浏览器加载项
[TBSB04805 Class]
  {FA91DE7A-D85F-4F35-8204-4D7C957A154B} <C:\PROGRA~1\工具栏~1\wc.dll, >
[工具栏(T)]
  {42A2F05F-E171-4CEF-852F-02475F698C24} <C:\Program Files\工具栏(T)\wc.dll, >
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[访问瑞星网站]
  {FF2DE7A6-ECB1-4CBC-9C0E-D92A9E66E444} <http://www.rising.com.cn/?u=RSTB, N/A>
[访问卡卡社区]
  {FF2DE7A6-ECB1-4CBC-9C0E-D92A9E66E445} <http://www.ikaka.com/?u=RSTB, N/A>
[漂漂娱乐网]
  {6713E8D2-850A-101B-AFC0-4210102A8DA7} <http://www32.websamba.com/ppmmpic/c/?a=&b=&c=&d=&e=&f=n2&i=&j=656735&t=10/28/2005&s=bu, N/A>
[领我上上网]
  {7713E8D2-850A-101B-AFC0-4210102A8DA7} <http://cool.05335.com/?f=bu, N/A>
[CaiFuCOM Class]
  {C1F0024B-8278-4999-B7E6-2718426D9FE6} <C:\Program Files\财富通\caif.dll, N/A>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\System32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[工具栏(T)]
  {42A2F05F-E171-4CEF-852F-02475F698C24} <C:\Program Files\工具栏(T)\wc.dll, >
[PowerList Control]
  {20C2C286-BDE8-441B-B73D-AFA22D914DA5} <C:\PROGRA~1\PPStream\POWERL~1.OCX, PPStream.com>
[WebActivater Control]
  {3D8F74EE-8692-4F8F-B8D2-7522E732519E} <C:\WINDOWS\System32\WEBACT~1.OCX, QQ>
[HdwCode Control]
  {52A05F4B-9F0C-4752-BB78-9B6DFD2DE9D5} <C:\WINDOWS\DOWNLO~1\HdwCode.ocx, home>
[WuYou.WySystem]
  {6A9735F1-72AA-49E9-9981-A13C3FD8641B} <C:\WINDOWS\System32\WYSYSTEM.OCX, WuYou>
[AxInputControl Class]
  {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\DOWNLO~1\INPUTC~1.DLL, >
[AxSubmitControl Class]
  {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\DOWNLO~1\SUBMIT~1.DLL, >
[GLWebAvt Control]
  {C14D003A-DA41-4FEE-8204-62A94EAA29D1} <C:\WINDOWS\DOWNLO~1\GLWebAvt.ocx, >
[IEDown Class]
  {D0A29C6C-AA71-4423-8C4A-5998B774C448} <C:\WINDOWS\System32\GLIEDown2.dll, 联众公司>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>

