我是真封神的网游玩家，最近不知道怎么回事老被盗号，一天被盗一次。这是我用SREng扫描的日志，请各位高手帮忙看下，到底是什么地方出了问题。
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <Internat.exe><Internat.exe>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <NvCplDaemon><RUNDLL32.EXE D:\WINNT\system32\NvCpl.dll,NvStartup>  [(Verified)NVIDIA Corporation]
    <nwiz><nwiz.exe /install>  [NVIDIA Corporation]
    <C-Media Mixer><Mixer.exe /startup>  [C-Media Electronic Inc. (www.cmedia.com.tw)]
    <SunJavaUpdateSched><D:\Program Files\Java\jre1.5.0\bin\jusched.exe>  [N/A]
    <Synchronization Manager><mobsync.exe /logon>  [(Verified)Microsoft Corporation]
    <NvMediaCenter><RUNDLL32.EXE D:\WINNT\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)NVIDIA Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><D:\WINNT\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{6E44887F-5214-41F2-AB46-4728735C4CC6}><D:\Program Files\Internet Explorer\PLUGINS\System8.sys>  [N/A]

==================================
启动文件夹
N/A

==================================
服务
[ASP.NET State Service / aspnet_state]
  <D:\WINNT\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[Logical Disk Manager Administrative Service / dmadmin]
  <D:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[NVIDIA Display Driver Service / NVSvc]
  <D:\WINNT\system32\nvsvc32.exe><NVIDIA Corporation>
[Windows DHCP Service / WinDHCPsvc]
  <D:\WINNT\system32\rundll32.exe windhcp.ocx,start><Microsoft Corporation>
[Portable Media Serial Number Service / WmdmPmSN]
  <D:\WINNT\System32\svchost.exe -k netsvcs-->D:\WINNT\system32\mspmsnsv.dll><Microsoft Corporation>

【回复“双子秘密”的帖子】
接上面
驱动程序
[Cdr4_2K / Cdr4_2K]
  <D:\WINNT\SYSTEM32\DRIVERS\Cdr4_2K.SYS><Roxio>
[Cdralw2k / Cdralw2k]
  <D:\WINNT\SYSTEM32\DRIVERS\Cdralw2k.SYS><Roxio>
[C-Media PCI Audio Driver (WDM) / cmpci]
  <system32\drivers\cmaudio.sys><C-Media Inc>
[dmboot / dmboot]
  <System32\drivers\dmboot.sys><VERITAS Software Corp.>
[Logical Disk Manager Driver / dmio]
  <\SystemRoot\System32\drivers\dmio.sys><VERITAS Software Corp.>
[dmload / dmload]
  <\SystemRoot\System32\drivers\dmload.sys><VERITAS Software Corp.>
[npkcrypt / npkcrypt]
  <\??\C:\QQb3\QQ\npkcrypt.sys><N/A>
[nv / nv]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Realtek RTL8139/810x Family Fast Etnernet NIC NT Driver / rtl8139]
  <system32\DRIVERS\R8139n5.SYS><Realtek Semiconductor Corporation>
[World Standard Teletext Codec / WSTCODEC]
  <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>

==================================
浏览器加载项
[JUJU猫]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.jujumao.com, N/A>
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[@msdxmLC.dll,-1@2052,电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <D:\WINNT\system32\msdxm.ocx, Microsoft Corporation>
[Java Plug-in 1.5.0]
  {8AD9C840-044E-11D1-B3E9-00805F499D93} <D:\Program Files\Java\jre1.5.0\bin\npjpi150.dll, JavaSoft / Sun Microsystems, Inc.>
[Java Plug-in 1.5.0]
  {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} <D:\Program Files\Java\jre1.5.0\bin\npjpi150.dll, JavaSoft / Sun Microsystems, Inc.>
[上传到QQ网络硬盘]
  <C:\QQb3\QQ\AddToNetDisk.htm, N/A>
[添加到QQ自定义面板]
  <C:\QQb3\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <C:\QQb3\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <C:\QQb3\QQ\SendMMS.htm, N/A>

