我的电脑中了毒,60,优化大师等软件用不了,但是用瑞星和卡巴都杀了毒之后,360,优化大师等软件还是用不起来,一点就没了,考虑到是映像劫持,我又重新按照网上写的解决映像劫持的方法进行修复,包括改注册表相关键值的权限等,修复完了之后重启电脑,但还是现象依旧,我又把映像劫持相关键值删除了,还是没用,该怎么办?
用了360自带的修复工具,一点也没了.我不想重装系统啊~
用hijackthis扫描日志如下,请高手帮忙看一下:
HijackThis_zww汉化版扫描日志 V1.99.1
保存于 14:54:03, 日期 2008-2-17
操作系统: Windows XP SP2 (WinNT 5.01.2600)
浏览器: Internet Explorer v7.00 (7.00.6000.16512)
当前运行的进程:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HP1005MC.EXE
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
F:\驱动安装\QQ\QQ.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Documents and Settings\administrator\桌面\HijackThis1991zww.exe
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ThunderBHO - {9030D463-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll
O2 - BHO: Windows Live 登录帮助程序 - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SafeMon Class - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} - F:\驱动安装\360safe4.0\safemon\safemon.dll
O4 - 启动项HKLM\\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [360Safetray] F:\驱动安装\360safe4.0\safemon\360tray.exe /start
O4 - 启动项HKLM\\RunOnce: [Rav] "C:\Program Files\Rising\Rav\Update\Setup.exe" /UPDATE /S /ONCE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe" /background
O9 - 浏览器额外的按钮: 写入日志 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - 浏览器额外的“工具”菜单项: Windows Live Writer 中的“写入日志”(&B) - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0EB487C8-E9AC-43A6-8C4C-083999B0622F} (InfosecCertInstall Class) - https://mybank.icbc.com.cn/icbc/perbank/certInStall.dll
O16 - DPF: {52FF336D-A05D-4A14-A3A1-7B6B4B427F88} (UploadControl Control) - http://st.blog.163.com/bin/UploadControl.cab
O16 - DPF: {5AB9367B-DD7F-411D-A030-DF7DE5E17AAE} (ICBC Security Ctrl) - http://securitycheck.icbc.com.cn/download/NetBankSecurity_cn.cab
O16 - DPF: {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} (AxSubmitControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab
O16 - DPF: {C661F36D-DF85-4EF4-83C7-E107B83D04B1} (WebActivater Control) - http://dl_dir.qq.com/3dshow/3DShowVM.cab
O18 - 列举现有的协议: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - 列举现有的协议: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - 列举现有的协议: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
O23 - NT 服务: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
