其实phime2002a的问题并不复杂,但是又很多的朋友都不太了解win7垃圾清理工具bet在哪,因此呢,今天小编就来为大家分享phime2002a的一些知识,希望可以帮助到大家,下面我们一起来看看这个问题的分析吧!
comres.dall找不到怎么办
把下面这段代码复制到记事本中,然后把扩展名改为.bat,双击打开就行啦,代码如下:
@ECHOOFF
@ECHO.
@ECHO.
@ECHO--------------------------------------------------------------
@ECHO
@ECHO欢迎使用
@ECHO
@ECHO--------------------------------------------------------------
PAUSE
regdelete"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"/va/f
regdelete"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run"/va/f
regadd"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run"/vctfmon.exe/dC:\WINDOWS\system32\ctfmon.exe
regdelete"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg"/f
regadd"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\IMJPMIG8.1"
regadd"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\IMJPMIG8.1"/vcommand/d""C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE"/Spoil/RemAdvDef/Migration32"
regadd"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\IMJPMIG8.1"/vhkey/dHKLM
regadd"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\IMJPMIG8.1"/vinimapping/d0
regadd"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\IMJPMIG8.1"/vitem/dIMJPMIG
regadd"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\IMJPMIG8.1"/vkey/dSOFTWARE\Microsoft\Windows\CurrentVersion\Run
regadd"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\PHIME2002A"
regadd"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\PHIME2002A"/vcommand/d"C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE/IMEName"
regadd"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\PHIME2002A"/vhkey/dHKLM
regadd"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\PHIME2002A"/vinimapping/d0
regadd"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\PHIME2002A"/vitem/dTINTSETP
regadd"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\PHIME2002A"/vkey/dSOFTWARE\Microsoft\Windows\CurrentVersion\Run
regadd"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\PHIME2002ASync"
regadd"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\PHIME2002ASync"/vcommand/d""C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE"/Spoil/RemAdvDef/Migration32"
regadd"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\PHIME2002ASync"/vhkey/dHKLM
regadd"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\PHIME2002ASync"/vinimapping/d0
regadd"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\PHIME2002ASync"/vitem/dTINTSETP
regadd"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\PHIME2002ASync"/vkey/dSOFTWARE\Microsoft\Windows\CurrentVersion\Run
del"C:\DocumentsandSettings\AllUsers\「开始」菜单\程序\启动\*.*"/q/f
del"C:\DocumentsandSettings\DefaultUser\「开始」菜单\程序\启动\*.*"/q/f
del"%userprofile%\「开始」菜单\程序\启动\*.*"/q/f
startC:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe
@echooff
echo×××××××××××××××××××××××......
del/f/s/q%systemdrive%\*.tmp
del/f/s/q%systemdrive%\*._mp
del/f/s/q%systemdrive%\*.log
del/f/s/q%systemdrive%\*.gid
del/f/s/q%systemdrive%\*.chk
del/f/s/q%systemdrive%\*.old
del/f/s/q%systemdrive%\recycled\*.*
del/f/s/q%windir%\*.bak
del/f/s/q%windir%\prefetch\*.*
rd/s/q%windir%\temp&md%windir%\temp
del/f/q%userprofile%\cookies\*.*
del/f/q%userprofile%\recent\*.*
del/f/s/q"%userprofile%\LocalSettings\TemporaryInternetFiles\*.*"
del/f/s/q"%userprofile%\LocalSettings\Temp\*.*"
del/f/s/q"%userprofile%\recent\*.*"
echo您的操作完毕
echo.&pause
win7垃圾清理工具bet在哪
你说的是bat吧,我给你一个史上最完整的bat程序:
@echooff
color1F
@title=优化系统
echo您好我是优化软件,先为您查询今日日期和现在的时间。
ping127.0.0.1/n2>nul
echo%date:~0,4%年%date:~5,2%月%date:~8,2%日%time:~0,8%
pause
ping127.0.0.1/n2>nul
echo我是专门优化电脑的,可以为您优化电脑
echo.
echo此工具可以帮您系统提速!
echo.&pause
echo第一步,WindowsbAT正在清理C盘的系统垃圾和临时文件,请稍后……
del/f/s/q%systemdrive%\*.tmp
del/f/s/q%systemdrive%\*._mp
del/f/s/q%systemdrive%\*.log
del/f/s/q%systemdrive%\*.gid
del/f/s/q%systemdrive%\*.chk
del/f/s/q%systemdrive%\*.old
del/f/s/q%systemdrive%\recycled\*.*
del/f/s/q%windir%\*.bak
del/f/s/q%windir%\prefetch\*.*
rd/s/q%windir%\temp&md%windir%\temp
del/f/q%userprofile%\COOKIESs\*.*
del/f/q%userprofile%\recent\*.*
del/f/s/q"%userprofile%\LocalSettings\TemporaryInternetFiles\*.*"
del/f/s/q"%userprofile%\LocalSettings\Temp\*.*"
del/f/s/q"C:\WINDOWS\HELP\*.*"
del/f/s/q"%userprofile%\recent\*.*"
echo完成√,下一步将会使用磁盘清理实用程序清理其他盘的垃圾文件。
echo.&pause
cleanmgr
echo第二步:清理开机启动项,加快系统开机速度!
