弹出窗口地址http://toolbar.wequ.com/after_install.html

使用网上自动卸载不行，重装在卸载不行。

在安全模式下用360、卡卡都杀不掉。。

请问有什么办法吗？

[CODE]

2006-12-26,10:20:01

System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)

Windows 2000 Professional Service Pack 4 (Build 2195)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <SunJavaUpdateSched><C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe>  [N/A]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <RavTray><"C:\Program Files\Rising\Rav\RavTray.exe">  [Rising]
    <runeip><C:\Program Files\Rising\AntiSpyware\runiep.exe>  [Beijing Rising Technology Co., Ltd.]
    <Synchronization Manager><mobsync.exe /logon>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <KKDelay><C:\Program Files\Rising\AntiSpyware\RunOnce.exe>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINNT\system32\Userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINNT\system32\八荣八~3.SCR>  [Aone Software]

==================================
启动文件夹
N/A

==================================
服务
[A33CB830 / A33CB830][Stopped/Auto Start]
  <C:\WINNT\system32\A33CB830.EXE -service><Microsoft Corporation>
[NWCWorkstations / Client Service for NetWare][Stopped/Auto Start]
  <C:\WINNT\system32\rcim1by.exe><N/A>
[Visual Studio Debugger Proxy Service / DbgProxy][Stopped/Disabled]
  <C:\Program Files\Microsoft Visual Studio .NET 2003\Common7\Packages\Debugger\dbgproxy.exe><Microsoft Corporation>
[Logical Disk Manager Administrative Service / dmadmin][Stopped/Manual Start]
  <C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[sdfa / fsda][Stopped/Auto Start]
  <C:\WINNT\G_Server2006.exe><N/A>
[Machine Debug Manager / MDM][Stopped/Disabled]
  <"C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe"><Microsoft Corporation>
[MSSQLSERVER / MSSQLSERVER][Running/Auto Start]
  <C:\PROGRA~1\MICROS~4\MSSQL\binn\sqlservr.exe><Microsoft Corporation>
[MSSQLServerADHelper / MSSQLServerADHelper][Stopped/Manual Start]
  <C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe><Microsoft Corporation>
[RavService / RavService][Running/Auto Start]
  <"C:\Program Files\Rising\Rav\RavService.exe" /service><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon][Running/Auto Start]
  <"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[Distributed Link Tracking Clientbjh / ServiceBJH][Stopped/Auto Start]
  <><N/A>
[QoS Service / SOCEESe][Stopped/Auto Start]
  <C:\WINNT\SYSTEM32\RUNDLL.EXE C:\WINNT\SYSTEM32\WBEM\SMTPCONFS.DLL,Export 1087><N/A>
[SQLSERVERAGENT / SQLSERVERAGENT][Stopped/Manual Start]
  <C:\PROGRA~1\MICROS~4\MSSQL\binn\sqlagent.exe><Microsoft Corporation>
[Sybase BCKServer _ LUCK_BS / SYBBCK_LUCK_BS][Stopped/Manual Start]
  <c:\sybase\bin\bcksrvr.exe -SLUCK_BS -R><N/A>
[Sybase HISServer_LUCK_HS / SYBHIS_LUCK_HS][Stopped/Manual Start]
  <c:\sybase\bin\histsrvr.exe -SLUCK_HS -C><N/A>
[Sybase MONServer _ LUCK_MS / SYBMON_LUCK_MS][Stopped/Manual Start]
  <c:\sybase\bin\monsrvr.exe  -MLUCK_MS -C><N/A>
[Sybase SQLServer _ LUCK / SYBSQL_LUCK][Stopped/Manual Start]
  <c:\sybase\bin\sqlsrvr.exe -sLUCK -C><N/A>
[Sybase XPServer _ LUCK_XP / SYBXPS_LUCK_XP][Stopped/Manual Start]
  <c:\sybase\bin\xpserver.exe -SLUCK_XP -C><N/A>
[System Set Service / SystemSet][Stopped/Auto Start]
  <C:\WINNT\system32\service.exe><N/A>
[Visual Studio Analyzer RPC bridge / Visual Studio Analyzer RPC bridge][Stopped/Manual Start]
  <C:\Program Files\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\varpc.exe><Microsoft Corporation>
[Windows DHCP Service / WinDHCPsvc][Stopped/Auto Start]
  <C:\WINNT\system32\rundll32.exe windhcp.ocx,start><Microsoft Corporation>
[WMDM PMSP Service / WMDM PMSP Service][Running/Auto Start]
  <C:\WINNT\system32\mspmspsv.exe><Microsoft Corporation>

