这是日志
Logfile of HijackThis v1.99.1
Scan saved at 14:14:41, on 2006-9-26
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\savedump.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\rundll32.exe
C:\WINNT\system32\userinit.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\conime.exe
C:\Documents and Settings\xiaoyin\桌面\HijackThis.exe

O1 - Hosts: 125.91.1.20 localhost
O4 - Global Startup: IE-Bar.lnk = C:\Program Files\Common Files\IE-Bar\iebar.exe
O10 - Unknown file in Winsock LSP: c:\winnt\system32\cdnns.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\quartz32.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\quartz32.dll
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = HTSC.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = HTSC.local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = HTSC.local
O20 - Winlogon Notify: IPConfMSP - C:\WINNT\system32\jt0007dme.dll
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINNT\aHRneg\command.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Update Service For Windows (SoftUpdate) - Unknown owner - C:\WINNT\SoftUpdate.exe
O23 - Service: System Set Service (SystemSet) - Unknown owner - C:\WINNT\system32\service.exe

前一次的日志如下，我尝试修复，不过没有用。
Logfile of HijackThis v1.99.1
Scan saved at 13:35:10, on 2006-9-26
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\rundll32.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\conime.exe
C:\Documents and Settings\xiaoyin\桌面\HijackThis.exe

R3 - Default URLSearchHook is missing
O1 - Hosts: 125.91.1.20 localhost
O2 - BHO: wmpdrm - {0E674588-66B7-4E19-9D0E-2053B800F69F} - C:\WINNT\system32\wmpdrm.dll
O2 - BHO: MyIEHelper Class - {16B770A0-0E87-4278-B748-2460D64A8386} - C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper_5002.dll (file missing)
O2 - BHO: raObject Class - {46F194EB-B7DB-4B7A-BD42-5FF39FD17664} - C:\PROGRA~1\pcast\tbcast.dll
O2 - BHO: CdnForIE Class - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll
O2 - BHO: Macromedia. Flash8 Object - {C61A70F3-505E-4B90-916F-627A8706B4BC} - c:\WINNT\system32\FlashPlayer8OCX.dll
O2 - BHO: Shell name - {D682D42E-BE2C-4758-AB18-926D2E7553B8} - C:\DOCUME~1\zxh\LOCALS~1\Temp\vmmreg32.dll (file missing)
O2 - BHO: Microsoft Solo Browser Helper Object - {E3DB85B5-C559-4894-B474-42E89FAA1EFD} - C:\WINNT\system32\winmsd.dll
O2 - BHO: (no name) - {E730189A-9973-4121-B046-AD1C161EC3AF} - C:\WINNT\system32\37211.dll
O2 - BHO: WMHlprObj Class - {F5824EFB-728A-4726-A5A5-85A68B20EDC3} - C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll
O2 - BHO: AssistHelper - {FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yassist.dll
O3 - Toolbar: 雅虎助手 - {406F94F0-504F-4A40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\Assistant\Assist\yasbar.dll
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\MSDXM.OCX
O3 - Toolbar: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - C:\Program Files\ToolBar888\MyToolBar.dll
O3 - Toolbar: Micrsoft SearchBar - {6D53ADB7-6AD5-4A59-BFE4-7B57D2F4AA89} - C:\Program Files\Micrsoft SearchBar\SearchBar.dll
O4 - HKCU\..\Run: [Internat.exe] internat.exe
O4 - HKCU\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop
O4 - Global Startup: IE-Bar.lnk = C:\Program Files\Common Files\IE-Bar\iebar.exe
O9 - Extra button: 中文上网 - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll
O9 - Extra 'Tools' menuitem: 中文上网 - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll
O9 - Extra button: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\cdnns.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\quartz32.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\quartz32.dll
O11 - Options group: [CDNCLIENT]  中文上网
O16 - DPF: _{0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} - https://www.sz1.cmbchina.com/download/CMBEdit.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = HTSC.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = HTSC.local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = HTSC.local
O20 - Winlogon Notify: policies - C:\WINNT\system32\q2pslc771f.dll
O21 - SSODL: DelayRun - {5A6F2F95-3191-433B-8533-EB0B596A7BAC} - C:\WINNT\system32\cf6daae0.dll
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINNT\aHRneg\command.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe
O23 - Service: Update Service For Windows (SoftUpdate) - Unknown owner - C:\WINNT\SoftUpdate.exe
O23 - Service: System Set Service (SystemSet) - Unknown owner - C:\WINNT\system32\service.exe

我用LSPFix汉化版修复了一下第010项，还是不成功，55555

O10 - Unknown file in Winsock LSP: c:\winnt\system32\quartz32.dll
这个用LSPFix和HijackThis都修复不了，是不是要删除呀？

