我的系统是Win2000,前两天不知道怎样中了LOGO1_.exe,刚开始没注意，在进程中删了logo1_.exe。昨晚发现进程（用超级兔子打开进程）中有?.exe这样的程序，删也删不掉，c:\winnt\下能看到 .exe的隐藏文件，进程和注册表都打不开，只有闪了一下，安全模式下也打不开，用到杀毒软件就死机，但也不是所有的EXE都打不开。请问谁能教下最好的解决办法？如果能不重装系统是最好。先谢谢啦。ʼ`ÀBfù®bbs.ikaka.com¨ûhAGL\

下载威金（Worm.Viking）”病毒专杀工具
http://it.rising.com.cn/Channels/Service/2006-07/1153119832d22607.shtmlʼ`ÀBfù®bbs.ikaka.com¨ûhAGL\

有下载过了，杀不出什么东西。安全模式下也查不出。ʼ`ÀBfù®bbs.ikaka.com¨ûhAGL\

下载SREng，下载地址：http://free5.ys168.com/?ljs3509,在反病毒及安全工具区。
文件名：Sreng2.zip。

下载SREng用户手册，下载地址：http://free5.ys168.com/?ljs3509,在反病毒及安全工具区。
文件名：SREngHelp2.chm。

使用方法：扫描前请关闭所有手工打开的软件和窗口.运行软件，点击智能扫描――> 扫描，完成后点击保存报告，将日志文件全部内容复制-粘贴到论坛上。日志一次粘不完，分次粘完. 请勿修改日志内容！
ʼ`ÀBfù®bbs.ikaka.com¨ûhAGL\

好的。谢谢。ʼ`ÀBfù®bbs.ikaka.com¨ûhAGL\

日志内容：
======================
2006-10-26,23:07:41

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows 2000 Professional Service Pack 3 (Build 2195)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <internat.exe><internat.exe>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><C:\WINNT\rundl132.exe>  []
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <KvMonXP><"C:\Program Files\KV2006\KVMonXP.kxp" /auto>  [Jiangmin Co.Ltd]
    <Synchronization Manager><mobsync.exe /logon>  [(Verified)Microsoft Corporation]
    <helper.dll><C:\WINNT\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32>  []
    <CnsMin><Rundll32.exe C:\WINNT\downlo~1\CnsMin.dll,Rundll32>  [北京三七二一科技有限公司]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe .exe>  [N/A]
    <Userinit><C:\WINNT\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]

==================================
启动文件夹
N/A

==================================
服务
[Autodesk Licensing Service / Autodesk Licensing Service]
  <"C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"><N/A>
[C-DillaCdaC11BA / C-DillaCdaC11BA]
  <C:\WINNT\system32\drivers\CDAC11BA.EXE><Macrovision>
[C-DillaSrv / C-DillaSrv]
  <C:\WINNT\System32\DRIVERS\CDANTSRV.EXE><C-Dilla Ltd>
[DefWatch / DefWatch]
  <C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe><Symantec Corporation>
[Logical Disk Manager Administrative Service / dmadmin]
  <C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[KVSrvXP / KVSrvXP]
  <C:\Program Files\KV2006\KVSrvXP.exe /Service><Jiangmin Co. Ltd>
[Machine Debug Manager / MDM]
  <"C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe"><Microsoft Corporation>
[Symantec AntiVirus Client / Norton AntiVirus Server]
  <C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe><Symantec Corporation>
[PDEngine / PDEngine]
  <C:\Program Files\Raxco\PerfectDisk\PDEngine.exe><>
[PDScheduler / PDSched]
  <C:\Program Files\Raxco\PerfectDisk\PDSched.exe><>

