[PID: 3408][D:\Program Files\Rising\Rav\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [D:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [D:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[PID: 3504][D:\Program Files\Rising\Rav\RavService.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 45]
    [D:\Program Files\Rising\Rav\DLCenter.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 27]
    [D:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
[PID: 1108][C:\Program Files\MSN Messenger\msnmsgr.exe]  [Microsoft Corporation, 8.0.0812.00]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
    [C:\WINDOWS\system32\LgSyl.dll]  [N/A, N/A]
    [D:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [C:\Program Files\Kingsoft\Powerword 2007\Grabgdip.dll]  [, 1, 0, 0, 1]
[PID: 2864][D:\Foxmail\Foxmail.exe]  [Tencent Inc., 6.05.104.20]
    [D:\Foxmail\FoxAntiSpam.dll]  [N/A, N/A]
    [D:\Foxmail\pcre.dll]  [N/A, N/A]
    [D:\Foxmail\3rdParty\addons\AD\MsgAPI.dll]  [Tencent inc., 1.0.0.0]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
    [C:\WINDOWS\system32\LgSyl.dll]  [N/A, N/A]
    [D:\Foxmail\3rdParty\punylib.dll]  [CNNIC, 1, 0, 0, 3]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\Program Files\Kingsoft\Powerword 2007\Grabgdip.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\DOWNLO~1\BDSrHook.dll]  [, 1, 0, 0, 4]
    [D:\Acrobat 7.0\ActiveX\PDFShell.CHS]  [Adobe Systems, Inc., 7.0.0.0]
    [D:\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [D:\Foxmail\3rdParty\cmplugin.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
[PID: 1948][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
    [C:\WINDOWS\system32\LgSyl.dll]  [N/A, N/A]
    [D:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\WINDOWS\DOWNLO~1\BDSrHook.dll]  [, 1, 0, 0, 4]
    [C:\Program Files\Kingsoft\Powerword 2007\Grabgdip.dll]  [, 1, 0, 0, 1]
[PID: 3104][C:\Program Files\阿里巴巴\贸易通\AliTalk.exe]  [Alibaba, 3, 0, 0, 1]
    [C:\Program Files\阿里巴巴\贸易通\SysIdle.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\阿里巴巴\贸易通\AliViewerApi.dll]  [N/A, N/A]
    [C:\Program Files\阿里巴巴\贸易通\AliMail\MailDll.dll]  [N/A, N/A]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\Program Files\阿里巴巴\贸易通\MessageNotify.dll]  [, 1, 0, 0, 1]
    [C:\PROGRA~1\阿里巴巴\贸易通\ATABCO~1.OCX]  [alibaba, 1, 0, 0, 1]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
    [C:\WINDOWS\system32\LgSyl.dll]  [N/A, N/A]
    [C:\Program Files\Kingsoft\Powerword 2007\Grabgdip.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[PID: 2816][C:\Program Files\Skype\Phone\Skype.exe]  [N/A, N/A]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
    [C:\WINDOWS\system32\LgSyl.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
    [C:\Program Files\Kingsoft\Powerword 2007\Grabgdip.dll]  [, 1, 0, 0, 1]
[PID: 3864][C:\Program Files\Skype\Phone\ContentFilter.exe]  [TOM Online Inc., 1.0.2.0]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[PID: 496][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
    [C:\Program Files\Kingsoft\Powerword 2007\Grabgdip.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\LgSyl.dll]  [N/A, N/A]
    [D:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
[PID: 2984][D:\Program Files\Rising\Rav\Rav.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 67]
    [D:\Program Files\Rising\Rav\PlugIn\RsPgScan.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [D:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [D:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
    [D:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [D:\Program Files\Rising\Rav\RavUI.Dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 59]
    [D:\Program Files\Rising\Rav\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 24]
    [D:\Program Files\Rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [D:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
    [D:\Program Files\Rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 32]
    [D:\Program Files\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 18]
    [D:\Program Files\Rising\Rav\RavUIMsg.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 24]
    [C:\WINDOWS\system32\LgSyl.dll]  [N/A, N/A]
    [D:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [D:\Program Files\Rising\Rav\RsStore.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [D:\Program Files\Rising\Rav\RavQu.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 14]
[PID: 332][C:\Documents and Settings\fr\桌面\SREng.EXE]  [Smallfrogs Studio, 2.3.13.690]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
    [C:\WINDOWS\system32\LgSyl.dll]  [N/A, N/A]
    [C:\Program Files\Kingsoft\Powerword 2007\Grabgdip.dll]  [, 1, 0, 0, 1]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
API HOOK
N/A

==================================


[/CODE]

水树大哥，我把所有的日志传上来了，没删除没修改，您帮我看看，万分感谢！
我对这些比较白痴的，谢谢你耐心的教我

一样的问题.......

这个病毒好可恶，我从12号开始就深受其害，水树大哥，我们在等你

运行sreng2启动项目，注册表删除
<avptask><C:\Progra~1\Eset\1explore.exe> [N/A]
<cmdbcs><C:\WINDOWS\cmdbcs.exe> [N/A]
<i76idbw><C:\WINDOWS\winlog0n.exe> [N/A]
重启后我的电脑，工具，文件夹选项，查看，显示所有文件和文件夹，把“隐藏受保护的系统文件”的勾去掉删除
C:\Progra~1\Eset\1explore.exe
C:\WINDOWS\cmdbcs.exe
C:\WINDOWS\winlog0n.exe

果然搞定了，谢谢水树大哥！
其他跟我一样病毒的可以用这个方法哦
谢谢谢谢