搞了一天没搞定的恶软救救我!!!

显示全部楼层 · 发表于 2007-4-19 20:51:41

就是呀，用冰刀吧，你用360清不掉，肯定是有进行在运行，或是其一个组件，用冰刀kill了后就用360，绝对可以

显示全部楼层 · 发表于 2007-4-19 21:20:35

另外LZ最好把360主程序文件名改了再查一遍~~~好多恶软针对360的标题栏做了特殊处理

显示全部楼层 · 发表于 2007-4-19 21:43:10

我的也是弹出一大堆，用兔子发现是SHAREHELPER

显示全部楼层 · 发表于 2007-4-19 22:56:30

我的除了360其他统统查不出来打网页时它就活动然后卡巴就有反应
但是卡巴对这东西不感兴趣所以杀不了
我现在正在试图用冰认手动解决
#22楼的朋友方法我也试试

显示全部楼层 · 发表于 2007-4-19 23:49:57

试试把系统还原关了再杀

显示全部楼层 · 发表于 2007-4-20 02:24:44

如果以上方法还不行的话，推荐使用最好的专杀木马广告特效软件ewido 7.5(已破解!保证升级不反弹,看清楚安装说明 )
http://www.91kb.cn/read-htm-tid-2634.html
遇到杀不落的一是右键点击删除,二是就按它提供的路径手工删除它或(运行regedit)键值即可.

显示全部楼层 · 发表于 2007-4-20 10:12:38

老规矩，ssreng扫报告

显示全部楼层 · 发表于 2007-4-20 13:43:17

ewido不是和avg一样的吗我用avg扫过的很遗憾的失败了
ssreng我听说过但是没用过也不知道全名叫什么所以也没找到
下载的地方,但是我有HijackThis 用这个扫可以吗

显示全部楼层 · 发表于 2007-4-20 14:22:21

Logfile of HijackThis v1.99.1
Scan saved at 猎户之神 2:19:20, on 2007-4-20
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
D:\Program Files\网络安全\AVG Anti-Spyware v7.5.0.50 汉化版\AVG Anti-Spyware 7.5\guard.exe
D:\Program Files\网络安全\Kaspersky Internet Security\avp.exe
C:\windows\System32\svchost.exe
C:\windows\system32\Ati2evxx.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\windows\Explorer.EXE
C:\windows\system32\ctfmon.exe
D:\Program Files\网络安全\Kaspersky Internet Security\avp.exe
D:\Program Files\工具\应用工具\vstart\VStart.exe
D:\Program Files\网络安全\AVG Anti-Spyware v7.5.0.50 汉化版\AVG Anti-Spyware 7.5\avgas.exe
D:\Program Files\网络安全\360v3.3正式版\360safe\360safe.exe
D:\Program Files\网络安全\HijackThis v1.99.1 汉化版\HijackThis.exe

O4 - HKLM\..\Run: [Microsoft Pinyin IME Migration] C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL
O4 - HKLM\..\Run: [AVP] "D:\Program Files\网络安全\Kaspersky Internet Security\avp.exe"
O4 - HKLM\..\Run: [VStart5.0] D:\Program Files\工具\应用工具\vstart\VStart.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Program Files\网络安全\AVG Anti-Spyware v7.5.0.50 汉化版\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O8 - Extra context menu item: &使用迅雷下载 - D:\thunfer5\Program\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - D:\thunfer5\Program\getallurl.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://c:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到反 - D:\Program Files\网络安全\Kaspersky Internet Security\ie_banner_deny
O9 - Extra button: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\thunfer5\Thunder.exe
O9 - Extra 'Tools' menuitem: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\thunfer5\Thunder.exe
O9 - Extra button: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-E800A446447A} - D:\浩方对战平台\浩方对战平台\GameClient.exe (file missing)
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - D:\Program Files\网络安全\Kaspersky Internet Security\scieplugin.dll
O9 - Extra 'Tools' menuitem: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - D:\Program Files\网络安全\Kaspersky Internet Security\scieplugin.dll
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/wind ... e.cab?1162087968906
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/micr ... e.cab?1165120969843
O17 - HKLM\System\CCS\Services\Tcpip\..\{D9427D0D-46F6-4815-BEDD-0335E4935507}: NameServer = 202.99.160.68,202.99.166.4
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O20 - Winlogon Notify: klogon - C:\windows\system32\klogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\windows\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Unknown owner - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - D:\Program Files\网络安全\AVG Anti-Spyware v7.5.0.50 汉化版\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - D:\Program Files\网络安全\Kaspersky Internet Security\avp.exe" -r (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)

感谢大家帮忙看看谢谢我自己也努力看努力解决

显示全部楼层 · 发表于 2007-4-20 14:33:09

SRE见这里http://bbs.kafan.cn/viewthread.php?tid=48392

搞了一天没搞定的恶软 救救我!!!

回复 #28 猎户之神 的帖子

搞了一天没搞定的恶软救救我!!!

回复 #28 猎户之神的帖子