我的电脑一重启之后就弹出Trojan.DL.Agent.chm等等好几个病毒...但用瑞星最新版本杀都杀不死...高手们SOS!!!


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <bgswitch><; C:\WINDOWS\system32\bgswitch.exe>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <SiSPower><; Rundll32.exe SiSPower.dll,ModeAgent>  [Silicon Integrated Systems Corporation]
    <TkBellExe><; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <runeip><C:\Program Files\Rising\AntiSpyware\runiep.exe>  [Beijing Rising Technology Co., Ltd.]
    <RavTask><"F:\瑞星压缩备份版本\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <RfwMain><"F:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <QuickTime Task><"F:\QuickTime\qttask.exe" -atboottime>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <RavStub><"F:\瑞星压缩备份版本\Rising\Rav\ravstub.exe" /RUNONCE>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
    <{4ED6E0B5-F47A-4609-A940-11CF60FDC3C3}><C:\WINDOWS\system32\mctet.dll>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptimg]
    <WinlogonNotify: cryptimg><cryptimg.dll>  [Microsoft Corporation]

==================================
启动文件夹
[星空极速]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\星空极速.lnk --> C:\PROGRA~1\ChinaNet\VNETCL~1.EXE []><H>
[Utility Tray]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Utility Tray.lnk --> C:\WINDOWS\system32\sistray.exe [Silicon Integrated Systems Corporation]><N>
[腾讯QQ]
  <C:\Documents and Settings\jay\「开始」菜单\程序\启动\腾讯QQ.lnk --> F:\PROGRA~1\Tencent\QQ\QQ.exe [TENCENT]><N>

==================================
服务
[C-DillaSrv / C-DillaSrv]
  <C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE><C-Dilla Ltd>
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[InstallDriver Table Manager / IDriverT]
  <"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation>
[Rising Proxy  Service / RfwProxySrv]
  <f:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
  <f:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
  <"F:\瑞星压缩备份版本\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon]
  <"F:\瑞星压缩备份版本\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[SoundMAX Agent Service / SoundMAX Agent Service (default)]
  <C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe><Analog Devices, Inc.>

==================================
驱动程序
[aeaudio / aeaudio]
  <system32\drivers\aeaudio.sys><Andrea Electronics Corporation>
[Rising TDI Base Driver / BaseTDI]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[ExpScaner / ExpScaner]
  <\??\F:\瑞星压缩备份版本\Rising\Rav\ExpScan.sys><>
[HookCont / HookCont]
  <\??\F:\瑞星压缩备份版本\Rising\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg]
  <\??\F:\瑞星压缩备份版本\Rising\Rav\HookReg.sys><>
[HookSys / HookSys]
  <\??\F:\瑞星压缩备份版本\Rising\Rav\HookSys.sys><Rising>
[HookUrl / HookUrl]
  <\??\F:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[MEMSCAN / MEMSCAN]
  <\??\F:\瑞星压缩备份版本\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs]
  <\??\f:\program files\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[Netgroup Packet Filter / NPF]
  <system32\drivers\npf.sys><Politecnico di Torino>
[npkcrypt / npkcrypt]
  <\??\F:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[npkycryp / npkycryp]
  <\??\F:\Program Files\Tencent\QQ\npkycryp.sys><N/A>
[oreans32 / oreans32]
  <\??\C:\WINDOWS\system32\drivers\oreans32.sys><N/A>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[ptjpltp / ptjpltp]
  <\SystemRoot\system32\drivers\ptjpltp.sys><N/A>
[RsAntiSpyware / RsAntiSpyware]
  <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising>
[RsFwDrv / RsFwDrv]
  <\??\F:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS]
  <\??\F:\瑞星压缩备份版本\Rising\Rav\RSPPSYS.sys><Rising>
[Secdrv / Secdrv]
  <system32\DRIVERS\secdrv.sys><N/A>
[SiS315 / SiS315]
  <system32\DRIVERS\sisgrp.sys><Silicon Integrated Systems Corporation>
[SiS AGP Filter / sisagp]
  <\SystemRoot\system32\DRIVERS\SISAGPX.sys><Silicon Integrated Systems Corporation>
[SiSkp / SiSkp]
  <system32\DRIVERS\srvkp.sys><Silicon Integrated Systems Corporation>
[SiS PCI Fast Ethernet Adapter Driver / SISNIC]
  <system32\DRIVERS\sisnic.sys><SiS Corporation>
[smwdm / smwdm]
  <system32\drivers\smwdm.sys><Analog Devices, Inc.>

