刚刚瑞星监控查杀拉
Trojan.DL.Diyer.a 
Trojan.Clicker.Agent.adi 
Trojan.DL.Agent.htv
Trojan.DL.Agent.kij
  四个病毒,删除成功后发现注册表有三处被我同意修改(见下图)
    现在不时仍然有网页弹出，哪位老大告诉我该怎么修改啊?
  而且前面两个病毒瑞星病毒库里也没有啊!!!

下附日志!!
Logfile of HijackThis v1.99.1
Scan saved at 10:48:17, on 2006-8-14
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rising\Rav\Ravmond.exe
C:\WINDOWS\Explorer.EXE
c:\program files\rising\rfw\rfwsrv.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\Program Files\Rising\Rfw\rfwmain.exe
C:\WINDOWS\VM303_STI.EXE
C:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\ChinaNet\VnetClient.exe
C:\Program Files\Rising\Rav\Ravmon.exe
D:\qq\QQ\QQ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Rising\Rav\RavStub.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rising\Rav\RsAgent.exe
C:\WINDOWS\msagent\AgentSvr.exe
C:\WINDOWS\System32\rundll32.exe
D:\qq\TT\TTraveler.exe
C:\Program Files\Rising\Rav\Rav.exe
D:\HijackThis1.99.1\HijackThis1.99.1\HijackThis.exe

R3 - Default URLSearchHook is missing
O2 - BHO: MonitorURL Class - {08A312BB-5409-49FC-9347-54BB7D069AC6} - C:\PROGRA~1\DESKAD~1\deskipn.dll
O2 - BHO: VnetCookie Class - {4E83D567-4697-4F7B-B1F0-A513B01DB89A} - c:\PROGRA~1\chinanet\VNETTR~1.DLL
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - D:\qq\QQ\QQIEHelper.dll
O2 - BHO: YOK超级搜索 - {75FE2B5A-D3A4-4EFA-AC11-ADC9C9459688} - C:\Program Files\YOK.com\SuperSearch\YOK_SuperSearch.dll (file missing)
O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - D:\迅雷 Thunder5.2.0.207\Thunder5.2.0.207\ComDlls\XunLeiBHO_002.dll
O2 - BHO: (no name) - {A9930D97-9CF0-42A0-A10D-4F28836579D5} - D:\kugoo\KuGoo3\KuGoo3DownXControl.ocx
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: YOK超级搜索 - {F869BB38-FFEF-4589-B986-610B7AD0ADA2} - C:\Program Files\YOK.com\SuperSearch\YOK_SuperSearch.dll (file missing)
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe
O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [Desktop] C:\WINDOWS\System32\rundll32.exe "C:\Program Files\DeskAdTop\Run.dll" ,Rundll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: 腾讯QQ.lnk = D:\qq\QQ\QQ.exe
O4 - Global Startup: 星空极速.lnk = C:\Program Files\ChinaNet\VnetClient.exe
O8 - Extra context menu item: &使用迅雷下载 - D:\迅雷 Thunder5.2.0.207\Thunder5.2.0.207\Program\GetUrl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - D:\迅雷 Thunder5.2.0.207\Thunder5.2.0.207\Program\GetAllUrl.htm
O8 - Extra context menu item: YOK超级搜索 - C:\Program Files\YOK.com\SuperSearch\yoksch.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\qq\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 使用KuGoo3下载(&K) - D:\kugoo\KuGoo3\KuGoo3DownX.htm
O8 - Extra context menu item: 加入POCO网摘(&K) - http://my.poco.cn/fav/rightClick.php
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 我的POCO网摘(&O) - http://my.poco.cn/fav/open_myfav.php
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\qq\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\qq\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\qq\QQ\SendMMS.htm
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\qq\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\qq\QQ\QQ.EXE
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\qq\QQ\QQIEHelper.dll
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\qq\QQ\QQIEHelper.dll
O9 - Extra button: YOK超级搜索 - {F869BB38-FFEF-4589-B986-610B7AD0ADA2} - http://www.yok.com (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\quartz32.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\quartz32.dll
O16 - DPF: {E787FD25-8D7C-4693-AE67-9406BC6E22DF} (CPasswordEditCtrl Object) - https://www.tenpay.com/download/qqedit.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7B9D7601-0702-4A4A-A56F-EC64C625D9AB}: NameServer = 202.96.128.166 202.96.134.133
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: System Safety Monitor - C:\WINDOWS\SYSTEM32\SSMWinlogonEx.dll
O23 - Service: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\quartz32.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\quartz32.dll
需要用LSPFix 来修复..
LSPFix(汉化版) 下载地址:http://forum.ikaka.com/topic.asp?board=67&artid=5188931
(8楼...)
同时下载WinsockXPFix.exe...(2楼...)
----------------------------------------------------------------
先运行LSPFix ... 勾上 我确定要进行修复操作 ...
然后将quartz32.dll移到右边...点下完成...
----------------------------------------------------------------
如果在操作之后不能上网...请用WinsockXPFix.exe 修复一下即可...安全模式下..

修复
O2 - BHO: YOK超级搜索 - {75FE2B5A-D3A4-4EFA-AC11-ADC9C9459688} - C:\Program Files\YOK.com\SuperSearch\YOK_SuperSearch.dll (file missing)

http://www.pctutu.com/srmsdown.asp
下载超级兔子..用超级兔子清理王卸载流氓软件...(安全模式...)

哪位老大帮帮偶啊!
  一直在线等的!!!

清空 Temp 文件夹...

老大! 不好意思!
      偶刚刚操作错误!
我直接在非安全模式下用WinsockXPFix.exe把系统给fix了
然后系统就一直反复的重起,我只好在安全模式和正常模式下用LSPFix(汉化版) 进行修复操作,然后又用WinsockXPFix.exe在安全模式下fix, 还是反复重起,偶实在是灭有办法拉!
  现在终于又重装了系统.......
唉  真悲哀!! 
    偶这个菜鸟 真悲哀!!!
    老大能跟偶讲讲为什么会老是重起不?
    跟您学习学习点东西,以后就不会这么麻烦老是重装了!
现在我的系统应该灭有什么问题了吧??

老大  过来帮帮偶啊!!!!!!