正在运行的进程
[PID: 420][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 500][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 524][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\wdmaud.drv]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\99695634.DLL]  [Microsoft Corporation, 5.2.3790.1830]
    [C:\WINDOWS\System32\kkdj3sdf3.dll]  [Microsoft Corporation, ]
    [c:\progra~1\cmnn\pzaa.dll]  [, 1, 0, 0, 6]
    [c:\progra~1\cmnn\ueff.dll]  [ , 1, 0, 0, 6]
[PID: 568][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 580][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 732][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 772][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [c:\windows\system32\struts.dll]  [, 1, 0, 0, 4]
    [C:\WINDOWS\System32\WINHTTP.dll]  [Microsoft Corporation, 5.1.2600.1039 (xpsp1.020511-1800)]
[PID: 1068][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\WINDOWS\System32\wdmaud.drv]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
    [C:\WINDOWS\System32\99695634.DLL]  [Microsoft Corporation, 5.2.3790.1830]
    [C:\WINDOWS\System32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\kkdj3sdf3.dll]  [Microsoft Corporation, ]
    [c:\progra~1\cmnn\pzaa.dll]  [, 1, 0, 0, 6]
    [c:\progra~1\cmnn\ueff.dll]  [ , 1, 0, 0, 6]
    [D:\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
[PID: 1296][C:\WINDOWS\System32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [c:\progra~1\cmnn\pzaa.dll]  [, 1, 0, 0, 6]
    [c:\progra~1\cmnn\ueff.dll]  [ , 1, 0, 0, 6]
[PID: 1420][C:\Program Files\Rising\AntiSpyware\runiep.exe]  [Beijing Rising Technology Co., Ltd., 1, 0, 1, 6]
    [C:\Program Files\Rising\AntiSpyware\iep_ctrl.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 4]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [c:\progra~1\cmnn\pzaa.dll]  [, 1, 0, 0, 6]
    [c:\progra~1\cmnn\ueff.dll]  [ , 1, 0, 0, 6]
[PID: 260][C:\WINDOWS\System32\dgd4bs.exe]  [N/A, ]
    [C:\WINDOWS\System32\MSVBVM60.DLL]  [Microsoft Corporation, 6.00.9237]
    [C:\WINDOWS\System32\vb6chs.dll]  [Microsoft Corporation, 6.00.8988]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [c:\progra~1\cmnn\pzaa.dll]  [, 1, 0, 0, 6]
    [c:\progra~1\cmnn\ueff.dll]  [ , 1, 0, 0, 6]
[PID: 344][d:\rising\rfw\RfwMain.exe]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 70]
    [d:\rising\rfw\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
    [d:\rising\rfw\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [d:\rising\rfw\RfwCtrl.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
    [d:\rising\rfw\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [d:\rising\rfw\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [c:\progra~1\cmnn\pzaa.dll]  [, 1, 0, 0, 6]
    [c:\progra~1\cmnn\ueff.dll]  [ , 1, 0, 0, 6]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 2268][D:\Rising\Rav\RsAgent.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 12]
    [c:\progra~1\cmnn\pzaa.dll]  [, 1, 0, 0, 6]
    [c:\progra~1\cmnn\ueff.dll]  [ , 1, 0, 0, 6]
    [D:\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 2284][C:\WINDOWS\msagent\AgentSvr.exe]  [Microsoft Corporation, 2.00.0.3422]
    [c:\progra~1\cmnn\pzaa.dll]  [, 1, 0, 0, 6]
    [c:\progra~1\cmnn\ueff.dll]  [ , 1, 0, 0, 6]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\WINDOWS\system32\wdmaud.drv]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3808][C:\WINDOWS\System32\conime.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [c:\progra~1\cmnn\pzaa.dll]  [, 1, 0, 0, 6]
    [c:\progra~1\cmnn\ueff.dll]  [ , 1, 0, 0, 6]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 2252][C:\Program Files\Tencent\TT\TTraveler.exe]  [腾讯公司, 3.0.0.238]
    [c:\progra~1\cmnn\pzaa.dll]  [, 1, 0, 0, 6]
    [c:\progra~1\cmnn\ueff.dll]  [ , 1, 0, 0, 6]
    [C:\WINDOWS\System32\kakatool.dll]  [Beijing Rising Technology Co., Ltd., 2, 0, 3, 0]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\Program Files\Tencent\TT\PersonalDesktop.dll]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 4]
    [C:\WINDOWS\System32\wdmaud.drv]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
    [C:\WINDOWS\System32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [D:\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\System32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [C:\WINDOWS\System32\WINWB86.IME]  [Microsoft Corporation, 4.00.950]
[PID: 3712][C:\Program Files\ppStream\PPStream.exe]  [PPStream.com, 1, 0, 4, 631]
    [c:\progra~1\cmnn\pzaa.dll]  [, 1, 0, 0, 6]
    [c:\progra~1\cmnn\ueff.dll]  [ , 1, 0, 0, 6]
    [C:\PROGRA~1\PPStream\POWERP~1.DLL]  [PPStream Inc., 1,0,0,1735]
    [C:\PROGRA~1\PPStream\PSNetwork.dll]  [PPStream, inc., 1, 0, 0, 2430]
    [C:\PROGRA~1\PPStream\POWERL~1.OCX]  [PPStream.com, 1, 0, 0, 1335]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [C:\WINDOWS\System32\wdmaud.drv]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
    [C:\WINDOWS\System32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [D:\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\System32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [C:\WINDOWS\System32\wmp.dll]  [Microsoft Corporation, 9.00.00.2980]
    [C:\WINDOWS\System32\msdmo.dll]  [, ]
[PID: 6004][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, ]
    [c:\progra~1\cmnn\pzaa.dll]  [, 1, 0, 0, 6]
    [c:\progra~1\cmnn\ueff.dll]  [ , 1, 0, 0, 6]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 5388][C:\DOCUME~1\dahai\LOCALS~1\Temp\Rar$EX08.828\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]
    [c:\progra~1\cmnn\pzaa.dll]  [, 1, 0, 0, 6]
    [c:\progra~1\cmnn\ueff.dll]  [ , 1, 0, 0, 6]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 3500][C:\PROGRA~1\INTERN~1\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)]
    [c:\progra~1\cmnn\pzaa.dll]  [, 1, 0, 0, 6]
    [c:\progra~1\cmnn\ueff.dll]  [ , 1, 0, 0, 6]
    [C:\Program Files\工具栏(T)\wc.dll]  [, 3, 0, 1, 65]
    [C:\Program Files\工具栏(T)\tbhelper.dll]  [, 3, 0, 1, 65]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
    [D:\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\System32\wdmaud.drv]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
    [C:\WINDOWS\System32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]

