我电脑的杀毒软件总是警告C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\下的XXX文件有病毒，打开此路径一看，里面有好多个文件夹，每个文件夹里都有好多垃圾文件（如下图）右键查看这些文件的属性一看，都是没多久才下载的，据我不完全统计这些文件每一分钟就增加3到4个，都是图片或.htm文件，其中里面有些还是病毒。文件不断自动下载增加。我用BitDefender Antivirus 2008，AVG Anti-Spyware 7.5，瑞星升级到最新版，都杀过了，AutoGuarde、完美卸载也试过了，其中完美卸载还在每个盘了查到Autorun.inf这个病毒，但所有病毒清除后没多久就死灰复燃。另外我的windows帐户不是NetworkService这个用户名，不知道为什么在C:\Documents and Settings\下会有NetworkService这个文件夹。杀毒软件都升级到了最新版，但仍然不能根除病毒。请高手帮帮忙~谢谢！

AVG报告：
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at:    21:54:01 2008-1-2

+ Scan result:   



HKLM\SOFTWARE\Classes\MimeFilter.AdFilter -> Adware.CnsMin : Cleaned.
HKLM\SOFTWARE\Classes\MimeFilter.AdFilter.1 -> Adware.CnsMin : Cleaned.
HKLM\SOFTWARE\Classes\MimeFilter.AdFilter\CLSID -> Adware.CnsMin : Cleaned.
HKLM\SOFTWARE\Classes\MimeFilter.AdFilter\CurVer -> Adware.CnsMin : Cleaned.
HKLM\SOFTWARE\Classes\Interface\{0AD3AB16-6D0E-4F04-8660-FB1F36BC2DC0} -> Adware.Generic : Cleaned.
HKLM\SOFTWARE\Classes\Interface\{2F685B36-C53A-4653-9231-1DAE5736DE45} -> Adware.Generic : Cleaned.
HKLM\SOFTWARE\Classes\Interface\{50C4CDD9-22D7-49FF-AC6D-7D4D528A3AB2} -> Adware.Generic : Cleaned.
HKLM\SOFTWARE\cpush -> Adware.Generic : Cleaned.
HKU\S-1-5-21-436374069-1770027372-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11F09AFD-75AD-4E51-AB43-E09E9351CE16} -> Adware.Generic : Cleaned.
HKU\S-1-5-21-436374069-1770027372-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F1FABE79-25FC-46DE-8C5A-2C6DB9D64333} -> Adware.Generic : Cleaned.
HKU\S-1-5-21-436374069-1770027372-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11F09AFD-75AD-4E51-AB43-E09E9351CE16} -> Adware.Generic : Cleaned.
HKU\S-1-5-21-436374069-1770027372-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F1FABE79-25FC-46DE-8C5A-2C6DB9D64333} -> Adware.Generic : Cleaned.
HKU\S-1-5-21-436374069-1770027372-725345543-1003\Software\cpush -> Adware.Generic : Cleaned.
HKU\S-1-5-21-436374069-1770027372-725345543-1003\Software\cpush\ErrorUrl -> Adware.Generic : Cleaned.
HKU\S-1-5-21-436374069-1770027372-725345543-1003\Software\cpush\PopupLog -> Adware.Generic : Cleaned.
HKU\S-1-5-21-436374069-1770027372-725345543-1003\Software\cpush\Temp -> Adware.Generic : Cleaned.
HKLM\SOFTWARE\WhenUSearch -> Adware.SaveNow : Cleaned.
HKLM\SOFTWARE\WhenUSearch\Partners -> Adware.SaveNow : Cleaned.
HKLM\SOFTWARE\WhenUSearch\Partners\desktop -> Adware.SaveNow : Cleaned.
HKLM\SOFTWARE\WhenUSearch\WHSE -> Adware.SaveNow : Cleaned.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\12Y2619A\click[1].htm -> Hijacker.Agent.ai : Cleaned.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\3S83UB9P\click[1].htm -> Hijacker.Agent.ai : Cleaned.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\7G1OB207\click[1].htm -> Hijacker.Agent.ai : Cleaned.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\A5COVFH8\click[1].htm -> Hijacker.Agent.ai : Cleaned.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\D8D4UC6R\click[1].htm -> Hijacker.Agent.ai : Cleaned.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EFNX79V1\click[1].htm -> Hijacker.Agent.ai : Cleaned.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\G01FGVI6\click[2].htm -> Hijacker.Agent.ai : Cleaned.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\I2NUKRSP\click[1].htm -> Hijacker.Agent.ai : Cleaned.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\PKYJ4CVU\click[2].htm -> Hijacker.Agent.ai : Cleaned.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\PKYJ4CVU\click[3].htm -> Hijacker.Agent.ai : Cleaned.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\PKYJ4CVU\click[4].htm -> Hijacker.Agent.ai : Cleaned.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\S3VBKFN1\click[2].htm -> Hijacker.Agent.ai : Cleaned.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\UPGBPHTR\click[2].htm -> Hijacker.Agent.ai : Cleaned.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\LPZA1RGL\minshangw_cn[1].htm -> Hijacker.Agent.b : Cleaned.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\S3VBKFN1\ad[1].js -> Hijacker.Agent.b : Cleaned.
C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\SYSTEM\78rC8NQzLa -> Not-A-Virus.Adware.IEHlpr : Cleaned.


::Report end

瑞星查杀结果：


[用户系统信息]Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727)

附件里有SRENG日志，请高手帮忙分析一下，谢谢！

在安全模式下把临时文件夹清理干净再全盘查杀！

试过了，仍然无法根除，删了过了几分钟又再出现

启动项目 －－ 注册表之如下项删除：
[IFEO[auto.exe]]    <AUTOGUARDER GUARDED.>
[IFEO[ntldr.exe]]    <AUTOGUARDER GUARDED.>
[IFEO[pagefile.pif]]    <AUTOGUARDER GUARDED.>
[IFEO[sos.exe]]    <AUTOGUARDER GUARDED.>
[IFEO[sxs.exe]]    <AUTOGUARDER GUARDED.>

病毒被你劫持了

    启动项目 －－ 服务 －－ Win32服务应用程序之如下项禁用：
[HMRWC / IOSYEK]    <C:\WINDOWS\system32\svchost.exe -k RVBGMRWBI-->C:\Windows\system32\wbem\WBHNSYEJOUZF.DLL>

关闭系统还原
下载临时文件清理工具
http://www.dodudou.com/down/ATF-Cleaner-cn.exe