新手求你帮助 - 2006-3-23 19:28:00
瑞星杀毒显示重起生效,但重新启动还出来 有一个月了 怎么样删除才彻底 这是日志
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
+ CnsMin 3721 北京三七二一科技有限公司 c:\winnt\downloaded program files\cnsmin.dll
+ ExFilter cdnspie c:\program files\cnnic\cdn\cdnspie.dll
+ Install Alitalk File not found: C:\WINNT\temp\alitalk\alitalk.exe
+ mscfs c:\winnt\system32\msibm\cfsys.dll
+ mscfs c:\winnt\system32\msibm\cfsys.dll
+ NeroCheck NeroCheck Ahead Software Gmbh c:\winnt\system32\nerocheck.exe
+ NvCplDaemon NVIDIA Display Properties Extension NVIDIA Corporation c:\winnt\system32\nvcpl.dll
+ RavTask RavTimer Beijing Rising Technology Co., Ltd. c:\program files\rising\rav\ravtask.exe
+ RfwMain Rising Personal FireWall Main Program Beijing Rising Technology Co., Ltd. c:\program files\rising\rfw\rfwmain.exe
+ TkBellExe RealNetworks Scheduler RealNetworks, Inc. c:\program files\common files\real\update_ob\realsched.exe
+ Update c:\program files\common files\updat\update.exe
+ Windows木马防火墙 File not found: C:\Program Files\ftc\Trojanwall.exe
+ yassistse AssistSetting Yahoo! c:\program files\yahoo!\assistant\yassistse.exe
+ YLive.exe YLive c:\program files\yahoo!\assistant\ylive.exe
C:\Documents and Settings\ndison1\「开始」菜单\程序\启动
+ Adobe Gamma.lnk Adobe Gamma Loader Adobe Systems, Inc. c:\program files\common files\adobe\calibration\adobe gamma loader.exe
+ R c:\documents and settings\ndison1\「开始」菜单\程序\启动\rsautorunsdisabled
+ 划词搜索.lnk 划词搜索 中搜在线 c:\program files\huaci\huaci\zsearch.exe
+ 腾讯QQ.lnk QQ TENCENT c:\program files\tencent\qq\qq.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
+ Rising Execute File Exts hook Rising Shell Ext Module Beijing Rising Technology Co., Ltd. c:\winnt\system32\ravext.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
+ AutoCAD 数字签名图标覆盖处理程序 AcSignIcon Module Autodesk c:\winnt\system32\acsignicon.dll
+ Autodesk Drawing Preview AcThumbnail Module Autodesk c:\program files\common files\autodesk shared\thumbnail\acthumbnail16.dll
+ RISING Rising Shell Ext Module Beijing Rising Technology Co., Ltd. c:\winnt\system32\ravext.dll
+ Shell Extensions for RealOne Player RealPlayer Shell Extensions RealNetworks, Inc. c:\program files\real\realplayer\rpshell.dll
+ WinRAR shell extension c:\program files\winrar\rarext.dll
+ Yahoo!Photo yPhtb Yahoo! China c:\program files\yahoo!\assistant\assist\yphtb.dll
+ 粉碎文件 Wiper 动态链接库 c:\program files\yahoo!\assistant\assist\ywiper.dll
HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
+ Web 文件夹 c:\program files\common files\microsoft shared\web folders\msonsext.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
+ AntiFish Class yangling.dll Yahoo. c:\program files\yahoo!\assistant\assist\yangling.dll
+ CBHelper Object c:\winnt\system32\msibm\cfsbho.dll
+ CPub Object IE Monitor Sohu.com Inc. c:\program files\p4p\sodaie.dll
+ DragSearch BHO DragSearch c:\program files\yahoo!\assistant\assist\ydragsearch.dll
+ DragSearch BHO DragSearch c:\program files\yisou\yisoub.dll
+ MMSAssist BHO MMSAssist c:\program files\mmsassist\mmsass~1.dll
