瑞星根本查不出啊.,怎么办怎么办网上的办法都不行啊

我也是,今天刚中的毒,不管打看什么网页,它都是3448,这个网站比7939还恶毒.
我的日志扫描后,只有host关联文件有问题吧?
不知道怎么修改,有没有专门的杀毒工具呢?

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <RavTask><"C:\Program Files\rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <RavStub><"C:\Program Files\rising\Rav\ravstub.exe" /RUNONCE>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\System32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\System32\ravss.scr>  [Rising Corp.]

==================================
启动文件夹
N/A

==================================
服务
[950BDAD8 / 950BDAD8]
  <C:\WINDOWS\System32\950BDAD8.EXE -service><Microsoft Corporation>
[ASP.NET State Service / aspnet_state]
  <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Machine Debug Manager / MDM]
  <"C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe"><Microsoft Corporation>
[Rising Process Communication Center / RsCCenter]
  <"C:\Program Files\rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"C:\Program Files\rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>

==================================
驱动程序
[Service for Avance AC97 Audio (WDM) / ALCXWDM]
  <system32\drivers\ALCXWDM.SYS><Avance Logic, Inc.>
[ASPI32 / ASPI32]
  <System32\drivers\aspi32.sys><Adaptec>
[Rising TDI Base Driver / BaseTDI]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[cdrbsvsd / cdrbsvsd]
  <C:\WINDOWS\SYSTEM32\DRIVERS\cdrbsvsd.SYS><B.H.A Corporation>
[ExpScaner / ExpScaner]
  <\??\C:\Program Files\rising\Rav\ExpScan.sys><>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS]
  <System32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[HookCont / HookCont]
  <\??\C:\Program Files\rising\Rav\HOOKCONT.sys><Rising tech Co. ltd>
[HookReg / HookReg]
  <\??\C:\Program Files\rising\Rav\HookReg.sys><>
[HookSys / HookSys]
  <\??\C:\Program Files\rising\Rav\HookSys.sys><Rising>
[HostXp / HostXp]
  <\??\C:\WINDOWS\System32\drivers\HostXp.sys><>
[ialm / ialm]
  <System32\DRIVERS\ialmnt5.sys><Intel Corporation>
[IPHOOK / IPHOOK]
  <\??\D:\Program Files\防火墙\Rfw\2000\IPHOOK.sys><Beijing Rising Technology Corporation Limited>
[Keyboard Filter Example / kbfiltr]
  <System32\DRIVERS\kbfiltr.sys><Windows (R) 2000 DDK provider>
[kmsinput / kmsinput]
  <\??\C:\WINDOWS\System32\drivers\kmsinput.sys><N/A>
[MEMSCAN / MEMSCAN]
  <\??\C:\Program Files\rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[New0 / New0]
  <\??\C:\WINDOWS\System32\new.sys><N/A>
[NetGroup Packet Filter Driver / NPF]
  <system32\drivers\npf.sys><NetGroup - Politecnico di Torino>
[npkcrypt / npkcrypt]
  <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[VSO Software pcouffin / pcouffin]
  <System32\Drivers\pcouffin.sys><VSO Software>
[Direct Parallel Link Driver / Ptilink]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PPPoE Protocol / RMSPPPOE]
  <System32\DRIVERS\RMSPPPOE.SYS><Robert Schlabbach>
[Secdrv / Secdrv]
  <System32\DRIVERS\secdrv.sys><N/A>
[Sony Digital Imaging Video2 / sonypvs1]
  <System32\DRIVERS\sonypvs1.sys><Sony Corporation>
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1]
  <System32\DRIVERS\SONYPVU1.SYS><Sony Corporation>
[TDIHOOK / TDIHOOK]
  <\??\D:\Program Files\防火墙\Rfw\2000\TDIHOOK.sys><Beijing Rising Technology Corporation Limited>
【回复“jjdu3”的帖子】