==================================
浏览器加载项
[Thunder Browser Helper]
  {4E83D566-4697-4F7B-B1F0-A513B01DB89A} <F:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_007.dll, Thunder Networking Technologies,LTD>
[VnetCookie Class]
  {4E83D567-4697-4F7B-B1F0-A513B01DB89A} <c:\PROGRA~1\chinanet\VNETTR~1.DLL, >
[]
  {9db71888-2a70-48f1-8b0d-4e03f37a8dbf} <C:\WINDOWS\system32\48f1cfsb.dll, N/A>
[EyeOnIE]
  {C14393E1-95FF-4DFF-9BE0-EA008D4EF930} <C:\WINDOWS\system32\atsldr.dll, >
[56fb]
  {DFCB34B6-902D-426E-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\4066ntos.dll, N/A>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <F:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[番茄花园]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.tomatolei.com, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <F:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <, N/A>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[56fb]
  {DFCB34B6-902D-426E-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\4066ntos.dll, N/A>
[Tencent Safety Online Base Module]
  {C09B522F-8AED-4E21-A65C-DC1AB652BAEE} <C:\WINDOWS\DOWNLO~1\TSOBase.ocx, Tencent Corporation>
[Rising Web Scan Object]
  {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <C:\WINDOWS\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[Thunder Browser Helper]
  {4E83D566-4697-4F7B-B1F0-A513B01DB89A} <F:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_007.dll, Thunder Networking Technologies,LTD>
[VnetCookie Class]
  {4E83D567-4697-4F7B-B1F0-A513B01DB89A} <c:\PROGRA~1\chinanet\VNETTR~1.DLL, >
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[]
  {9DB71888-2A70-48F1-8B0D-4E03F37A8DBF} <C:\WINDOWS\system32\48f1cfsb.dll, N/A>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[EyeOnIE]
  {C14393E1-95FF-4DFF-9BE0-EA008D4EF930} <C:\WINDOWS\system32\atsldr.dll, >
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\macromed\flash\Flash85.ocx, Macromedia, Inc.>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[56fb]
  {DFCB34B6-902D-426E-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\4066ntos.dll, N/A>
[&使用迅雷下载]
  <F:\Program Files\Thunder Network\Thunder\Program\geturl.htm, N/A>
[&使用迅雷下载全部链接]
  <F:\Program Files\Thunder Network\Thunder\Program\getallurl.htm, N/A>
[上传到QQ网络硬盘]
  <F:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[添加到QQ自定义面板]
  <F:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <F:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>

