我的电脑中了劫持浏览器病毒，木马名字是cnwin class 但却删不了，高手指教下，一下是日志

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    <v763m><C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\iexpl0re.exe>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><C:\WINDOWS/system32/AUT0CHK.PIF>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <RTHDCPL><RTHDCPL.EXE>  [(Verified)Realtek Semiconductor Corp.]
    <SkyTel><SkyTel.EXE>  [(Verified)Realtek Semiconductor Corp.]
    <Alcmtr><ALCMTR.EXE>  [(Verified)Realtek Semiconductor Corp.]
    <ATICCC><"C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe">  [N/A]
    <APVXDWIN><"C:\Program Files\熊猫\熊猫钛金版2006 防病毒+防间谍软件\APVXDWIN.EXE" /s>  [Panda Software International]
    <P2P><C:\WINDOWS\system32\k11757100657.exe>  [N/A]
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  [N/A]
    <kav><"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe">  [Kaspersky Lab]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <whktqk73><%systemroot%\system32\Rundll32.exe %systemroot%\system32\whktqk73.dll,DllUnregisterServer>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [(Verified)Microsoft Corporation]
    <{B8A170A8-7AD3-4678-B2FE-F2D7381CC1B5}><C:\Program Files\Internet Explorer\Connection Wizard\isignup.sys>  [N/A]
    <{5D06580A-08EB-4DD0-8425-DDBB5198B30C}><C:\Program Files\Common Files\Microsoft Shared\MSInfo\IEINFO5.sys>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Corporation]
    <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Corporation]
    <WebCheck><C:\WINDOWS\system32\webcheck.dll>  [(Verified)Microsoft Corporation]
    <SysTray><C:\WINDOWS\system32\stobject.dll>  [(Verified)Microsoft Corporation]
    <WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avldr]
    <WinlogonNotify: avldr><avldr.dll>  [Panda Software]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
    <WinlogonNotify: klogon><C:\WINDOWS\system32\klogon.dll>  [Kaspersky Lab]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    <WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    <WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    <WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    <WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Corporation]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Corporation]

服务
[12AE44EB / 12AE44EB][Stopped/Auto Start]
  <C:\WINDOWS\system32\12AE44EB.EXE -service><Microsoft Corporation>
[1E6F840A / 1E6F840A][Stopped/Auto Start]
  <C:\WINDOWS\system32\1E6F840A.EXE -service><Microsoft Corporation>
[Alerter / Alerter][Stopped/Auto Start]
  <C:\WINDOWS\Alerter.exe><N/A>
[Ati HotKey Poller / Ati HotKey Poller][Stopped/Auto Start]
  <C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[ATI Smart / ATI Smart][Stopped/Auto Start]
  <C:\WINDOWS\system32\ati2sgag.exe><>
[AVP / AVP][Stopped/Auto Start]
  <"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe -r"><Kaspersky Lab>
[SysCkName / CkName][Stopped/Auto Start]
  <C:\Windows\system32\XDJPVBGLRWCH.EXE><N/A>
[COMMAND DLL32 / CMD_DLL32][Stopped/Auto Start]
  <C:\WINDOWS\system32\CMDLL32.EXE><N/A>
[Desk Logical Managre / Desk Managl][Stopped/Auto Start]
  <C:\Program Files\svchost.exe><N/A>
[Std ensd Service / ensd][Stopped/Auto Start]
  <C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\wfuv\jsei.dll,Service -s><Microsoft Corporation>
[FB6F518C / FB6F518C][Stopped/Auto Start]
  <C:\WINDOWS\system32\FB6F518C.EXE -service><Microsoft Corporation>
[Forceware Web Interface / ForcewareWebInterface][Stopped/Auto Start]
  <"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice><Apache Software Foundation>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[ForceWare IP service / nSvcIp][Stopped/Auto Start]
  <C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe><NVIDIA Corporation>
[ForceWare user log service / nSvcLog][Stopped/Auto Start]
  <C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe><NVIDIA Corporation>
[Panda Function Service / PAVFNSVR][Stopped/Auto Start]
  <"C:\Program Files\熊猫\熊猫钛金版2006 防病毒+防间谍软件\PavFnSvr.exe"><Panda Software>
[Panda Process Protection Service / PavPrSrv][Stopped/Auto Start]
  <"C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe"><Panda Software>
[Panda anti-virus service / PAVSRV][Stopped/Auto Start]
  <"C:\Program Files\熊猫\熊猫钛金版2006 防病毒+防间谍软件\pavsrv51.exe"><Panda Software>
[Panda Network Manager / PNMSRV][Stopped/Auto Start]
  <"c:\program files\熊猫\熊猫钛金版2006 防病毒+防间谍软件\firewall\PNMSRV.EXE"><Panda Software>
[Panda IManager Service / PSIMSVC][Stopped/Auto Start]
  <"C:\Program Files\熊猫\熊猫钛金版2006 防病毒+防间谍软件\PsImSvc.exe"><Panda Software Internacional>
[Network Engine / Relations][Stopped/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\asiwh.dll><Microsoft Corporation>
[Remote Procedure Call System(RPCS) / RpcS][Stopped/Auto Start]
  <C:\WINDOWS\system32\RpcS.exe><Microsoft Corporation>
[Security Accounts Manager　　  / SamSs　　　　　　　　　　　　][Stopped/Auto Start]
  <C:\Program Files\Common Files\RealPlayer\System Idle Process.exe><N/A>
[smService / smService][Stopped/Auto Start]
  <C:\WINDOWS\system32\smService.exe><N/A>
[TomDemoService / TomDemoService][Stopped/Auto Start]
  <C:\CONFIG.EXE><N/A>
[Panda TPSrv / TPSrv][Stopped/Auto Start]
  <"C:\Program Files\熊猫\熊猫钛金版2006 防病毒+防间谍软件\TPSrv.exe"><Panda Software>
[WinWLService / WinWLService][Stopped/Auto Start]
  <C:\WINDOWS\system32\RAVWL.EXE><N/A>
[Hackgui / 服务进程结束][Stopped/Auto Start]
  <C:\WINDOWS\FuyouGui.exe><N/A>