==================================
文件关联
.TXT  Error. [NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
[C:\]
[AutoRun]
open=pagefile.pif
shellexecute=pagefile.pif
shell\Auto\command=pagefile.pif
[D:\]
[AutoRun]
open=pagefile.pif
shellexecute=pagefile.pif
shell\Auto\command=pagefile.pif
[E:\]
[AutoRun]
open=pagefile.pif
shellexecute=pagefile.pif
shell\Auto\command=pagefile.pif
[F:\]
[AutoRun]
open=pagefile.pif
shellexecute=pagefile.pif
shell\Auto\command=pagefile.pif

==================================
HOSTS 文件
N/A

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]

感谢大虾朋友相助，还有一个现象，就是C盘，D盘，E盘，F盘左键双击打不开，再次感谢

汗 病毒不少 加我QQ 463216947

感谢新世纪的月亮朋友，我的QQ不知何故已上不去了，我的电脑用的是正版瑞星软件，07版的，已经作了全面杀毒了，怎么还有这么多可恶的病毒。

[HKEY_CURRENT_USER\Control Panel\Desktop]
<SCRNSAVE.EXE><C:\WINDOWS\System32\ravss.scr> [Rising Corp.]
服务
[69E2D0DC / 69E2D0DC][Stopped/Auto Start]
<C:\WINDOWS\System32\69E2D0DC.EXE -service><N/A>
[99695634 / 99695634][Stopped/Auto Start]
<C:\WINDOWS\System32\99695634.EXE -service><Microsoft Corporation>
[Background Intelligent Transfer Service / BITS][Stopped/Auto Start]
<C:\WINDOWS\system32\svchost.exe -k netsvcs-->C:\WINDOWS\System32\wiasoervc.dll><N/A>
[CoolWare / CoolWare][Running/Auto Start]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\System32\struts.dll><>
[edfscv / edfscv][Stopped/Auto Start]
<C:\WINDOWS\System32\fgdfsdf.exe -service><N/A>
[error monitor / EmonSrv][Stopped/Auto Start]
<C:\WINDOWS\System32\lfrmewrk.exe><N/A>
[Windows hrss RunThem / hrss][Running/Auto Start]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\PROGRA~1\cmnn\mwxx.dll>< >
[kkdj3sdf3 / kkdj3sdf3][Stopped/Auto Start]
<C:\WINDOWS\System32\kkdj3sdf3.exe -j><Microsoft Corporation>
[kkduusfsd / kkduusfsd][Stopped/Auto Start]
<C:\WINDOWS\System32\kkduusfsd.exe -service><N/A>
[Service Transaction Provisioning / Transaction_Service][Stopped/Auto Start]
<C:\WINDOWS\System32\explorer.exe><N/A>
[cdxidd8 / cdxidd88][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\cdxidd88.sys><N/A>
[fakkxg9 / fakkxg96][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\fakkxg96.sys><N/A>
[iiujqe7 / iiujqe72][Stopped/Boot Start]
<\SystemRoot\System32\DRIVERS\iiujqe72.sys><N/A>驱动这一块我看不懂。。。不好意思
[PID: 524][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\System32\99695634.DLL] [Microsoft Corporation, 5.2.3790.1830]
[C:\WINDOWS\System32\kkdj3sdf3.dll] [Microsoft Corporation, ]
[c:\progra~1\cmnn\pzaa.dll] [, 1, 0, 0, 6]
[c:\progra~1\cmnn\ueff.dll] [ , 1, 0, 0, 6]
[PID: 772][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[c:\windows\system32\struts.dll] [, 1, 0, 0, 4]

