求帮忙(截止7月18日下午3点,问题仍然没解决,求大家帮忙)

huaxue05 初生襁褓狮帖子:45 注册: 2006-07-15 来自:	发表于： 2006-07-16 21:17 \| 只看楼主短消息资料字号：小中大 1楼求帮忙(截止7月18日下午3点,问题仍然没解决,求大家帮忙) Logfile of HijackThis v1.99.1 Scan saved at 21:07:05, on 2006-7-16 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe C:\WINDOWS\system32\spoolsv.exe D:\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe D:\Symantec Client Firewall\NISUM.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE D:\Symantec Client Firewall\SymPxSvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE D:\Symantec Client Firewall\NISSERV.EXE C:\WINDOWS\system32\ctfmon.exe D:\SYMANT~1\IAMAPP.EXE C:\WINDOWS\system\vfp104.exe C:\Program Files\ChinaNet\VnetClient.exe D:\mcombocn\Maxthon\Maxthon.exe D:\Symantec Client Firewall\ATRACK.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Symantec Shared\NMain.exe D:\HijackThis.exe C:\Program Files\Internet Explorer\iexplore.exe R3 - URLSearchHook: 全能助手广告拦截专家 - {ED51E9A3-16C5-4236-99E0-9F093B021433} - D:\WINDOW~1\AssistIEBar.dll R3 - URLSearchHook: (no name) - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - (no file) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\fjjedc.exe O2 - BHO: MonitorURL Class - {08A312BB-5409-49FC-9347-54BB7D069AC6} - (no file) O2 - BHO: wmpdrm - {0E674588-66B7-4E19-9D0E-2053B800F69F} - C:\WINDOWS\system32\wmpdrm.dll O2 - BHO: MyIEHelper Class - {16A770A0-0E87-4278-B748-2460D64A8386} - C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper_4675.dll O2 - BHO: VnetCookie Class - {4E83D567-4697-4F7B-B1F0-A513B01DB89A} - c:\PROGRA~1\chinanet\VNETTR~1.DLL O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - d:\QQ\QQIEHelper.dll O2 - BHO: IEHlprObj Class - {999ADFA2-8AD1-47ff-97FC-69FB847458F4} - C:\Progra~1\NetMeeting\nmview.dll O2 - BHO: NewWeb Controller - {9ACEEE30-143F-471A-AA45-72B061FE7D60} - C:\WINDOWS\system32\WinSC.dll O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file) O2 - BHO: shdocvwhlp Class - {BE442802-3911-46E0-B227-076B15A4EAD3} - C:\WINDOWS\system32\shdocvw2.dll O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - D:\NetTransport\NTIEHelper.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) O3 - Toolbar: 全能助手广告拦截专家 - {ED51E9A3-16C5-4236-99E0-9F093B021433} - D:\WINDOW~1\AssistIEBar.dll O4 - HKLM\..\Run: [KAVPersonal50] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [iamapp] D:\SYMANT~1\IAMAPP.EXE O4 - HKLM\..\Run: [spoolsv] C:\WINDOWS\system32\spoolsv\spoolsv.exe -printer O4 - HKLM\..\Run: [MSService_v1.0] C:\WINDOWS\system\vfp104.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\qq\AddToNetDisk.htm O8 - Extra context menu item: 使用影音传送带下载 - D:\NetTransport\NTAddLink.html O8 - Extra context menu item: 使用影音传送带下载全部链接 - D:\NetTransport\NTAddList.html O8 - Extra context menu item: 使用网际快车下载 - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: 使用网际快车下载全部链接 - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: 添加到QQ自定义面板 - D:\qq\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - D:\qq\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\qq\SendMMS.htm O9 - Extra button: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - d:\QQ\QQIEHelper.dll O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - d:\QQ\QQIEHelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1094285144061 O16 - DPF: {9BBD100C-E820-4930-9937-E8F3AA40E584} (DFVSScanFile Control) - http://antivirus3.sunv.com/dfvsolDown/dfvsol.cab O16 - DPF: {C8BD9ACB-F7EC-48E6-BB2F-DAADC6789E9A} (Kingsoft DUBA OnlineScan) - http://211.152.52.102/duba/antiscan/update/OCX/KAVClean.CAB O17 - HKLM\System\CCS\Services\Tcpip\..\{0728C570-A8DF-4FEC-B273-364ADB4FDEE6}: NameServer = 210.34.240.100,202.101.107.55 O17 - HKLM\System\CCS\Services\Tcpip\..\{88E7A528-48DB-4E86-902F-20808E774B3E}: NameServer = 61.147.37.1 61.177.7.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{0728C570-A8DF-4FEC-B273-364ADB4FDEE6}: NameServer = 210.34.240.100,202.101.107.55 O17 - HKLM\System\CS2\Services\Tcpip\..\{0728C570-A8DF-4FEC-B273-364ADB4FDEE6}: NameServer = 210.34.240.100,202.101.107.55 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - D:\Bluetooth Software\bin\btwdins.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Symantec Client Firewall Service (NISSERV) - Symantec Corporation - D:\Symantec Client Firewall\NISSERV.EXE O23 - Service: Symantec Client Firewall Accounts Manager (NISUM) - Symantec Corporation - D:\Symantec Client Firewall\NISUM.EXE O23 - Service: dds (sdasdsd) - Unknown owner - C:\WINDOWS\system32\com\com O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe O23 - Service: Symantec Client Firewall Proxy Service (SymPxSvc) - Symantec Corporation - D:\Symantec Client Firewall\SymPxSvc.exe 2006-07-18 22:45:55
huaxue05 初生襁褓狮帖子:45 注册: 2006-07-15 来自:	分享到：

