真郁闷.系统不知道怎么回事,突然被强制安装了N多软件,并且打开IE之后自动弹出很多的垃圾网站,还不停的弹出来.我重起机器,进入安全模式杀毒,就杀出来两个病毒,一个病毒还是提示文件被删除,但是一直杀不掉,提示的病毒名称是:Trojan.Spy.Agent.bvv
重起机器之后.再打开IE还是一直弹出网页,并且瑞星的注册表监控和天网防火墙一直提示有东西被修改,或者有东西要通过IP规则...并且重起完机器之后发现声卡驱动竟然也坏了,机器没声音了,就听见主板老在响..然后我用sreng2扫描,提示说sreng2被感染病毒,不能启动了， 要我重新下载一个.....真郁闷啊.后来我的超级兔子也打不开了.一直提示错误!

下边是我重装SRE之后扫描的结果,麻烦谁帮我分析下吧...另外我声卡到现在还没声音..晕啊!


2006-11-07,00:31:05

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><;C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    <MSMSGS><; "C:\Program Files\Messenger\msmsgs.exe" /background>  [(Verified)Microsoft Corporation]
    <NetCounter><; c:\Program Files\NetCounter\NetCount.exe>  [N/A]
    <eMuleAutoStart><; D:\eMule\eMule.exe -AutoStart>  [N/A]
    <Super Rabbit IEPro><; D:\超级兔子魔法设置 v7.35\MagicSet\SRIECLI.EXE /LOAD>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <SKYNET Personal FireWall><D:\安全软件\天网防火墙\3.0\FireWall\PFW.exe>  [广州众达天网技术有限公司]
    <RavTask><"D:\安全软件\瑞星杀毒软件\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <Cmaudio><; RunDll32 cmicnfg.cpl,CMICtrlWnd>  [N/A]
    <StormCodec_Helper><; "D:\暴风影音\Storm Codec\StormSet.exe" /S /opti>  [N/A]
    <BigDogPath><; C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera>  [N/A]
    <Super Rabbit Shutdown><; D:\超级兔子魔法设置 v7.35\MagicSet\srshut.EXE /LOAD>  [N/A]
    <TkBellExe><;"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot>  [RealNetworks, Inc.]
    <WebThunder><; C:\Program Files\Thunder Network\WebThunder\WebThunder.exe>  [深圳市迅雷网络技术有限公司]
    <System><;C:\Program Files\Common Files\System\Update.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <DTService><rundll32.exe C:\WINDOWS\system32\drivers\soundmix.dll,Load>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <NetWork><C:\WINDOWS\system32\cmspl.dll>  []

==================================
启动文件夹
[Reboot]
  <C:\Documents and Settings\mststar\「开始」菜单\程序\启动\Reboot.exe -->  [N/A]><H>
[UTalk]
  <C:\Documents and Settings\mststar\「开始」菜单\程序\启动\UTalk.lnk --> F:\游戏辅助\UT\UTalk\UTalk.exe [2005-  新浪信息技术有限公司]><H>

==================================
服务
[Volume Optimization / AtHome]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\rreamk00.dll><Microsoft Corporation>
[ClipBook / ClipBook]
  <C:\WINDOWS\system32\clipsvr.exe><Microsoft Corporation>
[DCOM Server Process Launcher / DcomLaunch]
  <C:\WINDOWS\system32\svchost -k DcomLaunch-->%SystemRoot%\system32\rpcss.dll><Microsoft Corporation>
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[JMediaService / JMediaService]
  <C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\MMSASS~1\MMSSVER.DLL,Service><Microsoft Corporation>
[Remote Procedure Call (RPC) / RpcSs]
  <C:\WINDOWS\system32\svchost -k rpcss-->%SystemRoot%\system32\rpcss.dll><>
[Rising Process Communication Center / RsCCenter]
  <"D:\安全软件\瑞星杀毒软件\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"D:\安全软件\瑞星杀毒软件\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[Microsoft Update Service / SDTSTA]
  <C:\WINDOWS\SYSTEM32\RUNDLLFROMWIN2000.EXE C:\WINDOWS\SYSTEM32\WBEM\EUHKTW78.DLL,Export 1087><Microsoft Corporation>
[Servicel / Servicel]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\jetspeed.dll><N/A>
[Terminal Services / TermService]
  <C:\WINDOWS\System32\svchost -k DComLaunch-->%SystemRoot%\System32\termsrv.dll><Microsoft Corporation>
[Intranet Messenger / WIDETS]
  <C:\WINDOWS\SYSTEM32\RUNDLL.EXE C:\WINDOWS\SYSTEM32\WBEM\BNYYXB13.DLL,Export 1087><Microsoft Corporation>
[Windows Media Connect Service / WMConnectCDS]
  <C:\Program Files\Windows Media Connect 2\wmccds.exe><Microsoft Corporation>

