以下是我电脑的病毒日志，各位大哥是不是真的没有救了？
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe>  [(Verified)Microsoft Windows XP Publisher]
    <MsnMsgr><"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background>  [(Verified)Microsoft Corporation]
    <MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background>  [(Verified)Microsoft Windows XP Publisher]
    <QQDownload><"C:\Program Files\Tencent\QQDownload\QQDownload.exe" autostart>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows XP Publisher]
    <PHIME2002ASync><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows XP Publisher]
    <PHIME2002A><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows XP Publisher]
    <SoundMan><SOUNDMAN.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <Easy-PrintToolBox><C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon>  [CANON INC.]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup>  [NVIDIA Corporation]
    <nwiz><nwiz.exe /install>  [NVIDIA Corporation]
    <NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit>  [NVIDIA Corporation]
    <stup.exe><C:\PROGRA~1\TENCENT\Adplus\stup.exe>  [Tencent]
    <InternetEx><C:\WINDOWS\system\1.exe>  [N/A]
    <msccrt><C:\WINDOWS\msccrt.exe>  [N/A]
    <tjgekij><C:\Program Files\xerox\tjgekij.exe>  []
    <runner1><C:\WINDOWS\retadpu20.exe 61A847B5BBF72810328B2B27128065E9C084320161C4661227A755E9C2933154389A>  [N/A]
    <lgaswe03><%systemroot%\system32\Rundll32.exe "%systemroot%\system32\lgaswe03.dll",Start>  [N/A]
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  [N/A]
    <eqghda14><%systemroot%\system32\Rundll32.exe "%systemroot%\system32\eqghda14.dll",Start>  [N/A]
    <RavWeb><"C:\Program Files\Rising\RavWeb\Update\websetup.exe" /UNINSTALL /S /ONCE>  [N/A]
    <runeip><C:\Program Files\Rising\AntiSpyware\runiep.exe>  [Beijing Rising Technology Co., Ltd.]
    <SPLORE><C:\Program Files\Internet Explorer\SPLOVE.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <RavStub><"C:\PROGRAM FILES\RISING\RAV\ravstub.exe" /RUNONCE>  [Beijing Rising Technology Co., Ltd.]
    <flhrd><%systemroot%\system32\Rundll32.exe  %systemroot%\system32\flhrd.dll,DllUnregisterServer>  []
    <nvwrsfy><%systemroot%\system32\Rundll32.exe %systemroot%\system32\nvwrsfy.dll,DllUnregisterServer>  [N/A]
    <KKDelay><C:\Program Files\Rising\AntiSpyware\RunOnce.exe>  [Beijing Rising Technology Co., Ltd.]
    <wocify48><%systemroot%\system32\Rundll32.exe %systemroot%\system32\wocify48.dll,DllUnregisterServer>  []
    <owrfhm77><%systemroot%\system32\Rundll32.exe %systemroot%\system32\owrfhm77.dll,DllUnregisterServer>  []
    <akyetq77><%systemroot%\system32\Rundll32.exe %systemroot%\system32\akyetq77.dll,DllUnregisterServer>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows XP Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\System32\wintemp.exe,C:\WINDOWS\System32\SVCH0ST.EXE>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><C:\WINDOWS\system32\Manager.dll>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
    <{31F612A3-3223-3313-3123-31161A31A125}><C:\WINDOWS\System32\godpri.dll>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\rpcc]
    <WinlogonNotify: rpcc><C:\WINDOWS\System32\rpcc.dll>  [N/A]

==================================
启动文件夹
[腾讯QQ]
  <C:\Documents and Settings\Fly\「开始」菜单\程序\启动\腾讯QQ.lnk --> C:\PROGRA~1\Tencent\QQ\QQ.exe [TENCENT]><N>

