怎样删除MSNSMGER.EXE呢？浏览器主页被改为www.ddzhz.com - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛怎样删除MSNSMGER.EXE呢？浏览器主页被改为www.ddzhz.com

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

12

2 / 2 页

跳转页

怎样删除MSNSMGER.EXE呢？浏览器主页被改为www.ddzhz.com

悠U22 初生襁褓狮帖子:9 注册: 2006-02-16 来自:	发表于： 2006-02-17 12:11 \| 只看楼主短消息资料字号：小中大 11楼这是最新扫描的日志 Logfile of HijackThis v1.99.1 Scan saved at 12:07:11, on 2006-02-17 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\netddesrv.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\Explorer.EXE C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.031\HijackThis.exe O2 - BHO: MonitorURL Class - {08A312BB-5409-49FC-9347-54BB7D069AC6} - C:\PROGRA~1\DESKAD~1\deskipn.dll O2 - BHO: SohuDAIEHelper - {0CA51D02-7739-43EA-8D9A-1E8AD4327B03} - (no file) O2 - BHO: Zhongsou Browser Helper - {2A0176FE-008B-4706-90F5-BBA532A49731} - C:\Program Files\SearchNet\SNHpr.dll O2 - BHO: (no name) - {62EED7C6-9F02-42f9-B634-98E2899E147B} - (no file) O2 - BHO: Microsoft Java Class - {6E28339B-7A2A-47B6-AEB2-46BA53782379} - C:\WINNT\system32\dllcache\java.dll (file missing) O2 - BHO: Accoona Search Assistant - {944864A5-3916-46E2-96A9-A2E84F3F1208} - C:\Program Files\Accoona\ASearchAssist.dll O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: T2BHO Class - {B1D147E7-873E-4909-8127-695D9BB78728} - C:\WINNT\Downloaded Program Files\CONFLICT.1\barsmall24.dll O3 - Toolbar: @msdxmLC.dll,-1@2052,电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload O4 - HKLM\..\Run: [MoveSearch] C:\Program Files\HuaCi\huaci\zsearch.exe O4 - HKLM\..\Run: [SearchNet_Up] "C:\Program Files\SearchNet\ServeUp.exe" O4 - HKLM\..\Run: [MediaGateway] C:\Program Files\MediaGateway\MediaGateway.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [ATI AS Filter] msnse.exe O4 - HKLM\..\Run: [3721] C:\WINNT\MSMNSGER.EXE O4 - HKLM\..\RunServices: [ATI AS Filter] msnse.exe O4 - HKCU\..\Run: [ATI AS Filter] msnse.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKCU\..\RunServices: [ATI AS Filter] msnse.exe O4 - Startup: 桌面媒体.lnk = C:\WINNT\system32\rundll32.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: Google 搜索(&G) - res://C:\Program Files\Google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: 使用网际快车下载 - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: 使用网际快车下载全部链接 - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: 反向链接 - res://C:\Program Files\Google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm O8 - Extra context menu item: 添加到广告杀手 - E:\董倩\新建文件夹\AdKiller.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm O8 - Extra context menu item: 用比特精灵下载(&B) - E:\BitSpirit\bsurl.htm O8 - Extra context menu item: 类似网页 - res://C:\Program Files\Google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: 缓存的网页快照 - res://C:\Program Files\Google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: 翻译英文字词(&T) - res://C:\Program Files\Google\GoogleToolbar2.dll/cmwordtrans.html O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll O11 - Options group: [!MySearch] 搜索助手(MySearch) O16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} (MediaGatewayX) - http://static.zangocash.com/cab/Zango/ie/bridge-c18.cab O16 - DPF: {EF6205C1-3F17-4829-BCB5-1336ED89E356} - http://online.jiangmin.com/KvDown.