==================================
驱动程序
[aeaudio / aeaudio][Running/Manual Start]
  <system32\drivers\aeaudio.sys><Andrea Electronics Corporation>
[BaseTDI / BaseTDI][Running/Auto Start]
  <\??\C:\WINNT\system32\drivers\basetdi.sys><Beijing Rising Technology Co., Ltd.>
[Broadcom 440x 10/100 Integrated Controller Driver / bcm4sbe5][Running/Manual Start]
  <system32\DRIVERS\bcm4sbe5.sys><Broadcom Corporation>
[CdaC15BA / CdaC15BA][Running/Auto Start]
  <\??\C:\WINNT\system32\drivers\CdaC15BA.SYS><Macrovision Europe Ltd>
[dmboot / dmboot][Stopped/Disabled]
  <System32\drivers\dmboot.sys><VERITAS Software Corp.>
[Logical Disk Manager Driver / dmio][Running/Boot Start]
  <\SystemRoot\System32\drivers\dmio.sys><VERITAS Software Corp.>
[dmload / dmload][Running/Boot Start]
  <\SystemRoot\System32\drivers\dmload.sys><VERITAS Software Corp.>
[dtscsi / dtscsi][Running/Manual Start]
  <\SystemRoot\System32\Drivers\dtscsi.sys><N/A>
[ExpScaner / ExpScaner][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\ExpScan.sys><>
[HookCont / HookCont][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\HOOKCONT.sys><Rising tech Co. ltd>
[HookReg / HookReg][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\HookSys.sys><Rising>
[ialm / ialm][Running/Manual Start]
  <system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[MEMSCAN / MEMSCAN][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[Netgroup Packet Filter / NPF][Stopped/Manual Start]
  <system32\DRIVERS\npf.sys><N/A>
[p / p][Stopped/Manual Start]
  <\??\C:\WINNT\system32\drivers\p.sys><N/A>
[Padus ASPI Shell / pfc][Running/Manual Start]
  <system32\drivers\pfc.sys><Padus, Inc.>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Brother P-touch PTUSB Driver / PTUSB][Stopped/Manual Start]
  <system32\DRIVERS\PTUSB.sys><Brother Industries, Ltd.>
[SkyProcs / SkyProcs][Stopped/Manual Start]
  <\??\C:\Program Files\SkyNet\FireWall\SkyProcs.sys><N/A>
[smwdm / smwdm][Running/Manual Start]
  <system32\drivers\smwdm.sys><Analog Devices, Inc.>
[sptd / sptd][Running/Boot Start]
  <\SystemRoot\System32\Drivers\sptd.sys><N/A>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[Intel(R) Graphics Platform (SoftBIOS) Driver / {6080A529-897E-4629-A488-ABA0C29B635E}][Running/Manual Start]
  <system32\drivers\ialmsbw.sys><Intel Corporation>
[Intel(R) Graphics Chipset (KCH) Driver / {D31A0762-0CEB-444e-ACFF-B049A1F6FE91}][Running/Manual Start]
  <system32\drivers\ialmkchw.sys><Intel Corporation>

==================================
浏览器加载项
[PowerCreator VGAPlayer Control]
  {339C1EE2-1029-46B8-81F1-360217F26FC4} <C:\WINNT\DOWNLO~1\VGAPLA~1.OCX, >
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINNT\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>