==================================
服务
[2BC31F81 / 2BC31F81][Stopped/Auto Start]
  <C:\WINDOWS\System32\87BD6.EXE -d><N/A>
[Network Security / AtHome][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\System32\cqbaw.dll><Microsoft Corporation>
[Fast Client / fast][Stopped/Auto Start]
  <C:\WINDOWS\System32\3b3a.exe><N/A>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[inetinfo / inefo][Stopped/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\system32\inefo\inetinfo.dll><N/A>
[kkdj3sdf3 / kkdj3sdf3][Stopped/Auto Start]
  <C:\WINDOWS\System32\kkdj3sdf3.exe -j><N/A>
[ayPcigeon20 / m][Running/Auto Start]
  <C:\WINDOWS\spcvl.exe><>
[Net Log / NetLog][Stopped/Auto Start]
  <C:\WINDOWS\system32\netlog.exe><N/A>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\System32\nvsvc32.exe><NVIDIA Corporation>
[Windows rako RunThem / rako][Stopped/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\PROGRA~1\mvfj\wfpt.dll><N/A>
[Remote Packet Capture Protocol v.0 (experimental) / rpcapd][Stopped/Manual Start]
  <"C:\Program Files\WinPcap\rpcapd.exe" -d -f "C:\Program Files\WinPcap\rpcapd.ini"><N/A>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
  <"C:\PROGRAM FILES\RISING\RAV\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[Network Services Manager / service][Running/Auto Start]
  <C:\WINDOWS\System32\svst.exe><N/A>
[system / system][Stopped/Auto Start]
  <C:\WINDOWS\G_Server1.23.exe><N/A>
[ClipManage / WIDETS][Running/Auto Start]
  <C:\WINDOWS\SYSTEM32\RUNDLL2KXP.EXE C:\WINDOWS\SYSTEM32\WBEM\LWVTR.DLL,Export 1087><Microsoft Corporation>
[Windows Accounts Driver / WindowsConnections][Stopped/Auto Start]
  <C:\WINDOWS\System32\mnai.exe><N/A>
[Windows_VASTA / Windows_VASTA][Stopped/Auto Start]
  <C:\Program Files\Common Files\Microsoft Shared\MSINFO\rejoice51.exe><N/A>
[Wserver / Wserver][Stopped/Auto Start]
  <C:\WINDOWS\System32\Wservers.exe><N/A>

==================================
驱动程序
[ADProt / ADProt][Stopped/System Start]
  <\SystemRoot\system32\drivers\ADProt.sys><腾讯科技（深圳）有限公司>
[akyetq7 / akyetq77][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\akyetq77.sys><Microsoft Corporation>
[Service for WDM 3D Audio Driver / ALCXSENS][Running/Manual Start]
  <system32\drivers\ALCXSENS.SYS><Sensaura Ltd>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[cqxi / cqxii][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\cqxii.sys><N/A>
[eqghda1 / eqghda14][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\eqghda14.sys><Microsoft Corporation>
[exhssis / exhssis][Running/Boot Start]
  <\SystemRoot\system32\drivers\exhssis.sys><>
[ExpScaner / ExpScaner][Running/Auto Start]
  <\??\C:\Program Files\rising\Rav\ExpScan.sys><>
[fdlwqw4 / fdlwqw44][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\fdlwqw44.sys><N/A>
[FXDRV / FXDRV][Stopped/Manual Start]
  <\??\H:\Fxdrv.sys><N/A>
[ghrnkv32 / ghrnkv32][Stopped/Boot Start]
  <\SystemRoot\system32\\drivers\\system32\\drivers\\%s.sys.sys><N/A>
[GMSIPCI / GMSIPCI][Stopped/Manual Start]
  <\??\H:\INSTALL\GMSIPCI.SYS><N/A>
[hfjdbada / hfjdbada][Running/Boot Start]
  <\SystemRoot\system32\drivers\hfjdbada.sys><中国互联网络信息中心(CNNIC)>
[HOOKAPI / HOOKAPI][Stopped/Manual Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\HOOKAPI.SYS><瑞星软件有限公司>
[HookCont / HookCont][Running/Auto Start]
  <\??\C:\Program Files\rising\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
  <\??\C:\Program Files\rising\Rav\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\HookSys.sys><Rising>
[lgaswe0 / lgaswe03][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\lgaswe03.sys><N/A>
[lgcjkw74 / lgcjkw74][Stopped/Manual Start]
  <\??\C:\WINDOWS\System32\drivers\lgcjkw74.sys><N/A>
[MEMSCAN / MEMSCAN][Running/Auto Start]
  <\??\C:\Program Files\rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[New0 / New0][Running/Auto Start]
  <\??\C:\WINDOWS\System32\new.sys><N/A>
[NetGroup Packet Filter Driver / NPF][Stopped/Manual Start]
  <system32\drivers\npf.sys><NetGroup - Politecnico di Torino>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[npkcusb / npkcusb][Running/Auto Start]
  <\??\C:\Program Files\Tencent\QQ\npkcusb.sys><INCA Internet Co., Ltd.>
[npkycryp / npkycryp][Stopped/Manual Start]
  <\??\C:\Program Files\Tencent\QQ\npkycryp.sys><N/A>
[nv / nv][Running/Manual Start]
  <System32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[nvwrsfy / nvwrsfy][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\nvwrsfy.sys><Microsoft Corporation>
[owrfhm7 / owrfhm77][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\owrfhm77.sys><Microsoft Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
  <\SystemRoot\System32\drivers\RsBoot.sys><Beijing Rising>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\System32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
  <\??\C:\Program Files\rising\Rav\RSPPSYS.sys><Rising>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
  <System32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <System32\DRIVERS\secdrv.sys><N/A>
[wocify4 / wocify48][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\wocify48.sys><Microsoft Corporation>
[xdbobh5 / xdbobh59][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\xdbobh59.sys><N/A>

