Encounter Trojan-PSW.Win32.QQPass, Trojan. psw. win32.gameol, etc. 2

Encounter Trojan-PSW.Win32.QQPass, Trojan. psw. win32.gameol, etc. 2

Original endurer
Version 1st

(Continued: encounter Trojan-PSW.Win32.QQPass, Trojan. psw. win32.gameol, etc. 1)

Download fileinfo and bat_do to the http://purpleendurer.ys168.com, use fileinfo to extract the information of the Red-marked file in the log of pe_xscan, and use bat_do to package the backup and delete it in time.
Download drweb cureit at the same time! Scan and clear viruses.

Open the Registry Editor regedit and delete the two items used to hijack the Security Assistant of rising Kaka:

O26-ifeo: Ras-> svchost.exe
O26-ifeo: ras.exe-> C:/Windows/system32/svchost.exe

The corresponding registry key.

Download the rising Kaka Security Assistant to prepare for clearing the startup items. unexpectedly, the computer restarts automatically during installation ~

In this case, the system enters the security mode and completely cleans up the system. In C:/program files/Internet Explorer/plugins, it is found that there is also a plug-in with the extension. tmp, which is also deleted.

Use WinRAR to delete windows temporary folders, ie temporary folders, and files that can be deleted in C:/Windows/prefetch.

Restart your computer and install the Security Assistant of rising card again.

Start the rising Card Security Assistant, automatically detect n malicious and rogue software, and clear

Then select [advanced functions]-> [plug-in management and uninstallation] To unmount items O2 and o24.
In [advanced functions]-> [system enable item management], click [logon item] on the left, find the project corresponding to the O4 item on the right, right-click, select Delete from the pop-up menu.
In [advanced functions]-> [system enable item management], click [Application initialization dynamic Connection Library] on the left, find the o20 project on the right, right-click, select Delete from the pop-up menu.
In [advanced functions]-> [system enable item management], click [service item] and [Driver] on the left, find the project corresponding to o23 on the right, right-click, select Delete from the pop-up menu.
In [advanced functions]-> [system enable item management], click [Application hijacking item] on the left, find the project corresponding to O26 on the right, right-click, select Delete from the pop-up menu.
In [advanced functions]-> [IE and OS repair], click [repair ].

Some Virus File Information:

File Description: C:/Windows/anistio. exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time:
Access time:
Size: 16201 bytes, 15.841 KB
MD5: e32230ed6197e2e21796eb66e6b013f5
Sha1: b59e4b2c1aaa38a7299333340983e4c3b6276788
CRC32: eaca7c33

Kaspersky report for Trojan-PSW.Win32.OnLineGames.adqo, rising for Trojan. psw. win32.gameol. GBK

File Description: C:/Windows/fmsiocps.exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time:
Access time:
Size: 19740 bytes, 19.284 KB
MD5: f434c3dd5528af4ebf617a546f863e9b
Sha1: ce50287e35d1bd748d2b48949f47add75e83ee66
CRC32: 58465224

Kaspersky newspaper for Trojan-PSW.Win32.OnLineGames.aiol [KLAB-5046279]

File Description: C:/Windows/bdsclk.exe
Attribute: ---
Language: Chinese (China)
File version: 1, 0, 0, 1
Note: Microsoft Basic Applications
Copyright: Copyright (c) 2005
Product Version: 1, 0, 0, 1
Product Name: Microsoft Application
Creation Time: 17:43:36
Modification time: 17:43:38
Access time:
Size: 12288 bytes, 12.0 KB
MD5: 6085f2ff15282611fd82f9429d82912b
Sha1: f4006630b58d5deeecd9dfa4e85149644846a0ba
CRC32: f90c3414

Kaspersky report for Trojan-Downloader.Win32.Adload.afb [KLAB-5046285], rising for Trojan. DL. win32.mnless. kJ

File Description: C:/Windows/adsnt.exe
Attribute: ---
Language: Chinese (China)
File version: 1, 0, 0, 1
Note: adsnt Microsoft Basic Applications
Copyright: Copyright (c) 2005
Product Version: 1, 0, 0, 1
Product Name: adsnt Application
Internal name: adsnt
Source File Name: adsnt. exe
Creation Time: 16:26:16
Modification time: 20:39:48
Access time:
Size: 11264 bytes, 11.0 KB
MD5: 7dee5ef885eeaed477f9ae28844eea80
Sha1: 80755eebaf91651d08cce6d76a271f82fe4c7478
CRC32: 31f84a4f

