系统里一直有个706545.exe，自启动项里也有，怎么删都删不掉，瑞星正版的杀不了，进系统把文件删了，开机后还是自动生成，现在怎么办？？救命啊

附：hijackthis下载地址 http://forum.ikaka.com/topic.asp?board=28&artid=8105899  扫出全部日志

扫描完，然后该干吗

HijackThis_815汉化版扫描日志 V1.99.1
保存于      23:24:28, 日期 2006-10-5
操作系统：  Windows XP SP2 (WinNT 5.01.2600)
浏览器：    Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程：         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
D:\应用软件\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
D:\应用软件\Rising\Rav\Ravmond.exe
d:\应用软件\rising\rfw\rfwsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
D:\应用软件\Rising\Rav\RavStub.exe
d:\应用软件\rising\rfw\RfwMain.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\应用软件\Rising\Rav\RavTask.exe
D:\应用软件\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\nvsvc32.exe
D:\游戏娱乐\Tencent\QQ\QQ.exe
D:\游戏娱乐\Tencent\QQ\TIMPlatform.exe
C:\WINDOWS\system32\wuauclt.exe
F:\Hijackthis1991zww\HijackThis1991zww.exe
D:\应用软件\Tencent\TT\TTraveler.exe

O3 - IE工具栏增项: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\kakatool.dll
O4 - 启动项HKLM\\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - 启动项HKLM\\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - 启动项HKLM\\Run: [RfwMain] "D:\应用软件\Rising\Rfw\rfwmain.exe" -Startup
O4 - 启动项HKLM\\Run: [RavTask] "D:\应用软件\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [PCSuiteTrayApplication] D:\应用软件\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - 启动项HKLM\\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - 启动项HKLM\\Run: [VVSN] C:\Program Files\VVSN\VVSN.exe
O4 - 启动项HKLM\\RunOnce: [RavStub] "D:\应用软件\Rising\Rav\ravstub.exe" /RUNONCE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {74447F9C-5691-4A9A-8BE4-564092E40B03} (VnetAnprIns Class) - http://plugin.vnet.cn/VnetPluginIns.CAB
O16 - DPF: {C661F36D-DF85-4EF4-83C7-E107B83D04B1} (WebActivater Control) - http://dl_dir.qq.com/3dshow/3DShowVM.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9F8D18C5-B471-4F2B-A7ED-8A0E2E6303BA}: NameServer = 218.85.157.99 202.101.107.98
O23 - NT 服务: NBService - Nero AG - D:\应用软件\Nero 7\Nero BackItUp\NBService.exe
O23 - NT 服务: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - NT 服务: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - d:\应用软件\rising\rfw\rfwproxy.exe
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - d:\应用软件\rising\rfw\rfwsrv.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - D:\应用软件\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\应用软件\Rising\Rav\Ravmond.exe
O23 - NT 服务: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe

我刚有在任务管理器的进程里把706545.exe给结束掉

自启动里没看到这个啊

请到http://www.kztechs.com/sreng/sreng2.zip 下载System Repair Engineer 导出全部日志

2006-10-05,23:45:28

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [Microsoft Corporation]
    <BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}><"C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe">  [Nero AG]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [NVIDIA Corporation]
    <BluetoothAuthenticationAgent><rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent>  [Microsoft Corporation]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <RfwMain><"D:\应用软件\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <RavTask><"D:\应用软件\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <PCSuiteTrayApplication><D:\应用软件\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup>  [Nokia]
    <NeroFilterCheck><C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe>  [Nero AG]
    <VVSN><C:\Program Files\VVSN\VVSN.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <RavStub><"D:\应用软件\Rising\Rav\ravstub.exe" /RUNONCE>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]

