尝试过去添加/删除程序里面修复瑞星，修复好了后能开启，不过过几秒钟又关掉所有监控了，且无法再启动
将瑞星升级到紧新版本（18.46.02) ,还是不可以
之前中过pagefile病毒，请问有关系吗？
我现在执行.exe文件会自动新生成同名加~的.exe文件，但是.exe的关联是对的，
.exe=exefile

请到http://forum.ikaka.com/topic.asp?board=67&artid=5188931
6楼下载HijackThis
下载后运行HijackThis.rar,再运行HijackThis.exe
单击＂扫描日志并保存日志＂
把保存的日志复制粘贴上来． 日志一次粘不完，分次粘完，请不要修改.

日志如下：
Logfile of HijackThis v1.99.1
Scan saved at 19:36:33, on 2006-9-25
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
d:\program files\rising\rfw\rfwsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
d:\program files\rising\rfw\RfwMain.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Permeo\Security Driver\EBIcon.exe
C:\Program Files\PowerPanel\Program\PcfMgr.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
D:\Program Files\Huawei-3Com\H3C Client\H3C Client.exe
D:\Program Files\Huawei-3Com\H3C Client\AuthenMngService.exe
D:\工具\TTPlayer\TTPlayer~.exe
C:\WINDOWS\system32\conime.exe
C:\WINDOWS\system32\CCenter~.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\Rundll32.exe
D:\Program Files\Maxthon\Maxthon~.exe
C:\WINDOWS\system32\rundll32.exe
D:\Program Files\Rising\Rav\RAVTASK.EXE
D:\Program Files\Rising\Rav\RAVMON.EXE
D:\Program Files\Maxthon\WinRAR~.exe
C:\DOCUME~1\DDWei\LOCALS~1\Temp\Rar$EX02.290\HijackThis.exe

R3 - URLSearchHook: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1

\Assist\yasbar.dll (file missing)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: raObject Class - {46F194EB-B7DB-4B7A-BD42-5FF39FD17664} - C:\PROGRA~1\pcast\hbcast.dll
O2 - BHO: CdnForIE Class - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll
O2 - BHO: Vision - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\mmsass~1.dll (file missing)
O2 - BHO: 超级兔子上网精灵 - {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} - D:\Program Files\Super

Rabbit\MagicSet\haokanbar.dll
O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - D:\Program Files\Thunder

Network\Thunder\ComDlls\XunLeiBHO_002.dll
O2 - BHO: IEHlprObj Class - {D424FE4E-CAF9-4fdd-BC5F-E6E6B91D53BF} - C:\Progra~1\NetMeeting\conf.dll (file missing)
O3 - Toolbar: (no name) - {0A00D11E-B1E7-44b5-AD88-C9190876AAC4} - (no file)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: 一搜工具条 - {115F6E46-FCBC-41ed-B3B5-3BDDD4AAB5E5} - C:\Program Files\yisou\yisou.dll (file missing)
O3 - Toolbar: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll

(file missing)
O3 - Toolbar: NB46 - {56E88004-7AF8-474C-BB30-76E0B7B2B003} - C:\PROGRA~1\nb46.com\NB46TO~1.DLL
O3 - Toolbar: 超级兔子上网精灵 - {43869BB3-22FD-4F15-9B46-238106BA2F4E} - D:\Program Files\Super

Rabbit\MagicSet\haokanbar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] ; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [RfwMain] ;
O4 - HKLM\..\Run: [DAEMON Tools] "D:\工具\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [KernelFaultCheck] ; %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [RavTask] "D:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [Apoint] ; C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ATICCC] ;
O4 - HKLM\..\Run: [ATIModeChange] ; Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] ;
O4 - HKLM\..\Run: [BHDCRegC] ; C:\WINDOWS\system32\BHDCRegC.exe
O4 - HKLM\..\Run: [e-Border Credential] ;
O4 - HKLM\..\Run: [ezShieldProtector for Px] ; C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [IESAddr] ; Null
O4 - HKLM\..\Run: [MiniPcast] ;
O4 - HKLM\..\Run: [MoveSearch] ;
O4 - HKLM\..\Run: [MsnQun] ;
O4 - HKLM\..\Run: [NetpasAcc] ; D:\工具\联宇益通\Netpas Acc\Netpas_Acc.exe
O4 - HKLM\..\Run: [PHIME2002A] ; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PHIME2002ASync] ; C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [RavTimer] ;
O4 - HKLM\..\Run: [SearchNet_Up] ;
O4 - HKLM\..\Run: [SoundMam] ; C:\WINDOWS\system32\SVOHOST.exe
O4 - HKLM\..\Run: [spoolsv] ;
O4 - HKLM\..\Run: [TkBellExe] ; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Update] ;
O4 - HKLM\..\Run: [WebThunder] ; C:\Program Files\Thunder Network\WebThunder\WebThunder.exe
O4 - HKLM\..\Run: [WheelMouse] ;
O4 - HKLM\..\Run: [WINTASK] ; taskgmr.exe
O4 - HKLM\..\Run: [wxsn3wv7] ; RunDll32 "C:\WINDOWS\Downlo~1\kd6bbdp.dll",Run
O4 - HKLM\..\Run: [YLive.exe] ; C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
O4 - HKLM\..\Run: [YOKAssiant] ; Rundll32.exe C:\PROGRA~1\YOK.com\SUPERS~1\YOK_SuperSearch.dll,YOKAssiant
O4 - HKLM\..\Run: [RichMedia] C:\WINDOWS\system32\Rundll32.exe  "C:\PROGRA~1\pcast\hbcast.dll",WaitWindows
O4 - HKLM\..\Run: [KAVPersonal50] "D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe"