+ QQBrowserHelperObject Class QQIEHelper Module 深圳市腾讯计算机系统有限公司 c:\program files\tencent\qq\qqiehelper.dll
+ QuickBtn Quick Link Fengcent c:\program files\coolwebsite\quicklink.dll
+ Shareaza Web Download Hook Shareaza Web Download Hook Shareaza Pty. Ltd. e:\刘傲\新建文件夹\plugins\razawebhook.dll
+ ThunderIEHelper Class xunleibho Module c:\winnt\system32\xunleibho_v4.dll
+ VnetCookie Class VnetTransfer Module c:\program files\chinanet\vnettransfer.dll
+ Yahoo!Photo yPhtb Yahoo! China c:\program files\yahoo!\assistant\assist\yphtb.dll
+ 上网助手 Assist Module c:\program files\3721\assist\assist.dll
+ 雅虎助手 ToolBar Yahoo! c:\program files\yahoo!\assistant\assist\yasbar.dll
HKLM\Software\Microsoft\Internet Explorer\Toolbar
+ kakatool.dll Beijing Rising Technology Co., Ltd. c:\winnt\system32\kakatool.dll
+ 上网助手 Assist Module c:\program files\3721\assist\assist.dll
+ 雅虎助手 ToolBar Yahoo! c:\program files\yahoo!\assistant\assist\yasbar.dll
+ 一搜 YiSou ToolBar 3721 c:\program files\yisou\yisou.dll
HKLM\Software\Microsoft\Internet Explorer\Extensions
+ @shdoclc.dll,-864 c:\winnt\web\related.htm
+ Yahoo 1G电邮 File not found: http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail
+ 清理上网记录 File not found: http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean
+ 情景聊天 File not found: http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg
+ 腾讯QQ QQ TENCENT c:\program files\tencent\qq\qq.exe
+ 新浪UC 北京新浪信息技术有限公司 c:\program files\sina\uc\uc.exe
+ 修复浏览器 File not found: http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair
+ 寻宝乐趣多 File not found: http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=taobao
+ 雅虎助手 File not found: http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist
Task Scheduler
+ DM_Install_Program.job File not found: C:\Documents and Settings\ndison1\Local Settings\Temp\{9889fe9e-6963-4ab9-9afd-e681ce0bc657}\601032.exe
HKLM\System\CurrentControlSet\Services
+ C-DillaCdaC11BA Macrovision RTS Service Macrovision c:\winnt\system32\drivers\cdac11ba.exe
+ NVSvc NVIDIA Driver Helper Service, Version 43.51 NVIDIA Corporation c:\winnt\system32\nvsvc32.exe
+ RfwService Rising Personal Firewall Service Beijing Rising Technology Co., Ltd. c:\program files\rising\rfw\rfwsrv.exe
+ RsCCenter CCenter Beijing Rising Technology Co., Ltd. c:\program files\rising\rav\ccenter.exe
+ RsRavMon RavMond Beijing Rising Technology Co., Ltd. c:\program files\rising\rav\ravmond.exe
+ SolidWorks SolidNetWork License Manager Macrovision Corporation c:\flexlm\sw2005_sp0_licenses\solidworks solidnetwork license manager\lmgrd.exe
HKLM\System\CurrentControlSet\Services
+ BaseTDI basetdi Beijing Rising Technology Co., Ltd. c:\winnt\system32\drivers\basetdi.sys
+ CdaC15BA Macrovision SECURITY Driver Macrovision Europe Ltd c:\winnt\system32\drivers\cdac15ba.sys
+ cmpci C-Media Audio WDM Driver C-Media Inc c:\winnt\system32\drivers\cmaudio.sys
+ dmio NT Disk Manager I/O Driver VERITAS Software Corp. c:\winnt\system32\drivers\dmio.sys
