如题
上网时即使没开浏览器也常常会弹出263在线的一些广告窗口
我的卡卡助手可是开着的

谁有高招
教我一下
先谢谢了

请下载 System Repair Engineer，使用“智能扫描”，按下“扫描”按钮进行扫描，扫描完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告日志文件内容复制-粘贴上来
下载网址
http://www.kztechs.com/sreng/sreng2.zip
http://forum.ikaka.com/topic.asp?board=67&artid=5188931
日志一次粘不完，分次粘完，请不要修改。

2006-10-06,23:13:04

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    <EQSpyWatch><d:\EQSpyWatch\EQSpyWatch.exe /background>  [EQSpyWatch]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <RfwMain><"D:\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <RavTask><"d:\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [Microsoft Corporation]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><; C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]

==================================
启动文件夹
[Stardock ObjectDock]
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\Stardock ObjectDock.lnk --> C:\WINDOWS\BRICOP~1\LONGHO~1\OBJECT~1\OBJECT~1.EXE [Stardock]><N>

==================================
服务
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Spectrum24 Events Monitor / IPRIP]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\acss.dll><LINKMEDIA Tech>
[NetMeeting Remote Desktop Agent / Nwsapagent]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\Nwsapagent.dll><LINKMEDIA Tech>
[Rising Proxy  Service / RfwProxySrv]
  <d:\rising\rfw\rfwproxy.exe><N/A>
[Rising Personal Firewall Service / RfwService]
  <D:\Rising\Rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
  <"d:\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"D:\rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>

==================================
驱动程序
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[Rising TDI Base Driver / BaseTDI]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[TV Capture Card WDM Video Capture / Cap7134]
  <system32\DRIVERS\Cap7134.sys><Animation Technologies Inc.>
[ExpScaner / ExpScaner]
  <\??\D:\rising\Rav\ExpScan.sys><>
[HOOKAPI / HOOKAPI]
  <\??\D:\RISING\RAV\HookApi.Sys><瑞星软件有限公司>
[HookCont / HookCont]
  <\??\D:\rising\Rav\HOOKCONT.sys><Rising tech Co. ltd>
[HookReg / HookReg]
  <\??\D:\rising\Rav\HookReg.sys><>
[HookSys / HookSys]
  <\??\D:\rising\Rav\HookSys.sys><Rising>
[HookUrl / HookUrl]
  <\??\d:\rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[i81x / i81x]
  <system32\DRIVERS\i81xnt5.sys><Intel(R) Corporation>
[iAimFP0 / iAimFP0]
  <system32\DRIVERS\wADV01nt.sys><Intel(R) Corporation>
[iAimFP1 / iAimFP1]
  <system32\DRIVERS\wADV02NT.sys><Intel(R) Corporation>
[iAimFP2 / iAimFP2]
  <system32\DRIVERS\wADV05NT.sys><Intel(R) Corporation>
[iAimFP3 / iAimFP3]
  <system32\DRIVERS\wSiINTxx.sys><Intel(R) Corporation>
[iAimFP4 / iAimFP4]
  <system32\DRIVERS\wVchNTxx.sys><Intel(R) Corporation>
[iAimFP5 / iAimFP5]
  <system32\DRIVERS\wADV07nt.sys><Intel(R) Corporation>
[iAimFP6 / iAimFP6]
  <system32\DRIVERS\wADV08nt.sys><Intel(R) Corporation>
[iAimFP7 / iAimFP7]
  <system32\DRIVERS\wADV09nt.sys><Intel(R) Corporation>
[iAimTV0 / iAimTV0]
  <system32\DRIVERS\wATV01nt.sys><Intel(R) Corporation>
[iAimTV1 / iAimTV1]
  <system32\DRIVERS\wATV02NT.sys><Intel(R) Corporation>
[iAimTV3 / iAimTV3]
  <system32\DRIVERS\wATV04nt.sys><Intel(R) Corporation>
[iAimTV4 / iAimTV4]
  <system32\DRIVERS\wCh7xxNT.sys><Intel(R) Corporation>
[iAimTV5 / iAimTV5]
  <system32\DRIVERS\wATV10nt.sys><Intel(R) Corporation>
[iAimTV6 / iAimTV6]
  <system32\DRIVERS\wATV06nt.sys><Intel(R) Corporation>
[kmsinput / kmsinput]
  <\??\C:\WINDOWS\system32\drivers\kmsinput.sys><N/A>
[MEMSCAN / MEMSCAN]
  <\??\D:\rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs]
  <\??\d:\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[Macronix MX987xx Family Fast Ethernet NT Driver / mxnic]
  <system32\DRIVERS\mxnic.sys><Macronix International Co., Ltd.>
[npkcrypt / npkcrypt]
  <\??\D:\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv / nv]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[TV Capture Card WDM TV Tuner / PhTVTune]
  <system32\DRIVERS\PhTVTune.sys><Animation Technologies Inc.>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsFwDrv / RsFwDrv]
  <\??\D:\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv]
  <system32\DRIVERS\secdrv.sys><N/A>
[TCP/IP Protocol Driver / Tcpip]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>

