瑞星卡卡安全论坛

昨天用瑞星手动扫描了一遍系统,居然杀出来200多个病毒.我现在担心不知道有没有杀干净,而且每次点击瑞星升级就会出现注册表值被修改.高手来看看我的电脑到底怎么了?下面是我的日志,高手看看:

2007-04-02,22:25:33

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background>  [(Verified)Microsoft Corporation]
    <ppshell><>  [N/A]
    <b><C:\DOCUME~1\QQ\LOCALS~1\Temp\iexpl0re.exe>  [N/A]
    <ravshelll><C:\Progra~1\Eset\eexplore.exe>  [N/A]
    <jlz><C:\DOCUME~1\QQ\LOCALS~1\Temp\Servere.exe>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <ATIPTA><C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe>  [ATI Technologies, Inc.]
    <SoundMan><SOUNDMAN.EXE>  [(Verified)Realtek Semiconductor Corp.]
    <NeroFilterCheck><C:\WINDOWS\system32\NeroCheck.exe>  [Ahead Software Gmbh]
    <InCD><C:\Program Files\Ahead\InCD\InCD.exe>  [Ahead Software AG]
    <RavTask><"G:\瑞星杀毒软件\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <RfwMain><"G:\瑞星防火墙\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <BigDog303><C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)>  [N/A]
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  [N/A]
    <PCSuiteTrayApplication><G:\NOKIA套件\Nokia PC Suite 6\LaunchApplication.exe -startup>  [Nokia]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\Userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]

==================================
启动文件夹
[Microsoft Office]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Microsoft Office.lnk --> C:\PROGRA~1\MICROS~2\Office10\OSA.EXE [Microsoft Corporation]><N>
[QQ游戏启动加速程序]
  <C:\Documents and Settings\QQ\「开始」菜单\程序\启动\QQ游戏启动加速程序.lnk --> D:\QQ游戏~1\QQGAME\Accel.exe [深圳市腾讯计算机系统有限公司]><N>

==================================
服务
[Ati HotKey Poller / Ati HotKey Poller]
  <C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[ATI Smart / ATI Smart]
  <C:\WINDOWS\system32\ati2sgag.exe><>
[C-DillaCdaC11BA / C-DillaCdaC11BA]
  <C:\WINDOWS\system32\drivers\CDAC11BA.EXE><Macrovision>
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[InCD Helper / InCDsrv]
  <C:\Program Files\Ahead\InCD\InCDsrv.exe><Ahead Software AG>
[Machine Debug Manager / MDM]
  <"C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe"><Microsoft Corporation>
[Rising Proxy  Service / RfwProxySrv]
  <g:\瑞星防火墙\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
  <g:\瑞星防火墙\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
  <"G:\瑞星杀毒软件\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon]
  <"G:\瑞星杀毒软件\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[ServiceLayer / ServiceLayer]
  <"C:\Program Files\PC Connectivity Solution\ServiceLayer.exe"><Nokia.>

==================================
驱动程序
[Service for Realtek AC97 Audio (WDM) / ALCXWDM]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[ati2mtag / ati2mtag]
  <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[Rising TDI Base Driver / BaseTDI]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[CdaC15BA / CdaC15BA]
  <\??\C:\WINDOWS\system32\drivers\CDAC15BA.SYS><Macrovision Europe Ltd>
[ExpScaner / ExpScaner]
  <\??\G:\瑞星杀毒软件\Rising\Rav\ExpScan.sys><>
[HookCont / HookCont]
  <\??\G:\瑞星杀毒软件\Rising\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg]
  <\??\G:\瑞星杀毒软件\Rising\Rav\HookReg.sys><>
[HookSys / HookSys]
  <\??\G:\瑞星杀毒软件\Rising\Rav\HookSys.sys><Rising>
[HookUrl / HookUrl]
  <\??\G:\瑞星防火墙\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[InCD File System / InCDfs]
  <C:\WINDOWS\SYSTEM32\DRIVERS\InCDfs.SYS><Ahead Software AG>
[InCDPass / InCDPass]
  <System32\DRIVERS\InCDPass.sys><Ahead Software AG>
[MEMSCAN / MEMSCAN]
  <\??\G:\瑞星杀毒软件\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs]
  <\??\g:\瑞星防火墙\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[Nokia USB Generic / Nokia USB Generic]
  <system32\drivers\nmwcdc.sys><Nokia>
[Nokia USB Modem / Nokia USB Modem]
  <system32\drivers\nmwcdcm.sys><Nokia>
[Nokia USB Phone Parent / Nokia USB Phone Parent]
  <system32\drivers\nmwcd.sys><Nokia>
[Nokia USB Port / Nokia USB Port]
  <system32\drivers\nmwcdcj.sys><Nokia>
[npkcrypt / npkcrypt]
  <\??\D:\2006珊瑚虫\安装QQ\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsFwDrv / RsFwDrv]
  <\??\G:\瑞星防火墙\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS]
  <\??\G:\瑞星杀毒软件\Rising\Rav\RSPPSYS.sys><Rising>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv]