==================================
驱动程序
[Albus / Albus]
  <\SystemRoot\system32\drivers\Albus.SYS><N/A>
[Rising TDI Base Driver / BaseTDI]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[C-Media WDM Audio Interface / cmuda]
  <system32\drivers\cmuda.sys><C-Media Inc>
[EagleNT / EagleNT]
  <\??\C:\WINDOWS\system32\drivers\EagleNT.sys><N/A>
[ExpScaner / ExpScaner]
  <\??\D:\安全软件\瑞星杀毒软件\Rising\Rav\ExpScan.sys><>
[hidport / hidport]
  <\??\C:\WINDOWS\system32\drivers\hidport.sys><Microsoft Corporation>
[HookCont / HookCont]
  <\??\D:\安全软件\瑞星杀毒软件\Rising\Rav\HOOKCONT.sys><Rising tech Co. ltd>
[HookReg / HookReg]
  <\??\D:\安全软件\瑞星杀毒软件\Rising\Rav\HookReg.sys><>
[HookSys / HookSys]
  <\??\D:\安全软件\瑞星杀毒软件\Rising\Rav\HookSys.sys><Rising>
[HSFHWBS2 / HSFHWBS2]
  <system32\DRIVERS\HSFBS2S2.sys><Conexant Systems, Inc.>
[HSF_DP / HSF_DP]
  <system32\DRIVERS\HSFDPSP2.sys><Conexant Systems, Inc.>
[IPvE Adapter Driver / IPvE]
  <system32\DRIVERS\IPvE.sys><Hongtien>
[kmsinput / kmsinput]
  <\??\C:\WINDOWS\system32\drivers\kmsinput.sys><N/A>
[lmgxha19 / lmgxha19]
  <\SystemRoot\system32\drivers\lmgxha19.sys><N/A>
[mdmxsdk / mdmxsdk]
  <system32\DRIVERS\mdmxsdk.sys><Conexant>
[MEMSCAN / MEMSCAN]
  <\??\D:\安全软件\瑞星杀毒软件\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[nv / nv]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[oreans32 / oreans32]
  <\??\C:\WINDOWS\system32\drivers\oreans32.sys><N/A>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv]
  <system32\DRIVERS\secdrv.sys><Macrovision Europe Ltd>
[SiS AGP Filter / sisagp]
  <\SystemRoot\system32\DRIVERS\SISAGPX.sys><Silicon Integrated Systems Corporation>
[SiSide / SiSide]
  <\SystemRoot\system32\DRIVERS\siside.sys><Silicon Integrated Systems Corp.>
[sisidex / sisidex]
  <\SystemRoot\system32\drivers\sisidex.sys><Windows (R) 2000 DDK provider>
[Add Performance Filter Driver / sisperf]
  <\SystemRoot\system32\drivers\sisperf.sys><Silicon Integrated Systems Corp.>
[SKNFW / SKNFW]
  <\??\C:\WINDOWS\system32\Drivers\SKNFW.sys><N/A>
[SkyProcs / SkyProcs]
  <\??\D:\安全软件\天网防火墙\3.0\FireWall\SkyProcs.sys><N/A>
[TCP/IP Protocol Driver / Tcpip]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[VCD VNC Virtual Network Adapter / vcddev]
  <system32\DRIVERS\vcdvnic.sys><VNN B.J.>
[winachsf / winachsf]
  <system32\DRIVERS\HSFCXTS2.sys><Conexant Systems, Inc.>
[World Standard Teletext Codec / WSTCODEC]
  <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>