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{37B0DCE1-0787-4016-AF5E-291394AE0A27}: NameServer = 202.106.196.115 O18 - Protocol: dic - {C21F5C32-F57A-4A0D-8E0A-B672691C52D0} - C:\PROGRA~1\Kingsoft\POWERW~1\XDictExB.dll O18 - Protocol: HTLFP - {03B7A5D4-96B0-4316-95F8-072D326A58F1} - ielpview.dll (file missing) O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: vfsp - {E4CB5121-E242-11D4-8ED6-00010219EB22} - VFSProtocol.dll (file missing) O20 - Winlogon Notify: NavLogon - C:\WINNT\system32\NavLogon.dll O23 - Service: .Net Boot Service - Unknown owner - C:\WINNT\system32\big5_gb2312.exe O23 - Service: Apache2 - Unknown owner - D:\usr\Apache2\bin\Apache.exe" -k runservice (file missing) O23 - Service: ClipBook (ClipSrv) - Unknown owner - C:\WINNT\system32\crypt.exe O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: GAS Enterprise - Unknown owner - E:\liliang\SuperMap\SuperMap IS 5.0\Exe\GASEnter.exe O23 - Service: Local Network Service - Unknown owner - C:\WINNT\system32\SeedServ.exe O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: MySql - Unknown owner - D:/usr/mysql/bin/mysqld-nt.exe O23 - Service: NetDDE Server (NetDDEsrv) - Unknown owner - C:\WINNT\system32\netddesrv.exe O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe O23 - Service: OracleMTSRecoveryService - Oracle Corporation - d:\Oracle\Ora81\bin\omtsreco.exe O23 - Service: OracleOracleRootAgent - Oracle Corporation - d:\Oracle\Ora81\bin\agntsrvc.exe O23 - Service: OracleOracleRootClientCache - Unknown owner - d:\Oracle\Ora81\BIN\ONRSD.EXE O23 - Service: OracleOracleRootHTTPServer - Unknown owner - d:\Oracle\Ora81\Apache\Apache\apache.exe" --ntservice (file missing) O23 - Service: OracleOracleRootPagingServer - Unknown owner - d:\Oracle\Ora81/bin/pagntsrv.exe O23 - Service: OracleOracleRootSNMPPeerEncapsulator - Unknown owner - d:\Oracle\Ora81\BIN\ENCSVC.EXE O23 - Service: OracleOracleRootSNMPPeerMasterAgent - Unknown owner - d:\Oracle\Ora81\BIN\AGNTSVC.EXE O23 - Service: OracleOracleRootTNSListener - Unknown owner - d:\Oracle\Ora81\BIN\TNSLSNR.exe O23 - Service: OracleServiceNIJL - Oracle Corporation - d:\oracle\ora81\bin\ORACLE.EXE O23 - Service: Remote Log - Unknown owner - C:\WINNT\system32\ServeHost.exe O23 - Service: Sentinel Protection Server (SentinelProtectionServer) - SafeNet, Inc - C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: SuperMap地理信息服务器(企业版) (SuperMap Internet Service) - SuperMap GIS Tech. Inc. - E:\liliang\SuperMap\SuperMap IS 5.0\Exe\SMISEE.exe O23 - Service: SuperMap地理信息服务器 2.2 (SuperMap Internet Service 2.2) - SuperMap - d:\Program Files\SuperMap\SuperMap IS 2003\Exe\SMISvc20.exe O23 - Service: SuperMap地理信息服务器 5.0 (SuperMap Internet Service 5.0) - SuperMap - E:\liliang\SuperMap\SuperMap IS 5.0\Exe\SMISvc20.exe O23 - Service: SuperMap IS LoadDemon (SuperMap.IS.LoadDemon) - SuperMap GIS Technologies, Inc - D:\Program Files\SuperMap\SuperMap IS.NET 5.0.2dq\Bin\SuperMap.IS.LoadDemon.exe O23 - Service: SuperMap IS ServerManager (SuperMap.IS.ServerManager) - Unknown owner - D:\Program Files\SuperMap\SuperMap IS.NET 5.0.2dq\Bin\SuperMap.IS.ServerManager.exe O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINNT\system32\vmnetdhcp.exe O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINNT\system32\vmnat.exe
悠U22 初生襁褓狮帖子:9 注册: 2006-02-16 来自:

悠U22 初生襁褓狮帖子:9 注册: 2006-02-16 来自:	发表于： 2006-02-17 13:22 \| 只看楼主短消息资料字号：小中大 12楼【回复“天使之剑”的帖子】刚刚回帖匆忙没有看到!病毒已经上报，多引擎扫描报告一会儿贴上来！麻烦您了！
悠U22 初生襁褓狮帖子:9 注册: 2006-02-16 来自:

悠U22 初生襁褓狮帖子:9 注册: 2006-02-16 来自:	发表于： 2006-02-17 13:49 \| 只看楼主短消息资料字号：小中大 13楼您好，感染病毒的机子不能到达那两个网站，中途跳转到另一个类似搜索引擎的网站（不好意思，名字我没记下），有没有可下载的软件用呢？
悠U22 初生襁褓狮帖子:9 注册: 2006-02-16 来自:

魔法学徒卡卡技术团队帖子:11465 注册: 2004-10-03 来自:	发表于： 2006-02-17 20:44 \| 短消息资料字号：小中大 14楼进入C:\Program Files\Desktop Media\Cast卸载桌面传媒开始→控制面板→管理工具→服务→查找.Net Boot Service 、ClipBook、Local Network Service、NetDDE Server、Remote Log →右击→属性→启动类型→禁止→应用→停止→确定。重新启动电脑, 开机检测完后, 按[F8]键(可以一直按到启动菜单出来为止), 选择安全模式进入Windows 运行Hijackthis，扫描结束后在下列选项前打上勾，然后选修复“Fix Checked”： O2 - BHO: MonitorURL Class - {08A312BB-5409-49FC-9347-54BB7D069AC6} - C:\PROGRA~1\DESKAD~1\deskipn.dll O2 - BHO: Zhongsou Browser Helper - {2A0176FE-008B-4706-90F5-BBA532A49731} - C:\Program Files\SearchNet\SNHpr.dll O2 - BHO: Accoona Search Assistant - {944864A5-3916-46E2-96A9-A2E84F3F1208} - C:\Program Files\Accoona\ASearchAssist.dll O2 - BHO: T2BHO Class - {B1D147E7-873E-4909-8127-695D9BB78728} - C:\WINNT\Downloaded Program Files\CONFLICT.1\barsmall24.dll O4 - HKLM\..\Run: [MoveSearch] C:\Program Files\HuaCi\huaci\zsearch.exe O4 - HKLM\..\Run: [SearchNet_Up] "C:\Program Files\SearchNet\ServeUp.exe" O4 - HKLM\..\Run: [MediaGateway] C:\Program Files\MediaGateway\MediaGateway.exe O4 - HKLM\..\Run: [ATI AS Filter] msnse.exe O4 - HKLM\..\Run: [3721] C:\WINNT\MSMNSGER.EXE O4 - HKLM\..\RunServices: [ATI AS Filter] msnse.exe O4 - HKCU\..\Run: [ATI AS Filter] msnse.exe O4 - HKCU\..\RunServices: [ATI AS Filter] msnse.exe O4 - Startup: 桌面媒体.lnk = C:\WINNT\system32\rundll32.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O11 - Options group: [!MySearch] 搜索助手(MySearch) O16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} (MediaGatewayX) - http://static.zangocash.com/cab/Zango/ie/bridge-c18.cab 显示隐藏文件双击我的电脑--工具---文件夹选项--查看选项卡--单击选取"显示隐藏文件或文件夹"--清除"隐藏受保护的操作系统文件（推荐）"复选框。在提示您确定更改时，单击“是”--单击“确定”。然后找到如下文件并删除（如果有的话）。 C:\PROGRA~1\DESKAD~1\整个目录 C:\Program Files\Accoona\整个目录 C:\WINNT\Downloaded Program Files\CONFLICT.1\barsmall24.dll C:\Program Files\HuaCi\整个目录 C:\Program Files\SearchNet\整个目录 C:\Program Files\MediaGateway\整个目录 msnse.exe（请用开始菜单中的搜索功能查找） OC:\WINNT\MSMNSGER.EXE C:\WINNT\system32\big5_gb2312.exe C:\WINNT\system32\crypt.exe C:\WINNT\system32\SeedServ.exe C:\WINNT\system32\netddesrv.exe C:\WINNT\system32\ServeHost.exe
魔法学徒卡卡技术团队帖子:11465 注册: 2004-10-03 来自:

自由风2006 初生襁褓狮帖子:1 注册: 2006-02-21 来自:	发表于： 2006-02-21 22:00 \| 短消息资料字号：小中大 15楼我也中招了,麻烦大虾们指点一下?
自由风2006 初生襁褓狮帖子:1 注册: 2006-02-21 来自:

<<上一主题|下一主题>>

12

2 / 2 页

跳转页

页面顶部

Powered by Discuz!NT