<system32\DRIVERS\secdrv.sys><N/A>
[SVKP / SVKP]
  <\??\C:\WINDOWS\system32\SVKP.sys><AntiCracking>

==================================
浏览器加载项
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <D:\2006珊瑚虫\安装QQ\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[昆山视窗唐人游]
  {9E8A3C9F-F66D-425C-A38A-F1D9558EBD28} <D:\昆山视窗唐人游戏大厅\TangGame\唐人游.lnk, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <D:\2006珊瑚虫\安装QQ\QQ\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <D:\2006珊瑚虫\安装QQ\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[CPPMediaCtrl Object]
  {FCD61199-E187-4ADD-88E5-9AF238486D11} <C:\WINDOWS\system32\forcetv.dll, 北京原力创新科技有限公司>
[Microsoft Outlook 8.0 Object Library]
  {0006F033-0000-0000-C000-000000000046} <, N/A>
[Microsoft Outlook]
  {0006F03A-0000-0000-C000-000000000046} <, N/A>
[PeerDraw Class]
  {10072CEC-8CC1-11D1-986E-00A0C955B42E} <C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll, Microsoft Corporation>
[CEnroll Class]
  {127698E4-E730-4E5C-A2B1-21490A70C8A1} <C:\WINDOWS\system32\xenroll.dll, Microsoft Corporation>
[iTrusPTA Class]
  {1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\aliedit\pta.dll, >
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[RealPlayer RAM Download Handler]
  {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[CEditCtrl Object]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\AliEdit.dll, www.alipay.com>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <D:\2006珊瑚虫\安装QQ\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
  {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[Microsoft DirectAnimation Path]
  {D7A7D7C3-D47F-11D0-89D3-00A0C90833E6} <C:\WINDOWS\system32\daxctle.ocx, Microsoft Corporation>
[CPPMediaCtrl Object]
  {FCD61199-E187-4ADD-88E5-9AF238486D11} <C:\WINDOWS\system32\forcetv.dll, 北京原力创新科技有限公司>
[上传到QQ网络硬盘]
  <D:\2006珊瑚虫\安装QQ\QQ\AddToNetDisk.htm, N/A>
[导出到 Microsoft Excel(&x)]
  <res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
  <D:\2006珊瑚虫\安装QQ\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <D:\2006珊瑚虫\安装QQ\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <D:\2006珊瑚虫\安装QQ\QQ\SendMMS.htm, N/A>

