今天电脑中了流氓软件，而且还有什么后门的病毒，瑞星杀不掉，启动后老是在进程里出现网站名字的进程， 有次还出现WINLOGON。EXE的进程 站用大量CPU而且内存使用上是不断增加，请问如何删除，谢谢 


注册表

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
(ctfmon.exe)(C:\WINDOWS\System32\ctfmon.exe) [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
(load)() []
(run)() []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
(IMJPMIG8.1)("C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32) [Microsoft Corporation]
(PHIME2002ASync)(C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC) [Microsoft Corporation]
(PHIME2002A)(C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName) [Microsoft Corporation]
(Cmaudio)(RunDll32 cmicnfg.cpl,CMICtrlWnd) []
(ATIPTA)(C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe) [ATI Technologies, Inc.]
(TkBellExe)("C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot) [RealNetworks, Inc.]
(RfwMain)("C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup) [Beijing Rising Technology Co., Ltd.]
(RavTask)("D:\Program Files\Rising\Rav\RavTask.exe" -system) [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
(RavStub)("D:\Program Files\Rising\Rav\ravstub.exe" /RUNONCE) [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
(Alexa)(C:\WINDOWS\System32\qproecss.exe) [Microsoft Corporation]
(Ver)(2006.07.20) []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
(shell)(Explorer.exe) [Microsoft Corporation]
(Userinit)(C:\WINDOWS\System32\userinit.exe,) [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
(AppInit_DLLs)() []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
(UIHost)(logonui.exe) [Microsoft Corporation]




--------------------------------------------------------------------------------



启动文件夹

[Microsoft Office]
(C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Microsoft Office.lnk)(N)



--------------------------------------------------------------------------------



服务

[Ati HotKey Poller / Ati HotKey Poller]
(C:\WINDOWS\System32\Ati2evxx.exe)(N/A)
[ATI Smart / ATI Smart]
(C:\WINDOWS\system32\ati2sgag.exe)()
[Macromedia Licensing Service / Macromedia Licensing Service]
("C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe")(N/A)
[Rising Proxy Service / RfwProxySrv]
(c:\program files\rising\rfw\rfwproxy.exe)(Beijing Rising Technology Co., Ltd.)
[Rising Personal Firewall Service / RfwService]
(c:\program files\rising\rfw\rfwsrv.exe)(Beijing Rising Technology Co., Ltd.)
[Remote Packet Capture Protocol v.0 (experimental) / rpcapd]
("C:\Program Files\WinPcap\rpcapd.exe" -d -f "C:\Program Files\WinPcap\rpcapd.ini")(N/A)
[Rising Process Communication Center / RsCCenter]
("D:\Program Files\Rising\Rav\CCenter.exe")(Beijing Rising Technology Co., Ltd.)
[RsRavMon Service / RsRavMon]
("D:\Program Files\Rising\Rav\Ravmond.exe")(Beijing Rising Technology Co., Ltd.)
[TlMPLatform.exe / TlMPLatform.exe ]
(C:\Program Files\tencent\qqnet.exe)(N/A)



--------------------------------------------------------------------------------
浏览器加载项

