我在正常浏览网页时，特别是在论坛上打字，都打好了一大半，就准备发帖了，结果IE的页面突然自己动了，打开了一个新的页面，我辛苦打了半天内容就全玩完了，按后退倒是可以退到以前的网页，可是里面打的内容就不见了。
自动打开的网址不定，但总是在以下几个网址中变换。

www.88888888888888888888888888888888888888888888888888.net/b/20.htm
www.88888888888888888888888888888888888888888888888888.com/b/2.htm
www.88888888888888888888888888888888888888888888888888.com/b/20.htm
www.88888888888888888888888888888888888888888888888888.com/b/go.htm
www.88888888888888888888888888888888888888888888888888.com/o/S-10.htm

然后出现一个简单网页，上面有MP3下载等几个网址链接，还非要设置成首页，一关还关不了，有时能关了这个页面，同时又给弹出一大堆的网页出来。

我在host文件中把这些网址都给指定到127.0.0.1去了，虽然这些网页是进不去了，不过仍然还是不行，网页是打不开了，但是还和以前一样，打了半天字就准备发帖了又给我自动转到上面的地址上去了。

请各位大侠帮帮忙，给我指点下，谢谢~~

[CODE]

2007-05-06,10:39:18

System Repair Engineer 2.4.12.806
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <SoundMan><SOUNDMAN.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <AVP><"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe">  [Kaspersky Lab]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]

==================================
启动文件夹
N/A

==================================
服务
[Kaspersky Anti-Virus 6.0 / AVP][Running/Auto Start]
  <"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r><Kaspersky Lab>
[GEARSecurity / GEARSecurity][Stopped/Auto Start]
  <C:\WINDOWS\System32\GEARSec.exe><N/A>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Norton Ghost / Norton Ghost][Stopped/Auto Start]
  <><N/A>
[NVIDIA Driver Helper Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>

==================================
驱动程序
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AliIde / AliIde][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\aliide.sys><N/A>
[bootdrv / bootdrv][Stopped/Boot Start]
  <\SystemRoot\System32\Drivers\bootdrv.sys><N/A>
[CMB8100 / CMB8100][Running/Auto Start]
  <\??\C:\WINDOWS\system32\Drivers\CertClient.dat><N/A>
[CMBProtector / CMBProtector][Running/Auto Start]
  <\??\C:\WINDOWS\system32\Drivers\CMBProtector.dat><N/A>
[CmdIde / CmdIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[EIO / EIO][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\EIO.sys><ASUSTeK Computer Inc.>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[GMSIPCI / GMSIPCI][Stopped/Manual Start]
  <\??\G:\INSTALL\GMSIPCI.SYS><N/A>
[HWiNFO32 Kernel Driver / HWiNFO32][Running/Auto Start]
  <\??\C:\Program Files\HWiNFO32\HWiNFO32.SYS><REALiX(tm)>
[IdeBusDr / IdeBusDr][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\IdeBusDr.sys><Intel Corporation>
[Intel(R) Ultra ATA Controller / IdeChnDr][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\IdeChnDr.sys><Intel Corporation>
[ids00035 / ids00035][Stopped/Manual Start]
  <\??\C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00035.sys><N/A>
[kl1 / kl1][Running/Boot Start]
  <\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab>
[klif / klif][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>
[MegaIDE / MegaIDE][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\MegaIDE.sys><LSI Logic Corporation.>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\E:\master\OICQ\xygz\TMDlls\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver / RTL8023xp][Running/Manual Start]
  <system32\DRIVERS\Rtlnicxp.sys><Realtek Semiconductor Corporation>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>

