我浏览网页时不小心带进了流氓软件和病毒！现在已经清除了流氓软件和部分病毒，但仍可能有病毒在系统内，无法设置“hao123”为首页还有QQ的查杀木马功能被破坏！请各位高手帮帮我！谢谢了！
这是HJ扫描的日志：
Logfile of HijackThis v1.99.1
Scan saved at 17:32:08, on 2007-7-26
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Dfssvr.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\WINDOWS\cluster.exe
C:\WINDOWS\system32\svchost.exe
c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
c:\program files\mcafee.com\vso\mcvsshld.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
c:\program files\mcafee.com\agent\mcagent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\WINDOWS\system32\conime.exe
C:\WINDOWS\explorer.exe
D:\系统日志\HJ\HijackThis.exe

O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [Sysmppcv] ; "C:\WINDOWS\system32\Rundll32.exe" "C:\WINDOWS\system32\SysTdSvr.dll",Start
O4 - HKLM\..\Run: [tsnpstd3] ; C:\WINDOWS\tsnpstd3.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: 腾讯QQ.lnk = C:\Program Files\TENCENT\QQ\QQ.exe
O8 - Extra context menu item: 使用迅雷下载 - D:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm
O8 - Extra context menu item: 使用迅雷下载全部链接 - D:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O9 - Extra button: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra 'Tools' menuitem: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\Program Files\Thunder Network\Thunder\Thunder.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=
O14 - IERESET.INF: START_PAGE_URL=
O17 - HKLM\System\CCS\Services\Tcpip\..\{08944F2A-227E-4F61-AFAA-54BE3A9A2D93}: NameServer = 202.99.166.4 202.99.160.68
O17 - HKLM\System\CS1\Services\Tcpip\..\{08944F2A-227E-4F61-AFAA-54BE3A9A2D93}: NameServer = 202.99.166.4 202.99.160.68
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe

这是SRENG扫描的日志:
[CODE]

2007-07-26,17:31:13

System Repair Engineer 2.4.12.806
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
    <MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background>  [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]
    <MSPY2002><C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows Publisher]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot>  [RealNetworks, Inc.]
    <MCUpdateExe><C:\PROGRA~1\mcafee.com\agent\McUpdate.exe>  [McAfee, Inc]
    <MCAgentExe><c:\PROGRA~1\mcafee.com\agent\mcagent.exe>  [McAfee, Inc]
    <VSOCheckTask><"C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask>  [McAfee, Inc.]
    <VirusScan Online><C:\Program Files\McAfee.com\VSO\mcvsshld.exe>  [McAfee, Inc.]
    <OASClnt><C:\Program Files\McAfee.com\VSO\oasclnt.exe>  [McAfee, Inc.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><c:\windows\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <Sysmppcv><; "C:\WINDOWS\system32\Rundll32.exe" "C:\WINDOWS\system32\SysTdSvr.dll",Start>  [N/A]
    <tsnpstd3><; C:\WINDOWS\tsnpstd3.exe>  []

==================================
启动文件夹
[腾讯QQ]
  <C:\Documents and Settings\Admin\「开始」菜单\程序\启动\腾讯QQ.lnk --> C:\PROGRA~1\TENCENT\QQ\QQ.exe [TENCENT]><N>

==================================
服务
[Distributed File System / Dfs][Running/Auto Start]
  <C:\WINDOWS\system32\Dfssvr.exe><Microsoft Corporation>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[ASP.NET FrameWork Service / LocalServices][Stopped/Auto Start]
  <C:\WINDOWS\system32\Svchost.exe -k LocalServices-->C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\Local.dll><N/A>
[McAfee WSC Integration / McDetect.exe][Running/Auto Start]
  <c:\program files\mcafee.com\agent\mcdetect.exe><McAfee, Inc>
[McAfee.com McShield / McShield][Running/Auto Start]
  <c:\PROGRA~1\mcafee.com\vso\mcshield.exe><McAfee Inc.>
[McAfee Task Scheduler / McTskshd.exe][Running/Auto Start]
  <c:\PROGRA~1\mcafee.com\agent\mctskshd.exe><McAfee, Inc>
[McAfee SecurityCenter Update Manager / mcupdmgr.exe][Stopped/Manual Start]
  <C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe><McAfee, Inc>

