我的電腦地右下方前幾天出現一個不斷閃爍的盾刑圖標，最早還不知道是什麼東西，後來在百度一查才知道中了一種叫virusheat的病毒，請各位朋友幫下我看看是怎麼回事，這裏多謝了！

[用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)

先用工具清理下系统 然后扫描完整SRE日志报告

清理系统临时文件和IE临时文件夹     
http://www.atribune.org/public-beta/ATF-Cleaner.exe
用金山清理专家清理恶意软件
http://www.duba.net/zt/ksc/down.shtml
下载windows清理助手清理一遍
http://www.arswp.com/download/arswp2/arswp2.zip

下载Sreng，解压缩运行

1.先把不相关的软件关闭
2.智能扫描(记得勾上数字签名选项）=》扫描=》保存报告
3.把日志SREngLOG.log中的报告完整复制粘贴上来，[全选(Ctrl+a) >>复制(Ctrl+c) >>粘贴(Ctrl+v)] 上来或者粘贴到记事本中已附件形式上传上来

SRE下载地址
http://www.kztechs.com/sreng/sreng928.zip
PS:如果下载后不能运行请删除已下载的,然后重新下载.下载后首先不要运行先将下载的SREng.exe重命名为SREng.com(SREng.scr\SREng.bat\SREng.pif)或者abc.exe运行

[CODE]

2008-04-01,08:05:39

System Repair Engineer 2.6.2.928
Smallfrogs (http://www.KZTechs.com)

Windows 2000 Professional Service Pack 4 (Build 2195) - 管理許可權用戶 - 完整功能

以下內容被選中：
    所有的啟動項目（包括註冊表、開機檔案夾、服務等）
    流覽器載入項
    正在運行的進程（包括進程模組資訊）
    文件關聯
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    進程特權掃描


啟動專案
註冊表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <acdseemc.exe><C:\Program Files\Common Files\ACD Systems\ACDSeeMC.EXE>  [File is missing]
    <3303tv7iy><; C:\WINNT\system.exe>  [File is missing]
    <6q61xrcl89l0kdm><; C:\WINNT\iexpl0re.exe>  [File is missing]
    <Foxmail><; E:\fox\Foxmail.exe -min>  [File is missing]
    <kr325rm><; C:\WINNT\iexp1ore.exe>  [File is missing]
    <NvMediaCenter><; RUNDLL32.EXE C:\WINNT\system32\NVMCTRAY.DLL,NvTaskbarInit>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <seekmo><; "c:\program files\seekmo\seekmo.exe">  [File is missing]
    <svc><; C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\logsony.exe>  [File is missing]
    <swg><; C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe>  [File is missing]
    <w46k79sk3><; C:\WINNT\winlog0n.exe>  [File is missing]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <Synchronization Manager><mobsync.exe /logon>  [(Verified)Microsoft Windows 2000 Publisher]
    <RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <WebThunder><; C:\xiazai\新資料夾\WebThunder.exe>  [File is missing]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [(Verified)Beijing Rising Science and Technology Corporation Limited]
    <HPDJ Taskbar Utility><; C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb03.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher, E=""]
    <NvCplDaemon><; RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <nwiz><; nwiz.exe /install>  [NVIDIA Corporation]
    <NvMediaCenter><RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <Thunder><"C:\Program Files\Thunder Network\Thunder\Thunder.exe" /s>  [Thunder Networking Technologies,LTD]
    <YLive.exe><C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe>  [(Verified)"Beijing Yahoo! Information and Technology Co., Ltd."]
    <yassistse><; C:\progra~1\yahoo!\assistant\yassistse.exe>  [(Verified)"Beijing Yahoo! Information and Technology Co., Ltd."]
    <FlashGet><; C:\xiazai\FlashGet.exe /min>  [File is missing]
    <HF_GameClient><; C:\Program Files\瘋源勤桵怢\gameclient.exe>  [File is missing]
    <IMSCMIG40W><; C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40W\IMSCMIG.EXE /SetPreload /Log>  [Microsoft Corporation]
    <miniQQLive><; "E:\sweet\我的文檔\xian\MiniQQLive.exe">  [File is missing]
    <ms><; C:\Program Files\Microsoft\svhost32.exe>  [File is missing]
    <nbbpens><; C:\Program Files\Internet Explorer\CSRSS.exe>  [File is missing]
    <OrderReminder><; C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe>  [Hewlett-Packard]
    <PHIMETIPSYNC><; C:\Program Files\Common Files\Microsoft Shared\IME\IMTC60\Phonetic\TINTLCFG.EXE /PHIMETIPSync>  [File is missing]
    <PPGDown><; C:\PROGRA~1\PPGOUS~1\PPGou\PPGou.exe Auto>  [File is missing]
    <RavTimeXP><; C:\WINNT\Mstray.exe>  [File is missing]
    <Super Rabbit SRRestore><; C:\Program Files\Super Rabbit\magicset\srrest.exe /autosave>  [Super Rabbit Soft]
    <Tray><; C:\WINNT\command\rundll32.exe>  [File is missing]
    <upxdnd1><; C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\upxdnd1.exe>  [File is missing]
    <WinsSystem><; C:\Program Files\Internet Explorer\syssmss.exe>  [File is missing]
    <wsttr><; C:\WINNT\wsttr.exe>  [File is missing]
    <zt><; C:\WINNT\Intel\rundll32.exe>  [File is missing]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><EXPLORER.EXE>  [(Verified)Microsoft Windows 2000 Publisher]
    <Userinit><userinit.exe>  [(Verified)Microsoft Windows 2000 Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINNT\system32\RavExt.dll>  [(Verified)Beijing Rising Science and Technology Corporation Limited]
    <{2D49692C-A5FD-4E29-A3CD-37E9B182FCC6}><C:\Program Files\Internet Explorer\PLUGINS\SystemKb.sys>  [File is missing]
    <{4BAB150F-DD97-476D-9C1E-41B6CDC0CA7A}><C:\PROGRA~1\Yahoo!\Assistant\yClickOn.dll>  [File is missing]
    <{D157330A-9EF3-49F8-9A67-4141AC41ADD4}><C:\WINNT\DOWNLO~1\CnsHook.dll>  [(Verified)"INTER CHINA NETWORK SOFTWARE (BEIJING) CO., LTD"]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <DLMon><C:\WINNT\system32\DLMain.dll>  [File is missing]
    <DVDBurn><C:\WINNT\Downloaded Program Files\AfxEdit.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{d70e9b0f-aabc-4066-8176-c6de84d92fa1}><C:\WINNT\system32\kknwg.dll>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer 存取><"C:\WINNT\system32\shmgrate.exe" OCInstallUserConfigIE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express 存取><"C:\WINNT\system32\shmgrate.exe" OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2bf41072-b2b1-21c1-b5c1-0305f4155515}]
    <N/A><C:\WINNT\SCVHOST.exe>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%Prog