF-13D5-4FEF-9DDF-9FB88698CFC1} - C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_3104.dll

O4 - HKLM\..\Run: [AVPSrv] C:\WINDOWS\AVPSrv.exE
O4 - HKLM\..\Run: [SSLDyn] C:\WINDOWS\SSLDyn.exe
O4 - HKLM\..\Run: [Kvsc3] C:\WINDOWS\Kvsc3.exE
O4 - HKLM\..\Run: [DbgHlp32] C:\WINDOWS\DbgHlp32.exe
O4 - HKLM\..\Run: [mppds] C:\WINDOWS\mppds.exe
O4 - HKLM\..\Run: [NVDispDrv] C:\WINDOWS\NVDispDRV.EXE
O4 - HKLM\..\Run: [cmdbcs] C:\WINDOWS\cmdbcs.exe
O4 - HKLM\..\Run: [upxdnd] C:\WINDOWS\upxdnd.exe
O4 - HKLM\..\Run: [msccrt] C:\WINDOWS\msccrt.exe
O4 - HKLM\..\Run: [MsIMMs32] C:\WINDOWS\MsIMMs32.exE
O4 - HKLM\..\Run: [PTSShell] C:\WINDOWS\PTSShell.exe
O4 - HKLM\..\Run: [LotusHlp] C:\WINDOWS\LotusHlp.exe
O4 - HKLM\..\Run: [MsPrint32D] C:\WINDOWS\MsPrint32D.exe
O4 - HKCU\..\Run: [kava] C:\WINDOWS\system32\kavo.exe
O4 - HKLM\..\Policies\Explorer\Run: [MSDEG32] LYLoader.exe
O4 - HKLM\..\Policies\Explorer\Run: [MSDWG32] LYLoadbr.exe
O4 - HKLM\..\Policies\Explorer\Run: [MSDCG32 ] LYLeador.exe
O4 - HKLM\..\Policies\Explorer\Run: [MSDOG32] LYLoador.exe
O4 - HKLM\..\Policies\Explorer\Run: [MSDSG32] LYLoadar.exe
O4 - HKLM\..\Policies\Explorer\Run: [MSDMG32] LYLoadmr.exe
O4 - HKLM\..\Policies\Explorer\Run: [MSDHG32] LYLoadhr.exe
O4 - HKLM\..\Policies\Explorer\Run: [MSDQG32] LYLoadqr.exe

O9 - Extra button: 珨懂秞氈扦 - {7DBC6ADB-5788-4FB9-AEC3-B40A58AC11DF} - http://www.yiqilai.com (file missing)

O9 - Extra button: 參考資料 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\雜七雜八\OFFICE11\REFIEBAR.DLL (file missing)
O9 - Extra button: 眢劃昜 - {EE60714F-AC17-427e-861A-FD60CBDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=824 (file missing)

O9 - Extra 'Tools' menuitem: 眢劃昜 - {EE60714F-AC17-427e-861A-FD60CBDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=824 (file missing)

O23 - Service: 2A3F0910 - Unknown owner - C:\WINDOWS\system32\796A0F30.EXE

O23 - Service: Fax 2Client (ms_2fax) - Unknown owner - C:\WINDOWS\system32\05db1.exe

O23 - Service: ServicevcHelp - Unknown owner - C:\WINDOWS\system32\vcplay.exe

說真的, 建議你重裝系統比較快.....

若要手動清理乾淨, 很麻煩的:

1. 勾選並修復上述項目, 重新開機, 刪除與上述項目有關的檔案

2. 在 DOS 下 c:\ 分別執行下列命令:
attrib -r -h -s autorun.inf
attrib -r -h -s Ntdelect.com
del autorun.inf
del Ntdelect.com (注意! 不是 NTDETECT.COM)

3. 執行 System Repair Engineer
http://www.kztechs.com/sreng/download.html
"系統修復" => "高級修復" => "自動修復"

4. 重新開機, 在檔案總管 "資料夾選項" 內設成 "顯示所有檔案和資料夾 "
再把每個磁碟 (含 USB 隨身碟) 根目錄下的 autorun.inf 全部刪除