==================================
浏览器加载项
[BHO.clsInetSpeak]
  {0CD5C894-57C5-44BB-9D73-84AE18E2D938} <C:\WINDOWS\system32\msidb.dll, Microsoft Corporation>
[IeCatch5 Class]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <D:\FLASHGET\jccatch.dll, FlashGet>
[SafeMe Internet Explorer Helper]
  {3AE06CEE-58A6-4F5F-AF89-6C5350842F16} <C:\WINDOWS\system32\SafeHelper12.dll, LINKMEDIA Tech>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <D:\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Google Toolbar Helper]
  {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[ALiBaBar_Helper]
  {CE439C63-384A-747A-A357-23D96B5D652B} <D:\ALiBaBar\ALiBaBar.dll, Alfred, C. S. Li>
[bho Class]
  {ED8DFC5C-10EF-45AB-9DC2-0639AFF5A270} <C:\PROGRA~1\COMMON~1\Wnwb\wnwbkey.dll, 深圳世强软件开发部>
[gFlash Class]
  {F156768E-81EF-470C-9057-481BA8380DBA} <D:\FLASHGET\getflash.dll, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <D:\Tencent\QQ\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6}? <D:\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <D:\FLASHGET\fgiebar.dll, Amaze Soft>
[&Google]
  {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[ALiBaBar]
  {0A1375E1-56C2-11D6-8E45-8933A0FB5235} <D:\ALiBaBar\ALiBaBar.dll, Alfred, C. S. Li>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[Office Update Installation Engine]

{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} <C:\WINDOWS\opuc.dll, Microsoft Corporation>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[MUWebControl Class]
  {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, Microsoft Corporation>
[WebActivater Control]
  {C661F36D-DF85-4EF4-83C7-E107B83D04B1} <C:\WINDOWS\system32\3DShowVM.ocx, QQ>
[ALiBaBar]
  {0A1375E1-56C2-11D6-8E45-8933A0FB5235} <D:\ALiBaBar\ALiBaBar.dll, Alfred, C. S. Li>
[BHO.clsInetSpeak]
  {0CD5C894-57C5-44BB-9D73-84AE18E2D938} <C:\WINDOWS\system32\msidb.dll, Microsoft Corporation>
[&Google]
  {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[IeCatch5 Class]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <D:\FLASHGET\jccatch.dll, FlashGet>
[SafeMe Internet Explorer Helper]
  {3AE06CEE-58A6-4F5F-AF89-6C5350842F16} <C:\WINDOWS\system32\SafeHelper12.dll, LINKMEDIA Tech>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <D:\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Active Desktop Mover]
  {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[Google Toolbar Helper]
  {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[ALiBaBar_Helper]
  {CE439C63-384A-747A-A357-23D96B5D652B} <D:\ALiBaBar\ALiBaBar.dll, Alfred, C. S. Li>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[bho Class]
  {ED8DFC5C-10EF-45AB-9DC2-0639AFF5A270} <C:\PROGRA~1\COMMON~1\Wnwb\wnwbkey.dll, 深圳世强软件开发部>
[gFlash Class]
  {F156768E-81EF-470C-9057-481BA8380DBA} <D:\FLASHGET\getflash.dll, N/A>
[Google 搜索(&G)]
  <res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html, N/A>
[上传到QQ网络硬盘]
  <D:\Tencent\QQ\AddToNetDisk.htm, N/A>
[使用KuGoo3下载(&K)]
  <D:\KuGoo3\KuGoo3DownX.htm, N/A>
[使用网际快车下载]
  <D:\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <D:\FlashGet\jc_all.htm, N/A>
[添加到QQ表情]
  <D:\Tencent\QQ\AddEmotion.htm, N/A>
[网页:  [简体] 显示]
  <res://D:\ALiBaBar\ALiBaBar.dll/RT_HTML/PageToSim, N/A>
[网页:  [繁体] 显示]
  <res://D:\ALiBaBar\ALiBaBar.dll/RT_HTML/PageToTrad, N/A>

