正在运行的进程
[PID: 1260][D:\WINNT\system32\rundll32.exe]  <Microsoft Corporation><5.00.2134.1>
    [D:\WINNT\system32\ldrt.dll]  <N/A><N/A>
    [D:\WINNT\system32\cdnns.dll]  <N/A><N/A>
    [D:\WINNT\Downloaded Program Files\Iespzv.dll]  <Tencent><4, 0, 9, 90>
[PID: 1356][D:\WINNT\Explorer.EXE]  <Microsoft Corporation><5.00.3700.6690>
    [D:\WINNT\system32\ldrt.dll]  <N/A><N/A>
    [D:\WINNT\system32\pmkjk.dll]  <N/A><N/A>
    [D:\WINNT\system32\Yzgji.dll]  <N/A><N/A>
    [D:\WINNT\Downloaded Program Files\Iespzv.dll]  <Tencent><4, 0, 9, 90>
    [D:\WINNT\Downloaded Program Files\Tjtze.dll]  <Tencent><4, 0, 9, 90>
    [D:\WINNT\system32\RavExt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
    [D:\Program Files\Rising\Rav\RavScrCh.dll]  <><17, 0, 0, 7>
[PID: 1456][D:\WINNT\System32\mdm.exe]  <Microsoft Corporation><6.00.8424>
[PID: 1508][d:\program files\rising\rfw\RfwMain.exe]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 51>
    [d:\program files\rising\rfw\RsGuiLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 23>
    [d:\program files\rising\rfw\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [d:\program files\rising\rfw\PngDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [D:\WINNT\Downloaded Program Files\Iespzv.dll]  <Tencent><4, 0, 9, 90>
[PID: 1588][D:\WINNT\system32\PROMon.exe]  <Intel Corporation><5.3.7.0>
    [D:\WINNT\system32\NMSAPI.DLL]  <Intel Corporation><2.1.9.0>
    [D:\WINNT\System32\NMSSvcPS.DLL]  <Intel Corporation><2.1.9.0>
    [D:\WINNT\Downloaded Program Files\Iespzv.dll]  <Tencent><4, 0, 9, 90>
[PID: 1620][D:\Program Files\Hewlett-Packard\hp deskjet 9300 series\Toolbox\mpm.exe]  <N/A><N/A>
    [D:\Program Files\Hewlett-Packard\hp deskjet 9300 series\Toolbox\HPWGTRE.dll]  <Hewlett-Packard Company><2003.0417.0.0>
    [D:\WINNT\Downloaded Program Files\Iespzv.dll]  <Tencent><4, 0, 9, 90>
[PID: 1636][D:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe]  <Ulead Systems, Inc.><8.0.0.0>
    [D:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\u32Comm.dll]  <Ulead Systems, Inc.><8.0.0.0>
    [D:\WINNT\Downloaded Program Files\Iespzv.dll]  <Tencent><4, 0, 9, 90>
[PID: 1560][D:\WINNT\system32\dla\tfswctrl.exe]  <VERITAS Software, Inc.><1.02.93a>
    [D:\WINNT\system32\tfswapi.dll]  <VERITAS Software, Inc.><1.02.93a>
    [D:\WINNT\system32\dla\tfswcres.dll]  <VERITAS Software, Inc.><1.02.93a>
    [D:\WINNT\Downloaded Program Files\Iespzv.dll]  <Tencent><4, 0, 9, 90>
[PID: 1604][D:\WINNT\SOUNDMAN.EXE]  <Realtek Semiconductor Corp.><5.1.14>
    [D:\WINNT\Downloaded Program Files\Iespzv.dll]  <Tencent><4, 0, 9, 90>
[PID: 1660][D:\Program Files\Ringz Studio\Storm Downloader\StormDownloader.exe]  <深圳市三代科技开发有限公司><1, 1, 0, 4>
    [D:\Program Files\Ringz Studio\Storm Downloader\boost_thread-vc6-mt-1_31.dll]  <N/A><N/A>
    [D:\WINNT\system32\cdnns.dll]  <N/A><N/A>
    [D:\WINNT\Downloaded Program Files\Iespzv.dll]  <Tencent><4, 0, 9, 90>
