在临时文件夹里杀出好多1.exe 2.exe 3.exe....等等,怎么也杀不干净,重启后又出现了..
在C:\WINDOWS\Fonts里也又很多**.DLL的病毒文件杀出来..
好郁闷,网上查到的一些办法都没有什么用..
大大们来帮我看看.
HijackThis_815汉化版扫描日志 V1.99.1
保存于 23:07:22, 日期 2008-1-5
操作系统: Windows XP SP2 (WinNT 5.01.2600)
浏览器: Internet Explorer v6.00 SP2 (6.00.2900.2180)
当前运行的进程:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
d:\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
D:\RISING\RAV\Ravmond.exe
d:\rising\rfw\rfwsrv.exe
d:\rising\rfw\rfwproxy.exe
d:\rising\rfw\rfwstub.exe
C:\WINDOWS\Explorer.EXE
D:\RISING\RAV\RavStub.exe
C:\WINDOWS\system32\spoolsv.exe
d:\rising\rfw\RfwMain.exe
C:\WINDOWS\SOUNDMAN.EXE
D:\rising\KaKaToolBar\runiep.exe
D:\Rising\Rav\RavTask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\nvsvc32.exe
D:\Rising\Rav\Ravmon.exe
d:\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
D:\hijackthis\HijackThis1991zww.exe
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: ThunderIEHelper - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v14.dll
O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - D:\Thunder\ComDlls\TDAtOnce_Now.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - d:\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: DsHelper - {0D42E1BD-09DD-4873-A826-9C7E793EB7B6} - D:\Thunder\Components\ResWorker\DSIeHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\MICROS~1\Office12\GRA8E1~1.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - D:\Thunder\ComDlls\xunleiBHO_Now.dll
O2 - BHO: (no name) - {A9930D97-9CF0-42A0-A10D-4F28836579D5} - D:\KuGoo\KuGoo3DownXControl.ocx
O3 - IE工具栏增项: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\kakatool.dll
O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [runeip] "D:\rising\KaKaToolBar\runiep.exe" /startup
O4 - 启动项HKLM\\Run: [RavTask] "d:\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - IE右键菜单中的新增项目: 使用迅雷下载 - D:\Thunder\Program\GetUrl.htm
O8 - IE右键菜单中的新增项目: 使用迅雷下载全部链接 - D:\Thunder\Program\GetAllUrl.htm
O8 - IE右键菜单中的新增项目: 导出到 Microsoft Excel(&X) - res://D:\MICROS~1\Office12\EXCEL.EXE/3000
O8 - IE右键菜单中的新增项目: 导出到 Microsoft Office Excel(&X) - res://D:\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - D:\Tencent\qq\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用比特精灵下载(&B) - D:\BitSpirit\bsurl.htm
O9 - 浏览器额外的按钮: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - 浏览器额外的“工具”菜单项: Sun Java 控制台 - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - 浏览器额外的按钮: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\Thunder\Thunder.exe
O9 - 浏览器额外的“工具”菜单项: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\Thunder\Thunder.exe
O16 - DPF: {A6FF8D1E-E687-497B-96AC-F5B359663440} (XLecture Control) - http://duiyi.sina.com.cn/lectureview/lectureview.cab
O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
O16 - DPF: {C37FBD87-3AA7-4640-9A8D-19AFC10B15B2} (Netease Chat Control) - http://room.chat.163.com/xchat/chat.cab
O18 - 列举现有的协议: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\MICROS~1\Office12\GR99D3~1.DLL
O18 - 列举现有的协议: KuGoo - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - C:\WINDOWS\system32\KuGoo3DownXControl.ocx
O18 - 列举现有的协议: KuGoo3 - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - C:\WINDOWS\system32\KuGoo3DownXControl.ocx
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - NT 服务: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - NT 服务: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - NT 服务: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - NT 服务: NBService - Nero AG - D:\Nero 7\Nero BackItUp\NBService.exe
O23 - NT 服务: Network Services (NetWorkDown) - Unknown owner - C:\WINDOWS\system32\svchost.scr
O23 - NT 服务: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - NT 服务: Rising Proxy Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - d:\rising\rfw\rfwproxy.exe
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - d:\rising\rfw\rfwsrv.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - d:\Rising\Rav\CCenter.exe
O23 - NT 服务: Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\RISING\RAV\Ravmond.exe
O23 - NT 服务: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - d:\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
[用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Mozilla/4.0(Compatible Mozilla/4.0(Compatible-EmbeddedWB 14.59 http://bsalsa.com/ EmbeddedWB- 14.59 from: http://bsalsa.com/ ; Mozilla/4.0(Compatible Mozilla/4.0EmbeddedWB- 14.59 from: http://bsalsa.com/ ; InfoPath.2; .NET CLR 2.0.50727)
