正在运行的进程:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCENTER.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rising\Rav\RavMonD.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Rising\Rav\rsnetsvr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\ScanFrm.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Rising\AntiSpyware\rstray.exe
C:\Program Files\Rising\Rav\RsTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
D:\Program Files\Tencent\QQ\QQ.exe
D:\Program Files\Tencent\QQ\TXPlatform.exe
C:\Program Files\Thunder\Program\Thunder5.exe
E:\毕业相片\HijackThis.exe

O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll
O2 - BHO: 卡卡上网安全助手 - {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} - C:\WINDOWS\system32\UrlFilter.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - IE 工具栏: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\StormII\Codec\qttask.exe" -atboottime
O4 - HKLM\..\Run: [runeip] "C:\Program Files\Rising\AntiSpyware\rstray.exe" /startup
O4 - HKLM\..\Run: [搜狐电视机网页版] C:\Program Files\sohutv_web\SysTrayIcon.exe "C:\Program Files\sohutv_web" "848d9d99238c59403eeb85142d2220d4" "1.0.0.9" ""
O4 - HKLM\..\Run: [RavTray] "C:\Program Files\Rising\Rav\RsTray.exe" -system
O4 - HKLM\..\RunOnce: [KKDelay] C:\Program Files\Rising\AntiSpyware\RunOnce.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - HKLM\..\Policies\Explorer\Run: [SystemManager] C:\WINDOWS\system32\dmdmgr.exe
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: QQ游戏启动加速程序.lnk = D:\Program Files\Tencent\QQGame\Accel.exe
O4 - Startup: 腾讯QQ.lnk = D:\Program Files\Tencent\QQ\QQ.exe
O4 - Global Startup: Windows Update.lnk = C:\Program Files\Windows Media Player\wmpnetwk.exe
O8 - 扩展右键菜单项: &U使用纳米机器人下载并收藏 - d:\Program Files\NamiRobot\Data\du.html
O8 - 扩展右键菜单项: 使用光影编辑和美化 - C:\Program Files\nEO iMAGING\NeoOpenNeo.htm
O8 - 扩展右键菜单项: 使用迅雷下载 - C:\Program Files\Thunder\Program\geturl.htm
O8 - 扩展右键菜单项: 使用迅雷下载全部链接 - C:\Program Files\Thunder\Program\getallurl.htm
O8 - 扩展右键菜单项: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - 扩展右键菜单项: 添加到QQ表情 - D:\Program Files\Tencent\QQ\AddEmotion.htm
O9 - 额外的按钮: (未命名) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - 额外的“工具”菜单项目: Sun Java 控制台 - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - 额外的按钮: Zcom 杂志 - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} - C:\Zcom\E-Space.exe(文件不存在)
O9 - 额外的“工具”菜单项目: Zcom 杂志(E-Space) - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} - C:\Zcom\E-Space.exe(文件不存在)
O15 - Trusted Zone: http://www.icbc.com.cn
O16 - DPF: {001290E5-CD10-4957-9D2B-FD2B74990219} (GovTifActiveX Control) - http://search.sipo.gov.cn/sipo/zljs/GovActive/GovTifActiveX.ocx
O16 - DPF: {05F5F404-7C24-4B39-B5CC-340CEDEB9C0D} (PhotoDrawEx Class) - http://imgcache.qq.com/qzone/client/photo/pages/QQPhotoDrawEx.cab
O16 - DPF: {1E0DFFCF-27FF-4574-849B-55007349FEDA} (iTrusPTA Class) - https://img.alipay.com/download/1101/aliedit.cab
O16 - DPF: {2375BEE5-F175-4F1C-81EC-8E4E2E72E2DD} (PhotoDraw Class) - http://imgcache.qq.com/qzone/cli ... QPhotoDrawSetup.exe
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (EditCtrl Class) - https://img.alipay.com/download/2121/aliedit.cab
O16 - DPF: {78ABDC59-D8E7-44D3-9A76-9A0918C52B4A} (DLoader Class) - http://dl.uc.sina.com/cab/downloader.cab
O16 - DPF: {BAEA0695-03A4-43BB-8495-C7025E1A8F42} (QQCertCtrl Class) - https://www.tenpay.com/download/qqedit.cab
O16 - DPF: {E4BFF825-2E50-4BCC-8497-6EFDFB6C9B3D} (AxUSBKey Class) - https://mybank.icbc.com.cn/icbc/newperbank/USBKEY.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{031878BC-F15B-4800-A946-73F50C9FE939}: NameServer = 61.187.98.3,61.187.98.6
O17 - HKLM\System\CCS\Services\Tcpip\..\{10F9030A-1E27-4E9C-ADE6-C61B83D25CBA}: NameServer = 222.246.129.80,59.51.78.210
O17 - HKLM\System\CS1\Services\Tcpip\..\{031878BC-F15B-4800-A946-73F50C9FE939}: NameServer = 61.187.98.3,61.187.98.6
O20 - AppInit_DLLs: kmon.dll
O23 - NT 服务:  Rav Process Communication Center (RavCCenter) - Beijing Rising Information Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCENTER.EXE
O23 - NT 服务:  Rising RavTask Manager (RavTask) - Beijing Rising Information Technology Co., Ltd. - C:\Program Files\Rising\Rav\RavTask.exe
O23 - NT 服务:  Rising RealTime Monitor (RsRavMon) - Beijing Rising Information Technology Co., Ltd. - C:\Program Files\Rising\Rav\RavMonD.exe
O23 - NT 服务:  Rising Scan Service (RsScanSrv) - Beijing Rising Information Technology Co., Ltd. - C:\Program Files\Rising\Rav\ScanFrm.exe
-------------------
这个是HIJACKTHIS的日志。