[用QQ彩信发送该图片]
  <F:\Program Files\Tencent\QQ\SendMMS.htm, N/A>

==================================
正在运行的进程
[PID: 444][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 508][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 532][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
[PID: 576][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
[PID: 588][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
[PID: 736][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
[PID: 816][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
[PID: 896][F:\瑞星压缩备份版本\Rising\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 928][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
[PID: 988][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
[PID: 1064][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
[PID: 1084][F:\瑞星压缩备份版本\Rising\Rav\Ravmond.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 43]
    [F:\瑞星压缩备份版本\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [F:\瑞星压缩备份版本\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [F:\瑞星压缩备份版本\Rising\Rav\rfwctrl.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
    [F:\瑞星压缩备份版本\Rising\Rav\RsPPsys.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
    [F:\瑞星压缩备份版本\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [F:\瑞星压缩备份版本\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [F:\瑞星压缩备份版本\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [F:\瑞星压缩备份版本\Rising\Rav\RsLog.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [F:\瑞星压缩备份版本\Rising\Rav\HOOKSYS.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 0]
    [F:\瑞星压缩备份版本\Rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 12]
    [F:\瑞星压缩备份版本\Rising\Rav\libload.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
    [F:\瑞星压缩备份版本\Rising\Rav\VirusLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [F:\瑞星压缩备份版本\Rising\Rav\regmon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [F:\瑞星压缩备份版本\Rising\Rav\HookWeb.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 1]
    [F:\瑞星压缩备份版本\Rising\Rav\MemMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
    [F:\瑞星压缩备份版本\Rising\Rav\expscan.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [F:\瑞星压缩备份版本\Rising\Rav\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
    [F:\瑞星压缩备份版本\Rising\Rav\HookCont.dll]  [Rising, 19, 0, 0, 0]
    [F:\瑞星压缩备份版本\Rising\Rav\SpamEng.dll]  [N/A, 18, 0, 0, 6]
    [F:\瑞星压缩备份版本\Rising\Rav\engine.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 25]
    [F:\瑞星压缩备份版本\Rising\Rav\PostTrt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 8]
    [F:\瑞星压缩备份版本\Rising\Rav\UnExe.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [F:\瑞星压缩备份版本\Rising\Rav\ScanExec.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
    [F:\瑞星压缩备份版本\Rising\Rav\ScanEx.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 40]
    [F:\瑞星压缩备份版本\Rising\Rav\ExtFile.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 25]
    [F:\瑞星压缩备份版本\Rising\Rav\NvFile.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
    [F:\瑞星压缩备份版本\Rising\Rav\ScanMac.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 13]
    [F:\瑞星压缩备份版本\Rising\Rav\ScanSct.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
    [F:\瑞星压缩备份版本\Rising\Rav\Unpacker.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
    [F:\瑞星压缩备份版本\Rising\Rav\ScanPack.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
    [F:\瑞星压缩备份版本\Rising\Rav\RsVM.dll]  [N/A, 19, 0, 0, 15]
    [F:\瑞星压缩备份版本\Rising\Rav\Uroutine.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 21]
    [F:\瑞星压缩备份版本\Rising\Rav\ExtOLE.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
    [F:\瑞星压缩备份版本\Rising\Rav\RsStore.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [F:\瑞星压缩备份版本\Rising\Rav\Uscript.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 18]
[PID: 1256][f:\program files\rising\rfw\rfwsrv.exe]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 33]
    [f:\program files\rising\rfw\RfwRule.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 3]
    [f:\program files\rising\rfw\rfwlog.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 2]
    [f:\program files\rising\rfw\Rfwdrv.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 10]
    [f:\program files\rising\rfw\MonDrv.dll]  [rs, 1, 0, 0, 4]
    [f:\program files\rising\rfw\ProcLib.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 5]
    [f:\program files\rising\rfw\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
[PID: 1300][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [C:\WINDOWS\system32\ptjpltp.dll]  [N/A, N/A]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [F:\瑞星压缩备份版本\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\WINDOWS\system32\mctet.dll]  [, 5, 3, 1, 120]
[PID: 1540][F:\瑞星压缩备份版本\Rising\Rav\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 4]
    [F:\瑞星压缩备份版本\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [F:\瑞星压缩备份版本\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[PID: 1688][f:\program files\rising\rfw\RfwMain.exe]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 70]
    [f:\program files\rising\rfw\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]