==================================
正在运行的进程
[PID: 500][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1840][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1904][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1980][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2000][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 340][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 416][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 532][d:\Rising\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 556][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\nwsapagent.dll]  [LINKMEDIA Tech, 1, 5, 0, 4]
    [c:\windows\system32\acss.dll]  [LINKMEDIA Tech, 1, 5, 0, 4]
[PID: 604][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 696][D:\rising\Rav\Ravmond.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 1, 35]
    [D:\rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
    [D:\rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [D:\rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [D:\rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [D:\rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [D:\rising\Rav\RsLog.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [D:\rising\Rav\HOOKSYS.dll]  [Beijing Rising Technology Co., Ltd., 18, 1, 0, 11]
    [d:\Rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 32]
    [d:\Rising\Rav\libload.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [d:\Rising\Rav\VirusLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
    [D:\rising\Rav\regmon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [D:\rising\Rav\HookWeb.dll]  [rising, 18, 0, 0, 2]
    [D:\rising\Rav\MemMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [D:\rising\Rav\expscan.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [D:\rising\Rav\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
    [D:\rising\Rav\MailMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [d:\Rising\Rav\SpamEng.dll]  [N/A, 18, 0, 0, 6]
    [d:\Rising\Rav\engine.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 34]
    [d:\Rising\Rav\PostTrt.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 16]
    [d:\Rising\Rav\UnExe.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [d:\Rising\Rav\ScanExec.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [d:\Rising\Rav\ScanEx.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 27]
    [d:\Rising\Rav\RSUnpack.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 17]
    [d:\Rising\Rav\NvFile.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 7]
    [d:\Rising\Rav\ScanMac.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [d:\Rising\Rav\ScanSct.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
    [d:\Rising\Rav\Unpacker.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [d:\Rising\Rav\ExtOLE.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [d:\Rising\Rav\ExtMail.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[PID: 896][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\BricoPacks\Longhorn Inspirat\ObjectDock\DockShellHook.dll]  [N/A, N/A]
    [d:\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [d:\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [H:\wnwb2004\WNMKEY.DLL]  [N/A, N/A]
    [D:\FLASHGET\jccatch.dll]  [FlashGet, 1, 1, 5, 0]
    [D:\KuGoo3\KuGoo3DownXControl.ocx]  [N/A, N/A]
    [D:\ALiBaBar\ALiBaBar.dll]  [Alfred, C. S. Li, 5.1.0.0]
    [D:\Tencent\QQ\qdshm.dll]  [, 1, 0, 101, 20]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 21]
[PID: 944][D:\Rising\Rfw\rfwsrv.exe]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 22]
    [D:\Rising\Rfw\RfwRule.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 9]
    [D:\Rising\Rfw\rfwlog.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 6]
    [D:\Rising\Rfw\Rfwdrv.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 19]
    [D:\Rising\Rfw\MonDrv.dll]  [rs, 1, 0, 0, 4]
    [D:\Rising\Rfw\ProcLib.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 8]
    [D:\Rising\Rfw\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 2]
[PID: 1096][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\CNMLM76.DLL]  [CANON INC., 1.90.2.20]

