谁帮我一下啊  我的电脑中了灰鸽子  这是扫描的日子  接着该怎么做啊
Logfile of HijackThis v1.99.1
Scan saved at 17:35:55, on 2005-11-18
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
C:\PROGRAM FILES\RISING\RAV\RavStub.exe
d:\瑞星\rising\rfw\rfwsrv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
C:\PROGRA~1\RISING\RAV\RAVMON.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
d:\瑞星\rising\rfw\RfwMain.exe
C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\QQ\QQ.exe
D:\QQ\TIMPlatform.exe
D:\QQ\QQ.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Rising\Rav\RsAgent.exe
C:\WINDOWS\msagent\AgentSvr.exe
E:\新建文件夹\HijackThis.exe

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: (no name) - {A9930D97-9CF0-42A0-A10D-4F28836579D5} - D:\kugoo\KuGoo3DownXControl.ocx
O2 - BHO: 超级兔子上网精灵 - {FEDF637B-F631-4583-A210-33CC828D42DB} - D:\MagicSet\HaokanBar.dll
O3 - Toolbar: (no name) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C}? - (no file)
O3 - Toolbar: (no name) - {3F1ABCDB-A875-46c1-8345-B72A4567E486}? - (no file)
O3 - Toolbar: (no name) - {FEDF637B-F631-4583-A210-33CC828D42DB}? - (no file)
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\KakaTool.dll
O4 - HKLM\..\Run: [RavTimer] C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
O4 - HKLM\..\Run: [RavMon] C:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [autozc] C:\Documents and Settings\yangxu\桌面\注册.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [KuGoo3] ; "D:\kugoo\KuGoo.exe"
O4 - Startup: gubbi.lnk = ?
O8 - Extra context menu item: &使用迅雷下载 - D:\迅雷(Thunder)\geturl.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 使用KuGoo3下载(&K) - D:\kugoo\KuGoo3DownX.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\QQ\AddEmotion.htm
O10 - Broken Internet access because of LSP provider 'c:\windows\system32\cdnns.dll' missing
O17 - HKLM\System\CCS\Services\Tcpip\..\{0C7D3869-D064-4467-8F57-1FB03E60C524}: NameServer = 210.32.80.6
O17 - HKLM\System\CS1\Services\Tcpip\..\{0C7D3869-D064-4467-8F57-1FB03E60C524}: NameServer = 210.32.80.6
O17 - HKLM\System\CS2\Services\Tcpip\..\{0C7D3869-D064-4467-8F57-1FB03E60C524}: NameServer = 210.32.80.6
O23 - Service: KVSrvXp_1 - Unknown owner - (no file)
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NetWorkServers - Unknown owner - C:\WINDOWS\Servers.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Corporation Limited - d:\瑞星\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - rising - C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\Ravmond.exe

学习了.

我也中了,但是查了下没有system_HOOk.DLL
system.DLL和system.exe有的
但是system.DLL却删不掉~~~
楼主请问下该怎么办啊??

飞这么多鸽子啊

我也中毒了，谁帮我看看呀！

Logfile of HijackThis v1.99.1
Scan saved at 21:55:49, on 2005-11-18
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\System32\alg.exe
D:\Program Files\Tencent\QQ\QQ.exe
D:\Program Files\Tencent\QQ\TIMPlatform.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\dd\桌面\155847200541134207\HijackThis.exe