浏览器加载项
[Thunder Browser Helper]
  {00000000-12C8-4305-82F9-43058F20E8D2} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[QQCycloneHelper Class]
  {00000000-12C9-4305-82F9-43058F20E8D2} <C:\Program Files\Tencent\QQDownload\QQIEHelper01.dll, 腾讯公司>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx, >
[Tencent Browser Helper]
  {0C7C23EF-A848-485B-873C-0ED954731014} <C:\Program Files\TENCENT\Adplus\SSAddr.dll, N/A>
[IeHelper Class]
  {0D42E1BD-09DD-4873-A826-9C7E793EB7B6} <C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DSIeHelper.dll, Thunder Networking Technologies,LTD>
[BAid Class]
  {27346420-A622-49DA-BCAB-E35E5AAB2715} <C:\WINDOWS\system32\chkntfs.DLL, N/A>
[Jpeg Class]
  {4970DA77-DB06-4EB9-AAB5-77AF0CC77310} <C:\WINDOWS\System32\c517.dll, N/A>
[腾讯QQ]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <C:\WINDOWS\QQIEHelper.dll, N/A>
[]
  {669751ED-D558-49AE-B01A-3B374CC7910E} <C:\WINDOWS\System32\ssup.dll, TENCENT>
[Windows Live Sign-in Helper]
  {9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[]
  {C74CDF30-68C2-49B4-9918-EBD66B8D9FBF} <C:\WINDOWS\system32\semuwppvmmfdi.dll, N/A>
[ieshow Class]
  {CE7C3CF0-4B15-11D1-ABED-709549C15050} <C:\WINDOWS\ieshow\ieshow.dll, ieshow.cn, Inc.>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[豪杰超级解霸V8]
  {367E0A21-8601-4986-9C9A-153BF5ACA118} <C:\Herosoft\HeroV8\STHSDVD.EXE, N/A>
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[Easy-WebPrint]
  {327C2873-E90D-4c37-AA9D-10AC9BABA46C} <C:\Program Files\Canon\Easy-WebPrint\Toolband.dll, >
[Tencent Safety Online Base Module]
  {C09B522F-8AED-4E21-A65C-DC1AB652BAEE} <C:\WINDOWS\DOWNLO~1\TSOBase.ocx, Tencent Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[CPasswordEditCtrl Object]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\System32\qqedit\qqedit.dll, 腾讯科技（深圳）有限公司>
[&使用超级旋风下载]
  <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
[&使用超级旋风下载全部链接]
  <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
[Easy-WebPrint打印]
  <res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html, N/A>
[Easy-WebPrint添加到打印列表]
  <res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html, N/A>
[Easy-WebPrint预览]
  <res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html, N/A>
[Easy-WebPrint高速打印]
  <res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html, N/A>
[上传到QQ网络硬盘]
  <C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\getallurl.htm, N/A>
[添加到QQ自定义面板]
  <C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>
[百度Flash搜索]
  <res://C:\WINDOWS\DOWNLO~1\BaiDuBar.dll/FLASHSEARCH.HTM, N/A>
[百度mp3搜索]
  <res://C:\WINDOWS\DOWNLO~1\BaiDuBar.dll/BAIDUMP3.HTM, N/A>
[百度信息快递搜索]
  <res://C:\WINDOWS\DOWNLO~1\BaiDuBar.dll/BAIDUIE.HTM, N/A>
[百度图片搜索]
  <res://C:\WINDOWS\DOWNLO~1\BaiDuBar.dll/BAIDUIMG.HTM, N/A>
[百度搜索]
  <res://C:\WINDOWS\DOWNLO~1\BaiDuBar.dll/BAIDUSEARCH.HTM, N/A>
[百度新闻搜索]
  <res://C:\WINDOWS\DOWNLO~1\BaiDuBar.dll/BAIDUNEWS.HTM, N/A>
[豪杰超级解霸V8实时播放]
  <C:\Herosoft\HeroV8\MPURLGET.HTM, N/A>