================================

浏览器加载项
[IeEventObj Class]
  {0FAFD871-DFE0-496D-8953-0D5BA28E9766} <C:\Program Files\Internet Explorer\PLUGINS\AviPlayer.dll, >
[CAdLogic Object]
  {11F09AFD-75AD-4E51-AB43-E09E9351CE16} <C:\Program Files\Common Files\CPUSH\cpush0.dll, N/A>
[Vision]
  {6671A431-5C3D-463d-A7CF-5587F9B7E191} <C:\PROGRA~1\MMSASS~1\mmsass~1.dll, >
[]
  {930FD663-1720-4E8A-BC62-681A8BCEA428} <C:\WINDOWS\system32\adsnwer.dll, N/A>
[WinSC Class]
  {9ACEEE31-1440-471B-AA46-72B061FE7D61} <C:\WINDOWS\system32\SCIntruder.dll, N/A>
[Spoolsv Class]
  {9C363D55-07D7-433d-A13E-D9C105202F6F} <C:\WINDOWS\system32\drivers\spoolsv.dll, >
[IEHlprObj Class]
  {DE7C3CF0-4B15-11D1-ABED-709549C10000} <C:\WINDOWS\POPNT.DLL, >
[IEHlprObj Class]
  {EAACBF9E-4B91-45FF-93ED-B297093951EA} <C:\Program Files\Internet Explorer\PLUGINS\Flash_Player.dll, Adobe System>
[超级兔子上网精灵]
  {FEDF637B-F631-4583-A210-33CC828D42DB} <D:\超级兔~1.35\MagicSet\HAOKAN~1.DLL, 超级兔子>
[启动迅雷]
  {0062C9BD-B349-40DE-91A0-755F37ACD559} <D:\迅雷\Thunder.exe, N/A>
[MMSAssistMenu]
  {6671A433-5C3D-463d-A7CF-5587F9B7E191} <C:\PROGRA~1\MMSASS~1\mmsass~1.dll, >
[IE标准栏]
  {954F618B-0DEC-4D1A-9317-E0FC96F87865} <C:\WINDOWS\system32\amstreamxb1.dll, >
[超级兔子上网精灵]
  {FEDF637B-F631-4583-A210-33CC828D42DB} <D:\超级兔~1.35\MagicSet\HAOKAN~1.DLL, 超级兔子>
[MMCPlayer Class]
  {05C1004E-2596-48E5-8E26-39362985EEB9} <C:\WINDOWS\Downloaded Program Files\MMCShell.dll, Sohu.com Inc.>
[Nexon Package Manager Control]
  {2931566C-B8A6-46C5-BF4D-E6AB9251E953} <C:\WINDOWS\nxpm.ocx, (c) Nexon>
[nEdit Control]
  {32D72994-45B9-42B5-8980-FB561D1BE2D0} <C:\WINDOWS\system32\nEdit\nEdit.ocx, NetEase Information Technology (Beijing) Co. Ltd>
[updatePanelX Control]
  {43E839C5-E10F-443A-BC1F-F09CFD2ABC77} <C:\WINDOWS\system32\uusee\internet\updateC.ocx, uusee>
[CEditCtrl Object]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com>
[AxInputControl Class]
  {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\DOWNLO~1\INPUTC~1.DLL, >
[WebThunder Browser Helper]
  {00000AAA-A363-466E-BEF5-9BB68697AA7F} <C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_013.dll, Thunder Networking Technologies,LTD>
[internet explorer helper]
  {02C9B9AB-6372-46C5-B356-773FAF3B6B1E} <C:\WINDOWS\fonts\msshapi.dll, >
[ActiveMovieControl Object]
  {05589FA1-C356-11CE-BF01-00AA0055595A} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[MMCPlayer Class]
  {05C1004E-2596-48E5-8E26-39362985EEB9} <C:\WINDOWS\Downloaded Program Files\MMCShell.dll, Sohu.com Inc.>
[MonitorURL Class]
