瑞星卡卡安全论坛

机子老是自动弹出一个叫100e的什么破网站，怀疑中弹了就用兔子查了一下，结果发现下面的这三个东东，可怎么也清除不掉，在安全模式下也不行，兔子是V7.84个人版的，希望大家帮帮忙

附件: 73121620061011172233.bmp

以下是用SRE扫的日志，麻烦大家帮忙看看
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <Super Rabbit IEPro><; C:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE /LOAD>  [Super Rabbit Soft]
    <msnmsgr><; "C:\Program Files\MSN Messenger\msnmsgr.exe" /background>  [Microsoft Corporation]
    <Internat.exe><Internat.exe>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <Synchronization Manager><mobsync.exe /logon>  [(Verified)Microsoft Corporation]
    <IgfxTray><; C:\WINNT\system32\igfxtray.exe>  [(Verified)Intel Corporation]
    <HotKeysCmds><; C:\WINNT\system32\hkcmd.exe>  [(Verified)Intel Corporation]
    <SoundMan><; SOUNDMAN.EXE>  [Avance Logic, Inc.]
    <SSC_UserPrompt><; C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe>  [(Verified)Symantec Corporation]
    <C:\WINNT\system32\SetupCmd.exe><; C:\WINNT\system32\SetupCmd.exe>  [N/A]
    <Daily><; C:\Program Files\Colorwo\Daily.exe>  [N/A]
    <2292126><; C:\WINNT\system32\2292126.exe>  [N/A]
    <NAV Agent><C:\PROGRA~1\NORTON~1\navapw32.exe>  [(Verified)Symantec Corporation]
    <Symantec NetDriver Monitor><C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer>  [(Verified)Symantec Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINNT\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><(无)>  [N/A]

启动文件夹
[140425]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\140425.lnk --> C:\WINNT\system32\140425.exe [N/A]><H>
[142103]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\142103.lnk --> C:\WINNT\system32\142103.exe [N/A]><H>

==================================
服务
[ASP.NET Work State Service / aspwstate]
  <C:\WINNT\System32\svchost.exe -k aspwstate-->c:\winnt\system32\aspwswin.dll><Microsoft Corporation>
[Logical Disk Manager Administrative Service / dmadmin]
  <C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[MessageServices / MessageServices]
  <C:\WINNT\system32\Svchost.exe -k MessageServices-->C:\WINNT\system32\MsServices\update\svchost.dll><N/A>
[Norton AntiVirus 自动防护服务 / navapsvc]
  <C:\Program Files\Norton AntiVirus\navapsvc.exe><Symantec Corporation>
[NetFrame Wireless Configuration / NFSWZCSVC]
  <C:\WINNT\System32\svchost.exe -k NFSWZCSVC-->c:\winnt\system32\nfswzwin32.dll><Microsoft Corporation>
[Indexing Data / NHLscA]
  <C:\WINNT\SYSTEM32\RUNDLL.EXE C:\WINNT\SYSTEM32\WBEM\SMTPCONFS.DLL,Export 1087><Microsoft Corporation>
[ScriptBlocking Service / SBService]
  <C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe><Symantec Corporation>
[Symantec Network Drivers Service / SNDSrvc]
  <"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"><Symantec Corporation>
[SymWMI Service / SymWSC]
  <"C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe"><Symantec Corporation>
[WMDM PMSP Service / WMDM PMSP Service]
  <C:\WINNT\system32\mspmspsv.exe><Microsoft Corporation>

