用SREng检测有毒，不知如何处理这两个文件，请大家指点。

这些日子病毒在网上恣意破坏，请朋友们多加注意。

中间那个没看到不能判断
但第一个＆最后一个是正常的,请放心

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\shellExecuteHooks

中间这个肯定不正常，不能修改。给出这些条件，可以吗？

真挚的感谢！

请贴日志上来,没日志我判断不了...

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\windows\system32\ctfmon.exe>  [Microsoft Corporation]
    <ET Messenger><; ; "F:\Program Files\ET Messenger\msg.exe" -boot>  []
    <KuGoo3><; ; "F:\Program Files\KuGoo\kugoo.exe">  []
    <Kuro_M3><; ; "C:\Program Files\Xplus\XplusWait.exe" /min>  []
    <MSMSGS><; ; "C:\Program Files\Messenger\msmsgs.exe" /background>  []
    <Skype><; ; "f:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized>  []
    <Xplus><; ; "C:\Program Files\Xplus\XplusWait.exe" /min>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <SunJavaUpdateSched><C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe>  [Sun Microsystems, Inc.]
    <BluetoothAuthenticationAgent><rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent>  [Microsoft Corporation]
    <aBitCool><; f:\Program Files\aBitCool\aBitCool.exe>  [TODO: <Company name>]
    <DAEMON Tools-1033><; "F:\Program Files\D-Tools\daemon.exe"  -lang 1033>  [DAEMON'S HOME]
    <DeviceDiscovery><; C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe>  [Hewlett-Packard]
    <ExFilter><; Rundll32.exe "C:\PROGRA~1\CNNIC\Cdn\cdnspie.dll,ExecFilter solo">  []
    <HP Component Manager><; "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe">  [Hewlett-Packard Company]
    <HP Software Update><; "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe">  [Hewlett-Packard]
    <HPDJ Taskbar Utility><; C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe>  [HP]
    <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [Microsoft Corporation]
    <KernelFaultCheck><; %systemroot%\system32\dumprep 0 -k>  []
    <McAfeeUpdaterUI><; "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey>  [Network Associates, Inc.]
    <MemoryIdle><; F:\Program Files\完美卸载XP\Memory Booster.exe -PowerOn>  []
    <MoveSearch><; C:\Program Files\wsearch\Search.exe>  []
    <ms><; C:\Program Files\Microsoft\svhost32.exe>  []
    <NMGameX_AutoRun><; C:\WINDOWS\system32\Rundll32.exe NMGameX.dll,LiveProcess /aa>  [NMGameX]
    <UserFaultCheck><; %systemroot%\system32\dumprep 0 -u>  []
    <zt><; C:\Program Files\Intel\svhost32.exe>  []
    <_rx><; C:\windows\command\rundll32.exe>  []
    <17lelestart><; ; C:\Program Files\VisionNet\17lele\system\play.exe 17LELEMIN>  []
    <Network Associates Error Reporting Service><; ; "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe">  []
    <NWEReboot><; ; >  []
    <PHIME2002A><; ; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [Microsoft Corporation]
    <PHIME2002ASync><; ; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [Microsoft Corporation]
    <POPO2004><; ; F:\Program Files\Netease\popo2004\Start.exe>  []
    <ProxyThorn><; ; F:\Program Files\ProxyThorn\ProxyThorn.exe>  []
    <qqav><; ; D:\Program Files\qq\qqav2004.exe>  []
    <snpstd3><; ; C:\windows\vsnpstd3.exe>  []
    <StormCodec_Helper><; ; "f:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  []
    <TkBellExe><; ; "f:\Program Files\Real Alternative\Update_OB\realsched.exe" -osboot>  []
    <vptray><; ; \vptray.exe>  []
    <YLive.exe><; ; C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe>  []
    <YOKAssiant><; ; Rundll32.exe C:\PROGRA~1\YOK.com\SUPERS~1\YOK_SuperSearch.dll,YOKAssiant>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><APIHookDll.dll>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{08315C1A-9BA9-4B7C-A432-26885F78DF28}><C:\Program Files\Common Files\Microsoft Shared\MSINFO\rejoi.vxd>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
    <WinlogonNotify: NavLogon><C:\WINDOWS\system32\NavLogon.dll>  []

启动文件夹
[McAfee Desktop Firewall 任务栏]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\McAfee Desktop Firewall 任务栏.lnk><N>
[金山词霸 2003]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\金山词霸 2003.lnk><N>

==================================
服务
[System Event Logger / BKMARKS]
  <C:\WINDOWS\SYSTEM32\RUNDLL32.EXE C:\WINDOWS\SYSTEM32\WBEM\IRJIT.DLL,Export 1087><N/A>
[DefWatch / DefWatch]
  <C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe><Symantec Corporation>
[McAfee Desktop Firewall Service / FireSvc]
  <f:\PROGRA~1\NETWOR~1\MCAFEE~1\FireSvc.exe><Networks Associates Technology, Inc.>
[McAfee Framework 服务 / McAfeeFramework]
  <C:\Program Files\Network Associates\Common Framework\FrameworkService.exe /ServiceStart><Network Associates, Inc.>
[Symantec AntiVirus Client / Norton AntiVirus Server]
  <C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe><Symantec Corporation>