echo.&pause
regdeleteHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run/va/f
regdeleteHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run/va/f
regaddHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run/vctfmon.exe/dC:\WINDOWS\system32\ctfmon.exe
regdelete"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg"/f
regadd"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\IMJPMIG8.1"
regadd"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\IMJPMIG8.1"/vcommand/d""C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE"/Spoil/RemAdvDef/Migration32"
regadd"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\IMJPMIG8.1"/vhkey/dHKLM
regadd"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\IMJPMIG8.1"/vinimapping/d0
regadd"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\IMJPMIG8.1"/vitem/dIMJPMIG
regadd"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\IMJPMIG8.1"/vkey/dSOFTWARE\Microsoft\Windows\CurrentVersion\Run
regadd"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\PHIME2002A"
regadd"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\PHIME2002A"/vcommand/d"C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE/IMEName"
regadd"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\PHIME2002A"/vhkey/dHKLM
regadd"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\PHIME2002A"/vinimapping/d0
regadd"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\PHIME2002A"/vitem/dTINTSETP
regadd"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\PHIME2002A"/vkey/dSOFTWARE\Microsoft\Windows\CurrentVersion\Run
regadd"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\PHIME2002ASync"
regadd"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\PHIME2002ASync"/vcommand/d""C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE"/Spoil/RemAdvDef/Migration32"
regadd"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\PHIME2002ASync"/vhkey/dHKLM
regadd"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\PHIME2002ASync"/vinimapping/d0
regadd"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\PHIME2002ASync"/vitem/dTINTSETP
regadd"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SharedTools\MSConfig\startupreg\PHIME2002ASync"/vkey/dSOFTWARE\Microsoft\Windows\CurrentVersion\Run
del"C:\DocumentsandSettings\AllUsers\「开始」菜单\程序\启动\*.*"/q/f
del"C:\DocumentsandSettings\DefaultUser\「开始」菜单\程序\启动\*.*"/q/f
del"%userprofile%\「开始」菜单\程序\启动\*.*"/q/f
echo第三步:使用“添加或删除程序”来卸载不需要的软件,提高系统运行速度。(需要手动删除)
echo.&pause
appwiz.cpl
echo第四步:更多性能优化,请:在“我的电脑”点右键,按“属性”,高级选项卡页,在性能部分的设置打开点击调整为最佳性能,即可。(需要手动设置)
echo.&pause
echo第五步:快速查毒杀毒,不损伤系统!
echo.&pause
delc:\winnt\logo1_.exe
delc:\windows\logo1_.exe
delc:\winnt\0sy.exe
delc:\windows\0sy.exe
delc:\winnt\1sy.exe
delc:\windows\1sy.exe
delc:\winnt\2sy.exe
delc:\windows\2sy.exe
delc:\winnt\3sy.exe
delc:\windows\3sy.exe
delc:\winnt\4sy.exe
delc:\windows\4sy.exe
delc:\winnt\5sy.exe
delc:\windows\5sy.exe
delc:\winnt\6sy.exe
delc:\windows\6sy.exe
delc:\winnt\7sy.exe
delc:\windows\7sy.exe
delc:\winnt\8sy.exe
delc:\windows\8sy.exe
delc:\winnt\9sy.exe
delc:\windows\9sy.exe
delc:\winnt\rundl132.exe
delc:\windows\rundl132.exe
netsharec$/d
netshared$/d
netsharee$/d
netshareF$/d
netshareG$/d
netshareh$/d
netsharei$/d
netsharej$/d
netshareadmin$/d
netshareipc$/d
delc:\winnt\logo1_.exe
delc:\windows\logo1_.exe
delc:\windows\vdll.dll
delc:\winnt\vdll.dll
delc:\windows\tdll.dll
delc:\winnt\tdll.dll
delc:\windows\dll.dll
delc:\winnt\dll.dll
delc:\winnt\kill.exe
delc:\windows\kill.exe
delc:\winnt\sws32.dll
delc:\windows\sws32.dll
delc:\winnt\rundl132.exe
delc:\windows\rundl132.exe
echo.
echo.
