我的电脑每次上网的时候途中就会跳出什么搜易网和学英语的网站,下了超级兔子,还是删不了,不仅如此,而且更糟的事,每次我用IE修复，超级兔子还好点，用黄山和WIN优化大师就会先黑屏再蓝屏，出现一串英文，如下：
A problem has been detected and windows has been shut down to prevent damage to your computer
A driver has overrun a stack-based buffer .This overrun could potentially allo user to gain control of this machine .If this is the first time you ’ve seen this stop error screen ,restart your computer. If this appears again ,follow these steps
Check to make sure any new hardware is properly installed .If this is a new installation,ask your hardware or software manufcturer for any windows updates you might need.
If problem continue ,diable or remove any newly installed hardware or software. Disable  BIOS memory options such as caching or shadowing .If you need to use safe Mode to remove or disable components restart your computer press F8 to select Advanced startup options and then select safe Mode
Technical information ***STOP:0X000000F7(0X00000000,0X00000000,0X00000000, 0X00000000)
我用瑞星杀过毒，杀掉4个木马，但是杀完了还这样。

黄山和WIN优化大师最好不要使用

试试用雅虎助手修复一下IE~
不过，海生是不是又要说我推荐的软件不够绿色了呀？！
可是，雅虎助手的IE强力修复功能确实还不错啊！

现在发现好像是只要我试图去卸载一搜工具栏就会这样

到安全模式下面去卸载看看

试过了
我的日志
Logfile of HijackThis v1.99.1
Scan saved at 22:37:58, on 2005-12-17
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
F:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
F:\Program Files\Rising\Rav\Ravmond.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
F:\Program Files\Rising\Rav\RavStub.exe
C:\Program Files\adCmds\adCmds.exe
C:\WINDOWS\system32\RUNDLL32.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
F:\Program Files\Rising\Rav\RavTask.exe
F:\Program Files\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wuauclt.exe
F:\2487832005218201957\HijackThis.exe

R3 - Default URLSearchHook is missing
O2 - BHO: std software - {6A512BF7-EC78-4e8d-9841-6C02E8FA9838} - C:\WINDOWS\SYSTEM32\stdup.dll
O2 - BHO: MacroMediapd - {B8CCDD47-38E4-4CD2-B7FA-3B4B690F74BD} - C:\WINDOWS\system32\microapmddt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\zh-cn\msntb.dll (file missing)
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\kakatool.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [adCmds] C:\Program Files\adCmds\adCmds.exe
O4 - HKLM\..\Run: [mscfs] RUNDLL32 C:\WINDOWS\system32\msibm\cfsys.dll,cfs
O4 - HKLM\..\Run: [StormCodec_Helper] "F:\Storm Codec\StormSet.exe" /S /opti
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [Update] C:\Program Files\Common Files\UPDATE\Update.exe
O4 - HKLM\..\Run: [WindowsUpdate] C:\WINDOWS\system32\WindowsUpdate.exe
O4 - HKLM\..\Run: [RavTask] "F:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [DTService] rundll32.exe C:\DOCUME~1\Lenovo\LOCALS~1\Temp\RarSFX1\DTSERV~1.DLL,Load
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O9 - Extra button: 金山词霸 - {C8CE29C5-7589-11D3-B81B-0080C8DC5DC8} - C:\PROGRA~1\Kingsoft\XDict\IEPlugin.dll
O10 - Broken Internet access because of LSP provider 'c:\windows\system32\cdnns.dll' missing
O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1125122852021
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1125122825173
O16 - DPF: {7FC22A16-79E6-4787-9C96-B6359BB1106D} (DigitalTrafic Control) - http://www.jt.sh.cn/trafficmap/jtj.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (Rising Web Scan Object) - http://download.rising.com.cn/register/pcver/autoupgradepad/Ver2005/OL2005.cab
O16 - DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} (pCastPanel Class) - http://pcastdl.dudu.com/files/pCastCtl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{04DBE1D2-E018-4A3A-9A3C-470545012B00}: NameServer = 202.96.209.6 202.96.209.133
O23 - Service: .Net Boot Service - Unknown owner - C:\WINDOWS\system32\big5_gb2312.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Corporation Limited - c:\program files\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - F:\Program Files\Rising\Rav\CCenter.exe
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - F:\Program Files\Rising\Rav\Ravmond.exe

请先到msibm目录里双击uninstall.exe卸载程序

重新启动到安全模式（进入安全模式的方法:重新启动电脑, 开机自动检测完后, 按[F8]键(可以一直按到启动菜单出来为止), 选择安全模式(Safe Mode)进入Windows。）

开始→控制面板→性能和维护→管理工具→服务→查找.Net Boot Service→右击→属性→启动类型→禁止→应用→停止→确定。

请关闭所有IE界面，重新使用HijackThis扫描一次，选中下面建议修复的项目，让HijackThis修复，修复前请允许HijackThis保留备份。（如果楼主知道是安全的可以不必勾选）
R3 - Default URLSearchHook is missing
O2 - BHO: std software - {6A512BF7-EC78-4e8d-9841-6C02E8FA9838} - C:\WINDOWS\SYSTEM32\stdup.dll
O2 - BHO: MacroMediapd - {B8CCDD47-38E4-4CD2-B7FA-3B4B690F74BD} - C:\WINDOWS\system32\microapmddt.dll
O4 - HKLM\..\Run: [mscfs] RUNDLL32 C:\WINDOWS\system32\msibm\cfsys.dll,cfs
O4 - HKLM\..\Run: [Update] C:\Program Files\Common Files\UPDATE\Update.exe
O4 - HKLM\..\Run: [WindowsUpdate] C:\WINDOWS\system32\WindowsUpdate.exe
O4 - HKLM\..\Run: [DTService] rundll32.exe C:\DOCUME~1\Lenovo\LOCALS~1\Temp\RarSFX1\DTSERV~1.DLL,Load
O16 - DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} (pCastPanel Class) - http://pcastdl.dudu.com/files/pCastCtl.cab

然后打开我的电脑→再点工具→打开文件夹选项→查看→把隐藏受保护的系统文件（推荐）和隐藏已知文件类型的扩展名的勾去掉→再显示所有文件→找到以下文件并删除：(如果有的话)
C:\WINDOWS\SYSTEM32\stdup.dll
C:\WINDOWS\system32\microapmddt.dll
C:\DOCUME~1\Lenovo\LOCALS~1\Temp\RarSFX1\DTSERV~1.DLL
C:\WINDOWS\system32\big5_gb2312.exe
删除文件夹C:\Program Files\Common Files\UPDATE
删除文件夹C:\WINDOWS\system32\WindowsUpdate.exe
删除文件夹C:\WINDOWS\system32\msibm