==================================
浏览器加载项
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\windows\system32\xunleibho_v4.dll, >
[HelperObject Class]
  {00C6482D-C502-44C8-8409-FCE54AD9C208} <F:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll, TechSmith Corporation>
[QuickBtn]
  {1A199C20-DE2B-4838-AE3F-B5257ECE2B7E} <C:\Program Files\CoolWebsite\QuickLink.dll, N/A>
[IExpress]
  {27E96DE0-8211-42CF-9A1E-FA6246A95B77} <C:\windows\system32\iexpress.dll, N/A>
[NewWebController Class]
  {9ACEEE30-143F-471A-AA45-72B061FE7D60} <C:\WINDOWS\system32\AdvSC.dll, N/A>
[WinSC Class]
  {9ACEEE31-1440-471B-AA46-72B061FE7D61} <C:\WINDOWS\system32\WinSC64.dll, N/A>
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <F:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft>
[]
  {A9930D97-9CF0-42A0-A10D-4F28836579D5} <F:\PROGRA~1\KuGoo\KUGOO3~1.OCX, N/A>
[]
  {B3ECCAC9-C7FA-462C-894B-8E9930A70E14} <F:\PROGRA~1\KuGoo\IEHELP~1.DLL, N/A>
[shdocvwhlp Class]
  {BE442802-3911-46E0-B227-076B15A4EAD3} <C:\windows\system32\mssnmp16.dll, MicroCropration>
[IEHlprObj Class]
  {C5E5DB7E-46B1-47E6-8447-2E517F269925} <C:\Program Files\Xplus\GETIE.dll, N/A>
[Infofo 工具栏]
  {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} <C:\Program Files\Infofo Bar\infofobar.dll, 珊瑚虫工作室 泰格工作室>
[DuiSo.com Search]
  {E2218499-2FD4-4EED-A94A-7F0B9C6E300E} <C:\WINDOWS\system32\Inte32.dll, N/A>
[Java Plug-in 1.5.0_02]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll, Sun Microsystems, Inc.>
[QuickBtn]
  {1D901067-2529-4A9B-9B6B-7A1DB3A44CB5} <C:\Program Files\CoolWebsite\QuickLink.dll, N/A>
[Yahoo 1G电邮]
  {507F9113-CD77-4866-BA92-0E86DA3D0B97} <http://cn.mail.yahoo.com/promo/rd1, N/A>
[Infofo 工具栏]
  {8507326C-B5C1-4559-BB91-0919E753836F} <C:\Program Files\Infofo Bar\infofobar.dll, 珊瑚虫工作室 泰格工作室>
[金山词霸]
  {9A687CA6-D585-4947-9ED9-BE96071F5CD9} <C:\PROGRA~1\Kingsoft\POWERW~1\XDictExB.dll, 金山软件股份有限公司>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <F:\Program Files\QQ2004\QQ.EXE, N/A>
[精彩游戏]
  {D1EDDE84-E67E-4ccd-B28E-73AD3B71A7C9} <http://bars.duole8.com/, N/A>
[FlashGet]
  {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <F:\PROGRA~1\FLASHGET\flashget.exe, Amaze Soft>
[易趣购物]
  {DE607144-AC19-424e-865A-5D70ABDF119A} <http://click2.ad4all.net/url2/urlmanage/url.asp?id=5, N/A>
[Sothink SWF Catcher]
  {E19ADC6E-3909-43E4-9A89-B7B676377EE3} <, N/A>
[情景聊天]
  {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/, N/A>
[Messenger]