+ dmload NT Disk Manager Startup Driver VERITAS Software Corp. c:\winnt\system32\drivers\dmload.sys
+ ExpScaner ExpScan.sys c:\program files\rising\rav\expscan.sys
+ GMSIPCI File not found: G:\INSTALL\GMSIPCI.SYS
+ GNetPPPoE Intermediate Miniport Driver For PPP over Ethernet Protocol Guangdong Data Communications Network Co.Ltd. c:\winnt\system32\drivers\pppoe.sys
+ HOOKAPI HOOKAPI Driver 瑞星软件有限公司 c:\program files\rising\rav\hookapi.sys
+ HookCont TDI HOOK Driver Rising tech Co. ltd c:\program files\rising\rav\hookcont.sys
+ HookReg c:\program files\rising\rav\hookreg.sys
+ HookSys Hooksys Rising c:\program files\rising\rav\hooksys.sys
+ InCDPass File not found: system32\drivers\InCDPass.sys
+ InCDRm File not found: system32\drivers\InCDRm.sys
+ MEMSCAN MemScan Driver 瑞星软件有限公司 c:\program files\rising\rav\memscan.sys
+ mProcRs Rising Personal FireWall mprocrs.sys Beijing Rising Technology Co., Ltd. d:\program files\rising\rfw\mprocrs.sys
+ New0 c:\winnt\system32\new.sys
+ NPF NPF Driver - TME extensions Politecnico di Torino c:\winnt\system32\drivers\npf.sys
+ npkcrypt nProtect KeyCrypt Driver INCA Internet Co., Ltd. c:\program files\tencent\qq\npkcrypt.sys
+ nv NVIDIA Compatible Windows 2000 Miniport Driver, Version 43.51 NVIDIA Corporation c:\winnt\system32\drivers\nv4_mini.sys
+ pfc Padus(R) ASPI Shell Padus, Inc. c:\winnt\system32\drivers\pfc.sys
+ Ptilink Direct Parallel Link Driver Parallel Technologies, Inc. c:\winnt\system32\drivers\ptilink.sys
+ RsFwDrv nt_fwdrv Beijing Rising Technology Co., Ltd. c:\program files\rising\rfw\rsfwdrv.sys
+ rtl8139 NDIS 5.0 driver Realtek Semiconductor Corporation c:\winnt\system32\drivers\rtl8139.sys
+ SVKP SVKP driver for NT AntiCracking c:\winnt\system32\svkp.sys
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
+ Bluebeam PDF Monitor BBPDFPortMon Bluebeam Software, Inc. c:\winnt\system32\bbpdfportmon.dll
+ Canon BJ Language Monitor S100SP BJ Language Monitor CANON INC. c:\winnt\system32\cnmlm3c.dll
天天泡泡 - 2006-3-23 19:48:00
建议你删除c:\winnt\system32\msibm文件夹,并以msibm为关键词清理注册表,如果不放心,可先将该文件夹打包发送至fangrensong@yahoo.com.cn
新手求你帮助 - 2006-3-23 19:51:00
泡泡 我试了删不掉这个文件夹 提示源文件正在使用 我都哭了
天天泡泡 - 2006-3-23 19:59:00
你先把这个发给我
新手求你帮助 - 2006-3-23 20:06:00
泡泡 快看看 谢谢你了
天天泡泡 - 2006-3-23 20:47:00
你的这个压缩包我根本就没法下载,Yahoo邮箱的Norton直接报有Trojan.Ourxin病毒,你按我前面说的方法做吧,如果不能删除,去安全模式下删除。
Yahoo邮箱的Norton原来对压缩包内的文件挺“厚道”的啊,怎么现在改了,奇怪。
新手求你帮助 - 2006-3-24 9:25:00
怎么清理注册表呢
黑灯黑火 - 2006-3-24 9:30:00
首先你得进入注册表~
开始 》 运行 》输入 Regedit.exe 》确定
接着~
编辑》查找~~~
用那个文件或文件夹作查找项查找下~~
新手求你帮助 - 2006-3-24 9:34:00
晕 我不会进入注册表
新手求你帮助 - 2006-3-24 9:43:00
大哥谢谢你哦 ! 一会搞不定能在联系你吗? 可以给你发邮件问你一些计算机常识吗 我是菜鸟一个
新手求你帮助 - 2006-3-24 10:04:00
我倒 显示无法删除所有指定的数值
不言放弃 - 2006-3-24 10:13:00
| 引用: |
【天天泡泡的贴子】建议你删除c:\winnt\system32\msibm文件夹,并以msibm为关键词清理注册表,如果不放心,可先将该文件夹打包发送至fangrensong@yahoo.com.cn
........................... |
这个有卸载程序的
很好解决的呀
不言放弃 - 2006-3-24 10:13:00
【回复“新手求你帮助”的帖子】
http://forum.ikaka.com/topic.asp?board=28&artid=6979213
下载HIJACTHIS
导出全部日志
新手求你帮助 - 2006-3-24 10:25:00
晕 看不懂 不知道怎么装 怎么用
