[PID: 192][C:\Program Files\MSN Messenger\MsnMsgr.Exe]  [Microsoft Corporation, 8.1.0178.00]
    [C:\Program Files\MSN Messenger\MSNCore.dll]  [Microsoft Corporation, 8.1.0178.00]
    [C:\Program Files\MSN Messenger\msidcrl40.dll]  [Microsoft Corporation, 4.100.313.1]
    [C:\Program Files\MSN Messenger\ContactsUX.dll]  [Microsoft Corporation, 8.1.0178.00]
    [C:\WINDOWS\system32\wxvault.dll]  [, 05.03.00.017]
    [C:\WINDOWS\system32\detoured.dll]  [N/A, ]
    [C:\WINDOWS\DOWNLO~1\BDPlugin.dll]  [, 1, 0, 1, 1]
    [C:\Program Files\MSN Messenger\msgslang.8.1.0178.00.dll]  [Microsoft Corporation, 8.1.0178.00]
    [C:\Program Files\MSN Messenger\msgsres.dll]  [Microsoft Corporation, 8.1.0178.00]
    [C:\Program Files\MSN Messenger\MSGSWCAM.dll]  [Microsoft Corporation, 8.1.0178.00]
    [C:\WINDOWS\system32\sirenacm.dll]  [Microsoft Corp., 8.1.0178.00]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\Documents and Settings\All Users\Favorites\winxy.hlp]  [N/A, ]
    [C:\Program Files\MSN Messenger\lmcdata.dll]  [Microsoft Corporation, 8.1.0178.00]
    [C:\Program Files\MSN Messenger\contact.dll]  [Microsoft Corporation, 8.1.0178.00]
    [C:\Program Files\MSN Messenger\dfsr.dll]  [Microsoft Corporation, 8.1.0178.00]
    [C:\Program Files\MSN Messenger\abssm.dll]  [Microsoft Corporation, 8.1.0178.00]
    [C:\Program Files\MSN Messenger\usnsvcps.dll]  [Microsoft Corporation, 8.1.0178.00]
    [C:\Program Files\MSN Messenger\custsat.dll]  [Microsoft Corporation, 9.0.3790.2428 (srv03_sp1_qfe.050422-1043)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\PDM.DLL]  [Microsoft Corporation, 7.00.9466]
    [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\2052\mdmui.dll]  [Microsoft Corporation, 7.00.9466]
    [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MSDBG2.DLL]  [Microsoft Corporation, 7.00.9466]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[PID: 3056][C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe]  [Intel Corporation, 10.5.1.9]
    [C:\Program Files\Intel\Wireless\Bin\acAuth.dll]  [, 4.1.0.75 2006-10-02 16:07:22]
    [C:\Program Files\Intel\Wireless\Bin\C1XStngs.dll]  [Intel Corporation, 10.5.1.32]
    [C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll]  [Intel Corporation, 10.5.1.5]
    [C:\Program Files\Intel\Wireless\Bin\IntStngs.dll]  [, 10.5.1.0  ]
    [C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL]  [Intel Corporation, 10.5.1.6]
    [C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL]  [N/A, ]
    [C:\WINDOWS\system32\wxvault.dll]  [, 05.03.00.017]
    [C:\WINDOWS\system32\detoured.dll]  [N/A, ]
    [C:\Program Files\Intel\Wireless\Bin\C8021CHS.dll]  [Intel Corporation, 10.5.1.32]
    [C:\WINDOWS\DOWNLO~1\BDPlugin.dll]  [, 1, 0, 1, 1]
    [C:\Program Files\Intel\Wireless\Bin\LSAWRAPI.dll]  [Intel Corporation, 10.5.0.1  ]
    [C:\Documents and Settings\All Users\Favorites\winxy.hlp]  [N/A, ]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll]  [Intel Corporation, 10, 5, 1, 1  ]
    [C:\Program Files\Intel\Wireless\Bin\DbEngine.dll]  [Intel Corporation, 10, 5, 1, 17]
    [C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll]  [The OpenSSL Project, http://www.openssl.org/, 0.9.8]
[PID: 1264][C:\Program Files\Digital Line Detect\DLG.exe]  [BVRP Software, 1, 0, 0, 1]
    [C:\WINDOWS\system32\wxvault.dll]  [, 05.03.00.017]
    [C:\WINDOWS\system32\detoured.dll]  [N/A, ]
    [C:\Program Files\Digital Line Detect\BVRPDIAG.dll]  [BVRP Software, 1.0]
    [C:\WINDOWS\system32\MdmXSdk.dll]  [Conexant, 1.0.2.010]
    [C:\WINDOWS\DOWNLO~1\BDPlugin.dll]  [, 1, 0, 1, 1]
    [C:\Documents and Settings\All Users\Favorites\winxy.hlp]  [N/A, ]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 3532][C:\Program Files\Wave Systems Corp\Services Manager\Secure Update\AutoUpdate.exe]  [Wave Systems Corp., 05.03.00.002]