==================================
正在运行的进程
[PID: 444][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 520][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 544][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Ati2evxx.dll]  [ATI Technologies Inc., 6.14.10.4107]
[PID: 588][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 600][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 748][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4107]
    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2495]
[PID: 760][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 816][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 924][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 944][C:\Program Files\Ahead\InCD\InCDsrv.exe]  [Ahead Software AG, 4, 2, 12, 0]
    [C:\Program Files\Common Files\Ahead\Lib\AdvrCntr.dll]  [Ahead Software AG, 1,0,13, 2121]
    [C:\Program Files\Common Files\Ahead\Lib\DriveLocker.dll]  [Ahead Software AG, 1, 0, 0, 13]
    [C:\Program Files\Ahead\InCD\incdshx.dll]  [Ahead Software AG, 4, 2, 12, 0]
[PID: 1188][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1292][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4107]
    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2495]
[PID: 1340][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1348][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\AcSignIcon.dll]  [Autodesk, 16.0.0.86]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]  [Autodesk, 16.0.0.86]
    [C:\Program Files\Ahead\InCD\incdshx.dll]  [Ahead Software AG, 4, 2, 12, 0]
    [G:\NOKIA套件\Nokia PC Suite 6\PhoneBrowser.dll]  [Nokia, 6, 82, 63, 9]
    [G:\NOKIA套件\Nokia PC Suite 6\PCSCM.dll]  [Nokia, 6, 82, 77, 0]
    [C:\Program Files\PC Connectivity Solution\ConnAPI.DLL]  [Nokia., 6, 82, 72, 2]
    [G:\NOKIA套件\Nokia PC Suite 6\Lang\PhoneBrowser_chi-sc.nlr]  [Nokia, 6, 82, 36, 1]
    [G:\NOKIA套件\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr]  [Nokia, 6, 82, 14, 0]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [G:\瑞星杀毒软件\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[PID: 1668][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 1928][g:\瑞星防火墙\rising\rfw\RfwMain.exe]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 70]
    [g:\瑞星防火墙\rising\rfw\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
    [g:\瑞星防火墙\rising\rfw\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [g:\瑞星防火墙\rising\rfw\RfwCtrl.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
    [g:\瑞星防火墙\rising\rfw\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [g:\瑞星防火墙\rising\rfw\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[PID: 2036][C:\WINDOWS\system32\drivers\CDAC11BA.EXE]  [Macrovision, 4.20.020]
[PID: 188][C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe]  [Microsoft Corporation, 7.00.9064.9150]
[PID: 232][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 356][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 268][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 636][C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe]  [ATI Technologies, Inc., 6.14.10.5125]
    [C:\Program Files\ATI Technologies\ATI Control Panel\atipdsxx.dll]  [ATI Technologies, Inc., 6.14.10.5125]
    [C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATRPUIXX.CHS]  [ATI Technologies, Inc., 6.14.10.5125]
    [C:\Program Files\ATI Technologies\ATI Control Panel\atipdxxx.dll]  [ATI Technologies, Inc., 6.14.10.5125]
[PID: 1012][C:\WINDOWS\SOUNDMAN.EXE]  [Realtek Semiconductor Corp., 5.1.0.30]
[PID: 1092][C:\Program Files\Ahead\InCD\InCD.exe]  [Ahead Software AG, 4, 2, 12, 0]
    [C:\Program Files\Ahead\InCD\InCDapi.dll]  [Ahead Software AG, 4, 2, 12, 0]
    [C:\Program Files\Common Files\Ahead\Lib\DriveLocker.dll]  [Ahead Software AG, 1, 0, 0, 13]
    [C:\Program Files\Ahead\InCD\incdshx.dll]  [Ahead Software AG, 4, 2, 12, 0]
[PID: 1596][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.0.3536]
[PID: 2016][C:\WINDOWS\VM303_STI.EXE]  [Vimicro, 4, 3, 625, 61]