魔法学徒卡卡技术团队帖子:11465 注册: 2004-10-03 来自:	发表于： 2006-07-16 21:36 \| 短消息资料字号：小中大 2楼开始→控制面板→性能和维护→管理工具→服务→查找dds (sdasdsd)→右击→属性→启动类型→禁止→应用→停止→确定。修复 R3 - URLSearchHook: (no name) - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - (no file) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\fjjedc.exe O2 - BHO: MonitorURL Class - {08A312BB-5409-49FC-9347-54BB7D069AC6} - (no file) O2 - BHO: wmpdrm - {0E674588-66B7-4E19-9D0E-2053B800F69F} - C:\WINDOWS\system32\wmpdrm.dll O2 - BHO: MyIEHelper Class - {16A770A0-0E87-4278-B748-2460D64A8386} - C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper_4675.dll O2 - BHO: IEHlprObj Class - {999ADFA2-8AD1-47ff-97FC-69FB847458F4} - C:\Progra~1\NetMeeting\nmview.dll O2 - BHO: NewWeb Controller - {9ACEEE30-143F-471A-AA45-72B061FE7D60} - C:\WINDOWS\system32\WinSC.dll O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file) O2 - BHO: shdocvwhlp Class - {BE442802-3911-46E0-B227-076B15A4EAD3} - C:\WINDOWS\system32\shdocvw2.dll O4 - HKLM\..\Run: [spoolsv] C:\WINDOWS\system32\spoolsv\spoolsv.exe -printer O4 - HKLM\..\Run: [MSService_v1.0] C:\WINDOWS\system\vfp104.exe 重启后删除 C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\fjjedc.exe C:\WINDOWS\system32\wmpdrm.dll C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper_4675.dll C:\Progra~1\NetMeeting\nmview.dll C:\WINDOWS\system32\WinSC.dll C:\WINDOWS\system32\shdocvw2.dll C:\WINDOWS\system32\spoolsv\ C:\WINDOWS\system\vfp104.exe C:\WINDOWS\system32\com\com C:\WINDOWS\system32\bakcfs\ C:\WINDOWS\system32\msicn\
魔法学徒卡卡技术团队帖子:11465 注册: 2004-10-03 来自:

天使之剑社区嘉宾帖子:2961 注册: 2005-09-15 来自:	发表于： 2006-07-16 21:38 \| 短消息资料字号：小中大 3楼【回复“huaxue05”的帖子】请楼主使用下面的两个多引擎扫描器扫描下列文件： C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\fjjedc.exe C:\WINDOWS\system32\WinSC.dll C:\WINDOWS\system32\shdocvw2.dll C:\WINDOWS\system\vfp104.exe C:\WINDOWS\system32\com\com 多引擎扫描之Virustotal http://www.virustotal.com/ 多引擎扫描之Jotti http://virusscan.jotti.org/ 请务必将报告贴全。使用方法请参考：【推荐】多引擎扫描器的使用方法 http://forum.ikaka.com/topic.asp?board=67&artid=7957175 如果还有问题，请跟帖说明。
天使之剑社区嘉宾帖子:2961 注册: 2005-09-15 来自:

huaxue05 初生襁褓狮帖子:45 注册: 2006-07-15 来自:	发表于： 2006-07-16 21:48 \| 只看楼主短消息资料字号：小中大 4楼请教楼上 C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\fjjedc.exe有时候存在有时不存在因为卡巴一发现就说他是病毒,,但是按删除后虽说显示无法删除,但是文件夹里是看不见了
huaxue05 初生襁褓狮帖子:45 注册: 2006-07-15 来自:

