老兄你说的是这个文件吧，:
-----------------------------
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell

+ 1File not found: 1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

+ AVPCCFile not found: ;

+ CtrlVolFile not found: ;

+ HotkeyAppFile not found: ;

+ internat.exeFile not found: ;

+ ISUSPM StartupFile not found: ;

+ ISUSSchedulerFile not found: ;

+ LaunchApFile not found: ;

+ PRONoMgr.exeFile not found: ;

+ PRPCMonitorFile not found: ;

+ TkBellExeRealNetworks SchedulerRealNetworks, Inc.c:\program files\common files\real\update_ob\realsched.exe

+ TProgramPongc:\winnt\smss.exe

+ twisterTwister Anti-TrojanVirusFilseclab Corporationd:\twister\twister.exe

+ WbuttonFile not found: ;

C:\Documents and Settings\All Users\「开始」菜单\程序\启动

+ 费尔消息服务.lnk费尔消息服务费尔安全实验室c:\program files\common files\filseclab\filmsg.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run

+ ctfmon.exeFile not found: ctfmon.exe

+ internat.exeFile not found: internat.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved

+ Display Panning CPL ExtensionFile not found: deskpan.dll

+ HyperTerminal Icon ExtHyperTerminal Applet LibraryHilgraeve, Inc.c:\winnt\system32\hticons.dll

+ Shell Extensions for RealOne PlayerRealPlayer Shell ExtensionsRealNetworks, Inc.c:\program files\real\realplayer\rpshell.dll

+ Trojan Remover Shell ExtensionFile not found: d:\TROJAN~1\Trshlex.dll

+ Twister scan shell extensionTwister Shell Extension DLLFILSECLAB Corp.d:\twister\twshlext.dll

+ WinRAR shell extensionc:\program files\winrar\rarext.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

+ QQBrowserHelperObject ClassQQIEHelper Module深圳市腾讯计算机系统有限公司e:\qq\qqiehelper.dll

+ ThunderIEHelper Classxunleibho Modulec:\winnt\system32\xunleibho_v5.dll

HKLM\Software\Microsoft\Internet Explorer\Extensions

+ @shdoclc.dll,-864c:\winnt\web\related.htm

+ 腾讯QQQQTENCENTe:\qq\qq.exe

HKLM\System\CurrentControlSet\Services

+ AVPCCKL Control CentreKaspersky Labs.d:\kbs\avpcc.exe

+ KAVMonitorServiceKAV Monitor main moduleKaspersky Labs.d:\kbs\avpm.exe

+ RsCCenterFile not found: d:\Rising\Rav\CCenter.exe

HKLM\System\CurrentControlSet\Services

+ AgereSoftModemSoftModem Device DriverAgere Systemsc:\winnt\system32\drivers\agrsm.sys

+ bcm4sbe5Broadcom Corporation NDIS 5.0 ethernet driverBroadcom Corporationc:\winnt\system32\drivers\bcm4sbe5.sys

+ cs429xCrystal AC9x WDM DriverApplied Drivers Corporationc:\winnt\system32\drivers\cwawdm.sys

+ dmioNT Disk Manager I/O DriverVERITAS Software Corp.c:\winnt\system32\drivers\dmio.sys

+ dmloadNT Disk Manager Startup DriverVERITAS Software Corp.c:\winnt\system32\drivers\dmload.sys

+ ExpScanerFile not found: d:\Rising\Rav\ExpScan.sys

+ hnamec:\winnt\system32\drivers\hname.sys

+ HookContFile not found: d:\Rising\Rav\HOOKCONT.sys

+ HookRegFile not found: d:\Rising\Rav\HookReg.sys

+ HookSysFile not found: d:\Rising\Rav\HookSys.sys

+ ialmController Hub for Intel Graphics DriverIntel Corporationc:\winnt\system32\drivers\ialmnt5.sys