echo.
echo.*****************************
echo.
echo.正在查毒...请不要关闭......
echo.
echo.*****************************
echo.
echo.
echo.
echo.
ping127.0.0.1-n5
delc:\winnt\logo1_.exe
delc:\windows\logo1_.exe
delC:\winnt\system32\Logo1_.exe
delC:\winnt\system32\rundl132.exe
delC:\winnt\system32\bootconf.exe
delC:\winnt\system32\kill.exe
delC:\winnt\system32\sws32.dll
delC:\windows\Logo1_.exe
delC:\windows\rundl132.exe
delC:\windows\bootconf.exe
delC:\windows\kill.exe
delC:\windows\sws32.dll
delC:\windows\dll.dll
delC:\windows\vdll.dll
delc:\windows\tdll.dll
delC:\windows\system32\ShellExt\svchs0t.exe
delC:\windows\system32\Logo1_.exe
delC:\windows\system32\rundl132.exe
delC:\windows\system32\bootconf.exe
delC:\windows\system32\kill.exe
delC:\windows\system32\sws32.dll
delc:\_desktop.ini/f/s/q/a
deld:\_desktop.ini/f/s/q/a
dele:\_desktop.ini/f/s/q/a
delf:\_desktop.ini/f/s/q/a
delg:\_desktop.ini/f/s/q/a
delh:\_desktop.ini/f/s/q/a
deli:\_desktop.ini/f/s/q/a
delj:\_desktop.ini/f/s/q/a
delk:\_desktop.ini/f/s/q/aAbc[/hide]
netstop"McAfee.comVirusScanOnlineRealtimeEngine"
netstop"McAfeeAgent"
netstop"McAfeeSecurityCenterUpdateManager"
netstop"McShield"
netstop"SyGateService"
netstop"SygatePersonalFirewallPro"
netstop"SygatePersonalFirewall"
netstop"SophosAnti-Virus"
netstop"SophosAnti-VirusNetwork"
netstop"eTrustAntivirusJobServer"
netstop"eTrustAntivirusRealtimeServer"
netstop"eTrustAntivirusRPCServer"
netstop"ViRobotExpertMonitoring"
netstop"ViRobotLiteMonitoring"
netstop"QuickHealOnlineProtection"
netstop"V3MonNT"
netstop"V3MonSvc"
netstop"SecurityCenter"
netstop"WindowsFirewall"
netstop"WindowsInternetConnectionSharing(ICS)"
netstop"NAVAlert"
netstop"NAVAuto-Protect"
netstop"ScriptBlockingService"
netstop"DefWatch"
netstop"BackgroundIntelligentTransferService"
netstop"SystemEventNotification"
netstop"BlackICE"
netstop"AVSyncManager"
netstop"AVG7AlertManagerServer"
netstop"AVG7UpdateService"
netstop"InVircibleScheduler"
netstop"kavsvc"
netstop"avast!Antivirus"
netstop"avast!iAVS4ControlService"
netstop"TrendServerProtectAgent"
netstop"TrendServerProtect"
echo查毒杀毒完毕
pause
echo第六步:优化系统服务。
pause
scconfigAlerterstart=DISABLED
scconfigALGstart=DISABLED
scconfigAppMgmtstart=DEMAND
scconfigAudioSrvstart=AUTO
scconfigBITSstart=DISABLED
scconfigBrowserstart=DISABLED
scconfigClipSrvstart=DISABLED
scconfigCOMSysAppstart=DEMAND
scconfigCryptSvcstart=DEMAND
scconfigDcomLaunchstart=AUTO
scconfigDhcpstart=AUTO
scconfigdmadminstart=DEMAND
scconfigdmserverstart=DEMAND
scconfigDnscachestart=DISABLED
scconfigEventlogstart=AUTO
scconfigEventSystemstart=DEMAND
scconfigFastUserSwitchingCompatibilitystart=DISABLED
scconfigHidServstart=DISABLED
scconfigHTTPFilterstart=DEMAND
scconfigImapiServicestart=DISABLED
scconfiglanmanserverstart=DISABLED
scconfiglanmanworkstationstart=DISABLED
scconfigLmHostsstart=DISABLED
