无法UPDATE
时间:2014-03-06
来源:互联网
WIN7 SP1 最近要更新无法更新!
hijackthis.log (19.96 KB)
hijackthis.log (19.96 KB)
2014-2-11 11:26 PM, 下载次数: 5
作者: GTF83190012 发布时间: 2014-03-06
开机按F8,入安全模式做Fix checked & OTM 删除。
1.执行Hijackthis > Do a system scan only > 勾选下列项目 > 按Fix Checked (fix checked时关闭所有browsers/程式) > 按"是"。
copy & paste 以下项目於Paste Instructions for Items to be Moved的框格内。
按MoveIt > OK > 重启电脑。
(JRT会自动删除附於浏览器的恶意程式/档案/登录档)
4. 关闭所有防毒软件(包括Windows Defender),下载ComboFix至桌面 ,执行 ComboFix 扫毒。
扫瞄时不要执行其他程式或点击 ComboFix视窗。
完成扫瞄后,ComboFix 报告会自动弹出。
5. 下载 OTL.exe於桌面。双按OTL.exe > 按Run Scan > 完成后请将OTL扫瞄报告(OTL.txt)贴上。
(OTL扫瞄需时较长,请耐心等候)
请贴上以下报告:
a. JRT扫毒报告。
b. ComboFix扫毒报告。
c. OTL.txt扫瞄报告。
1.执行Hijackthis > Do a system scan only > 勾选下列项目 > 按Fix Checked (fix checked时关闭所有browsers/程式) > 按"是"。
引用:
O2 - BHO: XlBrowserAddinBho.XlBrowserAddinBhoObject - {0EA37B17-6B8B-4085-8257-F3A4AA69C27A} - C:\Program Files (x86)\Thunder Network\Thunder\BHO\XlBrowserAddin1.0.8.71.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll
O2 - BHO: 瑞俴弝畦温挚狟婥郪璃 - {4ADBABBD-E1CA-4f11-BD01-73B0B6E4B5BA} - C:\Users\PAN\funshion\funshiontools\FunshionHelper.dll
O2 - BHO: Baidu Toolbar BHO - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\Program Files (x86)\Baidu\Toolbar\BaiduBarX.dll
O2 - BHO: XunleiBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - C:\Program Files (x86)\Thunder Network\Thunder\BHO\XunleiBHO7.2.13.3882.dll
O2 - BHO: D6C48F32-D2FB-E04A-17ED-1917BDFF1363 Class - {D6C48F32-D2FB-E04A-17ED-1917BDFF1363} - C:\Program Files (x86)\Baidu\{D6C48F32-D2FB-E04A-17ED-1917BDFF1363}\AddressBar.dll
O3 - Toolbar: 啃仅驮捡戏 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\Program Files (x86)\Baidu\Toolbar\BaiduBarX.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [MaxMenuMgr] "C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
O4 - HKLM\..\Run: [D-Link D-Link DWA-121] C:\Program Files (x86)\D-Link\DWA-121 revA\AirNCFG.exe
O4 - HKLM\..\Run: [PowerDVD12DMREngine] "C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe"
O4 - HKLM\..\Run: [PowerDVD12Agent] "C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [QvodTerminal] "C:\Program Files (x86)\QvodPlayer\QvodTerminal.exe" -autorun
O4 - HKLM\..\Run: [MSN Toolbar] "C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\PAN\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [QvodPlayer] C:\Program Files (x86)\QvodPlayer\QvodTerminal.exe
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\PAN\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [PPS Accelerator] D:\PPS.tv\PPStream\PPSKernel.exe
O4 - HKCU\..\Run: [AppleIEDAV] C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [PPS Accelerator] D:\PPS.tv\PPStream\PPSKernel.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [PPS Accelerator] D:\PPS.tv\PPStream\PPSKernel.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [PPS Accelerator] D:\PPS.tv\PPStream\PPSKernel.exe (User 'Default user')