==================================
正在运行的进程
[PID: 520][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 608][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1580][C:\Program Files\Rising\Rav\RsAgent.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 12]
    [C:\WINDOWS\win.DLL]  [N/A, ]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
[PID: 1616][C:\WINDOWS\msagent\AgentSvr.exe]  [Microsoft Corporation, 2.00.0.3422]
    [C:\WINDOWS\win.DLL]  [N/A, ]
[PID: 2132][C:\WINDOWS\System32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\win.DLL]  [N/A, ]
[PID: 2156][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\win.DLL]  [N/A, ]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 2, 17]
    [C:\Program Files\Tencent\QQDownload\QQIEHelper01.dll]  [腾讯公司, 1, 1, 0, 5]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.0.4]
    [C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx]  [, 1, 0, 0, 1]
    [C:\WINDOWS\QQIEHelper.dll]  [N/A, ]
    [C:\WINDOWS\System32\ssup.dll]  [TENCENT, 4, 4, 4, 41]
    [C:\WINDOWS\ieshow\ieshow.dll]  [ieshow.cn, Inc., 4, 0, 2, 111]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\System32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
[PID: 2184][C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe]  [Microsoft Corporation, 4.100.313.1]
    [C:\WINDOWS\win.DLL]  [N/A, ]
[PID: 3512][C:\Program Files\Thunder Network\Thunder\Program\Thunder5.exe]  [Thunder Networking Technologies,LTD, 5, 6, 1, 292]
    [C:\WINDOWS\win.DLL]  [N/A, ]
    [C:\Program Files\Thunder Network\Thunder\Program\TaskManager.dll]  [Thunder Networking Technologies,LTD, 1, 1, 0, 20]
    [C:\Program Files\Thunder Network\Thunder\Program\download_interface.dll]  [Thunder Networking Technologies,LTD, 2, 14, 2, 77]
    [C:\Program Files\Thunder Network\Thunder\Program\stlport_vc646.dll]  [STLport Consulting, Inc., 4.6.2003.1031]
    [C:\Program Files\Thunder Network\Thunder\Program\asyn_dns.dll]  [Thunder Networking Technologies,LTD, 2, 14, 2, 77]
    [C:\Program Files\Thunder Network\Thunder\Program\BHOStub.dll]  [Thunder Networking Technologies,LTD, 1, 1, 0, 8]
    [C:\Program Files\Thunder Network\Thunder\Components\DownAndPlay\DownAndPlay.dll]  [, 1, 0, 0, 2]
    [C:\Program Files\Thunder Network\Thunder\Program\iTargetAD.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 26]
    [C:\WINDOWS\System32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [C:\Program Files\Thunder Network\Thunder\Components\InMedia\iEmbedShell.dll]  [　, 1, 0, 0, 17]
    [C:\Program Files\Thunder Network\Thunder\Components\Community\XLCommunity.dll]  [Thunder Networking Technologies,LTD, 1, 0, 6, 26]
    [C:\Program Files\Thunder Network\Thunder\Program\LiveUpdate.dll]  [Thunder Networking Technologies,LTD, 1, 1, 1, 20]
    [C:\Program Files\Thunder Network\Thunder\Components\Search\XLSearch.dll]  [Thunder Networking Technologies,LTD, 1, 1, 1, 10]
    [C:\Program Files\Thunder Network\Thunder\Components\P4PClient\P4PClient.dll]  [Thunder Networking Technologies,LTD, 2, 2, 1, 46]
    [C:\Program Files\Thunder Network\Thunder\Components\DiagnoseHelper\DiagnoseHelper.dll]  [Thunder Networking Technologies,LTD, 1, 1, 1, 16]
    [C:\Program Files\Thunder Network\Thunder\Components\ExplorerHelper\ExplorerHelper.dll]  [Thunder Networking Technologies,LTD, 1, 0, 4, 15]
    [C:\Program Files\Thunder Network\Thunder\Components\Tips\TipsClient.dll]  [Thunder Networking Technologies,LTD, 2, 1, 3, 58]
    [C:\Program Files\Thunder Network\Thunder\Components\VPSHELL\VPSHELL.dll]  [XunLei, 1, 2, 0, 8]
    [C:\Program Files\Thunder Network\Thunder\Components\UserExperience\UserExperience.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 1]
    [C:\Program Files\Thunder Network\Thunder\Components\InMedia\iEmbed09.dll]  [　, 3, 3, 0, 80]
    [C:\Program Files\Thunder Network\Thunder\Program\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 2, 13, 2, 61]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\Thunder Network\Thunder\Plugins\BhoAdv\bho_adv.dll]  [深圳市迅雷网络技术有限公司, 1.0.1.0]
    [C:\Program Files\Thunder Network\Thunder\Components\VPSHELL\VideoPicture.dll]  [XunLei, 1, 2, 0, 9]
[PID: 4020][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, ]
    [C:\WINDOWS\win.DLL]  [N/A, ]
[PID: 4040][C:\DOCUME~1\Fly\LOCALS~1\Temp\Rar$EX00.593\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]
    [C:\WINDOWS\win.DLL]  [N/A, ]
    [C:\DOCUME~1\Fly\LOCALS~1\Temp\Rar$EX00.593\Plugins\NWMON.SRE]  [Smallfrogs Studio, 1, 0, 0, 8]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
[C:\]
[AutoRun]
OPEN=RECYCLER\ziixs.exe
shellexecute=RECYCLER\ziixs.exe
shell\Auto\command=RECYCLER\ziixs.exe
[system]
ver=1.1
zid=5000

