瑞星卡卡安全论坛

我是用诺顿杀毒的..病毒库已经升级到最新的了....可还是杀不了...在此求救大虾了

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <NVMixerTray><"C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe">  [NVIDIA Corporation]
    <SoundMan><SOUNDMAN.EXE>  [Realtek Semiconductor Corp.]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [NVIDIA Corporation]
    <nwiz><nwiz.exe /install>  []
    <NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit>  [NVIDIA Corporation]
    <ccApp><"C:\Program Files\Common Files\Symantec Shared\ccApp.exe">  [(Verified)Symantec Corporation]
    <MSConfig><C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{131AB311-16F1-F13B-1E43-11A24B51AFD1}><C:\WINDOWS\system32\gdipri.dll>  []
    <{F382C1EB-375C-573D-1F5E-23455234524A}><C:\WINDOWS\system32\npgpri.dll>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <cmdbcs><; C:\WINDOWS\cmdbcs.exe>  []
    <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]
    <mppds><; C:\WINDOWS\mppds.exe>  []
    <PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows Publisher]

==================================
启动文件夹
[腾讯QQ]
  <C:\Documents and Settings\cc\「开始」菜单\程序\启动\腾讯QQ.lnk --> D:\应用软件\QQ文件夹\QQ.exe [TENCENT]><N>

==================================
服务
[Symantec Event Manager / ccEvtMgr][Running/Auto Start]
  <"C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"><Symantec Corporation>
[Symantec Network Proxy / ccProxy][Running/Auto Start]
  <"C:\Program Files\Common Files\Symantec Shared\ccProxy.exe"><Symantec Corporation>
[Symantec Password Validation / ccPwdSvc][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe"><Symantec Corporation>
[Symantec Settings Manager / ccSetMgr][Running/Auto Start]
  <"C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"><Symantec Corporation>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Norton AntiVirus Auto Protect Service / navapsvc][Running/Auto Start]
  <"C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe"><Symantec Corporation>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[SAVScan / SAVScan][Running/Auto Start]
  <"C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe"><Symantec Corporation>
[ScriptBlocking Service / SBService][Stopped/Auto Start]
  <C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe><Symantec Corporation>
[Symantec Network Drivers Service / SNDSrvc][Running/Auto Start]
  <"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"><Symantec Corporation>
[Work Servers / Work Servers][Stopped/Auto Start]
  <C:\WINDOWS\system32\Wservers.exe><Microsoft Corporation>

==================================
驱动程序
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[NAVENG / NAVENG][Running/Manual Start]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070418.024\NAVENG.Sys><Symantec Corporation>
[NAVEX15 / NAVEX15][Running/Manual Start]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070418.024\NavEx15.Sys><Symantec Corporation>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[nvata / nvata][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\nvata.sys><NVIDIA Corporation>
[Service for NVIDIA(R) nForce(TM) Audio Enumerator / nvax][Stopped/Manual Start]
  <system32\drivers\nvax.sys><NVIDIA Corporation>
[Service for NVIDIA(R) nForce(TM) Audio / nvnforce][Stopped/Manual Start]
  <system32\drivers\nvapu.sys><NVIDIA Corporation>
[PciCon / PciCon][Stopped/Manual Start]
  <\??\G:\PciCon.sys><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Realtek 10/100/1000 NIC Family all in one NDIS XP Driver / RTL8023xp][Running/Manual Start]
  <system32\DRIVERS\Rtnicxp.sys><Realtek Semiconductor Corporation>
[SAVRT / SAVRT][Running/System Start]
  <\??\C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRT.SYS><Symantec Corporation>
[SAVRTPEL / SAVRTPEL][Running/System Start]
  <\??\C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRTPEL.SYS><Symantec Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[SYMDNS / SYMDNS][Running/Manual Start]
  <\SystemRoot\System32\Drivers\SYMDNS.SYS><Symantec Corporation>
[SymEvent / SymEvent][Running/Manual Start]
  <\??\C:\Program Files\Symantec\SYMEVENT.SYS><Symantec Corporation>
[SYMFW / SYMFW][Running/Manual Start]
  <\SystemRoot\System32\Drivers\SYMFW.SYS><Symantec Corporation>
[SYMIDS / SYMIDS][Running/Manual Start]
  <\SystemRoot\System32\Drivers\SYMIDS.SYS><Symantec Corporation>
[SYMIDSCO / SYMIDSCO][Running/Manual Start]
  <\SystemRoot\System32\Drivers\SYMIDSCO.SYS><Symantec Corporation>
[SYMNDIS / SYMNDIS][Running/Manual Start]
  <\SystemRoot\System32\Drivers\SYMNDIS.SYS><Symantec Corporation>
[SYMREDRV / SYMREDRV][Running/Manual Start]
  <\SystemRoot\System32\Drivers\SYMREDRV.SYS><Symantec Corporation>
[SYMTDI / SYMTDI][Running/System Start]
  <\SystemRoot\System32\Drivers\SYMTDI.SYS><Symantec Corporation>
[SynTPS / SynTPS][Stopped/System Start]
  <system32\drivers\SynTPS.sys><N/A>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\D:\应用软件\QQ文件夹\npkcrypt.sys><INCA Internet Co., Ltd.>