O4 - Startup: Dropbox.lnk = PAN\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.ex
O8 - Extra context menu item: &使用BitComet下载 - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &使用BitComet下载全部连结 - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &使用迅雷下载 - C:\Program Files (x86)\Thunder Network\Thunder\BHO\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - C:\Program Files (x86)\Thunder Network\Thunder\BHO\GetAllUrl.htm
O8 - Extra context menu item: &使用迅雷离线下载 - C:\Program Files (x86)\Thunder Network\Thunder\BHO\OfflineDownload.htm
O8 - Extra context menu item: &捃泞狟婥善忒侬 - http://static.u.155.com/shoulei/shouleidl.htm
O8 - Extra context menu item: 使用迅雷看看播放器播放 - C:\Users\Public\Thunder Network\XMP4\Core\Program\XmpIEMenu.htm
O9 - Extra button: (no name) - {14c1d00e-0b92-4379-880b-444fa2d740dd} - C:\Users\Public\Thunder Network\XMP4\Core\Program\XmpIEToolMenu.htm
O9 - Extra 'Tools' menuitem: ??迅雷看看播放器 - {14c1d00e-0b92-4379-880b-444fa2d740dd} - C:\Users\Public\Thunder Network\XMP4\Core\Program\XmpIEToolMenu.htm
O9 - Extra button: ??迅雷看看播放器 - {24c1d00e-0b92-4379-880b-444fa2d740dd} - C:\Users\Public\Thunder Network\XMP4\Core\Program\XmpIEToolBar.htm
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing)
O20 - AppInit_DLLs: c:\progra~2\safesa~1\sprote~1.dll c:\progra~2\websea~1\sprote~1.dll
2. 下载/执行 OTM做删除。O2 - BHO: XlBrowserAddinBho.XlBrowserAddinBhoObject - {0EA37B17-6B8B-4085-8257-F3A4AA69C27A} - C:\Program Files (x86)\Thunder Network\Thunder\BHO\XlBrowserAddin1.0.8.71.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll
O2 - BHO: 瑞俴弝畦温挚狟婥郪璃 - {4ADBABBD-E1CA-4f11-BD01-73B0B6E4B5BA} - C:\Users\PAN\funshion\funshiontools\FunshionHelper.dll
O2 - BHO: Baidu Toolbar BHO - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\Program Files (x86)\Baidu\Toolbar\BaiduBarX.dll
O2 - BHO: XunleiBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - C:\Program Files (x86)\Thunder Network\Thunder\BHO\XunleiBHO7.2.13.3882.dll
O2 - BHO: D6C48F32-D2FB-E04A-17ED-1917BDFF1363 Class - {D6C48F32-D2FB-E04A-17ED-1917BDFF1363} - C:\Program Files (x86)\Baidu\{D6C48F32-D2FB-E04A-17ED-1917BDFF1363}\AddressBar.dll
O3 - Toolbar: 啃仅驮捡戏 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\Program Files (x86)\Baidu\Toolbar\BaiduBarX.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [MaxMenuMgr] "C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
O4 - HKLM\..\Run: [D-Link D-Link DWA-121] C:\Program Files (x86)\D-Link\DWA-121 revA\AirNCFG.exe
O4 - HKLM\..\Run: [PowerDVD12DMREngine] "C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe"
O4 - HKLM\..\Run: [PowerDVD12Agent] "C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [QvodTerminal] "C:\Program Files (x86)\QvodPlayer\QvodTerminal.exe" -autorun