接上
==================================
正在运行的进程
[PID: 136][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.00.2195.6601]
[PID: 164][\??\D:\WINNT\system32\csrss.exe]  [Microsoft Corporation, 5.00.2195.6601]
[PID: 160][\??\D:\WINNT\system32\winlogon.exe]  [Microsoft Corporation, 5.00.2195.6997]
[PID: 212][D:\WINNT\system32\services.exe]  [Microsoft Corporation, 5.00.2195.7035]
    [D:\WINNT\system32\dmserver.dll]  [VERITAS Software Corp., 2195.6605.297.3]
[PID: 232][D:\WINNT\system32\lsass.exe]  [Microsoft Corporation, 5.00.2195.7011]
[PID: 400][D:\WINNT\system32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 440][D:\WINNT\system32\spoolsv.exe]  [Microsoft Corporation, 5.00.2195.7059]
[PID: 472][D:\WINNT\system32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 500][D:\WINNT\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.10.7189]
[PID: 532][D:\WINNT\system32\regsvc.exe]  [Microsoft Corporation, 5.00.2195.6701]
[PID: 568][D:\WINNT\system32\MSTask.exe]  [Microsoft Corporation, 4.71.2195.6972]
[PID: 604][D:\WINNT\System32\WBEM\WinMgmt.exe]  [Microsoft Corporation, 1.50.1085.0100]
    [D:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
[PID: 664][D:\WINNT\system32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
    [D:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
[PID: 672][D:\WINNT\system32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
    [D:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
[PID: 976][D:\WINNT\Explorer.EXE]  [Microsoft Corporation, 5.00.3700.6690]
    [D:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [D:\Program Files\Internet Explorer\PLUGINS\System8.sys]  [N/A, N/A]
    [D:\WINNT\system32\nvtuicpl.cpl]  [NVIDIA Corporation, 6.14.10.10040]
    [D:\WINNT\system32\NVWRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.10040]
    [D:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
[PID: 1068][D:\WINNT\Mixer.exe]  [C-Media Electronic Inc. (www.cmedia.com.tw), 1.60]
    [D:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [D:\Program Files\Internet Explorer\PLUGINS\System8.sys]  [N/A, N/A]
    [D:\WINNT\System32\cmnprop.dll]  [C-Media Corporation, 5.00.2195.12]
[PID: 1076][D:\Program Files\Java\jre1.5.0\bin\jusched.exe]  [N/A, N/A]
    [D:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
[PID: 1092][D:\WINNT\system32\RUNDLL32.EXE]  [Microsoft Corporation, 5.00.2134.1]
    [D:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [D:\WINNT\system32\NvMcTray.dll]  [NVIDIA Corporation, 6.14.10.7189]
    [D:\Program Files\Internet Explorer\PLUGINS\System8.sys]  [N/A, N/A]
    [D:\WINNT\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.7189]
[PID: 1100][D:\WINNT\system32\Internat.exe]  [Microsoft Corporation, 5.00.2920.0000]
    [D:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [D:\Program Files\Internet Explorer\PLUGINS\System8.sys]  [N/A, N/A]
[PID: 884][C:\新建文件夹 (2)\mmsk.exe]  [木马杀客, 2,0,0,6]
    [D:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\新建文件夹 (2)\krnln.fnr]  [, 1, 0, 0, 1]
    [D:\Program Files\Internet Explorer\PLUGINS\System8.sys]  [N/A, N/A]
    [C:\新建文件夹 (2)\iext2.fne]  [, 1, 0, 0, 1]
    [C:\新建文件夹 (2)\iext.fne]  [, 1, 0, 0, 1]
    [C:\新建文件夹 (2)\HYExtLib.fne]  [N/A, N/A]
    [C:\新建文件夹 (2)\HtmlView.fne]  [, 1, 0, 0, 1]
    [C:\新建文件夹 (2)\TrayIcon.fne]  [, 1, 0, 0, 1]
    [C:\新建文件夹 (2)\iext3.fne]  [, 1, 0, 0, 1]
    [C:\新建文件夹 (2)\xplib.fne]  [N/A, N/A]
    [C:\新建文件夹 (2)\mmskskin.dll]  [, 2, 0, 0, 6]
    [C:\新建文件夹 (2)\SkinPPWTL.dll]  [http://www.skinplusplus.com, 2, 1, 0, 0]
    [C:\新建文件夹 (2)\shell.fne]  [N/A, N/A]
    [C:\新建文件夹 (2)\EThread.fne]  [N/A, N/A]
    [C:\新建文件夹 (2)\dp1.fne]  [N/A, N/A]
    [C:\新建文件夹 (2)\eAPI.fne]  [, 1, 0, 0, 1]
    [D:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL]  [N/A, N/A]
[PID: 896][C:\zfs\gc.exe]  [N/A, N/A]
    [D:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [D:\Program Files\Internet Explorer\PLUGINS\System8.sys]  [N/A, N/A]
    [D:\WINNT\system32\WINABCX.IME]  [PKUETI, 5.22.216]
[PID: 588][D:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2800.1106]
    [D:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [D:\Program Files\Internet Explorer\PLUGINS\System8.sys]  [N/A, N/A]
[PID: 208][D:\saomiao\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [D:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [D:\Program Files\Internet Explorer\PLUGINS\System8.sys]  [N/A, N/A]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["D:\WINNT\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]