这个是我寝室同学的
他的症状跟我差不多
但是他的好象跟厉害
连网页都打不开了
以下是他的扫描结果:
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <svhoost><C:\WINDOWS\system32\checksys.exe>  []
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
    <run><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <ATIPTA><C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe>  [ATI Technologies, Inc.]
    <ShStatEXE><"E:\杀毒软件\SHSTAT.EXE" /STANDALONE>  [Network Associates, Inc.]
    <McAfeeUpdaterUI><"E:\Common Framework\UpdaterUI.exe" /StartedFromRunKey>  [Network Associates, Inc.]
    <Network Associates Error Reporting Service><"C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe">  [Network Associates, Inc.]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <svhoost><C:\WINDOWS\system32\checksys.exe>  []
    <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [Microsoft Corporation]
    <PHIME2002A><; >  []
    <PHIME2002ASync><; >  []
    <StormCodec_Helper><; "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    <WinlogonNotify: AtiExtEvent><Ati2evxx.dll>  [ATI Technologies Inc.]

==================================
启动文件夹
[壁纸自动换]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\壁纸自动换.lnk><N>
[office文件检索]
  <C:\Documents and Settings\new\「开始」菜单\程序\启动\office文件检索.exe><N>

==================================
服务
[Ati HotKey Poller / Ati HotKey Poller]
  <C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[ATI Smart / ATI Smart]
  <C:\WINDOWS\system32\ati2sgag.exe><>
[ClipBook / ClipSrv]
  <><N/A>
[McAfee Framework 服务 / McAfeeFramework]
  <E:\Common Framework\FrameworkService.exe /ServiceStart><Network Associates, Inc.>
[Network Associates McShield / McShield]
  <"E:\杀毒软件\Mcshield.exe"><Network Associates, Inc.>
[Network Associates Task Manager / McTaskManager]
  <"E:\杀毒软件\VsTskMgr.exe"><Network Associates, Inc.>
[SoundMAX Agent Service / SoundMAX Agent Service (default)]
  <C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe><Analog Devices, Inc.>

==================================
浏览器加载项
[]
  {295CD217-AD34-4B66-91BA-48D5EFD9CA20} <C:\WINDOWS\system32\NBBHO.dll, N/A>
[NTIECatcher Class]
  {C56CB6B0-0D96-11D6-8C65-B2868B609932} <C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll, Xi>
[微软]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.microsoft.com/china/index.htm, N/A>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\LegitCheckControl.DLL, Microsoft? Corporation>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[]
  {295CD217-AD34-4B66-91BA-48D5EFD9CA20} <C:\WINDOWS\system32\NBBHO.dll, N/A>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[isObject Class]
  {BE0B5843-553A-48C2-9A42-258A1D791AFC} <C:\PROGRA~1\pcast\hbcast.dll, N/A>
[NTIECatcher Class]
  {C56CB6B0-0D96-11D6-8C65-B2868B609932} <C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll, Xi>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\macromed\flash\Flash85.ocx, Macromedia, Inc.>
[上传到QQ网络硬盘]
  <C:\Program Files\QQ2005\AddToNetDisk.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ表情]
  <C:\Program Files\QQ2005\AddEmotion.htm, N/A>