==================================
浏览器加载项
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_001.dll, Thunder Networking Technologies,LTD>
[微软]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.microsoft.com/china/index.htm, N/A>
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[Edit Class]
  {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINDOWS\system32\CMBEdit.dll, >
[EditCtrl Class]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, >
[AxSubmitControl Class]
  {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\DOWNLO~1\SUBMIT~1.DLL, >
[PicUploadCtrl Class]
  {BF8C499A-AC6E-4F58-82EA-9E5FCC41C34B} <C:\WINDOWS\Downloaded Program Files\PicUpload.dll, Sohu.com Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[Edit Class]
  {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINDOWS\system32\CMBEdit.dll, >
[iTrusPTA Class]
  {1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\aliedit\pta.dll, >
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\WINDOWS\system32\dllcache\dhtmled.ocx, Microsoft Corporation>
[EditCtrl Class]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, >
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[WangWangObj Class]
  {6E213FC7-DD5A-4115-B7E6-D4C7838C361E} <E:\master\淘宝旺旺\WangWangX4.dll, 阿里软件（中国）有限公司>
[AxInputControl Class]
  {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\DOWNLO~1\INPUTC~1.DLL, >
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_001.dll, Thunder Networking Technologies,LTD>
[AxSubmitControl Class]
  {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\DOWNLO~1\SUBMIT~1.DLL, >
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[PicUploadCtrl Class]
  {BF8C499A-AC6E-4F58-82EA-9E5FCC41C34B} <C:\WINDOWS\Downloaded Program Files\PicUpload.dll, Sohu.com Inc.>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
  {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[PBActiveX40 Control]
  {F2EB8999-766E-4BF6-AAAD-188D398C0D0B} <C:\WINDOWS\system32\PersonalBankMain.ocx, China Merchants Bank>
[上传到QQ网络硬盘]
  <E:\master\OICQ\xygz\AddToNetDisk.htm, N/A>
[使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[导出到 Microsoft Excel(&x)]
  <res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000, N/A>

