请大侠们帮我解决下吧
我好苦恼 都不知道是病毒还是我的电脑不好了

我最近一次装系统 因为我看到弟弟家的系统是红番茄的 改的好漂亮
所以我也想用XP 原本是2000系统的我 就去借了盘子装了
可是 每次装进去以后
不是声卡用不来 就是网卡用不来
装回2000以后 声卡和网卡可以用了 可是 USB和什么PCI的什么就用不来了
一直装了3天吧  我放弃了
问了别人 别人说我大概硬盘有病毒 重装没用的 要重新格式整个硬盘分区
可我有好多的动画片 我舍不得删的 也没地方去放
只好将就下用2000了

系统出现好多问题最近  妈妈玩边锋的时候 老是会弹出说中了木马
要我重新启动才算完成杀毒（不是瑞星提示，是连接边锋时的对话框提示的）
还有 为什么我的C盘 C:\的路径经常会有不明的文件添加
每次删了 过段时间又有了
文件名是 Installer.exe  drsmartload1.exe    keyboard2.exe  pgbt.exe
还有一些别的以前删了 现在还没出现
而且 经常我上网了 什么都没开 CPU使用是100% 很卡很卡的

现在我的电脑又经常弹出看不懂的外文网站 看不懂说什么的
但好象不是那种很垃圾的网站 图片也蛮好看的
但是经常弹出 影响正常使用了呢


这是我现在的日志
看不懂 Logfile of Kaka v2. 0. 0. 8 Scan Module v2. 0. 0. 1
Scan saved at 22:21:13, on 2006-03-14
Platform: Microsoft Windows 2000 Professional Service Pack 2 (Build 2195)
MSIE: Internet Explorer v6.00 SP1; (6.00.2800.1106)


Running processes:
[rundll32.exe]
CommandLine = rundll32.exe "C:\WINNT\system32\mdxex.dll",DllGetVersion

[explorer.exe]
CommandLine = C:\WINNT\Explorer.EXE

[realsched.exe]
CommandLine = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

[RavTask.exe]
CommandLine = "C:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE" -SYSTEM

[RavMon.exe]
CommandLine = "C:\Program Files\rising\Rav\Ravmon.exe" -SYSTEM

[PFW.exe]
CommandLine = "C:\Program Files\SkyNet\FireWall\PFW.exe"

[rundll32.exe]
CommandLine = "C:\WINNT\system32\rundll32.exe" C:\PROGRA~1\3721\helper.dll,Rundll32

[AssistSe.exe]
CommandLine = "C:\PROGRA~1\3721\assistse.exe"

[internat.exe]
CommandLine = "C:\WINNT\System32\internat.exe"

[Rav.exe]
CommandLine = "C:\Program Files\rising\Rav\Rav.exe"

[conime.exe]
CommandLine = C:\WINNT\System32\conime.exe

[ScanBD.exe]
CommandLine = "C:\Program Files\rising\Rav\ScanBD.exe"

[IEXPLORE.EXE]
CommandLine = "C:\Program Files\Internet Explorer\iexplore.exe"

[IEXPLORE.EXE]
CommandLine = "C:\Program Files\Internet Explorer\iexplore.exe" http://www.ikaka.com/

[IEXPLORE.EXE]
CommandLine = "C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE" http://www.ad-w-a-r-e.com/cgi-bin/PopupV3?ID={34E0BA44-8CE6-3C99-4356-D468F95616A6}&type=normal&mSkip=1&rnd=22189

[IEXPLORE.EXE]
CommandLine = "C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE" http://www.ad-w-a-r-e.com/cgi-bin/PopupV3?ID={34E0BA44-8CE6-3C99-4356-D468F95616A6}&type=normal&mSkip=1&rnd=22189

[IEXPLORE.EXE]
CommandLine = "C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE" http://www.ad-w-a-r-e.com/cgi-bin/PopupV3?ID={34E0BA44-8CE6-3C99-4356-D468F95616A6}&type=normal&mSkip=1&rnd=22189

[KkScan.exe]
CommandLine = "C:\Program Files\rising\KakaToolBar\KkScan.exe"