==================================
正在运行的进程
[PID: 428][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 476][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 500][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
    [C:\WINDOWS\system32\Ati2evxx.dll]  <ATI Technologies Inc.><6.14.10.4109>
[PID: 544][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
    [C:\WINDOWS\system32\EntApi.dll]  <Network Associates, Inc><8.0.0.277>
[PID: 556][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
    [C:\WINDOWS\system32\EntApi.dll]  <Network Associates, Inc><8.0.0.277>
[PID: 704][C:\WINDOWS\system32\Ati2evxx.exe]  <ATI Technologies Inc.><6.14.10.4109>
    [C:\WINDOWS\system32\Ati2edxx.dll]  <ATI Technologies, Inc.><6, 14, 10, 2495>
[PID: 716][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
    [C:\WINDOWS\system32\EntApi.dll]  <Network Associates, Inc><8.0.0.277>
[PID: 772][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
    [C:\WINDOWS\system32\EntApi.dll]  <Network Associates, Inc><8.0.0.277>
[PID: 868][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\System32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
    [C:\WINDOWS\system32\EntApi.dll]  <Network Associates, Inc><8.0.0.277>
[PID: 968][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
    [C:\WINDOWS\system32\EntApi.dll]  <Network Associates, Inc><8.0.0.277>
[PID: 1012][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
    [C:\WINDOWS\system32\EntApi.dll]  <Network Associates, Inc><8.0.0.277>
[PID: 1184][C:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
[PID: 1340][E:\Common Framework\FrameworkService.exe]  <Network Associates, Inc.><3.5.0.412>
    [E:\Common Framework\nailog.dll]  <Network Associates, Inc.><3.5.0.474>
    [E:\Common Framework\naXML.dll]  <Network Associates, Inc.><3.5.0.474>
    [E:\Common Framework\naCmnLib.dll]  <Network Associates, Inc.><3.5.0.474>
    [E:\Common Framework\applib.dll]  <Network Associates, Inc.><3.5.0.412>
    [E:\Common Framework\0804\AgentRes.dll]  <Network Associates, Inc.><3.5.0.412>
    [E:\Common Framework\Logging.dll]  <Network Associates, Inc.><3.5.0.412>
    [E:\Common Framework\InternetManager.dll]  <Network Associates, Inc.><3.5.0.412>
    [E:\Common Framework\naInet.dll]  <Network Associates, Inc.><3.5.0.474>
    [E:\Common Framework\UserSpace.dll]  <Network Associates, Inc.><3.5.0.412>
    [E:\Common Framework\SecureFrameworkFactory.dll]  <Network Associates, Inc.><3.5.0.412>
    [E:\Common Framework\Management.dll]  <Network Associates, Inc.><3.5.0.412>
    [E:\Common Framework\cmalib.dll]  <Network Associates, Inc.><3.5.0.412>
    [E:\Common Framework\naPolicyManager.dll]  <Network Associates, Inc.><3.5.0.412>
    [E:\Common Framework\ScriptSubSys.dll]  <Network Associates, Inc.><3.5.0.412>
    [E:\Common Framework\UpdateSubSys.dll]  <Network Associates, Inc.><3.5.0.412>
    [E:\Common Framework\Scheduler.dll]  <Network Associates, Inc.><3.5.0.412>
    [E:\Common Framework\TCSubSys.dll]  <Network Associates, Inc.><3.5.0.412>
    [C:\WINDOWS\system32\EntApi.dll]  <Network Associates, Inc><8.0.0.277>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
[PID: 1384][E:\杀毒软件\Mcshield.exe]  <Network Associates, Inc.><8.0.0.251>
    [E:\杀毒软件\Res04\McShield.DLL]  <Network Associates, Inc.><8.0.0.251>
    [E:\杀毒软件\FTL.Dll]  <Network Associates, Inc.><8.0.0.135>
    [E:\杀毒软件\naiann.dll]  <Network Associates, Inc.><8.0.0.251>
    [E:\杀毒软件\mytilus.dll]  <Network Associates, Inc.><8.0.0.251>
    [E:\Common Framework\GenEvtInf.dll]  <Network Associates, Inc.><3.5.0.412>
    [E:\杀毒软件\NaEventU.DLL]  <Network Associates, Inc.><8.0.0.342>
    [E:\杀毒软件\Res04\naEvtRes.dll]  <Network Associates, Inc.><8.0.0.342>
    [E:\杀毒软件\VSIDSvr.dll]  <Network Associates, Inc.><8.0.0.251>
    [C:\Program Files\Common Files\Network Associates\Engine\MCSCAN32.DLL]  <McAfee, Inc.><4.4.00>
    [E:\Common Framework\SecureFrameworkFactory.dll]  <Network Associates, Inc.><3.5.0.412>
    [E:\杀毒软件\EntSrv.Dll]  <Network Associates, Inc><8.0.0.277>
[PID: 1392][E:\COMMON~1\naPrdMgr.exe]  <Network Associates, Inc.><3.5.0.412>
    [E:\COMMON~1\nailog.dll]  <Network Associates, Inc.><3.5.0.474>