==================================
驱动程序
[1494779 / 1494779]
  <\SystemRoot\System32\drivers\1494779.sys><N/A>
[a0 / a0]
  <\SystemRoot\\SystemRoot\System32\drivers\1494779.sys><N/A>
[ASCTRM / ASCTRM]
  <C:\WINNT\SYSTEM32\DRIVERS\ASCTRM.SYS><Windows (R) 2000 DDK provider>
[Rising TDI Base Driver / BaseTDI]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[C-Dilla / C-Dilla]
  <\??\C:\WINNT\System32\drivers\CDANT.SYS><Macrovision>
[CdaC15BA / CdaC15BA]
  <\??\C:\WINNT\system32\drivers\CDAC15BA.SYS><Macrovision Europe Ltd>
[Defrag32 / Defrag32]
  <C:\WINNT\SYSTEM32\DRIVERS\Defrag32.SYS><Raxco Software, Inc.>
[Defrag32Boot / Defrag32b]
  <C:\WINNT\SYSTEM32\DRIVERS\Defrag32b.SYS><Raxco Software, Inc.>
[dmboot / dmboot]
  <System32\drivers\dmboot.sys><VERITAS Software Corp.>
[Logical Disk Manager Driver / dmio]
  <\SystemRoot\System32\drivers\dmio.sys><VERITAS Software Corp.>
[dmload / dmload]
  <\SystemRoot\System32\drivers\dmload.sys><VERITAS Software Corp.>
[EDSP Port Driver / Edspport]
  <System32\DRIVERS\es56tpi.sys><ESS Technology, Inc.>
[Creative AudioPCI (ES1371,ES1373) (WDM) / es1371]
  <system32\drivers\es1371mp.sys><Microsoft Corporation>
[HOOKAPI / HOOKAPI]
  <\??\C:\PROGRAM FILES\RISING\RAV\HOOKAPI.SYS><N/A>
[kmsinput / kmsinput]
  <\??\C:\WINNT\System32\drivers\kmsinput.sys><N/A>
[KRegEx / KRegEx]
  <\??\C:\PROGRA~1\KV2006\KRegEx.sys><Jiangmin Co. Ltd.>
[KSysCall Service / KSysCall]
  <\??\C:\PROGRA~1\KV2006\KSysCall.sys><Jiangmin Co. Ltd.>
[KVDriver for NT (KVDP) / KVDP]
  <\??\C:\PROGRA~1\KV2006\KVDP.sys><Jiangmin Co., Ltd.>
[KvMemon / KvMemon]
  <\??\D:\PROGRA~1\KV2006\KvMemon.sys><N/A>
[KVREDIR / KVREDIR]
  <\??\C:\Program Files\KV2006\KVREDIR.sys><Jiangmin Co. Ltd>
[KWATCH / KWATCH]
  <\??\C:\KAV2003\KWATCH.SYS><N/A>
[NAVAP / NAVAP]
  <\??\C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVAP.sys><Symantec Corporation>
[NAVAPEL / NAVAPEL]
  <\??\C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVAPEL.SYS><Symantec Corporation>
[NAVENG / NAVENG]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20041110.007\NAVENG.sys><Symantec Corporation>
[NAVEX15 / NAVEX15]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20041110.007\NAVEX15.sys><Symantec Corporation>
[New0 / New0]
  <\??\C:\WINNT\System32\new.sys><N/A>
[npkcrypt / npkcrypt]
  <\??\D:\Program Files\Tencent\QQ\npkcrypt.sys><N/A>
[PNP26799 / PNP26799]
  <\SystemRoot\system32\Drivers\pnp26538.sys><Anti Driver>
[PProtect / PProtect]
  <\??\C:\PROGRA~1\KV2006\PProtect.sys><Jiangmin Co. Ltd.>
[Direct Parallel Link Driver / Ptilink]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[S3Inc / S3Inc]
  <System32\DRIVERS\s3sav3dm.sys><S3 Incorporated>
[Sony Memory Stick Driver(SONYPVM1) / SONYPVM1]
  <\SystemRoot\system32\DRIVERS\SONYPVM1.SYS><Sony Corporation>
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1]
  <system32\DRIVERS\SONYPVU1.SYS><Sony Corporation>
[Samsung Mobile USB Device 1.0 driver (WDM) / ss_bus]
  <system32\DRIVERS\ss_bus.sys><MCCI>
[SAMSUNG Mobile USB Modem 1.0 Filter / ss_mdfl]
  <system32\DRIVERS\ss_mdfl.sys><MCCI>
[SAMSUNG Mobile USB Modem 1.0 Drivers / ss_mdm]
  <system32\DRIVERS\ss_mdm.sys><MCCI>
[SymEvent / SymEvent]
  <\??\C:\Program Files\Symantec\SYMEVENT.SYS><Symantec Corporation>
[World Standard Teletext Codec / WSTCODEC]
  <System32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>

