发表于: 2006-11-29 21:08 | 显示全部 短消息 资料
字号: 1楼

各位帮帮我,我用瑞星查出了那么多病毒.却杀不掉..哭T.T(附日志)

病毒名称      处理结果    发现日期      扫描方式
Trojan.Agent.dtc                删除成功    2006-11-24 10:57      文件监控
Trojan.PSW.QQRobber.ajz        忽略        2006-11-24 22:52      文件监控
Trojan.PSW.QQPass.quv          删除成功    2002-01-01 00:21      文件监控
Backdoor.Agent.eiu              删除成功    2002-01-01 00:07      文件监控
----------------------------------------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 20:36:56, on 2006-11-29
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rising\Rav\Ravmond.exe
c:\program files\rising\rfw\rfwsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\rising\rfw\RfwMain.exe
C:\Program Files\联想\联想键盘驱动\TGESrvLogon.exe
C:\WINDOWS\soundman.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Rising\Rav\RavTask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Rising\Rav\Ravmon.exe
D:\MSNShell\BIN\MSNShell.exe
C:\WINDOWS\system32\conime.exe
C:\Program Files\Tencent\TT\TTraveler.exe
C:\248783200522382732\HijackThis.exe

R3 - Default URLSearchHook is missing
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - C:\Program Files\QQIEHelper.dll
O3 - Toolbar: (no name) - {43869BB3-22FD-4F15-9B46-238106BA2F4E}? - (no file)
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\KakaTool.dll
O4 - HKLM\..\Run: [SoundMan] soundman.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [Super Rabbit Desktop Set] C:\Program Files\Super Rabbit\MagicSet\DS.EXE /Load
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [wdfmgr32] C:\WINDOWS\system32\wdfmgr32.exe
O4 - HKLM\..\Run: [rzt] C:\WINDOWS\Intel\rundll32.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSNShell] D:\MSNShell\BIN\MSNShell.exe autorun
O4 - Startup: 腾讯QQ.lnk = C:\Program Files\QQ.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\AddToNetDisk.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\SendMMS.htm
O8 - Extra context menu item: 设为 Messenger Live 头像 - D:\MSNShell\BIN\SetMSNDP.htm
O9 - Extra button: MSN Shell 4 - {0713E8D2-850A-101B-AFC0-4210102A8DA7} - D:\MSNShell\Bin\MSNShell.exe
O9 - Extra 'Tools' menuitem: MSN Shell 4 - {0713E8D2-850A-101B-AFC0-4210102A8DA7} - D:\MSNShell\Bin\MSNShell.exe
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\QQ.EXE
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\QQIEHelper.dll
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\QQIEHelper.dll
O10 - Broken Internet access because of LSP provider 'c:\windows\system32\cdnns.dll' missing
O14 - IERESET.INF: START_PAGE_URL=http://www.microsoft.com/
O16 - DPF: {072039AB-2117-4ED5-A85F-9B9EB903E021} (NowStarter Control) - http://www.clubbox.co.kr/neo.fld/NowStarter.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://kaorujk.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {A671DC03-71D0-4CF0-895C-7D4A248FC1F1} (skcbgmset Class) - http://cyimg7.cyworld.nate.com/cymusic/package/skcbgmset.cab
O16 - DPF: {EDEDED2E-A0A6-4085-BC52-A95255A96DBD} (CyImgChinaCtl Class) - http://fs3u.cyworld.com.cn/common/activex/CyImgChina.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - Service: Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe
O23 - Service: TGE CardReader Mgr Host v2 (TGECardReaderMgrHost.2) - Unknown owner - C:\Program Files\联想\联想键盘驱动\TGESrvLogon.exe

最后编辑2006-11-29 21:04:06