O4 - HKLM\..\Run: [MSN Toolbar] "C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\PAN\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [QvodPlayer] C:\Program Files (x86)\QvodPlayer\QvodTerminal.exe
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\PAN\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [PPS Accelerator] D:\PPS.tv\PPStream\PPSKernel.exe
O4 - HKCU\..\Run: [AppleIEDAV] C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [PPS Accelerator] D:\PPS.tv\PPStream\PPSKernel.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [PPS Accelerator] D:\PPS.tv\PPStream\PPSKernel.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [PPS Accelerator] D:\PPS.tv\PPStream\PPSKernel.exe (User 'Default user')
O4 - Startup: Dropbox.lnk = PAN\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.ex
O8 - Extra context menu item: &使用BitComet下载 - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &使用BitComet下载全部连结 - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &使用迅雷下载 - C:\Program Files (x86)\Thunder Network\Thunder\BHO\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - C:\Program Files (x86)\Thunder Network\Thunder\BHO\GetAllUrl.htm
O8 - Extra context menu item: &使用迅雷离线下载 - C:\Program Files (x86)\Thunder Network\Thunder\BHO\OfflineDownload.htm
O8 - Extra context menu item: &捃泞狟婥善忒侬 - http://static.u.155.com/shoulei/shouleidl.htm
O8 - Extra context menu item: 使用迅雷看看播放器播放 - C:\Users\Public\Thunder Network\XMP4\Core\Program\XmpIEMenu.htm
O9 - Extra button: (no name) - {14c1d00e-0b92-4379-880b-444fa2d740dd} - C:\Users\Public\Thunder Network\XMP4\Core\Program\XmpIEToolMenu.htm
O9 - Extra 'Tools' menuitem: ??迅雷看看播放器 - {14c1d00e-0b92-4379-880b-444fa2d740dd} - C:\Users\Public\Thunder Network\XMP4\Core\Program\XmpIEToolMenu.htm
O9 - Extra button: ??迅雷看看播放器 - {24c1d00e-0b92-4379-880b-444fa2d740dd} - C:\Users\Public\Thunder Network\XMP4\Core\Program\XmpIEToolBar.htm
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing)
O20 - AppInit_DLLs: c:\progra~2\safesa~1\sprote~1.dll c:\progra~2\websea~1\sprote~1.dll
copy & paste 以下项目於Paste Instructions for Items to be Moved的框格内。
按MoveIt > OK > 重启电脑。
引用:
:files
D:\PPS.tv\PPStream\PPSProtect.exe
C:\Program Files (x86)\Thunder Network\Thunder\Program\ThunderMobilePlatform.exe
C:\Program Files (x86)\QvodPlayer\QvodTerminal.exe
D:\PPS.tv\PPStream\PPSKernel.exe
C:\Users\PAN\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\PAN\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Thunder Network\Thunder\BHO\XlBrowserAddin1.0.8.71.dll
C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll
C:\Users\PAN\funshion\funshiontools\FunshionHelper.dll
C:\Program Files (x86)\Baidu\Toolbar\BaiduBarX.dll
C:\Program Files (x86)\Thunder Network\Thunder\BHO\XunleiBHO7.2.13.3882.dll
C:\Program Files (x86)\Baidu\{D6C48F32-D2FB-E04A-17ED-1917BDFF1363}\AddressBar.dll
