几乎所有机器都中一样的病毒，症状为反应迟钝、瑞星不断提示正在发送邮件、不断向外发送广播包、有打印机的打出乱码或者右下脚提示红XX打印错误、打开浏览器首页为c:\secure32.html大概意思是提示您的系统信息已泄漏。导致整个局域网都很慢。而且这些病毒我手工删除了还会中，删除后第二次重启还好好的，过一会儿好像又受到攻击就中了。
操作系统win2000 补丁已更新至200601的最新补丁了
瑞星杀毒网络版病毒库更新至最新版无法检测出病毒更不用说杀毒了。
以下是用hijackthis V1.99检查的结果，请高手帮忙看看
HijackThis_815汉化版扫描日志 V1.99.1
保存于      14:06:09, 日期 2006-1-9
操作系统：  Windows 2000 SP4 (WinNT 5.00.2195)
浏览器：    Internet Explorer v6.00 SP1 (6.00.2800.1106)

当前运行的进程：         
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\FactorySuite\Common\slssvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\Program Files\FactorySuite\Common\wwlogsvc.exe
C:\Program Files\Raxco\PerfectDisk\PDSched.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Rising\Rav\RavTimer.exe
C:\WINNT\system32\bcvsrv32.exe
C:\WINNT\batserv2.exe
C:\WINNT\system32\internat.exe
C:\winstall.exe
C:\WINNT\system32\conime.exe
F:\setup\stock\分析家2005证券行情分析\dzh\internet\hypwise.exe
C:\WINNT\system32\sysc.exe
C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
C:\PROGRAM FILES\RISING\RAV\RavStub.exe
C:\Program Files\Rising\Rav\RAVTRAY.EXE
C:\Program Files\Rising\Rav\RavService.exe
C:\WINNT\system32\r_server.exe
\yh4015\软件\启动检查.exe
C:\Program Files\HijackThis1991汉化版\HijackThis1991zww.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5321E378-FFAD-4999-8C62-03CA8155F0B3} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: IEMoni Class - {F236CC5A-F6E4-4011-9EED-C52FDF51CE3D} - C:\WINNT\system32\Sbhoplin.dll
O3 - IE工具栏增项: @msdxmLC.dll,-1@2052,电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - IE工具栏增项: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - 启动项HKLM\\Run: [Synchronization Manager] mobsync.exe /logon
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - 启动项HKLM\\Run: [RavTimer] C:\Program Files\Rising\Rav\RavTimer.exe
O4 - 启动项HKLM\\Run: [mdac_runonce] C:\WINDOWS\SYSTEM\runonce.exe
O4 - 启动项HKLM\\Run: [RavTray] C:\Program Files\Rising\Rav\RavTray.exe
O4 - 启动项HKLM\\Run: [RavMon] C:\Program Files\Rising\Rav\RavMon.exe -system
O4 - 启动项HKLM\\Run: [Bcserv32] bcvsrv32.exe
O4 - 启动项HKLM\\Run: [SystemLoader] C:\WINNT\sysldr32.exe
O4 - 启动项HKLM\\Run: [BatSrv] C:\WINNT\batserv2.exe
O4 - 启动项HKLM\\RunServices: [SchedulingAgent] mstask.exe
O4 - 启动项HKLM\\RunServices: [Bcserv32] bcvsrv32.exe
O4 - HKCU\..\Run: [Internat.exe] internat.exe
O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe
O8 - IE右键菜单中的新增项目: Google 搜索(&G) - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - IE右键菜单中的新增项目: 反向链接 - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - IE右键菜单中的新增项目: 类似网页 - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - IE右键菜单中的新增项目: 缓存的网页快照 - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - IE右键菜单中的新增项目: 翻译英文字词(&T) - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O9 - 浏览器额外的按钮: JUJU猫 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.jujumao.com (file missing)
O9 - 浏览器额外的按钮: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - 浏览器额外的“工具”菜单项: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O14 - IERESET.INF: START_PAGE_URL=about:blank
O15 - “受信任的站点”中添加项: oa.yuhang.gov.cn
O15 - 添加的受信任的 IP 地址范围: 10.110.1.16
O16 - DPF: {065FA484-3518-4444-A417-1C120F8532D3} (ss.UCss) - http://yhserver/scdd/ss.ocx
O16 - DPF: {10A3FC33-11BC-4AE3-BB29-75286E7E0021} (Hists.Hist_cb) - http://yhserver/scdd/hists_cb.ocx