scconfigMessengerstart=DISABLED
scconfigmnmsrvcstart=DISABLED
scconfigMSDTCstart=DISABLED
scconfigMSIServerstart=DEMAND
scconfigNetDDEstart=DISABLED
scconfigNetDDEdsdmstart=DISABLED
scconfigNetlogonstart=DISABLED
scconfigNetmanstart=DEMAND
scconfigNlastart=DISABLED
scconfigNtLmSspstart=DEMAND
scconfigPlugPlaystart=AUTO
scconfigPolicyAgentstart=DISABLED
scconfigProtectedStoragestart=AUTO
scconfigRasAutostart=DISABLED
scconfigRasmanstart=DEMAND
scconfigRDSessmgrstart=DISABLED
scconfigRemoteAccessstart=DISABLED
scconfigRemoteRegistrystart=DISABLED
scconfigRpcLocatorstart=DISABLED
scconfigRpcSsstart=AUTO
scconfigRSVPstart=DISABLED
scconfigSamSsstart=DISABLED
scconfigSCardSvrstart=DEMAND
scconfigSchedulestart=DISABLED
scconfigseclogonstart=DISABLED
scconfigSENSstart=DISABLED
scconfigSharedAccessstart=DISABLED
scconfigShellHWDetectionstart=DISABLED
scconfigSpoolerstart=AUTO
scconfigsrservicestart=DISABLED
scconfigSSDPSRVstart=DISABLED
scconfigstisvcstart=DEMAND
scconfigSwPrvstart=DISABLED
scconfigSysmonLogstart=DISABLED
scconfigTapiSrvstart=DEMAND
scconfigTermServicestart=DISABLED
scconfigThemesstart=AUTO
scconfigTlntSvrstart=DISABLED
scconfigTrkWksstart=DISABLED
scconfigUMWdfstart=DEMAND
scconfigWMPNetworkSvcstart=DISABLED
scconfigupnphoststart=DISABLED
scconfigVSSstart=DISABLED
scconfigW32Timestart=DISABLED
scconfigWebClientstart=DISABLED
scconfigwinmgmtstart=AUTO
scconfigWmdmPmSNstart=DISABLED
scconfigWmistart=DEMAND
scconfigWmiApSrvstart=DISABLED
scconfigwscsvcstart=DISABLED
scconfigwuauservstart=DISABLED
scconfigWZCSVCstart=DEMAND
scconfigxmlprovstart=DEMAND
scconfighelpsvcstart=DISABLED
scconfigCiSvcstart=DISABLED
scconfigERSvcstart=DISABLED
scconfigNtmsSvcstart=DEMAND
scconfigNVSvcstart=DEMAND
pause
Exploit.JS.Phel.av是什么病毒
部分报告如下。
已清除:病毒Worm.Win32.Viking.bb文件:D:\安装软件\AcdSee3.0.exe/UPack
已删除:木马程序Trojan-Dropper.Win32.Agent.awb文件:C:\7003cafi.exe/UPX
已删除:木马程序Trojan-PSW.Win32.WOW.da文件:C:\jijy99.exe
已删除:广告程序not-a-virus:AdWare.Win32.Zhongsou.d文件:C:\setup.exe/ASPack
已删除:广告程序not-a-virus:AdWare.Win32.Hengbang.t文件:C:\DocumentsandSettings\Administrator\LocalSettings\Temp\199019002.exe/hbcast.dll
已删除:广告程序not-a-virus:AdWare.Win32.IEHlpr.e文件:C:\DocumentsandSettings\Administrator\LocalSettings\Temp\5001.exe
已删除:木马程序Trojan-Dropper.Win32.Delf.zg文件:C:\DocumentsandSettings\Administrator\LocalSettings\TemporaryInternetFiles\Content.IE5\0B4JC389\19790205[1].exe/PE_Patch.UPX/UPX
已删除:木马程序Trojan-Dropper.Win32.Agent.axt文件:C:\DocumentsandSettings\Administrator\LocalSettings\TemporaryInternetFiles\Content.IE5\0B4JC389\update6[1].exe/ASPack
已删除:木马程序Trojan-PSW.Win32.Nilage.aks文件:C:\DocumentsandSettings\Administrator\LocalSettings\TemporaryInternetFiles\Content.IE5\0DU3MLIZ\2[1].exe/UPX
已删除:木马程序Trojan-PSW.Win32.Agent.ix文件:C:\DocumentsandSettings\Administrator\LocalSettings\TemporaryInternetFiles\Content.IE5\0DU3MLIZ\4[1].exe/FSG