[PID: 1668][D:\Program Files\Rising\Rav\RavTask.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 22>
    [D:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [D:\Program Files\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [D:\Program Files\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [D:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [D:\WINNT\Downloaded Program Files\Iespzv.dll]  <Tencent><4, 0, 9, 90>
[PID: 1676][D:\Program Files\Common Files\Real\Update_OB\realsched.exe]  <RealNetworks, Inc.><0.1.0.3292>
    [D:\WINNT\Downloaded Program Files\Iespzv.dll]  <Tencent><4, 0, 9, 90>
[PID: 1696][D:\WINNT\system32\rundll32.exe]  <Microsoft Corporation><5.00.2134.1>
    [D:\WINNT\system32\mswap.dll]  <N/A><N/A>
    [D:\WINNT\Downloaded Program Files\Iespzv.dll]  <Tencent><4, 0, 9, 90>
    [D:\WINNT\system32\cdnns.dll]  <N/A><N/A>
[PID: 1724][D:\WINNT\system32\internat.exe]  <Microsoft Corporation><5.00.2920.0000>
    [D:\WINNT\Downloaded Program Files\Iespzv.dll]  <Tencent><4, 0, 9, 90>
[PID: 1744][D:\WINNT\Downloaded Program Files\CONFLICT.17\svhost.exe]  <番茄花园><1.00>
    [D:\WINNT\Downloaded Program Files\Iespzv.dll]  <Tencent><4, 0, 9, 90>
[PID: 1496][D:\Program Files\Internet Explorer\IEXPLORE.EXE]  <Microsoft Corporation><5.00.2920.0000>
    [D:\WINNT\Downloaded Program Files\Iespzv.dll]  <Tencent><4, 0, 9, 90>
    [D:\WINNT\Downloaded Program Files\Tjtze.dll]  <Tencent><4, 0, 9, 90>
    [D:\WINNT\downlo~1\DDTONG~1.DLL]  <北京新浪信息技术有限公司><1, 2, 1, 5>
    [D:\WINNT\downlo~1\ddtinit.dll]  <北京新浪信息技术有限公司><1, 2, 1, 7>
    [D:\WINNT\downlo~1\DDTUpdate.dll]  <北京新浪信息技术有限公司><1, 2, 1, 1>
    [D:\WINNT\system32\cdnns.dll]  <N/A><N/A>
    [D:\Program Files\Rising\Rav\RavScrCh.dll]  <><17, 0, 0, 7>
    [D:\WINNT\system32\Macromed\Flash\FLASH.OCX]  <Macromedia, Inc.><7,0,19,0>
    [D:\WINNT\system32\wbapiex.dll]  <><1, 1, 0, 0>
[PID: 1368][D:\Program Files\Internet Explorer\iexplore.exe]  <Microsoft Corporation><5.00.2920.0000>
    [D:\WINNT\Downloaded Program Files\Iespzv.dll]  <Tencent><4, 0, 9, 90>
    [D:\WINNT\Downloaded Program Files\Tjtze.dll]  <Tencent><4, 0, 9, 90>
    [D:\WINNT\downlo~1\DDTONG~1.DLL]  <北京新浪信息技术有限公司><1, 2, 1, 5>
    [D:\WINNT\downlo~1\ddtinit.dll]  <北京新浪信息技术有限公司><1, 2, 1, 7>
    [D:\WINNT\downlo~1\DDTUpdate.dll]  <北京新浪信息技术有限公司><1, 2, 1, 1>
    [D:\WINNT\system32\cdnns.dll]  <N/A><N/A>
    [D:\Program Files\Rising\Rav\RavScrCh.dll]  <><17, 0, 0, 7>
    [D:\WINNT\system32\Macromed\Flash\FLASH.OCX]  <Macromedia, Inc.><7,0,19,0>
[PID: 1704][D:\Documents and Settings\Administrator\My Documents\苗宇宽\sreng2\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>
    [D:\WINNT\Downloaded Program Files\Iespzv.dll]  <Tencent><4, 0, 9, 90>
    [D:\WINNT\system32\cdnns.dll]  <N/A><N/A>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["D:\WINNT\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