/minimize
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] ; "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] ;
O4 - Global Startup: Permeo Security Driver Startup.lnk = D:\Program Files\Permeo\Security Driver\EBIcon.exe
O4 - Global Startup: PowerPanel.lnk = ?
O8 - Extra context menu item: !搜一搜 - res://C:\Program Files\yisou\yisou.dll/232
O8 - Extra context menu item: &使用迅雷下载 - D:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - D:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\Program Files\Tencent\qq\AddToNetDisk.htm
O8 - Extra context menu item: 使用网际快车下载 - D:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - D:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\Program Files\Tencent\qq\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\Program Files\Tencent\qq\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\Program Files\Tencent\qq\SendMMS.htm
O9 - Extra button: 启动迅雷 - {0062C9BD-B349-40DE-91A0-755F37ACD559} - D:\Program Files\Thunder

Network\Thunder\Thunder.exe
O9 - Extra 'Tools' menuitem: 启动迅雷 - {0062C9BD-B349-40DE-91A0-755F37ACD559} - D:\Program Files\Thunder

Network\Thunder\Thunder.exe
O9 - Extra button: 中文上网 - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll
O9 - Extra 'Tools' menuitem: 中文上网 - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Program Files\Tencent\qq\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Program Files\Tencent\qq\QQ.EXE
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\Program Files\Tencent\QQ\QQIEHelper.dll

(file missing)
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\Program

Files\Tencent\QQ\QQIEHelper.dll (file missing)
O10 - Unknown file in Winsock LSP: d:\program files\permeo\security driver\s5spi.dll
O10 - Unknown file in Winsock LSP: d:\program files\permeo\security driver\s5spi.dll
O10 - Unknown file in Winsock LSP: d:\program files\permeo\security driver\s5spi.dll
O10 - Unknown file in Winsock LSP: d:\program files\permeo\security driver\s5spi.dll
O10 - Unknown file in Winsock LSP: d:\program files\permeo\security driver\s5spi.dll
O10 - Unknown file in Winsock LSP: d:\program files\permeo\security driver\s5spi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\quartz32.dll
O11 - Options group: [!CNS]  网络实名
O11 - Options group: [CDNCLIENT]  中文上网
O14 - IERESET.INF: START_PAGE_URL=http://vaio-online.sony.com/cn/
O15 - Trusted Zone: http://www.icbc.com.cn
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -

http://www.5jia1.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (Rising Web Scan Object) -

http://download.rising.com.cn/register/pcver/autoupgradepad/pcver2006new/OL2006.cab
O16 - DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} -

http://pcaststatic.mop.com/dn/files/pCastCtl_1.0.0.71_20050929.cab
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: huawei-3com EAD appendix service (H3C_EAD_APX_SVR) - Unknown owner - D:\Program Files\Huawei-3Com\H3C

Client\eadApxSvr.exe
O23 - Service: huawei-3com protocol authentication service manage center (H3C_SVR_MNG_SERVICE) - Unknown owner -

D:\Program Files\Huawei-3Com\H3C Client\AuthenMngService.exe
O23 - Service: kavsvc - Kaspersky Lab - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe
O23 - Service: Rising Proxy  Service (RfwProxySrv) - Unknown owner - d:\program files\rising\rfw\rfwproxy.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - d:\program

files\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - D:\Program

Files\Rising\Rav\CCenter.exe
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\Program

Files\rising\Rav\Ravmond.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: TTT - Unknown owner - D:\dos\tools\冰枫文件防火墙\r_server\r_server.exe

修复R3  F2
O2 - BHO: Vision - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\mmsass~1.dll (file missing)
O2 - BHO: IEHlprObj Class - {D424FE4E-CAF9-4fdd-BC5F-E6E6B91D53BF} - C:\Progra~1\NetMeeting\conf.dll (file missing)
O3 - Toolbar: (no name) - {0A00D11E-B1E7-44b5-AD88-C9190876AAC4} - (no file)
O3 - Toolbar: 一搜工具条 - {115F6E46-FCBC-41ed-B3B5-3BDDD4AAB5E5} - C:\Program Files\yisou\yisou.dll (file missing)

修复O4项中所有你不用的和无效项
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\Program Files\Tencent\QQ\QQIEHelper.dll
file missing

O10 - Unknown file in Winsock LSP: d:\program files\permeo\security driver\s5spi.dll
O10 - Unknown file in Winsock LSP: d:\program files\permeo\security driver\s5spi.dll
O10 - Unknown file in Winsock LSP: d:\program files\permeo\security driver\s5spi.dll
O10 - Unknown file in Winsock LSP: d:\program files\permeo\security driver\s5spi.dll
O10 - Unknown file in Winsock LSP: d:\program files\permeo\security driver\s5spi.dll
O10 - Unknown file in Winsock LSP: d:\program files\permeo\security driver\s5spi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\quartz32.dll
在http://forum.ikaka.com/topic.asp?board=67&artid=5188931
8楼下载lspfix修复
修复后不能上网
到2楼下载winsockfix.exe修复

O23 - Service: TTT - Unknown owner - D:\dos\tools\冰枫文件防火墙\r_server\r_server.exe

如果你不保证其安全性的话，建议干掉
同样对待除RISING，Ati，drivers外的其他你不熟悉的所有O23项

感谢楼上的朋友，不过双击.exe文件自动生成同名加~.exe的问题任然没有解决，听说卡巴能查出所有原.exe文件都被感染了，不过刚下了个卡巴装上系统就起不来了，只好安全模式卸之。。。好像有别的朋友也遇到这问题，哪位有解决方法啊？

你的问题并不简单，如果你会重装系统，建议你不要修复了。

光驱坏了一年多了。。。。。。

又一台被摧残的机器...