[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\CNMPD76.DLL]  [CANON INC., 1.90.2.20]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\vprproc.dll]  [Windows (R) 2000 DDK provider, 5.00.2195.1620]
[PID: 1168][D:\rising\Rav\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 16]
    [D:\rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [D:\rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[PID: 1516][D:\Rising\Rfw\RfwMain.exe]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 33]
    [D:\Rising\Rfw\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 22]
    [D:\Rising\Rfw\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [D:\Rising\Rfw\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\WINDOWS\BricoPacks\Longhorn Inspirat\ObjectDock\DockShellHook.dll]  [N/A, N/A]
    [H:\wnwb2004\WNMKEY.DLL]  [N/A, N/A]
[PID: 1872][C:\WINDOWS\system32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\sdmAgent22.dll]  [LINKMEDIA Tech, 1, 5, 0, 7]
    [C:\WINDOWS\BricoPacks\Longhorn Inspirat\ObjectDock\DockShellHook.dll]  [N/A, N/A]
[PID: 120][D:\Rising\Rav\RavTask.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 22]
    [D:\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [D:\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [D:\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [D:\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
[PID: 364][D:\Rising\Rav\Ravmon.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 1, 33]
    [D:\Rising\Rav\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 26]
    [D:\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
    [D:\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [D:\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
    [D:\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [D:\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [D:\Rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\WINDOWS\BricoPacks\Longhorn Inspirat\ObjectDock\DockShellHook.dll]  [N/A, N/A]
    [H:\wnwb2004\WNMKEY.DLL]  [N/A, N/A]
[PID: 476][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 936][C:\WINDOWS\BricoPacks\Longhorn Inspirat\ObjectDock\ObjectDock.exe]  [Stardock, v1.11.517u]
    [C:\WINDOWS\BricoPacks\Longhorn Inspirat\ObjectDock\CrashRpt.dll]  [, 3.0.2.2]
    [C:\WINDOWS\BricoPacks\Longhorn Inspirat\ObjectDock\zlib.dll]  [N/A, 1.1.3]
    [C:\WINDOWS\BricoPacks\Longhorn Inspirat\ObjectDock\ODImg.dll]  [N/A, N/A]
    [C:\WINDOWS\BricoPacks\Longhorn Inspirat\ObjectDock\DockShellHook.dll]  [N/A, N/A]
    [C:\WINDOWS\BricoPacks\Longhorn Inspirat\ObjectDock\Docklets\Search\SearchDocklet.dll]  [N/A, N/A]
    [H:\wnwb2004\WNMKEY.DLL]  [N/A, N/A]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 21]
[PID: 872][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1788][d:\EQSpyWatch\EQSpyWatch.exe]  [EQSpyWatch, 1.0.0.1]
    [d:\EQSpyWatch\CrashRpt.dll]  [N/A, 3.0.2.2]
    [C:\WINDOWS\BricoPacks\Longhorn Inspirat\ObjectDock\DockShellHook.dll]  [N/A, N/A]
    [H:\wnwb2004\WNMKEY.DLL]  [N/A, N/A]
[PID: 1308][H:\wnwb2004\wnwb.exe]  [五笔爱好者论坛 www.wbfans.com , 2005, 4, 3, 1]
    [C:\WINDOWS\BricoPacks\Longhorn Inspirat\ObjectDock\DockShellHook.dll]  [N/A, N/A]
    [H:\wnwb2004\WNMKEY.DLL]  [N/A, N/A]
[PID: 3452][D:\Tencent\QQ\QQ.exe]  [TENCENT, 0, 0, 0, 0]
    [D:\Tencent\QQ\QQBaseClassInDll.dll]  [, 1, 0, 0, 1]
    [D:\Tencent\QQ\QQHelperDll.dll]  [, 1, 0, 0, 1]
