瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 【求助】机子速度慢,用HijackThis扫描过请高手帮忙分析

12   2  /  2  页   跳转

【求助】机子速度慢,用HijackThis扫描过请高手帮忙分析

收藏
纳兰明慧
头像
初生襁褓狮
  • 帖子:19
  • 注册: 2006-07-10
  • 来自:
发表于: 2006-07-10 01:58 | 只看楼主 短消息 资料
字号: 11楼

[C:\WINDOWS\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 1>
    [C:\DOCUME~1\new\LOCALS~1\Temp\IadHide5.dll]  <BackWeb><Version 7.2.0 (Build 157R)>
    [C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll]  <Logitech Inc.><1.1.0>
    [D:\Desktop Messenger\8876480\Program\BWDocMapExt-8876480.dll]  <Logitech><Version 7.2.0 (Build 157R)>
    [D:\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\BWDocMapExt.dll]  <><Version 7.2.0 (Build 157R)>
    [D:\Desktop Messenger\8876480\Program\bwscriptext-8876480.dll]  <Logitech><Version 7.2.0 (Build 157R)>
    [D:\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\bwscriptext.dll]  <><Version 7.2.0 (Build 157R)>
    [D:\Desktop Messenger\8876480\Program\SyncExt.dll]  <Logitech><2.30.04>
[PID: 2388][C:\WINDOWS\system32\ctfmon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [D:\MouseWare\System\LgWndHk.dll]  <Logitech Inc.><9.78.034>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 0, 1013>
    [C:\WINDOWS\downlo~1\Rnflsc.dll]  <Tencent><4, 1, 5, 51>
    [C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll]  <Logitech Inc.><1.1.0>
    [C:\WINDOWS\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 1>
[PID: 2484][C:\Program Files\DuDu\DDDClient\DuDuAcc.exe]  <DuDu.com><4, 3, 0, 1>
    [D:\MouseWare\System\LgWndHk.dll]  <Logitech Inc.><9.78.034>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 0, 1013>
    [C:\WINDOWS\downlo~1\Rnflsc.dll]  <Tencent><4, 1, 5, 51>
    [C:\Program Files\DuDu\DDDClient\dddskin.dll]  <dudu><1, 0, 0, 1>
    [C:\Program Files\DuDu\DDDClient\ddddl.dll]  <DuDu.com><4, 3, 0, 1>
    [C:\Program Files\冰蓝Flash播放器\Flash8.ocx]  <Macromedia, Inc.><8,0,22,0>
    [C:\WINDOWS\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 1>
    [C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll]  <Logitech Inc.><1.1.0>
    [C:\DOCUME~1\new\LOCALS~1\Temp\IadHide5.dll]  <BackWeb><Version 7.2.0 (Build 157R)>
[PID: 2500][C:\Program Files\DuDu\DddClient\dudupros.exe]  <DuDu.com><4, 3, 0, 1>
    [D:\MouseWare\System\LgWndHk.dll]  <Logitech Inc.><9.78.034>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 0, 1013>
    [C:\WINDOWS\downlo~1\Rnflsc.dll]  <Tencent><4, 1, 5, 51>
    [C:\WINDOWS\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 1>
    [C:\DOCUME~1\new\LOCALS~1\Temp\IadHide5.dll]  <BackWeb><Version 7.2.0 (Build 157R)>
    [C:\Program Files\DuDu\DddClient\dhtiwl.dll]  <DuDu.com><4.3.0.1>
    [C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll]  <Logitech Inc.><1.1.0>
[PID: 2840][C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE]  <Microsoft Corporation><11.0.6502>
    [C:\DOCUME~1\new\LOCALS~1\Temp\IadHide5.dll]  <BackWeb><Version 7.2.0 (Build 157R)>
    [C:\WINDOWS\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 1>
    [D:\MouseWare\System\LgWndHk.dll]  <Logitech Inc.><9.78.034>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 0, 1013>
    [C:\WINDOWS\downlo~1\Rnflsc.dll]  <Tencent><4, 1, 5, 51>
    [C:\Program Files\rising\Rav\RsPlugIn.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 1>
    [C:\Program Files\rising\Rav\RsGuiLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 24>
    [C:\Program Files\Adobe\Acrobat 7.0\PDFMaker\Office\PDFMOfficeAddin.dll]  <Adobe Systems Incorporated><7, 0, 0, 0>
    [C:\Program Files\Adobe\Acrobat 7.0\PDFMaker\Office\PDFMOfficeAddin.CHS]  <Adobe Systems Incorporated><7, 0, 0, 0>
    [C:\Program Files\Adobe\Acrobat 7.0\PDFMaker\Common\AdobePDFMakerX.dll]  <N/A><N/A>
    [C:\Program Files\Adobe\Acrobat 7.0\PDFMaker\Common\AdobePDFMakerX.CHS]  <N/A><N/A>
    [C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll]  <Logitech Inc.><1.1.0>
    [C:\Program Files\rising\Rav\PngDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[PID: 3336][C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe]  <Network Associates, Inc.><3.1.1.184>
