刚才用"超级兔子'清查木马,查完后提示有一些可疑程序,我就点了清理,清理当中电脑自动重起.
重起后,瑞星防火墙没自动打开,已前都是一开机防火墙就打开了,还有就是打开什么都是
"windows 找不到文件,请确定文件名,是否正确后,再试一次,要搜索文件,请单击 开始 按钮 然后单击搜索.
想扫下日志传上来,可那个也打不开.

楼上的用了你的方法试了但是，无法启动，错误：193：0XC1

还是昨天升级的瑞星，杀了次，哎！~99呀

不行呀,问题是什么也打不开,我把扫描日志的那个文件卸了重装了次,还是打不开.

昨天用瑞星(杀毒前升的级)杀时没提示有毒,今天就是上面说的情况.

运行打开注册表也不行。

有没有人帮帮忙呀!谢谢了

昨天找了下，瑞星的安装盘没看到了，郁闷。还有什么办法吗？各位帮帮忙

今天其怪哈,刚下了个 橙色专杀工具 在安全模式下杀了两次没查出病毒,但重起了下电脑,这个恢复了 windows 找不到文件,请确定文件名,是否正确后,再试一次,要搜索文件,请单击 开始 按钮 然后单击搜索.
敢紧升级了瑞星 杀出一个毒 trojan.dl.agent.kph
但小绿伞还是打不开,一打开就出错.
并扫了下日志上来,麻烦各位帮看看



Logfile of HijackThis v1.99.1
Scan saved at 12:01:42, on 2006-8-11
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\Rundll32.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Rising\Rav\Ravmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\Program Files\Rising\Rav\Ravmond.exe
C:\Program Files\Rising\Rav\RavStub.exe
C:\Program Files\Rising\Rav\Rav.exe
D:\嘟嘟\抓图软件\抓图软件.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Rising\Rav\ravhdbak.exe
D:\临时文件\HijackThis.exe

R3 - URLSearchHook: bho Class - {ED8DFC5C-10EF-45AB-9DC2-0639AFF5A270} - C:\PROGRA~1

\COMMON~1\Wnwb\wnwbio.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program

Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx (file missing)
O2 - BHO: yPhtb - {33BBE430-0E42-4f12-B075-8D21ACB10DCB} - C:\Program Files\Yahoo!

\Assistant\Assist\yphtb.dll
O2 - BHO: Anti Fish - {38928D50-8A48-44C2-945F-D2F23F771410} - C:\Program Files\Yahoo!

\Assistant\Assist\yAngling.dll
O2 - BHO: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!

\ASSIST~1\Assist\yasbar.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - D:\q\QQIEHelper.dll

(file missing)
O2 - BHO: YDragSearch - {62EED7C6-9F02-42f9-B634-98E2899E147B} - C:\PROGRA~1\Yahoo!

\ASSIST~1\Assist\YDRAGS~1.DLL
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - C:\WINDOWS\DOWNLO~1\cnshook.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\MYALBU~1

\FLASHGET\fgiebar.dll
O3 - Toolbar: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!

\ASSIST~1\Assist\yasbar.dll
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32

\msdxm.ocx
O3 - Toolbar: (no name) - {EF72500A-C234-46C4-BF0A-9AA6913DDF34} - (no file)
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef

/Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common

Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [YLive.exe] C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
O4 - HKLM\..\Run: [yassistse] rem "C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe"
O4 - HKLM\..\Run: [CnsMin] Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32
O4 - HKLM\..\Run: [Super Rabbit SRRestore] C:\Program Files\Super

Rabbit\MagicSet\srrest.exe /autosave
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [helper.dll] C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721

\helper.dll,Rundll32
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [sys001] C:\WINDOWS\rundll32.exe
O4 - Startup: 腾讯QQ.lnk = D:\q\QQ.exe
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\q\AddToNetDisk.htm
O8 - Extra context menu item: 使用网际快车下载 - D:\My albums\FLASHGET\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - D:\My

albums\FLASHGET\jc_all.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\q\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\q\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\q\SendMMS.htm
O9 - Extra button: Yahoo 1G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} -

http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail (file missing)
O9 - Extra button: 寻宝乐趣多 - {59BC54A2-56B3-44a0-93E5-432D58746E26} -

http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=taobao (file missing)
O9 - Extra button: 雅虎助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} -

http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -

C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-

00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\q\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} -

