========Title========
机子中毒,瑞星查不出来,老是显示软驱内没软盘!!!把日志传上来,高手指教一下!!
========Content========
Logfile of Kaka v2. 0. 3. 0 Scan Module v1. 0. 6. 1
Scan saved at 22:35:31, on 2007-03-30
Platform: Microsoft Windows XP Professional Service Pack 2 (Build 2600)
MSIE: Internet Explorer v6.00 SP2; (6.00.2900.2180 (xpsp_sp2_rtm.040803-2158))


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page=http://www.5566.org/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page=%SystemRoot%\system32\blank.htm
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: 127.0.0.1      mmm.caifu18.net
O1 - Hosts: 127.0.0.1      www.18dmm.com
O1 - Hosts: 127.0.0.1      d.qbbd.com
O1 - Hosts: 127.0.0.1      www.5117music.com
O1 - Hosts: 127.0.0.1      www.union123.com
O1 - Hosts: 127.0.0.1      www.wu7x.cn
O1 - Hosts: 127.0.0.1      www.54699.com
O1 - Hosts: 127.0.0.1      60.169.0.66
O1 - Hosts: 127.0.0.1      60.169.1.29
O1 - Hosts: 127.0.0.1      www.97725.com
O1 - Hosts: 127.0.0.1      down.97725.com
O1 - Hosts: 127.0.0.1      ip.315hack.com
O1 - Hosts: 127.0.0.1      ip.54liumang.com
O1 - Hosts: 127.0.0.1      www.41ip.com
O1 - Hosts: 127.0.0.1      xulao.com
O1 - Hosts: 127.0.0.1      www.heixiou.com
O1 - Hosts: 127.0.0.1      www.9cyy.com
O1 - Hosts: 127.0.0.1      www.hunll.com
O1 - Hosts: 127.0.0.1      www.down.hunll.com
O1 - Hosts: 127.0.0.1      do.77276.com
O1 - Hosts: 127.0.0.1      www.baidulink.com
O1 - Hosts: 127.0.0.1      adnx.yygou.cn
O1 - Hosts: 127.0.0.1      222.73.220.45
O1 - Hosts: 127.0.0.1      www.f5game.com
O1 - Hosts: 127.0.0.1      www.guazhan.cn
O1 - Hosts: 127.0.0.1      wm,103715.com
O1 - Hosts: 127.0.0.1      www.my6688.cn
O1 - Hosts: 127.0.0.1      i.96981.com
O1 - Hosts: 127.0.0.1      d.77276.com
O1 - Hosts: 127.0.0.1      www1.cw988.cn
O1 - Hosts: 127.0.0.1      cool.47555.com
O1 - Hosts: 127.0.0.1      www.asdwc.com
O1 - Hosts: 127.0.0.1      55880.cn
O2 - BHO: Thunder Browser Helper - {2F364305-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_006.dll
O2 - BHO: Flashget Catch Url Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: 快车(FlashGet) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files\FlashGet\fgiebar.dll
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\KakaTool.dll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [System Boot Check] C:\WINDOWS\system32\sysload3.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [runeip] C:\Program Files\Rising\AntiSpyware\runiep.exe
O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\RunOnce: [RavStub] "C:\Program Files\Rising\Rav\ravstub.exe" /RUNONCE
O4 - Startup: desktop.ini =
O4 - Global Startup: desktop.ini =
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &使用快车(FlashGet)下载 - C:\PROGRA~1\FlashGet\jc_link.htm
O8 - Extra context menu item: &使用快车(FlashGet)下载全部链接 - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\Program\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\Program\getallurl.htm
O8 - Extra context menu item: 使用KuGoo3下载(&K) - D:\Program Files\KuGoo3\KuGoo3DownX.htm
O8 - Extra context menu item: 使用超级解霸播放 - C:\Program Files\Herosoft\Hero 9\MPURLGET.HTM
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 用比特精灵下载(&B) - C:\Program Files\BitSpirit\bsurl.htm
O9 - Extra Button: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - C:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra 'Tools' menuitem: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - C:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra Button: 网址大全 - {1FBA04EE-3024-11D2-8F1F-0000F87ABD18} - http://www.coc.cc (file missing)
O9 - Extra Button: 豪杰超级解霸9 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - C:\Program Files\Herosoft\Hero 9\STHSDVD.EXE
O9 - Extra 'Tools' menuitem: 豪杰超级解霸9 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - C:\Program Files\Herosoft\Hero 9\STHSDVD.EXE
O9 - Extra Button: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra Button: 快车 - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: 快车(FlashGet) - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O14 - IERESET.INF: START_PAGE_URL=about:blank
O15 - Trusted Zone: mybank.icbc.com.cn
O15 - Trusted Zone: http://www.icbc.com.cn
O16 - DPF: {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (AxInputControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab
O16 - DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) - http://www.epson.com.cn/selftest/selftest/Prg/ESTPTest.cab
O16 - DPF: {8123E390-5EF7-11D5-A72E-006097BFA1AC} (EPSON Driver Auto-Install Control Class) - http://www.epson.com.cn/update/prg/estdinst.cab
O16 - DPF: {8AB6C00E-A068-44E9-953F-1BCFEEA2BB6A} (HBHelper.HBActivex) - http://www.henbang.com/unseal/hbyehoo.cab
O16 - DPF: {C37FBD87-3AA7-4640-9A8D-19AFC10B15B2} (Netease Chat Control) - http://room.chat.163.com/xchat/chat.cab
O16 - DPF: {EC0978ED-24E3-403C-AB7A-060E388553E6} (BoBo P2P多媒体网络点播/广播/直播系统 V3) - http://www.17bobo.com/Software/BoBo_ActiveX_V3.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{91A0E947-FA51-47DB-A2EC-53FB650719DD}: NameServer = 202.96.209.133 202.96.209.6
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ipp - (no CLSID) - (no file)
O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: KuGoo3 - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - D:\PROGRA~1\KuGoo3\InExtend\KUGOO3~1.OCX
O18 - Protocol: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll
O18 - Protocol: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll
O18 - Protocol: msdaipp - (no CLSID) - (no file)
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll
O23 - Service: Adobe LM Service (Adobe LM Service) - Adobe Systems - "C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"
O23 - Service: Human Interface Device Access (HidServ) -  - C:\WINDOWS\system32\svchost.exe -k netsvcs
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - "C:\Program Files\Rising\Rav\CCenter.exe"
O23 - Service: Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - "C:\Program Files\Rising\Rav\Ravmond.exe"



之前查出来的病毒名称:Trojan.PSW.XYOnline.mx
Trojan.PSW.RocOnline.cv
是不是和这两个病毒有关

用SReng扫份日志（置顶帖有）。

请下载 System Repair Engineer，使用“智能扫描”，按下“扫描”按钮进行扫描，扫描完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告日志文件内容复制-粘贴上来
下载网址
http://www.kztechs.com/sreng/sreng2.zip
http://forum.ikaka.com/topic.asp?board=67&artid=5188931
日志一次粘不完，分次粘完，请不要修改。