有点像AV终结者的病毒，但专杀工具杀不了。
所有杀毒软件打不开，注册表打不开，用软件修复后，可以打开注册表，但马上会关闭，每个盘下面多了2个隐藏文件，删除了马上又出来。实在找不到办法了，求助大虾

用户系统信息：Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; MyIE2; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; MEGAUPLOAD 2.0; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)

问题项目如下（大量系统服务DLL文件被替换，最好把c:\windows\Explorer.exe和c:\windows\system32\logonui.exe检测下，看看是否被病毒感染）：
================================
注册表
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <HBService32><System.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{12316E69-4CE5-4CD7-A174-C0BD57529D5A}><12316E69.dll>  []
    <{08223B03-1B38-4A33-A83A-A4D3CC1D6E4E}><08223B03.dll>  []
    <{201476D0-2B18-462E-AB9F-3E2B0CC8732B}><201476D0.dll>  []
    <{DA63E650-537C-4042-87BB-9D19D844680B}><DA63E650.dll>  []
    <{A55F538E-9E65-4706-9458-852BF6592063}><A55F538E.dll>  []
    <{9CA963CA-107C-4089-B0AB-31380F90D7E3}><9CA963CA.dll>  []
    <{4D023DE9-F4B5-4BE0-99C6-7C7AD0CF5426}><4D023DE9.dll>  []
    <{B3721C07-62B3-411A-9DC7-F5F27E3E21FF}><B3721C07.dll>  []
    <{14F7F80A-0FE7-4A24-83CC-639D42BE410C}><14F7F80A.dll>  []
    <{93DEE065-EC9B-4505-ADD3-19880AD3C38F}><93DEE065.dll>  []
    <{E4814792-EFA3-4C20-93D0-8B130A59F9A8}><E4814792.dll>  []
    <{122B901E-493F-4AD9-BC69-7DE8C3E52FCC}><122B901E.dll>  []
    <{01AFE3DC-2242-436E-9B44-6DD1C664E828}><01AFE3DC.dll>  []
    <{7E983C60-EBF5-4A36-BE25-EA26ED55052B}><7E983C60.dll>  []
    <{2EF0D734-21FD-4225-A1A2-BCD296182AAF}><2EF0D734.dll>  []
    <{34A25F04-008D-403E-8EE6-2307BC02FA2E}><34A25F04.dll>  []
    <{3D144530-43DA-47CC-B7C7-A3A9F3B9A6B2}><3D144530.dll>  []
==================================
服务
[Application Management / AppMgmt][Stopped/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
[Task Scheduler / Schedule][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\system32\schedsvc.dll><N/A>
[Windows Image Acquisition (WIA) / stisvc][Stopped/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k imgsvc-->%SystemRoot%\system32\wiaservc.dll><N/A>
[Windows Time / W32Time][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\w32time.dll><N/A>
==================================
驱动程序
[HBKernel32 Driver / HBKernel32][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\HBKernel32.sys><N/A>
[NsPsDk00 / NsPsDk00][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\NsPass0.sys><N/A>
[NsPsDk01 / NsPsDk01][Running/Manual Start]
  <\??\C:\WINDOWS\system32\NsPass1.sys><N/A>
[NsPsDk02 / NsPsDk02][Running/Manual Start]
  <\??\C:\WINDOWS\system32\NsPass2.sys><N/A>
[NsPsDk03 / NsPsDk03][Running/Manual Start]
  <\??\C:\WINDOWS\system32\NsPass3.sys><N/A>
[NsPsDk04 / NsPsDk04][Running/Manual Start]
  <\??\C:\WINDOWS\system32\NsPass4.sys><N/A>
[NsRk1 / NsRk1][Running/Manual Start]
  <\??\C:\WINDOWS\system32\Nskhelper2.sys><N/A>
[wmpobj / wmpobj][Running/Auto Start]
  <\??\C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Media Player\obj\wmpobj.sys><N/A>
[6457aed / 6457aed][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\6457aed.sys><N/A>
[b71fe93 / b71fe93][Running/Manual Start]
  <\??\C:\WINDOWS\system32\b71fe93.sys><N/A>
[NPF / NPF][Running/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\1D.tmp><CACE Technologies>
==================================
浏览器加载项
[SunsetBrowser Class]
  {AAB6C1A0-F3A4-4DAC-A922-F82E601E73A8} <C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2234.dll, >
[SunsetBrowser Class]
  {AAB6C1A0-F3A4-4DAC-A922-F82E601E73A8} <C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2234.dll, >
==================================
正在运行的进程（红色）
[PID: 1732 / Administrator][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\appwinproc.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBDNF.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBWOW.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBJTLQ.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBQQXX.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBYY.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBQQSG.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBTL.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBZHUXIAN.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBASKTAO.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBKDXY.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBmhly.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBSHQ.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBSO2.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\12316E69.dll]  [N/A, ]
    [C:\WINDOWS\system32\201476D0.dll]  [N/A, ]
    [C:\WINDOWS\system32\DA63E650.dll]  [N/A, ]
    [C:\WINDOWS\system32\4D023DE9.dll]  [N/A, ]
    [C:\WINDOWS\system32\14F7F80A.dll]  [N/A, ]
    [C:\WINDOWS\system32\93DEE065.dll]  [N/A, ]
