升级2007后发现这个病毒,监控中心发现的,手动扫描没发现.删了还有,而且监控中心也从又下角退掉了,能不能帮帮我呀.

谢谢了!

(急急.....)

2006-12-08,16:50:07

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)NVIDIA Corporation]
    <Thunder><"d:\Program Files\Thunder Network\Thunder\ThunderShell.exe" /s>  [Thunder Networking Technologies,LTD]
    <NvMediaCenter><RunDLL32.exe NvMCTray.dll,NvTaskbarInit>  [(Verified)NVIDIA Corporation]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <only23><C:\WINDOWS\SCVHOST.exe>  [N/A]
    <HF_GameClient><e:\Program Files\浩方对战平台\gameclient.exe>  [上海浩方在线信息技术有限公司]
    <sys><C:\WINDOWS\Intel\rundll32.exe>  [N/A]
    <r><C:\WINDOWS\down\rundll32.exe>  [N/A]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <mhs2><C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\smss.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <RavStub><"C:\Program Files\Rising\Rav\ravstub.exe" /RUNONCE>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\Userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
    <{1A404685-7563-4d02-B0F6-58B308A406A9}><c:\program files\rising\rav\qhlrmxon.dll>  [N/A]
    <{06A48AD9-FF57-4E73-937B-B493E72F4226}><C:\Program Files\Common Files\Microsoft Shared\MSINFO\WinInfo.rxk>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <ExFilter><; Rundll32.exe C:\WINDOWS\system32\hookdll.dll,ExecFilter solo>  []
    <NvCplDaemon><; RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)NVIDIA Corporation]
    <NvMediaCenter><; RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)NVIDIA Corporation]
    <nwiz><; nwiz.exe /install>  [N/A]
    <SoundMan><; SOUNDMAN.EXE>  [Realtek Semiconductor Corp.]
    <StormCodec_Helper><; "d:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  [N/A]
    <Thunder><; "d:\Program Files\Thunder Network\Thunder\ThunderShell.exe" /s>  [Thunder Networking Technologies,LTD]
    <TkBellExe><; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]

C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp到安全模式下清空
C:\WINDOWS\system32 wincab.sys到安全模式下删除,不行,下载冰刃删除
http://free.ys168.com/?j7700074

先谢谢了