==================================
驱动程序
[AMD Processor Driver / AmdK8][Stopped/System Start]
  <system32\DRIVERS\AmdK8.sys><Advanced Micro Devices>
[App Filter Plugin / APPFLT][Stopped/System Start]
  <\??\C:\WINDOWS\system32\Drivers\APPFLT.SYS><Panda Software>
[ati2mtag / ati2mtag][Stopped/Manual Start]
  <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[Antivirus Filter Driver / AvFlt][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\av5flt.sys><N/A>
[Panda CPoint Driver / cpoint][Stopped/Auto Start]
  <system32\Drivers\cpoint.sys><Panda Software>
[DSA Filter Plugin / DSAFLT][Stopped/Auto Start]
  <\??\C:\WINDOWS\system32\Drivers\DSAFLT.SYS><Panda Software>
[NetMon Filter Plugin / FNETMON][Stopped/System Start]
  <\??\C:\WINDOWS\system32\Drivers\fnetmon.SYS><Panda Software>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[Ids Filter Plugin / IDSFLT][Stopped/Auto Start]
  <\??\C:\WINDOWS\system32\Drivers\IDSFLT.SYS><Panda Software>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Stopped/Manual Start]
  <system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[KLIF / KLIF][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>
[naqcoa / naqcoa][Running/Boot Start]
  <\SystemRoot\\SystemRoot\System32\drivers\naqcoa.sys><N/A>
[Panda Net Driver [NDIS Layer] / netflt][Running/Boot Start]
  <\SystemRoot\system32\Drivers\NETFLT.SYS><Panda Software>
[Panda Net Driver [TDI Layer] / NETFLTDI][Stopped/System Start]
  <\??\C:\WINDOWS\system32\Drivers\NETFLTDI.SYS><Panda Software>
[NVIDIA nForce Networking Controller Driver / NVENETFD][Stopped/Manual Start]
  <system32\DRIVERS\NVENETFD.sys><NVIDIA Corporation>
[NVIDIA Network Bus Enumerator / nvnetbus][Stopped/Manual Start]
  <system32\DRIVERS\nvnetbus.sys><NVIDIA Corporation>
[PAVDRV / PAVDRV][Stopped/Auto Start]
  <system32\DRIVERS\pavdrv51.sys><Panda Software>
[Panda Process Protection Driver / PavProc][Stopped/Auto Start]
  <\??\C:\WINDOWS\system32\DRIVERS\PavProc.sys><Panda Software>
[Direct Parallel Link Driver / Ptilink][Stopped/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[SMS Filter Plugin / SMSFLT][Stopped/Auto Start]
  <\??\C:\WINDOWS\system32\Drivers\SMSFLT.SYS><Panda Software>
[sutvkk1 / sutvkk15][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\sutvkk15.sys><N/A>
[whktqk7 / whktqk73][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\whktqk73.sys><N/A>
[Wifi Monitor Filter Plugin / WNMFLT][Stopped/Auto Start]
  <\??\C:\WINDOWS\system32\Drivers\WNMFLT.SYS><Panda Software>

