这个病毒烦恼我几个星期了
带这张贴
我是第3次发了
郁闷啊
怎么才能灭杀掉它啊？
补丁我明明打了，卡卡也说电脑里没什么恶意的插件，木马克星也用过了，安全模式清理该清理的文件夹也做了，但怎么就是不行啊。

就是这个图片和路径。

谁能帮帮解决啊
刚才来论坛发现
好几个人都跟我的问题一样。。。

[用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)

ms07-017补丁、清楚ie临时文件夹

那个补丁我打过

那些该清理的文件夹我也在安全模式下清理过了

可是每次都是过了几天又出现

我的图上不是有吗？

请问这该怎么办啊

在这里能看见宅真不容易……
是不是局域网？说下Trojan.Dl.Js.Small的路径

C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\YFW1UN8D

------------------------

另外宅什么的，好象是说经常呆在家，玩日文游戏之类看日漫之类的那种人吧？
我希望你搞清楚
我只是喜欢PRISM ARK
仅此而已
除了这个游戏我只看火影和死神
别把我跟那什么宅的扯一起

囧这个一般除了宅，没人会用吧？是吗？不是吗？
其实我错了，宅说话向来心平气和，尤其是需要帮助的时候……期待博爱的人出现吧……

你按1楼说的做试试看吧.或者去这个帖看看
http://forum.ikaka.com/topic.asp?board=40&artid=8358993

发个sreng日志上来看看,

下载 System Repair Engineer系统扫描工具软件，下载地址如下：
http://www.kztechs.com/sreng/download.html
扫描和上传日志的方法：
1、解压缩所下载的sreng2.zip压缩包；
2、打开已经解压缩的SRENG文件夹，双击运行其中的SREngPS.exe；
3、依次按“智能扫描”、“扫描”、“保存报告”，将日志保存到硬盘上；
4、把日志扩展名改为.txt.然后以附件形式传上来,请不要更改日志内容.
友情提示：
1、扫描日志前请先关闭所有打开的软件（如QQ、迅雷等程序和IE窗口,注意，是关闭而不是最小化窗口）
2、注意在没有进一步提示前，请勿用SRENG工具胡乱修复，否则系统可能变的情况更糟。

水树雨下
你的确错了
我只是说
你以为我是那宅什么的
囧在百度贴吧
有N多人用

你帮我看贴
我很感谢
但是你把我理解成那种人
就是你搞错了

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows Publisher]
    <MSConfig><C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto>  [(Verified)Microsoft Windows Publisher]
    <RavTask><"G:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><LogonUI.EXE>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
    <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [Microsoft Corporation]

==================================
启动文件夹
[河南铁通宽带拨号软件]
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\河南铁通宽带拨号软件.lnk --> C:\PROGRA~1\河南铁~1\HelloNet.exe [HelloNet]><N>

==================================
服务
[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
  <"C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe"><Macrovision Corporation>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"G:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
  <"G:\Program Files\Rising\Rav\RavMonD.exe"><Beijing Rising Technology Co., Ltd.>
[StarWind iSCSI Service / StarWindService][Stopped/Auto Start]
  <E:\Alcohol 120\StarWind\StarWindService.exe><N/A>
[Windows User Mode Driver Framework / UMWdf][Stopped/Auto Start]
  <C:\WINDOWS\system32\wdfmgr.exe><N/A>

==================================
驱动程序
[Service for WDM 3D Audio Driver / ALCXSENS][Running/Manual Start]
  <system32\drivers\ALCXSENS.SYS><Sensaura>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[HelloNet PPPoE 虚拟网卡 / BRPPPOE][Running/Manual Start]
  <system32\DRIVERS\brpppoe.sys><N/A>
[dtscsi / dtscsi][Stopped/Manual Start]
  <\SystemRoot\System32\Drivers\dtscsi.sys><DT Soft Ltd.>
[EagleNT / EagleNT][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\EagleNT.sys><N/A>
[ExpScaner / ExpScaner][Running/Auto Start]
  <\??\G:\PROGRAM FILES\RISING\RAV\ExpScan.sys><>
[HookCont / HookCont][Running/Auto Start]
  <\??\G:\PROGRAM FILES\RISING\RAV\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
  <\??\G:\PROGRAM FILES\RISING\RAV\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
  <\??\G:\PROGRAM FILES\RISING\RAV\HookSys.sys><Rising>
[ialm / ialm][Running/Manual Start]
  <system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[IlvMoneyDRIVER53 / IlvMoneyDRIVER53][Stopped/Manual Start]
  <\??\D:\吸怪\MoonLightEngine\MoonLightEngine_Lite_1059.18\IlvMoney1055.sys><N/A>
[MEMSCAN / MEMSCAN][Running/Auto Start]
  <\??\G:\PROGRAM FILES\RISING\RAV\MEMSCAN.sys><Beijing Rising Technology Co., Ltd.>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\G:\冒险岛\npkcrypt.sys><INCA Internet Co., Ltd.>
[Padus ASPI Shell / pfc][Running/Manual Start]
  <system32\drivers\pfc.sys><Padus, Inc.>
[PNP26472 / PNP26472][Running/Boot Start]
  <\SystemRoot\system32\Drivers\pnp21574.sys><Anti Driver>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[puma1 / puma1][Stopped/Manual Start]
  <\??\D:\吸怪\puma.sys><N/A>
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
  <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
  <\??\G:\PROGRAM FILES\RISING\RAV\RSPPSYS.sys><Rising>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[SKNFW / SKNFW][Running/System Start]
  <\??\C:\WINDOWS\system32\Drivers\SKNFW.sys><N/A>
[SkyProcs / SkyProcs][Stopped/Manual Start]
  <\??\G:\Program Files\天网\Firewall\SkyProcs.sys><N/A>
[sptd / sptd][Running/Boot Start]
  <\SystemRoot\System32\Drivers\sptd.sys><N/A>
[vaxscsi / vaxscsi][Running/Manual Start]
  <\SystemRoot\System32\Drivers\vaxscsi.sys><N/A>
[VCD VNC Virtual Network Adapter / vcddev][Stopped/Manual Start]
  <system32\DRIVERS\vcdvnic.sys><N/A>
[Intel(R) Graphics Platform (SoftBIOS) Driver / {6080A529-897E-4629-A488-ABA0C29B635E}][Running/Manual Start]
  <system32\drivers\ialmsbw.sys><Intel Corporation>
[Intel(R) Graphics Chipset (KCH) Driver / {D31A0762-0CEB-444e-ACFF-B049A1F6FE91}][Running/Manual Start]
  <system32\drivers\ialmkchw.sys><Intel Corporation>