[f:\program files\rising\rfw\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [f:\program files\rising\rfw\RfwCtrl.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
    [f:\program files\rising\rfw\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [f:\program files\rising\rfw\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 1752][C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE]  [C-Dilla Ltd, 3.24.010]
[PID: 1804][C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe]  [Analog Devices, Inc., 3, 2, 6, 0]
[PID: 1820][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 304][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
[PID: 1640][C:\Program Files\Rising\AntiSpyware\runiep.exe]  [Beijing Rising Technology Co., Ltd., 1, 0, 1, 6]
    [C:\Program Files\Rising\AntiSpyware\iep_ctrl.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 4]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 1652][F:\瑞星压缩备份版本\Rising\Rav\RavTask.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
    [F:\瑞星压缩备份版本\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [F:\瑞星压缩备份版本\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [F:\瑞星压缩备份版本\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [F:\瑞星压缩备份版本\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 1868][F:\瑞星压缩备份版本\Rising\Rav\Ravmon.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 45]
    [F:\瑞星压缩备份版本\Rising\Rav\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
    [F:\瑞星压缩备份版本\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [F:\瑞星压缩备份版本\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [F:\瑞星压缩备份版本\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [F:\瑞星压缩备份版本\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [F:\瑞星压缩备份版本\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [F:\瑞星压缩备份版本\Rising\Rav\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [F:\瑞星压缩备份版本\Rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 272][C:\WINDOWS\system32\sistray.exe]  [Silicon Integrated Systems Corporation, 0.0.0.3730]
    [C:\WINDOWS\system32\SiSApCom.dll]  [Silicon Integrated Systems Corporation, 0.0.0.3730]
    [C:\WINDOWS\system32\SiSBase.dll]  [Silicon Integrated Systems Corporation, 6.14.10.3730]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
[PID: 2192][C:\Program Files\ChinaNet\VnetClient.exe]  [, 2005, 11, 18, 1]
    [C:\Program Files\ChinaNet\Communicate.dll]  [GDCN, 2005, 3, 3, 1]
    [C:\Program Files\ChinaNet\DialModule.dll]  [GDCN, 2005, 9, 1, 1]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
    [C:\PROGRA~1\ChinaNet\CLIENT~1.DLL]  [, 2004, 2, 28, 1]
    [C:\PROGRA~1\ChinaNet\PLUGIN~1.OCX]  [, 2005, 7, 27, 1]
    [C:\PROGRA~1\ChinaNet\sign.dll]  [0, 2004, 12, 1, 1]
    [C:\PROGRA~1\ChinaNet\SETUPP~1.DLL]  [, 1, 0, 0, 1]
    [C:\Program Files\ChinaNet\SysPlug\8432d5a0-a09d-41bc-87c1-b312d97192f5\VnetOnlineBusinessAutoLogin.dll]  [, 2006, 11, 19, 21]
    [C:\PROGRA~1\ChinaNet\WEBPLU~1.DLL]  [, 2005, 8, 18, 1]
    [C:\Program Files\ChinaNet\SysPlug\93d07ada-d3ac-485a-85eb-12ca3cee8375\Vnetsafe114.DLL]  [, 1, 0, 0, 1]
    [C:\PROGRA~1\ChinaNet\ADVERT~1.OCX]  [, 2005, 10, 13, 1]
    [C:\PROGRA~1\ChinaNet\VnetBs.ocx]  [, 2004, 11, 18, 1]
    [C:\PROGRA~1\ChinaNet\ACCOUN~2.DLL]  [, 2005, 8, 11, 1]
    [C:\PROGRA~1\ChinaNet\AccountMgr.dll]  [, 2005, 8, 16, 1]
    [C:\PROGRA~1\ChinaNet\VnetSkin.ocx]  [GDDC, 2005, 12, 21, 1]
    [C:\PROGRA~1\ChinaNet\DialogStyle.dll]  [, 1, 0, 0, 1]
    [C:\PROGRA~1\ChinaNet\BDSearch.ocx]  [gdcn, 2005, 12, 22, 1]
    [C:\PROGRA~1\ChinaNet\Timer.ocx]  [, 2005, 10, 9, 14]
    [C:\PROGRA~1\ChinaNet\PLUGIN~2.OCX]  [, 2005, 2, 24, 1]
    [C:\PROGRA~1\ChinaNet\NEWMES~1.DLL]  [, 2005, 8, 26, 1]
    [C:\PROGRA~1\ChinaNet\PassCtrl.dll]  [GDCN, 2006, 1, 9, 10]
    [C:\WINDOWS\system32\wpcap.dll]  [Politecnico di Torino, 3, 0, 0, 18]
    [C:\WINDOWS\system32\pthreadVC.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\packet.dll]  [Politecnico di Torino, 3, 0, 0, 18]
    [C:\PROGRA~1\ChinaNet\PlugPush.dll]  [, 2004, 12, 21, 1]
    [C:\PROGRA~1\ChinaNet\ALLINT~1.DLL]  [, 2004, 11, 23, 1]
    [C:\PROGRA~1\ChinaNet\VNETLO~1.OCX]  [, 2005, 4, 19, 1]
    [C:\PROGRA~1\ChinaNet\StatNum.dll]  [, 2004, 11, 18, 1]
    [C:\PROGRA~1\ChinaNet\VNETON~1.OCX]  [, 2005, 3, 2, 1]
    [C:\PROGRA~1\ChinaNet\ALLFUN~1.DLL]  [GDCN, 2005, 12, 20, 1]
    [C:\PROGRA~1\ChinaNet\VnetOptLog.dll]  [, 2005, 9, 13, 9]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
    [F:\瑞星压缩备份版本\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\PROGRA~1\ChinaNet\DlgSkin.ocx]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\macromed\flash\Flash85.ocx]  [Macromedia, Inc., 8,5,0,133]
[PID: 3992][F:\Program Files\Tencent\QQ\QQ.exe]  [TENCENT, 0, 0, 0, 0]
    [F:\Program Files\Tencent\QQ\QQBaseClassInDll.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\QQ\QQHelperDll.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\QQ\BasicCtrlDll.dll]  [Tencent, 6, 0, 200, 320]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]
    [F:\Program Files\Tencent\QQ\QQAPI.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\QQ\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
    [F:\Program Files\Tencent\QQ\LoginCtrl.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\QQ\npkcntc.dll]  [INCA Internet Co., Ltd., 2006, 6, 27, 1]
    [F:\Program Files\Tencent\QQ\npkpdb.dll]  [INCA Internet Co., Ltd., 2003, 10, 1, 1]
    [F:\Program Files\Tencent\QQ\QQRes.dll]  [tencent, 1, 0, 0, 1]
    [F:\Program Files\Tencent\QQ\QQMainFrame.dll]  [N/A, N/A]
    [F:\Program Files\Tencent\QQ\CQQApplication.dll]  [N/A, N/A]
    [F:\Program Files\Tencent\QQ\NewSkin.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\QQ\HostingMgr.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\QQ\CameraDll.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\QQ\MailSummary.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\QQ\QQKnowledgeSearch.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\QQ\QQAllInOne.dll]  [N/A, N/A]
    [F:\Program Files\Tencent\QQ\GroupLive.dll]  [N/A, N/A]
    [F:\Program Files\Tencent\QQ\SCCore.dll]  [TENCENT, 2, 0, 0, 1]
    [F:\Program Files\Tencent\QQ\QQSpace.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
    [F:\Program Files\Tencent\QQ\QQGroupMng.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\QQ\QQSysMsgMng.dll]  [N/A, N/A]
    [F:\Program Files\Tencent\QQ\UserDefinedHead.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\QQ\QQPlugin.dll]  [N/A, N/A]
    [F:\Program Files\Tencent\QQ\QQConfigPlugin.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\QQ\QRingMng.dll]  [N/A, N/A]
    [F:\Program Files\Tencent\QQ\QQAvatar.dll]  [N/A, N/A]
    [F:\Program Files\Tencent\QQ\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [F:\Program Files\Tencent\QQ\LongConnection.dll]  [tencent, 5, 0, 200, 160]
    [F:\Program Files\Tencent\QQ\QQPet.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\QQ\PhoneAPI.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\QQ\DialerAllinOne.dll]  [tencent, 1, 4, 0, 0]

