电脑反应速度极慢,每个文件夹里都有Recycled文件删不了,请高手指点如何把解决这个病毒
Logfile of HijackThis v1.99.1
Scan saved at 0:14:00, on 2010-4-16
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\RavMonD.exe
C:\WINDOWS\System32\svchost.exe
E:\360\安装于此\360safe\deepscan\zhudongfangyu.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
E:\360\安装于此\360safe\safemon\360Tray.exe
C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDCertM_CCB.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Rising\Rav\RsTray.exe
E:\浙江理工图书馆文献浏览器\AdbeRdr810\安装于此\Reader\Reader_sl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
F:\pptream\安装于此\PPStream\ppsap.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
F:\暴风影映\安装于此\stormliv.exe
C:\WINDOWS\system32\GP_CLT_Service.exe
C:\WINDOWS\system32\GP_CLT.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDKeyMonitorCCB.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\WINDOWS\system32\wuauclt.exe
E:\日志hijackthis\HijackThis.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [360Safetray] "E:\360\安装于此\360safe\safemon\360Tray.exe" /start
O4 - HKLM\..\Run: [wdcertm_ccb] C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDCertM_CCB.exe
O4 - HKLM\..\Run: [WZBANKmgr] control.exe "C:\WINDOWS\system32\et199aCSP_WZBANK.dll"
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE USB PC Camera 301P
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [RavTray] "C:\Program Files\Rising\Rav\RsTray.exe" -system
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\浙江理工图书馆文献浏览器\AdbeRdr810\安装于此\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PPS Accelerator] F:\pptream\安装于此\PPStream\ppsap.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: 使用迅雷下载 - E:\迅雷\安装于此\Program\GetUrl.htm
O8 - Extra context menu item: 使用迅雷下载全部链接 - E:\迅雷\安装于此\Program\GetAllUrl.htm
O8 - Extra context menu item: 添加到QQ表情 - E:\QQ\安装于此\Bin\AddEmotion.htm
O9 - Extra button: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - E:\迅雷\安装于此\Thunder.exe
O9 - Extra 'Tools' menuitem: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - E:\迅雷\安装于此\Thunder.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone:
http://www.wzbank.cnO15 - Trusted Zone:
http://ebank.wzcb.com.cnO15 - Trusted Zone:
http://www.wzbank.com.cnO15 - Trusted Zone:
http://software.kuaiche.comO15 - Trusted Zone:
http://ebank.wzbank.cnO15 - Trusted Zone: easyabc.95599.cn (HKLM)
O15 - Trusted Zone:
www.95599.cn (HKLM)
O15 - Trusted Zone: ebank.95599.sh.cn (HKLM)
O15 - Trusted Zone:
www.95599.sh.cn (HKLM)
O15 - Trusted Zone:
www.abchina.com (HKLM)
O16 - DPF: {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} (AxSubmitControl Class) -
https://vip.icbc.com.cn/icbc/newperbank/AxSafeControls.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{B6D06F18-6A05-4165-AF92-0FC7D5E98878}: NameServer = 61.153.177.196 61.153.177.197
O18 - Protocol: mbox - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: mboxflash - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O23 - Service: Contrl Center of Storm Media (ccosm) - 北京暴风网际科技有限公司 - F:\暴风影映\安装于此\stormliv.exe
O23 - Service: GP_CLT_Service - Unknown owner - C:\WINDOWS\system32\GP_CLT_Service.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: WinFast(R) Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Rav Service (RsRavMon) - Beijing Rising Information Technology Co., Ltd. - C:\Program Files\Rising\Rav\RavMonD.exe
O23 - Service: WatchData ccb V3.2 (WDMonitorCCB) - Beijing WatchData System Co., Ltd. - C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDKeyMonitorCCB.exe
O23 - Service: 主动防御 (ZhuDongFangYu) - 360.cn - E:\360\安装于此\360safe\deepscan\zhudongfangyu.exe
用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