    [C:\WINDOWS\system32\mscoree.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\wxvault.dll]  [, 05.03.00.017]
    [C:\WINDOWS\system32\detoured.dll]  [N/A, ]
    [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [c:\windows\microsoft.net\framework\v1.1.4322\mscorlib.dll]  [Microsoft Corporation, 1.1.4322.2032]
    [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll]  [Microsoft Corporation, 1.1.4322.573]
    [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSCORJIT.DLL]  [Microsoft Corporation, 1.1.4322.2032]
    [c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_zh-chs_b77a5c561934e089\mscorlib.resources.dll]  [Microsoft Corporation, 1.1.4322.573]
    [C:\WINDOWS\DOWNLO~1\BDPlugin.dll]  [, 1, 0, 1, 1]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\Documents and Settings\All Users\Favorites\winxy.hlp]  [N/A, ]
[PID: 3740][C:\Program Files\Tencent\QQ\QQ.exe]  [TENCENT, 0, 0, 0, 0]
    [C:\Program Files\Tencent\QQ\QQBaseClassInDll.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQHelperDll.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\BasicCtrlDll.dll]  [Tencent, 7, 0, 101, 80]
    [C:\Program Files\Tencent\QQ\MFC42.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [C:\WINDOWS\DOWNLO~1\BDPlugin.dll]  [, 1, 0, 1, 1]
    [C:\Program Files\Tencent\QQ\RICHED32.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [C:\Program Files\Tencent\QQ\RICHED20.dll]  [Microsoft Corporation, 5.31.23.1218]
    [C:\Program Files\Tencent\QQ\QQAPI.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\Documents and Settings\All Users\Favorites\winxy.hlp]  [N/A, ]
    [C:\Program Files\Tencent\QQ\LoginCtrl.dll]  [N/A, ]
    [C:\Program Files\Tencent\QQ\npkcntc.dll]  [INCA Internet Co., Ltd., 2006, 6, 27, 1]
    [C:\Program Files\Tencent\QQ\npkpdb.dll]  [INCA Internet Co., Ltd., 2003, 10, 1, 1]
    [C:\Program Files\Tencent\QQ\LoginCtrlRes.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Dell\QuickSet\dadkeyb.dll]  [N/A, ]
[PID: 1364][C:\Progra~1\Intern~1\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\wxvault.dll]  [, 05.03.00.017]
    [C:\WINDOWS\system32\detoured.dll]  [N/A, ]
    [C:\WINDOWS\DOWNLO~1\BDPlugin.dll]  [, 1, 0, 1, 1]
    [C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 2, 10]
    [C:\WINDOWS\system32\xunleibho_v14.dll]  [Thunder Networking Technologies,LTD, 4, 6, 0, 62]
    [C:\WINDOWS\System32\DLA\DLASHX_W.DLL]  [Sonic Solutions, 5.20.08a]
    [C:\WINDOWS\system32\DLAAPI_W.DLL]  [Sonic Solutions, 5.20.08a]
    [C:\WINDOWS\System32\DLA\DLACResW.dll]  [Sonic Solutions, 5.20.08a]
    [C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll]  [Sun Microsystems, Inc., 5.0.60.5]
    [C:\WINDOWS\DOWNLO~1\BDHelper.dll]  [, 1, 0, 0, 6]
    [C:\Documents and Settings\All Users\Favorites\winxy.hlp]  [N/A, ]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9c.ocx]  [Adobe Systems, Inc., 9,0,45,0]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\Dell\QuickSet\dadkeyb.dll]  [N/A, ]
    [C:\WINDOWS\system32\UNISPIM.IME]  [北京清华紫光软件股份有限公司, 3.0.0.3045]
    [C:\WINDOWS\system32\upengine.dll]  [北京清华紫光软件股份有限公司, 3.0.0.3045]
[PID: 3200][C:\Program Files\Tencent\QQ\TIMPlatform.exe]  [tencent, 0, 3, 1, 8]
    [C:\WINDOWS\DOWNLO~1\BDPlugin.dll]  [, 1, 0, 1, 1]
    [C:\Documents and Settings\All Users\Favorites\winxy.hlp]  [N/A, ]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\Program Files\Tencent\QQ\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
[PID: 3308][E:\sreng2\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]
    [C:\WINDOWS\DOWNLO~1\BDPlugin.dll]  [, 1, 0, 1, 1]
    [C:\Documents and Settings\All Users\Favorites\winxy.hlp]  [N/A, ]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]