    [C:\WINDOWS\system32\A55F538E.dll]  [N/A, ]
    [C:\WINDOWS\system32\9CA963CA.dll]  [N/A, ]
    [C:\WINDOWS\system32\B3721C07.dll]  [N/A, ]
    [C:\WINDOWS\system32\E4814792.dll]  [N/A, ]
    [C:\WINDOWS\system32\122B901E.dll]  [N/A, ]
    [C:\WINDOWS\system32\01AFE3DC.dll]  [N/A, ]
    [C:\WINDOWS\system32\7E983C60.dll]  [N/A, ]
    [C:\WINDOWS\system32\2EF0D734.dll]  [N/A, ]
    [C:\WINDOWS\system32\34A25F04.dll]  [N/A, ]
[PID: 1176 / Administrator][C:\WINDOWS\system32\System.exe]  [N/A, ]
    [C:\WINDOWS\system32\appwinproc.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBmhly.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBKDXY.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBASKTAO.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBZHUXIAN.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBTL.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBQQSG.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBYY.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBQQXX.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBJTLQ.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBWOW.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBDNF.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBWD.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBSHQ.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBSO2.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\12316E69.dll]  [N/A, ]
    [C:\WINDOWS\system32\201476D0.dll]  [N/A, ]
    [C:\WINDOWS\system32\DA63E650.dll]  [N/A, ]
    [C:\WINDOWS\system32\4D023DE9.dll]  [N/A, ]
    [C:\WINDOWS\system32\14F7F80A.dll]  [N/A, ]
    [C:\WINDOWS\system32\93DEE065.dll]  [N/A, ]
    [C:\WINDOWS\system32\122B901E.dll]  [N/A, ]
    [C:\WINDOWS\system32\7E983C60.dll]  [N/A, ]
    [C:\WINDOWS\system32\2EF0D734.dll]  [N/A, ]
[PID: 1228 / Administrator][C:\WINDOWS\system32\conime.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\appwinproc.dll]  [N/A, ]
    [C:\WINDOWS\system32\4D023DE9.dll]  [N/A, ]
    [C:\WINDOWS\system32\DA63E650.dll]  [N/A, ]
    [C:\WINDOWS\system32\201476D0.dll]  [N/A, ]
    [C:\WINDOWS\system32\12316E69.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\93DEE065.dll]  [N/A, ]
    [C:\WINDOWS\system32\14F7F80A.dll]  [N/A, ]
    [C:\WINDOWS\system32\122B901E.dll]  [N/A, ]
    [C:\WINDOWS\system32\7E983C60.dll]  [N/A, ]
    [C:\WINDOWS\system32\2EF0D734.dll]  [N/A, ]
[PID: 1032 / Administrator][F:\sreng2\SREd1dcae30.EXE]  [Smallfrogs Studio, 2.7.0.1210]
  [C:\WINDOWS\system32\2EF0D734.dll]  [N/A, ]
    [C:\WINDOWS\system32\7E983C60.dll]  [N/A, ]
    [C:\WINDOWS\system32\122B901E.dll]  [N/A, ]
    [C:\WINDOWS\system32\93DEE065.dll]  [N/A, ]
    [C:\WINDOWS\system32\14F7F80A.dll]  [N/A, ]
    [C:\WINDOWS\system32\4D023DE9.dll]  [N/A, ]
    [C:\WINDOWS\system32\DA63E650.dll]  [N/A, ]
    [C:\WINDOWS\system32\201476D0.dll]  [N/A, ]
    [C:\WINDOWS\system32\12316E69.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\appwinproc.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBSO2.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBSHQ.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBYY.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBKDXY.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBZHUXIAN.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBJTLQ.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBASKTAO.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBTL.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBQQSG.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBQQXX.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBDNF.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBWOW.dll]  [N/A, ]
    [C:\WINDOWS\system32\HBmhly.dll]  [N/A, ]
[PID: 1168 / Administrator][C:\WINDOWS\TEMP\1E.tmp]  [N/A, ]
    [C:\WINDOWS\wpcap.dll]  [CACE Technologies, 4.0.0.1040]
    [C:\WINDOWS\PACKET.DLL]  [CACE Technologies, 4.0.0.1040]
    [C:\WINDOWS\WANPACKET.DLL]  [CACE Technologies, 4.0.0.1040]
==================================
Autorun.inf
[C:\]
[autorun]
shell\open\command=rundll32 system.dll,explore
shell\explore\command=rundll32 system.dll,explore
[D:\]
[autorun]
shell\open\command=rundll32 system.dll,explore
shell\explore\command=rundll32 system.dll,explore
[E:\]
[autorun]
shell\open\command=rundll32 system.dll,explore
shell\explore\command=rundll32 system.dll,explore
[F:\]
[autorun]
shell\open\command=rundll32 system.dll,explore
shell\explore\command=rundll32 system.dll,explore
==================================
进程特权扫描
特殊特权被允许： SeDebugPrivilege [PID = 1168, C:\WINDOWS\TEMP\1E.TMP]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1168, C:\WINDOWS\TEMP\1E.TMP]
==================================

建议参考置顶帖http://bbs.ikaka.com/showtopic-8570012.aspx处理……