File Description: C:/Windows/autoup.exe
Attribute: ---
Language: Chinese (China)
File version: 1, 0, 0, 1
Note: autoup Microsoft Basic Applications
Copyright: Copyright (c) 2005
Product Version: 1, 0, 0, 1
Product Name: autoup Application
Internal name: autoup
Source File Name: autoup. exe
Creation Time: 15:44:37
Modification time: 18:33:20
Access time:
Size: 8192 bytes, 8.0 KB
MD5: 8aceb6fefe55d9cb22695bcc793f8060
Sha1: 1eb4f6aaa6a04fdd495fb959cd4b24a0ebd3c062
CRC32: 55306533

Kaspersky report for Trojan-Downloader.Win32.Agent.jie, rising report for Trojan. Clicker. win32.agent. yny

File Description: C:/Windows/system32/usrinit.exe
Attribute: ---
Language: Chinese (China)
File version: 1, 0, 0, 1
Description: usrinit Microsoft Basic Applications
Copyright: Copyright (c) 2005
Product Version: 1, 0, 0, 1
Product Name: usrinit Application
Internal name: usrinit
Source File Name: usrinit. exe
Creation Time: 19:50:18
Modification time: 16:52:34
Access time:
Size: 9728 bytes, 9.512 KB
MD5: 70657c09c5462e7d1ae54871040ccd18
Sha1: f667eb0c300de7c76b86d00581af71b339591fa7
CRC32: 82bafc88

Kaspersky report for Trojan-Downloader.Win32.Adload.aej, rising report for Trojan. DL. win32.undef. MF

File Description: C:/Windows/isndntio.exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time:
Access time:
Size: 16144 bytes, 15.784 KB
MD5: e27af63fc2f87a2ee624d23180d17d18
Sha1: 8c5022503fcc75d47b22f13e3d7a96ac485ef25b
CRC32: 6cb7ac28

Kaspersky report for Trojan-PSW.Win32.OnLineGames.aieq, rising for Trojan. psw. win32.gamesonline. ZV

File Description: C:/Windows/cinfonmc.exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time:
Access time:
Size: 18717 bytes, 18.285 KB
MD5: 370b0ac95bda-9c33af36b9354ddc2d4
Sha1: 00909176063c9c5c103cc7978b3523938a0ba0c6
CRC32: 35d31a71

Kaspersky report for Trojan-PSW.Win32.OnLineGames.ygb, rising for Trojan. psw. win32.gameol. GBK

File Description: C:/Windows/fmbiost.exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time:
Access time:
Size: 19049 bytes, 18.617 KB
MD5: b2aee722a96f44cdd0f128685e69dc7e
Sha1: d001e44a465633b71862980935b9bc817a822dd4
CRC32: db7cc00d

Kaspersky report for Trojan-PSW.Win32.OnLineGames.acnp, rising for Trojan. psw. win32.gameol. nkd

File Description: C:/Windows/winsvr64.exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time:
Access time:
Size: 19740 bytes, 19.284 KB
MD5: d0b4217457fe451bd3d88bd1f284e1af
Sha1: 5df671c2bc0e6ded5c96e3a8ba6fac41044ba656
CRC32: f7ba35bf

Kaspersky newspaper for Trojan-PSW.Win32.OnLineGames.aioi [KLAB-5046299]

File Description: C:/Windows/dndsioc.exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time:
Access time:
Size: 18777 bytes, 18.345 KB
MD5: c9a327c525ad7bd2392758f20addb4a8
Sha1: 5ae816d11cd359518445549985548f20ef3bdf3a
CRC32: 3f07b856

Kaspersky report for Trojan-PSW.Win32.OnLineGames.acnp, rising for Trojan. psw. win32.gameol. NJS

File Description: C:/Windows/mfchlp64.exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time:
Access time:
Size: 17672 bytes, 17.264 KB
MD5: ace47458170ae39a85f7747b74a60dd5
Sha1: 01f9f1e0c7e08108d315b795fd29dba0dca5b489
CRC32: 69651041

Kaspersky report for Trojan-PSW.Win32.OnLineGames.aikm, rising for Trojan. psw. win32.gameol. nlv

File Description: C:/Windows/yuiabct.exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time:
Access time:
Size: 20764 bytes, 20.284 KB
MD5: 6d59229ec6a80f947ea7f32dd0495564
Sha1: 28ae7a76ed20b332342ee8490975267068abcb81
CRC32: 4d90fb89

Kaspersky report for Trojan-PSW.Win32.OnLineGames.ailf, rising for Trojan. psw. win32.gamesol. n

File Description: C:/Windows/huifitc.exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time:
Access time:
Size: 17176 bytes, 16.792 KB
MD5: a15ad61db68cfeb8831cfc28cc83fc59
Sha1: 16e26b2d3f1cfe5178c9beba7a18119321d981c9
CRC32: 92ed6a56