==================================

正在运行的进程
[PID: 640][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 948][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 988][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1056][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1068][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 668][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scrchpg.dll]  [Kaspersky Lab, 6.0.2.621]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\ShellEx.dll]  [Kaspersky Lab, 6.0.2.621]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_001.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 1]
    [C:\Program Files\Microsoft Office\Office10\msohev.dll]  [Microsoft Corporation, 10.0.2609]
[PID: 1008][C:\WINDOWS\SOUNDMAN.EXE]  [Realtek Semiconductor Corp., 5.1.0.30]
[PID: 1020][C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe]  [Kaspersky Lab, 6.0.2.621]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prremote.dll]  [Kaspersky Lab, 6.0.2.621]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\FSSync.dll]  [Kaspersky Lab, 6.0.5.621]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\AVPGS.PPL]  [Kaspersky Lab, 6.0.2.621]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prloader.dll]  [Kaspersky Lab, 6.0.2.621]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prkernel.ppl]  [Kaspersky Lab, 6.0.2.621]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\pxstub.ppl]  [Kaspersky Lab, 6.0.2.621]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\params.ppl]  [Kaspersky Lab, 6.0.2.621]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\winreg.ppl]  [Kaspersky Lab, 6.0.2.621]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\avpgui.ppl]  [Kaspersky Lab, 6.0.2.621]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\nfio.ppl]  [Kaspersky Lab, 6.0.2.621]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\fsdrvplgn.ppl]  [Kaspersky Lab, 6.0.2.621]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\basegui.ppl]  [Kaspersky Lab, 6.0.2.621]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\thpimpl.ppl]  [Kaspersky Lab, 6.0.2.621]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\qb.ppl]  [Kaspersky Lab, 6.0.2.621]
[PID: 1148][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3768][E:\master\OICQ\xygz\TMDlls\TM.exe]  [N/A, ]
    [E:\master\OICQ\xygz\CoralAssist.dll]  [Coral Team, 5.0.0 build 20060829]
    [E:\master\OICQ\xygz\CoralQQ.dll]  [Coral Team, 5.0 Build 20070309]
    [E:\master\OICQ\xygz\KQL.dll]  [Coral Team, 5.0.0 build 20070301]
    [E:\master\OICQ\xygz\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [E:\master\OICQ\xygz\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [E:\master\OICQ\xygz\TMDlls\MFC42.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [E:\master\OICQ\xygz\IPSearcher.dll]  [, 1.0.0.4]
    [E:\master\OICQ\xygz\TMDlls\BasicCtrlDll.dll]  [Tencent, 0, 3, 3, 9]
    [E:\master\OICQ\xygz\TMDlls\QQHelperDll.dll]  [, 1, 0, 0, 1]
    [E:\master\OICQ\xygz\TMDlls\QQZip.dll]  [tencent, 0, 3, 2, 4]
    [E:\master\OICQ\xygz\TMDlls\QQBaseClassInDll.dll]  [, 1, 0, 0, 1]
    [E:\master\OICQ\xygz\TMDlls\BaseUIClass.dll]  [, 1, 0, 0, 1]
    [E:\master\OICQ\xygz\NoDisturbFilter.cqx]  [Coral Team, 1.0]
    [E:\master\OICQ\xygz\ConfigHotkey.cqx]  [Coral Team, 1.0]
    [E:\master\OICQ\xygz\TMDlls\ImageOle.dll]  [TODO: <Company name>, 1.0.0.1]
    [E:\master\OICQ\xygz\TMDlls\RICHED20.DLL]  [Microsoft Corporation, 5.31.23.1218]
    [E:\master\OICQ\xygz\TMDlls\RICHED32.DLL]  [Microsoft Corporation, 5.00.2134.1]
    [E:\master\OICQ\xygz\TMDlls\QQAPI.dll]  [, 1, 0, 0, 1]
    [E:\master\OICQ\xygz\TMDlls\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
    [E:\master\OICQ\xygz\AutoReconnect.cqx]  [Coral Team, 1.0.0]
    [E:\master\OICQ\xygz\TMDlls\QQRes.dll]  [N/A, ]
    [E:\master\OICQ\xygz\TMDlls\LoginCtrl.dll]  [, 1, 0, 0, 1]
    [E:\master\OICQ\xygz\TMDlls\npkcntc.dll]  [INCA Internet Co., Ltd., 2005, 9, 1, 1]
    [E:\master\OICQ\xygz\TMDlls\npkpdb.dll]  [INCA Internet Co., Ltd., 2003, 10, 1, 1]
    [E:\master\OICQ\xygz\TMDlls\HostingMgr.dll]  [, 1, 0, 0, 1]
    [E:\master\OICQ\xygz\TMDlls\WizardCtrl.dll]  [Tencent, 1, 0, 0, 1]
    [E:\master\OICQ\xygz\TMDlls\QQMainFrame.dll]  [TENCENT, 1, 0, 0, 1]
    [E:\master\OICQ\xygz\TMDlls\NewSkin.dll]  [, 1, 0, 0, 1]
    [E:\master\OICQ\xygz\CoralHotkey.cqx]  [Coral Team, 1.0]
    [E:\master\OICQ\xygz\TMDlls\CQQApplication.dll]  [N/A, ]
    [E:\master\OICQ\xygz\TMDlls\FrameBar.dll]  [, 1, 0, 0, 1]
    [E:\master\OICQ\xygz\TMDlls\UserRelationWeight.dll]  [, 1, 0, 0, 1]
    [E:\master\OICQ\xygz\TMDlls\QQConfigPlugin.dll]  [, 1, 0, 0, 1]
    [E:\master\OICQ\xygz\TMDlls\CameraDll.dll]  [, 1, 0, 0, 1]
    [E:\master\OICQ\xygz\TMDlls\QQGroupMng.dll]  [, 1, 0, 0, 1]
    [E:\master\OICQ\xygz\TMDlls\vbscript.dll]  [Microsoft Corporation, 5.6.0.7426]
    [E:\master\OICQ\xygz\TMDlls\QQAllInOne.dll]  [N/A, ]
    [E:\master\OICQ\xygz\TMDlls\CommercesMng.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [E:\master\OICQ\xygz\TMDlls\MiscCtrl.dll]  [, 1, 0, 0, 1]
    [E:\master\OICQ\xygz\TMDlls\LongConnection.dll]  [tencent, 0, 3, 3, 8]
    [E:\master\OICQ\xygz\TMDlls\QQSpace.dll]  [, 1, 0, 0, 1]
    [E:\master\OICQ\xygz\TMDlls\QQUdpGetFileLib.dll]  [tencent, 0, 2, 2, 3]
    [E:\master\OICQ\xygz\TMDlls\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 0, 3, 0, 43]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\msadp32.acm]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [E:\master\OICQ\xygz\TMDlls\QQMMSender.dll]  [N/A, ]
    [E:\master\OICQ\xygz\TMDlls\GroupConnection.dll]  [Tencent, 0, 3, 3, 5]
[PID: 3812][E:\master\OICQ\xygz\TMDlls\TIMPlatform.exe]  [tencent, 0, 3, 1, 8]
    [E:\master\OICQ\xygz\TMDlls\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
[PID: 3988][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]

