启动后，瑞星先报杀毒"Trojan.PSW.OnlineGames.aas" ，然后自动退出。手动可重新运行瑞星。请高手指点如何解决。先谢啦！部分日记如下：
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    <PcSync><D:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog>  [Time Information Services Ltd.]
    <fbi1ijz060><C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winlog0n.exe>  [N/A]
    <g3c7i2><C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Servere.exe>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <333><C:\Syswm1i\svchost.exe>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <ATIPTA><C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe>  [ATI Technologies, Inc.]
    <SoundMan><SOUNDMAN.EXE>  [(Verified)Realtek Semiconductor Corp.]
    <LiveMonitor><C:\Program Files\MSI\Live Update 3\LMonitor.exe>  [N/A]
    <IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [(Verified)Microsoft Corporation]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <runeip><C:\Program Files\Rising\AntiSpyware\runiep.exe>  [Beijing Rising Technology Co., Ltd.]
    <iTunesHelper><"D:\Program Files\iTunes\iTunesHelper.exe">  [Apple Computer, Inc.]
    <QuickTime Task><"C:\Program Files\QuickTime\qttask.exe" -atboottime>  [Apple Computer, Inc.]
    <PCSuiteTrayApplication><D:\PROGRA~2\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup>  [Nokia]
    <Adobe Photo Downloader><"C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe">  [Adobe Systems Incorporated]
    <msccrt><C:\WINDOWS\msccrt.exe>  [N/A]
    <upxdnd><C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\upxdnd.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\windows\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]

==================================
启动文件夹
[CoreCenter]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\CoreCenter.lnk --> C:\PROGRA~1\MSI\CORECE~1\CORECE~1.EXE []><N>
[SecureDoc]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\SecureDoc.lnk --> C:\PROGRA~1\MSI\SECURE~1\Logon.exe [msi]><N>

==================================
服务
[870E82C0 / 870E82C0]
  <C:\WINDOWS\system32\870E82C0.EXE -service><Microsoft Corporation>
[ASP.NET State Service / aspnet_state]
  <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[Ati HotKey Poller / Ati HotKey Poller]
  <C:\WINDOWS\system32\Ati2evxx.exe><N/A>
[ATI Smart / ATI Smart]
  <C:\WINDOWS\system32\ati2sgag.exe><>
[InstallDriver Table Manager / IDriverT]
  <"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation>
[iPodService / iPodService]
  <C:\Program Files\iPod\bin\iPodService.exe><Apple Computer, Inc.>
[Rising Proxy  Service / RfwProxySrv]
  <c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
  <c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon]
  <"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[ServiceLayer / ServiceLayer]
  <"C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe"><Nokia.>

我耶中了这个呢，敬请高手不吝赐教啊

【回复“帮帮我谢谢你”的帖子】
ding到高手来

刚才又杀出个“Trojan.Spy.Agent.cxt”

日志不全。

在安全模式下：
用SREng在“启动项目”-“注册表”中删除以下项目：
<fbi1ijz060><C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winlog0n.exe> [N/A]
<g3c7i2><C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Servere.exe> [N/A]
<333><C:\Syswm1i\svchost.exe> [N/A]
<msccrt><C:\WINDOWS\msccrt.exe> [N/A]
<upxdnd><C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\upxdnd.exe> [N/A]

用SREng在“启动项目”-“服务”-“Win32服务应用程序”中点“隐藏经认证的微软项目”，选中以下项目，点“删除服务”，再点“设置”，在弹出的框中点“否”：
[870E82C0 / 870E82C0]
<C:\WINDOWS\system32\870E82C0.EXE -service><Microsoft Corporation>

重启后删除以上项目的对应文件。

另外回复你的悄悄话：我明天也要上课呀，所以我今晚的睡眠时间已经严重不足了