==================================
浏览器加载项
[CNisExtBho Class]
  {9ECB9560-04F9-4bbc-943D-298DDF1699E1} <C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll, Symantec Corporation>
[CNavExtBho Class]
  {BDF3E430-B101-42AD-A544-FADC6B084872} <C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll, Symantec Corporation>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <D:\应用软件\QQ文件夹\QQ.EXE, TENCENT>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[Web 助手]
  {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} <C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll, Symantec Corporation>
[Norton AntiVirus]
  {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} <C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll, Symantec Corporation>
[Web 助手]
  {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} <C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll, Symantec Corporation>
[Norton AntiVirus]
  {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} <C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll, Symantec Corporation>
[CNisExtBho Class]
  {9ECB9560-04F9-4BBC-943D-298DDF1699E1} <C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll, Symantec Corporation>
[CNavExtBho Class]
  {BDF3E430-B101-42AD-A544-FADC6B084872} <C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll, Symantec Corporation>
[上传到QQ网络硬盘]
  <D:\应用软件\QQ文件夹\AddToNetDisk.htm, N/A>
[添加到QQ自定义面板]
  <D:\应用软件\QQ文件夹\AddPanel.htm, N/A>
[添加到QQ表情]
  <D:\应用软件\QQ文件夹\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <D:\应用软件\QQ文件夹\SendMMS.htm, N/A>