==================================
浏览器加载项
[上网助手]
  {BB936323-19FA-4521-BA29-ECA6A121BC78} <C:\PROGRA~1\3721\Assist\asbar.dll, 3721>
[上网助手]
  {BB936323-19FA-4521-BA29-ECA6A121BC78} <C:\PROGRA~1\3721\Assist\asbar.dll, 3721>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINNT\system32\Macromed\Flash\Flash8.ocx, Macromedia, Inc.>
[Rising Web Scan Object]
  {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <C:\WINNT\DOWNLO~1\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[使用网际快车下载]
  <D:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <D:\Program Files\FlashGet\jc_all.htm, N/A>

==================================
ʼ`ÀBfù®bbs.ikaka.com¨ûhAGL\

正在运行的进程
[PID: 136][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.00.2195.5382]
[PID: 160][\??\C:\WINNT\system32\csrss.exe]  [Microsoft Corporation, 5.00.2195.5265]
[PID: 180][\??\C:\WINNT\system32\winlogon.exe]  [Microsoft Corporation, 5.00.2195.6970]
[PID: 208][C:\WINNT\system32\services.exe]  [Microsoft Corporation, 5.00.2195.3940]
    [C:\WINNT\system32\dmserver.dll]  [VERITAS Software Corp., 2195.3649.297.3]
[PID: 220][C:\WINNT\system32\lsass.exe]  [Microsoft Corporation, 5.00.2195.6902]
[PID: 404][C:\WINNT\system32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 428][C:\WINNT\system32\spoolsv.exe]  [Microsoft Corporation, 5.00.2195.4299]
[PID: 456][C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe]  [N/A, 2.51.000]
[PID: 480][C:\WINNT\system32\drivers\CDAC11BA.EXE]  [Macrovision, 4.20.020]
[PID: 500][C:\WINNT\System32\DRIVERS\CDANTSRV.EXE]  [C-Dilla Ltd, 3.25.010]
[PID: 516][C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe]  [Symantec Corporation, 8.00.00.9374]
[PID: 536][C:\WINNT\System32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 552][C:\Program Files\KV2006\KVSrvXP.exe]  [Jiangmin Co. Ltd, 9.2.0.50822]
    [C:\Program Files\KV2006\UpdateX.dll]  [JiangMin Co.Ltd., 9, 0, 5, 913]
    [C:\Program Files\KV2006\SvcSafe.dll]  [Jiangmin Co. Ltd, 9, 2, 0, 51107]
    [C:\Program Files\KV2006\lang\SvcSafe0804.lng]  [N/A, N/A]
    [C:\Program Files\KV2006\RegProt.dll]  [Jiangmin Co.Ltd, 9, 0, 5, 1212]
    [C:\Program Files\KV2006\Scan.dll]  [Jiangmin Co., Ltd., 1.0.6.05190]
    [C:\Program Files\KV2006\SHFOLDER.dll]  [Microsoft Corporation, 9.0.0.500]
    [C:\Program Files\KV2006\FileGD.dll]  [Jiangmin Co.Ltd, 9.2.0.50809]
    [C:\Program Files\KV2006\KvSPI.dll]  [Jiangmin Co. Ltd., 1.0.6.06030]
    [C:\Program Files\KV2006\lang\KvSPI0804.lng]  [N/A, N/A]
    [C:\Program Files\KV2006\ScanHost.dll]  [Jiangmin Co. Ltd, 9, 2, 0, 50822]
    [C:\Program Files\KV2006\KVWPSet.dll]  [Jiangmin Co.Ltd, 9, 0, 0, 60220]
    [C:\Program Files\KV2006\KVCkMail.dll]  [N/A, 9, 0, 6, 605]
    [C:\Program Files\KV2006\lang\KvMailRes0804.lng]  [N/A, N/A]
    [C:\Program Files\KV2006\EngPS.dll]  [Jiangmin Co.Ltd, 9, 2, 0, 50817]
[PID: 584][C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe]  [Microsoft Corporation, 7.00.9064.9150]
[PID: 688][C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe]  [Symantec Corporation, 8.00.00.9374]
    [C:\WINNT\system32\CBA.DLL]  [Intel? Corporation, 6.12.0.71 E]
    [C:\WINNT\system32\MsgSys.dll]  [Intel? Corporation, 6.12.0.71 E]