[PID: 1068][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)]
[C:\WINDOWS\System32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[C:\WINDOWS\System32\99695634.DLL] [Microsoft Corporation, 5.2.3790.1830]
[C:\WINDOWS\System32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\System32\kkdj3sdf3.dll] [Microsoft Corporation, ]
[c:\progra~1\cmnn\pzaa.dll] [, 1, 0, 0, 6]
[c:\progra~1\cmnn\ueff.dll] [ , 1, 0, 0, 6]
[PID: 1296][C:\WINDOWS\System32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[c:\progra~1\cmnn\pzaa.dll] [, 1, 0, 0, 6]
[c:\progra~1\cmnn\ueff.dll] [ , 1, 0, 0, 6]
[PID: 1420][C:\Program Files\Rising\AntiSpyware\runiep.exe] [Beijing Rising Technology Co., Ltd., 1, 0, 1, 6]
[c:\progra~1\cmnn\pzaa.dll] [, 1, 0, 0, 6]
[c:\progra~1\cmnn\ueff.dll] [ , 1, 0, 0, 6]
[PID: 260][C:\WINDOWS\System32\dgd4bs.exe] [N/A, ]
[C:\WINDOWS\System32\MSVBVM60.DLL] [Microsoft Corporation, 6.00.9237]
[C:\WINDOWS\System32\vb6chs.dll] [Microsoft Corporation, 6.00.8988]
[c:\progra~1\cmnn\pzaa.dll] [, 1, 0, 0, 6]
[c:\progra~1\cmnn\ueff.dll] [ , 1, 0, 0, 6]
[PID: 344][d:\rising\rfw\RfwMain.exe] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 70]
[c:\progra~1\cmnn\pzaa.dll] [, 1, 0, 0, 6]
[c:\progra~1\cmnn\ueff.dll] [ , 1, 0, 0, 6]
[c:\progra~1\cmnn\pzaa.dll] [, 1, 0, 0, 6]
[c:\progra~1\cmnn\ueff.dll] [ , 1, 0, 0, 6]
[PID: 2284][C:\WINDOWS\msagent\AgentSvr.exe] [Microsoft Corporation, 2.00.0.3422]
[c:\progra~1\cmnn\pzaa.dll] [, 1, 0, 0, 6]
[c:\progra~1\cmnn\ueff.dll] [ , 1, 0, 0, 6]
[C:\WINDOWS\system32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[PID: 3808][C:\WINDOWS\System32\conime.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[c:\progra~1\cmnn\pzaa.dll] [, 1, 0, 0, 6]
[c:\progra~1\cmnn\ueff.dll] [ , 1, 0, 0, 6]
[PID: 2252][C:\Program Files\Tencent\TT\TTraveler.exe] [腾讯公司, 3.0.0.238]
[c:\progra~1\cmnn\pzaa.dll] [, 1, 0, 0, 6]
[c:\progra~1\cmnn\ueff.dll] [ , 1, 0, 0, 6]
[C:\WINDOWS\System32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[c:\progra~1\cmnn\pzaa.dll] [, 1, 0, 0, 6]
[c:\progra~1\cmnn\ueff.dll] [ , 1, 0, 0, 6]
[C:\WINDOWS\System32\msdmo.dll] [, ]
[PID: 6004][C:\Program Files\WinRAR\WinRAR.exe] [N/A, ]
[c:\progra~1\cmnn\pzaa.dll] [, 1, 0, 0, 6]
[c:\progra~1\cmnn\ueff.dll] [ , 1, 0, 0, 6]
[PID: 5388][C:\DOCUME~1\dahai\LOCALS~1\Temp\Rar$EX08.828\SREng.EXE] [Smallfrogs Studio, 2.4.12.806]
[c:\progra~1\cmnn\pzaa.dll] [, 1, 0, 0, 6]
[c:\progra~1\cmnn\ueff.dll] [ , 1, 0, 0, 6]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 3500][C:\PROGRA~1\INTERN~1\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)]
[c:\progra~1\cmnn\pzaa.dll] [, 1, 0, 0, 6]
[c:\progra~1\cmnn\ueff.dll] [ , 1, 0, 0, 6]
[C:\Program Files\工具栏(T)\wc.dll] [, 3, 0, 1, 65]
[C:\Program Files\工具栏(T)\tbhelper.dll] [, 3, 0, 1, 65]
[C:\WINDOWS\System32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[C:\WINDOWS\System32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]

关于硬盘打不开的问题,
用WINRAR打开各个磁盘,在根目录下一般会有autotun.inf该文件
打开,看看open shell等后面跟的路径,连同autorun.inf一起删掉...
然后清理一下注册表