【回复“jjdu3”的帖子】

浏览器加载项
[IeCatch5 Class]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <E:\realone\PROGRA~1\FLASHGET\jccatch.dll, N/A>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <E:\Program Files\qq05\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[超级兔子上网精灵]
  {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <D:\Program Files\Super Rabbit\MagicSet\haokanbar.dll, N/A>
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <E:\Program Files\qq05\QQ.EXE, TENCENT>
[FlashGet]
  {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <E:\realone\PROGRA~1\FLASHGET\flashget.exe, FlashGet.com>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <E:\Program Files\qq05\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\MSMSGS.EXE, Microsoft Corporation>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <E:\realone\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[超级兔子上网精灵]
  {43869BB3-22FD-4F15-9B46-238106BA2F4E} <D:\Program Files\Super Rabbit\MagicSet\haokanbar.dll, N/A>
[电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[Edit Class]
  {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINDOWS\System32\CMBEdit.dll, >
[PowerPlayer Control]
  {5EC7C511-CD0F-42E6-830C-1BD9882F3458} <C:\WINDOWS\DOWNLO~1\POWERP~1.DLL, N/A>
[Java Plug-in 1.4.2_03]
  {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} <D:\毕业设计\bin\npjpi142_03.dll, JavaSoft / Sun Microsystems, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[PBActiveX40 Control]
  {F2EB8999-766E-4BF6-AAAD-188D398C0D0B} <C:\WINDOWS\System32\CmbPb40.ocx, China Merchants Bank>
[上传到QQ网络硬盘]
  <E:\Program Files\qq05\AddToNetDisk.htm, N/A>
[使用KuGoo3下载(&K)]
  <D:\PROGRA~1\KUGOO\4338764\KUGOO2\KuGoo3DownX.htm, N/A>
[使用网际快车下载]
  <E:\realone\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <E:\realone\Program Files\FlashGet\jc_all.htm, N/A>
[添加到QQ自定义面板]
  <E:\Program Files\qq05\AddPanel.htm, N/A>
[添加到QQ表情]
  <E:\Program Files\qq05\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <E:\Program Files\qq05\SendMMS.htm, N/A>

【回复“jjdu3”的帖子】

=================================
正在运行的进程
[PID: 740][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 788][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 812][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 856][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 868][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 1036][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\netdll.dll]  [N/A, N/A]
[PID: 1116][C:\Program Files\rising\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 1132][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1260][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1316][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1340][C:\Program Files\rising\Rav\Ravmond.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 1, 35]
    [C:\Program Files\rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
    [C:\Program Files\rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [C:\Program Files\rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\rising\Rav\RsLog.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [C:\Program Files\rising\Rav\HOOKSYS.dll]  [Beijing Rising Technology Co., Ltd., 18, 1, 0, 11]
    [C:\Program Files\rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 32]
    [C:\Program Files\rising\Rav\libload.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [C:\Program Files\rising\Rav\VirusLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
    [C:\Program Files\rising\Rav\regmon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [C:\Program Files\rising\Rav\HookWeb.dll]  [rising, 18, 0, 0, 2]
    [C:\Program Files\rising\Rav\MemMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [C:\Program Files\rising\Rav\expscan.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\rising\Rav\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
    [C:\Program Files\rising\Rav\MailMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\Program Files\rising\Rav\SpamEng.dll]  [N/A, 18, 0, 0, 6]
    [C:\Program Files\rising\Rav\engine.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 35]
    [C:\Program Files\rising\Rav\PostTrt.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 18]
    [C:\Program Files\rising\Rav\UnExe.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [C:\Program Files\rising\Rav\ScanExec.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 15]
    [C:\Program Files\rising\Rav\ScanEx.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 30]
    [C:\Program Files\rising\Rav\RSUnpack.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [C:\Program Files\rising\Rav\ExtFile.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 21]
    [C:\Program Files\rising\Rav\NvFile.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 7]
    [C:\Program Files\rising\Rav\ScanMac.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [C:\Program Files\rising\Rav\ScanSct.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
    [C:\Program Files\rising\Rav\ScanNet.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\Program Files\rising\Rav\Unpacker.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[PID: 1596][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\System32\vvvzz.dll]  [N/A, N/A]
    [C:\Program Files\rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\System32\igfxpph.dll]  [Intel Corporation, 3,0,0,1502]
    [C:\WINDOWS\System32\hccutils.DLL]  [Intel Corporation, 3,0,0,1502]
    [C:\WINDOWS\System32\igfxres.dll]  [Intel Corporation, 3,0,0,1502]
    [C:\WINDOWS\System32\igfxsrvc.dll]  [Intel Corporation, 3,0,0,1502]
    [C:\WINDOWS\System32\igfxdev.dll]  [Intel Corporation, 3,0,0,1502]
[PID: 1688][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[PID: 1776][C:\Program Files\rising\Rav\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 16]
    [C:\Program Files\rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[PID: 168][C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe]  [Microsoft Corporation, 7.10.3077]
[PID: 272][C:\WINDOWS\System32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: DNSRV(bld4act)]
[PID: 288][C:\Program Files\rising\Rav\RavTask.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 22]
    [C:\Program Files\rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [C:\Program Files\rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\WINDOWS\System32\vvvzz.dll]  [N/A, N/A]
[PID: 368][C:\Program Files\rising\Rav\Ravmon.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 1, 33]
    [C:\Program Files\rising\Rav\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 26]
    [C:\Program Files\rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
    [C:\Program Files\rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [C:\Program Files\rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\WINDOWS\System32\vvvzz.dll]  [N/A, N/A]
[PID: 376][D:\Program Files\防火墙\rfw\Rfw.exe]  [Beijing Rising Technology Corporation Limited, 2, 2, 0, 8]
    [D:\Program Files\防火墙\rfw\BmpFace.dll]  [Beijing Rising Technology Corporation Limited, 2, 1, 0, 0]
    [D:\Program Files\防火墙\rfw\rfw.dll]  [Beijing Rising Technology Corporation Limited, 2, 2, 0, 2]
    [D:\Program Files\防火墙\rfw\chn\rfw.lag]  [Beijing Rising Technology Corporation Limited, 2, 2, 0, 8]
    [C:\WINDOWS\System32\vvvzz.dll]  [N/A, N/A]
[PID: 412][C:\WINDOWS\System32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\vvvzz.dll]  [N/A, N/A]
[PID: 444][C:\WINDOWS\System32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\System32\vvvzz.dll]  [N/A, N/A]
[PID: 1276][C:\Program Files\AsiaInfo\山东通信宽带e线拨号软件\AsiaDial.exe]  [, 1, 0, 0, 1]
    [C:\WINDOWS\System32\vvvzz.dll]  [N/A, N/A]
[PID: 180][C:\DOCUME~1\user\LOCALS~1\Temp\Rar$EX00.984\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [C:\WINDOWS\System32\vvvzz.dll]  [N/A, N/A]