==================================
驱动程序
[Service for Avance AC97 Audio (WDM) / ALCXWDM]
  <system32\drivers\ALCXWDM.SYS><Avance Logic, Inc.>
[dmboot / dmboot]
  <System32\drivers\dmboot.sys><VERITAS Software Corp.>
[Logical Disk Manager Driver / dmio]
  <\SystemRoot\System32\drivers\dmio.sys><VERITAS Software Corp.>
[dmload / dmload]
  <\SystemRoot\System32\drivers\dmload.sys><VERITAS Software Corp.>
[GMSIPCI / GMSIPCI]
  <\??\H:\INSTALL\GMSIPCI.SYS><N/A>
[ialm / ialm]
  <system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[NAVAP / NAVAP]
  <\??\C:\WINNT\system32\Drivers\NAVAP.SYS><Symantec Corporation>
[NAVENG / NAVENG]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20010912.005\NAVENG.SYS><N/A>
[NAVEX15 / NAVEX15]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20010912.005\NAVEX15.SYS><N/A>
[npkcrypt / npkcrypt]
  <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Realtek RTL8139/810x Family Fast Etnernet NIC NT Driver / rtl8139]
  <system32\DRIVERS\R8139n5.SYS><Realtek Semiconductor Corporation>
[SymEvent / SymEvent]
  <\??\C:\Program Files\Symantec\SYMEVENT.SYS><Symantec Corporation>
[SYMREDRV / SYMREDRV]
  <\SystemRoot\System32\Drivers\SYMREDRV.SYS><Symantec Corporation>
[SYMTDI / SYMTDI]
  <\SystemRoot\System32\Drivers\SYMTDI.SYS><Symantec Corporation>
[Intel(R) Graphics Platform (SoftBIOS) Driver / {6080A529-897E-4629-A488-ABA0C29B635E}]
  <system32\drivers\ialmsbw.sys><Intel Corporation>

==================================
浏览器加载项
[超级兔子上网精灵]
  {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <C:\Program Files\Super Rabbit\MagicSet\haokanbar.dll, Xiang Feng Technology>
[]
  {A9930D97-9CF0-42A0-A10D-4F28836579D5} <C:\PROGRA~1\KuGoo3\KUGOO3~1.OCX, N/A>
[XTTBPos00 Class]
  {BBBE1C1A-89F7-4AF6-ABD1-F8FBCFA47408} <C:\PROGRA~1\EQISOT~1\eqiso.dll, IE Toolbar>
[CNavExtBho Class]
  {BDF3E430-B101-42AD-A544-FADC6B084872} <C:\Program Files\Norton AntiVirus\NavShExt.dll, Symantec Corporation>
[信息检索]
  {CE7C3CF0-98A8-474D-B2B5-1ED7E2E3B004} <C:\WINNT\system32\IEHelper.dll, N/A>
[IEHlpObj Class]
  {EFBCA345-14DC-4640-994E-4AF1DFDEB4FD} <C:\Program Files\Riptide\Plugin\Plugin.dll, >
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, N/A>
[@msdxmLC.dll,-1@2052,电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINNT\system32\msdxm.ocx, Microsoft Corporation>
[&Google]
  {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar1.dll, N/A>
[eqiso Toolbar]
  {B7D3E479-CC68-42B5-A338-938ECE35F419} <C:\Program Files\EqisoToolbar\eqiso.dll, IE Toolbar>
[Norton AntiVirus]
  {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} <C:\Program Files\Norton AntiVirus\NavShExt.dll, Symantec Corporation>
[超级兔子上网精灵]
  {43869BB3-22FD-4F15-9B46-238106BA2F4E} <C:\Program Files\Super Rabbit\MagicSet\haokanbar.dll, Xiang Feng Technology>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINNT\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[&使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[Google 搜索(&G)]
  <res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html, N/A>
[上传到QQ网络硬盘]
  <C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[导出到 Microsoft Excel(&x)]
  <res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
  <C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>

