D:\下载总合\RSDETECT.EXE
C:\WINDOWS\SYSTEM32\NTDLL.DLL
C:\WINDOWS\SYSTEM32\KERNEL32.DLL
C:\WINDOWS\SYSTEM32\USER32.DLL
C:\WINDOWS\SYSTEM32\GDI32.DLL
C:\WINDOWS\SYSTEM32\COMDLG32.DLL
C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
C:\WINDOWS\SYSTEM32\RPCRT4.DLL
C:\WINDOWS\SYSTEM32\SECUR32.DLL
C:\WINDOWS\SYSTEM32\COMCTL32.DLL
C:\WINDOWS\SYSTEM32\SHELL32.DLL
C:\WINDOWS\SYSTEM32\MSVCRT.DLL
C:\WINDOWS\SYSTEM32\SHLWAPI.DLL
C:\WINDOWS\SYSTEM32\WINSPOOL.DRV
C:\WINDOWS\SYSTEM32\IMM32.DLL
C:\WINDOWS\SYSTEM32\LPK.DLL
C:\WINDOWS\SYSTEM32\USP10.DLL
C:\WINDOWS\SYSTEM32\KMON.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\COMX3.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\SYSLAY.DLL
C:\WINDOWS\SYSTEM32\WTSAPI32.DLL
C:\WINDOWS\SYSTEM32\WINSTA.DLL
C:\WINDOWS\SYSTEM32\NETAPI32.DLL
C:\WINDOWS\SYSTEM32\URLMON.DLL
C:\WINDOWS\SYSTEM32\OLE32.DLL
C:\WINDOWS\SYSTEM32\VERSION.DLL
C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL
C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL
C:\WINDOWS\SYSTEM32\UXTHEME.DLL
C:\WINDOWS\SYSTEM32\SFC.DLL
C:\WINDOWS\SYSTEM32\SFC_OS.DLL
C:\WINDOWS\SYSTEM32\WINTRUST.DLL
C:\WINDOWS\SYSTEM32\CRYPT32.DLL
C:\WINDOWS\SYSTEM32\MSASN1.DLL
C:\WINDOWS\SYSTEM32\IMAGEHLP.DLL
C:\WINDOWS\SYSTEM32\MSCTF.DLL
C:\WINDOWS\SYSTEM32\MSCTFIME.IME


普通自启动项
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
ctfmon.exe = C:\WINDOWS\SYSTEM32\CTFMON.EXE
ctfmon = CTFMON.EXE


系统文件关联

其它启动项
WIN.INI
无信息

SYSTEM.INI
SHELL = Explorer.exe
SCRNSAVE.EXE = C:\WINDOWS\System32\logon.scr


Winlogon 启动项
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

IE - BHO

Winsock SPI
MSAFD Tcpip [TCP/IP] = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD Tcpip [UDP/IP] = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD Tcpip [RAW/IP] = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
RSVP UDP Service Provider = C:\WINDOWS\SYSTEM32\RSVPSP.DLL
RSVP TCP Service Provider = C:\WINDOWS\SYSTEM32\RSVPSP.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{7EF12585-0B07-4020-84D7-6C93D5921E97}] SEQPACKET 3 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{7EF12585-0B07-4020-84D7-6C93D5921E97}] DATAGRAM 3 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{0D8DB205-4A3B-4194-AA48-AB8292A22B90}] SEQPACKET 0 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{0D8DB205-4A3B-4194-AA48-AB8292A22B90}] DATAGRAM 0 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{F6C60E97-F8D3-4E62-9FA2-A9D685B07D97}] SEQPACKET 1 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{F6C60E97-F8D3-4E62-9FA2-A9D685B07D97}] DATAGRAM 1 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{90284CC5-9E19-496E-A350-36F5EAF0B47E}] SEQPACKET 2 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{90284CC5-9E19-496E-A350-36F5EAF0B47E}] DATAGRAM 2 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{3C188551-D1C9-405A-8E6B-9200E03A057D}] SEQPACKET 4 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{3C188551-D1C9-405A-8E6B-9200E03A057D}] DATAGRAM 4 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{784E3E3D-C60D-47BE-8FCA-73ACE5BBBB2C}] SEQPACKET 5 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{784E3E3D-C60D-47BE-8FCA-73ACE5BBBB2C}] DATAGRAM 5 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL

自作自受。。。非得下外挂，一般外挂都用病毒，自己想办法吧。。。
（我的借口，我不太会看这个啦。。。。帮你顶下帖子）

未发现可疑文件，提示木马的路径能看到吗？最好不要用那个外挂了！

系统重装了！游戏号 还是被盗！

楼主系统重装后是只重装C盘还是把所有盘都格式化了? 如果只是重装C盘的话有可能病毒还在其他盘