[C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\VM303Prp.Ax]  [Vimicro, 4.3. 625.61]
[PID: 1284][C:\Program Files\Messenger\msmsgs.exe]  [Microsoft Corporation, 4.7.3001]
[PID: 2176][C:\Progra~1\Eset\eexplore.exe]  [N/A, N/A]
[PID: 2252][C:\Program Files\PC Connectivity Solution\ServiceLayer.exe]  [Nokia., 6, 82, 69, 3]
    [C:\Program Files\PC Connectivity Solution\NclTools.dll]  [Nokia, 6, 82, 26, 3]
    [C:\Program Files\PC Connectivity Solution\Transports\NCLIrDAMM.dll]  [Nokia Corp., 6, 82, 31, 0]
    [C:\Program Files\PC Connectivity Solution\Transports\NCLRSMM.dll]  [Nokia Corp., 6, 82, 39, 1]
    [C:\Program Files\PC Connectivity Solution\Transports\NCLUSBMM.dll]  [Nokia Corp., 6, 82, 48, 0]
    [C:\Program Files\PC Connectivity Solution\Transports\NclMSBTMM.dll]  [Nokia Corp., 6, 82, 47, 1]
[PID: 2524][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3764][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2848][G:\瑞星杀毒软件\Rising\Rav\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 4]
    [G:\瑞星杀毒软件\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [G:\瑞星杀毒软件\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[PID: 1744][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\AcSignIcon.dll]  [Autodesk, 16.0.0.86]
    [D:\2006珊瑚虫\安装QQ\QQ\QQIEHelper.dll]  [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
    [G:\瑞星杀毒软件\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
[PID: 1764][G:\SREng2智能扫描软件\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost
127.0.0.1      mmm.caifu18.net
127.0.0.1      www.18dmm.com
127.0.0.1      d.qbbd.com
127.0.0.1      www.5117music.com
127.0.0.1      www.union123.com
127.0.0.1      www.wu7x.cn
127.0.0.1      www.54699.com
127.0.0.1      60.169.0.66
127.0.0.1      60.169.1.29
127.0.0.1      www.97725.com
127.0.0.1      down.97725.com
127.0.0.1      ip.315hack.com
127.0.0.1      ip.54liumang.com
127.0.0.1      www.41ip.com
127.0.0.1      xulao.com
127.0.0.1      www.heixiou.com
127.0.0.1      www.9cyy.com
127.0.0.1      www.hunll.com
127.0.0.1      www.down.hunll.com
127.0.0.1      do.77276.com
127.0.0.1      www.baidulink.com
127.0.0.1      adnx.yygou.cn
127.0.0.1      222.73.220.45
127.0.0.1      www.f5game.com
127.0.0.1      www.guazhan.cn
127.0.0.1      wm,103715.com
127.0.0.1      www.my6688.cn
127.0.0.1      i.96981.com
127.0.0.1      d.77276.com
127.0.0.1      www1.cw988.cn
127.0.0.1      cool.47555.com
127.0.0.1      www.asdwc.com
127.0.0.1      55880.cn

==================================

200个你就担心了，你知道不，今天我杀了1556个！！~！~！

打开System Repair Engineer（也就是你的扫描日志软件SREng.exe），点“启动项目，服务，点“驱动程序”勾选“隐藏以认证的微软服务”选中病毒服务SVKP，选择“删除服务”点“设置”选择“否”

请到www.27814939.ys168.com,点“我的软件”下载KillBox.exe
重新启动电脑, 开机检测完后, 按[F8]键(可以一直按到启动菜单出来为止), 选择安全模式进入Windows
双击打开KillBox.exe，分别删除
C:\DOCUME~1\QQ\LOCALS~1\Temp\iexpl0re.exe
C:\Progra~1\Eset\eexplore.exe
C:\DOCUME~1\QQ\LOCALS~1\Temp删除这个文件夹所有能删除的东东。
C:\WINDOWS\system32\SVKP.sys
（删除时勾选“删除前先结束Explorer.EXE进程”不行再试着勾选"删除DLL文件前反注册此文件"
给菜鸟的东东—KillBox的使用技巧
http://forum.ikaka.com/topic.asp?board=28&artid=8160799

打开System Repair Engineer（也就是你的扫描日志软件SREng.exe），使用“启动项目，注册表”来删除以下选项。
C:\DOCUME~1\QQ\LOCALS~1\Temp\iexpl0re.exe
C:\Progra~1\Eset\eexplore.exe
C:\DOCUME~1\QQ\LOCALS~1\Temp\Servere.exe

重启 。


建议下载这几款流氓软件清除工具。

http://www.arswp.com/
Windows清理助手

http://www.tommsoft.com/
恶意软件清理助手

http://www.360safe.com/
360安全卫士
修复后重启。
我估计你中的是欺骗性的蠕虫病毒
如果这样杀软还报病毒，把病毒的路径报上来。

在我的C:\Documents and Settings\QQ\Local Settings\Temp文件下面有两个文件一直删除不掉,我记得以前是没有的后来不知怎么就有了,就一直删除不掉.也不知道是不是病毒文件,但到不影响我使用电脑.
下面的图表就是我删除不掉的两个文件:


附件: 68950420074300014.bmp

这两个没有问题的，应该是瑞星东东。
有异常你再扫个日志瞅瞅。