R3 - URLSearchHook: VeryCD Search Class - {88351CEF-BAC0-4A9B-8380-31A173E2926F} - C:\PROGRA~1\YOK.com\SUPERS~1\YOK_SuperSearch.dll
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: 127.0.0.1  sds-qckads.com
O1 - Hosts: 127.0.0.1  status.qckads.com
O1 - Hosts: 127.0.0.1  www.qoolaid.com
O1 - Hosts: 127.0.0.1  www.qoologic.com
O1 - Hosts: 127.0.0.1  www.CLKPrecision.com
O1 - Hosts: 127.0.0.1  www.urllogic.com
O1 - Hosts: 127.0.0.1  www.clkoptimizer.com
O1 - Hosts: 127.0.0.1  www.isearch.com
O1 - Hosts: 127.0.0.1  isearch.com
O1 - Hosts: 127.0.0.1  www.idownload.com
O1 - Hosts: 127.0.0.1  idownload.com
O1 - Hosts: 127.0.0.1  www.mytotalsearch.com
O1 - Hosts: 127.0.0.1  mytotalsearch.com
O1 - Hosts: 127.0.0.1  www.lop.com
O1 - Hosts: 127.0.0.1  lop.com
O1 - Hosts: 127.0.0.1  www.websearch.com
O1 - Hosts: 127.0.0.1  websearch.com
O1 - Hosts: 127.0.0.1  www.page-not-found.net
O1 - Hosts: 127.0.0.1  page-not-found.net
O1 - Hosts: 127.0.0.1  www.isearchhere.com
O1 - Hosts: 127.0.0.1  isearchhere.com
O1 - Hosts: 127.0.0.1  as.adwave.com
O1 - Hosts: 127.0.0.1  sr.adwave.com
O1 - Hosts: 127.0.0.1  www.adwave.com
O1 - Hosts: 127.0.0.1  adwave.com EVENT:HOST:127.0.0.1
O1 - Hosts: 127.0.0.1  www.pacimedia.com
O1 - Hosts: 127.0.0.1  www.exactsearch.net
O1 - Hosts: 127.0.0.1  www.contextplus.net
O1 - Hosts: 127.0.0.1  www.contextplus.net
O1 - Hosts: 127.0.0.1  www.contextplus.net
O1 - Hosts: 127.0.0.1  www.contextplus.net
O2 - BHO: VeryCD超级搜索 - {75FE2B5A-D3A4-4EFA-AC11-ADC9C9459688} - C:\PROGRA~1\YOK.com\SUPERS~1\YOK_SuperSearch.dll
O3 - Toolbar: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - C:\PROGRA~1\Kingsoft\FastAIT\IEBand.dll
O3 - Toolbar: BitCometBar - {3F1ABCDB-A875-46c1-8345-B72A4567E486} - C:\Program Files\BitComet\BitCometBar\BitCometBar0.3.dll
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: VeryCD超级搜索 - {F869BB38-FFEF-4589-B986-610B7AD0ADA2} - C:\PROGRA~1\YOK.com\SUPERS~1\YOK_SuperSearch.dll
O3 - Toolbar: 上网助手 - {1B0E7716-898E-48cc-9690-4E338E8DE1D3} - C:\Program Files\3721\assist\assist.dll
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINNT\System32\kakatool.dll
O4 - HKCU\..\Run: [Internat.exe] internat.exe
O4 - HKCU\..\Run: [Windows Automatical Updater] dcz.exe
O4 - HKCU\..\Run: [services32] C:\Program Files\Common Files\Windows\mc-110-12-0000129.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [CdnCtr] 8V8
x


