SOS 请求帮助!怎么 掉“搜易网”
  近来，电脑总是在浏览网页时有“搜易网”名称的网页自动打开。怎么把这个流氓网页除 掉。请大家帮助 给个方法。谢谢!!!

Logfile of HijackThis v1.99.0

C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rising\Rfw\rfwsrv.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\dns.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Microsoft SQL Server\MSSQL$UDDI\Binn\sqlservr.exe
C:\PROGRA~1\MICROS~1\MSSQL\binn\sqlservr.exe
C:\WINDOWS\NSServics.Exe
C:\Program Files\Common Files\smartde\sde.exe
C:\Program Files\NG\NSServer\NSServer.Exe
d:\Program Files\SoftEther\SoftEther.exe
d:\Program Files\SoftEther\SoftHUB.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\WINDOWS\system32\Dfssvc.exe
C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\conime.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\rising\Rav\RavTask.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Common Files\UPDATE\Update.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\DrvMon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\mshta.exe
C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\svchost.exe
C:\WINDOWS\system32\mshta.exe
C:\WINDOWS\system32\mshta.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\isqlw.exe
E:\ha-hijackthis199-xqb\HijackThis.exe

R3 - URLSearchHook: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\Program Files\Yahoo!\Assistant\Assist\yasbar.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v8.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo!Photo - {33BBE430-0E42-4f12-B075-8D21ACB10DCB} - C:\Program Files\Yahoo!\Assistant\Assist\yphtb.dll
O2 - BHO: CNNIC_IDN - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll
O2 - BHO: AntiFish Class - {38928D50-8A48-44C2-945F-D2F23F771410} - C:\Program Files\Yahoo!\Assistant\Assist\yAngling.dll
O2 - BHO: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\Program Files\Yahoo!\Assistant\Assist\yasbar.dll
O2 - BHO: DragSearch BHO - {62EED7C6-9F02-42f9-B634-98E2899E147B} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL
O2 - BHO: MacroMediapd - {B8CCDD47-38E4-4CD2-B7FA-3B4B690F74BD} - C:\WINDOWS\system32\microapmddt.dll
O2 - BHO: IEHlprObj Class - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - C:\WINDOWS\system32\drivers\inf\bands.dll
O2 - BHO: SDObmObj Class - {D4D5C535-BA95-4327-870D-A33826FDD17A} - C:\WINDOWS\system32\obwbkya.dll
O2 - BHO: 超级兔子上网精灵 - {FEDF637B-F631-4583-A210-33CC828D42DB} - C:\PROGRA~1\SUPERR~1\MagicSet\HAOKAN~2.DLL
O3 - Toolbar: @msdxmLC.dll,-1@2052,电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: (no name) - {F43BD772-ABDD-43b7-A96A-3E9E61946EC0} - (no file)
O3 - Toolbar: (no name) - {1D8E8710-88F8-4d6e-AD7C-1437937E82A9} - (no file)
O3 - Toolbar: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\Program Files\Yahoo!\Assistant\Assist\yasbar.dll
O3 - Toolbar: 超级兔子上网精灵 - {FEDF637B-F631-4583-A210-33CC828D42DB} - C:\PROGRA~1\SUPERR~1\MagicSet\HAOKAN~2.DLL
O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [MS-4011 Memory Patch] E:\tools\振荡波\RavSasser.exe -Patch
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [Update] C:\Program Files\Common Files\UPDATE\Update.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DrvMon.exe] C:\WINDOWS\system32\DrvMon.exe
O8 - Extra context menu item: &使用迅雷下载 - d:\Program Files\Thunder Network\Thunder\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - d:\Program Files\Thunder Network\Thunder\getallurl.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\Program Files\Tencent\QQ\SendMMS.htm
O8 - Extra context menu item: 雅虎搜索 - res://C:\Program Files\Yahoo!\Assistant\Assist\yasbar.dll/246
O9 - Extra button: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll
O9 - Extra 'Tools' menuitem: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\web\related.htm (file missing)
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\web\related.htm (file missing)
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - d:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - d:\Program Files\Tencent\QQ\QQ.EXE
O10 - Broken Internet access because of LSP provider 'c:\documents and settings\administrator.zj0001.000\windows\system32\mswsock.dll' missing
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/1958268db850a0db2005/netzip/RdxIE601_cn.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1125018762796
O16 - DPF: {658E8183-D04C-413A-9FCF-C04D610E81A3} (CCTest Control) - http://61.175.243.98/cctest.cab
O16 - DPF: {9124F9F5-EC7E-4399-9901-4F365B42FC88} (StoreAnswer Control) - http://61.175.243.98/zjks.cab
O16 - DPF: {98A62E3F-A8C5-4EF0-8A00-C70CF9D18A89} (LoaderCore Class) - http://tb.sogou.com/DLLoader.cab
O16 - DPF: {CCF6601F-5E8B-4659-ADFF-7A7037DC473F} (QLD Control) - http://61.175.243.98/zjksqld.cab
O16 - DPF: {DA984A6D-508E-11D6-AA49-0050FF3C628D} (Ravonline) - http://download.rising.com.cn/ravkill/rsonline.cab
O16 - DPF: {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (Rising Web Scan Object) - http://download.rising.com.cn/register/pcver/autoupgradepad/Ver2005/OL2005.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2BAB713B-DDE4-495F-8D8B-581C7D71A5DA}: NameServer = 218.74.122.74,218.74.122.75
O17 - HKLM\System\CCS\Services\Tcpip\..\{A55AB9BB-E0A3-4318-913B-192BAC9683B4}: NameServer = 218.74.122.74,218.74.122.75
O17 - HKLM\System\CS1\Services\Tcpip\..\{2BAB713B-DDE4-495F-8D8B-581C7D71A5DA}: NameServer = 218.74.122.74,218.74.122.75
O17 - HKLM\System\CS2\Services\Tcpip\..\{2BAB713B-DDE4-495F-8D8B-581C7D71A5DA}: NameServer = 218.74.122.74,218.74.122.75
O17 - HKLM\System\CS3\Services\Tcpip\..\{2BAB713B-DDE4-495F-8D8B-581C7D71A5DA}: NameServer = 218.74.122.74,218.74.122.75

