我的机器中了trojan病毒，我用norton查到病毒,但杀不掉，手动只能隔离病毒文件隔离两个，还有个后缀.startpage隔离失败，感染的文件是：/windows/services,exe。机器又老是报警，请教各位有啥好办法？

发个扫描日值上来

用瑞星

引用:

【BlackStone的贴子】发个扫描日值上来 ...........................

Logfile of HijackThis v1.99.1
Scan saved at :11:16, on 2005-10-19
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\services.exe
D:\Program Files\Norton AntiVirus\Navapw32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\DuDu\DddClient\dudupros.exe
C:\Documents and Settings\yuzou\My Documents\cmt\Portal.exe
C:\Program Files\Maxthon\Maxthon.exe
C:\WINDOWS\winhlp32.exe
C:\WINDOWS\System32\svchost.exe
D:\Jcb_CD\TDXW.EXE
C:\Program Files\Xi\NetTransport 2\NetTransport.exe
D:\Program Files\!Sunv\DFKC2003\DFKC.EXE
D:\Program Files\!Sunv\DFKC2003\SmartA.exe
D:\PROGRA~1\!Sunv\DFKC2003\SmartDF.exe
C:\Documents and Settings\yuzou\My Documents\ʵÓù¤¾ß\HijackThis.exe

F3 - REG:win.ini: run=C:\WINDOWS\services.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DDDMon Class - {6BDE1669-B490-48E3-B668-456314F2D6C3} - C:\Program Files\DuDu\DddClient\dddiemon.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll
O3 - Toolbar: «·½¿ì³µ - {3EA85E14-887D-4E2F-91E2-3158CE58ED62} - D:\Program Files\!Sunv\DFKC2003\IEBand.DLL
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: µç̨(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [IMJPMIG8.1] ; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] ; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] ; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Lskbdrv] ; C:\Program Files\Lenovo\ÐÒ¸£Ò»¼üͨ\Kbdriver.exe
O4 - HKLM\..\Run: [LenSoft] ; C:\Program Files\Lenovo\ÐÒ¸£Ò»¼üͨ\FlyShuttle.exe
O4 - HKLM\..\Run: [NvCplDaemon] ; RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] ; nwiz.exe /install
O4 - HKLM\..\Run: [SysHotKey_DFDD] ; C:\Program Files\Common Files\!SUNV\GraspWord\SysHotKey.exe
O4 - HKLM\..\Run: [BigDogPath] ; C:\WINDOWS\VM_STI.EXE USB PC Camera 301P
O4 - HKLM\..\Run: [Norton AntiVirus] D:\Program Files\Norton AntiVirus\Navapw32.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [NMGameX_AutoRun] ; C:\WINDOWS\System32\Rundll32.exe NMGameX.dll,LiveProcess /aa
O4 - HKLM\..\Run: [NeroFilterCheck] ; C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Super Rabbit SRRestore] ; C:\PROGRA~1\SUPERR~1\MAGICSET\SRRest.exe /FIRST
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] ; C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [ExFilter] ; Rundll32.exe C:\WINDOWS\System32\hookdll.dll,ExecFilter solo
O4 - HKLM\..\Run: [SSC_UserPrompt] ; C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [MSConfig] ; C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [AGBMonitor] ; C:\Program Files\Antiy Labs\AGB4\Monitor.exe
O4 - HKLM\..\Run: [Super Rabbit Memory] ; C:\Program Files\Super Rabbit\MagicSet\memdef.EXE /LOAD
O4 - HKLM\..\Run: [services] C:\WINDOWS\services.exe
O4 - HKLM\..\RunServices: [services] C:\WINDOWS\services.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] ; "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NBJ] ; "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [services] C:\WINDOWS\services.exe
O4 - HKCU\..\RunServices: [services] C:\WINDOWS\services.exe
O4 - Startup: ÌÚÑQQ.lnk = C:\Program Files\Tencent\qq\QQ.exe
O4 - Global Startup: ×ÀÃ洫ý.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &ʹÓÃDuDu ¼ÓËÙÆ÷ÏÂÔØ - res://C:\Program Files\DuDu\DddClient\dddmext.dll/202
O8 - Extra context menu item: Ìí¼Óµ½QQ×Ô¨ÒåÃæ°å - C:\Program Files\Tencent\qq\AddPanel.htm
O8 - Extra context menu item: Ìí¼Óµ½QQ±íÇé - C:\Program Files\Tencent\qq\AddEmotion.htm
O8 - Extra context menu item: ÓÃQQ²ÊÐÅ·¢Ë͸ÃÍ¼Æ - C:\Program Files\Tencent\qq\SendMMS.htm
O9 - Extra button: ÏÂÔعÜÀí - {3DB9F45E-AA74-4373-A466-C18A9F1C500D} - C:\Program Files\DuDu\DddClient\DuDuAcc.exe
O9 - Extra 'Tools' menuitem: ÏÂÔعÜÀí - {3DB9F45E-AA74-4373-A466-C18A9F1C500D} - C:\Program Files\DuDu\DddClient\DuDuAcc.exe
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\qq\QQ.EXE
O9 - Extra 'Tools' menuitem: ÌÚÑQQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\qq\QQ.EXE
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\qq\QQIEHelper.dll
O9 - Extra 'Tools' menuitem: QQìŲʹ¤¾ßÌõÉèÖà - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\qq\QQIEHelper.dll
O10 - Broken Internet access because of LSP provider 'c:\windows\system32\ws2_64.dll' missing
O14 - IERESET.INF: START_PAGE_URL=http://www.legend.com
O15 - Trusted Zone: easyabc.95599.cn
O15 - Trusted Zone: www.95599.cn
O16 - DPF: {48FE89A0-486C-48DF-9DEC-BED22BDC6057} (XIsOro Control) - http://www.sinago.com/download/OroCheck.cab
O16 - DPF: {62B938C4-4190-4F37-8CF0-A92B0A91CC77} (InfoSecNetSign Class) - https://www.95599.cn/cif/download/NetSign.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1124542681155
O16 - DPF: {6DBED0B2-1FF5-11D8-A26A-0050BA1B2930} (portalAXForm Control) - http://10.254.254.2/portal/PortalAX.cab
O16 - DPF: {6EC14D77-72E0-436D-8C04-3BEE5D75B2F1} (VideoOcx Control) - http://www.hcliao.com/room/roomui/videoocx.ocx
O16 - DPF: {DA984A6D-508E-11D6-AA49-0050FF3C628D} (Ravonline) - http://download.rising.com.cn/ravkill/rsonline.cab
O16 - DPF: {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (Rising Web Scan Object) - http://download.rising.com.cn/register/pcver/autoupgradepad/Ver2005/OL2005.cab
O18 - Protocol: koboo - {7DEE9D05-FA0A-4416-A6F3-6537D0EAB6A6} - C:\WINDOWS\System32\mbprot.dll
O18 - Protocol: mbox - {7DEE9D05-FA0A-4416-A6F3-6537D0EAB6A6} - C:\WINDOWS\System32\mbprot.dll
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus ×Ô¯·À»¤·þÎñ (navapsvc) - Symantec Corporation - D:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

http://www.mmsk.cn/
木马杀客————中国免费反病毒中
这个可以杀掉呀

引用:
【xiaoyuwzc21的贴子】http://www.mmsk.cn/ 木马杀客————中国免费反病毒中 这个可以杀掉呀 quote]谢谢