==================================

正在运行的进程
[PID: 584][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 648][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 688][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 732][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 744][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 896][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1536][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\open08.dll]  [, 1, 0, 8, 1]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\gdipri.dll]  [N/A, ]
    [C:\WINDOWS\system32\npgpri.dll]  [N/A, ]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\DOCUME~1\cc\LOCALS~1\Temp\Gjzo0.dll]  [N/A, ]
    [C:\DOCUME~1\cc\LOCALS~1\Temp\Kavs0.dll]  [N/A, ]
    [C:\DOCUME~1\cc\LOCALS~1\Temp\LgSy0.dll]  [N/A, ]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\ANTISPAM\asOEHook.dll]  [Symantec Corporation, 2004.1.04.18]
    [C:\WINDOWS\system32\MSVCR70.dll]  [Microsoft Corporation, 7.00.9466.0]
    [C:\WINDOWS\system32\nvcpl.dll]  [NVIDIA Corporation, 6.14.10.9129]
    [C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.9129]
    [C:\WINDOWS\system32\nvshell.dll]  [, ]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll]  [Symantec Corporation, 10.00.109]
    [C:\WINDOWS\system32\MSVCP70.dll]  [Microsoft Corporation, 7.00.9466.0]
    [C:\Program Files\Common Files\Symantec Shared\Script Blocking\scrauth.dll]  [Symantec Corporation, 1, 1, 1, 131]
    [C:\Program Files\Common Files\Symantec Shared\Script Blocking\ScrBlock.dll]  [Symantec Corporation, 1, 1, 1, 131]
    [C:\WINDOWS\system32\msadp32.acm]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\K-LITE~1\codecs\ac3acm.acm]  [fccHandler, 1, 2, 0, 0]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [D:\应用软件\QQ文件夹\DShared.dll]  [Tencent, 1, 6, 0, 0]
[PID: 2204][C:\WINDOWS\system32\wscntfy.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\应用软件\QQ文件夹\DShared.dll]  [Tencent, 1, 6, 0, 0]
[PID: 2224][C:\WINDOWS\SOUNDMAN.EXE]  [Realtek Semiconductor Corp., 5, 1, 0, 44]
    [D:\应用软件\QQ文件夹\DShared.dll]  [Tencent, 1, 6, 0, 0]
[PID: 2248][C:\WINDOWS\system32\RUNDLL32.EXE]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\NvMcTray.dll]  [NVIDIA Corporation, 6.14.10.9129]
    [C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.9129]
    [D:\应用软件\QQ文件夹\DShared.dll]  [Tencent, 1, 6, 0, 0]
[PID: 2260][C:\Program Files\Common Files\Symantec Shared\ccApp.exe]  [Symantec Corporation, 2.0.2.806]
    [C:\WINDOWS\system32\MSVCP70.dll]  [Microsoft Corporation, 7.00.9466.0]
    [C:\WINDOWS\system32\MSVCR70.dll]  [Microsoft Corporation, 7.00.9466.0]
    [C:\Program Files\Symantec\LiveUpdate\ProductRegCom.DLL]  [Symantec Corporation, 1.90.15.0]
    [C:\Program Files\Symantec\LiveUpdate\LuComServerPS.DLL]  [Symantec Corporation, 1.90.15.0]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 2.0.2.806]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\ANTISPAM\ASLOADER.DLL]  [Symantec Corporation, 2004.1.04.17]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\ANTISPAM\asOEHook.dll]  [Symantec Corporation, 2004.1.04.18]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL]  [Symantec Corporation, 2.0.2.806]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL]  [Symantec Corporation, 2.0.2.806]
    [C:\WINDOWS\system32\SYMREDIR.dll]  [Symantec Corporation, 5.2.0.108]
    [C:\PROGRA~1\NORTON~1\ISLALERT.DLL]  [Symantec Corporation, 7.0.0.177]
    [C:\PROGRA~1\NORTON~1\NISRES.DLL]  [Symantec Corporation, 7.0.0.177]
    [C:\Program Files\Common Files\Symantec Shared\ccSet.dll]  [Symantec Corporation, 2.0.2.806]
    [C:\PROGRA~1\NORTON~1\NISPROD.DLL]  [Symantec Corporation, 7.0.0.177]
    [C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll]  [Symantec Corporation, 2.0.2.806]
    [C:\Program Files\Common Files\Symantec Shared\ccProSub.dll]  [Symantec Corporation, 2.0.2.806]
    [C:\PROGRA~1\NORTON~1\NORTON~1\CCIMSCAN.DLL]  [Symantec Corporation, 10.0.0.635]
    [C:\WINDOWS\system32\ATL70.DLL]  [Microsoft Corporation, 7.00.9466.0]
    [C:\PROGRA~1\NORTON~1\NORTON~1\DEFALERT.DLL]  [Symantec Corporation, 10.00.109]
    [C:\PROGRA~1\NORTON~1\NORTON~1\NAVAPW32.DLL]  [Symantec Corporation, 10.00.109]
    [C:\PROGRA~1\NORTON~1\NORTON~1\apwutil.dll]  [Symantec Corporation, 10.00.109]