[F:\Program Files\Tencent\QQ\BQQApplication.dll]  [N/A, N/A]
    [F:\Program Files\Tencent\QQ\CommercesMng.dll]  [, 1, 0, 0, 1]
    [F:\Program Files\Tencent\QQ\PersonalDesktop.dll]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
    [F:\Program Files\Tencent\QQ\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 271]
[PID: 4024][F:\Program Files\Tencent\QQ\TIMPlatform.exe]  [tencent, 0, 3, 1, 8]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
    [F:\Program Files\Tencent\QQ\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
[PID: 2136][F:\日志\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 8]
    [C:\WINDOWS\system32\SYNCOR11.DLL]  [SoundMAX, 1.2.3]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
60.191.176.248  www.1aa
127.0.0.1  www.997j.com
127.0.0.1  www.xnidc.cn
127.0.0.1  xnidc.cn
127.0.0.1  www.2858168.com
127.0.0.1  www.idcmu.com
127.0.0.1  idcmu.com
127.0.0.1  2858168.com
127.0.0.1  www.beibeisf.com
127.0.0.1  www.123pkmu.com
127.0.0.1  www.57zt.com
127.0.0.1  www.zh-mu.com
127.0.0.1  www.1988mu.com
127.0.0.1  www.see4f.net
127.0.0.1  www.1aa
127.0.0.1  xz.1aa
127.0.0.1  www.lay0.com
127.0.0.1  www.aaa
127.0.0.1  www.idcke.com
127.0.0.1  idcke.com
127.0.0.1  bbs.17ez.com
127.0.0.1  www.521ee.com
127.0.0.1  server.17ez.com
127.0.0.1  bbs.vzkj.com
127.0.0.1  vzkj.com
127.0.0.1  www.vzkj.com
127.0.0.1  ww218.com
127.0.0.1  idc.ww218.com
127.0.0.1  www.ww218.com
127.0.0.1  bbs.ww218.com
127.0.0.1  www.1717mu.com.cn
127.0.0.1  bbs.dandanweb.com
127.0.0.1  mu.dandanweb.com
127.0.0.1  www.dandanweb.com
127.0.0.1  see.tgmu.com
127.0.0.1  mu.7jtop.com
127.0.0.1  www.2345w.com
127.0.0.1  www.musfw.com
127.0.0.1  www.11vip.com
127.0.0.1  www.350w.com
60.191.176.248  www.753mu.com
127.0.0.1  www.1943mu.com
60.191.176.248  www.852sf.com
60.191.176.248  www.951mu.com
127.0.0.1  www.zh91.com
127.0.0.1  www.1999mu.com
60.191.176.248  www.muxy.net
60.191.176.248  sf.muxy.net
60.191.176.248  muxy.net
127.0.0.1  www.vzidc.com
127.0.0.1  vzidc.com
127.0.0.1  www.xnidc.cn
127.0.0.1  xnidc.cn
127.0.0.1  www.khwl.cn
127.0.0.1  khwl.cn
60.191.176.248  1aa
60.191.176.248  753mu.com
60.191.176.248  852sf.com
60.191.176.248  951mu.com