==================================
驱动程序
[1xx14ma / 1xx14ma][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\1xx14ma.sys><N/A>
[Service for WDM 3D Audio Driver / ALCXSENS][Running/Manual Start]
  <system32\drivers\ALCXSENS.SYS><Sensaura Ltd>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AliIde / AliIde][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\aliide.sys><N/A>
[CmdIde / CmdIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[dq7 / dq7j][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\dq7j.sys><N/A>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Running/Manual Start]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[KAVBootC / KAVBootC][Running/Boot Start]
  <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
[MegaIDE / MegaIDE][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\MegaIDE.sys><LSI Logic Corporation.>
[msnc / msnc][Stopped/Auto Start]
  <system32\DRIVERS\msnc.sys><N/A>
[mszstb / mszstb][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\mszstb.sys><N/A>
[NaiAvFilter1 / NaiAvFilter1][Running/Manual Start]
  <system32\drivers\naiavf5x.sys><McAfee Inc.>
[npkcrypt / npkcrypt][Stopped/Auto Start]
  <\??\D:\Program Files\Tencent\TM\TMDlls\npkcrypt.sys><N/A>
[nv / nv][Stopped/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[rhpeod / rhpeod][Stopped/Boot Start]
  <\SystemRoot\\SystemRoot\System32\drivers\rhpeod.sys><N/A>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[USB PC Camera (SNPSTD3) / SNPSTD3][Running/Manual Start]
  <system32\DRIVERS\snpstd3.sys><>
[uxjgkx8 / uxjgkx83][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\uxjgkx83.sys><N/A>
[viagfx / viagfx][Running/Manual Start]
  <system32\DRIVERS\vtmini.sys><Copyright (C) VIA/S3 Graphics Co, Ltd.>
[ViaIde / ViaIde][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>

==================================
浏览器加载项
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <D:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[McAfee VirusScan]
  {BA52B914-B692-46c4-B683-905236F6F655} <c:\progra~1\mcafee.com\vso\mcvsshl.dll, McAfee, Inc.>
[McAfee VirusScan]
  {BA52B914-B692-46C4-B683-905236F6F655} <c:\progra~1\mcafee.com\vso\mcvsshl.dll, McAfee, Inc.>
[使用迅雷下载]
  <D:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[使用迅雷下载全部链接]
  <D:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>

==================================

正在运行的进程
[PID: 544][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 624][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 648][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 692][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 704][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 848][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 936][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1028][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1668][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\progra~1\mcafee.com\vso\McVSSkt.dll]  [McAfee, Inc., 10, 0, 0, 26]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\mszstb.dll]  [N/A, ]
    [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 8.0.0.0]
    [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS]  [Adobe Systems, Inc., 8.0.0.0]
    [c:\progra~1\mcafee.com\vso\mcvsshl.dll]  [McAfee, Inc., 10, 0, 0, 19]
    [c:\progra~1\mcafee.com\vso\ShlRes.dll]  [McAfee, Inc., 10, 0, 0, 19]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
[PID: 1864][C:\WINDOWS\cluster.exe]  [, 5.2.3790.3959 ]
    [c:\progra~1\mcafee.com\vso\McVSSkt.dll]  [McAfee, Inc., 10, 0, 0, 26]
[PID: 2028][c:\PROGRA~1\mcafee.com\vso\OasClnt.exe]  [McAfee, Inc., 10, 0, 0, 24]
    [c:\program files\mcafee.com\agent\mcagntps.dll]  [McAfee, Inc, 5, 0, 0, 0]
    [c:\progra~1\mcafee.com\vso\naiannps.dll]  [McAfee, Inc, 10, 0, 0, 0]
    [c:\progra~1\mcafee.com\vso\mcvsps.dll]  [McAfee, Inc, 10, 0, 0, 17]
    [c:\progra~1\mcafee.com\vso\McVSSkt.dll]  [McAfee, Inc., 10, 0, 0, 26]
[PID: 204][c:\program files\mcafee.com\vso\mcvsshld.exe]  [McAfee, Inc., 10, 0, 0, 22]
    [C:\Program Files\McAfee.com\VSO\VsCfgW32.dll]  [McAfee, Inc., 10, 0, 0, 26]
    [c:\program files\mcafee.com\vso\ashldres.dll]  [McAfee, Inc., 10, 0, 0, 26]
    [c:\program files\mcafee.com\agent\submgr\6,0,0,16\mcsubmgr.dll]  [McAfee, Inc, 6, 0, 0, 16]
    [c:\program files\mcafee.com\agent\mcagntps.dll]  [McAfee, Inc, 5, 0, 0, 0]
    [c:\progra~1\mcafee.com\vso\mcvsps.dll]  [McAfee, Inc, 10, 0, 0, 17]
    [c:\progra~1\mcafee.com\vso\McVSSkt.dll]  [McAfee, Inc., 10, 0, 0, 26]
[PID: 248][c:\progra~1\mcafee.com\vso\mcvsescn.exe]  [McAfee, Inc., 10, 0, 0, 20]
    [c:\progra~1\mcafee.com\vso\ashldres.dll]  [McAfee, Inc., 10, 0, 0, 26]
    [c:\progra~1\mcafee.com\vso\EmScnRes.dll]  [McAfee, Inc., 10, 0, 0, 26]
    [c:\program files\mcafee.com\vso\vsoupd.dll]  [McAfee, Inc., 10, 0, 0, 26]
    [c:\progra~1\mcafee.com\vso\McVSSkt.dll]  [McAfee, Inc., 10, 0, 0, 26]
    [c:\progra~1\mcafee.com\vso\McVsWorm.dll]  [McAfee, Inc., 10, 0, 0, 19]
    [C:\Program Files\McAfee.com\VSO\VsCfgW32.dll]  [McAfee, Inc., 10, 0, 0, 26]
    [c:\progra~1\mcafee.com\vso\WormRes.dll]  [McAfee, Inc., 10, 0, 0, 19]
    [c:\program files\mcafee.com\agent\mcagntps.dll]  [McAfee, Inc, 5, 0, 0, 0]
[PID: 252][c:\program files\mcafee.com\agent\mcagent.exe]  [McAfee, Inc, 6, 0, 0, 16]
    [c:\program files\mcafee.com\agent\SCRes.dll]  [McAfee, Inc, 6, 0, 0, 7]
    [c:\program files\mcafee.com\agent\submgr\6,0,0,16\mcsubmgr.dll]  [McAfee, Inc, 6, 0, 0, 16]
    [c:\program files\mcafee.com\agent\mcagntps.dll]  [McAfee, Inc, 5, 0, 0, 0]
    [c:\progra~1\mcafee.com\vso\McVSSkt.dll]  [McAfee, Inc., 10, 0, 0, 26]
[PID: 1452][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.0.1622]
    [c:\progra~1\mcafee.com\vso\McVSSkt.dll]  [McAfee, Inc., 10, 0, 0, 26]
[PID: 1256][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\progra~1\mcafee.com\vso\McVSSkt.dll]  [McAfee, Inc., 10, 0, 0, 26]
[PID: 1324][C:\Program Files\Messenger\msmsgs.exe]  [Microsoft Corporation, 4.7.3000]
    [c:\progra~1\mcafee.com\vso\McVSSkt.dll]  [McAfee, Inc., 10, 0, 0, 26]
[PID: 2164][c:\progra~1\mcafee.com\vso\mcvsftsn.exe]  [McAfee, Inc., 10, 0, 0, 19]
    [C:\Program Files\McAfee.com\VSO\VsCfgW32.dll]  [McAfee, Inc., 10, 0, 0, 26]
    [c:\program files\mcafee.com\agent\submgr\6,0,0,16\mcsubmgr.dll]  [McAfee, Inc, 6, 0, 0, 16]
    [c:\progra~1\mcafee.com\vso\McVSSkt.dll]  [McAfee, Inc., 10, 0, 0, 26]
    [c:\program files\mcafee.com\agent\mcagntps.dll]  [McAfee, Inc, 5, 0, 0, 0]
[PID: 560][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\progra~1\mcafee.com\vso\McVSSkt.dll]  [McAfee, Inc., 10, 0, 0, 26]
[PID: 2980][D:\系统日志\SRENG\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]
    [c:\progra~1\mcafee.com\vso\McVSSkt.dll]  [McAfee, Inc., 10, 0, 0, 26]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  Error. [C:\WINDOWS\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  Error. [C:\WINDOWS\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]