C:\Program Files (x86)\Baidu\Toolbar\BaiduBarX.dll
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe
C:\Program Files (x86)\QuickTime\QTTask.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
C:\Users\PAN\AppData\Roaming\Dropbox\bin\Dropbox.exe
c:\progra~2\safesa~1\sprote~1.dll
c:\progra~2\websea~1\sprote~1.dll
3. 下载/执行Junkware Removal Tool扫毒。执行扫毒前请关闭所有浏览器同程式。:files
D:\PPS.tv\PPStream\PPSProtect.exe
C:\Program Files (x86)\Thunder Network\Thunder\Program\ThunderMobilePlatform.exe
C:\Program Files (x86)\QvodPlayer\QvodTerminal.exe
D:\PPS.tv\PPStream\PPSKernel.exe
C:\Users\PAN\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\PAN\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Thunder Network\Thunder\BHO\XlBrowserAddin1.0.8.71.dll
C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll
C:\Users\PAN\funshion\funshiontools\FunshionHelper.dll
C:\Program Files (x86)\Baidu\Toolbar\BaiduBarX.dll
C:\Program Files (x86)\Thunder Network\Thunder\BHO\XunleiBHO7.2.13.3882.dll
C:\Program Files (x86)\Baidu\{D6C48F32-D2FB-E04A-17ED-1917BDFF1363}\AddressBar.dll
C:\Program Files (x86)\Baidu\Toolbar\BaiduBarX.dll
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe
C:\Program Files (x86)\QuickTime\QTTask.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
C:\Users\PAN\AppData\Roaming\Dropbox\bin\Dropbox.exe
c:\progra~2\safesa~1\sprote~1.dll
c:\progra~2\websea~1\sprote~1.dll
(JRT会自动删除附於浏览器的恶意程式/档案/登录档)
4. 关闭所有防毒软件(包括Windows Defender),下载ComboFix至桌面 ,执行 ComboFix 扫毒。
扫瞄时不要执行其他程式或点击 ComboFix视窗。
完成扫瞄后,ComboFix 报告会自动弹出。
5. 下载 OTL.exe於桌面。双按OTL.exe > 按Run Scan > 完成后请将OTL扫瞄报告(OTL.txt)贴上。
(OTL扫瞄需时较长,请耐心等候)
请贴上以下报告:
a. JRT扫毒报告。
b. ComboFix扫毒报告。
c. OTL.txt扫瞄报告。
作者: SILVESTERABEND 发布时间: 2014-03-06
电脑变顺多但还是一样无法更新系统~
JRT.txt (784 Bytes)
OTL.Txt (163.25 KB)
2014-02-14.txt (37.31 KB)
JRT.txt (784 Bytes)
2014-2-15 12:16 AM, 下载次数: 3
OTL.Txt (163.25 KB)
2014-2-15 12:16 AM, 下载次数: 3
2014-02-14.txt (37.31 KB)
2014-2-15 12:16 AM, 下载次数: 3
作者: GTF83190012 发布时间: 2014-03-06
引用:原帖由 GTF83190012 於 2014-2-15 12:16 AM 发表
电脑变顺多但还是一样无法更新系统~
1. 未咁快搅到,要先清木马/恶意程式至修正更新问题!电脑变顺多但还是一样无法更新系统~
a.楼主先去程式集移除所有360软件。
b. 移除Google Chrome > 重启电脑 > 重新安装Goolge Chrome(暂时不要用旧gmail注册)。
c. 停TeamViewr启动。
2. 双按OTL.exe > 将下列档案copy & paste 到Custom Scans/Fixes框架内 > 按左上角[Run Fix];执行fix前要关闭浏览器。
成功fixed (删除)会有通知(Fix complete! Click OK to open the fix log.) >按OK > 重启电脑。
引用:
:OTL
SRV - [2011/09/06 19:20:06 | 000,423,144 | ---- | M] (S.C. BitDefender S.R.L) [On_Demand | Stopped] -- C:\Program Files (x86)\360\360sd\scan.dll -- (scan)
SRV - [2013/11/29 15:23:38 | 001,296,728 | ---- | M] (www.BitComet.com) [On_Demand | Stopped] -- C:\Program Files (x86)\BitComet\tools\BitCometService.exe -- (BITCOMET_HELPER_SERVICE)
SRV - [2013/07/05 19:46:00 | 004,569,856 | ---- | M] () [Auto | Stopped] -- c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll -- (Akamai)