新手求你帮助 - 2006-3-24 10:33:00
Logfile of HijackThis v1.99.1
Scan saved at 10:31:04, on 2006-3-24
Platform: Windows 2000 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2462.0000)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\Program Files\Rising\Rfw\rfwsrv.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\Program Files\Rising\Rav\Ravmond.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\drivers\CDAC11BA.EXE
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\SYSTEM32\RUNDLL32.EXE
C:\WINNT\System32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\Program Files\Rising\Rav\RavStub.exe
C:\WINNT\EXPLORER.EXE
C:\Program Files\Rising\Rfw\RfwMain.exe
C:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Rising\Rav\Ravmon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe
C:\WINNT\system32\rundll32.exe
E:\刘傲\新建文件夹\我的软件\Storm Downloader\StormDownloader.exe
C:\WINNT\System32\Rundll32.exe
C:\WINNT\System32\RUNDLL32.exe
C:\Program Files\HuaCi\huaci\ZsUp.exe
C:\Program Files\ChinaNet\VnetClient.exe
E:\刘傲\新建文件夹\我的软件\BitComet\BitComet.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Yahoo!\ASSIST~1\ylive.exe
D:\HijackThis.exe
R3 - URLSearchHook: (no name) - {BB936323-19FA-4521-BA29-ECA6A121BC78} - (no file)
F2 - REG:system.ini: UserInit=
O2 - BHO: ThunderIEHelper - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINNT\System32\xunleibho_v4.dll
O2 - BHO: SohuDAIEHelper - {0CA51D02-7739-43EA-8D9A-1E8AD4327B03} - C:\Program Files\P4P\sodaie.dll
O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - E:\刘傲\新建文件夹\Plugins\RazaWebHook.dll
O2 - BHO: MyIEHelper Class - {16A770A0-0E87-4278-B748-2460D64A8386} - C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper200639_8888.dll
O2 - BHO: QuickBtn - {1A199C20-DE2B-4838-AE3F-B5257ECE2B7E} - C:\Program Files\CoolWebsite\QuickLink.dll
O2 - BHO: 上网助手 - {1B0E7716-898E-48cc-9690-4E338E8DE1D3} - C:\PROGRA~1\3721\Assist\assist.dll
O2 - BHO: yPhtb - {33BBE430-0E42-4f12-B075-8D21ACB10DCB} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll
O2 - BHO: AntiFish Class - {38928D50-8A48-44C2-945F-D2F23F771410} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yangling.dll
O2 - BHO: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O2 - BHO: VnetCookie Class - {4E83D567-4697-4F7B-B1F0-A513B01DB89A} - c:\PROGRA~1\chinanet\VNETTR~1.DLL
O2 - BHO: QQBrowserHelperObject Class - {54EBD53A-9BC1-480B-966A-843A333CA162} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O2 - BHO: DragSearch BHO - {62EED7C6-9F02-42f9-B634-98E2899E147B} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\YDRAGS~1.DLL
O2 - BHO: MMSAssist - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll
O2 - BHO: BHelper - {8A4280AD-9B37-4922-A51D-73F3C3A32AF7} - (no file)
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - (no file)
O2 - BHO: YiSou - {EF1D17A9-089F-40cc-8D64-7324CDEBA0DB} - C:\PROGRA~1\YiSou\yisoub.dll
O3 - Toolbar: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - C:\Program Files\Kingsoft\FastAIT 2006\IEBand.dll