不让我发了，怎么办

==================================
启动文件夹
N/A

==================================
服务
[Alerter / Alerter]
  <C:\WINDOWS\system32\svchost.exe -k LocalService-->%SystemRoot%\system32\alrsvc.dll><Microsoft Corporation>
[Application Layer Gateway Service / ALG]
  <C:\WINDOWS\System32\alg.exe><Microsoft Corporation>
[Application Management / AppMgmt]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><Microsoft Corporation>
[Windows Audio / AudioSrv]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\audiosrv.dll><Microsoft Corporation>
[Background Intelligent Transfer Service / BITS]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\qmgr.dll><Microsoft Corporation>
[Computer Browser / Browser]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\browser.dll><Microsoft Corporation>
[Bluetooth Support Service / BthServ]
  <C:\WINDOWS\system32\svchost.exe -k bthsvcs-->%SystemRoot%\System32\bthserv.dll><Microsoft Corporation>
[Indexing Service / CiSvc]
  <C:\WINDOWS\system32\cisvc.exe><Microsoft Corporation>
[ClipBook / ClipSrv]
  <C:\WINDOWS\system32\clipsrv.exe><Microsoft Corporation>
[COM+ System Application / COMSysApp]
  <C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}><Microsoft Corporation>
[Cryptographic Services / CryptSvc]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\cryptsvc.dll><Microsoft Corporation>
[DCOM Server Process Launcher / DcomLaunch]
  <C:\WINDOWS\system32\svchost -k DcomLaunch-->%SystemRoot%\system32\rpcss.dll><Microsoft Corporation>
[DHCP Client / Dhcp]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\dhcpcsvc.dll><Microsoft Corporation>
[Logical Disk Manager Administrative Service / dmadmin]
  <C:\WINDOWS\System32\dmadmin.exe /com><Microsoft Corp., Veritas Software>
[Logical Disk Manager / dmserver]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\dmserver.dll><Microsoft Corp.>
[DNS Client / Dnscache]
  <C:\WINDOWS\system32\svchost.exe -k NetworkService-->%SystemRoot%\System32\dnsrslvr.dll><Microsoft Corporation>
[Error Reporting Service / ERSvc]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\ersvc.dll><Microsoft Corporation>
[Event Log / Eventlog]
  <C:\WINDOWS\system32\services.exe><Microsoft Corporation>
[COM+ Event System / EventSystem]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\es.dll><Microsoft Corporation>
[Fast User Switching Compatibility / FastUserSwitchingCompatibility]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\shsvcs.dll><Microsoft Corporation>
[Help and Support / helpsvc]