SRV - [2012/12/14 17:17:04 | 003,467,768 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.so.com/?src=xzq
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.so.com/?src=xzq
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.so.com/?src=xzq
FF:64bit: - HKLM\Software\MozillaPlugins\@qvod.com/QvodShare: C:\Program Files (x86)\QvodPlayer\npShareModule_x64.dll (Shenzhen QVOD Technology Co.,Ltd)
FF - HKLM\Software\MozillaPlugins\@360.cn/npaxlogin: C:\Program Files (x86)\360\360safe\Utils\npaxlogin.dll (360.cn)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@qvod.com/QvodInsert: C:\Program Files (x86)\QvodPlayer\npQvodInsert.dll (Shenzhen QVOD Technology Co.,Ltd)
FF - HKLM\Software\MozillaPlugins\@qvod.com/QvodShare: C:\Program Files (x86)\QvodPlayer\npShareModule.dll (Shenzhen QVOD Technology Co.,Ltd)
O2:64bit: - BHO: (捃泞狟婥盓厥) - {004B0726-A010-4ABF-8556-FCDB7F1FCA1E} - C:\Program Files (x86)\Thunder Network\Thunder\BHO\XunleiBHO647.2.13.3882.dll (深圳市迅雷网络技术有限公司)
O2:64bit: - BHO: (SafeMon Class) - {13C82309-270B-4610-B952-5421D10E72BC} - C:\Program Files (x86)\360\360safe\safemon\safemon64.dll (360.cn)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\RunOnce: [] File not found
O4 - HKLM..\RunOnce: [GrpConv] C:\Windows\SysWow64\grpconv.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O13 - gopher Prefix: missing
O16:64bit: - DPF: {357A8DEC-0CAC-4D8D-9869-C2C356B844F7} http://192.168.11.25/RSVideoOcx.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FBE6988F-7C58-472E-85CA-F0C90F738C48}: DhcpNameServer = 192.168.11.1
:Files
C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
C:\Windows\PEV.exe
C:\Windows\MBR.exe
C:\Windows\sed.exe
C:\Windows\grep.exe
C:\Windows\zip.exe
C:\Users\PAN\funshion.ini
C:\Windows\lwd.exe
ipconfig /flushdns /c
:Commands
[PURITY]
[EMPTYTEMP]
[reboot]
3. 下载/执行 AdwCleaner (Xplode) 扫毒。(先按Scan扫瞄,扫到毒按[Clean] 删除):OTL
SRV - [2011/09/06 19:20:06 | 000,423,144 | ---- | M] (S.C. BitDefender S.R.L) [On_Demand | Stopped] -- C:\Program Files (x86)\360\360sd\scan.dll -- (scan)
SRV - [2013/11/29 15:23:38 | 001,296,728 | ---- | M] (www.BitComet.com) [On_Demand | Stopped] -- C:\Program Files (x86)\BitComet\tools\BitCometService.exe -- (BITCOMET_HELPER_SERVICE)
SRV - [2013/07/05 19:46:00 | 004,569,856 | ---- | M] () [Auto | Stopped] -- c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll -- (Akamai)
SRV - [2012/12/14 17:17:04 | 003,467,768 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.so.com/?src=xzq
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.so.com/?src=xzq
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.so.com/?src=xzq
FF:64bit: - HKLM\Software\MozillaPlugins\@qvod.com/QvodShare: C:\Program Files (x86)\QvodPlayer\npShareModule_x64.dll (Shenzhen QVOD Technology Co.,Ltd)