XDELBOX;下载地址http://bark.net.cn/soft/down/xdelbox1.3.rar
清空IE的临时文件：打开IE 点工具—>Internet选项—>Internet临时文件—>点“删除文件”按钮—>将 "删除所有脱机内容" 打勾—>点"确定"。
打开XDELBOX，选中抑制再生，添加下面所有路径或在空白处点右键-从剪贴板导入,在抑制再生前打钩,在要删除文件上点击右键，选择立刻重启删除[有提示不存在该文件的就忽略,添加其它文件]）:
C:\WINDOWS\System32\DRIVERS\dq7j.sys
C:\WINDOWS\System32\drivers\rhpeod.sys
C:\WINDOWS\system32\DRIVERS\msnc.sys
C:\WINDOWS\System32\DRIVERS\uxjgkx83.sys
C:\WINDOWS\system32\drivers\1xx14ma.sys
C:\WINDOWS\system32\drivers\mszstb.sys
成功删除之后进入安全模式下[安全模式进入方法:重启电脑时按住F8 选择进入安全模式]
==========================================================================
运行SREng-在"启动项目->服务->驱动程序"选中"隐藏已认证的微软服务" 然后将下面名称的服务删除（选中有问题的服务后，点“删除服务”，点“设置”按钮即可。 注意弹出的窗口中要点 “NO 否”才是确认删除服务）(不能删除的就禁用:启动类型改为disabled,点中修改启动类型，点设置):
[1xx14ma / 1xx14ma][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\1xx14ma.sys><N/A>
[dq7 / dq7j][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\dq7j.sys><N/A>
[msnc / msnc][Stopped/Auto Start]
<system32\DRIVERS\msnc.sys><N/A>
[mszstb / mszstb][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\mszstb.sys><N/A>
[rhpeod / rhpeod][Stopped/Boot Start]
<\SystemRoot\\SystemRoot\System32\drivers\rhpeod.sys><N/A>
[uxjgkx8 / uxjgkx83][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\uxjgkx83.sys><N/A>

感觉这个病毒比较新,有可能的话交份样本上来