==================================

HOSTS 文件
60.191.176.248 www.1aa
127.0.0.1 www.997j.com
127.0.0.1 www.xnidc.cn
127.0.0.1 xnidc.cn
127.0.0.1 www.2858168.com
127.0.0.1 www.idcmu.com
127.0.0.1 idcmu.com
127.0.0.1 2858168.com
127.0.0.1 www.beibeisf.com
127.0.0.1 www.123pkmu.com
127.0.0.1 www.57zt.com
127.0.0.1 www.zh-mu.com
127.0.0.1 www.1988mu.com
127.0.0.1 www.see4f.net
127.0.0.1 www.1aa
127.0.0.1 xz.1aa
127.0.0.1 www.lay0.com
127.0.0.1 www.aaa
127.0.0.1 www.idcke.com
127.0.0.1 idcke.com
127.0.0.1 bbs.17ez.com
127.0.0.1 www.521ee.com
127.0.0.1 server.17ez.com
127.0.0.1 bbs.vzkj.com
127.0.0.1 vzkj.com
127.0.0.1 www.vzkj.com
127.0.0.1 ww218.com
127.0.0.1 idc.ww218.com
127.0.0.1 www.ww218.com
127.0.0.1 bbs.ww218.com
127.0.0.1 www.1717mu.com.cn
127.0.0.1 bbs.dandanweb.com
127.0.0.1 mu.dandanweb.com
127.0.0.1 www.dandanweb.com
127.0.0.1 see.tgmu.com
127.0.0.1 mu.7jtop.com
127.0.0.1 www.2345w.com
127.0.0.1 www.musfw.com
127.0.0.1 www.11vip.com
127.0.0.1 www.350w.com
60.191.176.248 www.753mu.com
127.0.0.1 www.1943mu.com
60.191.176.248 www.852sf.com
60.191.176.248 www.951mu.com
127.0.0.1 www.zh91.com
127.0.0.1 www.1999mu.com
60.191.176.248 www.muxy.net
60.191.176.248 sf.muxy.net
60.191.176.248 muxy.net
127.0.0.1 www.vzidc.com
127.0.0.1 vzidc.com
127.0.0.1 www.xnidc.cn
127.0.0.1 xnidc.cn
127.0.0.1 www.khwl.cn
127.0.0.1 khwl.cn
60.191.176.248 1aa
60.191.176.248 753mu.com
60.191.176.248 852sf.com
60.191.176.248 951mu.com
这些是什么?

