我用瑞星杀过了 杀不掉 我该怎么办啊 高手门 懂的人教教我怎么弄啊

怎么没人帮帮我的拉　谢谢你们来　我很急啊

用HijackThis扫个日志贴上来
HijackThis请到置顶贴“【公告】反病毒论坛暂行条例（200511.26更新）及本版常用小工具”一楼的附件下

HijackThis@Qoo的扫描日志  V1.97.7
Scan saved at 16:04:18, on 2005-12-1
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\spoolsv.exe
D:\超级兔子\MagicSet\memdef.EXE
D:\yy\kav2005\金山毒霸2005绿色版\KPfwSvc.EXE
C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe
C:\WINNT\system32\ctfmon.exe
D:\qq\QQ.exe
D:\qq\TIMPlatform.exe
D:\qq\QQexternal.exe
C:\WINNT\system32\conime.exe
D:\4\RISING\RAV\CCENTER.EXE
D:\4\RISING\RAV\Ravmond.exe
D:\4\RISING\RAV\RavStub.exe
d:\4\rising\rav\RAVMON.EXE
d:\4\rising\rav\RAVTIMER.EXE
d:\4\rising\rav\RsAgent.exe
D:\1\BitComet\BitComet.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\shadu\hijackthis1.97_qoo\HijackThis.exe

R3 - URLSearchHook:
O2 - BHO: (no name) - {33BBE430-0E42-4f12-B075-8D21ACB10DCB} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll
O2 - BHO: (no name) - {38928D50-8A48-44C2-945F-D2F23F771410} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yAngling.dll
O2 - BHO: (no name) - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O2 - BHO: (no name) - {54EBD53A-9BC1-480B-966A-843A333CA162} - D:\qq\QQIEHelper.dll
O2 - BHO: (no name) - {62EED7C6-9F02-42f9-B634-98E2899E147B} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL
O2 - BHO: (no name) - {D4D5C535-BA95-4327-870D-A33826FDD17A} - C:\WINNT\system32\obwbkya.dll
O2 - BHO: (no name) - {FEDF637B-F631-4583-A210-33CC828D42DB} - D:\
O3 - Toolbar: ????? - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O3 - Toolbar: ????? - {FEDF637B-F631-4583-A210-33CC828D42DB} - D:\
O4 - HKLM\..\Run: [Super Rabbit Memory] D:\
O4 - HKLM\..\Run: [RavTimer] D:\4\RISING\RAV\RAVTIMER.EXE
O4 - HKLM\..\Run: [RavMon] D:\4\RISING\RAV\RAVMON.EXE -SYSTEM
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [YLive.exe] C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
O4 - HKLM\..\Run: [yassistse] "C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] ; "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Super Rabbit IEPro] ; D:\
O4 - HKCU\..\Run: [Super Rabbit CDNotify] ; D:\
O4 - HKCU\..\Run: [KavPFW] ; "D:\yy\kav2005\
O4 - Startup: NTUSER.DAT
O4 - Startup: ntuser.dat.LOG
O4 - Startup: ntuser.ini
O4 - Startup: ChatLog.log
O4 - Global Startup: ntuser.pol
O4 - Global Startup: ntuser.dat
O4 - Global Startup: ntuser.dat.LOG
O8 - Extra context menu item: !搜一搜 - res://C:\WINNT\downlo~1\CnsMinEx.dll/1003
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\qq\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\qq\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\qq\SendMMS.htm
O8 - Extra context menu item: 雅虎搜索 - res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll/246
O11 - Options group: [!CNS] 
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {9242BB35-0DB0-43AC-8DFC-8EA07E63B92A} - http://219.133.60.95:1080/qqtv/QQLive1.0Beta02.exe
O16 - DPF: {A984ED9F-E8DA-44E5-BC18-C14B9ABEF79D} (photo_uploader Control) - http://upload.photo.163.com/photoup.cab
O16 - DPF: {C8BD9ACB-F7EC-48E6-BB2F-DAADC6789E9A} (Kingsoft DUBA OnlineScan) - http://zs.kingsoft.com/duba/OCX/KAVClean.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{068C9A62-37D7-46DB-ACBC-CF54B4AF45AC}: NameServer = 202.96.209.6 202.96.209.133

我中毒的都在D盘和E盘 我不大懂电脑的 谢谢楼上教我啊

日志工具版本太旧

用Autoruns保存一个日志发上来
日志保存方法:选择File->Save菜单项
保存日志时注意选择Options->Hide Microsoft Entries菜单项(设置了这项后点工具栏的刷新按钮)

工具的下载、使用参考http://forum.ikaka.com/topic.asp?board=28&artid=7318038第14楼

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

+ RavMonRavMon Rising realtime monitor Beijing Rising Technology Co., Ltd.d:\4\rising\rav\ravmon.exe

+ RavTimerRavTimerBeijing Rising Technology Co., Ltd.d:\4\rising\rav\ravtimer.exe

+ Super Rabbit MemoryRegister USD$Super Rabbit Softwared:\超级兔子\magicset\memdef.exe

+ yassistseAssistSettingYahoo!c:\program files\yahoo!\assistant\yassistse.exe

+ YLive.exeYLive c:\program files\yahoo!\assistant\ylive.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run

+ KavPFWFile not found: ;

+ MSMSGSFile not found: ;

+ Super Rabbit CDNotifyFile not found: ;

+ Super Rabbit IEProFile not found: ;