谢谢桃子，第16楼的那些内容俺看不懂，可以再细说一下吗，谢谢

首先下载软件http://www.i170.com/Attach/51FD704F-C0BD-41E7-B0E9-60673A888FD6
XDElbox 1.2
然后重启计算机进入
安全模式下(开机后不断 按F8键  然后出来一个高级菜单 选择第一项 安全模式 进入系统)
打开Xdelbox 删除如下文件(使用方法可以参考http://hi.baidu.com/teyqiu/blog/item/291690efc3f3b5eece1b3e5a.html）
C:\windows\System32\DRIVERS\cdxidd88.sys
C:\windows\System32\DRIVERS\fakkxg96.sys
C:\windows\System32\DRIVERS\gcxtli59.sys
C:\windows\system32\drivers\geeecfbi.sys
C:\windows\System32\DRIVERS\goqxiz26.sys
C:\windows\System32\DRIVERS\gotesf37.sys
C:\windows\System32\DRIVERS\hrnipt60.sys
C:\windows\System32\DRIVERS\iiujqe72.sys
C:\windows\System32\DRIVERS\iylxfk87.sys
C:\windows\System32\DRIVERS\okrkfk99.sys
C:\windows\System32\DRIVERS\qndsrc74.sys
C:\windows\System32\DRIVERS\rsqblg13.sys
C:\windows\System32\DRIVERS\tcaqlh94.sys
C:\windows\System32\DRIVERS\uhnuyj77.sys
C:\windows\System32\DRIVERS\ywkoqp68.sys
C:\windows\System32\DRIVERS\zaucyc68.sys

重启后安全模式下
打开sreng （就是你扫日志的软件）
启动项目  注册表 删除如下项目 (如果有哪项你认识或者确认不是病毒 请不要删除)
C:\Documents and Settings\dahai\桌面\awp.e><> [N/A]


“启动项目”-“服务”-“Win32服务应用程序”中点“隐藏经认证的微软项目”，
选中以下项目，点“删除服务”，再点“设置”，在弹出的框中点“否”：

69E2D0DC / 69E2D0DC
99695634 / 99695634
Background Intelligent Transfer Service / BITS
CoolWare / CoolWare
edfscv / edfscv
Windows hrss RunThem / hrss
kkdj3sdf3 / kkdj3sdf3
kkduusfsd / kkduusfsd
Service Transaction Provisioning / Transaction_Service

用SREng在“系统修复”-“浏览器加载项”中删除：
[TBSB04805 Class]
{FA91DE7A-D85F-4F35-8204-4D7C957A154B} <C:\PROGRA~1\工具栏~1\wc.dll, >
[工具栏(T)]
{42A2F05F-E171-4CEF-852F-02475F698C24} <C:\Program Files\工具栏(T)\wc.dll, >
[@shdoclc.dll,-866]
{c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[漂漂娱乐网]
{6713E8D2-850A-101B-AFC0-4210102A8DA7} <http://www32.websamba.com/ppmmpic/c/?a=&b=&c=&d=&e=&f=n2&i=&j=656735&t=10/28/2005&s=bu, N/A>
[领我上上网]
{7713E8D2-850A-101B-AFC0-4210102A8DA7} <http://cool.05335.com/?f=bu, N/A>
[CaiFuCOM Class]
{C1F0024B-8278-4999-B7E6-2718426D9FE6} <C:\Program Files\财富通\caif.dll, N/A>
[工具栏(T)]
{42A2F05F-E171-4CEF-852F-02475F698C24} <C:\Program Files\工具栏(T)\wc.dll, >
[AxInputControl Class]
{73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\DOWNLO~1\INPUTC~1.DLL, >
[AxSubmitControl Class]
{8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\DOWNLO~1\SUBMIT~1.DLL, >
[GLWebAvt Control]
{C14D003A-DA41-4FEE-8204-62A94EAA29D1} <C:\WINDOWS\DOWNLO~1\GLWebAvt.ocx, >

双击我的电脑，工具，文件夹选项，查看，单击选取"显示隐藏文件或文件夹" 并清除"隐藏受保护的操作系统文件（推荐）"前面的钩。在提示确定更改时，单击“是” 然后确定
然后删除
C:\windows\\System32\explorer.exe
C:\windows\\System32\kkduusfsd.exe
C:\PROGRA~1\cmnn
C:\windows\\System32\fgdfsdf.exe
C:\windows\\System32\struts.dll
C:\windows\\System32\wiasoervc.dll
C:\windows\\System32\99695634.EXE
C:\windows\\System32\69E2D0DC.EXE

把下面的 代码拷入记事本中然后另存为1.reg文件
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"RegPath"="Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced"
"Text"="@shell32.dll,-30500"
"Type"="radio"
"CheckedValue"=dword:00000001
"ValueName"="Hidden"
"DefaultValue"=dword:00000002
"HKeyRoot"=dword:80000001
"HelpID"="shell.hlp#51105"

双击1.reg把这个注册表项导入

双击我的电脑－工具－文件夹选项－查看－显示所有文件和文件夹，把“隐藏受保护的系统文件”的勾去掉。

右击打开有问题的分区  删除autorun.inf