O4 - HKLM\..\Run: [MoveSearch] C:\Program Files\HuaCi\huaci\zsearch.exe
O4 - HKLM\..\Run: [Desktop] C:\WINNT\System32\rundll32.exe "C:\Program Files\DeskAdTop\Run.dll" ,Rundll
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [Client Server Runtime Process] C:\WINNT\System32\csrs.exe
O4 - HKLM\..\Run: [Microsoft (R) Windows Binary Runtime Service] C:\WINNT\System32\yaaoexn.exe
O4 - HKLM\..\Run: [IpNetwork] C:\Program Files\Network\ipnetwork.exe
O4 - HKLM\..\Run: [YOKAssiant] Rundll32.exe C:\PROGRA~1\YOK.com\SUPERS~1\YOK_SuperSearch.dll,YOKAssiant
O4 - HKLM\..\Run: [keyboard] C:\\keyboard2.exe
O4 - HKLM\..\Run: [mousepad] C:\\mousepad2.exe
O4 - HKLM\..\Run: [SKYNET Personal FireWall] C:\Program Files\SkyNet\FireWall\PFW.exe
O4 - HKLM\..\Run: [Microsoft Internet Explorer] C:\WINNT\System32\iexplore.exe
O4 - HKLM\..\Run: [syshost.exe] C:\blah32.exe
O4 - HKLM\..\Run: [helper.dll] C:\WINNT\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32
O4 - HKLM\..\Run: [assistse] "C:\PROGRA~1\3721\assistse.exe"
O4 - HKLM\..\RunServices: [MH^Oj_haUT_z] C:\WINNT\System32\wtqqtznolef.exe
O4 - Startup: 腾讯QQ.lnk = E:\没移动的程序\QQ\QQ.exe
O8 - Extra context menu item: 上传到QQ网络硬盘 - E:\没移动的程序\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - E:\没移动的程序\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - E:\没移动的程序\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - E:\没移动的程序\QQ\SendMMS.htm
O9 - Extra Button: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-E800A446447A} - F:\安装程序CD KEY工具\浩方对战平台\GameClient.exe
O9 - Extra Button: @shdoclc.dll,-866 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: @shdoclc.dll,-864 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\System32\shdocvw.dll
O9 - Extra Button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\没移动的程序\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\没移动的程序\QQ\QQ.EXE
O9 - Extra Button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\System32\shdocvw.dll
O9 - Extra Button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} -  (file missing)
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} -  (file missing)
O11 - Options group: [CDNCLIENT]  中文上网
O14 - IERESET.INF: START_PAGE_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
O16 - DPF: DirectAnimation Java Classes - file://C:\WINNT\Java\classes\dajava.cab
O16 - DPF: _{3D812B3C-B008-4A21-ACF0-9E3389ACE6E5} - http://popkart.tiancity.com/homepage/js/PopKartX.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1141931466054
O16 - DPF: {C8BD9ACB-F7EC-48E6-BB2F-DAADC6789E9A} (Kingsoft DUBA OnlineScan) - http://211.152.52.102/duba/antiscan/update/OCX/KAVClean.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{CB6A1213-4AA3-4DD8-87BF-77C52597CFB9}: NameServer = 202.101.172.46 202.101.172.47
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINNT\System32\mshtml.dll
O18 - Protocol: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINNT\system32\urlmon.dll
O18 - Protocol: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINNT\system32\urlmon.dll
O18 - Protocol: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINNT\system32\urlmon.dll
O18 - Protocol: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINNT\system32\urlmon.dll
O18 - Protocol: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINNT\system32\urlmon.dll
O18 - Protocol: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINNT\system32\urlmon.dll
O18 - Protocol: ipp - (no CLSID) - (no file)
O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINNT\System32\itss.dll
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINNT\System32\mshtml.dll
O18 - Protocol: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINNT\system32\urlmon.dll
O18 - Protocol: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINNT\System32\mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINNT\System32\inetcomm.dll
O18 - Protocol: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINNT\system32\urlmon.dll
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINNT\System32\itss.dll
O18 - Protocol: msdaipp - (no CLSID) - (no file)
O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINNT\System32\mshtml.dll
O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINNT\System32\mshtml.dll
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINNT\System32\mshtml.dll
O18 - Protocol: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINNT\System32\msdxm.ocx
O20 - Winlogon Notify: IntlRun
O23 - Service: .Net Boot Service (.Net Boot Service) -  - C:\WINNT\System32\big5_gb2312.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe /com
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - "C:\Program Files\rising\Rav\CCenter.exe"
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - "C:\Program Files\rising\Rav\Ravmond.exe"