O3 - Toolbar: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O3 - Toolbar: 上网助手 - {1B0E7716-898E-48cc-9690-4E338E8DE1D3} - C:\PROGRA~1\3721\Assist\assist.dll
O3 - Toolbar: 一搜工具条 - {115F6E46-FCBC-41ed-B3B5-3BDDD4AAB5E5} - C:\Program Files\YiSou\yisou.dll
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINNT\System32\kakatool.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\System32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [yassistse] "C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe"
O4 - HKLM\..\Run: [ExFilter] Rundll32.exe "C:\PROGRA~1\CNNIC\Cdn\cdnspie.dll,ExecFilter solo"
O4 - HKLM\..\Run: [poco] E:\刘傲\新建文件夹\我的软件\PP\Poco2006.exe
O4 - HKLM\..\Run: [helper.dll] C:\WINNT\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32
O4 - HKLM\..\Run: [MINI_BFYY] E:\刘傲\新建文件夹\我的软件\Storm Downloader\StormDownloader.exe
O4 - HKLM\..\Run: [Alitalk] E:\刘傲\贸易通\AliTalk.EXE -hideframe
O4 - HKLM\..\Run: [Install Alitalk] C:\WINNT\temp\alitalk\alitalk.exe -hideframe
O4 - HKLM\..\Run: [CnsMin] Rundll32.exe C:\WINNT\downlo~1\CnsMin.dll,Rundll32
O4 - HKLM\..\Run: [Windows木马防火墙] C:\Program Files\ftc\Trojanwall.exe
O4 - HKLM\..\Run: [mscfs] RUNDLL32 C:\WINNT\System32\msibm\cfsys.dll,cfs
O4 - Startup: 腾讯QQ.lnk = C:\Program Files\Tencent\QQ\QQ.exe
O4 - Startup: 划词搜索.lnk = C:\Program Files\HuaCi\huaci\zsearch.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: >> 彩信发送 << - res://C:\PROGRA~1\MMSASS~1\Mmsass~1.dll/mms.htm
O8 - Extra context menu item: !搜一搜 - res://C:\Program Files\YiSou\yisou.dll/232
O8 - Extra context menu item: !搜一搜(&S) - res://C:\Program Files\YiSou\yisou.dll/232
O8 - Extra context menu item: &使用暴风下载器下载 - E:\刘傲\新建文件夹\我的软件\Storm Downloader\geturl.htm
O8 - Extra context menu item: &使用迅雷下载 - E:\刘傲\新建文件夹\我的软件\超级转换秀\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - E:\刘傲\新建文件夹\我的软件\超级转换秀\getallurl.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 添加到雅虎订阅(&Y) - res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrss.dll/YRSSMENUEXT
O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm
O8 - Extra context menu item: 雅虎搜索 - res://C:\PROGRA~1\Yahoo!\Assistant\Assist\yasbar.dll/246
O9 - Extra button: 新浪UC - {2253922F-1B26-4C74-8B57-E3AEE748DBB8} - C:\Program Files\sina\UC\uc.exe
O9 - Extra button: (no name) - {233A9694-667E-11d1-9DFB-006097D5040A} - (no file)
O9 - Extra button: Yahoo 1G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail (file missing)
O9 - Extra button: 寻宝乐趣多 - {59BC54A2-56B3-44a0-93E5-432D58746E26} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=taobao (file missing)
O9 - Extra button: 雅虎助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist (file missing)
O9 - Extra button: (no name) - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll
O9 - Extra 'Tools' menuitem: MMSAssist工具条设置 - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra button: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg (file missing)
O9 - Extra button: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing)
