试试在注册表搜索一下C:\WINDOWS\System32\HttpReq.dll或C:\WINDOWS\System32\HttpReq.exe，看看能不能找到有关的内容。
IceSword的“服务”中确实没有隐藏的服务项吗？

服务中确实没有用红字表示的，搜索了一下注册表但是好象什么也没搜到

是这个吗？
HKEY_CLASSES_ROOT
Interface
{ED8C108D-4349-11D2-91A4-00C04F7969E8}

名称是 ab默认
类型是 REG_SZ
数据是 IXMLHTTPRequest

不是……
试试http://forum.ikaka.com/topic.asp?board=28&artid=6979213第11楼下载Autoruns导出日志，记得要先选Options-Hide Microsoft Entries。

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

+ ATIPTAATI Desktop Control PanelATI Technologies, Inc.c:\program files\ati technologies\ati control panel\atiptaxx.exe

+ ExFiltercdnspiec:\program files\cnnic\cdn\cdnspie.dll

+ MINI_BFYY三代科技 版权所有 (C) 2004 - 2005深圳市三代科技开发有限公司d:\program files\ringz studio\storm downloader\stormdownloader.exe

+ PHIME2002ASyncFile not found: ;

+ RavTaskRavTimerBeijing Rising Technology Co., Ltd.c:\program files\rising\rav\ravtask.exe

+ RavTimerFile not found: ;

+ RfwMainRising Personal FireWall Main ProgramBeijing Rising Technology Co., Ltd.c:\program files\rising\rfw\rfwmain.exe

+ snpstd3CameraMonitor MFC Applicationc:\windows\vsnpstd3.exe

+ SysExplrFile not found: ;

+ WinampAgentFile not found: ;

C:\Documents and Settings\Administrator\「开始」菜单\程序\启动

+ Rc:\documents and settings\administrator\「开始」菜单\程序\启动\rsautorunsdisabled

+ 腾讯QQ.lnkQQTENCENTd:\qq\qq.exe

+ 新浪UC.lnkFile not found: C:\Program Files\sina\UC\uc.exe

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad

+ stdupc:\windows\system32\stdup.dll

+ VisionVisionc:\program files\mmsassist\mmsass~1.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks

+ Rising Execute File Exts hookRising Shell Ext ModuleBeijing Rising Technology Co., Ltd.c:\windows\system32\ravext.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved

+ RISINGRising Shell Ext ModuleBeijing Rising Technology Co., Ltd.c:\windows\system32\ravext.dll

HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved

+ Web 文件夹c:\program files\common files\microsoft shared\web folders\msonsext.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

+ AdsHlpObj Classc:\windows\system32\adsobj.dll

+ AdsHlpObj Classc:\windows\system32\adshlp.dll

+ AdsObj2 Classc:\windows\system32\adshlp2.dll

+ CNNIC_IDNCndnIEHelper Modulec:\program files\cnnic\cdn\cdniehlp.dll

+ CpapView Classcpap Modulec:\windows\system32\cacb.dll

+ DragSearch BHODragSearchc:\program files\yahoo!\assistant\assist\ydragsearch.dll

+ internet explorer helperIEHelper Modulec:\windows\system32\mshelper.dll

+ MMSAssist BHOVisionc:\program files\mmsassist\mmsass~1.dll

+ QQBrowserHelperObject ClassQQIEHelper Module深圳市腾讯计算机系统有限公司d:\qq\qqiehelper.dll

+ ThunderIEHelper Classxunleibho BHOThunder Networking Technologies,LTDc:\windows\system32\xunleibho_v13.dll

+ win32core Classwin32desk Modulec:\windows\system32\win32help02.dll

+ 雅虎助手ToolBarYahoo!c:\program files\yahoo!\assistant\assist\yasbar.dll

HKLM\Software\Microsoft\Internet Explorer\Toolbar

+ bitcometbar0.3.dllBitComet Toolbar for IEc:\program files\bitcomet\bitcometbar\bitcometbar0.3.dll

+ kakatool.dllBeijing Rising Technology Co., Ltd.c:\windows\system32\kakatool.dll

