我的电脑感染了cdnup这个病毒,总是自动跑到启动项里,去也去不掉!!请各位高手帮忙!!谢谢!!

看看这个
http://forum.ikaka.com/topic.asp?board=28&artid=7318038
有没有帮助

请下载并使用HijackThis1.99.1,把HijackThis
                  1.99.1生成的log日志文件的内容贴上来，方便大

家分析。

                  有关操作方法可参考：
                  【推荐】反浏览器劫持的一些常用操作
                 

http://forum.ikaka.com/topic.asp?board=67&artid=6490491

谢谢二位 的回复!!贴1.99.1生成的log日志文件老是没人看,所以没贴!!我贴一个你们帮忙看看!!Logfile of HijackThis v1.99.0
Scan saved at 20:33:12 上午, on 2005-10-24
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
c:\program files\rising\rfw\rfwsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
D:\AlienGUIse\wbload.exe
c:\program files\rising\rfw\RfwMain.exe
C:\Program Files\周杰伦语音整点报时\周杰伦语音整点报时.exe
C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
C:\Program Files\CNNIC\Cdn\cdnup.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\conime.exe
F:\Maxthon\Maxthon.exe
C:\WINDOWS\system32\rundll32.exe
D:\Thunder\ThunderOrg.exe
C:\PROGRAM FILES\RISING\RAV\RavStub.exe
c:\program files\rising\rav\RAVMON.EXE
C:\WINDOWS\Explorer.exe
D:\洋木马\ewidoctrl.exe
D:\洋木马\securitysuite.exe
D:\洋木马\ewidoguard.exe
E:\hijackthis1.97_qoo\HijackThis.exe

R3 - Default URLSearchHook is missing
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v8.dll
O2 - BHO: (no name) - {015C8121-9EE2-469A-9DF7-B57C00EDBC36} - D:\Baizhao\PPPIEHelper3.dll (file missing)
O2 - BHO: (no name) - {01A7A372-71E8-4022-9D76-B66BECF71A2E} - C:\WINDOWS\system32\IEBHODLL.dll
O2 - BHO: CNNIC_IDN - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll
O2 - BHO: MMSAssist - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\MMSASS~1.DLL
O2 - BHO: IeCapture Class - {67B6599D-1ACF-4EA9-9EAB-578DF0FE6F78} - C:\Program Files\Common Files\Baidu\Disk Search\dsie.dll
O2 - BHO: stdup - {6A512BF7-EC78-4e8d-9841-6C02E8FA9838} - C:\WINDOWS\system32\stdup.dll
O2 - BHO: Kwyshell MidpX BHO - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - D:\java游戏模拟器\JadInvoker\MidpInvoker.dll
O3 - Toolbar: 卡卡安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\kakatool.dll
O3 - Toolbar: Kwyshell MidpX - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - D:\java游戏模拟器\JadInvoker\MidpInvoker.dll
O3 - Toolbar: 完美网译通 - {F43BD772-ABDD-43b7-A96A-3E9E61946EC0} - C:\WINDOWS\WORLD2\TOOLBAR\hmtoolbar.dll (file missing)
O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [jayclock] C:\Program Files\周杰伦语音整点报时\周杰伦语音整点报时.exe
O4 - HKLM\..\Run: [RavTimer] C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
O4 - HKLM\..\Run: [RavMon] C:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CdnCtr] C:\Program Files\CNNIC\Cdn\cdnup.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [uncnnic] C:\Program Files\CNNIC\Cdn\uncnnic.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item:  >> 彩信发送 << - res://C:\PROGRA~1\MMSASS~1\MMSASS~1.DLL/mms.htm
O8 - Extra context menu item: &使用迅雷下载 - D:\Thunder\geturl.htm
O8 - Extra context menu item: 收藏到我的空间(佳禾文摘) - http://www.cn126.net/link.asp
O9 - Extra button: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll
O9 - Extra 'Tools' menuitem: 中文上网 - {35980F6E-A137-4E50-953D-813BB8556899} - C:\PROGRA~1\CNNIC\Cdn\cdniehlp.dll
O9 - Extra button: (no name) - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\MMSASS~1.DLL
O9 - Extra 'Tools' menuitem: MMSAssist工具条设置 - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\MMSASS~1.DLL
O11 - Options group: [CDNCLIENT]  中文上网
O17 - HKLM\System\CCS\Services\Tcpip\..\{902C4EA0-D22D-440D-9C0D-7A7EB546986B}: NameServer = 202.99.192.68 202.99.192.66
O18 - Filter: text/x-mrml - {C51721BE-858B-4A66-A8BF-D2882FF49820} - D:\手只机铃逡音舯编嗉辑软砑件\players\MidRadio\MidRadio.ocx
O20 - AppInit_DLLs: C:\WINDOWS\system32\Userinit.exe,
O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - D:\美雷桌繺\iprepair.dll (file missing)
O23 - Service: ewido security suite control - ewido networks - D:\洋木马\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - D:\洋木马\ewidoguard.exe
O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Rising Personal Firewall Service - Beijing Rising Technology Corporation Limited - c:\program files\rising\rfw\rfwsrv.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) - Unknown - %ProgramFiles%\WinPcap\rpcapd.exe (file missing)
O23 - Service: Rising Process Communication Center - rising - C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
O23 - Service: RsRavMon Service - Beijing Rising Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
O23 - Service: StyleXPService - Unknown - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

O4 - HKLM\..\Run: [CdnCtr] C:\Program Files\CNNIC\Cdn\cdnup.exe

应该是你安装的软件吧，卸载不久完了嘛

修复:
O4 - HKLM\..\Run: [CdnCtr] C:\Program Files\CNNIC\Cdn\cdnup.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) - Unknown - %ProgramFiles%\WinPcap\rpcapd.exe (file missing)

谢谢二位!!谢谢!!

cdnup是中文上网，卸载它，同时去反流氓软件板块置顶去看看。

学习学习。