社区嘉宾

帖子:2961
注册: 2005-09-15
来自:

发表于： 2006-07-16 21:51 | 短消息资料

字号：小中大 5楼

引用:

【huaxue05的贴子】请教楼上
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\fjjedc.exe有时候存在有时不存在
因为卡巴一发现就说他是病毒,,但是按删除后虽说显示无法删除,但是文件夹里是看不见了
...........................

请将“C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\fjjedc.exe”（不包括引号）复制并粘贴到上述两个多引擎扫描器的文本输入框中并进行扫描。如果要查看它，请确认已经显示隐藏文件和系统文件。

我无邪高贵耄耋狮帖子:20720 注册: 2004-06-10 来自:广西玉林	发表于： 2006-07-16 21:52 \| 短消息资料字号：小中大 6楼这一项用常规没法解决问题看以下的帖子 http://forum.ikaka.com/topic.asp?board=28&artid=8122808 你按楼上的修复后，最后再修复这个修复后完后，重启。请下载 System Repair Engineer，使用“智能扫描”，按下“扫描”按钮进行扫描，扫描完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告日志文件内容复制-粘贴上来下载网址 http://www.kztechs.com/sreng/sreng2.zip http://forum.ikaka.com/topic.asp?board=67&artid=5188931 日志一次粘不完，分次粘完，请不要修改。
我无邪高贵耄耋狮帖子:20720 注册: 2004-06-10 来自:广西玉林

huaxue05 初生襁褓狮帖子:45 注册: 2006-07-15 来自:	发表于： 2006-07-16 22:12 \| 只看楼主短消息资料字号：小中大 7楼 File: shdocvw2.dll Status: INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database) MD5 e68ef9762f40985df547f83448442d7f Packers detected: - Scanner results AntiVir Found nothing ArcaVir Found nothing Avast Found nothing AVG Antivirus Found nothing BitDefender Found nothing ClamAV Found nothing Dr.Web Found Adware.Baidu F-Prot Antivirus Found nothing Fortinet Found Proxy.H!tr Kaspersky Anti-Virus Found nothing NOD32 Found nothing Norman Virus Control Found nothing UNA Found nothing VirusBuster Found nothing VBA32 Found nothing ------------------------------------------- File: vfp104.exe Status: INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database) MD5 4c21e328c2d2bfc87f22151aa91fe753 Packers detected: - Scanner results AntiVir Found Trojan/Dldr.BCB ArcaVir Found Adware.Newweb.G Avast Found nothing AVG Antivirus Found nothing BitDefender Found Trojan.Downloader.BCB ClamAV Found nothing Dr.Web Found Trojan.DownLoader.9889 F-Prot Antivirus Found nothing Fortinet Found nothing Kaspersky Anti-Virus Found not-a-virus:AdWare.Win32.NewWeb.g NOD32 Found probably unknown NewHeur_PE (probable variant) Norman Virus Control Found W32/Newweb.L UNA Found nothing VirusBuster Found nothing VBA32 Found Trojan.DownLoader.9889 ------------------------------------------------- com文件被认为是空文件 ------------------------------- File: WinSC.dll Status: INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database) MD5 e94a96327684f4c34037f524332796ee Packers detected: UPX Scanner results AntiVir Found Trojan/Multidro.FG.32.E ArcaVir Found nothing Avast Found nothing AVG Antivirus Found Generic.NWA BitDefender Found nothing ClamAV Found Trojan.Spy.DeskAd-2 Dr.Web Found Adware.Newweb F-Prot Antivirus Found nothing Fortinet Found Adware/NewWeb Kaspersky Anti-Virus Found not-a-virus:AdWare.Win32.NewWeb.c NOD32 Found nothing Norman Virus Control Found nothing UNA Found nothing VirusBuster Found nothing VBA32 Found nothing
huaxue05 初生襁褓狮帖子:45 注册: 2006-07-15 来自:

huaxue05 初生襁褓狮帖子:45 注册: 2006-07-15 来自:	发表于： 2006-07-16 22:12 \| 只看楼主短消息资料字号：小中大 8楼 STATUS: FINISHEDComplete scanning result of "shdocvw2.dll", received in VirusTotal at 07.16.2006, 15:52:11 (CET). Antivirus Version Update Result AntiVir 6.35.0.21 07.15.2006 no virus found Authentium 4.93.8 07.14.2006 no virus found Avast 4.7.844.0 07.14.2006 no virus found AVG 386 07.14.2006 no virus found BitDefender 7.2 07.16.2006 no virus found CAT-QuickHeal 8.00 07.13.2006 no virus found ClamAV devel-20060426 07.15.2006 no virus found DrWeb 4.33 07.16.2006 Adware.Baidu eTrust-InoculateIT 23.72.69 07.14.2006 no virus found eTrust-Vet 12.6.2297 07.14.2006 no virus found Ewido 4.0 07.16.2006 Adware.Baidu Fortinet 2.77.0.0 07.16.2006 Proxy.H!tr F-Prot 3.16f 07.14.2006 no virus found F-Prot4 4.2.1.29 07.14.2006 no virus found Ikarus 0.2.65.0 07.14.2006 no virus found Kaspersky 4.0.2.24 07.16.2006 no virus found McAfee 4807 07.14.2006 Generic Proxy.h Microsoft 1.1508 07.16.2006 no virus found NOD32v2 1.1663 07.16.2006 no virus found Norman 5.90.23 07.14.2006 no virus found Panda 9.0.0.4 07.16.2006 no virus found Sophos 4.07.0 07.16.2006 no virus found Symantec 8.0 07.16.2006 no virus found TheHacker 5.9.8.176 07.15.2006 no virus found UNA 1.83 07.14.2006 no virus found VBA32 3.11.0 07.15.2006 no virus found VirusBuster 4.3.7:9 07.15.2006 no virus found ----------------------------------------- STATUS: FINISHEDComplete scanning result of "vfp104.exe", received in VirusTotal at 07.16.2006, 15:53:57 (CET). Antivirus Version Update Result AntiVir 6.35.0.21 07.15.2006 TR/Dldr.BCB Authentium 4.93.8 07.14.2006 no virus found Avast 4.7.844.0 07.14.2006 no virus found AVG 386 07.14.2006 no virus found BitDefender 7.2 07.16.2006 Trojan.Downloader.BCB CAT-QuickHeal 8.00 07.13.2006 no virus found ClamAV devel-20060426 07.15.2006 no virus found DrWeb 4.33 07.16.2006 Trojan.DownLoader.9889 eTrust-InoculateIT 23.72.69 07.14.2006 Win32/SillyDl.AOO!Trojan eTrust-Vet 12.6.2297 07.14.2006 Win32/Mygulp.A Ewido 4.0 07.16.2006 Downloader.Small Fortinet 2.77.0.0 07.16.2006 no virus found F-Prot 3.16f 07.14.2006 no virus found F-Prot4 4.2.1.29 07.14.2006 no virus found Ikarus 0.2.65.0 07.14.2006 no virus found Kaspersky 4.0.2.24 07.16.2006 not-a-virus:AdWare.Win32.NewWeb.g McAfee 4807 07.14.2006 no virus found Microsoft 1.1508 07.16.2006 no virus found NOD32v2 1.1663 07.16.2006 probably unknown NewHeur_PE virus Norman 5.90.23 07.14.2006 W32/Newweb.L Panda 9.0.0.4 07.16.2006 no virus found Sophos 4.07.0 07.16.2006 no virus found Symantec 8.0 07.16.2006 no