    [D:\Tencent\QQ\BasicCtrlDll.dll]  [Tencent, 5, 0, 200, 370]
    [C:\WINDOWS\BricoPacks\Longhorn Inspirat\ObjectDock\DockShellHook.dll]  [N/A, N/A]
    [D:\Tencent\QQ\QQAPI.dll]  [, 1, 0, 0, 1]
    [D:\Tencent\QQ\LoginCtrl.dll]  [, 1, 0, 0, 1]
    [D:\Tencent\QQ\npkcntc.dll]  [INCA Internet Co., Ltd., 2006, 6, 27, 1]
    [D:\Tencent\QQ\npkpdb.dll]  [INCA Internet Co., Ltd., 2003, 10, 1, 1]
    [H:\wnwb2004\WNMKEY.DLL]  [N/A, N/A]
    [D:\Tencent\QQ\QQRes.dll]  [tencent, 1, 0, 0, 1]
    [D:\Tencent\QQ\QQMainFrame.dll]  [N/A, N/A]
    [D:\Tencent\QQ\CQQApplication.dll]  [N/A, N/A]
    [D:\Tencent\QQ\NewSkin.dll]  [, 1, 0, 0, 1]
    [D:\Tencent\QQ\HostingMgr.dll]  [, 1, 0, 0, 1]
    [D:\Tencent\QQ\CameraDll.dll]  [, 1, 0, 0, 1]
    [D:\Tencent\QQ\MailSummary.dll]  [, 1, 0, 0, 1]
    [D:\Tencent\QQ\QQSpace.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
    [D:\Tencent\QQ\QQGroupMng.dll]  [, 1, 0, 0, 1]
    [D:\Tencent\QQ\GroupLive.dll]  [N/A, N/A]
    [D:\Tencent\QQ\UserDefinedHead.dll]  [, 1, 0, 0, 1]
    [D:\Tencent\QQ\QQPlugin.dll]  [N/A, N/A]
    [D:\Tencent\QQ\QQConfigPlugin.dll]  [, 1, 0, 0, 1]
    [D:\Tencent\QQ\QRingMng.dll]  [N/A, N/A]
    [D:\Tencent\QQ\PhoneAPI.dll]  [, 1, 0, 0, 1]
    [D:\Tencent\QQ\DialerAllinOne.dll]  [tencent, 1, 4, 0, 0]
    [D:\Tencent\QQ\VPortal.dll]  [, 1, 0, 0, 4]
    [D:\Tencent\QQ\QQAvatar.dll]  [N/A, N/A]
    [D:\Tencent\QQ\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [D:\Tencent\QQ\PersonalDesktop.dll]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
    [D:\Tencent\QQ\LongConnection.dll]  [tencent, 5, 0, 200, 160]
    [D:\Tencent\QQ\QQPet.dll]  [, 1, 0, 0, 1]
    [D:\Tencent\QQ\QQSysMsgMng.dll]  [N/A, N/A]
    [D:\Tencent\QQ\BQQApplication.dll]  [N/A, N/A]
    [D:\Tencent\QQ\CommercesMng.dll]  [, 1, 0, 0, 1]
    [D:\Tencent\QQ\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 240]
    [D:\Tencent\QQ\QQSceneMng.dll]  [N/A, N/A]
    [D:\Tencent\QQ\QQPhoneHelper.dll]  [腾讯科技（深圳）有限公司, 2, 0, 1, 10]
[PID: 3280][C:\WINDOWS\system32\taskmgr.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\BricoPacks\Longhorn Inspirat\ObjectDock\DockShellHook.dll]  [N/A, N/A]
    [H:\wnwb2004\WNMKEY.DLL]  [N/A, N/A]
[PID: 3988][D:\wom\WoptiUtilities.exe]  [鲁锦, 7.6.6.922]
    [D:\wom\WomP2P.dll]  [鲁锦, 1.2.6.822]
    [D:\wom\D3DX81ab.dll]  [鲁锦, 1.0.0.0]
    [C:\WINDOWS\BricoPacks\Longhorn Inspirat\ObjectDock\DockShellHook.dll]  [N/A, N/A]
    [H:\wnwb2004\WNMKEY.DLL]  [N/A, N/A]
    [D:\Tencent\QQ\qdshm.dll]  [, 1, 0, 101, 20]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 21]
    [d:\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[PID: 2312][H:\TheWorld\TheWorld.exe]  [Phoenix Studio, 1, 3, 2, 0]
    [C:\WINDOWS\BricoPacks\Longhorn Inspirat\ObjectDock\DockShellHook.dll]  [N/A, N/A]
    [H:\TheWorld\Plugin\SysState\SysState.dll]  [Phoenix Stdio, 1, 0, 0, 4]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
    [H:\wnwb2004\WNMKEY.DLL]  [N/A, N/A]
    [d:\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [D:\FLASHGET\jccatch.dll]  [FlashGet, 1, 1, 5, 0]
[PID: 2580][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX03.256\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [C:\WINDOWS\BricoPacks\Longhorn Inspirat\ObjectDock\DockShellHook.dll]  [N/A, N/A]
    [H:\wnwb2004\WNMKEY.DLL]  [N/A, N/A]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
[H:\]
[AutoRun]
Open=
Icon=G:\软件包\FarkusXP蓝色魅力\FarkusXP026.ico,0