正在运行的进程
[PID: 148][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.00.2195.6601]
[PID: 172][\??\C:\WINNT\system32\csrss.exe]  [Microsoft Corporation, 5.00.2195.6601]
[PID: 192][\??\C:\WINNT\system32\winlogon.exe]  [Microsoft Corporation, 5.00.2195.6997]
    [C:\WINNT\system32\FREEWB.IME]  [Delphi Fan Studio, 5.1]
    [C:\Program Files\freewb\plugin\date.plg]  [, 1, 0, 0, 1]
[PID: 220][C:\WINNT\system32\services.exe]  [Microsoft Corporation, 5.00.2195.7035]
    [C:\WINNT\system32\dmserver.dll]  [VERITAS Software Corp., 2195.6605.297.3]
[PID: 232][C:\WINNT\system32\lsass.exe]  [Microsoft Corporation, 5.00.2195.7011]
[PID: 408][C:\WINNT\system32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 432][C:\WINNT\system32\spoolsv.exe]  [Microsoft Corporation, 5.00.2195.7059]
[PID: 460][C:\WINNT\System32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 476][C:\WINNT\system32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 500][C:\WINNT\system32\Svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
    [c:\winnt\system32\msservices\update\svchost.dll]  [N/A, N/A]
    [c:\winnt\system32\msservices\update\MsService.dll]  [, 1, 0, 0, 1]
    [c:\winnt\system32\msservices\update\unreg1.dll]  [N/A, N/A]
    [c:\winnt\system32\msservices\update\OldUnReg.dll]  [N/A, N/A]
[PID: 520][C:\Program Files\Norton AntiVirus\navapsvc.exe]  [Symantec Corporation, 8.00.6]
[PID: 572][C:\WINNT\System32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 756][C:\WINNT\Explorer.EXE]  [Microsoft Corporation, 5.00.3700.6690]
    [C:\WINNT\system32\FREEWB.IME]  [Delphi Fan Studio, 5.1]
    [C:\Program Files\freewb\plugin\date.plg]  [, 1, 0, 0, 1]
    [C:\WINNT\system32\hccutils.DLL]  [Intel Corporation, 3,0,0,1773]
    [C:\WINNT\system32\igfxres.dll]  [Intel Corporation, 3,0,0,1773]
    [C:\WINNT\system32\igfxsrvc.dll]  [Intel Corporation, 3,0,0,1773]
    [C:\WINNT\system32\IEHelper.dll]  [N/A, 1, 0, 0, 1]
    [C:\Program Files\Common Files\Symantec Shared\Script Blocking\scrauth.dll]  [Symantec Corporation, 1, 1, 0, 126]
    [C:\Program Files\Common Files\Symantec Shared\Script Blocking\ScrBlock.dll]  [Symantec Corporation, 1, 1, 0, 126]
    [C:\Program Files\Norton AntiVirus\NavShExt.dll]  [Symantec Corporation, 8.00.6]
    [C:\PROGRA~1\KuGoo3\KUGOO3~1.OCX]  [N/A, N/A]
    [C:\WINNT\system32\igfxpph.dll]  [Intel Corporation, 3,0,0,1773]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
[PID: 832][C:\PROGRA~1\NORTON~1\navapw32.exe]  [Symantec Corporation, 8.00.6]
    [C:\PROGRA~1\NORTON~1\apwutil.dll]  [Symantec Corporation, 8.00.6]
    [C:\PROGRA~1\NORTON~1\apwcmdnt.dll]  [Symantec Corporation, 8.00.6]
    [C:\WINNT\system32\FREEWB.IME]  [Delphi Fan Studio, 5.1]
    [C:\Program Files\freewb\plugin\date.plg]  [, 1, 0, 0, 1]
    [C:\PROGRA~1\NORTON~1\NAVProxy.dll]  [Symantec Corporation, 8.00.6]
