我的任务管理起也打不开了,昨天杀了22个病毒,而且现在不知道什么东西在疯狂改我的注册表~~大侠帮指点下谢谢
Logfile of HijackThis v1.99.1
Scan saved at 7:51:52, on 2006-8-31
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
E:\新建文件夹 (4)\Rising\Rav\CCenter.exe
D:\WINDOWS\System32\svchost.exe
E:\新建文件夹 (4)\Rising\Rav\Ravmond.exe
D:\WINDOWS\system32\spoolsv.exe
E:\新建文件夹 (4)\Rising\Rav\RavStub.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\wscntfy.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
D:\WINDOWS\system32\RunDll32.exe
E:\新建文件夹 (4)\Rising\Rav\RavTask.exe
E:\新建文件夹 (4)\Rising\Rav\Ravmon.exe
E:\下载工具\讯雷wed版\WebThunder.exe
D:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\WINDOWS\system32\rundll32.exe
D:\WINDOWS\system32\conime.exe
E:\新建文件夹 (4)\Rising\Rav\Rav.exe
E:\新建文件夹 (4)\Rising\Rav\RsAgent.exe
D:\WINDOWS\msagent\AgentSvr.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
H:\新建文件夹 (6)\hijackthis\HijackThis.exe

O1 - Hosts: localhost 127.0.0.1
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - D:\WINDOWS\system32\kakatool.dll
O3 - Toolbar: SearchToolbar - {08BEC6AA-49FC-4379-3587-4B21E286C19E} - D:\WINDOWS\system32\{17AA294F-DD86-4458-95F4-A2DAE6B64836}.dll (file missing)
O4 - HKLM\..\Run: [IMJPMIG8.1] "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ATIPTA] D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [RavTask] "E:\新建文件夹 (4)\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [WebThunder] E:\下载工具\讯雷wed版\WebThunder.exe
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [System] D:\WINDOWS\system32\kernels8.exe
O4 - HKLM\..\Run: [pjhyiui.dll] D:\WINDOWS\system32\rundll32.exe D:\WINDOWS\system32\pjhyiui.dll,adtvxag
O4 - HKLM\..\Run: [dmpns.exe] D:\WINDOWS\system32\dmpns.exe
O4 - HKLM\..\Run: [dmfgm.exe] D:\WINDOWS\system32\dmfgm.exe
O4 - HKLM\..\Run: [dmonc.exe] D:\WINDOWS\system32\dmonc.exe
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [KillAndClean] "D:\Program Files\KillAndClean\KillAndClean.exe"
O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe
O4 - HKCU\..\Run: [taskdir] D:\WINDOWS\system32\taskdir.exe
O8 - Extra context menu item: &使用迅雷下载 - E:\下载工具\Program\GetUrl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - E:\下载工具\Program\GetAllUrl.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - F:\qq\AddToNetDisk.htm
O8 - Extra context menu item: 使用Web迅雷下载 - E:\下载工具\讯雷wed版\GetUrl.htm
O8 - Extra context menu item: 使用Web迅雷下载全部链接 - E:\下载工具\讯雷wed版\GetAllUrl.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - F:\qq\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - F:\qq\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - F:\qq\SendMMS.htm
O9 - Extra button: 启动迅雷 - {0062C9BD-B349-40DE-91A0-755F37ACD559} - E:\下载工具\Thunder.exe
O9 - Extra 'Tools' menuitem: 启动迅雷 - {0062C9BD-B349-40DE-91A0-755F37ACD559} - E:\下载工具\Thunder.exe
O9 - Extra button: Yahoo 3.5G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail (file missing)
O9 - Extra button: 启动Web迅雷 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - http://my.xunlei.com (file missing)
O9 - Extra 'Tools' menuitem: 启动Web迅雷 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - http://my.xunlei.com (file missing)
O9 - Extra button: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing)
O9 - Extra 'Tools' menuitem: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing)
O9 - Extra button: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing)
O9 - Extra 'Tools' menuitem: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {2BFAA61B-5C83-4865-8281-D8BDBF863061} - https://www.gnetpg.com/PlugIn/PG_ATL.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (Rising Web Scan Object) - http://download.rising.com.cn/register/pcver/autoupgradepad/pcver2006new/OL2006.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{EF3814EE-FF0F-459C-8C01-63AEF9F106C0}: NameServer = 85.255.113.139,85.255.112.125
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.113.139 85.255.112.125
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.139 85.255.112.125
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.113.139 85.255.112.125
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL (file missing)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - E:\新建文件夹 (4)\Rising\Rav\CCenter.exe
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - E:\新建文件夹 (4)\Rising\Rav\Ravmond.exe

修复
O4 - HKLM\..\Run: [System] D:\WINDOWS\system32\kernels8.exe
O4 - HKLM\..\Run: [pjhyiui.dll] D:\WINDOWS\system32\rundll32.exe D:\WINDOWS\system32\pjhyiui.dll,adtvxag
O4 - HKLM\..\Run: [dmpns.exe] D:\WINDOWS\system32\dmpns.exe
O4 - HKLM\..\Run: [dmfgm.exe] D:\WINDOWS\system32\dmfgm.exe
O4 - HKLM\..\Run: [dmonc.exe] D:\WINDOWS\system32\dmonc.exe
O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe
O4 - HKCU\..\Run: [taskdir] D:\WINDOWS\system32\taskdir.exe
删除
D:\WINDOWS\system32\kernels8.exe
D:\WINDOWS\system32\pjhyiui.dll
D:\WINDOWS\system32\dmpns.exe
D:\WINDOWS\system32\dmfgm.exe
D:\WINDOWS\system32\dmonc.exe
C:\Windows\xpupdate.exe
D:\WINDOWS\system32\taskdir.exe

谢谢

修复
O1 - Hosts: localhost 127.0.0.1
O3 - Toolbar: SearchToolbar - {08BEC6AA-49FC-4379-3587-4B21E286C19E} - D:\WINDOWS\system32\{17AA294F-DD86-4458-95F4-A2DAE6B64836}.dll (file missing)

删除
D:\WINDOWS\system32\kernels8.exe
D:\WINDOWS\system32\pjhyiui.dll
D:\WINDOWS\system32\dmpns.exe(建议)
D:\WINDOWS\system32\dmfgm.exe(建议)
D:\WINDOWS\system32\dmonc.exe(建议)
C:\Windows\xpupdate.exe
D:\WINDOWS\system32\taskdir.exe

取消启动
O4 - HKLM\..\Run: [pjhyiui.dll] D:\WINDOWS\system32\rundll32.exe D:\WINDOWS\system32\pjhyiui.dll,adtvxag
O4 - HKLM\..\Run: [dmpns.exe] D:\WINDOWS\system32\dmpns.exe
O4 - HKLM\..\Run: [dmfgm.exe] D:\WINDOWS\system32\dmfgm.exe
O4 - HKLM\..\Run: [dmonc.exe] D:\WINDOWS\system32\dmonc.exe
O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe
O4 - HKCU\..\Run: [taskdir] D:\WINDOWS\system32\taskdir.exe
O4 - HKLM\..\Run: [System] D:\WINDOWS\system32\kernels8.exe