已删除:木马程序Trojan-Dropper.Win32.Agent.axt文件:C:\DocumentsandSettings\Administrator\LocalSettings\TemporaryInternetFiles\Content.IE5\0DU3MLIZ\update71[1].exe/ASPack
已删除:木马程序Trojan-PSW.Win32.Nilage.and文件:C:\DocumentsandSettings\Administrator\LocalSettings\TemporaryInternetFiles\Content.IE5\6X2BANW7\1[1].exe/UPX
已删除:木马程序Trojan-PSW.Win32.Agent.ix文件:C:\DocumentsandSettings\Administrator\LocalSettings\TemporaryInternetFiles\Content.IE5\6X2BANW7\3[1].exe/FSG
已删除:木马程序Trojan-Downloader.VBS.Psyme.cr文件:C:\DocumentsandSettings\Administrator\LocalSettings\TemporaryInternetFiles\Content.IE5\6X2BANW7\haha168[1].htm
已删除:木马程序Trojan-Dropper.Win32.Agent.axt文件:C:\DocumentsandSettings\Administrator\LocalSettings\TemporaryInternetFiles\Content.IE5\6X2BANW7\update52[1].exe/ASPack
已删除:木马程序Backdoor.Win32.Hupigon.crp文件:C:\DocumentsandSettings\Administrator\LocalSettings\TemporaryInternetFiles\Content.IE5\SZKD6D4V\5[1].exe
已删除:木马程序Trojan-Dropper.Win32.Agent.axt文件:C:\DocumentsandSettings\Administrator\LocalSettings\TemporaryInternetFiles\Content.IE5\SZKD6D4V\update41[1].exe/ASPack
已删除:木马程序Trojan-Dropper.Win32.Agent.axt文件:C:\DocumentsandSettings\Administrator\LocalSettings\TemporaryInternetFiles\Content.IE5\SZKD6D4V\update81[1].exe/ASPack
未发现:木马程序Trojan-Spy.Win32.Agent.ct文件:C:\DocumentsandSettings\AllUsers\ApplicationData\Microsoft\UserData\IE.exe
未发现:广告程序not-a-virus:AdWare.Win32.IEHlpr.e文件:C:\DocumentsandSettings\AllUsers\ApplicationData\Microsoft\UserData\IEHelper_5001.dll
已删除:木马程序Trojan-Dropper.Win32.Agent.axt文件:C:\DocumentsandSettings\NetworkService\LocalSettings\TemporaryInternetFiles\Content.IE5\0J0L1U3C\update31[1].exe/ASPack
已删除:木马程序Trojan-PSW.Win32.Nilage.aoi文件:C:\DocumentsandSettings\tiger\LocalSettings\Temp\z.exe.exe/UPX
已删除:木马程序Trojan-PSW.Win32.Nilage.ann文件:C:\DocumentsandSettings\tiger\LocalSettings\TemporaryInternetFiles\Content.IE5\0B4JC389\ads2[1].exe
已删除:木马程序Trojan-PSW.Win32.Lmir.bca文件:C:\DocumentsandSettings\tiger\LocalSettings\TemporaryInternetFiles\Content.IE5\0DU3MLIZ\ads3[1].exe/ASPack
已删除:木马程序Trojan-PSW.Win32.QQPass.hv文件:C:\DocumentsandSettings\tiger\LocalSettings\TemporaryInternetFiles\Content.IE5\6X2BANW7\ads1[1].exe/PE_Patch/UPack
已删除:恶意程序Exploit.JS.Phel.av文件:C:\DocumentsandSettings\tiger\LocalSettings\TemporaryInternetFiles\Content.IE5\8LQB0XAZ\young[1].gif
已删除:恶意程序Exploit.VBS.Phel.bw文件:C:\DocumentsandSettings\tiger\LocalSettings\TemporaryInternetFiles\Content.IE5\KLER49Q3\index[4].htm
已删除:木马程序Backdoor.Win32.Agent.ahj文件:C:\DocumentsandSettings\tiger\LocalSettings\TemporaryInternetFiles\Content.IE5\KLER49Q3\young[1].css/PE_Patch/UPack
已删除:木马程序Trojan-Dropper.Win32.small.ata文件:C:\DocumentsandSettings\tiger\LocalSettings\TemporaryInternetFiles\Content.IE5\SZKD6D4V\ads[1].exe/UPX
已删除:木马程序Trojan-PSW.Win32.Lineage.anq文件:C:\ProgramFiles\svhost32.exe/UPack
