damadaha - 2006-2-10 17:24:00
刚把电脑从新装好,连上线上网没几分钟呢,就有问题了!
1:过短时间就会有“信使服务”。(通过网上找资料,已经关了。)
2:当打开电脑/打开浏览器或者过段时间就会自动弹出网页!
剪了几个图片,各位帮忙看看是什么原因,怎么解决啊!小弟感激不尽。。。(上了好几年网了都没碰到这种情况。正版的瑞星放火墙也开着呢)
附件:
6595152006210172434.jpg
damadaha - 2006-2-10 17:25:00
damadaha - 2006-2-10 17:26:00
BlackStone - 2006-2-10 17:27:00
用
Autoruns保存一个日志发上来
日志保存方法:选择File->Save菜单项
保存日志时注意选择Options->Hide Microsoft Entries菜单项(设置了这项后点工具栏的刷新按钮)工具的下载、使用参考
http://forum.ikaka.com/topic.asp?board=28&artid=7318038
damadaha - 2006-2-10 17:27:00
damadaha - 2006-2-10 17:28:00
damadaha - 2006-2-10 17:29:00
damadaha - 2006-2-10 17:33:00
| 引用: |
【BlackStone的贴子】用Autoruns保存一个日志发上来
日志保存方法:选择File->Save菜单项保存日志时注意选择Options->Hide Microsoft Entries菜单项(设置了这项后点工具栏的刷新按钮)
工具的下载、使用参考
........................... |
好的`谢谢!
damadaha - 2006-2-10 17:47:00
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
+ 000StTHKc:\windows\system32\000stthk.exe
+ 00THotkeyTHotkey东芝公司c:\windows\system32\00thotkey.exe
+ ANX MICROSOFT SYSTEMc:\windows\system32\winanx.exe
+ ApointAlps Pointing-device DriverAlps Electric Co., Ltd.c:\program files\apoint2k\apoint.exe
+ gimmygamesmudesc:\windows\gimmygames.exe
+ ihost.exec:\taskmgrs.exe
+ MSPY2002c:\windows\system32\ime\pintlgnt\imscinst.exe
+ NvCplDaemonNVIDIA Taskbar Utility LibraryNVIDIA Corporationc:\windows\system32\nvqtwk.dll
+ nwizNVIDIA nView Control Panel, Version 28.46 NVIDIA Corporationc:\windows\system32\nwiz.exe
+ RfwMainRising Personal FireWall Main ProgramBeijing Rising Technology Corporation Limitedc:\program files\rising\rfw\rfwmain.exe
+ Spooler SubSystem Appc:\windows\system32\spoolsvc.exe
+ TFncKyTFncKyTOSHIBA CorporationC:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
+ TFNF5TFnF5Toshiba Corp.c:\windows\system32\tfnf5.exe
+ TkBellExeRealNetworks SchedulerRealNetworks, Inc.c:\program files\common files\real\update_ob\realsched.exe
+ TosHKCW.exeWireless HotkeyTOSHIBA CORPORATIONc:\program files\toshiba\wireless hotkey\toshkcw.exe
+ TouchED触摸板 开/关 实用程序东芝公司c:\program files\toshiba\touched\touched.exe
+ Tpwrtray东芝省电东芝公司c:\windows\system32\tpwrtray.exe
+ winsysban???ìàc:\windows\winsysban7.exe
+ winsysupd.c:\windows\winsysupd7.exe
+ yassistseFile not found: C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe
+ YLive.exeFile not found: C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
+ ANX MICROSOFT SYSTEMc:\windows\system32\winanx.exe
+ HOMESyn.exec:\program files\homeschoolaii\homesyn.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
+ Desktop ExplorerNVIDIA nView Control Panel, Version 28.46 NVIDIA Corporationc:\windows\system32\nvshell.dll
+ Desktop Explorer MenuNVIDIA nView Control Panel, Version 28.46 NVIDIA Corporationc:\windows\system32\nvshell.dll
+ dgstyle.dllc:\windows\system32\dgstyle.dll
+ Display Panning CPL ExtensionFile not found: deskpan.dll
+ HyperTerminal Icon ExtHyperTerminal Applet LibraryHilgraeve, Inc.c:\windows\system32\hticons.dll
+ ngshell.dllc:\windows\system32\ngshell.dll
+ purfdisk.dllc:\windows\system32\purfdisk.dll
+ serrnchs.dllc:\windows\system32\serrnchs.dll
+ Shell Extensions for RealOne PlayerRealOne Player Shell ExtensionsRealNetworksc:\program files\real\realone player\rpshellext.dll
+ TouchED触摸板 开/关 实用程序东芝公司c:\program files\toshiba\touched\touched.dll
+ Yahoo!PhotoyPhtbYahoo! Chinac:\program files\yahoo!\assistant\assist\yphtb.dll
HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks
+ coolbarToolBarYahoo!c:\program files\yahoo!\assistant\assist\yasbar.dll
HKLM\Software\Microsoft\Internet Explorer\Toolbar
+ 雅虎助手ToolBarYahoo!c:\program files\yahoo!\assistant\assist\yasbar.dll
HKLM\Software\Microsoft\Internet Explorer\Extensions
+ @shdoclc.dll,-864c:\windows\web\related.htm
HKLM\System\CurrentControlSet\Services