[E:\COMMON~1\naCmnLib.dll]  <Network Associates, Inc.><3.5.0.474>
    [E:\COMMON~1\naXML.dll]  <Network Associates, Inc.><3.5.0.474>
    [E:\COMMON~1\0804\AgentRes.dll]  <Network Associates, Inc.><3.5.0.412>
    [E:\杀毒软件\VsPlugin.dll]  <Network Associates, Inc.><8.0.0.912>
    [C:\WINDOWS\system32\EntApi.dll]  <Network Associates, Inc><8.0.0.277>
[PID: 1480][E:\杀毒软件\VsTskMgr.exe]  <Network Associates, Inc.><8.0.0.912>
    [E:\杀毒软件\SHUTIL.dll]  <Network Associates, Inc.><8.0.0.912>
    [E:\杀毒软件\naiwmain.dll]  <Network Associates, Inc.><8.0.0.912>
    [E:\杀毒软件\naicondl.dll]  <Network Associates, Inc.><8.0.0.912>
    [E:\杀毒软件\RES04\VsTskMgr.dll]  <Network Associates, Inc.><8.0.0.912>
    [E:\杀毒软件\MIDUtil.Dll]  <McAfee, Inc.><8.0.0.152>
[PID: 1588][C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe]  <Analog Devices, Inc.><3, 2, 6, 0>
[PID: 1636][C:\WINDOWS\system32\wdfmgr.exe]  <Microsoft Corporation><5.2.3790.1230 built by: dnsrv(bld4act)>
[PID: 2036][C:\WINDOWS\System32\alg.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\System32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
[PID: 1860][C:\WINDOWS\system32\Ati2evxx.exe]  <ATI Technologies Inc.><6.14.10.4109>
    [C:\WINDOWS\system32\Ati2edxx.dll]  <ATI Technologies, Inc.><6, 14, 10, 2495>
[PID: 120][C:\WINDOWS\Explorer.EXE]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
    [C:\WINDOWS\system32\EntApi.dll]  <Network Associates, Inc><8.0.0.277>
    [C:\WINDOWS\system32\SystemDll.dll]  <N/A><N/A>
    [C:\Program Files\WinRAR\rarext.dll]  <N/A><N/A>
    [E:\杀毒软件\shext.dll]  <Network Associates, Inc.><8.0.0.912>
    [E:\杀毒软件\RES04\ShExtRes.dll]  <Network Associates, Inc.><8.0.0.912>
[PID: 656][C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe]  <ATI Technologies, Inc.><6.14.10.5131>
    [C:\Program Files\ATI Technologies\ATI Control Panel\atipdsxx.dll]  <ATI Technologies, Inc.><6.14.10.5131>
    [C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATRPUIXX.CHS]  <ATI Technologies, Inc.><6.14.10.5131>
    [C:\Program Files\ATI Technologies\ATI Control Panel\atipdxxx.dll]  <ATI Technologies, Inc.><6.14.10.5131>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
[PID: 604][E:\杀毒软件\SHSTAT.EXE]  <Network Associates, Inc.><8.0.0.912>
    [E:\杀毒软件\SHUTIL.dll]  <Network Associates, Inc.><8.0.0.912>
    [E:\杀毒软件\naiwmain.dll]  <Network Associates, Inc.><8.0.0.912>
    [E:\杀毒软件\RES04\shstat.dll]  <Network Associates, Inc.><8.0.0.912>
    [E:\杀毒软件\RES04\Product.dll]  <Network Associates, Inc.><8.0.0.912>
    [E:\杀毒软件\RES04\McShield.dll]  <Network Associates, Inc.><8.0.0.251>
    [E:\杀毒软件\RES04\Shutilrc.dll]  <Network Associates, Inc.><8.0.0.912>
    [E:\杀毒软件\Graphics.dll]  <Network Associates, Inc.><8.0.0.912>
[PID: 1168][E:\Common Framework\UpdaterUI.exe]  <Network Associates, Inc.><3.5.0.412>
    [E:\Common Framework\nailog.dll]  <Network Associates, Inc.><3.5.0.474>
    [E:\Common Framework\naCmnLib.dll]  <Network Associates, Inc.><3.5.0.474>
    [E:\Common Framework\naXML.dll]  <Network Associates, Inc.><3.5.0.474>
    [E:\Common Framework\0804\UpdRes.dll]  <Network Associates, Inc.><3.5.0.412>
    [E:\Common Framework\0804\AgentRes.dll]  <Network Associates, Inc.><3.5.0.412>
    [E:\Common Framework\SecureFrameworkFactory.dll]  <Network Associates, Inc.><3.5.0.412>
[PID: 1808][C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe]  <Network Associates, Inc.><2.0.275.0>
[PID: 888][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  <RealNetworks, Inc.><0.1.0.3427>
[PID: 688][C:\WINDOWS\system32\ctfmon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
[PID: 1144][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\EntApi.dll]  <Network Associates, Inc><8.0.0.277>
    [C:\WINDOWS\system32\NBBHO.dll]  <N/A><N/A>
    [C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll]  <Xi><1.91.12>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
    [c:\InDll.dll]  <N/A><N/A>
[PID: 2652][F:\电影\新建文件夹\sreng2\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================
还请无邪GG你看看~

C:\WINDOWS\system32\checksys.exe
这个东东删不掉啊....
用了你告诉我的方法...
还是删不掉..
请大哥指点...