    [C:\Program Files\Network Associates\Common Framework\nailog.dll]  <Network Associates, Inc.><3.1.1.159>
    [C:\Program Files\Network Associates\Common Framework\naCmnLib.dll]  <Network Associates, Inc.><3.1.1.159>
    [C:\Program Files\Network Associates\Common Framework\naXML.dll]  <Network Associates, Inc.><3.1.1.159>
    [C:\Program Files\Network Associates\Common Framework\NaiSign.dll]  <Network Associates, Inc.><3.1.0.197>
    [C:\Program Files\Network Associates\Common Framework\0409\UpdRes.dll]  <Network Associates, Inc.><3.1.1.184>
    [C:\Program Files\Network Associates\Common Framework\0409\AgentRes.dll]  <Network Associates, Inc.><3.1.1.184>
    [C:\DOCUME~1\new\LOCALS~1\Temp\IadHide5.dll]  <BackWeb><Version 7.2.0 (Build 157R)>
    [C:\WINDOWS\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 1>
    [D:\MouseWare\System\LgWndHk.dll]  <Logitech Inc.><9.78.034>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 0, 1013>
    [C:\WINDOWS\downlo~1\Rnflsc.dll]  <Tencent><4, 1, 5, 51>
    [C:\Program Files\Network Associates\Common Framework\SecureFrameworkFactory.dll]  <Network Associates, Inc.><3.1.1.184>
    [C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll]  <Logitech Inc.><1.1.0>
[PID: 2580][C:\Program Files\赛尔网络\8021X\8021X.exe]  <><1, 0, 0, 1>
    [C:\WINDOWS\system32\wpcap.dll]  <CACE Technologies><3, 1, 0, 27>
    [C:\WINDOWS\system32\packet.dll]  <CACE Technologies><3, 1, 0, 27>
    [C:\WINDOWS\system32\WanPacket.dll]  <CACE Technologies><3, 1, 0, 27>
    [C:\DOCUME~1\new\LOCALS~1\Temp\IadHide5.dll]  <BackWeb><Version 7.2.0 (Build 157R)>
    [C:\WINDOWS\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 1>
    [D:\MouseWare\System\LgWndHk.dll]  <Logitech Inc.><9.78.034>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 0, 1013>
    [C:\WINDOWS\downlo~1\Rnflsc.dll]  <Tencent><4, 1, 5, 51>
    [C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll]  <Logitech Inc.><1.1.0>
[PID: 3188][C:\Program Files\Real\RealPlayer\RealPlay.exe]  <RealNetworks, Inc.><6.0.12.1483>
    [C:\WINDOWS\system32\PNCRT.dll]  <Real Networks, Inc><6.0.0.0>
    [C:\Program Files\Common Files\Real\Update_OB\rnms3270.dll]  <RealNetworks, Inc.><7.0.1.3334>
    [C:\Program Files\Common Files\Real\Common\objb3201.dll]  <RealNetworks, Inc.><0.1.0.6391>
    [C:\Program Files\Common Files\Real\RCAPlugins\uisy3201.dll]  <RealNetworks, Inc.><0.1.0.3832>
    [C:\Program Files\Real\RealPlayer\lang\gemctl_cn.dll]  <RealNetworks, Inc.><6.0.12.298>
    [C:\Program Files\Common Files\Real\Common\pnrs3260.dll]  <RealNetworks, Inc.><6.0.9.4068>
    [C:\Program Files\Common Files\Real\Update_OB\rnad3201.dll]  <RealNetworks, Inc.><0.1.0.3510>
    [C:\DOCUME~1\new\LOCALS~1\Temp\IadHide5.dll]  <BackWeb><Version 7.2.0 (Build 157R)>
    [C:\WINDOWS\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 1>
    [D:\MouseWare\System\LgWndHk.dll]  <Logitech Inc.><9.78.034>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 0, 1013>
    [C:\WINDOWS\downlo~1\Rnflsc.dll]  <Tencent><4, 1, 5, 51>
    [C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll]  <Logitech Inc.><1.1.0>
    [C:\Program Files\Common Files\Real\Update_OB\rnqu3270.dll]  <RealNetworks, Inc.><7.0.0.3818>
    [C:\Program Files\Common Files\Real\Update_OB\setu3270.dll]  <RealNetworks, Inc.><7.0.0.4369>
    [C:\Program Files\Common Files\Real\Plugins\httpfsys.dll]  <RealNetworks, Inc.><10.0.0.2779>
[PID: 3756][D:\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>
    [C:\DOCUME~1\new\LOCALS~1\Temp\IadHide5.dll]  <BackWeb><Version 7.2.0 (Build 157R)>
    [C:\WINDOWS\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 3, 1>
    [D:\MouseWare\System\LgWndHk.dll]  <Logitech Inc.><9.78.034>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  <><2, 0, 0, 1013>
    [C:\WINDOWS\downlo~1\Rnflsc.dll]  <Tencent><4, 1, 5, 51>
    [C:\Program Files\Common Files\Logitech\Scrolling\LgMsgHk.dll]  <Logitech Inc.><1.1.0>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================
gototop
 