virus found TheHacker 5.9.8.176 07.15.2006 Adware/NewWeb.g UNA 1.83 07.14.2006 no virus found VBA32 3.11.0 07.15.2006 Trojan.DownLoader.9889 VirusBuster 4.3.7:9 07.15.2006 no virus found ------------------------------------------------- STATUS: FINISHEDComplete scanning result of "com", received in VirusTotal at 07.16.2006, 15:56:22 (CET). Antivirus Version Update Result AntiVir n - no virus found Authentium n - no virus found Avast n - no virus found AVG n - no virus found BitDefender n - no virus found CAT-QuickHeal n - no virus found ClamAV n - no virus found DrWeb n - no virus found eTrust-InoculateIT n - no virus found eTrust-Vet n - no virus found Ewido n - no virus found Fortinet n - no virus found F-Prot n - no virus found F-Prot4 n - no virus found Ikarus n - no virus found Kaspersky n - no virus found McAfee n - no virus found Microsoft n - no virus found NOD32v2 n - no virus found Norman n - no virus found Panda n - no virus found Sophos n - no virus found Symantec n - no virus found TheHacker n - no virus found UNA n - no virus found VBA32 n - no virus found VirusBuster n - no virus found -------------------------------------------- STATUS: FINISHEDComplete scanning result of "WinSC.dll", received in VirusTotal at 07.16.2006, 15:57:42 (CET). Antivirus Version Update Result AntiVir 6.35.0.21 07.15.2006 TR/Multidro.FG.32.E Authentium 4.93.8 07.14.2006 no virus found Avast 4.7.844.0 07.14.2006 no virus found AVG 386 07.14.2006 Adware Generic.NWA BitDefender 7.2 07.16.2006 Adware.NewWeb.D CAT-QuickHeal 8.00 07.13.2006 AdWare.NewWeb.c (Not a Virus) ClamAV devel-20060426 07.15.2006 Trojan.Spy.DeskAd-2 DrWeb 4.33 07.16.2006 Adware.Newweb eTrust-InoculateIT 23.72.70 07.16.2006 no virus found eTrust-Vet 12.6.2297 07.14.2006 Win32/Malum.JOP Ewido 4.0 07.16.2006 Adware.NewWeb Fortinet 2.77.0.0 07.16.2006 Adware/NewWeb F-Prot 3.16f 07.14.2006 no virus found F-Prot4 4.2.1.29 07.14.2006 no virus found Ikarus 0.2.65.0 07.14.2006 no virus found Kaspersky 4.0.2.24 07.16.2006 not-a-virus:AdWare.Win32.NewWeb.c McAfee 4807 07.14.2006 potentially unwanted program Adware-Newweb Microsoft 1.1508 07.16.2006 no virus found NOD32v2 1.1663 07.16.2006 Win32/Adware.NewWeb Norman 5.90.23 07.14.2006 no virus found Panda 9.0.0.4 07.16.2006 Adware/NewWeb Sophos 4.07.0 07.16.2006 no virus found Symantec 8.0 07.16.2006 no virus found TheHacker 5.9.8.176 07.15.2006 no virus found UNA 1.83 07.14.2006 Adware.NewWeb VBA32 3.11.0 07.15.2006 no virus found VirusBuster 4.3.7:9 07.15.2006 no virus found
huaxue05 初生襁褓狮帖子:45 注册: 2006-07-15 来自:

天使之剑社区嘉宾帖子:2961 注册: 2005-09-15 来自:	发表于： 2006-07-16 22:24 \| 短消息资料字号：小中大 9楼【回复“huaxue05”的帖子】请按魔法版主和我无邪朋友的建议进行修复。
天使之剑社区嘉宾帖子:2961 注册: 2005-09-15 来自:

huaxue05 初生襁褓狮帖子:45 注册: 2006-07-15 来自:	发表于： 2006-07-16 22:44 \| 只看楼主短消息资料字号：小中大 10楼回魔法学徒 C:\WINDOWS\system32\msicn\ 还是删不了
huaxue05 初生襁褓狮帖子:45 注册: 2006-07-15 来自:

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

huaxue05 初生襁褓狮帖子:45 注册: 2006-07-15 来自:	发表于： 2006-07-16 21:17 \| 只看楼主短消息资料字号：小中大 1楼求帮忙(截止7月18日下午3点,问题仍然没解决,求大家帮忙) Logfile of HijackThis v1.99.1 Scan saved at 21:07:05, on 2006-7-16 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe C:\WINDOWS\system32\spoolsv.exe D:\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe D:\Symantec Client Firewall\NISUM.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE D:\Symantec Client Firewall\SymPxSvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE D:\Symantec Client Firewall\NISSERV.EXE C:\WINDOWS\system32\ctfmon.exe D:\SYMANT~1\IAMAPP.EXE C:\WINDOWS\system\vfp104.exe C:\Program Files\ChinaNet\VnetClient.exe D:\mcombocn\Maxthon\Maxthon.exe D:\Symantec Client Firewall\ATRACK.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Symantec Shared\NMain.exe D:\HijackThis.exe C:\Program Files\Internet Explorer\iexplore.exe R3 - URLSearchHook: 全能助手广告拦截专家 - {ED51E9A3-16C5-4236-99E0-9F093B021433} - D:\WINDOW~1\AssistIEBar.dll R3 - URLSearchHook: (no name) - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - (no file) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\fjjedc.exe O2 - BHO: MonitorURL Class - {08A312BB-5409-49FC-9347-54BB7D069AC6} - (no file) O2 - BHO: wmpdrm - {0E674588-66B7-4E19-9D0E-2053B800F69F} - C:\WINDOWS\system32\wmpdrm.dll O2 - BHO: MyIEHelper Class - {16A770A0-0E87-4278-B748-2460D64A8386} - C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper_4675.dll O2 - BHO: VnetCookie Class - {4E83D567-4697-4F7B-B1F0-A513B01DB89A} - c:\PROGRA~1\chinanet\VNETTR~1.DLL O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - d:\QQ\QQIEHelper.dll O2 - BHO: IEHlprObj Class - {999ADFA2-8AD1-47ff-97FC-69FB847458F4} - C:\Progra~1\NetMeeting\nmview.dll O2 - BHO: NewWeb Controller - {9ACEEE30-143F-471A-AA45-72B061FE7D60} - C:\WINDOWS\system32\WinSC.dll O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file) O2 - BHO: shdocvwhlp Class - {BE442802-3911-46E0-B227-076B15A4EAD3} - C:\WINDOWS\system32\shdocvw2.dll O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - D:\NetTransport\NTIEHelper.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) O3 - Toolbar: 全能助手广告拦截专家 - {ED51E9A3-16C5-4236-99E0-9F093B021433} - D:\WINDOW~1\AssistIEBar.dll O4 - HKLM\..\Run: [KAVPersonal50] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [iamapp] D:\SYMANT~1\IAMAPP.EXE O4 - HKLM\..\Run: [spoolsv] C:\WINDOWS\system32\spoolsv\spoolsv.exe -printer O4 - HKLM\..\Run: [MSService_v1.0] C:\WINDOWS\system\vfp104.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\qq\AddToNetDisk.htm O8 - Extra context menu item: 使用影音传送带下载 - D:\NetTransport\NTAddLink.html O8 - Extra context menu item: 使用影音传送带下载全部链接 - D:\NetTransport\NTAddList.html O8 - Extra context menu item: 使用网际快车下载 - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: 使用网际快车下载全部链接 - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: 添加到QQ自定义面板 - D:\qq\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - D:\qq\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\qq\SendMMS.htm O9 - Extra button: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - d:\QQ\QQIEHelper.dll O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - d:\QQ\QQIEHelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1094285144061 O16 - DPF: {9BBD100C-E820-4930-9937-E8F3AA40E584} (DFVSScanFile Control) - http://antivirus3.sunv.com/dfvsolDown/dfvsol.cab O16 - DPF: {C8BD9ACB-F7EC-48E6-BB2F-DAADC6789E9A} (Kingsoft DUBA OnlineScan) - http://211.152.52.102/duba/antiscan/update/OCX/KAVClean.CAB O17 - HKLM\System\CCS\Services\Tcpip\..\{0728C570-A8DF-4FEC-B273-364ADB4FDEE6}: NameServer = 210.34.240.100,202.101.107.55 O17 - HKLM\System\CCS\Services\Tcpip\..\{88E7A528-48DB-4E86-902F-20808E774B3E}: NameServer = 61.147.37.1 61.177.7.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{0728C570-A8DF-4FEC-B273-364ADB4FDEE6}: NameServer = 210.34.240.100,202.101.107.55 O17 - HKLM\System\CS2\Services\Tcpip\..\{0728C570-A8DF-4FEC-B273-364ADB4FDEE6}: NameServer = 210.34.240.100,202.101.107.55 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - D:\Bluetooth Software\bin\btwdins.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Symantec Client Firewall Service (NISSERV) - Symantec Corporation - D:\Symantec Client Firewall\NISSERV.EXE O23 - Service: Symantec Client Firewall Accounts Manager (NISUM) - Symantec Corporation - D:\Symantec Client Firewall\NISUM.EXE O23 - Service: dds (sdasdsd) - Unknown owner - C:\WINDOWS\system32\com\com O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe O23 - Service: Symantec Client Firewall Proxy Service (SymPxSvc) - Symantec Corporation - D:\Symantec Client Firewall\SymPxSvc.exe 2006-07-18 22:45:55
huaxue05 初生襁褓狮帖子:45 注册: 2006-07-15 来自:	分享到：

瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 求帮忙(截止7月18日下午3点,问题仍然没解决,求大家帮忙)

求帮忙(截止7月18日下午3点,问题仍然没解决,求大家帮忙)

求帮忙(截止7月18日下午3点,问题仍然没解决,求大家帮忙)

瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛求帮忙(截止7月18日下午3点,问题仍然没解决,求大家帮忙)