+ yasbar.dllToolBarYahoo!c:\program files\yahoo!\assistant\assist\yasbar.dll

HKLM\Software\Microsoft\Internet Explorer\Extensions

+ @shdoclc.dll,-864c:\windows\web\related.htm

+ Yahoo 1G电邮File not found: http://cn.mail.yahoo.com/promo/rd1

+ 浩方对战平台浩方对战平台上海浩方在线信息技术有限公司e:\浩方\hfgame3\gameclient.exe

+ 清理上网记录File not found: http://assistant.3721.com/clean1.htm?fb=Cns

+ 情景聊天File not found: http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/

+ 上网助手File not found: http://assistant.3721.com/index.htm?fb=Cns

+ 腾讯QQQQTENCENTd:\qq\qq.exe

+ 新浪UCFile not found: C:\Program Files\sina\UC\uc.exe

+ 修复浏览器File not found: http://assistant.3721.com/security1.htm?fb=Cns

HKLM\System\CurrentControlSet\Services

+ Ati HotKey Pollerc:\windows\system32\ati2evxx.exe

+ ATI SmartATI Smartc:\windows\system32\ati2sgag.exe

+ RfwServiceRising Personal Firewall ServiceBeijing Rising Technology Co., Ltd.c:\program files\rising\rfw\rfwsrv.exe

+ RsCCenterCCenterBeijing Rising Technology Co., Ltd.c:\program files\rising\rav\ccenter.exe

+ RsRavMonRavMondBeijing Rising Technology Co., Ltd.c:\program files\rising\rav\ravmond.exe

HKLM\System\CurrentControlSet\Services

+ aeaudioAndrea Audio Noise Cancellation DriverAndrea Electronics Corporationc:\windows\system32\drivers\aeaudio.sys

+ ati2mtagATI Radeon Miniport DriverATI Technologies Inc.c:\windows\system32\drivers\ati2mtag.sys

+ BaseTDIbasetdiBeijing Rising Technology Co., Ltd.c:\windows\system32\drivers\basetdi.sys

+ cdnprotcdnprotCNNICc:\windows\system32\drivers\cdnprot.sys

+ EL20003Com 3C2000 NDIS 5.1 Miniport Driver3Com Corporationc:\windows\system32\drivers\el2k_xp.sys

+ ExpScanerExpScan.sysc:\program files\rising\rav\expscan.sys

+ HOOKAPIHOOKAPI Driver瑞星软件有限公司c:\program files\rising\rav\hookapi.sys

+ HookContTDI HOOK DriverRising tech Co. ltdc:\program files\rising\rav\hookcont.sys

+ HookRegc:\program files\rising\rav\hookreg.sys

+ HookSysHooksysRisingc:\program files\rising\rav\hooksys.sys

+ HookUrlHookUrlBeijing Rising Technology Co., Ltd.c:\program files\rising\rfw\hookurl.sys

+ kmsinputc:\windows\system32\drivers\kmsinput.sys

+ MEMSCANMemScan Driver瑞星软件有限公司c:\program files\rising\rav\memscan.sys

+ mProcRsRising Personal FireWall  mprocrs.sysBeijing Rising Technology Co., Ltd.c:\program files\rising\rfw\mprocrs.sys

+ New0c:\windows\system32\new.sys

+ npkcryptFile not found: D:\qq\npkcrypt.sys

+ PtilinkDirect Parallel Link DriverParallel Technologies, Inc.c:\windows\system32\drivers\ptilink.sys

+ RsFwDrvnt_fwdrvBeijing Rising Technology Co., Ltd.c:\program files\rising\rfw\rsfwdrv.sys

+ safemonSystem Safety Monitor 2.0 extension for Windows security layerSystem Safety Limitedc:\windows\system32\drivers\safemon.sys

+ SecdrvSafeDisc driverc:\windows\system32\drivers\secdrv.sys

+ smwdmSoundMAX Integrated Digital Audio Analog Devices, Inc.c:\windows\system32\drivers\smwdm.sys

+ SNPSTD3PC Camera driverc:\windows\system32\drivers\snpstd3.sys

+ st3wolfSCSI miniport c:\windows\system32\drivers\st3wolf.sys

+ stwlfbusPnP BIOS Extension c:\windows\system32\drivers\stwlfbus.sys

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify

+ System Safety MonitorSystem Safety Winlogon NotificationSystem Safety Limitedc:\windows\system32\ssmwinlogonex.dll