+ IMMDRVTwister Anti-TrojanVirus DriverFILSECLAB Corp.d:\twister\immdrv.sys

+ Klifspuper-ptorKaspersky Labsc:\winnt\system32\drivers\klif.sys

+ kmsinputc:\winnt\system32\drivers\kmsinput.sys

+ KRegExFile not found: C:\WINNT\system32\drivers\KRegEx.sys

+ KSysCallFile not found: D:\KV2005\KSysCall.sys

+ MEMSCANFile not found: d:\Rising\Rav\MEMSCAN.sys

+ NALIntel(R) Network Adapter Diagnostic DriverIntel Corporation c:\winnt\system32\drivers\iqvw32.sys

+ New0c:\winnt\system32\new.sys

+ npkcryptFile not found: E:\qq\npkcrypt.sys

+ NSCIRDANSC Fast Infrared Driver.National Semiconductor Corporationc:\winnt\system32\drivers\nscirda.sys

+ PProtectFile not found: C:\WINNT\system32\drivers\PProtect.sys

+ PtilinkDirect Parallel Link DriverParallel Technologies, Inc.c:\winnt\system32\drivers\ptilink.sys

+ WBMSWinbond Memory Stick Card DriverWinbond Electronics Corp.c:\winnt\system32\drivers\wbms.sys

+ WBSDWinbond Secure Digital (SD/MMC) Storage Device DriverWinbond Electronics Corp.c:\winnt\system32\drivers\wbsd.sys

+ Wbuttonc:\winnt\system32\drivers\wbutton.sys

+ {6080A529-897E-4629-A488-ABA0C29B635E}Intel Graphics Platform (SoftBIOS) Driver for Windows 2000(R) & Windows XP(TM)Intel Corporationc:\winnt\system32\drivers\ialmsbw.sys

+ {D31A0762-0CEB-444e-ACFF-B049A1F6FE91}Intel Graphics Chipset (KCH) Driver for Windows 2000(R) & Windows XP(TM)Intel Corporationc:\winnt\system32\drivers\ialmkchw.sys

+ {E2B953A6-195A-44F9-9BA3-3D5F4E32BB55}Ch7009 MinidriverIntel Corporationc:\winnt\system32\drivers\wa301a.sys

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify

+ igfxcuiigfxsrvc ModuleIntel Corporationc:\winnt\system32\igfxsrvc.dll

引用:

【麦田守望的贴子】老大你是不是告诉错了。这个软件没有导出功能 ...........................

有的

在那个软件主界面
点击扫描
然后保存日志
就生成日志内容了

【回复“麦田守望”的帖子】
结束如下进程
C:\WINNT\system32\agetlkeylie.exe
C:\WINNT\smss.exe

用HIJACKTHIS修复
R3 - URLSearchHook: (no name) - {982CB676-38F0-4D9A-BB72-D9371ABE876E} - (no file)
F2 - REG:system.ini: Shell=explorer.exe 1
O3 - IE工具栏增项: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - 启动项HKLM\\Run: [TProgram] C:\WINNT\smss.exe
O4 - 启动项HKLM\\Run: [RavUptye] C:\WINNT\system32\agetlkeylie.exe

＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝

进入注册表
删除如下几项
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
+ TProgram Pong c:\winnt\smss.exe

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
+ DLMon File not found: C:\WINNT\system32\DLMain.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
+ 8159.dll c:\winnt\system32\8159.dll

＝＝＝＝＝＝＝＝＝＝＝＝＝＝

进入注册表
修改
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <shell><Explorer.exe 1>
为
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <shell><Explorer.exe>

＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝

删除
C:\WINNT\system32\DLMain.dll
c:\winnt\system32\8159.dll
C:\WINNT\system32\agetlkeylie.exe
C:\WINNT\smss.exe
C:\winnt\system32\drivers\hname.sys

＝＝＝＝＝＝＝＝＝＝＝＝

提示：若正常模式下无法解决
建议进入安全模式下操作

我导出来了。但是论坛不支持说我的字节多了老兄，有邮箱吗，我按你上在的做了，重启或一打开ie又恢复原来的样子了。根本不起作用我又找不出来，是哪个文件在运行。

【回复“麦田守望”的帖子】
先参考一下12楼的回贴