[MyIEHelper Class]
{16B770A0-0E87-4278-B748-2460D64A8386} (C:\Documents and Settings\All Users\Application Data\Microsoft\UserData\IEHelper_5059.dll, Microsoft Corporation)
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} (D:\C盘\QQ2003III丐丐版\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司)
[CdnForIE Class]
{5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} (C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC)
[conimehlp Class]
{B10343BD-1DC6-442F-9BA2-D44C708CEE83} (C:\WINDOWS\System32\mskey32.dll, Microsoft)
[解霸]
{367E0A21-8601-4986-9C9A-153BF5ACA118} (C:\HEROSOFT\Hero3000\MPLAYER.EXE, N/A)
[CdnForIE Class]
{5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} (C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC)
[网页特效制作专家 ]
{8DE0FCD4-5EB5-11D3-AD25-00002100131a} (F:\特效软件\网页特效专家\, N/A)
[屏幕取色*]
{8DE0FCD4-5EB5-11D3-AD25-00002100131c} (F:\特效软件\网页特效专家, N/A)
[海浪视窗主页 ]
{8DE0FCD4-5EB5-11D3-AD25-00002100131e} (F:\特效软件\网页特效专家\syste, N/A)
[@shdoclc.dll,-866]
{c95fe080-8f5d-11d2-a20b-00aa003c157a} (, N/A)
[FlashGet]
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} (C:\PROGRA~1\FlashGet\flashget.exe, Amaze Soft)
[QQIEFloatBarCfgCmd Class]
{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} (D:\C盘\QQ2003III丐丐版\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司)
[电台(&R)]
{8E718888-423F-11D2-876E-00A0C9082467} (C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation)
[FlashGet Bar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} (C:\PROGRA~1\FlashGet\fgiebar.dll, Amaze Soft)
[InfosecCertInstall Class]
{0EB487C8-E9AC-43A6-8C4C-083999B0622F} (C:\WINDOWS\Downloaded Program Files\certInStall.dll, )
[]
{39EA2F6F-3F50-4F58-9C63-4B3D53B0926E} (C:\WINDOWS\eg_auth_1049.dll, N/A)
[CEditCtrl Object]
{488A4255-3236-44B3-8F27-FA1AECAA8844} (C:\WINDOWS\System32\aliedit\AliEdit.dll, www.alipay.com)
[AxInputControl Class]
{73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (C:\WINDOWS\DOWNLO~1\INPUTC~1.DLL, )
[]
{8B3B8135-9DAA-40E7-8941-962795F9C1CB} (C:\WINDOWS\System32\syswbsvc32.dll, N/A)
[AxSubmitControl Class]
{8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} (C:\WINDOWS\DOWNLO~1\SUBMIT~1.DLL, )
[MeChatU Class]
{BE9D5F13-40C1-44CA-9950-B9211E4B60DD} (C:\WINDOWS\Downloaded Program Files\MeChatUser.dll, )
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} (C:\WINDOWS\System32\Macromed\Flash\Flash8.ocx, Macromedia, Inc.)
[AxUSBKey Class]
{DA215190-98B2-47DE-AE24-DA95481DFFBA} (C:\WINDOWS\DOWNLO~1\USBKey.dll, )
[CPasswordEditCtrl Object]
{E787FD25-8D7C-4693-AE67-9406BC6E22DF} (C:\WINDOWS\System32\qqedit\qqedit.dll, 腾讯科技（深圳）有限公司)
[使用网际快车下载]
(C:\PROGRA~1\FlashGet\jc_link.htm, N/A)
[使用网际快车下载全部链接]
(C:\PROGRA~1\FlashGet\jc_all.htm, N/A)
[访问通用网址]
(C:\Program Files\CNNIC\Cdn\cnnic.htm, N/A)



