我这里有很多的机子瑞星都起不来了,手动打开就会自动关掉,从装瑞星都没有用.

"任务管理器"和"注册表"也同样一打开就会自动关掉.
现有其中一台机子的日志.
麻烦各位给点意见!

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <Internat.exe><internat.exe>  [Microsoft Corporation]
    <svcshare><C:\WINNT\system32\drivers\spoclsv.exe>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows

NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <Synchronization Manager><mobsync.exe /logon>  [Microsoft

Corporation]
    <eSafeMon><C:\Program Files\eSafe\eSafe_monitor.exe>  [N/A]
    <RavTray><"C:\Program Files\Rising\Rav\RavTray.exe">  [N/A]
    <WinHelp><C:\WINNT\system32\WinHelp.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows

NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINNT\system32\userinit.exe,>  [Microsoft

Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows

NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\

ShellExecuteHooks]
   

<{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINNT\system32\ravext.dll> 

[Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServ

iceObjectDelayLoad]
    <Network.ConnectionTray><C:\WINNT\system32\NETSHELL.dll> 

[Microsoft Corporation]
    <WebCheck><%SystemRoot%\system32\webcheck.dll>  [Microsoft

Corporation]
    <SysTray><stobject.dll>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [Microsoft

Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Winlogon\Notify\wzcnotif]
    <WinlogonNotify: wzcnotif><wzcdlg.dll>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\

SharedTaskScheduler]
   

<{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui

.dll>  [Microsoft Corporation]
   

<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui

.dll>  [Microsoft Corporation]

==================================
启动文件夹
[EPSON Status Monitor 3 Environment Check 2]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\EPSON

Status Monitor 3 Environment Check 2.lnk -->

C:\WINNT\system32\spool\drivers\w32x86\3\E_SRCV02.EXE [SEIKO EPSON

CORPORATION]><N>
[Microsoft Office]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Microsoft

Office.lnk --> C:\Program Files\Microsoft Office\Office\OSA9.EXE

[N/A]><N>

==================================
服务
[Alerter / Alerter]
  <C:\WINNT\System32\services.exe><Microsoft Corporation>
[Application Management / AppMgmt]
  <C:\WINNT\system32\services.exe><Microsoft Corporation>
[ASP.NET State Service / aspnet_state]
 

<C:\WINNT\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe><Microsof

t Corporation>
[Background Intelligent Transfer Service / BITS]
  <C:\WINNT\System32\svchost.exe -k

BITSgroup-->C:\WINNT\System32\qmgr.dll><Microsoft Corporation>
[Computer Browser / Browser]
  <C:\WINNT\System32\services.exe><Microsoft Corporation>
[Indexing Service / cisvc]
  <C:\WINNT\System32\cisvc.exe><Microsoft Corporation>
[ClipBook / ClipSrv]
  <C:\WINNT\system32\clipsrv.exe><Microsoft Corporation>
[.NET Runtime Optimization Service v2.0.50727_X86 /

clr_optimization_v2.0.50727_32]
  <C:\WINNT\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe><Microsoft

Corporation>
[DHCP Client / Dhcp]
  <C:\WINNT\System32\services.exe><Microsoft Corporation>
[Logical Disk Manager Administrative Service / dmadmin]
  <C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[Logical Disk Manager / dmserver]
  <C:\WINNT\System32\services.exe><Microsoft Corporation>
[DNS Client / Dnscache]
  <C:\WINNT\System32\services.exe><Microsoft Corporation>
[eSafe notification service / eSafeService]
  <C:\WINNT\system32\eSafeService.exe><DMWZ>
[Event Log / Eventlog]
  <C:\WINNT\system32\services.exe><Microsoft Corporation>
[COM+ Event System / EventSystem]
  <C:\WINNT\System32\svchost.exe -k

