发表于: 2006-06-20 11:43 | 只看楼主 短消息 资料
字号: 1楼

【求助】我的电脑中了病毒了!请各位大侠帮忙看一下怎么解决!谢谢!!!

Logfile of HijackThis v1.99.1
Scan saved at 10:08:27, on 2006-10-20
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Microsoft\svhost32.exe
C:\Program Files\Rising\Rav\RavTask.exe
C:\WINDOWS\LSASS.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\conime.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Rising\Rav\RsAgent.exe
C:\WINDOWS\Logo1_.exe
F:\HijackThis\HijackThis.exe

R3 - URLSearchHook: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
R3 - URLSearchHook: (no name) - {136EC805-8068-4013-9335-2810FF5A6661} - C:\WINDOWS\system32\Kiey.dll
R3 - URLSearchHook: (no name) - {B3AFAE4B-5B3C-4683-A95B-390A6E640940} - C:\WINDOWS\system32\Hvloay.dll
R3 - URLSearchHook: (no name) - {5797B252-1873-48D0-AD6B-A8EAD55820E6} - C:\WINDOWS\system32\Pkde.dll
R3 - URLSearchHook: (no name) - {0767B7C9-1123-4C9D-A98E-37CAB034473B} - C:\WINDOWS\system32\Vuggn.dll
R3 - URLSearchHook: (no name) - {260E2ED5-F6CC-4F81-8128-CC4E324886F0} - C:\WINDOWS\system32\Kelf.dll
R3 - URLSearchHook: (no name) - {F8C9C1D5-512A-4A0A-B5E0-DE5A93CD8A99} - C:\WINDOWS\system32\Odhqo.dll
R3 - URLSearchHook: (no name) - {0790AA17-BB90-49A3-8632-DC20A35C555B} - C:\WINDOWS\system32\Kcxuy.dll
R3 - URLSearchHook: (no name) - {C8272805-AE8C-4152-878A-EA829C45BCED} - C:\WINDOWS\system32\Pnvxdn.dll
R3 - URLSearchHook: (no name) - {1C45DCC4-CCA6-49BB-A391-2016CCA2A130} - C:\WINDOWS\system32\Dgpd.dll
R3 - URLSearchHook: (no name) - {D77A31C5-FE6D-4787-A859-DB73826E5929} - C:\WINDOWS\system32\Pwpdqv.dll
R3 - URLSearchHook: (no name) - {DC5DBF37-869E-4438-8AC3-56AD82C3EE4B} - C:\WINDOWS\system32\Duby.dll
R3 - URLSearchHook: (no name) - {7B32DC69-8629-41C4-A7C4-FF35CEC2097C} - C:\WINDOWS\system32\Iuvav.dll
R3 - URLSearchHook: (no name) - {7792A894-4315-4705-B415-BE4B70BBA21A} - C:\WINDOWS\system32\Wivak.dll
R3 - URLSearchHook: (no name) - {B4F257D7-9F48-4CE0-A83E-A6A197579BB3} - C:\WINDOWS\system32\Vaabbu.dll
R3 - URLSearchHook: (no name) - {88A9398D-8366-4E6B-BEB2-545E2C938A5D} - C:\WINDOWS\system32\Gbwkc.dll
R3 - URLSearchHook: (no name) - {96A8F7F6-7AA5-4516-9D27-FA1C504E06E8} - C:\WINDOWS\system32\Zsugwi.dll
R3 - URLSearchHook: (no name) - {70413B04-2F5B-48F6-B9EB-F21F57505256} - C:\WINDOWS\system32\Ijcl.dll
R3 - URLSearchHook: (no name) - {D8587396-3291-4B45-9A78-06BA6E7E7A8E} - C:\WINDOWS\system32\Tmgrbg.dll
R3 - URLSearchHook: (no name) - {EAC5E53B-F609-44A0-ABF8-5FC92A5E8727} - C:\WINDOWS\system32\Evqgo.dll
R3 - URLSearchHook: (no name) - {6A45F1A0-BD22-4F8E-8AE3-5B463B3FE90D} - C:\WINDOWS\system32\Hedm.dll
R3 - URLSearchHook: (no name) - {E121F31E-72DD-4709-A35D-F226300B8FB6} - C:\WINDOWS\system32\Yskjzm.dll
R3 - URLSearchHook: (no name) - {1700BF2C-32D8-4C89-B590-23DA037330D6} - C:\WINDOWS\system32\Jekcow.dll
R3 - URLSearchHook: (no name) - {E83766A1-BF34-4088-BA8D-ABD2BF04CF70} - C:\WINDOWS\system32\Ccue.dll
R3 - URLSearchHook: (no name) - {7EA21FD1-6917-4B72-A659-D48738826553} - C:\WINDOWS\system32\Lzxd.dll
R3 - URLSearchHook: (no name) - {0CCAB94D-B423-4887-8542-CD88D620F408} - C:\WINDOWS\system32\Evxjip.dll
R3 - URLSearchHook: (no name) - {8E2A8008-8E52-4662-890F-382CAFA4EAE3} - C:\WINDOWS\system32\Hskeid.dll
R3 - URLSearchHook: (no name) - {36E0D335-2115-4C34-9CCA-EBC3E31211FC} - C:\WINDOWS\system32\Ppywu.dll
R3 - URLSearchHook: (no name) - {486739D3-706A-46F5-9C88-26EAB8FBCC12} - C:\WINDOWS\system32\Rhltbn.dll
R3 - URLSearchHook: (no name) - {BD7C1997-AAA4-4ECC-9F3A-39B1DE80C71D} - C:\WINDOWS\system32\Sotlol.dll
R3 - URLSearchHook: (no name) - {A2A16C33-B5B0-4C70-AD9B-EBD5DE5C7F34} - C:\WINDOWS\system32\Qujv.dll
R3 - URLSearchHook: (no name) - {44FC711F-7EEB-4D85-AD9F-B1D1541FB449} - C:\WINDOWS\system32\Htflt.dll
R3 - URLSearchHook: (no name) - {F3030872-A120-4803-93E4-960FFB094E74} - C:\WINDOWS\system32\Vwmdc.dll