    [C:\WINNT\system32\NTS.dll]  [Intel? Corporation, 6.12.0.71 E]
    [C:\WINNT\system32\PDS.DLL]  [Intel? Corporation, 6.12.0.71 E]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVLU.dll]  [Symantec Corporation, 8.00.00.9374]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVNTUTL.DLL]  [Symantec/Peter Norton Group, 1, 0, 0, 1]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\i2ldvp3.dll]  [Symantec Corporation, 8.00.00.9374]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVAPI32.DLL]  [Symantec Corp., 4.1.0.15]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20041110.007\NAVEX32a.DLL]  [Symantec Corporation, 2004.2.1.10]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20041110.007\NAVENG32.DLL]  [Symantec Corporation, 2004.2.1.10]
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVAP32.DLL]  [Symantec Corporation, 9.0.0.14]
[PID: 760][C:\WINNT\system32\regsvc.exe]  [Microsoft Corporation, 5.00.2195.3649]
[PID: 780][C:\WINNT\system32\MSTask.exe]  [Microsoft Corporation, 4.71.2195.6920]
[PID: 820][C:\WINNT\system32\stisvc.exe]  [Microsoft Corporation, 5.00.2195.3649]
[PID: 900][C:\WINNT\System32\WBEM\WinMgmt.exe]  [Microsoft Corporation, 1.50.1085.0070]
[PID: 940][C:\WINNT\Explorer.exe]  [Microsoft Corporation, 5.00.3502.5321]
    [C:\WINNT\system32\AcSignIcon.dll]  [Autodesk, 16.0.0.86]
    [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]  [Autodesk, 16.1.63.0]
    [C:\WINNT\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 1, 5]
    [C:\PROGRA~1\3721\helper.dll]  [, 1, 0, 1, 3]
    [C:\PROGRA~1\3721\alrex.dll]  [, 1, 0, 1, 1001]
    [C:\PROGRA~1\3721\AutoLive.dll]  [, 1, 1, 6, 1325]
    [C:\PROGRA~1\3721\Assist\asnoad.dll]  [, 1, 0, 0, 9]
    [C:\WINNT\system32\plotman.cpl]  [Autodesk, Inc., 8.0.16.86]
    [C:\WINNT\system32\styleman.cpl]  [Autodesk, Inc., 8.0.16.86]
    [c:\progra~1\3721\assist\adfilter.dll]  [ , 1, 0, 1, 6]
    [C:\PROGRA~1\3721\Assist\repair.dll]  [北京三七二一科技有限公司, 1, 0, 4, 1001]
    [C:\PROGRA~1\3721\Assist\optimum.dll]  [N/A, N/A]
    [C:\PROGRA~1\3721\Assist\XPStyle.dll]  [N/A, N/A]
    [C:\PROGRA~1\3721\Shell\Assecblk.dll]  [3721, 1, 0, 1, 1001]
    [C:\PROGRA~1\3721\Assist\asbar.dll]  [3721, 1, 0, 1, 1021]
    [C:\PROGRA~1\3721\Assist\tbwrap.dll]  [3721, 1, 0, 0, 2]
    [C:\PROGRA~1\3721\Assist\aswiper.dll]  [3721, 1, 0, 1, 1004]
    [C:\PROGRA~1\3721\Assist\asiesec.dll]  [yahoo, 1, 0, 0, 9]
    [D:\Program Files\PowerArchiver\PASHLEXT.DLL]  [ConeXware, 公司., 2.6.0.0]
[PID: 956][C:\WINNT\system32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 1316][C:\WINNT\system32\rundll32.exe]  [Microsoft Corporation, 5.00.2134.1]
    [C:\PROGRA~1\3721\helper.dll]  [, 1, 0, 1, 3]
    [C:\PROGRA~1\3721\AutoLive.dll]  [, 1, 1, 6, 1325]
    [C:\PROGRA~1\3721\notifier.dll]  [, 1, 0, 0, 5]
    [C:\WINNT\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 1, 5]
[PID: 1324][C:\WINNT\system32\Rundll32.exe]  [Microsoft Corporation, 5.00.2134.1]
    [C:\WINNT\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 1, 5]
    [C:\PROGRA~1\3721\helper.dll]  [, 1, 0, 1, 3]
[PID: 1336][C:\WINNT\system32\internat.exe]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\WINNT\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 1, 5]
