查看完整版本: 開機就彈廣告

亞削 2010-10-13 10:28 PM

開機就彈廣告

請求幫忙一下, 已用HIJACKTHIS scan了, 但不知道要fix 邊個, 請各大大幫忙.

O2 - BHO: (no name) - {00000000-0593-4356-9CF7-1D8C2B3343C0} - C:\Program Files\Baidu\AddressBar\AddressBar.dll
O2 - BHO: QvodExtend - {53AC8551-0DE0-4606-8A1E-A51AF20ADD60} - C:\Program Files\QvodPlayer\QvodExtend.dll (file missing)
O2 - BHO: (no name) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: (no name) - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\Program Files\Baidu\Toolbar\BaiduBarX.dll
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Baidu Toolbar - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\Program Files\Baidu\Toolbar\BaiduBarX.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [QvodPlayer] C:\Program Files\QvodPlayer\QvodTerminal.exe
O4 - HKCU\..\Run: [YY] C:\TDDOWNLOAD\yy-2.0\Start.exe
O4 - HKCU\..\Run: [shps] C:\WINDOWS\system32\mshta.exe "C:\Documents and Settings\chueng\Application Data\shps\movie.hta"
O4 - Startup: HKJC2949.p12
O4 - Startup: NTUSER.DAT
O4 - Startup: ntuser.dat.LOG
O4 - Startup: ntuser.ini
O4 - Startup: tnsa.bet_hongkongjockeyclub_com.cfg
O8 - Extra context menu item: 使用迅雷下載 - C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm
O8 - Extra context menu item: 使用迅雷下載全部鏈接 - C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm
O8 - Extra context menu item: 妏蚚捃濘狟婥 - C:\Program Files\Thunder Network\Thunder\Program\geturl.htm
O8 - Extra context menu item: 妏蚚捃濘狟婥垓螟晾 - C:\Program Files\Thunder Network\Thunder\Program\getallurl.htm
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - [url=http://supportapj.dell.com/systemprofiler/SysPro.CAB]http://supportapj.dell.com/systemprofiler/SysPro.CAB[/url]
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - [url=http://picasaweb.google.com.hk/s/v/57.11/uploader2.cab]http://picasaweb.google.com.hk/s/v/57.11/uploader2.cab[/url]
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - [url=http://picasaweb.google.com.hk/s/v/44.11/uploader2.cab]http://picasaweb.google.com.hk/s/v/44.11/uploader2.cab[/url]
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - [url=http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1235361185234]http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1235361185234[/url]
O16 - DPF: {8DE6AB9C-8C62-486B-8C06-5C9AD6FD06F1} (DataStore Class) - [url=http://txn01.hkjc.com/BetSlip/object/eWinCtl.cab]http://txn01.hkjc.com/BetSlip/object/eWinCtl.cab[/url]
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - [url=http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab]http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab[/url]
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [url=http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab]http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab[/url]
O16 - DPF: {D6EB3D82-0DF2-11D5-A04B-00C04FCF6F3E} (SysCheck.UserControl1) - [url=http://moov.netvigator.com/music/site/help/syscheck/SysCheck.CAB]http://moov.netvigator.com/music/site/help/syscheck/SysCheck.CAB[/url]
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - [url=http://download.mcafee.com/molbin/iss-loc/mcfscan/3,0,0,6134/mcfscan.cab]http://download.mcafee.com/molbin/iss-loc/mcfscan/3,0,0,6134/mcfscan.cab[/url]

anlth2010 2010-10-14 01:00 PM

[u][color=red]Step 1 : 開啟 HijackThis 修復項目[/color][/u]

[list][*]開啟 [color=blue]HijackThis[/color],按一下 [color=darkgreen]Do a system scan only[/color][*]在左方的小格,勾選以下項目:
[quote]O4 - HKCU\..\Run: [shps] C:\WINDOWS\system32\mshta.exe "C:\Documents and Settings\chueng\Application Data\shps\movie.hta"
[/quote][*]接一下 [color=darkgreen]Fix checked[/color],然後再按[color=darkgreen]是[/color][*]關閉 [color=blue]HijackThis[/color][/list]
[u][color=red]Step 2 : 重新啟動電腦[/color][/u]

[list][*]重新啟動電腦[*]請進入[color=blue]安全模式[/color][/list]
[u][color=red]Step 3 : 刪除檔案[/color][/u]

[list][*]下載 [url=http://oldtimer.geekstogo.com/OTM.exe]OTM[/url] 至桌面,並執行 [color=blue]OTM[/color][*]複製下列文字,並貼上於 [color=darkgreen]Paste Instructions for Items to be Moved[/color] 之框格內:
[quote]:files
C:\Documents and Settings\chueng\Application Data\shps\movie.hta[/quote][*]按一下 [color=darkgreen]MoveIt![/color],再按 [color=darkgreen]OK[/color],並重新啟動電腦[/list]
[u][color=red]Step 4 : 簡述情況及貼上報告[/color][/u]

[list][*]請簡述一下閣下電腦的狀況[/list]
頁: [1]
查看完整版本: 開機就彈廣告