[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scrchpg.dll]  [Kaspersky Lab, 6.0.2.621]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_001.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 1]
    [C:\Program Files\Microsoft Office\Office10\msohev.dll]  [Microsoft Corporation, 10.0.2609]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\klscav.dll]  [Kaspersky Lab, 6.0.2.621]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prremote.dll]  [Kaspersky Lab, 6.0.2.621]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prloader.dll]  [Kaspersky Lab, 6.0.2.621]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prkernel.ppl]  [Kaspersky Lab, 6.0.2.621]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\params.ppl]  [Kaspersky Lab, 6.0.2.621]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\pxstub.ppl]  [Kaspersky Lab, 6.0.2.621]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\tempfile.ppl]  [Kaspersky Lab, 6.0.2.621]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\nfio.ppl]  [Kaspersky Lab, 6.0.2.621]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\fsdrvplgn.ppl]  [Kaspersky Lab, 6.0.2.621]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\basegui.ppl]  [Kaspersky Lab, 6.0.2.621]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\thpimpl.ppl]  [Kaspersky Lab, 6.0.2.621]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\FSSync.dll]  [Kaspersky Lab, 6.0.5.621]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\winreg.ppl]  [Kaspersky Lab, 6.0.2.621]
    [C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx]  [Macromedia, Inc., 8,0,24,0]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [C:\WINDOWS\system32\ffdshow.ax]  [, 1.0.2.2003]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\DCDSPFilter.ax]  [http://www.dsp-worx.de/, 1, 0, 3, 0]
    [C:\Program Files\Ringz Studio\Storm Codec\Codecs\VSFilter.dll]  [Gabest, 1, 0, 1, 3]
    [C:\WINDOWS\system32\l3codeca.acm]  [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]
    [C:\WINDOWS\system32\CHENHU4.IME]  [chenhu, 5.2]
    [C:\WINDOWS\system32\xpsp3res.dll]  [Microsoft Corporation, 5.1.2600.3100 (xpsp_sp2_gdr.070309-0025)]
[PID: 1004][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scrchpg.dll]  [Kaspersky Lab, 6.0.2.621]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_001.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 1]
    [C:\Program Files\Microsoft Office\Office10\msohev.dll]  [Microsoft Corporation, 10.0.2609]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\klscav.dll]  [Kaspersky Lab, 6.0.2.621]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prremote.dll]  [Kaspersky Lab, 6.0.2.621]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prloader.dll]  [Kaspersky Lab, 6.0.2.621]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prkernel.ppl]  [Kaspersky Lab, 6.0.2.621]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\params.ppl]  [Kaspersky Lab, 6.0.2.621]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\pxstub.ppl]  [Kaspersky Lab, 6.0.2.621]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\tempfile.ppl]  [Kaspersky Lab, 6.0.2.621]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\nfio.ppl]  [Kaspersky Lab, 6.0.2.621]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\fsdrvplgn.ppl]  [Kaspersky Lab, 6.0.2.621]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\basegui.ppl]  [Kaspersky Lab, 6.0.2.621]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\thpimpl.ppl]  [Kaspersky Lab, 6.0.2.621]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\FSSync.dll]  [Kaspersky Lab, 6.0.5.621]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\winreg.ppl]  [Kaspersky Lab, 6.0.2.621]
    [C:\WINDOWS\system32\CHENHU4.IME]  [chenhu, 5.2]
    [C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx]  [Macromedia, Inc., 8,0,24,0]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3448][C:\WINDOWS\system32\NOTEPAD.EXE]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2760][D:\tools\杀毒软件\sreng2\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]
    [D:\tools\杀毒软件\sreng2\Plugins\NWMON.SRE]  [Smallfrogs Studio, 1, 0, 0, 8]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scrchpg.dll]  [Kaspersky Lab, 6.0.2.621]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost
127.0.0.1 www.joyiex.com
127.0.0.1 mm.227.cn
127.0.0.1 qq92.com
127.0.0.1 www.1432.net
127.0.0.1 qichun.6to23.com
127.0.0.1 www.53best.com
127.0.0.1 www.hao213.net
127.0.0.1 52007.com
127.0.0.1 www.QQ.5qt.net
127.0.0.1 4OO.net
127.0.0.1 dvd.sg51.com
127.0.0.1 www.qq46.com
127.0.0.1 dvd.qq92.com
127.0.0.1 www.16yi.com
127.0.0.1 www.ye77.com
127.0.0.1 www.7sese.com
127.0.0.1 www.1yin.net
127.0.0.1 www.77ttt.com
127.0.0.1 www.7mao.com
127.0.0.1 www.mydj2005.com
127.0.0.1 www.88888888888888888888888888888888888888888888888888.net/b/20.htm
127.0.0.1 www.88888888888888888888888888888888888888888888888888.net
127.0.0.1 www.88888888888888888888888888888888888888888888888888.net/b/20.htm
127.0.0.1 www.88888888888888888888888888888888888888888888888888.com
127.0.0.1 www.88888888888888888888888888888888888888888888888888.com/b/2.htm
127.0.0.1 www.88888888888888888888888888888888888888888888888888.com/b/20.htm
127.0.0.1 www.88888888888888888888888888888888888888888888888888.com/b/go.htm
127.0.0.1 www.88888888888888888888888888888888888888888888888888.com/b/go1.htm
127.0.0.1 www.88888888888888888888888888888888888888888888888888.com/o/S-10.htm