请看我的杀毒记录 哎

还有

还有了。。。。

因为我对这方面不懂 希望好心人 高手 能帮我一一解答
即使没办法也请帮我看下 出出主义  谢谢拉 55555

还有 我的瑞星不知道是什么时候开始
监控打不开 雨伞变红了 收起来了
点了开启所有 可还是黄的雨伞 这是怎么回师啊
帮帮我吧

顶顶啊 大家帮帮我闹
也许一点点也能安慰我一下嘛。。。

【回复“淘气布丁”的帖子】
楼主的日志有很大问题
为了方便菜鸟朋友操作
建议楼主用HIJACKTHIS导出全部日志
HIJACKTHIS下载地址：
http://forum.ikaka.com/topic.asp?board=28&artid=6979213
此贴1楼附件就是

我用超级兔子把一些什么流氓软件都删了
可还有个3721的删不掉
弹出的网页没有了
但是妈妈玩边蜂玩不来了
登陆帐号边蜂就没反映了


这是我刚扫描的日志
HijackThis@Qoo的扫描日志  V1.97.7
Scan saved at 18:56:59, on 2006-3-15
Platform: Windows 2000 SP2 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\rising\Rav\CCenter.exe
C:\Program Files\rising\Rav\Ravmond.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\nvsvc32.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\Explorer.EXE
C:\Program Files\rising\Rav\RavStub.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\rising\Rav\RavTask.exe
C:\Program Files\rising\Rav\Ravmon.exe
C:\WINNT\system32\ctfmun.exe
C:\Program Files\SkyNet\FireWall\PFW.exe
C:\WINNT\System32\internat.exe
C:\Program Files\eMule\emule.exe
C:\WINNT\System32\taskmgr.exe
C:\Program Files\rising\Rav\Rav.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\SmartComprez\SmartCompress.Exe
C:\DOCUME~1\BINLOV~1\LOCALS~1\Temp\Mcf19\HijackThis.exe

R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {FEDF637B-F631-4583-A210-33CC828D42DB} - C:\PROGRA~1\SUPERR~1\MagicSet\HAOKAN~1.DLL
O3 - Toolbar: ????? - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - C:\PROGRA~1\Kingsoft\FastAIT\IEBand.dll
O3 - Toolbar: ????? - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: (no name) - {1B0E7716-898E-48cc-9690-4E338E8DE1D3} - (no file)
O3 - Toolbar: ????? - {FEDF637B-F631-4583-A210-33CC828D42DB} - C:\PROGRA~1\SUPERR~1\MagicSet\HAOKAN~1.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [CdnCtr] 8V8
x


O4 - HKLM\..\Run: [RavTask] "C:\Program Files\rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [RunAppBk] C:\WINNT\system32\ctfmun.exe
O4 - HKLM\..\Run: [SKYNET Personal FireWall] C:\Program Files\SkyNet\FireWall\PFW.exe
O4 - HKLM\..\Run: [RavScanBD] "C:\Program Files\rising\Rav\ScanBD.exe" /INST
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Super Rabbit Desktop Set] C:\Program Files\Super Rabbit\MagicSet\DS.EXE /Load
O4 - HKCU\..\Run: [Internat.exe] internat.exe
O4 - HKCU\..\Run: [Super Rabbit IEPro] C:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE /LOAD
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - Startup: NTUSER.DAT
O4 - Startup: ntuser.dat.LOG
O4 - Startup: ntuser.ini
O4 - Global Startup: ntuser.pol
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1141931466054
O16 - DPF: {C8BD9ACB-F7EC-48E6-BB2F-DAADC6789E9A} (Kingsoft DUBA OnlineScan) - http://211.152.52.102/duba/antiscan/update/OCX/KAVClean.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CB6A1213-4AA3-4DD8-87BF-77C52597CFB9}: NameServer = 202.101.172.46 202.101.172.47

还有哪不对啊。。。555
瑞星的雨伞本来已经好了
可是现在又变黄了 是内存监控不能用了 555

日志不全，应该有023的服务项的。重新扫描一次再发上来，如果一个帖发不完就发两次。