各位大虾帮忙看看怎么杀掉病毒，日志如下


操作系统：  Windows XP  (WinNT 5.01.2600)
浏览器：    Internet Explorer v6.00 (6.00.2600.0000)

当前运行的进程：         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rising\Rav\Ravmond.exe
C:\WINDOWS\System32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\brss01a.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$FPP\Binn\sqlservr.exe
C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\vxgame6.exe
C:\WINPENJR\win32\pphidpad.exe
C:\WINDOWS\System32\Rundll32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\kernels64.exe
C:\WINDOWS\System32\vxgame6.exe
C:\WINDOWS\System32\paytime.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\sachostx.exe
C:\Program Files\Rising\Rav\RavTask.exe
C:\WINDOWS\System32\conime.exe
C:\Program Files\Rising\Rav\Ravmon.exe
C:\WINDOWS\System32\ctfmon.exe
C:\winstall.exe
C:\WINDOWS\System32\vxgame6.exe
C:\WINDOWS\System32\paytime.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\WINDOWS\System32\dwwin.exe
D:\song\文件\2535952005811174944\HijackThis1991zww.exe

R3 - URLSearchHook: (no name) - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - (no file)
F3 - REG:win.ini: run=C:\WINDOWS\System32\vxgame6.exe
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\System32\xunleibho_v8.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: HBO Class - {5321E378-FFAD-4999-8C62-03CA8155F0B3} - C:\WINDOWS\inet20001\3.00.11.dll (file missing)
O2 - BHO: (no name) - {78364D99-A640-4ddf-B91A-67EFF8373045} - C:\WINDOWS\System32\apwiz.dll
O2 - BHO: (no name) - {B75F75B8-93F3-429D-FF34-660B206D897A} - C:\WINDOWS\System32\zolker011.dll (file missing)
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - (no file)
O2 - BHO: Infofo 工具栏 - {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} - C:\Program Files\Infofo Bar\infofobar.dll
O2 - BHO: ZToolbar Activator Class - {FFF5092F-7172-4018-827B-FA5868FB0478} - C:\WINDOWS\System32\ztoolb011.dll
O3 - IE工具栏增项: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - IE工具栏增项: BitCometBar - {3F1ABCDB-A875-46c1-8345-B72A4567E486} - D:\song\工具\BitComet\BitCometBar\BitCometBar0.2.dll
O3 - IE工具栏增项: Infofo 工具栏 - {D74EC18E-3DDD-4174-B1B1-949FE3B8366D} - C:\Program Files\Infofo Bar\infofobar.dll
O3 - IE工具栏增项: ZToolbar - {A6790AA5-C6C7-4BCF-A46D-0FDAC4EA90EB} - C:\WINDOWS\System32\ztoolb011.dll
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [PPHIDPAD] C:\WINPENJR\win32\pphidpad.exe
O4 - 启动项HKLM\\Run: [AxFilter] Rundll32.exe C:\WINDOWS\DOWNLO~1\AxFilter.dll,Rundll32
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - 启动项HKLM\\Run: [zcom] \zPlatform.exe MIN
O4 - 启动项HKLM\\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - 启动项HKLM\\Run: [nwiz] nwiz.exe /install
O4 - 启动项HKLM\\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - 启动项HKLM\\Run: [System] C:\WINDOWS\System32\kernels64.exe
O4 - 启动项HKLM\\Run: [xp_system] C:\WINDOWS\System32\vxgame6.exe
O4 - 启动项HKLM\\Run: [WindowsUpdateNT] C:\WINDOWS\System\svwhost.exe /s
O4 - 启动项HKLM\\Run: [WindowsUpdate] C:\WINDOWS\System\svchost.exe /s
O4 - 启动项HKLM\\Run: [Microsoft Office] C:\WINDOWS\System32\mstool.exe
O4 - 启动项HKLM\\Run: [PayTime] C:\WINDOWS\System32\paytime.exe
O4 - 启动项HKLM\\Run: [bxproxy] C:\WINDOWS\bxproxy.exe
O4 - 启动项HKLM\\Run: [HostSrv] C:\WINDOWS\sachostx.exe
O4 - 启动项HKLM\\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe
O4 - HKCU\..\Run: [xp_system] C:\WINDOWS\System32\vxgame6.exe
O4 - HKCU\..\Run: [WindowsUpdateNT] C:\WINDOWS\System\svwhost.exe
O4 - HKCU\..\Run: [PayTime] C:\WINDOWS\System32\paytime.exe
O4 - HKCU\..\Run: [bxproxy] C:\WINDOWS\bxproxy.exe
O4 - Global Startup: 服务管理器.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - IE右键菜单中的新增项目: &使用迅雷下载 - D:\song\工具\迅雷\geturl.htm
O8 - IE右键菜单中的新增项目: &使用迅雷下载全部链接 - D:\song\工具\迅雷\getallurl.htm
O9 - 浏览器额外的按钮: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-E800A446447A} - D:\song\工具\浩方对战平台\GameClient.exe
O9 - 浏览器额外的按钮: (no name) - {2253922F-1B26-4C74-8B57-E3AEE748DBB8} - (no file)
O9 - 浏览器额外的按钮: Infofo 工具栏 - {8507326C-B5C1-4559-BB91-0919E753836F} - C:\Program Files\Infofo Bar\infofobar.dll
O9 - 浏览器额外的“工具”菜单项: Infofo 工具栏 - {8507326C-B5C1-4559-BB91-0919E753836F} - C:\Program Files\Infofo Bar\infofobar.dll
O9 - 浏览器额外的按钮: 卓越 - {8DE0FCD4-5EB5-11D3-AD25-00002100131B} - C:\MYEOFF~1\CIBA\IEPlugin.dll
O9 - 浏览器额外的按钮: 金山词霸 - {C8CE29C5-7589-11D3-B81B-0080C8DC5DC8} - C:\MYEOFF~1\CIBA\IEPlugin.dll
O9 - 浏览器额外的按钮: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - 浏览器额外的“工具”菜单项: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O14 - IERESET.INF: START_PAGE_URL=http://www.legend.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{82E95762-77E8-4B52-B530-B6E04D2344C6}: NameServer = 61.134.1.4
O20 - Winlogon Notify: msctl32.dll - C:\WINDOWS\system32\msctl32.dll
O20 - Winlogon Notify: msupdate - C:\WINDOWS\SYSTEM32\msupdate32.dll
O20 - Winlogon Notify: st3 - C:\WINDOWS\g137234.dll
O23 - NT 服务: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe
O23 - NT 服务: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe

【回复“银河9527”的帖子】
重启电脑到安全模式下用hijackthis修复：
F3 - REG:win.ini: run=C:\WINDOWS\System32\vxgame6.exe
O2 - BHO: HBO Class - {5321E378-FFAD-4999-8C62-03CA8155F0B3} - C:\WINDOWS\inet20001\3.00.11.dll (file missing)
O2 - BHO: (no name) - {78364D99-A640-4ddf-B91A-67EFF8373045} - C:\WINDOWS\System32\apwiz.dll
O2 - BHO: (no name) - {B75F75B8-93F3-429D-FF34-660B206D897A} - C:\WINDOWS\System32\zolker011.dll (file missing)
O4 - 启动项HKLM\\Run: [PPHIDPAD] C:\WINPENJR\win32\pphidpad.exe
O4 - 启动项HKLM\\Run: [System] C:\WINDOWS\System32\kernels64.exe
O4 - 启动项HKLM\\Run: [xp_system] C:\WINDOWS\System32\vxgame6.exe
O4 - 启动项HKLM\\Run: [WindowsUpdateNT] C:\WINDOWS\System\svwhost.exe /s
O4 - 启动项HKLM\\Run: [WindowsUpdate] C:\WINDOWS\System\svchost.exe /s
O4 - 启动项HKLM\\Run: [Microsoft Office] C:\WINDOWS\System32\mstool.exe
O4 - 启动项HKLM\\Run: [PayTime] C:\WINDOWS\System32\paytime.exe
O4 - 启动项HKLM\\Run: [bxproxy] C:\WINDOWS\bxproxy.exe
O4 - 启动项HKLM\\Run: [HostSrv] C:\WINDOWS\sachostx.exe
O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe
O4 - HKCU\..\Run: [xp_system] C:\WINDOWS\System32\vxgame6.exe
O4 - HKCU\..\Run: [WindowsUpdateNT] C:\WINDOWS\System\svwhost.exe
O4 - HKCU\..\Run: [PayTime] C:\WINDOWS\System32\paytime.exe
O4 - HKCU\..\Run: [bxproxy] C:\WINDOWS\bxproxy.exe
O20 - Winlogon Notify: msctl32.dll - C:\WINDOWS\system32\msctl32.dll
O20 - Winlogon Notify: msupdate - C:\WINDOWS\SYSTEM32\msupdate32.dll
O20 - Winlogon Notify: st3 - C:\WINDOWS\g137234.dll

打开注册表，到HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\Windows找一下
msctl32.dll
msupdate32.dll
g137234.dll
找到删除．

另，补丁请打全，要不还会重复感染．