Kaspersky daily for Trojan-PSW.Win32.OnLineGames.aimc

File Description: C:/Windows/ticisms.exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time:
Access time:
Size: 20760 bytes, 20.280 KB
MD5: 7ba9010a9d1fc81f83abb9255b5ff43a
Sha1: 5e840be7c1db6bacba7f8937cd4f20d6dc0d93ac
CRC32: fca54254

Kaspersky newspaper for Trojan-PSW.Win32.OnLineGames.aioh [KLAB-5046314]

File Description: C:/Windows/ptshell.exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time:
Access time:
Size: 19937 bytes, 19.481 KB
MD5: 1166b0bced531382bbf99e180844699e
Sha1: 16ede460655322dcb22290fab2ae01a7292ce3cc
CRC32: 2235ece9

Kaspersky report for Trojan-PSW.Win32.OnLineGames.aeka, rising for Trojan. psw. win32.gameol. njz

File Description: C:/Windows/agtpshsy.exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time:
Access time:
Size: 20705 bytes, 20.225 KB
MD5: 9d13a032ddbffaf32f51ccbc2c9b34d1
Sha1: 30f15902c1aeb5310301d4904cbb047a079f49c3
CRC32: ac9f1c67

Kaspersky report for Trojan-PSW.Win32.OnLineGames.ahvj, rising for Trojan. psw. win32.gameol. nka

File Description: C:/Windows/fmsjhif.exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time:
Access time:
Size: 19905 bytes, 19.449 KB
MD5: a78b6db12e30387ad3339be3aec7a0d8
Sha1: fb75e5e6dc3c61707c715cdda03628db3debb82c
CRC32: 127221f3

Kaspersky report for Trojan-PSW.Win32.OnLineGames.aiaq, rising for Trojan. psw. win32.gameol. nlt

File Description: C:/Windows/dbhlp32.exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time:
Access time:
Size: 19373 bytes, 18.941 KB
MD5: ba65362bc92c323060a4b69838065f11
Sha1: 5922ac55cac947d98205c6422e79ecb3aa3c62e6
CRC32: b93a5cf4

Kaspersky report for Trojan-PSW.Win32.OnLineGames.ygb, rising for Trojan. psw. win32.gameol. GBK

File Description: C:/Windows/bincdwsa.exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time:
Access time:
Size: 17168 bytes, 16.784 KB
MD5: 53f482cb014234aeccd60f20fc075b30
Sha1: 36a7121ac7ebd737bb84014fb00cf49a1203ead3
CRC32: f3b5efc5

Kaspersky report for Trojan-PSW.Win32.OnLineGames.aigr, rising for Trojan. psw. win32.gamesol. L

File Description: C:/Windows/tciocp64.exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time:
Access time:
Size: 19728 bytes, 19.272 KB
MD5: 4ae0bbe76438fa4d200f896009438544
Sha1: 7b55d76b7ad61d0cca0b43aee4e0bd9ca62a1a81
CRC32: 219c98ce

Kaspersky newspaper for Trojan-PSW.Win32.OnLineGames.aioe [KLAB-5046319]

File Description: C:/Windows/hefcndy.exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time:
Access time:
Size: 18200 bytes, 17.792 KB
MD5: 35de5d96b0760a9b44d3b115c1be6306
Sha1: 78e9a832c09184e24efdae4c6684e7b97c564c08
CRC32: bf038541

Kaspersky report for Trojan-PSW.Win32.OnLineGames.aiij --- rising _ Trojan. psw. win32.gamesol. n

File Description: C:/Windows/dionpis.exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time:
Access time:
Size: 20764 bytes, 20.284 KB
MD5: 86000f25a7a9d16e90456096c8b7c17b
Sha1: 286cd34e22666c9dcf371a0782501987d81605bb
CRC32: e49779c2

Kaspersky daily for Trojan-PSW.Win32.OnLineGames.aimb

File Description: C:/Windows/fmsbbqi.exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time:
Access time:
Size: 19216 bytes, 18.784 KB
MD5: 527a05accf77bbb4bd9d00a85f97b71c
Sha1: 29abf886bddec1a487dfdb6553118f3837f98064
CRC32: 918f0e85

Kaspersky report for Trojan-PSW.Win32.OnLineGames.aibk, rising for Trojan. psw. win32.gameol. nlv

File Description: C:/program files/Internet Explorer/plugins/nt_sys32.sys
Property: ash-
An error occurred while obtaining the file version information!
Creation Time:
Modification time:
Access time:
Size: 44659 bytes, 43.627 KB
MD5: d13b2b969e0bb1ffeb18c10927721454
Sha1: 79313d32a8020f7d6bec5175b68384cc2f1ac3a8
CRC32: 76aa7256

Kaspersky report for Trojan-PSW.Win32.QQPass.btc, rising for Worm. win32.pabug. Gy