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
API HOOK
入口点错误：NtQuerySystemInformation (危险等级: 高,  被下面模块所HOOK: C:\WINDOWS\win.DLL)
入口点错误：NtTerminateProcess (危险等级: 高,  被下面模块所HOOK: C:\WINDOWS\win.DLL)
入口点错误：ZwTerminateProcess (危险等级: 高,  被下面模块所HOOK: C:\WINDOWS\win.DLL)

==================================
隐藏进程
    [1192] C:\WINDOWS\System32\calc.exe
    [1904] C:\WINDOWS\spcvl.exe

stup.exe><C:\PROGRA~1\TENCENT\Adplus\stup.exe> [Tencent]
<InternetEx><C:\WINDOWS\system\1.exe> [N/A]
<msccrt><C:\WINDOWS\msccrt.exe> [N/A]
<tjgekij><C:\Program Files\xerox\tjgekij.exe> []
<runner1><C:\WINDOWS\retadpu20.exe 61A847B5BBF72810328B2B27128065E9C084320161C4661227A755E9C2933154389A> [N/A]
<SPLORE><C:\Program Files\Internet Explorer\SPLOVE.exe> []
wocify48><%systemroot%\system32\Rundll32.exe %systemroot%\system32\wocify48.dll,DllUnregisterServer> []
<owrfhm77><%systemroot%\system32\Rundll32.exe %systemroot%\system32\owrfhm77.dll,DllUnregisterServer> []
<akyetq77><%systemroot%\system32\Rundll32.exe %systemroot%\system32\akyetq77.dll,DllUnregisterServer
<AppInit_DLLs><C:\WINDOWS\system32\Manager.dll> []
<{31F612A3-3223-3313-3123-31161A31A125}><C:\WINDOWS\System32\godpri.dll> []
<WinlogonNotify: rpcc><C:\WINDOWS\System32\rpcc.dll> [N/A]

[2BC31F81 / 2BC31F81][Stopped/Auto Start]
<C:\WINDOWS\System32\87BD6.EXE -d><N/A>
Fast Client / fast][Stopped/Auto Start]
<C:\WINDOWS\System32\3b3a.exe><N/A>

[Net Log / NetLog][Stopped/Auto Start]
<C:\WINDOWS\system32\netlog.exe><N/A>
[Remote Packet Capture Protocol v.0 (experimental) / rpcapd][Stopped/Manual Start]
<"C:\Program Files\WinPcap\rpcapd.exe" -d -f "C:\Program Files\WinPcap\rpcapd.ini"><N/A>
system / system][Stopped/Auto Start]
<C:\WINDOWS\G_Server1.23.exe><N/A>
[New0 / New0][Running/Auto Start]
<\??\C:\WINDOWS\System32\new.sys><N/A>
kkdj3sdf3 / kkdj3sdf3][Stopped/Auto Start]
<C:\WINDOWS\System32\kkdj3sdf3.exe -j><N/A>
[npkycryp / npkycryp][Stopped/Manual Start]
<\??\C:\Program Files\Tencent\QQ\npkycryp.sys><N/A>

[C:\WINDOWS\win.DLL] [N/A, ]
[C:\WINDOWS\QQIEHelper.dll] [N/A, ]

【回复“木马将军”的帖子
大哥能否说明白些，我看不懂噢

【回复“木马将军”的帖子
大哥能否说明白些，我看不懂噢

删除注册表项启动项驱动项服务项目删除文件项!!!

【回复“木马将军”的帖子】
那不是全部都删除吗？

【回复“木马将军”的帖子】
大哥的意思是不是对照你的提示把这些文件删除就行了，对吗？