已删除:木马程序Trojan-PSW.Win32.QQRob.iw文件:C:\ProgramFiles\CommonFiles\MicrosoftShared\MSInfo\DC75976D.dat/UPX
已清除:病毒Worm.Win32.Viking.bb文件:C:\ProgramFiles\Copyso\Copyso.exe/UPack
已删除:广告程序not-a-virus:AdWare.Win32.Zhongsou.d文件:C:\ProgramFiles\DeskAdTop\fshook.dll
已删除:广告程序not-a-virus:AdWare.Win32.WSearch.j文件:C:\ProgramFiles\DeskAdTop\Mrup.exe
已删除:木马程序Trojan-PSW.Win32.Nilage.and文件:C:\ProgramFiles\InternetExplorer\0Sy.exe/UPX
已删除:木马程序Trojan-PSW.Win32.Nilage.aks文件:C:\ProgramFiles\InternetExplorer\1Sy.exe/UPX
已删除:广告程序not-a-virus:AdWare.Win32.Boran.s文件:C:\ProgramFiles\MMSAssist\Mmsass~1.dll
已删除:广告程序not-a-virus:AdWare.Win32.Boran.s文件:C:\ProgramFiles\MMSAssist\MMSSVER.DLL
已删除:木马程序Trojan-PSW.Win32.QQRob.iw文件:C:\ProgramFiles\Tencent\QQ\DC75976D.EXE/UPX
已清除:病毒Worm.Win32.Viking.bb文件:C:\ProgramFiles\Tencent\QQ1\QQ.exe/UPack
已清除:病毒Worm.Win32.Viking.bb文件:C:\ProgramFiles\Tencent\QQGame\P2PDownload.exe/UPack
。
。
。
。
。
已删除:木马程序Trojan-Downloader.Win32.Dadobra.mr文件:D:\3dsmax5\adlmswitch.exe/UPack
已删除:木马程序Trojan-Downloader.Win32.Dadobra.mr文件:D:\3dsmax5\MaxFind.exe/UPack
已删除:木马程序Trojan-Downloader.Win32.Dadobra.mr文件:D:\3dsmax5\PMAN32.EXE/UPack
已删除:木马程序Trojan-Downloader.Win32.Dadobra.mr文件:D:\3dsmax5\help\answerworks\SETUP.EXE/UPack
已清除:病毒Worm.Win32.Viking.bb文件:D:\3dsmax5\backburner2\serversvc.exe/UPack
已删除:木马程序Trojan-Downloader.Win32.Dadobra.mr文件:D:\3dsmax5\backburner2\server.exe/UPack
已删除:木马程序Trojan-Downloader.Win32.Dadobra.mr文件:D:\3dsmax5\backburner2\monitor.exe/UPack
已清除:病毒Worm.Win32.Viking.bb文件:D:\3dsmax5\backburner2\managersvc.exe/UPack
其中还残留着两个可疑文件。
未发现:木马程序Trojan-Spy.Win32.Agent.ct文件:C:\DocumentsandSettings\AllUsers\ApplicationData\Microsoft\UserData\IE.exe
未发现:广告程序not-a-virus:AdWare.Win32.IEHlpr.e文件:C:\DocumentsandSettings\AllUsers\ApplicationData\Microsoft\UserData\IEHelper_5001.dll
删不掉。。用卡巴司机杀不了。。写访问被拒绝。
用360安全卫士进行检测。报告如下。:
各位高手:
非常感谢您留心我这份系统诊断报告,小菜鸟十万火急等待您的帮助!
该诊断报告由360安全卫士提供[url=http://www.360safe.com]http://www.360safe.com[/url]
诊断时间:2006-10-1808:39:17
诊断平台:MicrosoftWindowsXPServicePack2
IE版本:InternetExplorerV6.0.2900.2180Build:62900.2180
计算机物理内存:767MB-当前可用内存:402MB
100-中危险-Process:DuDuAcc.exe[dudu下载加速器的相关进程。]-"C:\ProgramFiles\DuDu\Speed\DuDuAcc.exe"/m1
100-中危险-Process:dudupros.exe[Dudu下载加速器相关进程。]-"C:\ProgramFiles\DuDu\Speed\dudupros.exe"
R0-未知-HKCU\Software\Microsoft\InternetExplorer\Main,StartPage=http://www.baidu.com/
R0-未知-HKLM\Software\Microsoft\InternetExplorer\Search,SearchAssistant=
R3-低危险-URLSearchHook:(bhoClass)-[CopySo拷贝搜,强制安装、无法彻底删除]-{ED8DFC5C-10EF-45AB-9DC2-0639AFF5A270}-C:\PROGRA~1\COMMON~1\Wnwb\wnwbio.dll
O2-中危险-BHO:(dddmontClass)-[Dudu下载加速器,强制安装、恶意软件共享、无法彻底删除。]-{00018593-C6BD-46F7-9349-DBA1AA674C90}-C:\ProgramFiles\DuDu\Speed\dddiemon.dll
O2-低危险-BHO:(bhoClass)-[CopySo拷贝搜,强制安装、无法彻底删除]-{ED8DFC5C-10EF-45AB-9DC2-0639AFF5A270}-C:\PROGRA~1\COMMON~1\Wnwb\wnwbio.dll