还附了一个SREngLOG


用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; CIBA)

Sreng官方下载
SREng/智能扫描(记得勾选“检查进程的数字签名)
等扫描完成,保存日志(LOG格式)
PS：如主程序SREng**.exe无法运行,导致无法扫描日志
将主程序改名为我爱小狮子.bat
或我爱小狮子.scr
日志放入附件
（点击我这贴右下角的“引用”或最右下角的那个较大的“回复”然后就应该知道怎么发了。）

============
好了~

C:\Program Files\Windows Media Player\wmpnetwk.exe
发到可疑文件交流区

C:\WINDOWS\system32\hadl.dll
C:\WINDOWS\system32\dmdmgr.exe
去
http://www.virscan.org/
检测
结果发上来

a-squared 4.0.0.29 20090209010115 2009-02-09 - 2.484
AntiVir 7.9.0.76 7.1.1.243 2009-02-08 - 1.942
Authentium 5.1.1 200902081824 2009-02-08 - 1.145
AVAST! 3.0.1 090208-1 2009-02-08 - 0.834
AVG 7.5.52.442 270.10.19/1940 2009-02-08 - 1.992
BitDefender 7.81008.2640116 7.23566 2009-02-09 - 3.562
CA (VET) 9.0.0.143 31.6.6346 2009-02-07 - 3.490
ClamAV 0.94.2 8966 2009-02-09 - 0.128
Comodo 3.0 971 2009-02-08 - 1.099
CP Secure 1.1.0.715 2009.02.07 2009-02-07 - 7.094
Dr.Web 4.44.0.9170 2009.02.09 2009-02-09 - 4.014
F-Prot 4.4.4.56 20090208 2009-02-08 - 1.126
F-Secure 5.51.6100 2009.02.08.05 2009-02-08 - 0.076
GData 19.2928/19.218 20090208 2009-02-08 - 3.363
Ikarus T3.1.01.45 2009.02.09.72275 2009-02-09 - 4.150
Microsoft 1.4306 2009.02.08 2009-02-08 - 7.043
mks_vir 2.01 2009.02.09 2009-02-09 - 2.729
Norman 6.00.02 6.00.00 2009-02-06 - 8.008
nProtect 20090208.01 3115293 2009-02-08 - 8.399
Quick Heal 10.00 2009.02.07 2009-02-07 - 2.786
Sophos 2.83.3 4.38 2009-02-09 - 2.416
Sunbelt 4804 4804 2009-02-06 - 0.515
The Hacker 6.3.1.5 v00249 2009-02-08 - 0.535
VBA32 3.12.8.12 20090208.0932 2009-02-08 - 2.283
ViRobot 20090206 2009.02.06 2009-02-06 - 0.680
VirusBuster 4.5.11.10 10.101.6/894383 2009-02-08 - 1.129
卡巴斯基 5.5.10 2009.02.08 2009-02-08 - 0.064
安博士V3 2009.02.09.00 2009.02.09 2009-02-09 - 1.396
安天 2.0.18 20090206.2159922 2009-02-06 - 0.017
江民杀毒 11.0.706 2009.02.08 2009-02-08 - 1.501
熊猫卫士 9.05.01 2009.02.08 2009-02-08 - 5.288
瑞星 20.0 21.15.50.00 2009-02-07 - 1.290
赛门铁克 1.3.0.24 20090208.016 2009-02-08 - 0.051
趋势科技 8.700-1004 5.822.43 2009-02-08 - 0.026
迈克菲 5.3.00 5520 2009-02-08 - 3.154
金山毒霸 2008.9.8.18 2009.2.9.9 2009-02-09 - 4.725