==================================
正在运行的进程
[PID: 192][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.00.2195.6601]
[PID: 216][\??\C:\WINNT\system32\csrss.exe]  [Microsoft Corporation, 5.00.2195.6601]
[PID: 236][\??\C:\WINNT\system32\winlogon.exe]  [Microsoft Corporation, 5.00.2195.6970]
[PID: 268][C:\WINNT\system32\services.exe]  [Microsoft Corporation, 5.00.2195.6700]
    [C:\WINNT\system32\dmserver.dll]  [VERITAS Software Corp., 2195.6605.297.3]
[PID: 280][C:\WINNT\system32\lsass.exe]  [Microsoft Corporation, 5.00.2195.6902]
[PID: 436][C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 464][C:\Program Files\Rising\Rav\Ravmond.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 1, 33]
    [C:\Program Files\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 18]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\Rising\Rav\RsLog.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [C:\Program Files\Rising\Rav\HOOKSYS.dll]  [Beijing Rising Technology Co., Ltd., 18, 1, 0, 11]
    [C:\Program Files\Rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 32]
    [C:\Program Files\Rising\Rav\libload.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [C:\Program Files\Rising\Rav\VirusLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [C:\Program Files\Rising\Rav\regmon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [C:\Program Files\Rising\Rav\HookWeb.dll]  [rising, 18, 0, 0, 2]
    [C:\Program Files\Rising\Rav\MemMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [C:\Program Files\Rising\Rav\expscan.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\Rising\Rav\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
    [C:\Program Files\Rising\Rav\MailMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\Program Files\Rising\Rav\SpamEng.dll]  [N/A, 18, 0, 0, 6]
    [C:\Program Files\Rising\Rav\engine.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 34]
    [C:\Program Files\Rising\Rav\PostTrt.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [C:\Program Files\Rising\Rav\UnExe.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [C:\Program Files\Rising\Rav\ScanExec.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [C:\Program Files\Rising\Rav\ScanEx.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 23]
    [C:\Program Files\Rising\Rav\RSUnpack.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 16]
    [C:\Program Files\Rising\Rav\NvFile.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 7]
    [C:\Program Files\Rising\Rav\ScanMac.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 9]
    [C:\Program Files\Rising\Rav\ScanSct.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 18]
    [C:\Program Files\Rising\Rav\Unpacker.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\Rising\Rav\ScanNet.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\Program Files\Rising\Rav\ExtMail.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [C:\Program Files\Rising\Rav\ExtOLE.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
[PID: 508][C:\WINNT\system32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 536][C:\WINNT\system32\spoolsv.exe]  [Microsoft Corporation, 5.00.2195.7059]
    [C:\WINNT\system32\PTUSBP.DLL]  [Brother Industries, Ltd., 1, 0, 1, 0]
    [C:\WINNT\system32\ptusbpr.dll]  [Brother Industries, Ltd., 20, 0, 8, 25]
    [C:\WINNT\system32\PTPRO2L.DLL]  [Brother Industries, Ltd., 1, 0, 0, 0]
    [C:\WINNT\system32\ptql5l.dll]  [Brother Industries, Ltd., 1, 0, 1, 0]
    [C:\WINNT\system32\hpzlnt09.dll]  [HP, 2.229.1.0]
[PID: 632][C:\WINNT\System32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 672][C:\PROGRA~1\MICROS~4\MSSQL\binn\sqlservr.exe]  [Microsoft Corporation, 2000.080.0194.00]
[PID: 796][C:\Program Files\Rising\Rav\RavService.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 41]
    [C:\Program Files\Rising\Rav\DLCenter.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 27]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
[PID: 860][C:\Program Files\Rising\Rav\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[PID: 972][C:\WINNT\system32\MSTask.exe]  [Microsoft Corporation, 4.71.2195.6920]
[PID: 1060][C:\WINNT\System32\WBEM\WinMgmt.exe]  [Microsoft Corporation, 1.50.1085.0100]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
[PID: 1100][C:\WINNT\system32\mspmspsv.exe]  [Microsoft Corporation, 7.10.00.3059]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
[PID: 1124][C:\WINNT\system32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
[PID: 1136][C:\WINNT\System32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
[PID: 1156][C:\WINNT\system32\inetsrv\inetinfo.exe]  [Microsoft Corporation, 5.00.0984]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
[PID: 1356][C:\WINNT\Explorer.EXE]  [Microsoft Corporation, 5.00.3700.6690]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[PID: 1432][C:\WINNT\system32\Media\winlogon.exe]  [N/A, N/A]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[PID: 1520][C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe]  [N/A, N/A]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
[PID: 1544][C:\Program Files\Rising\Rav\RavTask.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 22]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[PID: 1572][C:\Program Files\Rising\Rav\Ravmon.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 1, 30]
    [C:\Program Files\Rising\Rav\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 24]
    [C:\Program Files\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 18]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[PID: 1612][C:\Program Files\Rising\Rav\RavTray.exe]  [Rising, 18, 0, 0, 34]
    [C:\Program Files\Rising\Rav\RavUILib.dll]  [, 18, 0, 0, 1]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\Program Files\Rising\Rav\RavTray936.dll]  [Rising, 18, 0, 0, 34]
    [C:\Program Files\Rising\Rav\RsCommx.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]