{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[博采]
  {4DA2EE61-6399-4C39-AEB9-0D990E610D29} <C:\WINDOWS\system32\BOCAIT~1.DLL, N/A>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <F:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[CyberArticle Express]
  {769A6A36-ED24-4376-BC7C-80225BF35698} <f:\Program Files\CyberArticle\CAExp.dll, shijun.com>
[完美网译通]
  {F43BD772-ABDD-43b7-A96A-3E9E61946EC0} <C:\WINDOWS\WORLD2\TOOLBAR\hmtoolbar.dll, 北京完美时空有限公司>
[SnagIt]
  {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} <F:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll, TechSmith Corporation>
[Infofo 工具栏]
  {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} <C:\Program Files\Infofo Bar\infofobar.dll, 珊瑚虫工作室 泰格工作室>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\windows\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\windows\system32\xunleibho_v4.dll, >
[HelperObject Class]
  {00C6482D-C502-44C8-8409-FCE54AD9C208} <F:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll, TechSmith Corporation>
[QuickTime Object]
  {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} <f:\Program Files\Ringz Studio\Storm Codec\QTSystem\QTPlugin.ocx, Apple Computer, Inc.>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <f:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx, >
[Web Browser Applet Control]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\windows\system32\Msjava.dll, Microsoft Corporation>
[QuickBtn]
  {1A199C20-DE2B-4838-AE3F-B5257ECE2B7E} <C:\Program Files\CoolWebsite\QuickLink.dll, N/A>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\Mshtml.dll, N/A>
[IExpress]
  {27E96DE0-8211-42CF-9A1E-FA6246A95B77} <C:\windows\system32\iexpress.dll, N/A>
[Tabular Data Control]
  {333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\System32\tdc.ocx, Microsoft Corporation>
[HHCtrl Object]
  {41B23C28-488E-4E5C-ACE2-BB0BBABE99E8} <C:\windows\system32\HHCTRL.OCX, Microsoft Corporation>
[博采]
  {4DA2EE61-6399-4C39-AEB9-0D990E610D29} <C:\WINDOWS\system32\BOCAIT~1.DLL, N/A>
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\windows\system32\HHCTRL.OCX, Microsoft Corporation>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\System32\shdocvw.dll, N/A>
[DownloadValue Class]
  {616D4040-5712-4F0F-BCF1-5C6420A99E14} <C:\windows\system32\winhtp.dll, N/A>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[CyberArticle Express]
  {769A6A36-ED24-4376-BC7C-80225BF35698} <f:\Program Files\CyberArticle\CAExp.dll, shijun.com>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\System32\shdocvw.dll, Microsoft Corporation>
[SnagIt]
  {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} <F:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll, TechSmith Corporation>
[NewWebController Class]
  {9ACEEE30-143F-471A-AA45-72B061FE7D60} <C:\WINDOWS\system32\AdvSC.dll, N/A>
[WinSC Class]
  {9ACEEE31-1440-471B-AA46-72B061FE7D61} <C:\WINDOWS\system32\WinSC64.dll, N/A>
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <F:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft>
[]
  {A9930D97-9CF0-42A0-A10D-4F28836579D5} <F:\PROGRA~1\KuGoo\KUGOO3~1.OCX, N/A>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\windows\system32\Mshtml.dll, Microsoft Corporation>
[]
  {B3ECCAC9-C7FA-462C-894B-8E9930A70E14} <F:\PROGRA~1\KuGoo\IEHELP~1.DLL, N/A>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\System32\shdocvw.dll, N/A>
[OWSBrowserUI Class]
  {BDEADE43-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MICROS~2\Office\OWS.DLL, N/A>
[OWSMiscApis Class]
  {BDEADE44-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MICROS~2\Office\OWS.DLL, N/A>
[OWSDiscussionServers Class]
  {BDEADE4E-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MICROS~2\Office\OWS.DLL, N/A>
[shdocvwhlp Class]
  {BE442802-3911-46E0-B227-076B15A4EAD3} <C:\windows\system32\mssnmp16.dll, MicroCropration>
[IEHlprObj Class]
  {C5E5DB7E-46B1-47E6-8447-2E517F269925} <C:\Program Files\Xplus\GETIE.dll, N/A>
[NMGameX Class]
  {CD1A82F2-3770-4509-8355-0D2F45158F21} <C:\WINDOWS\system32\NMGameX.dll, NMGameX>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__AVI Moniker Class]
  {CD3AFA88-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
  {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\windows\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[Infofo 工具栏]
  {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} <C:\Program Files\Infofo Bar\infofobar.dll, 珊瑚虫工作室 泰格工作室>
[NMChatX Control]
  {D7F0CC2E-FB09-4B38-B9A7-6807CBCD4859} <C:\WINDOWS\system32\NMChatX.ocx, Netmarble>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <F:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[SWFDecompiler.InternetExplorer]
  {E19ADC6E-3909-43E4-9A89-B7B676377EE3} <C:\PROGRA~1\COMMON~1\SOURCE~1\SWFCAT~1\SWFCAT~1.DLL, SourceTec>
[DuiSo.com Search]
  {E2218499-2FD4-4EED-A94A-7F0B9C6E300E} <C:\WINDOWS\system32\Inte32.dll, N/A>
[完美网译通]
  {F43BD772-ABDD-43B7-A96A-3E9E61946EC0} <C:\WINDOWS\WORLD2\TOOLBAR\hmtoolbar.dll, 北京完美时空有限公司>
[上传到QQ网络硬盘]
  <F:\Program Files\QQ\AddToNetDisk.htm, N/A>
[使用KuGoo3下载(&K)]
  <F:\Program Files\KuGoo\KuGoo3DownX.htm, N/A>
[使用网际快车下载]
  <F:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <F:\Program Files\FlashGet\jc_all.htm, N/A>
[添加到QQ自定义面板]
  <F:\Program Files\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <F:\Program Files\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <F:\Program Files\QQ\SendMMS.htm, N/A>

多传了吧。太多了。本来不想累人的。

只能说谢，别的什么都做不了）

传少了,全部传上来,不要修改,没事的

<{08315C1A-9BA9-4B7C-A432-26885F78DF28}><C:\Program Files\Common Files\Microsoft Shared\MSINFO\rejoi.vxd>
这一项确实有问题,把日志贴全吧