[C:\PROGRA~1\flashget\jccatch.dll]  [Amaze Soft, 1, 1, 4, 0]
[PID: 3060][C:\Program Files\Thunder Network\Thunder\Thunder.exe]  [Thunder Networking Technologies,LTD, 5.0.6.98]
    [C:\Program Files\Thunder Network\Thunder\UpdateDownload.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 1]
    [C:\Program Files\Thunder Network\Thunder\download_interface.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 1]
    [C:\Program Files\Thunder Network\Thunder\log4cplus.dll]  [, 1, 0, 2, 1]
    [C:\Program Files\Thunder Network\Thunder\stlport_vc646.dll]  [STLport Consulting, Inc., 4.6.2003.1031]
    [C:\Program Files\Thunder Network\Thunder\historyinfo_manage.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 73]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.6.3 08Aug03]
    [C:\Program Files\Thunder Network\Thunder\iThunder.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 30]
    [C:\Program Files\Thunder Network\Thunder\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 1, 0, 1, 4]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [C:\DOCUME~1\Admin\LOCALS~1\Temp\ZtgM.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
[PID: 1592][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\xunleibho_v8.dll]  [Thunder Networking Technologies,LTD, 4, 5, 1, 33]
    [C:\Program Files\Tencent\QQ\QQIEHelper.dll]  [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
    [C:\PROGRA~1\flashget\jccatch.dll]  [Amaze Soft, 1, 1, 4, 0]
[PID: 3268][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.6.3 08Aug03]
    [C:\WINDOWS\system32\xunleibho_v8.dll]  [Thunder Networking Technologies,LTD, 4, 5, 1, 33]
    [C:\Program Files\Tencent\QQ\QQIEHelper.dll]  [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
    [C:\PROGRA~1\flashget\jccatch.dll]  [Amaze Soft, 1, 1, 4, 0]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
    [C:\DOCUME~1\Admin\LOCALS~1\Temp\ZtgM.dll]  [N/A, N/A]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
[PID: 2132][C:\Documents and Settings\Admin\桌面\xy2dl-2.0.150.exe]  [Netease, 1.0.0.1]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.6.3 08Aug03]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
    [C:\DOCUME~1\Admin\LOCALS~1\Temp\ZtgM.dll]  [N/A, N/A]
[PID: 4072][C:\WINDOWS\system32\scvhsot.exe]  [N/A, N/A]
[PID: 3024][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.6.3 08Aug03]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[PID: 1992][C:\Documents and Settings\Admin\桌面\新建文件夹\SREng.EXE]  [Smallfrogs Studio, 2.3.13.690]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.6.3 08Aug03]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
    [C:\DOCUME~1\Admin\LOCALS~1\Temp\ZtgM.dll]  [N/A, N/A]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
[D:\]
[AutoRun]

open=sss.exe

shellexecute=sss.exe

shell\Auto\command=sss.exe
[E:\]
[AutoRun]

open=sss.exe

shellexecute=sss.exe

shell\Auto\command=sss.exe
[F:\]
[AutoRun]

open=sss.exe

shellexecute=sss.exe

shell\Auto\command=sss.exe

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
API HOOK
N/A

==================================


[/CODE]

高手们..帮忙认真看下.谢谢了@@!!

重装系统吧  装好以后什么都不要干 打开我的电脑--工具 --文件夹选项 显示隐藏文件-系统文件
右键打开D,E,F  删除:
sss.exe
Autorun.inf

系统文件
右键打开D,E,F 删除:
sss.exe
Autorun.inf


这个在那里找??