O16 - DPF: {1D4384B5-4A6A-4C58-A3A8-A93BDCE772D1} (TXpress.TXUCpress) - http://yhserver/scdd/TXPRESS.ocx
O16 - DPF: {1F831FA1-42FC-11D4-95A6-0080AD30DCE1} (InstaFred) - file://C:\Program Files\AutoCAD 2002\InstFred.ocx
O16 - DPF: {2A649F13-C165-41E4-A67A-E68F97EB4174} (ss.UCss) - http://yhserver/scdd/ss.ocx
O16 - DPF: {4247F20C-65DE-4A3F-8020-E5DB4AD5A6E0} (CBtheflow.UCtheflow) - http://yhserver/scdd/CBtheflow.ocx
O16 - DPF: {4F1E26AC-ABC1-4C9E-A16C-0E848AC90BE0} (ss.UCss) - http://yhserver/scdd/ss.ocx
O16 - DPF: {5220AD6F-40DA-4706-BDE4-BF7ACAB0993C} (ss.UCss) - http://yhserver/scdd/ss.ocx
O16 - DPF: {57967EE8-BC6D-4295-9F74-AEF8E5A71A14} (ZSflow.ZSUCflow) - http://yhserver/scdd/ZSflow.ocx
O16 - DPF: {5CE2FBA9-35BE-41AE-875C-4C75B0240C44} (QSflow.QSUCflow) - http://yhserver/scdd/QSflow.ocx
O16 - DPF: {5E11ADB9-69CC-4BB2-B8BF-92A88BD1DA5D} (ZSpumpin.ZSUCpompin) - http://yhserver/scdd/ZSPUMPIN.ocx
O16 - DPF: {6F360A3D-337D-447F-B0B2-ED25C2956F28} (PYtheflow.UCtheflow) - http://yhserver/scdd/PYtheflow.ocx
O16 - DPF: {7122E9E8-7F58-4D3F-8242-373A9DDAF8DA} (Hists.Hist_ss) - http://yhserver/scdd/hists_ss.ocx
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday 控件) - file://C:\Program Files\AutoCAD 2002\AcDcToday.ocx
O16 - DPF: {98D5864E-17B8-445B-9982-6E7FC8528342} (ss.UCss) - http://yhserver/scdd/ss.ocx
O16 - DPF: {AE563722-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://C:\Program Files\AutoCAD 2002\InstBanr.ocx
O16 - DPF: {B1535071-27AE-4F1F-B4B3-0EE27F27F169} (TXflow.TXUCflow) - http://yhserver/scdd/TXFLOW.ocx
O16 - DPF: {CAD71233-30E4-4507-B61E-004A4B3B6BF0} (工程1.UserControl1) - http://yhserver/scdd/sjb.ocx
O16 - DPF: {CFDDFF6D-AF78-4A5D-BDED-E24CAEB2E317} (ZSpumpout.ZSUCpumpout) - http://yhserver/scdd/ZSPUMPOUT.ocx
O16 - DPF: {E624D77C-9F67-4CAF-8AD2-75AB0E30FBB7} (TXpumpout.TXUCpumpout) - http://yhserver/scdd/TXpumpout.ocx
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview 控件) - file://C:\Program Files\AutoCAD 2002\AcPreview.ocx
O16 - DPF: {FB92BF7A-4B0E-4555-B87C-B62EE1393647} (ss.UCss) - http://yhserver/scdd/ss.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{776E2B16-AAE1-40C1-8F8D-41456A11D01B}: NameServer = 10.110.1.20
O23 - NT 服务: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - NT 服务: izjhw - Unknown owner - \\10.10.1.104\Wonderware$\bcvsrv32.exe" -service (file missing)
O23 - NT 服务: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - NT 服务: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDSched.exe
O23 - NT 服务: RavService - Unknown owner - C:\Program Files\Rising\Rav\RavService.exe" /service (file missing)
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
O23 - NT 服务: Remote Administrator Service (r_server) - Unknown owner - C:\WINNT\system32\r_server.exe" /service (file missing)
O23 - NT 服务: Smart Card Helper (SCardDrv) - Unknown owner - C:\WINNT\system32\scardsvr32.exe (file missing)
O23 - NT 服务: Wonderware SuiteLink (slssvc) - Wonderware Corporation - C:\Program Files\FactorySuite\Common\slssvc.exe
O23 - NT 服务: Wonderware Logger (WWLOGSVC) - Wonderware Corporation - C:\Program Files\FactorySuite\Common\wwlogsvc.exe
O23 - NT 服务: Wonderware NetDDE Helper (WWNetDDE) - Unknown owner - C:\Program Files\FactorySuite\Common\wwnetdde.exe
O23 - NT 服务: WwRpcSvr - Wonderware Corporation - C:\WINNT\system32\wwinstsvc.exe

是蠕虫病毒，但是瑞星认不出来啊。手工杀了过一会儿又中，操作系统补丁也都打了，就是好不了，受不了了。

删了 删了 删了没用啊 过个半个小时又中了