Trojan.DL.Small.ibr ?怎么删了又有?求助!总是C盘.
日志扫描如下:
HijackThis_zww汉化版扫描日志 V1.99.1
保存于      17:48:29, 日期 2006-07-21
操作系统：  Windows XP SP1 (WinNT 5.01.2600)
浏览器：    Unable to get Internet Explorer version!

当前运行的进程：         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
D:\瑞星杀毒\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\瑞星杀毒\Rising\Rav\Ravmond.exe
C:\WINDOWS\Explorer.EXE
d:\瑞星防火墙\rising\rfw\rfwsrv.exe
C:\WINDOWS\system32\spoolsv.exe
D:\瑞星杀毒\Rising\Rav\RavTask.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
d:\瑞星防火墙\rising\rfw\RfwMain.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
D:\瑞星杀毒\Rising\Rav\RavMon.exe
E:\Vagaa哇嘎\Vagaa\Vagaa.exe
E:\Vagaa哇嘎\Vagaa\VExplorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\日志扫描工具\2535952005811174944\HijackThis1991zww.exe

R3 - 默认的URLSearchHook丢失。用HijackThis修复
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: wmpdrm - {0E674588-66B7-4E19-9D0E-2053B800F69F} - C:\WINDOWS\System32\wmpdrm.dll
O2 - BHO: wmpdrm - {0E674588-66B7-4E19-9D0E-2053B800F69F}? - (no file)
O3 - IE工具栏增项: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - 启动项HKLM\\Run: [RavTask] "D:\瑞星杀毒\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [spoolsv] C:\WINDOWS\System32\spoolsv\spoolsv.exe -printer
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - F:\下载\QQ2006\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - F:\下载\QQ2006\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - F:\下载\QQ2006\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - F:\下载\QQ2006\SendMMS.htm
O10 - 未知的文件在 Winsock LSP: c:\windows\system32\quartz32.dll
O10 - 未知的文件在 Winsock LSP: c:\windows\system32\quartz32.dll
O16 - DPF: {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} (EWA Control) - http://et.263.net/realplayer/synalivesetup.exe
O16 - DPF: {3D8F74EE-8692-4F8F-B8D2-7522E732519E} (WebActivater Control) - http://game.qq.com/QQGame2.cab
O16 - DPF: {88734439-46D0-42C0-A13F-7E881EE550CF} (Filetran Control) - http://www.bluesky.cn/download/filetran.cab
O16 - DPF: {ACFE8232-03C5-4AEC-AF5E-42B806724096} (KSHScan Control) - http://safe.qq.com/scan/KAllScan.CAB
O16 - DPF: {C8BD9ACB-F7EC-48E6-BB2F-DAADC6789E9A} (Kingsoft DUBA OnlineScan) - http://zs.kingsoft.com/duba/OCX/KAVClean.CAB
O16 - DPF: {D57A1919-CB3C-461C-8F34-A87A1CD9127E} (My99Launch Control) - http://www.99cu.com/launcher/99launch_1000.cab
O16 - DPF: {EF9F1C48-1A63-495A-9317-B7B71B34A9CF} (Msp Class) - http://ddddl.dudu.com/ddd/update/plugin/dudumsp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{32AFCE4A-5E8C-4D95-96DE-95D357DF2A8D}: NameServer = 220.170.0.18 220.170.0.38
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - NT 服务: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - d:\瑞星防火墙\rising\rfw\rfwproxy.exe
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - d:\瑞星防火墙\rising\rfw\rfwsrv.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - D:\瑞星杀毒\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\瑞星杀毒\Rising\Rav\Ravmond.exe

参考：http://forum.ikaka.com/topic.asp?board=28&artid=7948848

修复
R3 - 默认的URLSearchHook丢失。用HijackThis修复
O2 - BHO: wmpdrm - {0E674588-66B7-4E19-9D0E-2053B800F69F}? - (no file)