+ New0c:\windows\system32\new.sys
这个灰鸽子的作者的确太处心积虑了，不过上次baohe版主找到过一次，这次也逃不掉了。用Autoruns删除这一项，重启后删除c:\windows\system32\new.sys
删除前先把c:\windows\system32\new.sys用winrar压缩打包，加密码virus，然后把压缩包发到我的邮箱yicong2005@163.com，还有baohe版主的邮箱baohelin@yahoo.com.cn。
如果不懂得如何压缩，参考http://forum.ikaka.com/topic.asp?board=28&artid=8056339中我的有关回帖。

删完那个东西之后，重启再导出一份日志来。

还是不行。删除以后重起杀毒又出来了，还是这个！55555555
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

+ ATIPTAATI Desktop Control PanelATI Technologies, Inc.c:\program files\ati technologies\ati control panel\atiptaxx.exe

+ ExFiltercdnspiec:\program files\cnnic\cdn\cdnspie.dll

+ MINI_BFYY三代科技 版权所有 (C) 2004 - 2005深圳市三代科技开发有限公司d:\program files\ringz studio\storm downloader\stormdownloader.exe

+ PHIME2002ASyncFile not found: ;

+ RavTaskRavTimerBeijing Rising Technology Co., Ltd.c:\program files\rising\rav\ravtask.exe

+ RavTimerFile not found: ;

+ RfwMainRising Personal FireWall Main ProgramBeijing Rising Technology Co., Ltd.c:\program files\rising\rfw\rfwmain.exe

+ snpstd3CameraMonitor MFC Applicationc:\windows\vsnpstd3.exe

+ SysExplrFile not found: ;

+ WinampAgentFile not found: ;

C:\Documents and Settings\Administrator\「开始」菜单\程序\启动

+ Rc:\documents and settings\administrator\「开始」菜单\程序\启动\rsautorunsdisabled

+ 腾讯QQ.lnkQQTENCENTd:\qq\qq.exe

+ 新浪UC.lnkFile not found: C:\Program Files\sina\UC\uc.exe

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad

+ stdupc:\windows\system32\stdup.dll

+ VisionVisionc:\program files\mmsassist\mmsass~1.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks

+ Rising Execute File Exts hookRising Shell Ext ModuleBeijing Rising Technology Co., Ltd.c:\windows\system32\ravext.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved

+ RISINGRising Shell Ext ModuleBeijing Rising Technology Co., Ltd.c:\windows\system32\ravext.dll

HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved

+ Web 文件夹c:\program files\common files\microsoft shared\web folders\msonsext.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

+ AdsHlpObj Classc:\windows\system32\adsobj.dll

+ AdsHlpObj Classc:\windows\system32\adshlp.dll

+ AdsObj2 Classc:\windows\system32\adshlp2.dll

+ CNNIC_IDNCndnIEHelper Modulec:\program files\cnnic\cdn\cdniehlp.dll

+ CpapView Classcpap Modulec:\windows\system32\cacb.dll

+ DragSearch BHODragSearchc:\program files\yahoo!\assistant\assist\ydragsearch.dll

+ internet explorer helperIEHelper Modulec:\windows\system32\mshelper.dll

+ MMSAssist BHOVisionc:\program files\mmsassist\mmsass~1.dll

+ QQBrowserHelperObject ClassQQIEHelper Module深圳市腾讯计算机系统有限公司d:\qq\qqiehelper.dll

+ ThunderIEHelper Classxunleibho BHOThunder Networking Technologies,LTDc:\windows\system32\xunleibho_v13.dll

+ win32core Classwin32desk Modulec:\windows\system32\win32help02.dll

+ 雅虎助手ToolBarYahoo!c:\program files\yahoo!\assistant\assist\yasbar.dll

HKLM\Software\Microsoft\Internet Explorer\Toolbar

+ bitcometbar0.3.dllBitComet Toolbar for IEc:\program files\bitcomet\bitcometbar\bitcometbar0.3.dll

+ kakatool.dllBeijing Rising Technology Co., Ltd.c:\windows\system32\kakatool.dll