==================================

文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]

已发完，请二楼兄台相助，万分感谢

文件名和路径

进入安全模式后：

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<BianFeng><C:\Documents and Settings\All Users\Favorites\winxy.exe> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<BIE><Rundll32 C:\WINDOWS\DOWNLO~1\BDPlugin.dll,Rundll32> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<Userinit><C:\WINDOWS\system32\userinit.exe,IEXPLOER.exe,> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><wxvault.dll> []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{BC207F7D-3E63-4ACA-99B5-FB5F8428200C}><C:\WINDOWS\DOWNLO~1\BDPlugin.dll> []
用SRENG扫描工具删除以上除红、蓝色项目以外的所有注册表值项值，用常规方法或冰刃删除C:\Documents and Settings\All Users\Favorites\winxy.exe、C:\WINDOWS\DOWNLO~1\BDPlugin.dll、C:\WINDOWS\system32\IEXPLOER.exe、C:\WINDOWS\system32\wxvault.dll这些文件。
将红色注册表值项值由“C:\WINDOWS\system32\userinit.exe,IEXPLOER.exe,”改为“C:\WINDOWS\system32\userinit.exe,”，将蓝色注册表值项值由“wxvault.dll”改为空。
==================================
启动文件夹
[Windows]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Windows.hta --> [N/A]><N>
按照路径，删除C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Windows.hta 这个启动项目和文件。
==================================
服务
[NTRU Hybrid TSS v2.0.25 TCS / tcsd_win32.exe][Running/Auto Start]
<"C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.25\bin\tcsd_win32.exe"><N/A>
未知服务，需要查明后在做决定。
==================================
正在运行的进程
[C:\WINDOWS\system32\wxvault.dll] [, 05.03.00.017]
[C:\WINDOWS\system32\detoured.dll] [N/A, ]
[C:\WINDOWS\DOWNLO~1\BDPlugin.dll] [, 1, 0, 1, 1]
[C:\WINDOWS\system32\WinDll.dll] [N/A, ]
[C:\WINDOWS\DOWNLO~1\BDHelper.dll] [, 1, 0, 0, 6]
[C:\Documents and Settings\All Users\Favorites\winxy.hlp] [N/A, ]
[C:\WINDOWS\DOWNLO~1\BDPlugin.dll] [, 1, 0, 1, 1]
用常规方法或冰刃删除以上文件（红色部分没有绝对把握，请备份到U盘后再从硬盘上删除）
==================================
文件关联
.TXT Error. [C:\WINDOWS\notepad.exe %1]
.CHM Error. ["hh.exe" %1]
.INI Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
用SRENG扫描工具修复以上文件关联。

你的机中毒很严重，和你说的“和你一样情况”的那个人的情况完全不同，去处理吧，别忘记最后在安全模式下用瑞星全盘杀下毒，杀掉漏网之鱼。最后用卡卡助手的“痕迹清理”清理掉所有IE缓存和临时文件。

谢谢，晚上回家继续杀！