O23 - Service: Application Layer Gateway Service - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Application Management - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: ASP.NET State Service - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe (file missing)
O23 - Service: Windows Audio - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Background Intelligent Transfer Service - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: BrSplService - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Computer Browser - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Cryptographic Services - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Distributed File System - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\system32\Dfssvc.exe (file missing)
O23 - Service: DHCP Client - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Logical Disk Manager Administrative Service - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\System32\dmadmin.exe (file missing)
O23 - Service: Logical Disk Manager - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: DNS Server - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\System32\dns.exe (file missing)
O23 - Service: DNS Client - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Error Reporting Service - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Event Log - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\system32\services.exe (file missing)
O23 - Service: Help and Support - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Server - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Workstation - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Indexing Manager - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: TCP/IP NetBIOS Helper - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Macromedia Licensing Service - Unknown - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Net Logon - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Network Connections - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Network Location Awareness (NLA) - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: NEWGRAND Socket Server - NEWGRAND - C:\WINDOWS\NSServics.Exe
O23 - Service: File Replication - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\system32\ntfrs.exe (file missing)
O23 - Service: NT LM Security Support Provider - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Removable Storage - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Plug and Play - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\system32\services.exe (file missing)
O23 - Service: IPSEC Services - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Protected Storage - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Remote Access Auto Connection Manager - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Remote Access Connection Manager - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Routing and Remote Access - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Remote Registry - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Rising Personal Firewall Service - Beijing Rising Technology Corporation Limited - C:\Program Files\Rising\Rfw\rfwsrv.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) - Unknown - %ProgramFiles%\WinPcap\rpcapd.exe (file missing)
O23 - Service: Remote Procedure Call (RPC) Locator - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Remote Procedure Call (RPC) - Unknown - C:\Documents.exe (file missing)
O23 - Service: Rising Process Communication Center - Beijing Rising Technology Co., Ltd. - C:\Program Files\rising\Rav\CCenter.exe
O23 - Service: Resultant Set of Policy Provider - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\system32\RSoPProv.exe (file missing)
O23 - Service: Special Administration Console Helper - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Security Accounts Manager - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Smart Card - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\System32\SCardSvr.exe (file missing)
O23 - Service: Task Scheduler - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: SDAgent Service - 北京兴华基业软件技术有限公司 - C:\Program Files\Common Files\smartde\sde.exe
O23 - Service: Secondary Logon - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: System Event Notification - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Shell Hardware Detection - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: SoftEther Virtual LAN Card - SoftEther.com - d:\Program Files\SoftEther\SoftEther.exe
O23 - Service: SoftEther Virtual HUB - SoftEther.com - d:\Program Files\SoftEther\SoftHUB.exe
O23 - Service: SoundMAX Agent Service - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Print Spooler - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\system32\spoolsv.exe (file missing)
O23 - Service: Windows Image Acquisition (WIA) - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Microsoft Software Shadow Copy Provider - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Performance Logs and Alerts - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\system32\smlogsvc.exe (file missing)
O23 - Service: Telephony - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Terminal Services - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Distributed Link Tracking Client - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Upload Manager - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Uninterruptible Power Supply - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\System32\ups.exe (file missing)
O23 - Service: Virtual Disk Service - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\System32\vds.exe (file missing)
O23 - Service: Volume Shadow Copy - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\System32\vssvc.exe (file missing)
O23 - Service: Windows Time - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: World Wide Web Publishing Service - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: WinHTTP Web Proxy Auto-Discovery Service - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Windows Management Instrumentation - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: VNC Server Version 4 - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
O23 - Service: Portable Media Serial Number Service - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Windows Management Instrumentation Driver Extensions - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Automatic Updates - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Wireless Configuration - Unknown - C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\System32\svchost.exe (file missing)

杀掉进程
C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\System32\smss.exe

修复
O4 - HKLM\..\Run: [Update] C:\Program Files\Common Files\UPDATE\Update.exe

重启
删除C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\System32目录；C:\Program Files\Common Files\UPDATE\Update.exe

C:\Documents and Settings\Administrator.ZJ0001.000\WINDOWS\System32\svchost.exe
怎么系统文件都跑到这里了~~~
Administrator.ZJ0001.000这个用户，楼主认识吗？？

zj0001是我建的一个用户。

能不能告诉我HijackThis.exe
中代码023是指什么意思？
我扫出的文件 里为什么那么多？

023项~应该 是你的电脑里面的非系统服务吧~~（我也不太明白，你的好多的系统服务为什么会···）
你装了几个系统~~