瑞星卡卡安全论坛

例如在IE地址栏中录入“www.google.com”
网页显示不出来，地址栏自动变为“http:///%20www.google.com”
访问所有网页都会多出“/%20”这些字符
QQ，MSN等都无法使用，局网中也同样，但如果直接用IP地址访问
如“\\192.168.0.1\e$”又一切正常，PING对方IP地址也正常。
几乎所有的IE修复都用过了，还是不行

启动项目
注册表
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <Synchronization Manager><mobsync.exe /logon>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><D:\WINNT\system32\userinit.exe,>  [Microsoft Corporation]

启动文件夹
服务
[Logical Disk Manager Administrative Service / dmadmin]
  <D:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[InstallDriver Table Manager / IDriverT]
  <"D:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32

\IDriverT.exe"><Macrovision Corporation>

==================================
浏览器加载项
正在运行的进程
[PID: 148][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.00.2195.6601>
[PID: 172][\??\D:\WINNT\system32\csrss.exe]  <Microsoft Corporation><5.00.2195.6601>
[PID: 168][\??\D:\WINNT\system32\winlogon.exe]  <Microsoft Corporation><5.00.2195.6898>
[PID: 220][D:\WINNT\system32\services.exe]  <Microsoft Corporation><5.00.2195.6700>
    [D:\WINNT\system32\dmserver.dll]  <VERITAS Software Corp.><2195.6605.297.3>
[PID: 232][D:\WINNT\system32\lsass.exe]  <Microsoft Corporation><5.00.2195.6902>
[PID: 416][D:\WINNT\system32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 448][D:\WINNT\system32\spoolsv.exe]  <Microsoft Corporation><5.00.2195.7059>
    [D:\WINNT\system32\OLFMNT40.DLL]  <Microsoft Corporation><9.0.98.0105>
    [D:\WINNT\system32\spool\PRTPROCS\W32X86\olfpnt40.dll]  <Microsoft

Corporation><9.0.98.0105>
[PID: 488][D:\WINNT\system32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 528][D:\WINNT\system32\regsvc.exe]  <Microsoft Corporation><5.00.2195.6701>
[PID: 612][D:\WINNT\system32\MSTask.exe]  <Microsoft Corporation><4.71.2195.6704>
[PID: 336][D:\WINNT\System32\WBEM\WinMgmt.exe]  <Microsoft Corporation><1.50.1085.0100>
[PID: 844][D:\WINNT\Explorer.EXE]  <Microsoft Corporation><5.00.3700.6690>
    [D:\Program Files\WinRAR\rarext.dll]  <N/A><N/A>
    [D:\WINNT\system32\MultiLang.dll]  <UFIDA><8, 61, 0, 0>
    [D:\WINNT\system32\ALSNDMGR.CPL]  <Realtek Semiconductor Corp.><2.2.0.38>
    [D:\WINNT\system32\U8SMSConfig.CPL]  <><1, 0, 0, 1>
[PID: 952][D:\Documents and Settings\Administrator\桌面\sreng2\SREng2\SREng.exe] 

<Smallfrogs Studio><2.0.21.505>
    [D:\Documents and Settings\Administrator\桌面\sreng2\SREng2

\Plugins\SREngPluginDemo.SRE]  <Smallfrogs Studio><1, 1, 1, 0>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["D:\WINNT\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================

这是中了木马之后，我尽力修复了一些，但使终没解决，请教下论坛里的各位大大们，辛苦了

日志看不出问题，请把问题再详细描述一下