天天都删除成功，可瑞星实时监控还天天发现这个病毒，谁能帮我消灭它呀
Trojan.Clicker.Agent.bam 删除成功 文件监控
C:\Program Files\Common Files\CPUSHcpush.dll.谢                                                                                                                                                                               
Logfile of HijackThis v1.99.1
Scan saved at 20:17:30, on 2007-3-6
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
D:\Rising\Rfw\rfwsrv.exe
C:\WINNT\system32\svchost.exe
D:\Rising\Rav\CCenter.exe
D:\Rising\Rav\Ravmond.exe
C:\WINNT\system32\svchost.exe
D:\Rising\Rav\RavStub.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\Explorer.EXE
D:\Rising\Rfw\RfwMain.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
D:\Rising\Rav\RavTask.exe
D:\Program Files\Rising\AntiSpyware\runiep.exe
D:\Rising\Rav\Ravmon.exe
D:\Program Files\Thunder Network\WebThunder\WebThunder.exe
C:\WINNT\system32\internat.exe
D:\Program Files\Zcom\ZComService.exe
D:\申银万国\jd\JD.EXE
D:\Program Files\mfzq_jqb\yyy.exe
D:\Program Files\mfzq_jqb\LiveUpdate.exe
D:\Program Files\mfzq_jqb\xiadan.exe
C:\WINNT\system32\calc.exe
D:\Program Files\Zcom\skin.dll
C:\Program Files\Maxthon\maxthon.exe
D:\Rising\Rav\RsAgent.exe
C:\WINNT\msagent\AgentSvr.exe
D:\setup\瑞星\HijackThis V1[1].99.1汉化版\HijackThis.exe

F2 - REG:system.ini: UserInit=C:\WINNT\system32\Userinit.exe
O2 - BHO: WebThunderBHO - {00000AAA-A363-466E-BEF5-9BB68697AA7F} - D:\Program Files\Thunder Network\WebThunder\WebThunderBHO_016.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Promote Class - {0FA24E3E-422C-4D94-A125-104F32352C90} - C:\WINNT\system32\promote.dll (file missing)
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - D:\Program Files\Tencent\QQ\QQIEHelper.dll
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}? - (no file)
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\FLASHGET\jccatch.dll
O3 - Toolbar: @msdxmLC.dll,-1@2052,电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINNT\system32\KakaTool.dll
O4 - HKLM\..\Run: [RfwMain] "D:\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [RavTask] "D:\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [runeip] D:\Program Files\Rising\AntiSpyware\runiep.exe
O4 - HKLM\..\Run: [WebThunder] D:\Program Files\Thunder Network\WebThunder\WebThunder.exe
O4 - HKLM\..\RunOnce: [CPushSetup] "C:\WINNT\system32\regsvr32.exe" /s "C:\Program Files\Common Files\CPUSH\cpush.dll"
O4 - HKLM\..\RunOnce: [uninsrest] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\uninrest.exe
O4 - HKLM\..\RunOnce: [KKDelay] D:\Program Files\Rising\AntiSpyware\RunOnce.exe
O4 - HKCU\..\Run: [Internat.exe] internat.exe
O4 - HKCU\..\Run: [xh2q61vl4s3w293] C:\WINNT\iexpl0ra.exe
O4 - Startup: Zcom 娱乐空间.lnk = D:\Program Files\Zcom\ZComService.exe
O8 - Extra context menu item: 使用Web迅雷下载 - D:\Program Files\Thunder Network\WebThunder\GetUrl.htm
O8 - Extra context menu item: 使用Web迅雷下载全部链接 - D:\Program Files\Thunder Network\WebThunder\GetAllUrl.htm
O8 - Extra context menu item: 使用网际快车下载 - D:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - D:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: (no name) - RsAutorunsDisabled - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501}? - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java 控制台 - {08B0E5C0-4FCB-11CF-AAA5-00401C608501}? - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: 启动Web迅雷 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - http://my.xunlei.com (file missing)
O9 - Extra 'Tools' menuitem: 启动Web迅雷 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - http://my.xunlei.com (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b}? - D:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b}? - D:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3}? - D:\PROGRA~1\FLASHGET\JETCAR.EXE
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3}? - D:\PROGRA~1\FLASHGET\JETCAR.EXE
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\Program Files\Tencent\QQ\QQIEHelper.dll
O16 - DPF: {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} (Edit Class) - https://www.sz1.cmbchina.com/download/CMBEdit.cab
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (CEditCtrl Object) - https://img.alipay.com/download/1009/aliedit.cab
O23 - Service: 5C351FD6 -  - (no file)
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - d:\rising\rfw\rfwproxy.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - D:\Rising\Rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - D:\Rising\Rav\CCenter.exe
O23 - Service: Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\Rising\Rav\Ravmond.exe

O4 - HKCU\..\Run: [xh2q61vl4s3w293] C:\WINNT\iexpl0ra.exe

这个有老大研究去了......

C:\WINNT\system32\internat.exe
看这个文件的大小是不是在几十KB.如果很大,就是病毒...删除后把WINDOWS下面那个放回来..