    [C:\WINNT\system32\SYMREDIR.dll]  [Symantec Corporation, 5.5.1.6]
    [C:\PROGRA~1\NORTON~1\DefAlert.dll]  [Symantec Corporation, 8.00.6]
[PID: 864][C:\WINNT\system32\Internat.exe]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\WINNT\system32\FREEWB.IME]  [Delphi Fan Studio, 5.1]
    [C:\Program Files\freewb\plugin\date.plg]  [, 1, 0, 0, 1]
[PID: 932][c:\winnt\system32\wbem\winlogon.exe]  [Microsoft, 1.0.0.0]
    [C:\WINNT\system32\FREEWB.IME]  [Delphi Fan Studio, 5.1]
    [C:\Program Files\freewb\plugin\date.plg]  [, 1, 0, 0, 1]
[PID: 976][C:\WINNT\system32\regsvc.exe]  [Microsoft Corporation, 5.00.2195.6701]
[PID: 1004][C:\WINNT\system32\MSTask.exe]  [Microsoft Corporation, 4.71.2195.6972]
[PID: 1060][C:\WINNT\System32\WBEM\WinMgmt.exe]  [Microsoft Corporation, 1.50.1085.0100]
[PID: 1128][C:\WINNT\system32\mspmspsv.exe]  [Microsoft Corporation, 7.10.00.3059]
[PID: 1144][C:\WINNT\system32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 940][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2800.1106]
    [C:\WINNT\system32\FREEWB.IME]  [Delphi Fan Studio, 5.1]
    [C:\Program Files\freewb\plugin\date.plg]  [, 1, 0, 0, 1]
    [C:\Program Files\Super Rabbit\MagicSet\haokanbar.dll]  [Xiang Feng Technology, 2, 2, 0, 1612]
    [C:\PROGRA~1\KuGoo3\KUGOO3~1.OCX]  [N/A, N/A]
    [C:\PROGRA~1\EQISOT~1\eqiso.dll]  [IE Toolbar, 1, 0, 0, 4]
    [C:\Program Files\Norton AntiVirus\NavShExt.dll]  [Symantec Corporation, 8.00.6]
    [C:\WINNT\system32\IEHelper.dll]  [N/A, 1, 0, 0, 1]
    [C:\Program Files\Riptide\Plugin\Plugin.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Common Files\Symantec Shared\Script Blocking\scrauth.dll]  [Symantec Corporation, 1, 1, 0, 126]
    [C:\Program Files\Common Files\Symantec Shared\Script Blocking\ScrBlock.dll]  [Symantec Corporation, 1, 1, 0, 126]
    [C:\WINNT\system32\Macromed\Flash\Flash8b.ocx]  [Macromedia, Inc., 8,0,24,0]
[PID: 1356][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2800.1106]
    [C:\WINNT\system32\FREEWB.IME]  [Delphi Fan Studio, 5.1]
    [C:\Program Files\freewb\plugin\date.plg]  [, 1, 0, 0, 1]
    [C:\Program Files\Super Rabbit\MagicSet\haokanbar.dll]  [Xiang Feng Technology, 2, 2, 0, 1612]
    [C:\PROGRA~1\KuGoo3\KUGOO3~1.OCX]  [N/A, N/A]
    [C:\PROGRA~1\EQISOT~1\eqiso.dll]  [IE Toolbar, 1, 0, 0, 4]
    [C:\Program Files\Norton AntiVirus\NavShExt.dll]  [Symantec Corporation, 8.00.6]
    [C:\WINNT\system32\IEHelper.dll]  [N/A, 1, 0, 0, 1]
    [C:\Program Files\Riptide\Plugin\Plugin.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Common Files\Symantec Shared\Script Blocking\scrauth.dll]  [Symantec Corporation, 1, 1, 0, 126]
    [C:\Program Files\Common Files\Symantec Shared\Script Blocking\ScrBlock.dll]  [Symantec Corporation, 1, 1, 0, 126]