+ yasbar.dllToolBarYahoo!c:\program files\yahoo!\assistant\assist\yasbar.dll

HKLM\Software\Microsoft\Internet Explorer\Extensions

+ @shdoclc.dll,-864c:\windows\web\related.htm

+ Yahoo 1G电邮File not found: http://cn.mail.yahoo.com/promo/rd1

+ 浩方对战平台浩方对战平台上海浩方在线信息技术有限公司e:\浩方\hfgame3\gameclient.exe

+ 清理上网记录File not found: http://assistant.3721.com/clean1.htm?fb=Cns

+ 情景聊天File not found: http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/

+ 上网助手File not found: http://assistant.3721.com/index.htm?fb=Cns

+ 腾讯QQQQTENCENTd:\qq\qq.exe

+ 新浪UCFile not found: C:\Program Files\sina\UC\uc.exe

+ 修复浏览器File not found: http://assistant.3721.com/security1.htm?fb=Cns

HKLM\System\CurrentControlSet\Services

+ Ati HotKey Pollerc:\windows\system32\ati2evxx.exe

+ ATI SmartATI Smartc:\windows\system32\ati2sgag.exe

+ RfwServiceRising Personal Firewall ServiceBeijing Rising Technology Co., Ltd.c:\program files\rising\rfw\rfwsrv.exe

+ RsCCenterCCenterBeijing Rising Technology Co., Ltd.c:\program files\rising\rav\ccenter.exe

+ RsRavMonRavMondBeijing Rising Technology Co., Ltd.c:\program files\rising\rav\ravmond.exe

HKLM\System\CurrentControlSet\Services

+ aeaudioAndrea Audio Noise Cancellation DriverAndrea Electronics Corporationc:\windows\system32\drivers\aeaudio.sys

+ ati2mtagATI Radeon Miniport DriverATI Technologies Inc.c:\windows\system32\drivers\ati2mtag.sys

+ BaseTDIbasetdiBeijing Rising Technology Co., Ltd.c:\windows\system32\drivers\basetdi.sys

+ cdnprotcdnprotCNNICc:\windows\system32\drivers\cdnprot.sys

+ EL20003Com 3C2000 NDIS 5.1 Miniport Driver3Com Corporationc:\windows\system32\drivers\el2k_xp.sys

+ ExpScanerExpScan.sysc:\program files\rising\rav\expscan.sys

+ HOOKAPIHOOKAPI Driver瑞星软件有限公司c:\program files\rising\rav\hookapi.sys

+ HookContTDI HOOK DriverRising tech Co. ltdc:\program files\rising\rav\hookcont.sys

+ HookRegc:\program files\rising\rav\hookreg.sys

+ HookSysHooksysRisingc:\program files\rising\rav\hooksys.sys

+ HookUrlHookUrlBeijing Rising Technology Co., Ltd.c:\program files\rising\rfw\hookurl.sys

+ kmsinputc:\windows\system32\drivers\kmsinput.sys

+ MEMSCANMemScan Driver瑞星软件有限公司c:\program files\rising\rav\memscan.sys

+ mProcRsRising Personal FireWall  mprocrs.sysBeijing Rising Technology Co., Ltd.c:\program files\rising\rfw\mprocrs.sys

+ npkcryptFile not found: D:\qq\npkcrypt.sys

+ PtilinkDirect Parallel Link DriverParallel Technologies, Inc.c:\windows\system32\drivers\ptilink.sys

+ RsFwDrvnt_fwdrvBeijing Rising Technology Co., Ltd.c:\program files\rising\rfw\rsfwdrv.sys

+ safemonSystem Safety Monitor 2.0 extension for Windows security layerSystem Safety Limitedc:\windows\system32\drivers\safemon.sys

+ SecdrvSafeDisc driverc:\windows\system32\drivers\secdrv.sys

+ smwdmSoundMAX Integrated Digital Audio Analog Devices, Inc.c:\windows\system32\drivers\smwdm.sys

+ SNPSTD3PC Camera driverc:\windows\system32\drivers\snpstd3.sys

+ st3wolfSCSI miniport c:\windows\system32\drivers\st3wolf.sys

+ stwlfbusPnP BIOS Extension c:\windows\system32\drivers\stwlfbus.sys

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify

+ System Safety MonitorSystem Safety Winlogon NotificationSystem Safety Limitedc:\windows\system32\ssmwinlogonex.dll

我要崩溃了！！！！

的确十分罕见……
楼主是一开机瑞星就报毒吗？

http://blog.sina.com.cn/u/1034488164                             
，请下载使用 System Repair Engineer，使用“智能扫描”，按下“扫描”按钮进行扫描,完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），
把保存的报告日志文件内容复制-