帮我分析一下，该怎么解决？谢谢！
Logfile of HijackThis v1.99.1
Scan saved at 21:30:53 下午, on 2006-07-13
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\jj4\jjsvr4.exe
C:\Program Files\Antiy Labs\Alive\AliveCenter_.exe
D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
d:\Program Files\WinRAR\WinRAR.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX02.797

\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe

R3 - Default URLSearchHook is missing
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-

0050BA6940E3} - (no file)
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1

\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32

\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32

\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32

\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32

\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32

\igfxpers.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog

Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog

Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [TkBellExe] "C:\Program

Files\Realpack\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [nod32kui] "C:\Program

Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Antiy Auto Update] C:\Program Files\Antiy

Labs\Alive\AliveCenter.exe
O4 - HKLM\..\Run: [!ewido] "C:\Documents and

Settings\Administrator\桌面\ewido-anti-malware-4.0-green-

lwdown\ewido.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32

\ctfmon.exe
O4 - HKCU\..\Run: [pyjj] C:\Program Files\jj4\jjsvr4.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk =

D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &使用迅雷下载 - d:\Program

Files\Thunder Network\Thunder\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 -

d:\Program Files\Thunder Network\Thunder\getallurl.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\Program

Files\Tencent\qq\AddToNetDisk.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel

(&X) - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\Program

Files\Tencent\qq\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\Program

Files\Tencent\qq\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\Program

Files\Tencent\qq\SendMMS.htm
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-

00aa003c157b} - D:\Program Files\Tencent\qq\QQ.EXE
O9 - Extra 'Tools' menuitem: QQ - {c95fe080-8f5d-11d2-a20b-

00aa003c157b} - D:\Program Files\Tencent\qq\QQ.EXE
O9 - Extra button: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-

9460-4983E5A8AFE6} - D:\Program

Files\Tencent\qq\QQIEHelper.dll (file missing)
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-

FA35-45d9-9460-4983E5A8AFE6} - D:\Program

Files\Tencent\qq\QQIEHelper.dll (file missing)
O10 - Broken Internet access because of LSP provider

'c:\windows\system32\cdnns.dll' missing
O16 - DPF: {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} (Edit

Class) - https://www.sz1.cmbchina.com/download/CMBEdit.cab
O16 - DPF: {2354A44B-3CEB-4829-9940-545B03103538} (PowerPlr

Control) - http://www.3way.cn/plugin/PowerPlr.ocx
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (CEditCtrl

Object) - https://img.alipay.com/download/1007/aliedit.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (趋势科技在

线扫毒程序) -

http://www.trendmicro.com.cn/housecall/xscan53.cab
O16 - DPF: {A3CD7F74-93C9-4BC4-B892-CCDF1514F714} (Submit

Class) - https://pbank.95559.com.cn/personbank/ocx/safe.cab
O16 - DPF: {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (Rising

Web Scan Object) -

http://download.rising.com.cn/register/pcver/autoupgradepad/

pcver2006new/OL2006.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32

\igfxdev.dll
O23 - Service: g_win_Server - Unknown owner -

C:\WINDOWS\g_win_Server.exe
O23 - Service: InstallDriver Table Manager (IDriverT) -

Macrovision Corporation - C:\Program Files\Common

Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset  -

C:\Program Files\Eset\nod32krn.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent

Service (default)) - Analog Devices, Inc. - C:\Program

Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) -

Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead

Systems\DVD\ULCDRSvr.exe

O23 - Service: g_win_Server - Unknown owner - C:\WINDOWS\g_win_Server.exe
鸽子..安全模式...打开注册表编辑器，展开：HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
搜索g_win_Server删除...
删除
C:\WINDOWS\g_win_Server.exe

你日志看着头晕..

我已经照你说的去做了，在安全模式注册表里删除g_win_Server。　　　可是我在C:\WINDOWS\g_win_Server.exe　却也找不到要删除的g_win_Server.exe　　打开隐藏文件也没有发现这个东东。　　该怎么解决啊？？？？？

引用:

【magsx的贴子】我已经照你说的去做了，在安全模式注册表里删除g_win_Server。　　　可是我在C:\WINDOWS\g_win_Server.exe　却也找不到要删除的g_win_Server.exe　　打开隐藏文件也没有发现这个东东。　　该怎么解决啊？？？？？ ...........................

用ICESWORD这个工具查找试试

http://www.xfocus.net/tools/200605/1161.html
下载IceSword