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks

+ cnshook.dll3721 CNS Module北京三七二一科技有限公司c:\winnt\downloaded program files\cnshook.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved

+ RISINGRising Shell Ext ModuleBeijing Rising Technology Co., Ltd.c:\winnt\system32\ravext.dll

+ Yahoo!PhotoyPhtbYahoo! Chinac:\program files\yahoo!\assistant\assist\yphtb.dll

+ 粉碎文件Wiper 动态链接库c:\program files\yahoo!\assistant\assist\ywiper.dll

+ 好看123上网精灵超级兔子上网精灵超级兔子d:\超级兔子\magicset\haokanbar.dll

HKLM\Software\Classes\Folder\Shellex\ColumnHandlers

+ Fax Tiff Data Column ProviderFile not found: C:\WINNT\system32\faxshell.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

+ AntiFish Classyangling.dllYahoo.c:\program files\yahoo!\assistant\assist\yangling.dll

+ DragSearch BHODragSearchc:\program files\yahoo!\assistant\assist\ydragsearch.dll

+ QQBrowserHelperObject ClassQQIEHelper Module深圳市腾讯计算机系统有限公司d:\qq\qqiehelper.dll

+ SDObmObj Classobwbkya Module北京兴华基业软件技术有限公司c:\winnt\system32\obwbkya.dll

+ Yahoo!PhotoyPhtbYahoo! Chinac:\program files\yahoo!\assistant\assist\yphtb.dll

+ 超级兔子上网精灵超级兔子上网精灵超级兔子d:\超级兔子\magicset\haokanbar.dll

+ 雅虎助手ToolBarYahoo!c:\program files\yahoo!\assistant\assist\yasbar.dll

HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks

+ coolbarToolBarYahoo!c:\program files\yahoo!\assistant\assist\yasbar.dll

HKLM\Software\Microsoft\Internet Explorer\Toolbar

+ 超级兔子上网精灵超级兔子上网精灵超级兔子d:\超级兔子\magicset\haokanbar.dll

+ 雅虎助手ToolBarYahoo!c:\program files\yahoo!\assistant\assist\yasbar.dll

HKLM\Software\Microsoft\Internet Explorer\Extensions

+ Yahoo 1G电邮File not found: http://cn.mail.yahoo.com/promo/rd1

+ 清理上网记录File not found: http://assistant.3721.com/clean1.htm?fb=Cns

+ 情景聊天File not found: http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/

+ 上网助手File not found: http://assistant.3721.com/index.htm?fb=Cns

+ 手机短信File not found: http://sms.3721.com/ie/index.htm?pid=U_3721_assist

+ 修复浏览器File not found: http://assistant.3721.com/security1.htm?fb=Cns

+ 寻宝乐趣多File not found: http://hot.3721.com/rd/shop_btn.htm

HKLM\System\CurrentControlSet\Services

+ RsCCenterCCenterrisingd:\4\rising\rav\ccenter.exe

+ RsRavMonRavMonBeijing Rising Technology Co., Ltd.d:\4\rising\rav\ravmond.exe

+ SDAgentServicesde北京兴华基业软件技术有限公司c:\program files\common files\smartde\sde.exe

HKLM\System\CurrentControlSet\Services

+ BaseTDIbasetdiRisingc:\winnt\system32\drivers\basetdi.sys

+ cmpciC-Media Audio WDM DriverC-Media Incc:\winnt\system32\drivers\cmaudio.sys

+ ExpScanerExpScan.sysd:\4\rising\rav\expscan.sys

+ GMSIPCIFile not found: G:\INSTALL\GMSIPCI.SYS

+ HookContTDI HOOK DriverRising tech Co. ltdd:\4\rising\rav\hookcont.sys

+ HookRegd:\4\rising\rav\hookreg.sys

+ HookSys瑞星d:\4\rising\rav\hooksys.sys

+ NTACCESSFile not found: G:\NTACCESS.sys

+ nvNVIDIA Compatible Windows 2000 Miniport Driver, Version 56.73 NVIDIA Corporationc:\winnt\system32\drivers\nv4_mini.sys

+ nv4NVIDIA Compatible Windows 2000 Miniport Driver, Version 3.27 NVIDIA Corporationc:\winnt\system32\drivers\nv4.sys

+ pfcPadus(R) ASPI ShellPadus, Inc.c:\winnt\system32\drivers\pfc.sys

+ PtilinkDirect Parallel Link DriverParallel Technologies, Inc.c:\winnt\system32\drivers\ptilink.sys

+ PxHelp20Px Engine Device Driver for Windows 2000/XPSonic Solutionsc:\winnt\system32\drivers\pxhelp20.sys

+ rtl8139Realtek RTL8139 NDIS 5.0 DriverRealtek Semiconductor Corporationc:\winnt\system32\drivers\rtl8139.sys

+ SecdrvSafeDisc driverc:\winnt\system32\drivers\secdrv.sys

+ SetupNTGLM7XFile not found: G:\NTGLM7X.sys

接下来 怎么办 请教!!谢谢了

杀毒软件报病毒路径是什么？

D:\System Volume Information\_restore{55ED4F2B-F4C3-496C-9857-OF4C1AC1D941}\RP114  这个是T开头的
E:\System Volume Information\_restore{55ED4F2B-F4C3-496C-9857-OF4C1AC1D941}\RP114  这个是B开头的
谢谢你了 真是太麻烦你了!!