[C:\WINDOWS\system32\DEVCON32.DLL]  [Creative Technology Ltd., 4.06.651]
    [C:\WINDOWS\system32\SFMAN32.DLL]  [Creative Technology Ltd., 4.06.501]
[PID: 448][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 468][C:\WINDOWS\system32\wscntfy.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2168][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\program files\google\googletoolbar3.dll]  [Google Inc., 3, 0, 131, 0]
    [C:\WINDOWS\system32\xunleibho_v14.dll]  [Thunder Networking Technologies,LTD, 4, 6, 0, 62]
    [F:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
    [C:\WINDOWS\system32\FlashObject.dll]  [Macromedia, Inc., 1, 1, 0, 1]
[PID: 2420][F:\Program Files\Rising\Rav\Rav.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 75]
    [F:\Program Files\Rising\Rav\PlugIn\RsPgScan.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 17]
    [F:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [F:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [F:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [F:\Program Files\Rising\Rav\RavUI.Dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 65]
    [F:\Program Files\Rising\Rav\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 26]
    [F:\Program Files\Rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [F:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [F:\Program Files\Rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 32]
    [F:\Program Files\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
    [F:\Program Files\Rising\Rav\RavUIMsg.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 27]
    [F:\Program Files\Rising\Rav\libload.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [F:\Program Files\Rising\Rav\VirusLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
    [F:\Program Files\Rising\Rav\MVEngine.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 15]
    [F:\Program Files\Rising\Rav\PSAPI.DLL]  [Microsoft Corporation, 4.00]
    [F:\Program Files\Rising\Rav\Engine.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 34]
    [F:\Program Files\Rising\Rav\ScanExec.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 15]
    [F:\Program Files\Rising\Rav\Unpacker.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [F:\Program Files\Rising\Rav\UnExe.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [F:\Program Files\Rising\Rav\ScanEx.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 30]
    [F:\Program Files\Rising\Rav\RSUnpack.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [F:\Program Files\Rising\Rav\PostTrt.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 17]
    [F:\Program Files\Rising\Rav\NvFile.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 7]
    [F:\Program Files\Rising\Rav\ScanMac.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [F:\Program Files\Rising\Rav\ScanSct.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
    [F:\Program Files\Rising\Rav\ExtMail.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [F:\Program Files\Rising\Rav\ExtFile.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 21]
    [F:\Program Files\Rising\Rav\ExtOLE.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [F:\Program Files\Rising\Rav\ScanNet.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[PID: 2100][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\program files\google\googletoolbar3.dll]  [Google Inc., 3, 0, 131, 0]
    [C:\WINDOWS\system32\xunleibho_v14.dll]  [Thunder Networking Technologies,LTD, 4, 6, 0, 62]
    [F:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
    [C:\WINDOWS\system32\FlashObject.dll]  [Macromedia, Inc., 1, 1, 0, 1]
    [C:\WINDOWS\system32\Macromed\Flash\Flash8.ocx]  [Macromedia, Inc., 8,0,22,0]
[PID: 2252][C:\Documents and Settings\bmx_bj\桌面\sreng2\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
N/A

到johnnyxp.ys168.com下载恶意文件清除工具.到安全模式下查杀

http://btbaicai.com/read-htm-tid-331.html
现在有专门反 4199 7939 9505 的联盟了..你可以去看下.
我前几天中了.在里面找到的方法

哭哦.....困死了..

..................12小时了........:(

【回复“天邪记忆”的帖子】
请参考http://forum.ikaka.com/topic.asp?board=67&artid=8194465

运行(双击)SRENG2，点“启动项目，服务，点“Win32服务应用程序”
勾选“隐藏微软服务”选中病毒服务
Office Backup Engine
Routing Protect Access
，选择“删除服务”
点“设置”选择“否”

运行SREng2,使用：系统修复－－浏览器加载项－－选中以下的项删除
C:\Documents and Settings\All Users\Application Data\Microsoft\UserData\IEHelper_5025.dll, Microsoft Corporation>

运行SREng2,使用“启动项目”－－注册表－－选中以下的项删除
C:\WINDOWS\smss.exe
C:\DOCUME~1\bmx_bj\LOCALS~1\Temp\uninrest.exe

显示隐藏文件
删除：
C:\WINDOWS\system32\spted.dll
C:\WINDOWS\SYSTEM32\WBEM\IRJIT.DLL
C:\Documents and Settings\All Users\Application Data\Microsoft\UserData\IEHelper_5025.dll
C:\WINDOWS\smss.exe
C:\DOCUME~1\bmx_bj\LOCALS~1\Temp\uninrest.exe