==================================
HOSTS 文件
127.0.0.1      localhost
127.0.0.1 www.qq3344.com
127.0.0.1 www.dj3344.com
127.0.0.1 www.yysky.net
127.0.0.1 www.qq168.net
127.0.0.1 www.777888.com
127.0.0.1 www.5dsoft.com
127.0.0.1 www.wokoo.net
127.0.0.1 www.coolcdrom.com
127.0.0.1 www.mtv51.com
127.0.0.1 www.yibinren.com
127.0.0.1 yeapple.com
127.0.0.1 movie.sx.zj.cn
127.0.0.1 www.cctv8.net
127.0.0.1 www.kuliao.com
127.0.0.1 www.yyqy.com
127.0.0.1 www.sunvod.com
127.0.0.1 www.t168.com
127.0.0.1 www.boliwo.com
127.0.0.1 www.zhengdian.com
127.0.0.1 girlchinese.com
127.0.0.1 www.37021.com
127.0.0.1 www.cnqb.net
127.0.0.1 www.58589.com
127.0.0.1 www.pixpox.com
127.0.0.1 www.k163.com
127.0.0.1 www.pk.com
127.0.0.1 www.xxx.com
127.0.0.1 www.ehomeday.com
127.0.0.1 www.jinpin.net
127.0.0.1 www.es158.com
127.0.0.1 www.aisa-girl.net
127.0.0.1 www.boliwu.com
127.0.0.1 www.cctv1.net
127.0.0.1 www.play.cn.gs
127.0.0.1 www.nnptt.com
127.0.0.1 vod.hengshui.com
127.0.0.1 tv.megajoy.com
127.0.0.1 www.my288.com
127.0.0.1 www.youmiss.com
127.0.0.1 www.laws-online.net
127.0.0.1 www.435000.com
127.0.0.1 www.eastedu.com.cn
127.0.0.1 www.ezhgc.com
127.0.0.1 www.mmgirls.com
127.0.0.1 www.qq520.com
127.0.0.1 www.love520.net
127.0.0.1 www.hj168.net
127.0.0.1 www.9911.com
127.0.0.1 36920.com
127.0.0.1 http://act.263.com/ggzl/pwzl/index.html

==================================

问，H盘是你的U盘？
关闭所有浏览窗口以及一些不必要的程序
打开System Repair Engineer（也就是你的扫描日志软件SREng.exe），使用“系统修复，浏览器加载项”来删除以下选项。
C:\WINDOWS\system32\msidb.dll
C:\WINDOWS\system32\SafeHelper12.dll
C:\WINDOWS\opuc.dll
c:\windows\system32\acss.dll
打开System Repair Engineer（也就是你的扫描日志软件SREng.exe），点“启动项目，服务，点“Win32服务应用程序”勾选“隐藏微软服务”选中病毒服务NetMeeting Remote Desktop Agent,Spectrum24 Events Monitor，选择“删除服务”点“设置”选择“否”最后重启。（每一个逗号隔开的就是一个病毒的服务，请逐一删除）
重启后删除
C:\WINDOWS\system32\Nwsapagent.dll
C:\WINDOWS\system32\msidb.dll
C:\WINDOWS\system32\SafeHelper12.dll
C:\WINDOWS\opuc.dll
c:\windows\system32\acss.dll

如果还有异常，烦再扫个日志粘上来。