[PID: 1644][C:\Program Files\Rising\AntiSpyware\runiep.exe]  [Beijing Rising Technology Co., Ltd., 1, 0, 1, 3]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\Program Files\Rising\AntiSpyware\iep_ctrl.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 4]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[PID: 1436][C:\WINNT\system32\wuauclt.exe]  [Microsoft Corporation, 5.4.3630.2554 built by: lab04_n]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[PID: 1452][C:\WINNT\system32\conime.exe]  [Microsoft Corporation, 5.00.2195.6655]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[PID: 172][C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe]  [Adobe Systems Incorporated, 5.0.1.2001032700]
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\CoolType.dll]  [Adobe Systems, Incorporated, 4.04.26]
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\BIB.dll]  [Adobe Systems, Incorporated, 1.0.20]
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\ACELite.dll]  [Adobe Systems, Incorporated, 1.02.00]
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\AGM.dll]  [Adobe Systems, Incorporated, 4.04.26]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [c:\program files\adobe\acrobat 5.0\reader\rdlang32.chs]  [Adobe Systems Incorporated, 5.0.0.377]
    [C:\WINNT\system32\ATMLIB.dll]  [Adobe Systems, 5.0 Build 225]
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\SPPlugins\ExpressViews.apl]  [Adobe Systems Incorporated, 1.1]
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\SPPlugins\ADMPlugin.apl]  [Adobe Systems Incorporated, 2.82ac22 2001.05.04-0720h.51s]
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\AcroFill.api]  [Adobe Systems Incorporated, 5.0.0.2001032100]
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\EScript.api]  [Adobe Systems Incorporated, 5.0.0.2001031500]
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\EWH32.api]  [Adobe Systems Incorporated, 5.0.0.2001031900]
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\weblink.api]  [Adobe Systems Incorporated, 5.0.0.2001031500]
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\WHA.api]  [Adobe Systems Incorporated, 5.0.0.2001031500]
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\Webbuy.api]  [Adobe Systems Incorporated, 5.0.0.2001031500]
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\hls.api]  [Adobe Systems Incorporated, 5.0.0.2001031500]
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\reflow.api]  [Adobe Systems Incorporated, 5.0.0.2001031500]
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\Movie\Movie.api]  [Adobe Systems, Inc., 5.0.0.2001031500]
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\MSAA.api]  [Adobe Systems Incorporated, 5.0.0.2001031500]
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\Infusium.api]  [Adobe Systems Incorporated, 5.0.0.2001031500]
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\Webbuy.CHS]  [N/A, N/A]
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\AcroFill.CHS]  [N/A, N/A]
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\EScript.CHS]  [N/A, N/A]
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\EWH32.CHS]  [N/A, N/A]
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\hls.CHS]  [N/A, N/A]
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\Infusium.CHS]  [N/A, N/A]
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\Movie\Movie.CHS]  [N/A, N/A]
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\MSAA.CHS]  [N/A, N/A]
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\reflow.CHS]  [Adobe Systems Incorporated, 5.0.0.0]
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\weblink.CHS]  [N/A, N/A]
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\WHA.CHS]  [N/A, N/A]
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\WHA Library.dll]  [Adobe Systems Incorporated, 0.2.0.0]
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\WHA Library.CHS]  [Adobe Systems Incorporated, 0.2.0.0]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[PID: 1904][H:\mysoft\sreng2\SREng.EXE]  [Smallfrogs Studio, 2.3.13.690]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINNT\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
API HOOK
N/A

==================================


[/CODE]

麻烦高手给看一下!谢谢！
启动后没多久就自动安装唯趣工具条并自动启动IE弹出网页。

能帮忙看看吗?

运行(双击)SRENG2，点“启动项目，服务，点“Win32服务应用程序”
勾选“隐藏微软服务”选中病毒服务
sdfa
A33CB830
QoS Service
Windows DHCP Service
System Set Service
，选择“删除服务”
点“设置”选择“否”
重启按F８进入安全模式下
显示隐藏文件
删除： 
C:\WINNT\system32\service.exe
C:\WINNT\system32\windhcp.ocx
C:\WINNT\SYSTEM32\WBEM\SMTPCONFS.DLL
C:\WINNT\system32\A33CB830.EXE
C:\WINNT\G_Server2006.exe

可疑文件
<C:\WINNT\system32\rcim1by.exe

问题解决！感谢红夜鬼！