求助:TROJAN.dl.qqhelper.gen如何杀
请看我的杀毒记录:还有三种日志
2006-05-11,10:55:43

System Repair Engineer 2.0.12.350 (2.0 RC 1)
    Windows XP Professional Service Pack 2 - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  <MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background>
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <load><>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <StormCodec_Helper><"h:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <hbpassport><C:\PROGRA~1\HBCLIENT\hbast.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <Update><C:\Program Files\Common Files\UPDAT\Update.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <ExFilter><Rundll32.exe "C:\PROGRA~1\CNNIC\Cdn\cdnspie.dll,ExecFilter solo">
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <res><C:\WINDOWS\system32\res.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
  <DTService><rundll32.exe C:\DOCUME~1\ttt\LOCALS~1\Temp\RarSFX0\DTSERV~1.DLL,Load>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <shell><Explorer.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <Userinit><userinit.exe,>

==================================
启动文件夹
[Adobe Gamma Loader]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Gamma Loader.lnk><N>
[Microsoft Office]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Microsoft Office.lnk><N>
[Adobe Reader Speed Launch]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Reader Speed Launch.lnk><N>

==================================
服务
[C-DillaCdaC11BA / C-DillaCdaC11BA]
  <C:\WINDOWS\system32\drivers\CDAC11BA.EXE><Macrovision>
[Client / Client]
  <C:\WINDOWS\sysem .exe><N/A>
[System Event Logger / DATEING]
  <C:\WINDOWS\SYSTEM32\RUNDLL32.EXE C:\WINDOWS\SYSTEM32\WBEM\IRJIT.DLL,Export 1087><N/A>
[InstallDriver Table Manager / IDriverT]
  <"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation>
[Imageware 12 License Manager / Imageware 12 License Manager]
  <G:\EDS\bin\lmgrd.exe><GLOBEtrotter Software Inc.>
[Remote Solver for COSMOSFloWorks 2006 / Remote Solver for COSMOSFloWorks 2006]
  <><N/A>
[Rising Proxy  Service / RfwProxySrv]
  <d:\program files\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
  <d:\program files\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
  <C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[SolidWorks Licensing Service / SolidWorks Licensing Service]
  <"C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe"><SolidWorks>
[SolidWorks SolidNetWork License Manager / SolidWorks SolidNetWork License Manager]
  <C:\flexlm\SolidWorks SolidNetWork License Manager\lmgrd.exe><Macrovision Corporation>
[Unigraphics 许可证服务器（uglmd） / Unigraphics License Server (uglmd)]
  <"G:\Program Files\UGS\License Servers\UGNXFLEXlm\lmgrd.exe"><Macrovision Corporation>

==================================
浏览器加载项
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v4.dll, >
[QuickBtn]
  {1A199C20-DE2B-4838-AE3F-B5257ECE2B7E} <C:\Program Files\CoolWebsite\QuickLink.dll, Fengcent>
[DragSearch BHO]
  {62EED7C6-9F02-42f9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, N/A>
[MMSAssist BHO]
  {6671A431-5C3D-463d-A7CF-5587F9B7E191} <C:\PROGRA~1\MMSASS~1\MMSASS~1.DLL, N/A>
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <H:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft>
[BrowserHAP Class]
  {AEF6F648-78D8-4456-BEE7-5ADE23D209FD} <C:\PROGRA~1\HBClient\hapast.dll, N/A>
[百度超级搜霸]
  {B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\Program Files\Baidu\bar\BaiduBar.DLL, Baidu.com, Inc.>
[bho Class]
  {ED8DFC5C-10EF-45AB-9DC2-0639AFF5A270} <C:\PROGRA~1\COMMON~1\Wnwb\wnwbio.dll, N/A>
[NetAnts]
  {57E91B47-F40A-11D1-B792-444553540000} <H:\PROGRA~1\NETANTS\NetAnts.exe,  >
[MMSAssistMenu]
  {6671A433-5C3D-463d-A7CF-5587F9B7E191} <C:\PROGRA~1\MMSASS~1\MMSASS~1.DLL, N/A>
[FlashGet]
  {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <H:\PROGRA~1\FLASHGET\flashget.exe, Amaze Soft>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <H:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[百度超级搜霸]
  {B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\Program Files\Baidu\bar\BaiduBar.DLL, Baidu.com, Inc.>
[CyberArticle Express]
  {769A6A36-ED24-4376-BC7C-80225BF35698} <H:\Program Files\CyberArticle\CAExp.dll, Wizissoft>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[AxInputControl Class]
  {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\DOWNLO~1\INPUTC~1.DLL, >
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v4.dll, >
[QuickBtn]
  {1A199C20-DE2B-4838-AE3F-B5257ECE2B7E} <C:\Program Files\CoolWebsite\QuickLink.dll, Fengcent>
[DragSearch BHO]
  {62EED7C6-9F02-42F9-B634-98E2899E147B} <C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL, N/A>
[MMSAssist BHO]
  {6671A431-5C3D-463D-A7CF-5587F9B7E191} <C:\PROGRA~1\MMSASS~1\MMSASS~1.DLL, N/A>
[CyberArticle Express]
  {769A6A36-ED24-4376-BC7C-80225BF35698} <H:\Program Files\CyberArticle\CAExp.dll, Wizissoft>
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <H:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft>
[BrowserHAP Class]
  {AEF6F648-78D8-4456-BEE7-5ADE23D209FD} <C:\PROGRA~1\HBClient\hapast.dll, N/A>
[百度超级搜霸]
  {B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\Program Files\Baidu\bar\BaiduBar.DLL, Baidu.com, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <H:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[bho Class]
  {ED8DFC5C-10EF-45AB-9DC2-0639AFF5A270} <C:\PROGRA~1\COMMON~1\Wnwb\wnwbio.dll, N/A>
[  >> 彩信发送 <<]
  <res://C:\PROGRA~1\MMSASS~1\MMSASS~1.DLL/mms.htm, N/A>
[&Download by NetAnts]
  <H:\PROGRA~1\NETANTS\NAGet.htm, N/A>
[Download &All by NetAnts]
  <H:\PROGRA~1\NETANTS\NAGetAll.htm, N/A>
[Open PDF in Word (PDF Converter 2.0)]

<res://H:\Program Files\PDF2Word\IEShellExt.dll /100, N/A>
[使用影音传送带下载]
  <, N/A>
[使用影音传送带下载全部链接]
  <, N/A>
[使用网际快车下载]
  <H:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <H:\Program Files\FlashGet\jc_all.htm, N/A>
[保存: 完整网页...]
  <H:\Program Files\CyberArticle\script\Save.htm, N/A>
[保存: 更多保存内容...]
  <H:\Program Files\CyberArticle\script\SaveAuto.htm, N/A>
[导出到 Microsoft Excel(&x)]
  <res://D:\MICROO~1\Office10\EXCEL.EXE/3000, N/A>
[导出当前页到超星阅览器(&A)]
  <h:\Program Files\SSREADER36\ss_all.htm, N/A>
[导出选中部分到超星阅览器(&S)]
  <h:\Program Files\SSREADER36\ss_select.htm, N/A>
[添加到QQ自定义面板]
  <H:\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <H:\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <H:\Tencent\QQ\SendMMS.htm, N/A>
[百度-搜索MP3]
  <res://C:\Program Files\Baidu\bar\BaiduBar.DLL/BAIDUMP3.HTM, N/A>

还是杀不彻底!
重起又出现了!