netsvcs-->C:\WINNT\System32\es.dll><Microsoft Corporation>
[Fax Service / Fax]
  <C:\WINNT\system32\faxsvc.exe><Microsoft Corporation>
[Server / lanmanserver]
  <C:\WINNT\System32\services.exe><Microsoft Corporation>
[Workstation / lanmanworkstation]
  <C:\WINNT\System32\services.exe><Microsoft Corporation>
[TCP/IP NetBIOS Helper Service / LmHosts]
  <C:\WINNT\System32\services.exe><Microsoft Corporation>
[Messenger / Messenger]
  <C:\WINNT\System32\services.exe><Microsoft Corporation>
[NetMeeting Remote Desktop Sharing / mnmsrvc]
  <C:\WINNT\System32\mnmsrvc.exe><Microsoft Corporation>
[Distributed Transaction Coordinator / MSDTC]
  <C:\WINNT\System32\msdtc.exe><Microsoft Corporation>
[Windows Installer / MSIServer]
  <C:\WINNT\system32\msiexec.exe /V><Microsoft Corporation>
[Network DDE / NetDDE]
  <C:\WINNT\system32\netdde.exe><Microsoft Corporation>
[Network DDE DSDM / NetDDEdsdm]
  <C:\WINNT\system32\netdde.exe><Microsoft Corporation>
[Net Logon / Netlogon]
  <C:\WINNT\System32\lsass.exe><Microsoft Corporation>
[Network Connections / Netman]
  <C:\WINNT\System32\svchost.exe -k

netsvcs-->%SystemRoot%\System32\netman.dll><Microsoft Corporation>
[NT LM Security Support Provider / NtLmSsp]
  <C:\WINNT\System32\lsass.exe><Microsoft Corporation>
[Removable Storage / NtmsSvc]
  <C:\WINNT\System32\svchost.exe -k

netsvcs-->%SystemRoot%\System32\NtmsSvc.dll><Microsoft Corporation>
[Visibroker Activation Daemon / oad]
  <C:\PROGRA~1\Borland\vbroker\bin\oad.exe><N/A>
[Oracle%ORACLE_HOME_SERVICE%ClientCache80 /

Oracle%ORACLE_HOME_SERVICE%ClientCache80]
  <C:\ORANT\BIN\ONRSD80.EXE><N/A>
[VisiBroker Smart Agent / osagent]
  <C:\PROGRA~1\Borland\vbroker\bin\osagent.exe><N/A>
[Plug and Play / PlugPlay]
  <C:\WINNT\system32\services.exe><Microsoft Corporation>
[IPSEC Policy Agent / PolicyAgent]
  <C:\WINNT\System32\lsass.exe><Microsoft Corporation>
[Protected Storage / ProtectedStorage]
  <C:\WINNT\system32\services.exe><Microsoft Corporation>
[Remote Access Auto Connection Manager / RasAuto]
  <C:\WINNT\System32\svchost.exe -k

netsvcs-->%SystemRoot%\System32\rasauto.dll><Microsoft Corporation>
[Remote Access Connection Manager / RasMan]
  <C:\WINNT\System32\svchost.exe -k

netsvcs-->%SystemRoot%\System32\rasmans.dll><Microsoft Corporation>
[RavService / RavService]
  <"C:\Program Files\Rising\Rav\RavService.exe" /service><Beijing

Rising Technology Co., Ltd.>
[Routing and Remote Access / RemoteAccess]
  <C:\WINNT\System32\svchost.exe -k

netsvcs-->%SystemRoot%\System32\mprdim.dll><Microsoft Corporation>
[Remote Registry Service / RemoteRegistry]
  <C:\WINNT\system32\regsvc.exe><Microsoft Corporation>
[Remote Procedure Call (RPC) Locator / RpcLocator]
  <C:\WINNT\System32\locator.exe><Microsoft Corporation>
[Remote Procedure Call (RPC) / RpcSs]
  <C:\WINNT\system32\svchost -k

rpcss-->%SystemRoot%\system32\rpcss.dll><Microsoft Corporation>
[QoS RSVP / RSVP]
  <C:\WINNT\System32\rsvp.exe -s><Microsoft Corporation>
[Security Accounts Manager / SamSs]
  <C:\WINNT\system32\lsass.exe><Microsoft Corporation>
[Smart Card Helper / SCardDrv]
  <C:\WINNT\System32\SCardSvr.exe><Microsoft Corporation>
[Smart Card / SCardSvr]
  <C:\WINNT\System32\SCardSvr.exe><Microsoft Corporation>
[Task Scheduler / Schedule]
  <C:\WINNT\system32\MSTask.exe><Microsoft Corporation>
[RunAs Service / seclogon]
  <C:\WINNT\system32\services.exe><Microsoft Corporation>
[System Event Notification / SENS]
  <C:\WINNT\system32\svchost.exe -k