  {08A312BB-5409-49FC-9347-54BB7D069AC6} <C:\PROGRA~1\DESKAD~1\deskipn.dll, N/A>
[IeEventObj Class]
  {0FAFD871-DFE0-496D-8953-0D5BA28E9766} <C:\Program Files\Internet Explorer\PLUGINS\AviPlayer.dll, >
[CAdLogic Object]
  {11F09AFD-75AD-4E51-AB43-E09E9351CE16} <C:\Program Files\Common Files\CPUSH\cpush0.dll, N/A>
[MyIEHelper Class]
  {16A770A0-0E87-4278-B748-2460D64A8386} <, N/A>
[EWA Control]
  {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <D:\网络电视\PPLive\SYNACA~2.OCX, Synacast>
[XLink Class]
  {18F57D30-EF36-4C0E-9343-7BFA6DF79B4A} <C:\WINDOWS\system32\msplus.dll, >
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[CNxConnCtrl Object]
  {25142CCA-6788-434C-80BB-B9026F4273A1} <C:\WINDOWS\nxconn3.ocx, Nexon>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[Nexon Package Manager Control]
  {2931566C-B8A6-46C5-BF4D-E6AB9251E953} <C:\WINDOWS\nxpm.ocx, (c) Nexon>
[]
  {29A8B48F-9AB3-43D3-8B87-7D1888197563} <C:\WINDOWS\system32\ATIDEMGRED.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\WINDOWS\system32\dllcache\dhtmled.ocx, Microsoft Corporation>
[nEdit Control]
  {32D72994-45B9-42B5-8980-FB561D1BE2D0} <C:\WINDOWS\system32\nEdit\nEdit.ocx, NetEase Information Technology (Beijing) Co. Ltd>
[Tabular Data Control]
  {333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\system32\tdc.ocx, Microsoft Corporation>
[Deliverer Class]
  {3E290290-1728-4C1E-863A-AA12526333F6} <C:\WINDOWS\system32\ControlPanel.{21EC2020-3AEA-1069-A2DD-08002B30309d}\ControlPanel\ADDeliverer.dll, N/A>
[updatePanelX Control]
  {43E839C5-E10F-443A-BC1F-F09CFD2ABC77} <C:\WINDOWS\system32\uusee\internet\updateC.ocx, uusee>
[CEditCtrl Object]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com>
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
[NetAccelerate Class]
  {5673A7C0-95CC-4646-BB07-3BD71234CEF9} <C:\WINDOWS\system32\wuwebex.dll, Microsoft Corporation>
[ActiveBHO Class]
  {63C55A7F-6E29-8D4F-5C76-4F850F28D13A} <C:\Progra~1\DoDoorRSSFinder\ActiveBandObject.dll, >
[Vision]
  {6671A431-5C3D-463D-A7CF-5587F9B7E191} <C:\PROGRA~1\MMSASS~1\mmsass~1.dll, >
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[BHOImp Class]
  {70AFF2CB-9DA2-499C-8D15-900729FCE83D} <C:\WINDOWS\system32\YHBO.dll, N/A>
[AxInputControl Class]
  {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\DOWNLO~1\INPUTC~1.DLL, >
[MediaComm Class]
  {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <D:\迅雷\Components\InMedia\MediaAddin07.dll, Thunder Networking Technologies,LTD>
[RestrictWordCtrl Class]