<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><Microsoft Corporation>
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[HTTP SSL / HTTPFilter]
  <C:\WINDOWS\System32\svchost.exe -k HTTPFilter-->%SystemRoot%\System32\w3ssl.dll><Microsoft Corporation>
[IMAPI CD-Burning COM Service / ImapiService]
  <C:\WINDOWS\system32\imapi.exe><Microsoft Corporation>
[Server / lanmanserver]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\srvsvc.dll><Microsoft Corporation>
[Workstation / lanmanworkstation]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\wkssvc.dll><Microsoft Corporation>
[TCP/IP NetBIOS Helper / LmHosts]
  <C:\WINDOWS\system32\svchost.exe -k LocalService-->%SystemRoot%\System32\lmhsvc.dll><Microsoft Corporation>
[Messenger / Messenger]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\msgsvc.dll><Microsoft Corporation>
[NetMeeting Remote Desktop Sharing / mnmsrvc]
  <C:\WINDOWS\system32\mnmsrvc.exe><Microsoft Corporation>
[Distributed Transaction Coordinator / MSDTC]
  <C:\WINDOWS\system32\msdtc.exe><Microsoft Corporation>
[Windows Installer / MSIServer]
  <C:\WINDOWS\system32\msiexec.exe /V><Microsoft Corporation>
[NBService / NBService]
  <D:\应用软件\Nero 7\Nero BackItUp\NBService.exe><Nero AG>
[Network DDE / NetDDE]
  <C:\WINDOWS\system32\netdde.exe><Microsoft Corporation>
[Network DDE DSDM / NetDDEdsdm]
  <C:\WINDOWS\system32\netdde.exe><Microsoft Corporation>
[Net Logon / Netlogon]
  <C:\WINDOWS\system32\lsass.exe><Microsoft Corporation>
[Network Connections / Netman]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\netman.dll><Microsoft Corporation>
[Network Location Awareness (NLA) / Nla]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\mswsock.dll><Microsoft Corporation>
[NT LM Security Support Provider / NtLmSsp]
  <C:\WINDOWS\system32\lsass.exe><Microsoft Corporation>
[Removable Storage / NtmsSvc]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\system32\ntmssvc.dll><Microsoft Corporation>
[NVIDIA Display Driver Service / NVSvc]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Plug and Play / PlugPlay]
  <C:\WINDOWS\system32\services.exe><Microsoft Corporation>
[IPSEC Services / PolicyAgent]
  <C:\WINDOWS\system32\lsass.exe><Microsoft Corporation>
[Protected Storage / ProtectedStorage]
  <C:\WINDOWS\system32\lsass.exe><Microsoft Corporation>
[Remote Access Auto Connection Manager / RasAuto]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\rasauto.dll><Microsoft Corporation>
[Remote Access Connection Manager / RasMan]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\rasmans.dll><Microsoft Corporation>
[Remote Desktop Help Session Manager / RDSessMgr]
  <C:\WINDOWS\system32\sessmgr.exe><Microsoft Corporation>
[Routing and Remote Access / RemoteAccess]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\mprdim.dll><Microsoft Corporation>
[Remote Registry / RemoteRegistry]
  <C:\WINDOWS\system32\svchost.exe -k LocalService-->%SystemRoot%\system32\regsvc.dll><Microsoft Corporation>
[Rising Proxy  Service / RfwProxySrv]
  <d:\应用软件\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
  <d:\应用软件\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Remote Procedure Call (RPC) Locator / RpcLocator]
  <C:\WINDOWS\system32\locator.exe><Microsoft Corporation>
[Remote Procedure Call (RPC) / RpcSs]
  <C:\WINDOWS\system32\svchost -k rpcss-->%SystemRoot%\system32\rpcss.dll><Microsoft Corporation>
[Rising Process Communication Center / RsCCenter]
  <"D:\应用软件\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"D:\应用软件\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[QoS RSVP / RSVP]
  <C:\WINDOWS\system32\rsvp.exe><Microsoft Corporation>
[Security Accounts Manager / SamSs]
  <C:\WINDOWS\system32\lsass.exe><Microsoft Corporation>
[Smart Card / SCardSvr]
  <C:\WINDOWS\System32\SCardSvr.exe><Microsoft Corporation>
[Task Scheduler / Schedule]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\system32\schedsvc.dll><Microsoft Corporation>
[Secondary Logon / seclogon]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\seclogon.dll><Microsoft Corporation>
[System Event Notification / SENS]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\system32\sens.dll><Microsoft Corporation>
[ServiceLayer / ServiceLayer]
  <"C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe"><Nokia.>
[Windows Firewall/Internet Connection Sharing (ICS) / SharedAccess]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\ipnathlp.dll><Microsoft Corporation>
[Shell Hardware Detection / ShellHWDetection]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\shsvcs.dll><Microsoft Corporation>
[Print Spooler / Spooler]
  <C:\WINDOWS\system32\spoolsv.exe><Microsoft Corporation>
[System Restore Service / srservice]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\srsvc.dll><Microsoft Corporation>
[SSDP Discovery Service / SSDPSRV]
  <C:\WINDOWS\system32\svchost.exe -k LocalService-->%SystemRoot%\System32\ssdpsrv.dll><Microsoft Corporation>
[Windows Image Acquisition (WIA) / stisvc]
  <C:\WINDOWS\system32\svchost.exe -k imgsvc-->%SystemRoot%\system32\wiaservc.dll><Microsoft Corporation>
[MS Software Shadow Copy Provider / SwPrv]
  <C:\WINDOWS\system32\dllhost.exe /Processid:{BE9D868E-DFC5-467A-B38E-9DF50E39C961}><Microsoft Corporation>
[Performance Logs and Alerts / SysmonLog]
  <C:\WINDOWS\system32\smlogsvc.exe><Microsoft Corporation>
[Telephony / TapiSrv]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\tapisrv.dll><Microsoft Corporation>
[Terminal Services / TermService]
  <C:\WINDOWS\System32\svchost -k DComLaunch-->%SystemRoot%\System32\termsrv.dll><Microsoft Corporation>
[Themes / Themes]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\shsvcs.dll><Microsoft Corporation>
[Telnet / TlntSvr]
  <C:\WINDOWS\system32\tlntsvr.exe><Microsoft Corporation>
[Distributed Link Tracking Client / TrkWks]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\system32\trkwks.dll><Microsoft Corporation>
[Windows User Mode Driver Framework / UMWdf]
  <C:\WINDOWS\system32\wdfmgr.exe><Microsoft Corporation>
[Universal Plug and Play Device Host / upnphost]
  <C:\WINDOWS\system32\svchost.exe -k LocalService-->%SystemRoot%\System32\upnphost.dll><Microsoft Corporation>
[Uninterruptible Power Supply / UPS]
  <C:\WINDOWS\System32\ups.exe><Microsoft Corporation>
[Volume Shadow Copy / VSS]
  <C:\WINDOWS\System32\vssvc.exe><Microsoft Corporation>
[Windows Time / W32Time]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\w32time.dll><Microsoft Corporation>
[WebClient / WebClient]
  <C:\WINDOWS\system32\svchost.exe -k LocalService-->%SystemRoot%\System32\webclnt.dll><Microsoft Corporation>
[Windows Management Instrumentation / winmgmt]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\system32\wbem\WMIsvc.dll><Microsoft Corporation>
[Windows Media Connect Service / WMConnectCDS]
  <C:\Program Files\Windows Media Connect 2\wmccds.exe><Microsoft Corporation>
[Portable Media Serial Number Service / WmdmPmSN]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\MsPMSNSv.dll><Microsoft Corporation>
[Windows Management Instrumentation Driver Extensions / Wmi]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\advapi32.dll><Microsoft Corporation>
[WMI Performance Adapter / WmiApSrv]
  <C:\WINDOWS\system32\wbem\wmiapsrv.exe><Microsoft Corporation>