O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v8.dll
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\KakaTool.dll
O4 - HKLM\..\Run: [KAVPersonal50] "D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: 使用Kugoo下载 - D:\Program Files\KuGoo2\KugooDownX.htm
O8 - Extra context menu item: 使用迅雷下载 - D:\Program Files\Thunder-v5.0\geturl.htm
O8 - Extra context menu item: 使用迅雷下载全部链接 - D:\Program Files\Thunder-v5.0\getAllurl.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\Program Files\Tencent\QQ\AddEmotion.htm
O9 - Extra button: (no name) - {35980F6E-A137-4E50-953D-813BB8556899} - (no file)
O9 - Extra button: (no name) - {35980F6E-A137-4E50-953D-813BB8556899}? - (no file)
O9 - Extra button: kele8 - {84920E5F-3788-49cd-A274-E365578DF174} - http://www.kele8.com/ (file missing)
O9 - Extra 'Tools' menuitem: kele8 - {84920E5F-3788-49cd-A274-E365578DF174} - http://www.kele8.com/ (file missing)
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - d:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - d:\Program Files\Tencent\QQ\QQ.EXE
O16 - DPF: {0400AC1C-EEF0-4638-A501-31D5A0DC2002} (VTPlug3 Class) - http://61.129.90.99:1995/VTrans.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2EA6D939-4445-43F1-A12B-8CB3DDA8B855} (BlueskyVideo Control) - http://www.bluesky.cn/download/v2_60.cab
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (CEditCtrl Object) - https://img.alipay.com/download/aliedit.cab
O16 - DPF: {5DD731E6-D4F0-11D3-BE3F-00105A6FDA50} (V3ProX Control) - http://origin-www.ahn.com.cn/aspservice/plugin/myv3.cab
O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) - http://61.129.90.99:1995/talk.cab
O16 - DPF: {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (AxInputControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab
O16 - DPF: {8052AF20-EEE1-4A41-A050-8BDA57EC70D2} (Record9158 Control) - http://mim.99lover.com/VideoChat/Rec9158.CAB
O16 - DPF: {991481A7-4669-4E15-8C24-100404E1F5CB} (Blueskyvoice Control) - http://www.bluesky.cn/download/blueskyvoice_60.cab
O16 - DPF: {ABA7CC7F-019D-47DB-A0D2-B3C2B3AC1B44} (Fc2Boot Class) - http://210.51.5.80/fun/system/fc2boot.cab
O16 - DPF: {AC3A36A8-9BFF-410A-A33D-2279FFEB69D2} (QQPlayer Control) - http://imgcache.qq.com/music/QQMusicSetup.exe
O16 - DPF: {B2900CC6-9736-4AF5-8B98-FFFCBBDD46D8} (IceQQUp.UserControl1) - http://110dj.com/sz/RealPlayer.ocx
O16 - DPF: {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (Rising Web Scan Object) - http://download.rising.com.cn/register/pcver/autoupgradepad/Ver2005/OL2005.cab
O16 - DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} (pCastPanel Class) - http://pcaststatic.mop.com/dn/files/pCastCtl_1.0.0.71_20050929.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0E9A1149-AD31-4067-B9FC-D67E164F3D2B}: NameServer = 202.98.192.68 202.98.198.168
O17 - HKLM\System\CS1\Services\Tcpip\..\{0E9A1149-AD31-4067-B9FC-D67E164F3D2B}: NameServer = 202.98.192.68 202.98.198.168
O17 - HKLM\System\CS2\Services\Tcpip\..\{0E9A1149-AD31-4067-B9FC-D67E164F3D2B}: NameServer = 202.98.192.68 202.98.198.168
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: kavsvc - Kaspersky Lab - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: cress (kress) - Unknown owner - C:\WINDOWS\syste.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

引用:

【异端完美的贴子】我也中毒了，谁帮我看看呀！ ...........................

O23 - Service: cress (kress) - Unknown owner - C:\WINDOWS\syste.exe (file missing)
鸽子~

我...我...中灰鸽子了...昨天杀了...今天早上开机...又杀出鸽子来...好像杀不干净一样...上网查了来到这个社区了...你们扫描的文件怎么来的呀?HijackThis v1.99.1..这个软件哪里有下载?我也想扫出来给影子110看看...

引用:

【丝丝乖乖的贴子】我...我...中灰鸽子了...昨天杀了...今天早上开机...又杀出鸽子来...好像杀不干净一样...上网查了来到这个社区了...你们扫描的文件怎么来的呀?HijackThis v1.99.1..这个软件哪里有下载?我也想扫出来给影子110看看... ...........................

HijackThis V1.99.1汉化版下载及英文原版下载地址（二楼）
http://forum.ikaka.com/topic.asp?board=67&artid=5188931

下面是我的日志,哪个是鸽子?看不懂哟,请帮忙看一下.谢谢!
O23 - NT 服务: C-DillaCdaC11BA - Macrovision - C:\WINNT\system32\drivers\CDAC11BA.EXE
O23 - NT 服务: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - NT 服务: MGABGEXE - Matrox Graphics Inc. - C:\WINNT\System32\mgabg.exe
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Corporation Limited - C:\program files\rising\rfw\rfwsrv.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - rising - C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
O23 - NT 服务: Spplication Layer Gateway Serv - Unknown owner - C:\WINNT\bdc.exe

真的谢谢.太谢谢了,我的问题解决了.要是有条件,我一定要请baohe,影子110你们两位喝酒庆祝.手动方法很有效.