[PID: 1596][C:\Program Files\Common Files\Symantec Shared\NMain.exe]  [Symantec Corporation, 5.01.02]
    [C:\PROGRA~1\NORTON~1\NAVUI.dll]  [Symantec Corporation, 8.00.6]
    [C:\PROGRA~1\NORTON~1\NAVLnch.dll]  [Symantec Corporation, 8.00.6]
    [C:\WINNT\system32\FREEWB.IME]  [Delphi Fan Studio, 5.1]
    [C:\Program Files\freewb\plugin\date.plg]  [, 1, 0, 0, 1]
    [C:\PROGRA~1\NORTON~1\NAVSTATS.dll]  [Symantec Corporation, 8.00.6]
    [C:\Program Files\Common Files\Symantec Shared\Script Blocking\scrauth.dll]  [Symantec Corporation, 1, 1, 0, 126]
    [C:\PROGRA~1\NORTON~1\NAVOpts.dll]  [Symantec Corporation, 8.00.6]
    [C:\PROGRA~1\NORTON~1\N32EXCLU.DLL]  [Symantec Corporation, 8.00.6]
    [C:\PROGRA~1\NORTON~1\S32NAVO.DLL]  [Symantec Corporation, 5.3.0.182]
    [C:\PROGRA~1\NORTON~1\NAVAPSCR.dll]  [Symantec Corporation, 8.00.6]
    [C:\Program Files\Symantec\LiveUpdate\NetDetectController.DLL]  [Symantec Corporation, 1.64.3.0]
    [C:\Program Files\Common Files\Symantec Shared\LiveReg\IraLsCl2.dll]  [Symantec Corporation, 2.0.6.1314]
    [C:\Program Files\Common Files\Symantec Shared\LiveReg\IraVcLc2.dll]  [Symantec Corporation, 2.0.6.1314]
    [C:\PROGRA~1\NORTON~1\NAVTasks.dll]  [Symantec Corporation, 8.00.6]
    [C:\PROGRA~1\NORTON~1\NAVTskWz.dll]  [Symantec Corporation, 8.00.6]
[PID: 600][C:\Program Files\Symantec\LiveUpdate\LUALL.EXE]  [Symantec Corporation, 1.64.3.0]
    [C:\Program Files\Symantec\LiveUpdate\LuComServerPS.DLL]  [Symantec Corporation, 1.64.3.0]
    [C:\Program Files\Symantec\LiveUpdate\ProductRegCom.DLL]  [Symantec Corporation, 1.64.3.0]
    [C:\WINNT\system32\FREEWB.IME]  [Delphi Fan Studio, 5.1]
    [C:\Program Files\freewb\plugin\date.plg]  [, 1, 0, 0, 1]
[PID: 1488][C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE]  [Symantec Corporation, 1.64.3.0]
    [C:\Program Files\Symantec\LiveUpdate\LuComServerPS.DLL]  [Symantec Corporation, 1.64.3.0]
    [C:\Program Files\Symantec\LiveUpdate\ProductRegCom.DLL]  [Symantec Corporation, 1.64.3.0]
    [C:\PROGRA~1\NORTON~1\NAVLUCBK.dll]  [Symantec Corporation, 8.00.6]
    [C:\Program Files\Common Files\Symantec Shared\LiveReg\IraLsCl2.dll]  [Symantec Corporation, 2.0.6.1314]
    [C:\Program Files\Common Files\Symantec Shared\LiveReg\IraVcLc2.dll]  [Symantec Corporation, 2.0.6.1314]
    [C:\Program Files\Norton AntiVirus\PATCH32I.DLL]  [N/A, N/A]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\SymIDSlu.dll]  [Symantec Corporation, 6.1.1.3]
[PID: 1188][F:\工具\sreng2\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [C:\WINNT\system32\FREEWB.IME]  [Delphi Fan Studio, 5.1]
    [C:\Program Files\freewb\plugin\date.plg]  [, 1, 0, 0, 1]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINNT\hh.exe" %1]
.HLP  Error. [winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

怎么没帮我啊，顶上去希望大家来帮忙，现在还是在不停的自动弹出网页

顶上去

高手帮忙啊，在线等呢啊，沉了顶顶了沉大家一定要帮我啊。

再顶