  {7B030E2F-E210-4A1D-9837-861E9CB3B42A} <C:\WINDOWS\restrictword.ocx, TODO: <?? ??>>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\迅雷\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[AxSubmitControl Class]
  {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\DOWNLO~1\SUBMIT~1.DLL, >
[Mini PPGou BHO]
  {92FB5F8F-8254-4978-9C50-03D9B0405062} <C:\PROGRA~1\MINIPP~1\MINIPP~1.DLL, N/A>
[]
  {930FD663-1720-4E8A-BC62-681A8BCEA428} <C:\WINDOWS\system32\adsnwer.dll, N/A>
[IE标准栏]
  {954F618B-0DEC-4D1A-9317-E0FC96F87865} <C:\WINDOWS\system32\amstreamxb1.dll, >
[WinSC Class]
  {9ACEEE31-1440-471B-AA46-72B061FE7D61} <C:\WINDOWS\system32\SCIntruder.dll, N/A>
[Spoolsv Class]
  {9C363D55-07D7-433D-A13E-D9C105202F6F} <C:\WINDOWS\system32\drivers\spoolsv.dll, >
[estAliveObj Class]
  {A2B7A0F0-B697-4A71-8D91-43443F57D7BB} <C:\WINDOWS\estAlive.dll, Eastday Corporation>
[Qzone Media Tools]
  {A96C48EA-AA88-4BBD-B58C-7B41146A6EAC} <F:\游戏\qq\QZone\QZONEM~1.OCX, Tencent Technology (Shenzhen) Company Limited>
[WAB Importer/Exporter]
  {AA158CA5-93B4-4CD4-8D8C-BB6F9F515213} <C:\WINDOWS\System32\wabimp.dll, WAB Co.>
[LbaNfupe Class]
  {AE01EF09-04A6-5C28-4D1A-29724159196E} <C:\WINDOWS\DOWNLO~1\xpsnw.dll, wyzmpsoft>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Flash 8 ocx ]
  {B8CCDD47-38E4-4CD2-B7FA-3B4B690F74BD} <C:\WINDOWS\system32\flash8.dll, MACROMEDlA>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[isObject Class]
  {BE0B5843-553A-48C2-9A42-258A1D791AFC} <C:\PROGRA~1\pcast\hbcast.dll, Shanghai Henbang Technology Co., Ltd>
[Webacc Class]
  {CAC068F3-A608-406B-8581-458788A67694} <C:\WINDOWS\system32\svchost.dll, >
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[IEHlprObj Class]
  {D424FE4E-CAF9-4FDD-BC5F-E6E6B91D53BF} <C:\Progra~1\NetMeeting\nmview.dll, N/A>
[ARMP Control]
  {D5CD69C4-F983-46E2-AF79-455E892729FA} <C:\WINDOWS\system32\uusee\internet\ARMP.ocx, UUSEE>
[IEHlprObj Class]
  {DE7C3CF0-4B15-11D1-ABED-709549C10000} <C:\WINDOWS\POPNT.DLL, >
[IEHlprObj Class]
  {EAACBF9E-4B91-45FF-93ED-B297093951EA} <C:\Program Files\Internet Explorer\PLUGINS\Flash_Player.dll, Adobe System>
[超级兔子上网精灵]
  {FEDF637B-F631-4583-A210-33CC828D42DB} <D:\超级兔~1.35\MagicSet\HAOKAN~1.DLL, 超级兔子>
[&使用迅雷下载]
  <D:\迅雷\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <D:\迅雷\Program\GetAllUrl.htm, N/A>
[>>彩信发送<<]
  <res://C:\PROGRA~1\MMSASS~1\mmsass~1.dll/mms.htm, N/A>
[上传到QQ网络硬盘]
  <F:\游戏\qq\AddToNetDisk.htm, N/A>
[用比特精灵下载(&B)]
  <D:\BT客户端v3.3\BitSpirit\bsurl.htm, N/A>