[PID: 1444][C:\Program Files\KV2006\UIHost.exe]  [Jiangmin Co. Ltd, 9.2.0.50822]
    [C:\WINNT\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 1, 5]
    [C:\PROGRA~1\3721\helper.dll]  [, 1, 0, 1, 3]
    [C:\Program Files\KV2006\UpdateX.dll]  [JiangMin Co.Ltd., 9, 0, 5, 913]
    [C:\Program Files\KV2006\ComUI.dll]  [Jiangmin Ltd., 9. 0. 0.509]
    [C:\Program Files\KV2006\ComUIPS.dll]  [Jiangmin Ltd., 9. 5. 5. 20]
    [C:\Program Files\KV2006\GUIExt.dll]  [Jiangmin Co.Ltd, 9, 0, 5, 927]
    [C:\Program Files\KV2006\lang\GUIExt0804.lng]  [JiangMin Ltd., 7, 1, 0, 200]
[PID: 1064][C:\WINNT\system32\conime.exe]  [Microsoft Corporation, 5.00.2195.5433]
    [C:\WINNT\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 1, 5]
    [C:\PROGRA~1\3721\helper.dll]  [, 1, 0, 1, 3]
[PID: 848][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2800.1106]
    [C:\WINNT\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 1, 5]
    [C:\PROGRA~1\3721\helper.dll]  [, 1, 0, 1, 3]
    [C:\PROGRA~1\3721\scrblock.dll]  [3721, 1, 0, 1, 1000]
    [C:\PROGRA~1\3721\alrex.dll]  [, 1, 0, 1, 1001]
    [C:\PROGRA~1\3721\AutoLive.dll]  [, 1, 1, 6, 1325]
    [C:\PROGRA~1\3721\Assist\asbar.dll]  [3721, 1, 0, 1, 1021]
    [C:\WINNT\system32\AcSignIcon.dll]  [Autodesk, 16.0.0.86]
    [C:\PROGRA~1\3721\Assist\tbwrap.dll]  [3721, 1, 0, 0, 2]
    [C:\PROGRA~1\3721\Assist\asnoad.dll]  [, 1, 0, 0, 9]
    [C:\PROGRA~1\3721\Assist\aswiper.dll]  [3721, 1, 0, 1, 1004]
    [C:\PROGRA~1\3721\Assist\asiesec.dll]  [yahoo, 1, 0, 0, 9]
[PID: 968][C:\WINNT\system32\NOTEPAD.EXE]  [Microsoft Corporation, 5.00.2140.1]
    [C:\WINNT\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 1, 5]
    [C:\PROGRA~1\3721\helper.dll]  [, 1, 0, 1, 3]
    [C:\WINNT\system32\AcSignIcon.dll]  [Autodesk, 16.0.0.86]
[PID: 268][D:\Program Files\PowerArchiver\POWERARC.EXE]  [ConeXware, 公司., 7.02.08]
    [C:\WINNT\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 1, 5]
    [C:\PROGRA~1\3721\helper.dll]  [, 1, 0, 1, 3]
    [D:\Program Files\PowerArchiver\unrar.dll]  [N/A, N/A]
    [D:\Program Files\PowerArchiver\cabinet.dll]  [Microsoft Corporation, 1.00.603.0]
    [C:\WINNT\system32\AcSignIcon.dll]  [Autodesk, 16.0.0.86]
    [D:\Program Files\PowerArchiver\UnAceV2.Dll]  [N/A, N/A]
[PID: 800][C:\WINNT\.exe]  [N/A, N/A]
    [C:\WINNT\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 1, 5]
    [C:\PROGRA~1\3721\helper.dll]  [, 1, 0, 1, 3]
[PID: 1480][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [C:\WINNT\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 1, 5]
    [C:\PROGRA~1\3721\helper.dll]  [, 1, 0, 1, 3]
[PID: 1068][C:\WINNT\system32\wuaucll.exe]  [N/A, N/A]
    [C:\WINNT\downlo~1\CnsMin.dll]  [北京三七二一科技有限公司, 1, 5, 1, 5]
    [C:\PROGRA~1\3721\helper.dll]  [, 1, 0, 1, 3]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  Error. [ "%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINNT\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  Error. ["C:\Program Files\Macromedia\Dreamweaver MX\Dreamweaver.exe" "%1"]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================ʼ`ÀBfù®bbs.ikaka.com¨ûhAGL\