==================================
API HOOK
RVA  错误： LoadLibraryA (危险等级: 一般,  被下面模块所HOOK: Dest Addr: 0xF2A0CAF0)
RVA  错误： LoadLibraryExA (危险等级: 一般,  被下面模块所HOOK: Dest Addr: 0xF2A0CCD0)
RVA  错误： LoadLibraryExW (危险等级: 一般,  被下面模块所HOOK: Dest Addr: 0xF2A0CE30)
RVA  错误： LoadLibraryW (危险等级: 一般,  被下面模块所HOOK: Dest Addr: 0xF2A0CBE0)
RVA  错误： GetProcAddress (危险等级: 高,  被下面模块所HOOK: Dest Addr: 0xF2A0CDE0)

==================================
隐藏进程
N/A

==================================


[/CODE]

重新启动电脑, 按[F8]键(狂按), 选择安全模式(Safe Mode)进入Windows。）
关闭所有浏览窗口以及一些不必要的程序
运行SREng2,使用“启动项目”－－注册表－－选中以下的项删除
<load><> [N/A]
<run><> [N/A]




运行(双击)SRENG2，点“启动项目，服务，点“Win32服务应用程序”
勾选“隐藏微软服务”选中病毒服务
[Norton Ghost / Norton Ghost][Stopped/Auto Start]


，选择“删除服务”
点“设置”选择“否”
运行(双击)SRENG2，点“启动项目，服务，点“驱动程序”
勾选“隐藏微软服务”选中病毒服务
[bootdrv / bootdrv][Stopped/Boot Start]



显示隐藏文件
删除：

SystemRoot\System32\Drivers\bootdrv.sys



删除HOST文件
127.0.0.1 localhost
127.0.0.1 www.joyiex.com
127.0.0.1 mm.227.cn
127.0.0.1 qq92.com
127.0.0.1 www.1432.net
127.0.0.1 qichun.6to23.com
127.0.0.1 www.53best.com
127.0.0.1 www.hao213.net
127.0.0.1 52007.com
127.0.0.1 www.QQ.5qt.net
127.0.0.1 4OO.net
127.0.0.1 dvd.sg51.com
127.0.0.1 www.qq46.com
127.0.0.1 dvd.qq92.com
127.0.0.1 www.16yi.com
127.0.0.1 www.ye77.com
127.0.0.1 www.7sese.com
127.0.0.1 www.1yin.net
127.0.0.1 www.77ttt.com
127.0.0.1 www.7mao.com
127.0.0.1 www.mydj2005.com
127.0.0.1 www.88888888888888888888888888888888888888888888888888.net/b/20.htm
127.0.0.1 www.88888888888888888888888888888888888888888888888888.net
127.0.0.1 www.88888888888888888888888888888888888888888888888888.net/b/20.htm
127.0.0.1 www.88888888888888888888888888888888888888888888888888.com
127.0.0.1 www.88888888888888888888888888888888888888888888888888.com/b/2.htm
127.0.0.1 www.88888888888888888888888888888888888888888888888888.com/b/20.htm
127.0.0.1 www.88888888888888888888888888888888888888888888888888.com/b/go.htm
127.0.0.1 www.88888888888888888888888888888888888888888888888888.com/b/go1.htm
127.0.0.1 www.88888888888888888888888888888888888888888888888888.com/o/S-10.htm


累了~看不下去了~