==================================
正在运行的进程
[PID: 300][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 352][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 376][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 420][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 432][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\TcpIpDog1.dll]  [N/A, N/A]
[PID: 588][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 644][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\TcpIpDog1.dll]  [N/A, N/A]
[PID: 684][D:\安全软件\瑞星杀毒软件\Rising\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 700][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\TcpIpDog1.dll]  [N/A, N/A]
[PID: 752][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\TcpIpDog1.dll]  [N/A, N/A]
[PID: 764][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 796][D:\安全软件\瑞星杀毒软件\Rising\Rav\Ravmond.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 1, 35]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\RsLog.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\HOOKSYS.dll]  [Beijing Rising Technology Co., Ltd., 18, 1, 0, 11]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 32]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\libload.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\VirusLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\regmon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\HookWeb.dll]  [rising, 18, 0, 0, 2]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\MemMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\expscan.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\MailMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\SpamEng.dll]  [N/A, 18, 0, 0, 6]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\engine.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 35]
    [C:\WINDOWS\system32\TcpIpDog1.dll]  [N/A, N/A]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\PostTrt.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 18]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\UnExe.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\ScanExec.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 15]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\ScanEx.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 30]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\RSUnpack.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\ExtFile.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 21]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\NvFile.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 7]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\ScanMac.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\ScanSct.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\Unpacker.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\RsStore.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
[PID: 988][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 1196][C:\WINDOWS\system32\clipsvr.exe]  [Microsoft Corporation, 5, 2, 3790, 0]
[PID: 1360][C:\WINDOWS\system32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\MMSASS~1\MMSSVER.DLL]  [, 1, 2, 0, 6]
    [C:\WINDOWS\system32\TcpIpDog1.dll]  [N/A, N/A]
[PID: 1404][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\drivers\soundmix.dll]  [, 1, 4, 0, 0]
    [C:\WINDOWS\system32\TcpIpDog1.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\drivers\ext\dtdl.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\drivers\ext\dtsm.dll]  [N/A, N/A]
    [C:\WINDOWS\system\vm_WDM.dll]  [N/A, N/A]
    [C:\PROGRA~1\MMSASS~1\mmsass~1.dll]  [, 1, 2, 0, 6]
    [C:\PROGRA~1\MMSASS~1\albus.dll]  [Albus, 1, 0, 0, 2]
    [C:\WINDOWS\system32\adsnwer.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\SCIntruder.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\drivers\spoolsv.dll]  [, 1, 0, 1, 1]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 21]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[PID: 1500][C:\WINDOWS\SYSTEM32\RUNDLLFROMWIN2000.EXE]  [Microsoft Corporation, 5.00.2134.1]
    [C:\WINDOWS\system32\TcpIpDog1.dll]  [N/A, N/A]
[PID: 1984][D:\安全软件\瑞星杀毒软件\Rising\Rav\RavTask.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 22]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
[PID: 1996][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.0.1622]
[PID: 2000][D:\安全软件\瑞星杀毒软件\Rising\Rav\Ravmon.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 1, 33]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 26]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [D:\安全软件\瑞星杀毒软件\Rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[PID: 2012][C:\Program Files\Common Files\System\Update.exe]  [N/A, N/A]
    [C:\WINDOWS\system32\TcpIpDog1.dll]  [N/A, N/A]
[PID: 2044][C:\Program Files\Common Files\{B443AA0E-0700-2052-0407-030719020056}\Update.exe]  [N/A, N/A]
    [C:\Program Files\Common Files\{B443AA0E-0700-2052-0407-030719020056}\Services.dll]  [N/A, N/A]
[PID: 188][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1700][E:\宽带登陆\ishare_user.exe]  [N/A, N/A]
    [E:\宽带登陆\cw3220.DLL]  [Borland International, 2.0]
    [C:\WINDOWS\system32\TcpIpDog1.dll]  [N/A, N/A]
[PID: 1948][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\TcpIpDog1.dll]  [N/A, N/A]
[PID: 1916][C:\WINDOWS\system32\wscntfy.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2560][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3220][C:\WINDOWS\system32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\stdupnet.dll]  [ , 4, 1, 0, 3]
    [C:\WINDOWS\system32\albus.dll]  [Albus, 1, 0, 0, 3]
[PID: 2200][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2772][C:\program files\internet explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Internet Explorer\PLUGINS\AviPlayer.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Common Files\CPUSH\cpush0.dll]  [N/A, 1.0.1.6]
    [C:\WINDOWS\system32\TcpIpDog1.dll]  [N/A, N/A]
    [C:\PROGRA~1\MMSASS~1\mmsass~1.dll]  [, 1, 2, 0, 6]
    [C:\PROGRA~1\MMSASS~1\albus.dll]  [Albus, 1, 0, 0, 2]
    [C:\WINDOWS\system32\adsnwer.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\SCIntruder.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\drivers\spoolsv.dll]  [, 1, 0, 1, 1]
    [D:\超级兔~1.35\MagicSet\HAOKAN~1.DLL]  [超级兔子, 1.0.7.4]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
    [C:\WINDOWS\POPNT.DLL]  [, 1, 0, 0, 1]
[PID: 1576][C:\WINDOWS\realupdate.exe]  [, 1, 0, 0, 16]
[PID: 3200][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, N/A]
[PID: 3144][C:\DOCUME~1\mststar\LOCALS~1\Temp\Rar$EX00.576\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [C:\WINDOWS\system32\TcpIpDog1.dll]  [N/A, N/A]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
MSAFD Tcpip [TCP/IP]
    C:\WINDOWS\system32\TcpIpDog1.dll(N/A, N/A)
MSAFD Tcpip [UDP/IP]
    C:\WINDOWS\system32\TcpIpDog1.dll(N/A, N/A)
MSAFD Tcpip [RAW/IP]
    C:\WINDOWS\system32\TcpIpDog1.dll(N/A, N/A)
RSVP UDP Service Provider
    C:\WINDOWS\system32\TcpIpDogR0.dll(N/A, N/A)
RSVP TCP Service Provider
    C:\WINDOWS\system32\TcpIpDogR0.dll(N/A, N/A)