5. 清空C:\Documents and Settings\Administrator\Local Settings\Temp 目錄

2007-12-18, 09:07 PM	#1
頭目註冊會員榮譽勳章勳章總數 UID - 274105 在線等級: 註冊日期: 2007-07-24 文章: 20 精華: 0 現金: 23 金幣資產: 23 金幣	求助 - 麻煩各位大大鑑賞= =感恩... Scan saved at 下午 09:04:36, on 2005/12/18 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system\svchost.exe C:\WINDOWS\Explorer.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\05db1.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\vcplay.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\Raxco\PerfectDisk\PDSched.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACP.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\conime.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\rundll.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Documents and Settings\Administrator\桌面\HiJackThis.exe F2 - REG:system.ini: Shell=Explorer.exe vchelp.exe F2 - REG:system.ini: UserInit=userinit.exe,C:\WINDOWS\system\svchost.exe O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: AdPopup - {11F09AFD-75AD-4E51-AB43-E09E9351CE16} - C:\Program Files\Common Files\CPUSH\cpush0.dll O2 - BHO: Info cache - {385AB8C6-FB22-4D17-8834-064E2BA0A6F0} - C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll O2 - BHO: ff Class - {B9751A53-4494-4d7c-9732-AE3058D8145F} - C:\WINDOWS\system32\3051.dll O2 - BHO: Windows Messenger Assistant - {C86488AF-13D5-4FEF-9DDF-9FB88698CFC1} - C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_3104.dll O2 - BHO: ALiBaBar_Helper - {CE439C63-384A-747A-A357-23D96B5D652B} - C:\PROGRA~1\ALiBaBar\ALiBaBar.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: ALiBaBar - {0A1375E1-56C2-11D6-8E45-8933A0FB5235} - C:\PROGRA~1\ALiBaBar\ALiBaBar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O4 - HKLM\..\Run: [IMJPMIG8.1] ; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [EPSON Stylus CX3700 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACP.EXE /P26 "EPSON Stylus CX3700 Series" /O6 "USB001" /M "Stylus CX3700" O4 - HKLM\..\Run: [CJIMETIPSYNC] C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\CHANGJIE\CINTLCFG.EXE /CJIMETIPSync O4 - HKLM\..\Run: [PHIMETIPSYNC] C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\PHONETIC\TINTLCFG.EXE /PHIMETIPSync O4 - HKLM\..\Run: [AVPSrv] C:\WINDOWS\AVPSrv.exE O4 - HKLM\..\Run: [SSLDyn] C:\WINDOWS\SSLDyn.exe O4 - HKLM\..\Run: [Kvsc3] C:\WINDOWS\Kvsc3.exE O4 - HKLM\..\Run: [DbgHlp32] C:\WINDOWS\DbgHlp32.exe O4 - HKLM\..\Run: [mppds] C:\WINDOWS\mppds.exe O4 - HKLM\..\Run: [NVDispDrv] C:\WINDOWS\NVDispDRV.EXE O4 - HKLM\..\Run: [cmdbcs] C:\WINDOWS\cmdbcs.exe O4 - HKLM\..\Run: [upxdnd] C:\WINDOWS\upxdnd.exe O4 - HKLM\..\Run: [msccrt] C:\WINDOWS\msccrt.exe O4 - HKLM\..\Run: [MsIMMs32] C:\WINDOWS\MsIMMs32.exE O4 - HKLM\..\Run: [PTSShell] C:\WINDOWS\PTSShell.exe O4 - HKLM\..