系统文件
右键打开D,E,F(这是什么意思?我是电脑白痴)

【回复“o中毒者o”的帖子】
木马加载项：
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<myZt2><C:\DOCUME~1\Admin\LOCALS~1\Temp\Zt2\SVCH0ST.EXE> [N/A]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<rxzs><C:\DOCUME~1\Admin\LOCALS~1\Temp\rxzs.exe> [N/A]
<mhs2><C:\DOCUME~1\Admin\LOCALS~1\Temp\18300.exe> [N/A]
<wlzs><C:\DOCUME~1\Admin\LOCALS~1\Temp\23186.exe> [N/A]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<twin><C:\WINDOWS\system32\twunk32.exe> [N/A]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><721815M.BMP> [N/A]

木马服务：
[Windows DHCP Service / WinDHCPsvc][Stopped/Auto Start]
<C:\WINDOWS\system32\rundll32.exe windhcp.ocx,start><Microsoft Corporation>

木马驱动：

[laldla / laldla][Running/Boot Start]
<\SystemRoot\\SystemRoot\System32\drivers\laldla.sys><N/A>
[Netgroup Packet Filter / NPF][Stopped/Manual Start]
<system32\DRIVERS\npf.sys><CACE Technologies>

被木马插入的进程：

[PID: 1240][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\DOCUME~1\Admin\LOCALS~1\Temp\ZtgM.dll] [N/A, N/A]
[PID: 1004][c:\program files\rising\rfw\RfwMain.exe] [Beijing Rising Technology Corporation Limited, 3, 1, 0, 15]
[C:\DOCUME~1\Admin\LOCALS~1\Temp\ZtgM.dll] [N/A, N/A]
[PID: 2504][C:\DOCUME~1\Admin\LOCALS~1\Temp\rxzs.exe] [N/A, N/A]
[C:\DOCUME~1\Admin\LOCALS~1\Temp\rxzs.dll] [N/A, N/A]
[PID: 2528][C:\DOCUME~1\Admin\LOCALS~1\Temp\31124.exe] [N/A, N/A]————木马进程
[PID: 2644][C:\DOCUME~1\Admin\LOCALS~1\Temp\23186.exe] [N/A, N/A]————木马进程
[C:\DOCUME~1\Admin\LOCALS~1\Temp\wlzs.dll] [N/A, N/A]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[PID: 3404][C:\DOCUME~1\Admin\LOCALS~1\Temp\18300.exe] [N/A, N/A]
[PID: 1440][C:\DOCUME~1\Admin\LOCALS~1\Temp\Zt2\SVCH0ST.EXE] [N/A, N/A]
[C:\DOCUME~1\Admin\LOCALS~1\Temp\ZtgM.dll] [N/A, N/A]
[PID: 3604][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\DOCUME~1\Admin\LOCALS~1\Temp\ZtgM.dll] [N/A, N/A]
[PID: 3060][C:\Program Files\Thunder Network\Thunder\Thunder.exe] [Thunder Networking Technologies,LTD, 5.0.6.98]
[C:\DOCUME~1\Admin\LOCALS~1\Temp\ZtgM.dll] [N/A, N/A]
[PID: 1592][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\DOCUME~1\Admin\LOCALS~1\Temp\ZtgM.dll] [N/A, N/A]
[PID: 2132][C:\Documents and Settings\Admin\桌面\xy2dl-2.0.150.exe] [Netease, 1.0.0.1]
[C:\DOCUME~1\Admin\LOCALS~1\Temp\ZtgM.dll] [N/A, N/A]
[PID: 1992][C:\Documents and Settings\Admin\桌面\新建文件夹\SREng.EXE] [Smallfrogs Studio, 2.3.13.690]
[C:\DOCUME~1\Admin\LOCALS~1\Temp\ZtgM.dll] [N/A, N/A]

其它根目录下的木马文件：

D:\autorun.inf
D:\sss.exe
E:\autorun.inf
E:\sss.exe
F:\autorun.inf
F:\sss.exe

PowerRmv【teyqiu】
我用这个暴力灭天王删了
D:\autorun.inf
D:\sss.exe
E:\autorun.inf
E:\sss.exe
F:\autorun.inf
F:\sss.exe

不过我没重装.不知道可不可以.等下我在杀下毒看看