浏览器加载项
[BaiduHlpr Class]
  {00C104F7-0F5C-470C-ABCF-A5B2E70752F1} <C:\WINDOWS\system32\baidu.dll, >
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx, >
[Flashget Catch Url Class]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <C:\PROGRA~1\FLASHGET\jccatch.dll, www.flashget.com>
[Info cache]
  {385AB8C6-FB22-4D17-8834-064E2BA0A6F0} <C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll, 金泰丰(广州)科技有限公司>
[]
  {B17D6D2C-30F8-4C63-9E01-4C2B199547AA} <C:\WINDOWS\system32\exqpuhfympadu.dll, N/A>
[IE6Image Class]
  {CD6C2ABD-F988-40CA-B834-74C3EF0F5B14} <C:\WINDOWS\system32\BR0WSEU1.DLL, TODO: <公司名>>
[CIOUAGMRXDJOUA]
  {DE75F9AC-C300-4496-9D3F-2582C909C008} <C:\WINDOWS\system32\YEIOUAFKQWAG.DLL, N/A>
[gFlash Class]
  {F156768E-81EF-470C-9057-481BA8380DBA} <C:\Program Files\FlashGet\getflash.dll, >
[Web反病毒保护]
  {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll, Kaspersky Lab>
[番茄花园]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.tomatolei.com, N/A>
[快车]
  {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\flashget.exe, FlashGet.com>
[CaiFuCOM Class]
  {C1F0024B-8278-4999-B7E6-2718426D9FE6} <C:\Program Files\财富通\caif.dll, N/A>
[番茄工具条 3.0]
  {6451F285-9E41-4D8C-813D-794CA7BFEAB4} <C:\WINDOWS\system32\IETool.dll, N/A>
[快车(FlashGet)]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\Program Files\FlashGet\fgiebar.dll, Amaze Soft>
[BaiduHlpr Class]
  {00C104F7-0F5C-470C-ABCF-A5B2E70752F1} <C:\WINDOWS\system32\baidu.dll, >
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx, >
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[Flashget Catch Url Class]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <C:\PROGRA~1\FLASHGET\jccatch.dll, www.flashget.com>
[Info cache]
  {385AB8C6-FB22-4D17-8834-064E2BA0A6F0} <C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll, 金泰丰(广州)科技有限公司>
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[番茄工具条 3.0]
  {6451F285-9E41-4D8C-813D-794CA7BFEAB4} <C:\WINDOWS\system32\IETool.dll, N/A>
[]
  {B17D6D2C-30F8-4C63-9E01-4C2B199547AA} <C:\WINDOWS\system32\exqpuhfympadu.dll, N/A>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[IE6Image Class]
  {CD6C2ABD-F988-40CA-B834-74C3EF0F5B14} <C:\WINDOWS\system32\BR0WSEU1.DLL, TODO: <公司名>>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[CIOUAGMRXDJOUA]
  {DE75F9AC-C300-4496-9D3F-2582C909C008} <C:\WINDOWS\system32\YEIOUAFKQWAG.DLL, N/A>
[快车(FlashGet)]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\Program Files\FlashGet\fgiebar.dll, Amaze Soft>
[gFlash Class]
  {F156768E-81EF-470C-9057-481BA8380DBA} <C:\Program Files\FlashGet\getflash.dll, >
[XML DOM Document]
  {F6D90F11-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\MSXML3.DLL, Microsoft Corporation>
[XML HTTP]
  {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\MSXML3.DLL, Microsoft Corporation>
[&使用快车(FlashGet)下载]
  <C:\PROGRA~1\FLASHGET\jc_link.htm, N/A>
[&使用快车(FlashGet)下载全部链接]
  <C:\PROGRA~1\FLASHGET\jc_all.htm, N/A>
[上传到QQ网络硬盘]
  <E:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[添加到QQ自定义面板]
  <E:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <E:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <E:\Program Files\Tencent\QQ\SendMMS.htm, N/A>

