我进网页的时候中的，升级瑞星杀又没有病毒,
但现在只要一连接网络就会出现发现这个病毒的提示
请教高手这个东西要怎么杀啊？？

载Sreng，打开Sreng.exe---智能扫描---勾选 检查进程模块的数字签名---点 扫描，扫描完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告日志文件内容复制-粘贴上来,日志一次粘不完，分次粘完，请不要修改。

要是SRENG不能运行，直接重命名为123.bat运行

下载sreng下载地址
http://www.kztechs.com/sreng/download.html

2007-03-24,14:21:51

System Repair Engineer 2.4.12.806
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件


启动项目


注册表

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
(ctfmon.exe)(C:\WINDOWS\system32\ctfmon.exe) [(Verified)Microsoft Windows Publisher]
(bgswitch)(C:\WINDOWS\system32\bgswitch.exe) []
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
(load)() [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
(IMJPMIG8.1)("C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32) [N/A]
(PHIME2002ASync)(C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC) [(Verified)Microsoft Windows Publisher]
(PHIME2002A)(C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName) [(Verified)Microsoft Windows Publisher]
(SoundMan)(SOUNDMAN.EXE) [(Verified)Microsoft Windows Hardware Compatibility Publisher]
(HPDJ Taskbar Utility)(C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe) [(Verified)Microsoft Windows Publisher]
(Cmaudio)(RunDll32 cmicnfg.cpl,CMICtrlWnd) [N/A]
(RfwMain)("D:\Rising\Rfw\rfwmain.exe" -Startup) [Beijing Rising Technology Co., Ltd.]
(RavTask)("D:\Rising\Rav\RavTask.exe" -system) [Beijing Rising Technology Co., Ltd.]
(TkBellExe)("C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot) [RealNetworks, Inc.]
(IMSCMig)(C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload) [(Verified)Microsoft Corporation]
(NeroFilterCheck)(C:\WINDOWS\system32\NeroCheck.exe) [Ahead Software Gmbh]
(runeip)(C:\Program Files\Rising\AntiSpyware\runiep.exe) [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
(shell)(Explorer.exe) [(Verified)Microsoft Windows Publisher]
(Userinit)(C:\WINDOWS\system32\userinit.exe,) [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
(AppInit_DLLs)() [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
(UIHost)(logonui.exe) [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
({32CD708B-60A7-4C00-9377-D73EAA495F0F})(C:\WINDOWS\system32\RavExt.dll) [Beijing Rising Technology Co., Ltd.]




--------------------------------------------------------------------------------



启动文件夹

N/A

服务

[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
("C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe")(Adobe Systems)
[Human Interface Device Access / HidServ][Stopped/Disabled]
(C:\WINDOWS\System32\svchost.exe -k netsvcs--)%SystemRoot%\System32\hidserv.dll)(N/A)
[Rising Proxy Service / RfwProxySrv][Stopped/Manual Start]
(d:\rising\rfw\rfwproxy.exe)(Beijing Rising Technology Co., Ltd.)
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
(d:\rising\rfw\rfwsrv.exe)(Beijing Rising Technology Co., Ltd.)
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
("D:\Rising\Rav\CCenter.exe")(Beijing Rising Technology Co., Ltd.)
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
("D:\Rising\Rav\Ravmond.exe")(Beijing Rising Technology Co., Ltd.)
[Windows User Mode Driver Framework / UMWdf][Stopped/Auto Start]
(C:\WINDOWS\system32\wdfmgr.exe)(N/A)