\Run: [LotusHlp] C:\WINDOWS\LotusHlp.exe O4 - HKLM\..\Run: [MsPrint32D] C:\WINDOWS\MsPrint32D.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [kava] C:\WINDOWS\system32\kavo.exe O4 - HKLM\..\Policies\Explorer\Run: [MSDEG32] LYLoader.exe O4 - HKLM\..\Policies\Explorer\Run: [MSDWG32] LYLoadbr.exe O4 - HKLM\..\Policies\Explorer\Run: [MSDCG32 ] LYLeador.exe O4 - HKLM\..\Policies\Explorer\Run: [MSDOG32] LYLoador.exe O4 - HKLM\..\Policies\Explorer\Run: [MSDSG32] LYLoadar.exe O4 - HKLM\..\Policies\Explorer\Run: [MSDMG32] LYLoadmr.exe O4 - HKLM\..\Policies\Explorer\Run: [MSDHG32] LYLoadhr.exe O4 - HKLM\..\Policies\Explorer\Run: [MSDQG32] LYLoadqr.exe O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] ctfmon.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] ctfmon.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] ctfmon.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] ctfmon.exe (User 'Default user') O8 - Extra context menu item: Foxy 下載 - res://D:\雜七雜八\Foxy\Foxy.exe/download.htm O8 - Extra context menu item: Foxy 搜尋 - res://D:\雜七雜八\Foxy\Foxy.exe/search.htm O8 - Extra context menu item: 剪貼簿文字: 簡 > 繁 - res://C:\Program Files\ALiBaBar\ALiBaBar.dll/RT_HTML/ClipToTrad O8 - Extra context menu item: 剪貼簿文字: 繁 > 簡 - res://C:\Program Files\ALiBaBar\ALiBaBar.dll/RT_HTML/ClipToSim O8 - Extra context menu item: 匯出至 Microsoft Office Excel(&X) - res://D:\雜七雜八\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: 眢劃昜 - C:\Program Files\AD4All\link1\eachlink.htm O8 - Extra context menu item: 網頁: [簡體] 顯示 - res://C:\Program Files\ALiBaBar\ALiBaBar.dll/RT_HTML/PageToSim O8 - Extra context menu item: 網頁: [繁體] 顯示 - res://C:\Program Files\ALiBaBar\ALiBaBar.dll/RT_HTML/PageToTrad O9 - Extra button: 珨懂秞氈扦 - {7DBC6ADB-5788-4FB9-AEC3-B40A58AC11DF} - http://www.yiqilai.com (file missing) O9 - Extra button: 參考資料 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\雜七雜八\OFFICE11\REFIEBAR.DLL (file missing) O9 - Extra button: 眢劃昜 - {EE60714F-AC17-427e-861A-FD60CBDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=824 (file missing) O9 - Extra 'Tools' menuitem: 眢劃昜 - {EE60714F-AC17-427e-861A-FD60CBDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=824 (file missing) O14 - IERESET.INF: START_PAGE_URL=tw.yahoo.com O23 - Service: 2A3F0910 - Unknown owner - C:\WINDOWS\system32\796A0F30.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Fax 2Client (ms_2fax) - Unknown owner - C:\WINDOWS\system32\05db1.exe O23 - Service: WinFast(R) Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDSched.exe O23 - Service: ServicevcHelp - Unknown owner - C:\WINDOWS\system32\vcplay.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: 珨懂秞氈翑忒 (Yiqilai) - Unknown owner - C:\Program Files\Yiqilai\wmp\YiqilaiLyrics.exe (file missing) -- End of file - 8086 bytes 可怕的大陸網站!都會跳出東西...麻煩您了= =聖誕節的感恩^^"