O9 - Extra 'Tools' menuitem: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing)
O9 - Extra button: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing)
O9 - Extra 'Tools' menuitem: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing)
O11 - Options group: [!CNS] 网络实名
O14 - IERESET.INF: SEARCH_PAGE_URL=http://www.microsoft.com/isapi/redir.dll?prd=iear=iesearch(&A)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1137650119484
O17 - HKLM\System\CCS\Services\Tcpip\..\{87AE91B8-BC4E-41D2-B772-77F6CCE891B3}: NameServer = 202.96.128.166 202.96.128.86
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINNT\System32\drivers\CDAC11BA.EXE
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Groove Installer Service (GrooveInstallerService) - Groove Networks, Inc. - C:\Program Files\Groove Networks\Groove\Bin\GrooveInstallerService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe
O23 - Service: SolidWorks SolidNetWork License Manager - Macrovision Corporation - C:\flexlm\Sw2005_SP0_licenses\SolidWorks SolidNetWork License Manager\lmgrd.exe
不言放弃 - 2006-3-24 10:38:00
【回复“新手求你帮助”的帖子】
结束C:\Program Files\HuaCi\huaci\ZsUp.exe进程
修复
R3 - URLSearchHook: (no name) - {BB936323-19FA-4521-BA29-ECA6A121BC78} - (no file)
O2 - BHO: MyIEHelper Class - {16A770A0-0E87-4278-B748-2460D64A8386} - C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper200639_8888.dll
O2 - BHO: QuickBtn - {1A199C20-DE2B-4838-AE3F-B5257ECE2B7E} - C:\Program Files\CoolWebsite\QuickLink.dll
O2 - BHO: BHelper - {8A4280AD-9B37-4922-A51D-73F3C3A32AF7} - (no file)
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - (no file)
O4 - HKLM\..\Run: [mscfs] RUNDLL32 C:\WINNT\System32\msibm\cfsys.dll,cfs
O4 - Startup: 划词搜索.lnk = C:\Program Files\HuaCi\huaci\zsearch.exe
O8 - Extra context menu item: >> 彩信发送 << - res://C:\PROGRA~1\MMSASS~1\Mmsass~1.dll/mms.htm
O9 - Extra button: (no name) - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll
O9 - Extra 'Tools' menuitem: MMSAssist工具条设置 - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll
卸载
C:\Program Files\HuaCi\
C:\Program Files\CoolWebsite\
C:\Program Files\MMSAssist\
双击C:\WINNT\System32\msibm\下的uninstall程序
卸载清除C:\WINNT\System32\msibm\
重启后删除
C:\WINNT\System32\msibm\(若存在的话)
C:\WINNT\System32\msicn\(若存在的话)
C:\WINNT\System32\spoolsv\(若存在的话)
C:\Program Files\HuaCi\
C:\Program Files\CoolWebsite\
C:\Program Files\MMSAssist\
C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper200639_8888.dll
============
进入注册表
删除下面这一项
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
+ Update c:\program files\common files\updat\update.exe
删除c:\program files\common files\updat\
清空IE临时文件夹
新手求你帮助 - 2006-3-24 10:52:00
这些怎么卸载 卸载
C:\Program Files\HuaCi\
C:\Program Files\CoolWebsite\
C:\Program Files\MMSAssist\
双击C:\WINNT\System32\msibm\下的uninstall程序
卸载清除C:\WINNT\System32\msibm\
C:\WINNT\System32\msibm\下没有uninstall程序
新手求你帮助 - 2006-3-24 11:08:00
晕 C:\WINNT\System32\msibm\ 这个文件夹删不掉 我把它粉碎后 它能立即复制出来
新手求你帮助 - 2006-3-24 13:53:00
自己顶
© 2000 - 2026 Rising Corp. Ltd.