飞塔 2.81-3.117 10.14 2009-02-08 - 0.178
=================
扫描结果 :  8%的杀软(3/37)报告发现病毒
时间 :  2009/02/09 10:35:21 (CST)
软件名称 引擎版本 病毒库版本 病毒库时间 扫描结果 时间
a-squared 4.0.0.29 20090209010115 2009-02-09 Downloader.Agent!IK 2.290
AntiVir 7.9.0.76 7.1.1.243 2009-02-08 DR/Agent.rgg 1.933
Authentium 5.1.1 200902081824 2009-02-08 - 1.140
AVAST! 3.0.1 090208-1 2009-02-08 - 0.072
AVG 7.5.52.442 270.10.19/1940 2009-02-08 - 1.896
BitDefender 7.81008.2640116 7.23566 2009-02-09 - 2.455
CA (VET) 9.0.0.143 31.6.6346 2009-02-07 - 4.014
ClamAV 0.94.2 8966 2009-02-09 - 0.636
Comodo 3.0 971 2009-02-08 - 0.911
CP Secure 1.1.0.715 2009.02.07 2009-02-07 - 7.075
Dr.Web 4.44.0.9170 2009.02.09 2009-02-09 - 4.108
F-Prot 4.4.4.56 20090208 2009-02-08 - 1.150
F-Secure 5.51.6100 2009.02.08.05 2009-02-08 - 0.107
GData 19.2928/19.218 20090208 2009-02-08 - 3.521
Ikarus T3.1.01.45 2009.02.09.72275 2009-02-09 Downloader.Agent 3.645
Microsoft 1.4306 2009.02.08 2009-02-08 - 4.603
mks_vir 2.01 2009.02.09 2009-02-09 - 2.788
Norman 6.00.02 6.00.00 2009-02-06 - 8.010
nProtect 20090208.01 3115293 2009-02-08 - 8.593
Quick Heal 10.00 2009.02.07 2009-02-07 - 2.191
Sophos 2.83.3 4.38 2009-02-09 - 2.511
Sunbelt 4804 4804 2009-02-06 - 1.133
The Hacker 6.3.1.5 v00249 2009-02-08 - 0.535
VBA32 3.12.8.12 20090208.0932 2009-02-08 - 2.614
ViRobot 20090206 2009.02.06 2009-02-06 - 0.414
VirusBuster 4.5.11.10 10.101.6/894383 2009-02-08 - 1.452
卡巴斯基 5.5.10 2009.02.08 2009-02-08 - 0.066
安博士V3 2009.02.09.00 2009.02.09 2009-02-09 - 1.181
安天 2.0.18 20090206.2159922 2009-02-06 - 0.016
江民杀毒 11.0.706 2009.02.08 2009-02-08 - 1.922
熊猫卫士 9.05.01 2009.02.08 2009-02-08 - 3.522
瑞星 20.0 21.15.50.00 2009-02-07 - 0.761
赛门铁克 1.3.0.24 20090208.016 2009-02-08 - 0.058
趋势科技 8.700-1004 5.822.43 2009-02-08 - 0.042
迈克菲 5.3.00 5520 2009-02-08 - 3.227
金山毒霸 2008.9.8.18 2009.2.9.9 2009-02-09 - 3.136
飞塔 2.81-3.117 10.14 2009-02-08 - 0.210

C:\Program Files\Windows Media Player\wmpnetwk.exe
发到可疑文件交流区
==============
就把这个名称发去就可以了？

C:\WINDOWS\system32\hadl.dll
C:\WINDOWS\system32\dmdmgr.exe
也发过去吧


清理助手下载
安装后，升级清理助手，全盘扫描
清理系统

还是没解决问题呀