瑞星查出中了Packer.Win32.Agent.g和Packer.Win32.Agent.f .杀完过几天又有了.在瑞星的病毒疫情实时监测网上总显示我的电脑状况为"警惕",杀完毒也是这样.
电脑速度变慢.而且这几天有两次开机发现瑞星监控的绿伞变成了打开的红伞.(文件监控和邮件监控,恶意行为检测被关闭).升级后又恢复了.但病毒应该还在.而且偶尔会有凤凰卫星电视的窗口出来.
究竟要怎么才能根治?




用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)

日志:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:12:13, on 2008-5-31
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
D:\杀毒软件\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rfw\rfwsrv.exe
C:\Program Files\Rising\Rfw\rfwProxy.exe
C:\Program Files\Rising\Rfw\rfwstub.exe
C:\Program Files\StormII\stormliv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Rising\Rfw\RfwMain.exe
C:\Program Files\Rising\AntiSpyware\runiep.exe
C:\WINDOWS\SOUNDMAN.EXE
D:\杀毒软件\Rising\Rav\RavTask.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Google\Google Pinyin\GooglePinyinDaemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\PPStream\ppsap.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\WINDOWS\system32\shutdown.exe
C:\WINDOWS\system32\spoolsv.exe
D:\Program Files\WebThunder.exe
D:\杀毒软件\RISING\RAV\ravmond.exe
D:\杀毒软件\Rising\Rav\RAVMON.EXE
D:\杀毒软件\RISING\RAV\RavStub.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\HCR\LOCALS~1\Temp\Rar$EX00.609\HijackThis.exe
C:\DOCUME~1\HCR\LOCALS~1\Temp\Rar$EX00.922\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: 超级兔子上网精灵 - {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} - D:\超级兔子\MagicSet\haokanbar.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - Toolbar: 超级兔子上网精灵 - {43869BB3-22FD-4F15-9B46-238106BA2F4E} - D:\超级兔子\MagicSet\haokanbar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [Mysee Alert] "C:\Program Files\GAOV\Mysee Alert\Mysee Alert.exe" -notray
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [runeip] C:\Program Files\Rising\AntiSpyware\runiep.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RavTask] "D:\杀毒软件\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Super Rabbit SRRestore] D:\超级兔子\MagicSet\srrest.exe /autosave
O4 - HKLM\..\Run: [Super Rabbit SafeEdit] D:\超级兔子\MagicSet\SRFC.EXE /Load
O4 - HKLM\..\Run: [WangWang] "C:\Program Files\淘宝网\淘宝旺旺\WangWang\WangWang.EXE"
O4 - HKLM\..\Run: [Google IME Autoupdater] "C:\Program Files\Google\Google Pinyin\GooglePinyinDaemon.exe"
O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [System Boot Check] C:\WINDOWS\system32\sysload3.exe
O4 - HKCU\..\Run: [acdseemc.exe] C:\Program Files\Common Files\ACD Systems\ACDSeeMC.EXE
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [PPS Accelerator] C:\Program Files\PPStream\ppsap.exe
O4 - HKLM\..\Policies\Explorer\Run: [wk] C:\WINDOWS\9cai84d.exe
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: 腾讯QQ.lnk = D:\Downloads\QQ.exe
O4 - Startup: QQ游戏启动加速程序.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WNSO.lnk = C:\Program Files\Common Files\RGGZS\WNSO.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: &使用快车(FlashGet)下载 - C:\Program Files\FlashGet Network\Flashget\ComDlls\Bholink.htm
O8 - Extra context menu item: &使用快车(FlashGet)下载全部链接 - C:\Program Files\FlashGet Network\Flashget\ComDlls\Bhoall.htm
O8 - Extra context menu item: 使用KuGoo3下载(&K) - F:\Program Files\KuGoo3\KuGoo3DownX.htm
O8 - Extra context menu item: 使用WEB迅雷下载 - D:\Program Files\GetUrl.htm
O8 - Extra context menu item: 使用WEB迅雷下载全部链接 - D:\Program Files\GetAllUrl.htm
O8 - Extra context menu item: 使用脱兔下载 - E:\脱兔下载\Tuotu\TT_one.htm
O8 - Extra context menu item: 使用脱兔下载全部链接 - E:\脱兔下载\Tuotu\TT_all.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\Downloads\AddEmotion.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java 控制台 - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (file missing)
O9 - Extra button: 新浪UC - {2253922F-1B26-4C74-8B57-E3AEE748DBB8} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: 启动WEB迅雷 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - http://my.xunlei.com (file missing)
O9 - Extra 'Tools' menuitem: 启动WEB迅雷 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - http://my.xunlei.com (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: http://*.rising.com.cn
O16 - DPF: _{53AF6E02-F18F-4228-AC13-3E79773FBE50} - http://download.mysee.com/plugin/booter.cab
O16 - DPF: {05C1004E-2596-48E5-8E26-39362985EEB9} (MMCPlayer Class) - http://p3p.sogou.com/MMCShell.cab
O16 - DPF: {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} (Edit Class) - https://www.sz1.cmbchina.com/download/CMBEdit.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www4.kachayu.com/SnapfishActivia.cab
O16 - DPF: {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} (AxSubmitControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab
O16 - DPF: {9C3C2C08-C494-4F52-AE94-85156A447D43} (PhotosCtrl Class) - http://photos.i.cn.yahoo.com/yphotoseasy.cab
O16 - DPF: {F138084D-84D7-48CD-BEA8-04772457516E} - http://59.36.97.38/jsxz/vqqsdl1009.cab
O18 - Protocol: KuGoo - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - C:\WINDOWS\system32\KuGoo3DownXControl.ocx
O18 - Protocol: KuGoo3 - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - C:\WINDOWS\system32\KuGoo3DownXControl.ocx
O23 - Service: Contrl Center of Storm Media (ccosm) - 北京暴风网际科技有限公司 - C:\Program Files\StormII\stormliv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rfw\rfwProxy.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - D:\杀毒软件\Rising\Rav\CCenter.exe
O23 - Service: Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\杀毒软件\RISING\RAV\Ravmond.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O24 - Desktop Component 0: (no name) -

--
End of file - 8389 bytes

帮帮忙! 又在安全模式下杀了一次毒.还是没杀出什么来..可是监控网还是显示"警惕"!