电脑常弹出无聊的广告．这些日志应怎么办？
HijackThis@Qoo的扫描日志  V1.97.7
Scan saved at 8:55:11, on 2006-1-21
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
E:\MP4\mp4detect.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\mshta.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\svchost.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\P4P\p2psvr.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\HijackThis\HijackThis.exe

R3 - URLSearchHook: MyURLSearchHook Class - {982CB676-38F0-4D9A-BB72-D9371ABE876E} - C:\Program Files\P4P\ToolBar.dll
R3 - URLSearchHook: SgUrlSearHook Class - {BAB1AC41-6FF7-4F2E-A04E-5C592CCFEA7D} - C:\WINDOWS\System32\socul.dll
O2 - BHO: SohuDAIEHelper - {0CA51D02-7739-43EA-8D9A-1E8AD4327B03} - C:\Program Files\P4P\sodaie.dll
O2 - BHO:
O4 - HKLM\..\Run: [YLive.exe] C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
O4 - HKLM\..\Run: [yassistse] "C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [Testusb] E:\MP4\mp4detect.exe
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [internet.exe] C:/WINDOWS/system.hta
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [Cryptographic Service] C:\WINDOWS\System32\tvioh.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Startup: NTUSER.DAT
O4 - Startup: ntuser.dat.LOG
O4 - Startup: ntuser.ini
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2F759520-3D56-44FB-854E-F29DF88B6C93}: NameServer = 202.96.69.38 202.96.64.68
O17 - HKLM\System\CS2\Services\Tcpip\..\{2F759520-3D56-44FB-854E-F29DF88B6C93}: NameServer = 202.96.69.38 202.96.64.68

请使用hijackthis1.99.1重新扫描
O2 - BHO:
是什么？为什么这个bho是空的呢？

R3 - URLSearchHook: SgUrlSearHook Class - {BAB1AC41-6FF7-4F2E-A04E-5C592CCFEA7D} - C:\WINDOWS\System32\socul.dll
O4 - HKLM\..\Run: [internet.exe] C:/WINDOWS/system.hta
O4 - HKLM\..\Run: [Cryptographic Service] C:\WINDOWS\System32\tvioh.exe
中马了??

把这些文件给baohe发过去:baohelin@yahoo.com.cn

O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)

O4 - HKLM\..\Run: [Cryptographic Service] C:\WINDOWS\System32\tvioh.exe
这个System32里没的 估计就是木马了

http://forum.ikaka.com/topic.asp?board=28&artid=6979213
下载HIJACKTHIS
重新导出日志