FF - HKLM\Software\MozillaPlugins\@360.cn/npaxlogin: C:\Program Files (x86)\360\360safe\Utils\npaxlogin.dll (360.cn)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@qvod.com/QvodInsert: C:\Program Files (x86)\QvodPlayer\npQvodInsert.dll (Shenzhen QVOD Technology Co.,Ltd)
FF - HKLM\Software\MozillaPlugins\@qvod.com/QvodShare: C:\Program Files (x86)\QvodPlayer\npShareModule.dll (Shenzhen QVOD Technology Co.,Ltd)
O2:64bit: - BHO: (捃泞狟婥盓厥) - {004B0726-A010-4ABF-8556-FCDB7F1FCA1E} - C:\Program Files (x86)\Thunder Network\Thunder\BHO\XunleiBHO647.2.13.3882.dll (深圳市迅雷网络技术有限公司)
O2:64bit: - BHO: (SafeMon Class) - {13C82309-270B-4610-B952-5421D10E72BC} - C:\Program Files (x86)\360\360safe\safemon\safemon64.dll (360.cn)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\RunOnce: [] File not found
O4 - HKLM..\RunOnce: [GrpConv] C:\Windows\SysWow64\grpconv.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O13 - gopher Prefix: missing
O16:64bit: - DPF: {357A8DEC-0CAC-4D8D-9869-C2C356B844F7} http://192.168.11.25/RSVideoOcx.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FBE6988F-7C58-472E-85CA-F0C90F738C48}: DhcpNameServer = 192.168.11.1
:Files
C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
C:\Windows\PEV.exe
C:\Windows\MBR.exe
C:\Windows\sed.exe
C:\Windows\grep.exe
C:\Windows\zip.exe
C:\Users\PAN\funshion.ini
C:\Windows\lwd.exe
ipconfig /flushdns /c
:Commands
[PURITY]
[EMPTYTEMP]
[reboot]
(执行AdwCleaner关闭所有浏览器/程式)
4. 下载/安装Malwarebytes Anti-Malware Free 扫毒。更新后做全面扫瞄,扫到毒按Select all > 再按Remove Selected做删除。
请贴上以下报告:
a. AdwCleaner删毒报告。
b. MBAM扫毒报告。
c. 新1份OTL.txt扫瞄报告。
作者: SILVESTERABEND 发布时间: 2014-03-06
还是无法更新><
mbam-log-2014-02-17 (17-18-54).txt (13.24 KB)
AdwCleaner[S0].txt (2.14 KB)
02172014_165742.log (13.92 KB)
mbam-log-2014-02-17 (17-18-54).txt (13.24 KB)
2014-2-17 10:23 PM, 下载次数: 3
AdwCleaner[S0].txt (2.14 KB)
2014-2-17 10:23 PM, 下载次数: 2
02172014_165742.log (13.92 KB)
2014-2-17 10:23 PM, 下载次数: 2
作者: GTF83190012 发布时间: 2014-03-06
引用:原帖由 GTF83190012 於 2014-2-17 10:23 PM 发表
还是无法更新>
楼主要重新执行MBAM扫瞄 > 勾选所有受感染档案 > 按Remove selected做删除。 还是无法更新>
作者: SILVESTERABEND 发布时间: 2014-03-06
但有些是我破解软体的 dll档,砍掉就不能用了,其他有我下载的软体和一些我不太知道的东东><
但主要造成我无法更新的原因,感觉不像是中毒,好像是我在用360做修补软体时,造成update的地方产生损毁,以便我无法更新,以跳到安装步骤,但他最后说安装失败><
大大救命呀呀!!!!!
但主要造成我无法更新的原因,感觉不像是中毒,好像是我在用360做修补软体时,造成update的地方产生损毁,以便我无法更新,以跳到安装步骤,但他最后说安装失败><
大大救命呀呀!!!!!
作者: GTF83190012 发布时间: 2014-03-06
下载/执行Portable Windows Repair AIO修正以下项目:
Remove Policies Set By Infections
Remove Temp Files
Repair Windows Updates
Remove Policies Set By Infections
Remove Temp Files
Repair Windows Updates
作者: SILVESTERABEND 发布时间: 2014-03-06
相关阅读 更多
热门阅读
-
office 2019专业增强版最新2021版激活秘钥/序列号/激活码推荐 附激活工具
阅读:74
-
如何安装mysql8.0
阅读:31
-
Word快速设置标题样式步骤详解
阅读:28
-
20+道必知必会的Vue面试题(附答案解析)
阅读:37
-
HTML如何制作表单
阅读:22
-
百词斩可以改天数吗?当然可以,4个步骤轻松修改天数!
阅读:31
-
ET文件格式和XLS格式文件之间如何转化?
阅读:24
-
react和vue的区别及优缺点是什么
阅读:121
-
支付宝人脸识别如何关闭?
阅读:21
-
腾讯微云怎么修改照片或视频备份路径?
阅读:28