netsvcs-->%SystemRoot%\system32\sens.dll><Microsoft Corporation>
[Internet Connection Sharing / SharedAccess]
  <C:\WINNT\System32\svchost.exe -k

netsvcs-->%SystemRoot%\System32\ipnathlp.dll><Microsoft Corporation>
[Print Spooler / Spooler]
  <C:\WINNT\system32\spoolsv.exe><Microsoft Corporation>
[Performance Logs and Alerts / SysmonLog]
  <C:\WINNT\system32\smlogsvc.exe><Microsoft Corporation>
[Telephony / TapiSrv]
  <C:\WINNT\System32\svchost.exe -k

netsvcs-->%SystemRoot%\System32\tapisrv.dll><Microsoft Corporation>
[Telnet / TlntSvr]
  <C:\WINNT\system32\tlntsvr.exe><Microsoft Corporation>
[Distributed Link Tracking Client / TrkWks]
  <C:\WINNT\system32\services.exe><Microsoft Corporation>
[Uninterruptible Power Supply / UPS]
  <C:\WINNT\System32\ups.exe><Microsoft Corporation>
[Utility Manager / UtilMan]
  <C:\WINNT\System32\UtilMan.exe><Microsoft Corporation>
[VRVWatchServer / VRVWatchServer]
  <"C:\WINNT\system32\WatchClient.exe" -service><N/A>
[Windows Time / W32Time]
  <C:\WINNT\System32\services.exe><Microsoft Corporation>
[Windows Management Instrumentation / WinMgmt]
  <C:\WINNT\System32\WBEM\WinMgmt.exe><Microsoft Corporation>
[Windows Management Instrumentation Driver Extensions / Wmi]
  <C:\WINNT\system32\Services.exe><Microsoft Corporation>