O4-中危险-Startupfolder:[DuDu下载加速器.lnk][dudu加速器相关程序。]C:\DocumentsandSettings\AllUsers.WINDOWS\「开始」菜单\程序\启动\DuDu下载加速器.lnk
O8-未知-Extracontextmenuitem:&使用DuDu下载-res://C:\ProgramFiles\DuDu\Speed\dddmext.dll/202
O8-未知-Extracontextmenuitem:&使用DuDu下载全部链接-res://C:\ProgramFiles\DuDu\Speed\dddmext.dll/203
O8-未知-Extracontextmenuitem:&使用DuDu下载选择链接-res://C:\ProgramFiles\DuDu\Speed\dddmext.dll/204
O8-未知-Extracontextmenuitem:&使用DuDu捕获页面视频-res://C:\ProgramFiles\DuDu\Speed\dddmext.dll/205
O8-未知-Extracontextmenuitem:上传到QQ网络硬盘-C:\ProgramFiles\Tencent\QQ\AddToNetDisk.htm
O8-未知-Extracontextmenuitem:添加到QQ自定义面板-C:\ProgramFiles\Tencent\QQ\AddPanel.htm
O8-未知-Extracontextmenuitem:添加到QQ表情-C:\ProgramFiles\Tencent\QQ\AddEmotion.htm
O8-未知-Extracontextmenuitem:用QQ彩信发送该图片-C:\ProgramFiles\Tencent\QQ\SendMMS.htm
O9-未知-Extrabutton:新浪UC(HKLM)
O9-未知-Extrabutton:腾讯QQ(HKLM)
O17-未知-HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{65CC5F48-5BEA-40EF-A73D-51E3ECC1AB97}:NameServer=202.97.230.4,202.97.224.68
=======================================
100-安全-Process:smss.exe[进程为会话管理子系统用以初始化系统变量,ms-dos驱动名称类似lpt1以及com,调用win32壳子系统和运行在windows登陆过程。]-\SystemRoot\System32\smss.exe
100-安全-Process:csrss.exe[客户端服务子系统,用以控制windows图形相关子系统。]-C:\WINDOWS\system32\csrss.exeObjectDirectory=\WindowsSharedSection=1024,3072,512Windows=OnSubSystemType=WindowsServerDll=basesrv,1ServerDll=winsrv:UserServerDllInitialization,3ServerDll=winsrv:ConServerDllInitialization,2ProfileControl=OffMaxRequestT
100-安全-Process:winlogon.exe[windowsnt用户登陆程序。]-winlogon.exe
100-安全-Process:services.exe[用于管理windows服务系统进程。]-C:\WINDOWS\system32\services.exe
100-安全-Process:lsass.exe[本地安全权限服务控制windows安全机制。]-C:\WINDOWS\system32\lsass.exe
100-安全-Process:svchost.exe[servicehostprocess是一个标准的动态连接库主机处理服务。]-C:\WINDOWS\system32\svchost-kDcomLaunch
100-安全-Process:svchost.exe[servicehostprocess是一个标准的动态连接库主机处理服务。]-C:\WINDOWS\system32\svchost-krpcss
100-安全-Process:svchost.exe[servicehostprocess是一个标准的动态连接库主机处理服务。]-C:\WINDOWS\System32\svchost.exe-knetsvcs
100-安全-Process:svchost.exe[servicehostprocess是一个标准的动态连接库主机处理服务。]-C:\WINDOWS\system32\svchost.exe-kNetworkService
100-安全-Process:svchost.exe[servicehostprocess是一个标准的动态连接库主机处理服务。]-C:\WINDOWS\system32\svchost.exe-kLocalService
100-安全-Process:spoolsv.exe[windows打印任务控制程序,用以打印机就绪。]-C:\WINDOWS\system32\spoolsv.exe
100-安全-Process:explorer.exe[windowsprogrammanager或者windowsexplorer用于控制windows图形shell,包括开始菜单、任务栏,桌面和文件管理。]-C:\WINDOWS\Explorer.EXE
100-安全-Process:avp.exe[卡巴斯基杀毒软件相关程序。]-"C:\ProgramFiles\KasperskyLab\KasperskyInternetSecurity6.0\avp.exe"
100-安全-Process:ctfmon.exe[officexp输入法图标。]-"C:\WINDOWS\system32\ctfmon.exe"
100-中危险-Process:DuDuAcc.exe[dudu下载加速器的相关进程。]-"C:\ProgramFiles\DuDu\Speed\DuDuAcc.exe"/m1
100-安全-Process:avp.exe[卡巴斯基杀毒软件相关程序。]-"C:\ProgramFiles\KasperskyLab\KasperskyInternetSecurity6.0\avp.exe"-r