+ NVSvcNVIDIA Driver Helper Service, Version 28.46NVIDIA Corporationc:\windows\system32\nvsvc32.exe
HKLM\System\CurrentControlSet\Services
+ ac97intcIntel(r) Integrated Controller Hub Audio DriverIntel Corporationc:\windows\system32\drivers\ac97intc.sys
+ ApfiltrServiceAlps Touch Pad DriverAlps Electric Co., Ltd.c:\windows\system32\drivers\apfiltr.sys
+ BaseTDIbasetdiRisingc:\windows\system32\drivers\basetdi.sys
+ E100BNDIS 5 driverIntel Corporationc:\windows\system32\drivers\e100b325.sys
+ npkcryptnProtect KeyCrypt DriverINCA Internet Co., Ltd.c:\program files\tencent\qq\npkcrypt.sys
+ nvNVIDIA Compatible Windows 2000 Miniport Driver, Version 28.46 NVIDIA Corporationc:\windows\system32\drivers\nv4_mini.sys
+ pciSdTOSSDPCI.SYSTOSHIBAc:\windows\system32\drivers\tossdpci.sys
+ PtilinkDirect Parallel Link DriverParallel Technologies, Inc.c:\windows\system32\drivers\ptilink.sys
+ RsFwDrvnt_fwdrvRisingc:\program files\rising\rfw\rsfwdrv.sys
+ SecdrvSafeDisc driverc:\windows\system32\drivers\secdrv.sys
+ Ser2plUSB-to-Serial Cable DriverProlific Technology Inc.c:\windows\system32\drivers\ser2pl.sys
+ SMCIRDASMC IrCC NDIS 5.0 IrDA FIR Device DriverSMCc:\windows\system32\drivers\smcirda.sys
+ SparrowAdaptec AIC-6x60 series SCSI miniportAdaptec, Inc.c:\windows\system32\drivers\sparrow.sys
+ TOSHIBASoftModemSoftModem Device DriverLTc:\windows\system32\drivers\ltsm.sys
+ tsdhdSD Card Host Controller DriverTOSHIBA Corporationc:\windows\system32\drivers\tsdhd.sys
+ TVALDToshiba ACPI-Based Value Added Logical Device DriverToshiba Corporationc:\windows\system32\drivers\tvald.sys
+ TVALGTOSHIBA Value Added Logical and General Purpose Device DriverTOSHIBA Corporationc:\windows\system32\drivers\tvalg.sys
+ WDM_YAMAHAAC97YAMAHA AC-XG WDMYAMAHA CORPORATIONc:\windows\system32\drivers\yacxgc.sys
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
+ Unimodemc:\windows\system32\k4620ejoehoc0.dll
+ wineiw32c:\windows\system32\wineiw32.dll
damadaha - 2006-2-10 17:48:00
BlackStone - 2006-2-10 17:57:00
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
+ ANX MICROSOFT SYSTEMc:\windows\system32\winanx.exe
+ gimmygamesmudesc:\windows\gimmygames.exe
+ ihost.exec:\taskmgrs.exe
+ Spooler SubSystem Appc:\windows\system32\spoolsvc.exe
+ winsysban???ìàc:\windows\winsysban7.exe
+ winsysupd.c:\windows\winsysupd7.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
+ ANX MICROSOFT SYSTEMc:\windows\system32\winanx.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
+ dgstyle.dllc:\windows\system32\dgstyle.dll
+ ngshell.dllc:\windows\system32\ngshell.dll
+ purfdisk.dllc:\windows\system32\purfdisk.dll
+ serrnchs.dllc:\windows\system32\serrnchs.dll
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
+ Unimodemc:\windows\system32\k4620ejoehoc0.dll
+ wineiw32c:\windows\system32\wineiw32.dll
删除启动项
重启
删除
c:\windows\system32\winanx.exe
c:\windows\gimmygames.exe
c:\taskmgrs.exe
c:\windows\system32\spoolsvc.exe
c:\windows\winsysban7.exe
c:\windows\system32\winanx.exe
c:\windows\system32\dgstyle.dll
c:\windows\system32\ngshell.dll
c:\windows\system32\purfdisk.dll
c:\windows\system32\serrnchs.dll
c:\windows\system32\k4620ejoehoc0.dll
c:\windows\system32\wineiw32.dll
文件试试
damadaha - 2006-2-10 21:29:00
试了几次,重启就自动又出现了,彻底删除也不行!
还是自动打开网页!
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
+ Unimodemc:\windows\system32\k4620ejoehoc0.dll
+ wineiw32c:\windows\system32\wineiw32.dll
根本删不了.着急啊```
还有什么别的方法吗?
另外每次启动电脑还会出现,看图
附件:
6595152006210212958.jpg
damadaha - 2006-2-10 21:49:00
这是个什么病毒啊?
是不是因为点信使服务的那个确定中上的啊?
郁闷````
精致油970427 - 2006-2-10 21:58:00
看看启动项中有没有这个hpa1.tmp,如果有,把它前面的勾去掉,禁止他随系统启动/
damadaha - 2006-2-10 22:35:00
没找到喔``
damadaha - 2006-2-11 0:03:00
怎么也删不掉``有什么好办法吗?
© 2000 - 2026 Rising Corp. Ltd.