    [C:\PROGRA~1\NORTON~1\NORTON~1\SAVRT32.DLL]  [Symantec Corporation, 9.2.0.79]
    [C:\PROGRA~1\NORTON~1\SYMFWAGT.DLL]  [Symantec Corporation, 7.0.0.806]
    [C:\PROGRA~1\NORTON~1\NISALERT.DLL]  [Symantec Corporation, 7.0.0.806]
    [C:\WINDOWS\system32\SymNeti.DLL]  [Symantec Corporation, 5.2.0.108]
    [C:\PROGRA~1\NORTON~1\ccFWRuls.dll]  [Symantec Corporation, 7.0.0.806]
    [C:\PROGRA~1\NORTON~1\TLevel.dll]  [Symantec Corporation, 7.0.0.806]
    [C:\Program Files\Common Files\Symantec Shared\ccLogin.dll]  [Symantec Corporation, 2.0.2.806]
    [C:\Program Files\Common Files\Symantec Shared\ccPxyEvt.dll]  [Symantec Corporation, 2.0.2.806]
    [C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVOPTRF.DLL]  [Symantec Corporation, 10.00.109]
    [C:\Program Files\Norton Internet Security\NISLCOM.dll]  [Symantec Corporation, 7.0.0.177]
    [C:\Program Files\Common Files\Symantec Shared\AntiSpam\asFilter.dll]  [Symantec Corporation, 2004.1.04.17]
    [C:\Program Files\Norton Internet Security\Norton AntiVirus\apwcmdnt.dll]  [Symantec Corporation, 10.00.109]
    [C:\Program Files\Common Files\Symantec Shared\AntiSpam\asUniPlg.dll]  [Symantec Corporation, 2004.1.04.17]
    [C:\WINDOWS\system32\MAPI32.dll]  [Microsoft Corporation, 1.0.2536.0 (XPClient.010817-1148)]
    [C:\Program Files\Common Files\Symantec Shared\AntiSpam\asSpmEvt.dll]  [Symantec Corporation, 2004.1.04.17]
    [C:\Program Files\Norton Internet Security\Norton AntiVirus\NavEmail.dll]  [Symantec Corporation, 10.0.0.635]
    [C:\Program Files\Norton Internet Security\NisEmail.dll]  [Symantec Corporation, 7.0.0.177]
    [C:\Program Files\Common Files\Symantec Shared\LiveReg\iraLSCl2.dll]  [Symantec Corporation, 2.4.1.2056]
    [C:\Program Files\Common Files\Symantec Shared\LiveReg\IraVcLc3.dll]  [Symantec Corporation, 2.4.1.2056]
    [C:\DOCUME~1\cc\LOCALS~1\Temp\LgSy0.dll]  [N/A, ]
    [C:\DOCUME~1\cc\LOCALS~1\Temp\Gjzo0.dll]  [N/A, ]
    [C:\DOCUME~1\cc\LOCALS~1\Temp\Kavs0.dll]  [N/A, ]
    [C:\WINDOWS\system32\gdipri.dll]  [N/A, ]
    [C:\WINDOWS\system32\npgpri.dll]  [N/A, ]
    [C:\Program Files\Symantec\LiveUpdate\NetDetectController.DLL]  [Symantec Corporation, 1.90.15.0]
    [C:\PROGRA~1\NORTON~1\NORTON~1\NAVOpts.dll]  [Symantec Corporation, 10.00.109]
    [C:\PROGRA~1\NORTON~1\NORTON~1\N32Exclu.dll]  [Symantec Corporation, 10.00.109]
    [C:\PROGRA~1\NORTON~1\NORTON~1\S32NAVO.DLL]  [Symantec Corporation, 5.3.0.182]
    [C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVError.dll]  [Symantec Corporation, 10.00.109]
    [C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVAPSCR.dll]  [Symantec Corporation, 10.00.109]
    [C:\Program Files\Norton Internet Security\PProfile.dll]  [Symantec Corporation, 7.0.0.806]
    [C:\PROGRA~1\NORTON~1\ccFWSetg.dll]  [Symantec Corporation, 7.0.0.806]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\Norton Internet Security\fwUI.dll]  [Symantec Corporation, 7.0.0.806]
    [C:\Program Files\Common Files\Symantec Shared\Script Blocking\scrauth.dll]  [Symantec Corporation, 1, 1, 1, 131]
    [C:\Program Files\Common Files\Symantec Shared\Script Blocking\ScrBlock.dll]  [Symantec Corporation, 1, 1, 1, 131]
    [D:\应用软件\QQ文件夹\DShared.dll]  [Tencent, 1, 6, 0, 0]
[PID: 2312][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\ANTISPAM\asOEHook.dll]  [Symantec Corporation, 2004.1.04.18]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{131AB311-16F1-F13B-1E43-11A24B51AFD1}><C:\WINDOWS\system32\gdipri.dll> []
<{F382C1EB-375C-573D-1F5E-23455234524A}><C:\WINDOWS\system32\npgpri.dll> []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<cmdbcs><; C:\WINDOWS\cmdbcs.exe> []
<IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Windows Publisher]
<mppds><; C:\WINDOWS\mppds.exe> []
服务
[Work Servers / Work Servers][Stopped/Auto Start]
<C:\WINDOWS\system32\Wservers.exe><Microsoft Corporation>

删除上面对应的EXE文件和下面的文件，把IE 和TEMP下的临时文件都清空
[C:\DOCUME~1\cc\LOCALS~1\Temp\LgSy0.dll] [N/A, ]
[C:\DOCUME~1\cc\LOCALS~1\Temp\Gjzo0.dll] [N/A, ]
[C:\DOCUME~1\cc\LOCALS~1\Temp\Kavs0.dll] [N/A, ]
[C:\WINDOWS\system32\gdipri.dll] [N/A, ]
[C:\WINDOWS\system32\npgpri.dll] [N/A, ]

怎么删除?

晕。。。把上面注册表和服务里的项修复了！再进到DOS模式下删除对应的文件就行了 不行的话下个冰刃在安全模式下强删

有没有比较简单的方法??或者专杀的?

貌似还没出！！

利用ani漏洞下载的一些恶意程序
可以使用360安全卫士 查杀后 用瑞星辅助扫描一下启动项
www.360safe.com

好的..我试一下..呵呵

删除服务什么的可以用SRENG实现.删除文件总会吧.