现象是IE自动关闭,MCAFEE跳出来的日志是
未采取操作mms.exe C:\WINDOWS\System32\stdup.dll Adware-Boran (Adware)
已移动(清除失败,因为文件不可清除) mms.exe C:\WINDOWS\System32\stdup.dll Adware-Boran (Adware)
移动失败(清除失败,因为文件不可清除)mms.exe C:\WINDOWS\System32\stdup.dll Adware-Boran (Adware)
移动失败(清除失败)mms.exe C:\Program Files\MMSAssist\Mmsass~1.dll Adware-Boran (Adware)我看了一般给出的处理方法,然后,试过,刚开始以为OK了,开了IE过了点时间又出现了,实在不知道该怎么样了,请帮帮我……
Logfile of HijackThis v1.99.1
Scan saved at 10:55:23, on 2006-6-10
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
D:\Program Files\Network Associates\Common Framework\FrameworkService.exe
D:\Program Files\Network Associates\VirusScan\Mcshield.exe
D:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32\svchost.exe
D:\Program Files\Network Associates\VirusScan\SCAN32.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
D:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
C:\Program Files\TweakAssist\AssistSystray.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\fscagent.exe
D:\TOOLS\ie\TheWorld\TheWorld.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\TOOLS\流氓文件处理办法\ha_hijackthis_1991\HijackThis.exe
R3 - URLSearchHook: (no name) - {982CB676-38F0-4D9A-BB72-D9371ABE876E} - (no file)
R3 - URLSearchHook: (no name) - {BAB1AC41-6FF7-4F2E-A04E-5C592CCFEA7D} - (no file)
R3 - URLSearchHook: 全能助手广告拦截专家 - {ED51E9A3-16C5-4236-99E0-9F093B021433} - C:\Program Files\TweakAssist\AssistIEBar.dll
O2 - BHO: CpapView Class - {77962960-536E-47EC-9DDB-52651519705F} - C:\WINDOWS\system32\cpap.dll
O2 - BHO: win32core Class - {A297EEAE-A541-496B-B2AE-554AD0153B72} - C:\WINDOWS\system32\win32help02.dll
O2 - BHO: IEhlprObj Class - {A3803141-3CF5-4D66-B7EA-8D2674FE152C} - C:\WINDOWS\stdie.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\TOOLS\flashget\JCCATCH.DLL
O2 - BHO: QuickBtn - {D1BB7CF4-4463-4e91-88D7-ECC3CE0A13B7} - (no file)
O2 - BHO: internet explorer helper - {F7911E65-B01C-4A58-AEC7-53085ECA70A5} - C:\WINDOWS\system32\msshapi.dll
O3 - Toolbar: 全能助手广告拦截专家 - {ED51E9A3-16C5-4236-99E0-9F093B021433} - C:\Program Files\TweakAssist\AssistIEBar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] ; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ShStatEXE] "D:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "D:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [ClubBox] "C:\WINDOWS\system32\clubbox.exe" -l
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [AssistSystray] C:\Program Files\TweakAssist\AssistSystray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] ;"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: 腾讯QQ.lnk = D:\TOOLS\QQ\QQ.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\TOOLS\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 使用网际快车下载 - D:\TOOLS\flashget\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - D:\TOOLS\flashget\jc_all.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\TOOLS\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\TOOLS\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\TOOLS\QQ\SendMMS.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\TOOLS\flashget\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\TOOLS\flashget\flashget.exe
O15 - Trusted Zone: http://www.icbc.com.cn
O16 - DPF: {072039AB-2117-4ED5-A85F-9B9EB903E021} (NowStarter Control) - http://www.clubbox.co.kr/neo.fld/NowStarter.cab
O16 - DPF: {0AE0F5F9-8233-49A4-A3C8-004CE190787B} (BMSpeedCheck Control) - http://www.pdbox.co.kr/boxmedia/ctrl_down/BMSpeedCheck.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1140005788071
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1145677479046
O16 - DPF: {7260569F-1D40-4E7F-B95B-2E68D35668B9} (MofileUploadX Control) - http://www.mofile.com/activex/UploadFX.CAB
O16 - DPF: {A984ED9F-E8DA-44E5-BC18-C14B9ABEF79D} (photo_uploader Control) - http://upload.photo.163.com/photoup.cab
O16 - DPF: {DA984A6D-508E-11D6-AA49-0050FF3C628D} (Ravonline) - http://download.rising.com.cn/QQ/QQkill/rsonline.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: McAfee Framework 服务 (McAfeeFramework) - Network Associates, Inc. - D:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - D:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - D:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
