我的日志
Logfile of HijackThis v1.99.1
Scan saved at 11:49:26, on 2005-11-13
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\rising\rfw\rfwsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Maxthon\Thundermini\ThunderMini.exe
C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
c:\program files\rising\rfw\RfwMain.exe
C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRAM FILES\RISING\RAV\RavStub.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\ctfmon.exe
D:\155847200541134207\HijackThis.exe

O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v4.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\book1\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: URLMonitor Class - {3ED9FFDA-79DB-4B2D-99B7-16EA3C4A3A92} - C:\WINDOWS\system32\hap.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\SPYBOT~1\SDHelper.dll
O2 - BHO: DownloadValue Class - {616D4040-5712-4F0F-BCF1-5C6420A99E14} - C:\WINDOWS\system32\winhtp.dll (file missing)
O2 - BHO: URL Handler - {CAE05C12-C151-11D4-9B88-0000B4C2C1C0} - C:\WINDOWS\System32\regsvr32.exe
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: 汇宝搜索 - {2E7D3330-EB94-4518-B0FE-E05379A5C1DA} - (no file)
O3 - Toolbar: 完美网译通 - {F43BD772-ABDD-43b7-A96A-3E9E61946EC0} - C:\WINDOWS\WORLD2\TOOLBAR\hmtoolbar.dll (file missing)
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [thunder_mini] C:\Program Files\Maxthon\Thundermini\ThunderMini.exe
O4 - HKLM\..\Run: [RavMon] C:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [RavTimer] C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &使用迅雷下载 - C:\Program Files\Sandai Technologies Inc\Thunder\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - C:\Program Files\Sandai Technologies Inc\Thunder\getAllurl.htm
O8 - Extra context menu item: &使用迷你迅雷下载 - C:\Program Files\Maxthon\Thundermini\geturl.htm
O8 - Extra context menu item: 用比特精灵下载(&B) - C:\Program Files\BitSpirit\bsurl.htm
O9 - Extra button: 完美卸载 - {06926B30-424E-4f1c-8EE3-543CD96573DC} - D:\完美缷载\wmxzXP\IEButton.exe (file missing)
O9 - Extra button: kele8 - {84920E5F-3788-49cd-A274-E365578DF174} - http://www.kele8.com/ (file missing)
O9 - Extra 'Tools' menuitem: kele8 - {84920E5F-3788-49cd-A274-E365578DF174} - http://www.kele8.com/ (file missing)
O9 - Extra button: 易趣购物 - {DE60714F-AC17-427e-861A-FD60CBDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp****1 (file missing)
O9 - Extra 'Tools' menuitem: 易趣购物 - {DE60714F-AC17-427e-861A-FD60CBDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp****1 (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) - http://202.96.95.44:1995/talk.cab
O16 - DPF: {99888952-AC62-437C-AFC6-7B5CF05A7F2F} (IEDown Class) - http://download.ourgame.com/IEDown.cab
O16 - DPF: {BA0F088C-72C1-475A-92F8-42391DEF6961} (Blueskyvoice Control) - http://www.bluesky.cn/download/blueskyvoice_27.cab
O16 - DPF: {DDA166FA-B3EA-4A3B-8EE2-4F552CDEEE81} (KATScan Control) - http://scan.kingsoft.com/scan/KatNewVerHtml/KATScan.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{31163EA3-1F60-4335-B895-6116C2433497}: NameServer = 221.6.4.66 221.6.4.67
O17 - HKLM\System\CCS\Services\Tcpip\..\{DB764358-9D26-4B18-B560-D3DE85A4D9F8}: NameServer = 221.6.4.67,202.102.15.162
O23 - Service: Remote Desktop Helper Manager (RDGPSHPMgr) - Unknown owner - C:\WINDOWS\Help.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Corporation Limited - c:\program files\rising\rfw\rfwsrv.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Rising Process Communication Center (RsCCenter) - rising - C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
O23 - Service: SP2Server (SP2serviceServer) - Unknown owner - C:\WINDOWS\wmp10.exe

如何查杀谢谢了在线等

修复
O23 - Service: SP2Server (SP2serviceServer) - Unknown owner - C:\WINDOWS\wmp10.exe

然后删除C:\WINDOWS\wmp10.exe

今日更新内容：
  增加136种  木马、病毒查杀。

离线升级包下载地址：

下载地址一： http://www.sf120.net/soft/gx.rar
下载地址二：http://www.mmsk.cn/soft/gx.rar


版本下载地址：

安装版：http://www.sf120.net/soft/setup.exe
            http://www.mmsk.cn/soft/setup.exe


绿色版：http://www.sf120.net/soft/setup.rar

怎么修复？我删不掉　我找不到\WINDOWS\wmp10.exe文件

有没有专杀工具，我不太懂电脑呀

用瑞星杀出来几千个病毒，重新开机后有了，在安全模式下也不行

引用:

【成成515的贴子】怎么修复？我删不掉　我找不到\WINDOWS\wmp10.exe文件 ...........................

不要沉一去，我顶

高手高手高高手，快来救我！！！！！！！！！！！！！！！！！

无法修复呀，也找不到那个wmp10.exe.注册表应删除哪项？