【回复“jjdu3”的帖子】

文件关联
.TXT  Error. [NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
218.201.94.20 localhost
218.201.94.20 www.5566.net
218.201.94.20 www.gjj.cc
218.201.94.20 www.hao123.com
218.201.94.20 www.hao222.com
218.201.94.20 www.9991.com
218.201.94.20 www.2345.com
218.201.94.20 www.7939.com
218.201.94.20 forum.ikaka.com
218.201.94.20 bbs.360safe.com
218.201.94.20 www.360safe.com
218.201.94.20 www.piaoxue.com
218.201.94.20 61.129.58.12
218.201.94.20 forum.jiangmin.com
218.201.94.20 luosoft.com
218.201.94.20 post.baidu.com
218.201.94.20 cn.zs.yahoo.com
218.201.94.20 www.znmq.com
218.201.94.20 auto.search.msn.com
218.201.94.20 www.pcav.cn
218.201.94.20 www.cnhx.com.cn
218.201.94.20 btbaicai.com
218.201.94.20 219.239.102.77
218.201.94.20 hz.mop-hz.com
218.201.94.20 www.jacai.com
218.201.94.20 bbs.168safe.com
218.201.94.20 ok.mop-hz.com
218.201.94.20 s46.cnzz.com

==================================

这个 218.201.94.20 是不是恶意网站的?

我用瑞星安全助手把主页改过来了,但是一去百度,3448又出来了.于是我从其它网站找到一个帖子,不管怎么样,先试试再说,你参考自己的机器中毒情况,改一下试试?内容如下:



<!-- 以下内容由sohu社区为您保存 -->
用SREng查看启动项目，终止可疑进程，一般来说是system32目录下的一个rundll32.exe后边的一个可疑dll，具体名称么，我看了十几个全不一样，有n9zl7dll、1y什么什么dll之类，如果平时常注意这个很容易发现哪个是毒，（不知道哪个是毒的话，在做以上步骤以前启动一个杀毒软件的注册表监控，如超级兔子之类改首页为空白，一点IE，会有XXXX改注册表的提示，然后3448还是弹出的，注意刚才提示的是哪个路径，哼，）……终止该启动项，重启后在system32目录中删除该DLL，再进入C:\WINDOWS\system32\drivers\etc把那个hosts删除，这个世界清静了。
本人刚解决的，正在到处copy，我是菜鸟，菜鸟的菜鸟办法，有的办法最后不是删除hosts文件而是编辑hosts文件，按道理应该是防止复发，那个我没试过，反正现在IE首页用以上办法正常

运行(双击)SRENG2，点“启动项目，服务，点“驱动程序”
勾选“隐藏已认证的微软项目”选中病毒服务New0 选择“删除服务”
点“设置”选择“否”


运行(双击)SRENG2，点“启动项目，服务，点“Win32服务应用程序”
勾选“隐藏微软服务”选中病毒服务
950BDAD8
，选择“删除服务”
点“设置”选择“否”


显示隐藏文件
删除：
C:\WINDOWS\System32\950BDAD8.EXE
C:\WINDOWS\System32\new.sys
C:\WINDOWS\system32\netdll.dll
C:\WINDOWS\System32\vvvzz.dll

【回复“秋日里的蓝天”的帖子】
【回复“秋日里的蓝天”的帖子】

谢谢,已经删除了.如果把system32\driver\hosts文件夹删除的话,没什么问题吧?

去了其它地方,发现3448中毒情况比7939还要严重,不知有哪位高人能给弄个专杀工具呢?有很多人会需要的吧.
这个218.201.94.20地址,能有办法给封了吧?