--------------------------------------------------------------------------------

正在运行的进程

[PID: 484][\SystemRoot\System32\smss.exe] (Microsoft Corporation)(5.1.2600.1106 (xpsp1.020828-1920))
[PID: 548][\??\C:\WINDOWS\system32\csrss.exe] (Microsoft Corporation)(5.1.2600.0 (xpclient.010817-1148))
[PID: 572][\??\C:\WINDOWS\system32\winlogon.exe] (Microsoft Corporation)(5.1.2600.1106 (xpsp1.020828-1920))
[PID: 616][C:\WINDOWS\system32\services.exe] (Microsoft Corporation)(5.1.2600.0 (xpclient.010817-1148))
[PID: 628][C:\WINDOWS\system32\lsass.exe] (Microsoft Corporation)(5.1.2600.1106 (xpsp1.020828-1920))
[PID: 784][C:\WINDOWS\System32\Ati2evxx.exe] (N/A)(N/A)
[PID: 812][C:\WINDOWS\system32\svchost.exe] (Microsoft Corporation)(5.1.2600.0 (xpclient.010817-1148))
[PID: 900][D:\Program Files\Rising\Rav\CCenter.exe] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 3)
[PID: 916][C:\WINDOWS\System32\svchost.exe] (Microsoft Corporation)(5.1.2600.0 (xpclient.010817-1148))
[PID: 1068][C:\WINDOWS\System32\svchost.exe] (Microsoft Corporation)(5.1.2600.0 (xpclient.010817-1148))
[PID: 1148][D:\Program Files\Rising\Rav\Ravmond.exe] (Beijing Rising Technology Co., Ltd.)(18, 0, 1, 35)
[D:\Program Files\Rising\Rav\BWList.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 19)
[D:\Program Files\Rising\Rav\RsCommX.dll] (rising)(18, 0, 0, 1)
[D:\Program Files\Rising\Rav\RSAPPMGR.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 2)
[D:\Program Files\Rising\Rav\CfgDll.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 11)
[D:\Program Files\Rising\Rav\RSCOMMON.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[D:\Program Files\Rising\Rav\RsLog.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 20)
[D:\Program Files\Rising\Rav\HOOKSYS.dll] (Beijing Rising Technology Co., Ltd.)(18, 1, 0, 11)
[D:\Program Files\Rising\Rav\Scanner.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 32)
[D:\Program Files\Rising\Rav\libload.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 10)
[D:\Program Files\Rising\Rav\VirusLib.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 12)
[D:\Program Files\Rising\Rav\regmon.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 6)
[D:\Program Files\Rising\Rav\HookWeb.dll] (rising)(18, 0, 0, 2)
[D:\Program Files\Rising\Rav\MemMon.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 10)
[D:\Program Files\Rising\Rav\expscan.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[D:\Program Files\Rising\Rav\mPorts.dll] (Beijing Rising Technology Co., Ltd.)(4, 0, 0, 3)
[D:\Program Files\Rising\Rav\MailMon.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 5)
[D:\Program Files\Rising\Rav\SpamEng.dll] (N/A)(18, 0, 0, 6)
[D:\Program Files\Rising\Rav\engine.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 34)
[D:\Program Files\Rising\Rav\UnExe.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 11)
[D:\Program Files\Rising\Rav\PostTrt.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 16)
[D:\Program Files\Rising\Rav\ScanExec.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 11)
[D:\Program Files\Rising\Rav\ScanEx.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 27)
[D:\Program Files\Rising\Rav\RSUnpack.dll] (Beijing Rising Technology Co., Ltd.)(1, 0, 0, 17)
[D:\Program Files\Rising\Rav\NvFile.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 7)
[D:\Program Files\Rising\Rav\ScanMac.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 10)
[D:\Program Files\Rising\Rav\ScanSct.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 19)
[D:\Program Files\Rising\Rav\Unpacker.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 5)
[D:\Program Files\Rising\Rav\RsStore.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 6)
[PID: 1252][C:\WINDOWS\Explorer.EXE] (Microsoft Corporation)(6.00.2800.1221 (xpsp2.030511-1403))
[C:\PROGRA~1\WMATOM~1\w2m.dll] (All Your Software)(1.1)
[PID: 1352][c:\program files\rising\rfw\rfwsrv.exe] (Beijing Rising Technology Co., Ltd.)(4, 0, 0, 33)
[c:\program files\rising\rfw\RfwRule.dll] (Beijing Rising Technology Co., Ltd.)(4, 0, 0, 13)
[c:\program files\rising\rfw\rfwlog.dll] (Beijing Rising Technology Co., Ltd.)(4, 0, 0, 6)
[c:\program files\rising\rfw\Rfwdrv.dll] (Beijing Rising Technology Co., Ltd.)(4, 0, 0, 21)
[c:\program files\rising\rfw\MonDrv.dll] (rs)(1, 0, 0, 4)
[c:\program files\rising\rfw\ProcLib.dll] (Beijing Rising Technology Co., Ltd.)(4, 0, 0, 9)