我无邪
头像
高贵耄耋狮
  • 帖子:20720
  • 注册: 2004-06-10
  • 来自:广西玉林
发表于: 2006-07-10 13:03 | 短消息 资料
字号: 12楼

进入控制面版的添加删除程序中卸载三七二一,雅虎助手,搜搜地址栏搜索(QQ搜索小助手)
运行(双击)System Repair Engineer,点“启动项目,服务,点“Win32服务应用程序”勾选“隐藏微软服务”选中病毒服务aucup,aukld 选择“删除服务”点“设置”选择“否”最后重启。(每一个逗号隔开的就是一个病毒的服务,请逐一删除)
重启
双击我的电脑,工具,文件夹选项,查看,单击选取"显示隐藏文件或文件夹"清除"隐藏受保护的操作系统文件(推荐)"复选框。在提示确定更改时,单击“是”,清除“隐藏已知文件类型的扩展名
另外提示(C:\DOCUME~1\你的用户名\LOCALS~1\Temp就是C:\Documents and Settings\你的用户名\Local Settings\Temp,C:\PROGRA~1就是C:\ProgramFiles,C:\WINDOWS\DOWNLO~1就是C:\WINDOWS\Downloaded Program Files)
删除
C:\DOCUME~1\new\LOCALS~1\Temp删除这个文件夹中所有能删除的东东
gototop
 
<<上一主题|下一主题>>
12   2  /  2  页   跳转
页面顶部
Powered by Discuz!NT