100-中危险-Process:dudupros.exe[Dudu下载加速器相关进程。]-"C:\ProgramFiles\DuDu\Speed\dudupros.exe"
100-安全-Process:alg.exe[这是一个应用层网关服务用于网络共享。]-C:\WINDOWS\System32\alg.exe
100-安全-Process:wuauclt.exe[windows操作系统后台程序,用于系统升级。]-"C:\WINDOWS\system32\wuauclt.exe"
100-安全-Process:iexplore.exe[microsoftinternetexplorer浏览器用于浏览网页。]-"C:\ProgramFiles\InternetExplorer\IEXPLORE.EXE"
100-安全-Process:iexplore.exe[microsoftinternetexplorer浏览器用于浏览网页。]-"C:\ProgramFiles\InternetExplorer\IEXPLORE.EXE"
100-安全-Process:iexplore.exe[microsoftinternetexplorer浏览器用于浏览网页。]-"C:\ProgramFiles\InternetExplorer\IEXPLORE.EXE"
100-安全-Process:iexplore.exe[microsoftinternetexplorer浏览器用于浏览网页。]-"C:\ProgramFiles\InternetExplorer\IEXPLORE.EXE"
100-安全-Process:iexplore.exe[microsoftinternetexplorer浏览器用于浏览网页。]-"C:\ProgramFiles\InternetExplorer\IEXPLORE.EXE"
100-安全-Process:iexplore.exe[microsoftinternetexplorer浏览器用于浏览网页。]-"C:\ProgramFiles\InternetExplorer\IEXPLORE.EXE"
100-安全-Process:iexplore.exe[microsoftinternetexplorer浏览器用于浏览网页。]-"C:\ProgramFiles\InternetExplorer\IEXPLORE.EXE"
100-安全-Process:CheckTool.exe[360Toolsmicrosoft基础类应用程序]-"C:\DocumentsandSettings\Administrator.16A189B893E14EA\桌面\CheckTool\CheckTool.exe"
R0-未知-HKCU\Software\Microsoft\InternetExplorer\Main,StartPage=http://www.baidu.com/
R0-未知-HKLM\Software\Microsoft\InternetExplorer\Search,SearchAssistant=
R1-安全-HKLM\Software\Microsoft\InternetExplorer\Main,LocalPage=C:\WINDOWS\system32\blank.htm
R1-安全-HKCU\Software\Microsoft\InternetExplorer\Main,LocalPage=C:\WINDOWS\system32\blank.htm
R3-低危险-URLSearchHook:(bhoClass)-[CopySo拷贝搜,强制安装、无法彻底删除]-{ED8DFC5C-10EF-45AB-9DC2-0639AFF5A270}-C:\PROGRA~1\COMMON~1\Wnwb\wnwbio.dll
O2-中危险-BHO:(dddmontClass)-[Dudu下载加速器,强制安装、恶意软件共享、无法彻底删除。]-{00018593-C6BD-46F7-9349-DBA1AA674C90}-C:\ProgramFiles\DuDu\Speed\dddiemon.dll
O2-安全-BHO:(QQBrowserHelperObjectClass)-[腾讯QQ的一个插件。]-{54EBD53A-9BC1-480B-966A-843A333CA162}-C:\ProgramFiles\Tencent\QQ\QQIEHelper.dll
O2-低危险-BHO:(bhoClass)-[CopySo拷贝搜,强制安装、无法彻底删除]-{ED8DFC5C-10EF-45AB-9DC2-0639AFF5A270}-C:\PROGRA~1\COMMON~1\Wnwb\wnwbio.dll
O4-安全-HKLM\..\Run:[IMJPMIG8.1][微软Microsoft输入法编辑器程序。]"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE"/Spoil/RemAdvDef/Migration32
O4-安全-HKLM\..\Run:[PHIME2002ASync][输入法软件相关程序。]C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE/SYNC
O4-安全-HKLM\..\Run:[PHIME2002A][输入法软件相关程序。]C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE/IMEName
O4-安全-HKLM\..\Run:[kis][卡巴斯基反病毒软件相关程序。]"C:\ProgramFiles\KasperskyLab\KasperskyInternetSecurity6.0\avp.exe"
O4-安全-HKLM\..\Run:[kav][卡巴斯基杀毒软件相关程序。]"C:\ProgramFiles\KasperskyLab\KasperskyInternetSecurity6.0\avp.exe"
O4-安全-HKLM\..\Run:[NMGameX_AutoRun][新浪igame游戏大厅相关程序。]C:\WINDOWS\system32\Rundll32.exeNMGameX.dll,LiveProcess/aa
O4-安全-HKCU\..\Run:[ctfmon.exe][officexp输入法图标。]C:\WINDOWS\system32\ctfmon.exe
好了,文章到此结束,希望可以帮助到大家。