[PID: 1656][D:\Program Files\Rising\Rav\RavStub.exe] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 16)
[D:\Program Files\Rising\Rav\RsCommX.dll] (rising)(18, 0, 0, 1)
[D:\Program Files\Rising\Rav\RSCOMMON.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[PID: 1732][c:\program files\rising\rfw\RfwMain.exe] (Beijing Rising Technology Co., Ltd.)(4, 0, 0, 52)
[c:\program files\rising\rfw\RsGuiLib.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 23)
[c:\program files\rising\rfw\RSCOMMON.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[c:\program files\rising\rfw\PngDll.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 5)
[PID: 1772][C:\WINDOWS\System32\conime.exe] (Microsoft Corporation)(5.1.2600.1106 (xpsp1.020828-1920))
[PID: 1796][C:\WINDOWS\System32\svchost.exe] (Microsoft Corporation)(5.1.2600.0 (xpclient.010817-1148))
[PID: 1940][C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe] (ATI Technologies, Inc.)(6.14.10.5062)
[C:\Program Files\ATI Technologies\ATI Control Panel\atipdsxx.dll] (ATI Technologies, Inc.)(6.14.10.5062)
[C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATRPUIXX.CHS] (ATI Technologies, Inc.)(6.14.10.5062)
[C:\Program Files\ATI Technologies\ATI Control Panel\atipdxxx.dll] (ATI Technologies, Inc.)(6.14.10.5062)
[PID: 1976][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] (RealNetworks, Inc.)(0.1.0.1622)
[PID: 2028][D:\Program Files\Rising\Rav\RavTask.exe] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 22)
[D:\Program Files\Rising\Rav\RSCOMMON.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[D:\Program Files\Rising\Rav\RSAPPMGR.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 2)
[D:\Program Files\Rising\Rav\CfgDll.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 11)
[D:\Program Files\Rising\Rav\RsCommX.dll] (rising)(18, 0, 0, 1)
[PID: 128][D:\Program Files\Rising\Rav\Ravmon.exe] (Beijing Rising Technology Co., Ltd.)(18, 0, 1, 33)
[D:\Program Files\Rising\Rav\RsGuiLib.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 26)
[D:\Program Files\Rising\Rav\BWList.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 19)
[D:\Program Files\Rising\Rav\RSAPPMGR.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 2)
[D:\Program Files\Rising\Rav\CfgDll.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 11)
[D:\Program Files\Rising\Rav\RSCOMMON.DLL] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[D:\Program Files\Rising\Rav\RsCommX.dll] (rising)(18, 0, 0, 1)
[D:\Program Files\Rising\Rav\PngDll.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 5)
[PID: 148][C:\WINDOWS\System32\ctfmon.exe] (Microsoft Corporation)(5.1.2600.1106 (xpsp1.020828-1920))
[PID: 360][C:\sreng2\SREng2\SREng.exe] (Smallfrogs Studio)(2.0.21.505)
[PID: 388][C:\WINDOWS\System32\alg.exe] (Microsoft Corporation)(5.1.2600.1106 (xpsp1.020828-1920))
[PID: 460][C:\WINDOWS\System32\svchost.exe] (Microsoft Corporation)(5.1.2600.0 (xpclient.010817-1148))
[PID: 940][C:\Program Files\Internet Explorer\IEXPLORE.EXE] (Microsoft Corporation)(6.00.2800.1106 (xpsp1.020828-1920))
[PID: 1960][C:\Program Files\Internet Explorer\IEXPLORE.EXE] (Microsoft Corporation)(6.00.2800.1106 (xpsp1.020828-1920))
[D:\C盘\QQ2003III丐丐版\QQ\QQIEHelper.dll] (深圳市腾讯计算机系统有限公司)(1, 1, 0, 5)
[D:\Program Files\Rising\Rav\RavScrCh.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[C:\WINDOWS\System32\Macromed\Flash\Flash8.ocx] (Macromedia, Inc.)(8,0,22,0)
[PID: 2124][C:\WINDOWS\System32\taskmgr.exe] (Microsoft Corporation)(5.1.2600.1106 (xpsp1.020828-1920))
[PID: 2640][C:\WINDOWS\system32\spoolsv.exe] (Microsoft Corporation)(5.1.2600.0 (XPClient.010817-1148))
[PID: 2816][C:\Program Files\Internet Explorer\IEXPLORE.EXE] (Microsoft Corporation)(6.00.2800.1106 (xpsp1.020828-1920))
[D:\C盘\QQ2003III丐丐版\QQ\QQIEHelper.dll] (深圳市腾讯计算机系统有限公司)(1, 1, 0, 5)
[D:\Program Files\Rising\Rav\RavScrCh.dll] (Beijing Rising Technology Co., Ltd.)(18, 0, 0, 4)
[C:\WINDOWS\System32\Macromed\Flash\Flash8.ocx] (Macromedia, Inc.)(8,0,22,0)
[C:\DOCUME~1\Jackie.Jo\LOCALS~1\Temp\go1.com] (N/A)(N/A)
[PID: 1568][C:\WINDOWS\System32\0.exe] (N/A)(N/A)
[PID: 404][C:\WINDOWS\win\vipdown.exe] (N/A)(N/A)
[PID: 2624][C:\Program Files\CNNIC\Cdn\cdnup.exe] ()(2, 4, 0, 6)
[C:\Program Files\CNNIC\Cdn\cdnforie.dll] (CNNIC)(2, 0, 0, 2)

Dropper.Agent.dvn Backdoor.Delf.vsk Backdoor.Delf.vsk
瑞星扫描结果显示的这3个病毒

帮忙啊