==================================
正在运行的进程
[PID: 148][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 204][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 228][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Ati2evxx.dll]  [ATI Technologies Inc., 6.14.10.4152]
    [C:\WINDOWS\system32\avldr.dll]  [Panda Software, 2, 0, 1840, 1]
    [C:\WINDOWS\system32\klogon.dll]  [Kaspersky Lab, 6.0.0.299]
[PID: 272][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 284][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 436][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 480][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\熊猫\熊猫钛金版2006 防病毒+防间谍软件\pavlsp.dll]  [Panda Software , 5, 9, 12, 46]
    [C:\Program Files\熊猫\熊猫钛金版2006 防病毒+防间谍软件\PavTrc.dll]  [Panda Software , 5, 8, 13, 16]
    [C:\Program Files\熊猫\熊猫钛金版2006 防病毒+防间谍软件\icl_cfg.dll]  [Panda Software , 5, 9, 16, 4]
[PID: 564][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 812][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Common Files\Microsoft Shared\MSInfo\IEINFO5.sys]  [N/A, N/A]
    [C:\Program Files\Internet Explorer\Connection Wizard\isignup.sys]  [N/A, N/A]
[PID: 1084][J:\SREng.EXE]  [Smallfrogs Studio, 2.3.13.690]
    [C:\Program Files\Internet Explorer\Connection Wizard\isignup.sys]  [N/A, N/A]
    [C:\Program Files\熊猫\熊猫钛金版2006 防病毒+防间谍软件\pavlsp.dll]  [Panda Software , 5, 9, 12, 46]
    [C:\Program Files\熊猫\熊猫钛金版2006 防病毒+防间谍软件\PavTrc.dll]  [Panda Software , 5, 8, 13, 16]
    [C:\Program Files\熊猫\熊猫钛金版2006 防病毒+防间谍软件\icl_cfg.dll]  [Panda Software , 5, 9, 16, 4]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  Error. [C:\PROGRA~1\熊猫\熊猫钛~1\PavScrip.exe "%1" %*]
.JS  Error. [C:\PROGRA~1\熊猫\熊猫钛~1\PavScrip.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
PAV_LAYERED over [MSAFD Tcpip [TCP/IP]]
    C:\Program Files\熊猫\熊猫钛金版2006 防病毒+防间谍软件\pavlsp.dll(Panda Software , pavlsp Dynamic Link Library)
PAV_LAYERED over [MSAFD Tcpip [UDP/IP]]
    C:\Program Files\熊猫\熊猫钛金版2006 防病毒+防间谍软件\pavlsp.dll(Panda Software , pavlsp Dynamic Link Library)
PAV_LAYERED over [MSAFD Tcpip [RAW/IP]]
    C:\Program Files\熊猫\熊猫钛金版2006 防病毒+防间谍软件\pavlsp.dll(Panda Software , pavlsp Dynamic Link Library)
PAV_LAYERED
    C:\Program Files\熊猫\熊猫钛金版2006 防病毒+防间谍软件\pavlsp.dll(Panda Software , pavlsp Dynamic Link Library)

==================================
Autorun.inf
[C:\]
[AutoRun]
open=rising.exe
shellexecute=rising.exe
shell\Auto\command=rising.exe
[D:\]
[AutoRun]
open=rising.exe
shellexecute=rising.exe
shell\Auto\command=rising.exe
[E:\]
[AutoRun]
open=rising.exe
shellexecute=rising.exe
shell\Auto\command=rising.exe

显示隐藏文件,然后删除各个盘里的autorun.inf和rising.exe重新启动即可!
删除文件
[C:\Program Files\Common Files\Microsoft Shared\MSInfo\IEINFO5.sys] [N/A, N/A]
[C:\Program Files\Internet Explorer\Connection Wizard\isignup.sys] [N/A, N/A]
[C:\Program Files\Internet Explorer\Connection Wizard\isignup.sys] [N/A, N/A]
<C:\Program Files\Common Files\RealPlayer\System Idle Process.exe><N/A>
删除文件及相关服务项。
[smService / smService][Stopped/Auto Start]
<C:\WINDOWS\system32\smService.exe><N/A>
[TomDemoService / TomDemoService][Stopped/Auto Start]
<C:\CONFIG.EXE><N/A>
[WinWLService / WinWLService][Stopped/Auto Start]
<C:\WINDOWS\system32\RAVWL.EXE><N/A>
[Hackgui / 服务进程结束][Stopped/Auto Start]
<C:\WINDOWS\FuyouGui.exe><N/A>