是在安全模式下修复的，因为偶正常模式下已经早就进不去了。
SRENG2修复后的日志如下
2006-09-26,16:35:44

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows 2000 Professional Service Pack 4 (Build 2195)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <Torjan Program><C:\WINNT\WINLOGON.EXE>  [UtnuWK3cJFeZfBLizdIH]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <kokv><C:\WINNT\system32\cf6iaae.exe>  []
    <1><C:\WINNT\svchost.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe 1>  []
    <Userinit><C:\WINNT\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINNT\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
    <{F3D0D422-CE6D-47B3-9CE6-C54DD63F1ADB}><C:\Program Files\Internet Explorer\PLUGINS\new123.sys>  []
    <{25E1EECB-E580-4032-97A2-A456D33820D1}><C:\Program Files\Outlook Express\mqq.dll>  []
    <{288BD9BD-F0DC-46B1-81B5-2B61DF8077CE}><C:\WINNT\system32\imternat.dll>  []
    <{CF49F9F2-A8D3-464F-83EC-6AFC6573C267}><C:\WINNT\system32\jhlog3.DLL>  []
    <ntdll.dll><>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\CSCSettings]
    <WinlogonNotify: CSCSettings><C:\WINNT\system32\n68olgl316q.dll>  []
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><(无)>  []

==================================
启动文件夹
[IE-Bar]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\IE-Bar.lnk><N>

==================================
服务
[Command Service / cmdService]
  <C:\WINNT\aHRneg\command.exe><N/A>
[Logical Disk Manager Administrative Service / dmadmin]
  <C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[InstallDriver Table Manager / IDriverT]
  <C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe><Macrovision Corporation>
[iPodService / iPodService]
  <C:\Program Files\iPod\bin\iPodService.exe><Apple Computer, Inc.>
[Network Monitor / Network Monitor]
  <C:\Program Files\Network Monitor\netmon.exe service><N/A>
[PopWinIe / PopWinIe]
  <C:\WINNT\system32\PopWin.exe -service><N/A>
[Rising Process Communication Center / RsCCenter]
  <"f:\Program Files\Rising\Rav\CCenter.exe"><N/A>
[RsRavMon Service / RsRavMon]
  <"F:\Program Files\Rising\Rav\Ravmond.exe"><N/A>
[Update Service For Windows / SoftUpdate]
  <C:\WINNT\SoftUpdate.exe><N/A>
[System Set Service / SystemSet]
  <C:\WINNT\system32\service.exe><N/A>

==================================
浏览器加载项
正在运行的进程
[PID: 280][C:\WINNT\system32\rundll32.exe]  <Microsoft Corporation><5.00.2134.1>
    [C:\WINNT\system32\kxdic.dll]  <N/A><N/A>
    [C:\WINNT\system32\quartz32.dll]  <><4, 1, 0, 0>
    [C:\Program Files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
    [C:\WINNT\system32\jhlog3.DLL]  <N/A><N/A>
    [C:\WINNT\system32\imternat.dll]  <N/A><N/A>
[PID: 480][C:\WINNT\Explorer.EXE]  <Microsoft Corporation><5.00.3700.6690>
    [C:\WINNT\system32\kxdic.dll]  <N/A><N/A>
    [C:\WINNT\system32\RavExt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
    [C:\Program Files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
    [C:\Program Files\Outlook Express\mqq.dll]  <N/A><N/A>
    [C:\WINNT\system32\imternat.dll]  <N/A><N/A>
    [C:\WINNT\system32\jhlog3.DLL]  <N/A><N/A>
    [C:\Program Files\WinRAR\rarext.dll]  <N/A><N/A>
    [f:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ywiper.dll]  <Yahoo! China><3, 0, 1, 1001>
[PID: 516][C:\WINNT\system32\conime.exe]  <Microsoft Corporation><5.00.2195.6655>
    [C:\Program Files\Outlook Express\mqq.dll]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
    [C:\WINNT\system32\jhlog3.DLL]  <N/A><N/A>
    [C:\WINNT\system32\imternat.dll]  <N/A><N/A>
[PID: 396][C:\WINNT\Regedit.exe]  <Microsoft Corporation><5.00.2195.6707>
[PID: 484][C:\WINNT\Regedit.exe]  <Microsoft Corporation><5.00.2195.6707>
[PID: 244][C:\WINNT\WINLOGON.EXE]  <UtnuWK3cJFeZfBLizdIH><0.00.0110>
    [C:\Program Files\Outlook Express\mqq.dll]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
    [C:\WINNT\system32\jhlog3.DLL]  <N/A><N/A>
    [C:\WINNT\system32\imternat.dll]  <N/A><N/A>
[PID: 200][C:\Documents and Settings\xiaoyin\桌面\SREng2\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>
    [C:\Program Files\Outlook Express\mqq.dll]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\PLUGINS\new123.sys]  <N/A><N/A>
    [C:\WINNT\system32\jhlog3.DLL]  <N/A><N/A>
    [C:\WINNT\system32\imternat.dll]  <N/A><N/A>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  Error. [winfiles]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINNT\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================

没做GHOST，只有重装，谢谢。