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1 LOCALHOST

==================================

没人来帮帮忙么?我急哦

使用360安全卫士清除插件

.360下载地址:
http://www.xdowns.com/soft/8/9/2006/Soft_31554.html


重新启动电脑，自动检测完后, 按[F8]键(可以一直按到启动菜单出来为止), 选择安全模式(Safe Mode)进入Windows。）


运行(双击)SRENG2，点“启动项目，服务，点“驱动程序”
勾选“隐藏已认证的微软项目”选中病毒服务lmgxha19选择“删除服务”
点“设置”选择“否”


运行(双击)SRENG2，点“启动项目，服务，点“Win32服务应用程序”
勾选“隐藏微软服务”选中病毒服务
Volume Optimization
JMediaService
Microsoft Update Service
Servicel
Intranet Messenger
，选择“删除服务”
点“设置”选择“否”


关闭所有浏览窗口以及一些不必要的程序
运行SREng2,使用“启动项目”－－注册表－－选中以下的项删除
C:\Program Files\Common Files\System\Update.exe
rundll32.exe C:\WINDOWS\system32\drivers\soundmix.dll
C:\WINDOWS\system32\cmspl.dll



显示隐藏文件
删除：
C:\WINDOWS\system32\rreamk00.dll
C:\PROGRA~1\MMSASS~1
C:\WINDOWS\SYSTEM32\RUNDLLFROMWIN2000.EXE
C:\WINDOWS\SYSTEM32\WBEM\EUHKTW78.DLL
C:\WINDOWS\SYSTEM32\WBEM\BNYYXB13.DLL
C:\WINDOWS\system32\jetspeed.dll
C:\WINDOWS\system32\drivers\lmgxha19.sys
C:\WINDOWS\system32\drivers\ext\dtdl.dll
C:\WINDOWS\system32\drivers\ext\dtsm.dll
C:\Program Files\Common Files\System\Update.exe
C:\WINDOWS\system32\drivers\soundmix.dll
C:\WINDOWS\system32\cmspl.dll