	送花文章: 8, 收花文章: 1 篇, 收花: 1 次

2007-12-18, 10:25 PM	#2 (permalink)
plunderer 長老會員榮譽勳章勳章總數8 UID - 74024 在線等級: 註冊日期: 2003-05-31 文章: 1399 精華: 0 現金: 507220 金幣資產: 608580 金幣	F2 - REG:system.ini: Shell=Explorer.exe vchelp.exe F2 - REG:system.ini: UserInit=userinit.exe,C:\WINDOWS\system\svchost.exe O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: AdPopup - {11F09AFD-75AD-4E51-AB43-E09E9351CE16} - C:\Program Files\Common Files\CPUSH\cpush0.dll O2 - BHO: Info cache - {385AB8C6-FB22-4D17-8834-064E2BA0A6F0} - C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll O2 - BHO: ff Class - {B9751A53-4494-4d7c-9732-AE3058D8145F} - C:\WINDOWS\system32\3051.dll O2 - BHO: Windows Messenger Assistant - {C86488AF-13D5-4FEF-9DDF-9FB88698CFC1} - C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_3104.dll O4 - HKLM\..\Run: [AVPSrv] C:\WINDOWS\AVPSrv.exE O4 - HKLM\..\Run: [SSLDyn] C:\WINDOWS\SSLDyn.exe O4 - HKLM\..\Run: [Kvsc3] C:\WINDOWS\Kvsc3.exE O4 - HKLM\..\Run: [DbgHlp32] C:\WINDOWS\DbgHlp32.exe O4 - HKLM\..\Run: [mppds] C:\WINDOWS\mppds.exe O4 - HKLM\..\Run: [NVDispDrv] C:\WINDOWS\NVDispDRV.EXE O4 - HKLM\..\Run: [cmdbcs] C:\WINDOWS\cmdbcs.exe O4 - HKLM\..\Run: [upxdnd] C:\WINDOWS\upxdnd.exe O4 - HKLM\..\Run: [msccrt] C:\WINDOWS\msccrt.exe O4 - HKLM\..\Run: [MsIMMs32] C:\WINDOWS\MsIMMs32.exE O4 - HKLM\..\Run: [PTSShell] C:\WINDOWS\PTSShell.exe O4 - HKLM\..\Run: [LotusHlp] C:\WINDOWS\LotusHlp.exe O4 - HKLM\..\Run: [MsPrint32D] C:\WINDOWS\MsPrint32D.exe O4 - HKCU\..\Run: [kava] C:\WINDOWS\system32\kavo.exe O4 - HKLM\..\Policies\Explorer\Run: [MSDEG32] LYLoader.exe O4 - HKLM\..\Policies\Explorer\Run: [MSDWG32] LYLoadbr.exe O4 - HKLM\..\Policies\Explorer\Run: [MSDCG32 ] LYLeador.exe O4 - HKLM\..\Policies\Explorer\Run: [MSDOG32] LYLoador.exe O4 - HKLM\..\Policies\Explorer\Run: [MSDSG32] LYLoadar.exe O4 - HKLM\..\Policies\Explorer\Run: [MSDMG32] LYLoadmr.exe O4 - HKLM\..\Policies\Explorer\Run: [MSDHG32] LYLoadhr.exe O4 - HKLM\..\Policies\Explorer\Run: [MSDQG32] LYLoadqr.exe O9 - Extra button: 珨懂秞氈扦 - {7DBC6ADB-5788-4FB9-AEC3-B40A58AC11DF} - http://www.yiqilai.com (file missing) O9 - Extra button: 參考資料 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\雜七雜八\OFFICE11\REFIEBAR.DLL (file missing) O9 - Extra button: 眢劃昜 - {EE60714F-AC17-427e-861A-FD60CBDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=824 (file missing) O9 - Extra 'Tools' menuitem: 眢劃昜 - {EE60714F-AC17-427e-861A-FD60CBDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=824 (file missing) O23 - Service: 2A3F0910 - Unknown owner - C:\WINDOWS\system32\796A0F30.EXE O23 - Service: Fax 2Client (ms_2fax) - Unknown owner - C:\WINDOWS\system32\05db1.exe O23 - Service: ServicevcHelp - Unknown owner - C:\WINDOWS\system32\vcplay.exe 說真的, 建議你重裝系統比較快..... 若要手動清理乾淨, 很麻煩的: 1. 勾選並修復上述項目, 重新開機, 刪除與上述項目有關的檔案 2. 在 DOS 下 c:\ 分別執行下列命令: attrib -r -h -s autorun.inf attrib -r -h -s Ntdelect.com del autorun.inf del Ntdelect.com (注意! 不是 NTDETECT.COM) 3. 執行 System Repair Engineer http://www.kztechs.com/sreng/download.html "系統修復" => "高級修復" => "自動修復" 4. 重新開機, 在檔案總管 "資料夾選項" 內設成 "顯示所有檔案和資料夾 " 再把每個磁碟 (含 USB 隨身碟) 根目錄下的 autorun.inf 全部刪除 5. 清空C:\Documents and Settings\Administrator\Local Settings\Temp 目錄
	__________________ 刑天舞干戚
	送花文章: 6, 收花文章: 575 篇, 收花: 1747 次

相似的主題
主題	主題作者	討論區	回覆	最後發表
麻煩各位大大幫我看看"錯誤訊息"是啥意思呢?	a791004	一般電腦疑難討論區	3	2004-03-31 10:09 AM
不好意思了,麻煩各位大大了!關於MP3軟體的問題??	藍色協奏曲	一般電腦疑難討論區	2	2004-03-07 01:03 PM
顯示卡頻率調太高現在有點問題~麻煩各位大大幫我~"~	xxxaronxxx	硬體疑難使用問題討論區	10	2003-07-20 06:15 PM
麻煩各位大大幫個手	aaron5478	一般電腦疑難討論區	0	2002-12-25 01:45 PM
PC-cillin 的迷思~麻煩各位大大幫個小忙	ctboymax	軟體應用問題討論區	1	2002-12-20 12:03 PM

Google 提供的廣告