下面的网址是今天又重新出现的：http://www.coupo-ns.com/tau.html
http://www.supercoupon-sales.com/tau.html
http://www.inter-netsales.com/eon.html
http://film.bloven.com/index.htm
http://211.144.143.13/vip.htm
http://www.savi-ngs.com/eon.html
在屏幕的最下边得快捷栏内没有显示，直接出现在屏幕上。有的时候需要点清除健多次才能取消掉。

运行System Repair Engineer，点“启动项目，服务，点“Win32服务应用程序”勾选“隐藏微软服务”选中病毒服务gibgjvw，选择“删除服务”点“设置”选择“否”最后重启
请到www.27814939.ys168.com下载诺顿进程管理器终止所有RUNDLL32.EXE ，windate.exe，vcvw.exe，svchostn.exe，rcf.exe，ntsys32.exe，windrive.exe，ntlogin32.exe，MSschost.exe，Ntsys.exe，ixplorer.exe，wuamngr.exe，svshost.exe，svhost.exe的进程（小技巧，你可以使用诺顿快速的找到进程的目录，自己摸索一下）另，注意判定，如果你知道，就不必修复。另注意，有些病毒会有同样二个以上进程，注意都终止。如果没用就不用终止了。
终止后
运行System Repair Engineer，使用“启动项目，注册表”来删除以下选项。
（如果在注册表里无法识别那一下，可以选中一项后，点“编辑”这样会有很明细的路径）（如果有的话）
D:\WINNT\Downloaded Program Files\CONFLICT.17\svhost.exe> [番茄花园]
C:\WINNT\SYSTEM32\hrtv.exe
windate><windate.exe> []
<Microsoft Sys Manager><sysmgr.exe> []
<Fixnice><vcvw.exe> []
<netservices><svchostn.exe> []
<Rcf Driver><rcf.exe> []
<Configuration><ntsys32.exe> []
<Micrsoft Driver><windrive.exe> []
<Windows NT 32><ntlogin32.exe> []
<Microsoft Windows Hosting><MSschost.exe> []
<System Information Manager><Ntsys.exe> []
<Microsoft Explorer><ixplorer.exe> []
<Win32 Services><wuamngr.exe> []
<Microsoft Synchronization Manager><svshost.exe> []
删除
svshost.exe
wuamngr.exe
ixplorer.exe
Ntsys.exe
MSschost.exe
ntlogin32.exe
windrive.exe
ntsys32.exe
rcf.exe
svchostn.exe
vcvw.exe
sysmgr.exe
windate.exe
\\61.55.43.230
C:\WINNT\SYSTEM32\hrtv.exe
D:\WINNT\Downloaded Program Files\CONFLICT.17
修复后，请重启。
烦再扫份报告粘上来。

请问：
删除
svshost.exe
wuamngr.exe
ixplorer.exe
Ntsys.exe
MSschost.exe
ntlogin32.exe
windrive.exe
ntsys32.exe
rcf.exe
svchostn.exe
vcvw.exe
sysmgr.exe
windate.exe
\\61.55.43.230
C:\WINNT\SYSTEM32\hrtv.exe
D:\WINNT\Downloaded Program Files\CONFLICT.17
在那个位置操作。

你打开诺顿管理器的时候，在右边不是有完整的路径吗
如果进程里没有它们
就只能用系统的搜索来寻找了。

svshost.exe终止进程的时候，提示拒绝访问。
这几天，搞的我头都大了， 我把今天的骚扰网页都记下来了，现在贴上去。还请多多指点。

讨厌的网址
http://www.coupo-ns.com/tau.html
http://www.supercoupon-sales.com/tau.html
http://www.inter-netsales.com/eon.html
http://film.bloven.com/index.htm
http://211.144.143.13/vip.htm
http://www.savi-ngs.com/eon.html
http://www.prem-iumcertificate.com/eon.html
http://www.coupo-ns.com/eon.html
http://www.pr-omoting.com/tau.html
http://www.announceme-nt.com/tau.html
http://www.wild-savings.com/eon.html
http://www.prem-iumcertificate.com/tau.html

你把网页发来，没有用。
请问你的QQ通过悄悄话发给我。

我不会用QQ，和我同一个机子的人会用， 他现在不在。我该做些什么？？？

有点为难你了
这样好了
你看一下这个列表，如果有你熟悉的，你就把它挑出来。
Message><D:\WINNT\Downloaded Program Files\CONFLICT.17\svhost.exe> [番茄花园]
<ntdll.dll><D:\WINNT\Downloaded Program Files\CONFLICT.17\svhost.exe> [番茄花园]
windate><windate.exe> []
Microsoft Sys Manager><sysmgr.exe> []
netservices><svchostn.exe> []
<Rcf Driver><rcf.exe> []
Windows NT 32><ntlogin32.exe
Micrsoft Driver><windrive.exe
<Microsoft Windows Hosting><MSschost.exe
Microsoft Synchronization Manager><svshost.exe>
Microsoft Manager><xXx.exe>
WDqvsst><C:\WINNT\SYSTEM32\Densip.exe
YDTMain.exe><D:\PROGRA~1\YDT\YDTMain.exe>
defender><C:\\defender23.exe> []
<keyboard><C:\\keyboard23.exe> []
<newname><C:\\newname22.exe> []
D:\sck32.exe
ixplorer.exe
<Win32 Services><wuamngr.exe>
<{F2FA09FB-EE7A-46d8-9145-A1EEF7850052}><D:\WINNT\system32\pmkjk.dll> []
<{6A89AAA0-1FFF-4159-ABDB-2FFF21B8A65D}><D:\WINNT\system32\Issrts.dll>
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\pmkjk]
<WinlogonNotify: pmkjk><pmkjk.dll> []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Syncmgr]
<WinlogonNotify: Syncmgr><D:\WINNT\system32\t2r8lc9u1f.dll> []