========Content========
【回复“Irene2004”的帖子】

用SRENG删除启动项：

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<load><C:\WINNT\rundl132.exe> []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe .exe> [N/A]


用SRENG删除以下驱动（打开SRENG，点击启动项目－>服务－>驱动程序，选中需要操作的驱动，点击删除服务，然后点击设置，弹出对话框，选择否，然后确定退出）：

[1494779 / 1494779]
<\SystemRoot\System32\drivers\1494779.sys><N/A>

[a0 / a0]
<\SystemRoot\\SystemRoot\System32\drivers\1494779.sys><N/A>


[New0 / New0]
<\??\C:\WINNT\System32\new.sys><N/A>

[PNP26799 / PNP26799]
<\SystemRoot\system32\Drivers\pnp26538.sys><Anti Driver>

注意：如果pnp26538.sys是你安装的正常文件，请保留。

用SRENG修复文件关联：

.EXE Error. [ "%1" %*]
.JS Error. ["C:\Program Files\Macromedia\Dreamweaver MX\Dreamweaver.exe" "%1"]

重启计算机，显示隐藏文件删除文件：
C:\WINNT\rundl132.exe
C:\WINNT\System32\drivers\1494779.sys
C:\WINNT\System32\new.sys
C:\WINNT\system32\Drivers\pnp26538.sys

全盘搜索1494779.sys文件，找到后删除

下载超级兔子魔法设置,下载地址：http://www.pctutu.com/download.asp
安装好后，运行超级兔子，点击主界面超级兔子清理王，点击左侧“专业卸载”,卸载所有安装状态为已安装的软件。卸载时不要打开任何浏览器和文件窗口。卸载不了的可以重启后再卸载或在安全模式下卸载。

建议你给操作系统安装SP4补丁，用WINDOWS UPDATE打全补丁ʼ`ÀBfù®bbs.ikaka.com¨ûhAGL\