驱动程序

[2310_00 / 2310_00][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\2310_00.sys)(HighPoint Technologies, Inc.)
[3WAREDRV / 3WAREDRV][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\3WAREDRV.SYS)(N/A)
[3WAREGSM / 3WAREGSM][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\3waregsm.sys)(N/A)
[3WDRV100 / 3WDRV100][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\3WDRV100.SYS)(N/A)
[A320RAID / A320RAID][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\a320raid.sys)(Adaptec, Inc.)
[AAC / AAC][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\aac.sys)(Adaptec, Inc.)
[AACSAS / AACSAS][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\aacsas.sys)(Adaptec, Inc.)
[AAR81XX / AAR81XX][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\aar81xx.sys)(Adaptec, Inc.)
[AARSI3X / AARSI3X][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\aarsi3x.sys)(Adaptec, Inc.)
[ADP94XX / ADP94XX][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\adp94xx.sys)(Adaptec, Inc.)
[adpu160m / adpu160m][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\adpu160m.sys)(Microsoft Corporation)
[ADPU320 / ADPU320][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\adpu320.sys)(Adaptec, Inc.)
[AEC6210 / AEC6210][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\aec6210.sys)(ACARD Technology Corp.)
[AEC6260 / AEC6260][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\aec6260.sys)(ACARD Technology Corp.)
[AEC6280 / AEC6280][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\aec6280.sys)(ACARD Technology Corp.)
[AEC67160 / AEC67160][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\aec67160.sys)(ACARD Technology Corp.)
[AEC67162 / AEC67162][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\aec67162.sys)(ACARD Technology Corp.)
[AEC671X / AEC671X][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\AEC671X.sys)(ACARD Technology Corp.)
[AEC6880 / AEC6880][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\AEC6880.sys)(ACARD Technology Corp.)
[AEC6897 / AEC6897][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\aec6897.sys)(ACARD Technology Corp.)
[AEC68X5 / AEC68X5][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\aec68x5.sys)(ACARD Technology Corp.)
[aic78u2 / aic78u2][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\aic78u2.sys)(Microsoft Corporation)
[aic78xx / aic78xx][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\aic78xx.sys)(Microsoft Corporation)
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Stopped/Manual Start]
(system32\drivers\ALCXWDM.SYS)(Realtek Semiconductor Corp.)
[ARCM_X86 / ARCM_X86][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\arcm_x86.sys)(ARECA Technology Corporation)
[asc / asc][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\asc.sys)(Advanced System Products, Inc.)
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
(System32\DRIVERS\BaseTDI.SYS)(Beijing Rising Technology Co., Ltd.)
[BCHTSW32 / BCHTSW32][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\bchtsw32.sys)(Broadcom Corporation)
[buslogic / buslogic][Stopped/Boot Start]
(\SystemRoot\System32\bird\buslogic.sys)(Microsoft Corporation)
[CDA1000 / CDA1000][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\cda1000.sys)(Adaptec, Inc.)
[CmdIde / CmdIde][Running/Boot Start]
(\SystemRoot\System32\BIRD\cmdide.sys)(CMD Technology, Inc.)
[C-Media WDM Audio Interface / cmuda][Running/Manual Start]
(system32\drivers\cmuda.sys)(C-Media Inc)
[CPQARRY2 / CPQARRY2][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\cpqarry2.sys)(Compaq Computer Corporation)
[CPQCISSM / CPQCISSM][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\cpqcissm.sys)(Hewlett-Packard Company)
[CSB6IDE / CSB6IDE][Running/Boot Start]
(\SystemRoot\System32\BIRD\csb6ide.sys)(ServerWorks Corporation)
[dac2w2k / dac2w2k][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\dac2w2k.sys)(Mylex Corporation)
[DMX3191 / DMX3191][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\DMX3191.sys)(Microsoft Corporation)
[DMX3194 / DMX3194][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\dmx3194.sys)(Microsoft Corporation)
[dpti2o / dpti2o][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\dpti2o.sys)(Microsoft Corporation)
[DPTSCSI / DPTSCSI][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\dptscsi.sys)(Distributed Processing Technology Corp.)
[ExpScaner / ExpScaner][Running/Auto Start]
(\??\D:\Rising\Rav\ExpScan.sys)()
[FASTSX / FASTSX][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\fastsx.sys)(Promise Technology, Inc.)
[FASTTRAK / FASTTRAK][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\fasttrak.sys)(Promise Technology, Inc.)
[FASTTX2K / FASTTX2K][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\fasttx2k.sys)(Promise Technology, Inc.)
[fd16_700 / fd16_700][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\fd16_700.sys)(Microsoft Corporation)
[fireport / fireport][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\fireport.sys)(Microsoft Corporation)
[flashpnt / flashpnt][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\flashpnt.sys)(Mylex,Corp.)
[FT8300 / FT8300][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\ft8300.sys)(Promise Technology, Inc.)
[FTSATA2 / FTSATA2][Stopped/Boot Start]
(\SystemRoot\System32\DRIVERS\ftsata2.sys)(N/A)
[GD31244 / GD31244][Stopped/Boot Start]
(\SystemRoot\System32\BIRD\gd31244.sys)(Intel Corporation)
[HOOKAPI / HOOKAPI][Stopped/Manual Start]
(\??\D:\RISING\RAV\HookApi.Sys)(瑞星软件有限公司)

可怜的我中的和楼主的情况完全一样..
打开IE只要一连接网站必中!

贴全日志！

做这病毒的傻笔要是被我抓住非打死他不可.操.....

做这病毒的傻笔要是被我抓住非打死他不可.操.....他把这病毒升级了,开始反瑞星了,我的卡卡助手会被他自动关闭. 这人就他妈是个垃圾,我好好双核被他搞的跟奔三都不如,要是被我抓住,我就把他脱光然后(嘿嘿).......让他生不如死.