有没人救我下啊....

有没高手在啊????

运行sreng2启动项目，注册表删除
<{4ED6E0B5-F47A-4609-A940-11CF60FDC3C3}><C:\WINDOWS\system32\mctet.dll> []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptimg]
<WinlogonNotify: cryptimg><cryptimg.dll> [Microsoft Corporation]



启动项目,服务,驱动程序,"隐藏已认证的微软项目"勾上,删除
[Netgroup Packet Filter / NPF]
<system32\drivers\npf.sys><Politecnico di Torino>
[npkcrypt / npkcrypt]
<\??\F:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[npkycryp / npkycryp]
<\??\F:\Program Files\Tencent\QQ\npkycryp.sys><N/A>
[oreans32 / oreans32]
<\??\C:\WINDOWS\system32\drivers\oreans32.sys><N/A>
[ptjpltp / ptjpltp]
<\SystemRoot\system32\drivers\ptjpltp.sys><N/A>

系统修复，浏览器加载项，删除
[]
{9db71888-2a70-48f1-8b0d-4e03f37a8dbf} <C:\WINDOWS\system32\48f1cfsb.dll, N/A>
[EyeOnIE]
{C14393E1-95FF-4DFF-9BE0-EA008D4EF930} <C:\WINDOWS\system32\atsldr.dll, >
[56fb]
{DFCB34B6-902D-426E-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\4066ntos.dll, N/A>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <, N/A>

[56fb]
{DFCB34B6-902D-426E-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\4066ntos.dll, N/A>
{9DB71888-2A70-48F1-8B0D-4E03F37A8DBF} <C:\WINDOWS\system32\48f1cfsb.dll, N/A>
[EyeOnIE]
{C14393E1-95FF-4DFF-9BE0-EA008D4EF930} <C:\WINDOWS\system32\atsldr.dll, >
[56fb]
{DFCB34B6-902D-426E-AE2B-1B294AE19F4F} <C:\WINDOWS\system32\4066ntos.dll, N/A>


系统修复，HOSTS文件，删除127.0.0.1  localhost以外所有项

谢谢

重启后打开我的电脑，工具，文件夹选项，查看，显示所有文件和文件夹，把“隐藏受保护的系统文件”的勾去掉（如果看不到，用WinRar进入该路径）删除

C:\WINDOWS\system32\mctet.dll
C:\WINDOWS\system32\cryptimg.dll
C:\WINDOWS\system32\drivers\npf.sys
F:\Program Files\Tencent\QQ\npkcrypt.sys
F:\Program Files\Tencent\QQ\npkycryp.sys
C:\WINDOWS\system32\drivers\oreans32.sys
C:\WINDOWS\system32\drivers\ptjpltp.sys
C:\WINDOWS\system32\48f1cfsb.dll
C:\WINDOWS\system32\4066ntos.dll
C:\WINDOWS\system32\atsldr.dll