D:\q\QQ.EXE
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} -

D:\q\QQIEHelper.dll (file missing)
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6}

- D:\q\QQIEHelper.dll (file missing)
O9 - Extra button: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -

http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg (file missing)
O9 - Extra button: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} -

http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing)
O9 - Extra 'Tools' menuitem: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} -

http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing)
O9 - Extra button: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} -

http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing)
O9 - Extra 'Tools' menuitem: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5} -

http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing)
O11 - Options group: [!CNS]  网络实名
O16 - DPF: _{0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} -

https://www.sz1.cmbchina.com/download/CMBEdit.cab
O16 - DPF: _{5DD731E6-D4F0-11D3-BE3F-00105A6FDA50} - http://origin-

www.ahn.com.cn/aspservice/plugin/myv3.cab
O16 - DPF: _{C8BD9ACB-F7EC-48E6-BB2F-DAADC6789E9A} -

http://211.152.52.102/duba/antiscan/update/OCX/KAVClean.CAB
O16 - DPF: _{DDA166FA-B3EA-4A3B-8EE2-4F552CDEEE81} -

http://211.152.52.102/duba/antitrojan/update/OCX/KATScan.CAB
O16 - DPF: {2BFAA61B-5C83-4865-8281-D8BDBF863061} (PGEdit Class) -

https://www.gnetpg.com/PG_ATL.cab
O16 - DPF: {2EA6D939-4445-43F1-A12B-8CB3DDA8B855} (BlueskyVideo Control) -

http://www.bluesky.cn/download/v2_60.cab
O16 - DPF: {3D8F74EE-8692-4F8F-B8D2-7522E732519E} (WebActivater Control) -

http://game.qq.com/QQGame2.cab
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (CEditCtrl Object) -

https://img.alipay.com/download/1007/aliedit.cab
O16 - DPF: {52DF16E3-6C4F-4B22-8BAF-09263E463B48} - http://zs.kingsoft.com/KOSInit.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base

Module) - http://scan.safety.live.com/resource/download/scanner/wlscbase5059.cab
O16 - DPF: {87CCFDB0-C4BE-4BC2-A78C-9EAA7CF96667} -

http://ps.itv.mop.com/dn/files/vodupdate_1.0.0.9_20060425.cab
O16 - DPF: {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} (AxSubmitControl Class) -

https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab
O16 - DPF: {991481A7-4669-4E15-8C24-100404E1F5CB} (Blueskyvoice Control) -

http://www.bluesky.cn/download/blueskyvoice_60.cab
O16 - DPF: {9BBD100C-E820-4930-9937-E8F3AA40E584} (DFVSScanFile Control) -

http://antivirus3.sunv.com/dfvsolDown/dfvsol.cab
O16 - DPF: {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (Rising Web Scan Object) -

http://download.rising.com.cn/register/pcver/autoupgradepad/Ver2005/OL2005.cab
O16 - DPF: {E787FD25-8D7C-4693-AE67-9406BC6E22DF} (CPasswordEditCtrl Object) -

https://www.tenpay.com/download/qqedit.cab
O16 - DPF: {F138084D-84D7-48CD-BEA8-04772457516E} (VqqSpeedDlProxy Class) -

http://218.85.138.27/vqqsdl1009.cab
O16 - DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} -

http://ps.itv.mop.com/dn/files/pCastCtl_1.0.0.85_20060518.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F983E497-09DB-4D15-AE19-87756CB93082}:

NameServer = 202.96.134.133,202.96.128.68
O21 - SSODL: DelayRun - {5A6F2F95-3191-433B-8533-EB0B596A7BAC} - C:\WINDOWS\System32

\462d3de0.dll
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program

Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. -

C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co.,

Ltd. - c:\program files\rising\rfw\rfwproxy.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Unknown owner -

c:\program files\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising

Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. -

C:\Program Files\Rising\Rav\Ravmond.exe
O23 - Service: Transaction Coordinator (TcSrv) - Unknown owner - C:\WINDOWS\system32

\TcSrv.exe (file missing)

这是打防火墙时出现的

刚查完,27个病毒,都是木马.