R3 - URLSearchHook: (no name) - {4AAB8E49-8915-4FFE-A1D6-460A993496C4} - C:\WINDOWS\system32\Vhrm.dll
R3 - URLSearchHook: (no name) - {3E5939A2-5C75-46D8-8E49-F534F3DF342A} - C:\WINDOWS\system32\Rpth.dll
R3 - URLSearchHook: (no name) - {AB2F72D3-CE4E-45FF-A08A-CE9A5A862DFC} - C:\WINDOWS\system32\Rkhfmu.dll
R3 - URLSearchHook: (no name) - {A2799155-1103-4949-98BE-BC8C37FCF254} - (no file)
R3 - URLSearchHook: (no name) - {BCCE03E5-5082-455A-87DC-62F64CDAA492} - (no file)
R3 - URLSearchHook: (no name) - {4A455818-5D42-4DD4-9573-20C4EE2CCBA3} - C:\WINDOWS\system32\Sfvh.dll
R3 - URLSearchHook: (no name) - {224C55E6-5870-41A2-B426-54DDB516E0D7} - C:\WINDOWS\system32\Unsco.dll
R3 - URLSearchHook: (no name) - {6C26A10D-435C-4971-BDB8-5373B8963303} - C:\WINDOWS\system32\Loufnk.dll
R3 - URLSearchHook: (no name) - {5C8025DC-94E0-4CAF-8D5D-E275B4E1FB2B} - C:\WINDOWS\system32\Zlnatb.dll
F3 - REG:win.ini: load=C:\WINDOWS\rundl132.exe
O2 - BHO: (no name) - {0005A87D-D626-4B3A-84F9-1D9571695F55} - (no file)
O2 - BHO: Yahoo!Photo - {33BBE430-0E42-4f12-B075-8D21ACB10DCB} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll
O2 - BHO: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O2 - BHO: QQBrowserHelperObject Class - {54EBD53A-9BC1-480B-966A-843A333CA162} - F:\QQ\QQIEHelper.dll
O2 - BHO: 超级兔子上网精灵 - {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} - C:\PROGRA~1\SUPERR~1\MAGICSET\haokanbar2.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O3 - Toolbar: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O3 - Toolbar: 超级兔子上网精灵 - {43869BB3-22FD-4F15-9B46-238106BA2F4E} - C:\PROGRA~1\SUPERR~1\MAGICSET\haokanbar2.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] ; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [YLive.exe] C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [StormCodec_Helper] "F:\暴风影音\Storm Codec\StormSet.exe" /S /opti
O4 - HKLM\..\Run: [ms] C:\Program Files\Microsoft\svhost32.exe
O4 - HKLM\..\Run: [KavStart] "C:\KAV2006\KAVStart.exe" -startup
O4 - HKLM\..\Run: [RfwMain] C:\Program Files\rising\Rfw\rfwmain.exe
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [ToP] C:\WINDOWS\LSASS.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [KavPFW] "C:\KAV2006\KPFW32.EXE"
O4 - HKCU\..\Run: [Super Rabbit IEPro] C:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE /LOAD
O4 - Startup: 腾讯QQ.lnk = F:\QQ\QQ.exe
O8 - Extra context menu item: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - F:\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - F:\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - F:\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - F:\QQ\SendMMS.htm
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - F:\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - F:\QQ\QQ.EXE
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - F:\QQ\QQIEHelper.dll
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - F:\QQ\QQIEHelper.dll
O21 - SSODL: Vision - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - (no file)
O23 - Service: Kingsoft Personal Firewall Service (KPfwSvc) - Unknown owner - C:\KAV2006\KPfwSvc.EXE (file missing)
O23 - Service: Kingsoft Antivirus KWatch Service (KWatchSvc) - Unknown owner - C:\KAV2006\KWatch.EXE (file missing)
O23 - Service: Rising Proxy  Service (RfwProxySrv) - Unknown owner - c:\program files\rising\rfw\rfwproxy.exe (file missing)
O23 - Service: Rising Personal Firewall Service (RfwService) - Unknown owner - c:\program files\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Unknown owner - C:\Program Files\Rising\Rav\CCenter.exe
O23 - Service: RsRavMon Service (RsRavMon) - Unknown owner - C:\Program Files\Rising\Rav\Ravmond.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
这是HijackThis扫描的结果
最后编辑2006-06-20 11:43:06.420000000