【回复“zshyes2008”的帖子】
正在运行的进程
[PID: 112][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.00.2195.6601]
[PID: 140][\??\C:\WINNT\system32\csrss.exe]  [Microsoft Corporation, 5.00.2195.6601]
    [C:\WINNT\system32\VrvHook.dll]  [edp, 6, 4, 19, 15]
[PID: 160][\??\C:\WINNT\system32\winlogon.exe]  [Microsoft Corporation, 5.00.2195.6898]
    [C:\WINNT\system32\vrvhook.dll]  [edp, 6, 4, 19, 15]
[PID: 188][C:\WINNT\system32\services.exe]  [Microsoft Corporation, 5.00.2195.6700]
    [C:\WINNT\system32\dmserver.dll]  [VERITAS Software Corp., 2195.6605.297.3]
    [C:\WINNT\system32\VrvHook.dll]  [edp, 6, 4, 19, 15]
[PID: 200][C:\WINNT\system32\lsass.exe]  [Microsoft Corporation, 5.00.2195.6902]
    [C:\WINNT\system32\VrvHook.dll]  [edp, 6, 4, 19, 15]
[PID: 360][C:\WINNT\system32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
    [C:\WINNT\system32\vrvhook.dll]  [edp, 6, 4, 19, 15]
[PID: 388][C:\WINNT\system32\WatchClient.exe]  [N/A, 6, 6, 16, 21]
    [C:\WINNT\system32\vrvhook.dll]  [edp, 6, 4, 19, 15]
[PID: 400][C:\WINNT\System32\WBEM\WinMgmt.exe]  [Microsoft Corporation, 1.50.1085.0100]
    [C:\WINNT\system32\vrvhook.dll]  [edp, 6, 4, 19, 15]
[PID: 408][C:\WINNT\system32\VrvEdp_m.exe]  [N/A, 6, 6, 20, 536]
    [C:\WINNT\system32\Cipherop.dll]  [Cipherop, 6, 6, 18, 17]
    [C:\WINNT\system32\VrvHook.dll]  [edp, 6, 4, 19, 15]
[PID: 468][C:\WINNT\system32\ntsd.exe]  [Microsoft Corporation, 5.00.2184.1]
    [C:\WINNT\system32\vrvhook.dll]  [edp, 6, 4, 19, 15]
[PID: 440][C:\WINNT\system32\Vrvsafec.exe]  [edp, 6, 4, 19, 15]
    [C:\WINNT\system32\vrvhook.dll]  [edp, 6, 4, 19, 15]
[PID: 488][C:\WINNT\system32\vrvrf_c.exe]  [, 6, 6, 6, 11]
    [C:\WINNT\system32\vrvpwk.dll]  [, 1, 0, 0, 1]
    [C:\WINNT\system32\VrvKeyBoard.dll]  [, 1, 0, 0, 1]
    [C:\WINNT\system32\vrvhook.dll]  [edp, 6, 4, 19, 15]
    [C:\WINNT\system32\vrvfw_c.dll]  [, 1, 0, 0, 2]
    [C:\WINNT\system32\vrvrun_c.dll]  [, 1, 0, 0, 1]
    [C:\WINNT\system32\bkfile.dll]  [N/A, N/A]
    [C:\WINNT\system32\edpaudfliter.dll]  [, 1, 0, 0, 1]
[PID: 540][C:\WINNT\Explorer.EXE]  [Microsoft Corporation, 5.00.3700.6690]
    [C:\WINNT\system32\vrvhook.dll]  [edp, 6, 4, 19, 15]
    [C:\WINNT\system32\VrvKeyBoard.dll]  [, 1, 0, 0, 1]
    [C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL]  [N/A, N/A]
    [C:\WINNT\system32\ravext.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
    [C:\WINNT\system32\SIMPLE~1.DLL]  [, 1, 0, 0, 1]
    [C:\PROGRA~1\WinZip\WZSHLSTB.DLL]  [WinZip Computing, Inc., 3.0 (32-bit)]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [C:\PROGRA~1\GLOBAL~1\CuteFTP\CuteShell.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\UltraEdit\ue32ctmn.dll]  [, 1.0]
[PID: 564][C:\WINNT\system32\taskmgr.exe]  [Microsoft Corporation, 5.00.2195.6620]
    [C:\WINNT\system32\VrvHook.dll]  [edp, 6, 4, 19, 15]
    [C:\WINNT\system32\VrvKeyBoard.dll]  [, 1, 0, 0, 1]
[PID: 584][C:\Documents and Settings\kjk\桌面\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [C:\WINNT\system32\VrvHook.dll]  [edp, 6, 4, 19, 15]
    [C:\WINNT\system32\VrvKeyBoard.dll]  [, 1, 0, 0, 1]
    [C:\WINNT\system32\eScs.dll]  [, 1, 0, 0, 1]
    [C:\WINNT\system32\ESAFEC.dll]  [, 1, 1, 1, 3]
    [C:\WINNT\system32\eSUI.dll]  [N/A, 1, 0, 0, 3]
    [C:\WINNT\system32\GAKeyPub.dll]  [N/A, N/A]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINNT\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
MSAFD Tcpip [TCP/IP]
    C:\WINNT\system32\msafd.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD Tcpip [UDP/IP]
    C:\WINNT\system32\msafd.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD Tcpip [RAW/IP]
    C:\WINNT\system32\msafd.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
RSVP UDP Service Provider
    C:\WINNT\system32\rsvpsp.dll(Microsoft Corporation, Microsoft Windows Rsvp 1.0 Service Provider)
RSVP TCP Service Provider
    C:\WINNT\system32\rsvpsp.dll(Microsoft Corporation, Microsoft Windows Rsvp 1.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{07A673E1-EFB4-4440-8536-200446E0CA9E}] SEQPACKET 0
    C:\WINNT\system32\msafd.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{07A673E1-EFB4-4440-8536-200446E0CA9E}] DATAGRAM 0
    C:\WINNT\system32\msafd.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{7A843CDE-81FB-42C4-ACD8-B7675C61375C}] SEQPACKET 1
    C:\WINNT\system32\msafd.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{7A843CDE-81FB-42C4-ACD8-B7675C61375C}] DATAGRAM 1
    C:\WINNT\system32\msafd.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{BBAE0781-4B1E-4A13-B1B4-11A70FE24CA4}] SEQPACKET 2
    C:\WINNT\system32\msafd.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{BBAE0781-4B1E-4A13-B1B4-11A70FE24CA4}] DATAGRAM 2
    C:\WINNT\system32\msafd.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

被恶意软件破坏了吧

我在安全模式下杀都杀出有病毒是"Trojan.Dl.html.spreader.a"
而且都是感染*.htm格式.
但杀完了还是没有用.

怎么没人说话了