我中的是：
    Trojan.DL.Small.kce
    Trojan.DL.Small.cin
    Trojan.DL.Small.kfc
    Trojan.DL.Agent.jgp
    Trojan.DL.Adload.im
    Trojan.DL.Diyer.a
    Trojan.Agent.cwq

Logfile of Kaka v2. 0. 0. 9 Scan Module v2. 0. 0. 1
Scan saved at 10:51:14, on 2006-07-16
Platform: Microsoft Windows Me
MSIE: Internet Explorer v5.50  (5.50.4134.100)


Running processes:
[KERNEL32.DLL]
CommandLine =

[MSGSRV32.EXE]
CommandLine =

[SPOOL32.EXE]
CommandLine = C:\WINDOWS\SYSTEM\spool32.exe

[MPREXE.EXE]
CommandLine = C:\WINDOWS\SYSTEM\MPREXE.EXE

[CCENTER.EXE]
CommandLine = "F:\瑞星杀毒软件\Rising\Rav\CCenter.exe"

[RAVMOND.EXE]
CommandLine = "F:\瑞星杀毒软件\Rising\Rav\RavMond.exe"

[RAVMON.EXE]
CommandLine = "F:\瑞星杀毒软件\Rising\Rav\RavMon.exe" -system

[mmtask.tsk]
CommandLine =

[EXPLORER.EXE]
CommandLine = C:\WINDOWS\Explorer.exe

[RPCSS.EXE]
CommandLine = RPCSS

[RUNDLL32.EXE]
CommandLine = Rundll32.exe

[INTERNAT.EXE]
CommandLine = "C:\WINDOWS\SYSTEM\internat.exe"

[SYSTRAY.EXE]
CommandLine = "C:\WINDOWS\SYSTEM\SysTray.Exe"

[YLIVE.EXE]
CommandLine = "C:\PROGRA~1\YAHOO!\ASSIST~1\YLive.exe"

[YASSISTSE.EXE]
CommandLine = "C:\PROGRAM FILES\YAHOO!\ASSISTANT\YASSISTSE.EXE"

[RAVTASK.EXE]
CommandLine = "F:\瑞星杀毒软件\RISING\RAV\RAVTASK.EXE" -SYSTEM

[MEMDEF.EXE]
CommandLine = "F:\超级兔子\MAGICSET123\MEMDEF.EXE" /LOAD

[RUNDLL32.EXE]
CommandLine = "C:\WINDOWS\rundll32.exe"

[WMIEXE.EXE]
CommandLine = WmiExe WMI_ffe3cd4d

[RAV.EXE]
CommandLine = "F:\瑞星杀毒软件\Rising\Rav\Rav.exe"

[RNAAPP.EXE]
CommandLine = rnaapp.exe -l

[TAPISRV.EXE]
CommandLine = tapisrv.exe

[IEXPLORE.EXE]
CommandLine = "F:\INTERN~1\iexplore.exe"

[KKSCAN.EXE]
CommandLine = "F:\瑞星杀毒软件\Rising卡卡上网安全助手2.0\KkScan.exe"

[PSTORES.EXE]
CommandLine = C:\WINDOWS\SYSTEM\PSTORES.EXE

[STIMON.EXE]
CommandLine = C:\WINDOWS\SYSTEM\STIMON.EXE -Embedding

R3 - URLSearchHook: (no name) - {BB936323-19FA-4521-BA29-ECA6A121BC78} - (no file)
O2 - BHO: CnsHook Class - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSHOOK.DLL
O2 - BHO: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YASBAR.DLL
O2 - BHO: Yahoo!Photo - {33BBE430-0E42-4f12-B075-8D21ACB10DCB} - C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YPHTB.DLL
O2 - BHO: AntiFish Class - {38928D50-8A48-44C2-945F-D2F23F771410} - C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YANGLING.DLL
O2 - BHO: XBTP03129 Class - {6029B367-250A-4696-925C-641709CA7381} - C:\PROGRA~1\KUAISO~1\KUAISO~1.DLL (file missing)
O2 - BHO: Status Class - {7BDAF75A-0D6F-4F50-AFE9-333D08DF4005} - C:\PROGRAM FILES\BAIGOO\BGOOBHO.DLL (file missing)
O2 - BHO: stdup - {6A512BF7-EC78-4e8d-9841-6C02E8FA9838} - C:\WINDOWS\SYSTEM32\STDUP.DLL
O2 - BHO:  (file missing)
O2 - BHO:  (file missing)
O2 - BHO:  (file missing)
O2 - BHO:  (file missing)
O2 - BHO: bho Class - {ED8DFC5C-10EF-45AB-9DC2-0639AFF5A270} - C:\PROGRA~1\COMMON~1\WNWB\WNWBIO.DLL
O3 - Toolbar: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YASBAR.DLL
O3 - Toolbar: @msdxmLC.dll,-1@2052,电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\SYSTEM\KAKATOOL.DLL
O4 - HKCU\..\Run: [Super Rabbit IEPro] rem ; F:\超级兔子\MAGICSET123\SRIECLI.EXE /LOAD
O4 - HKCU\..\Run: [LetsCool] C:\PROGRAM FILES\LETSCOOL\LETSCOOL.EXE
O4 - HKLM\..\Run: [internat.exe] internat.exe
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] ; C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] rem ; C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [CnsMin] Rundll32.exe C:\WINDOWS\DOWNLO~1\CNSMIN.DLL,Rundll32
O4 - HKLM\..\Run: [YLive.exe] C:\PROGRA~1\YAHOO!\ASSIST~1\YLive.exe
O4 - HKLM\..\Run: [yassistse] "C:\PROGRAM FILES\YAHOO!\ASSISTANT\YASSISTSE.EXE"
O4 - HKLM\..\Run: [RavTask] "F:\瑞星杀毒软件\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [Super Rabbit Memory] F:\超级兔子\MAGICSET123\MEMDEF.EXE /LOAD
O4 - HKLM\..\Run: [LoadQM] rem ; loadqm.exe
O4 - HKLM\..\Run: [CnxDslTaskBar] rem ; C:\WINDOWS\SYSTEM\CnxDslTb.exe
O4 - HKLM\..\Run: [LoadPowerProfile] rem ; Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [helper.dll] C:\WINDOWS\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32
O4 - HKLM\..\Run: [spoolsv] C:\WINDOWS\SYSTEM\spoolsv\spoolsv.exe -printer
O4 - HKLM\..\Run: [svc] C:\WINDOWS\svchost.exe
O4 - HKLM\..\RunServices: [RsCcenter] "F:\瑞星杀毒软件\Rising\Rav\CCenter.exe"
O4 - HKLM\..\RunServices: [RavMond] "F:\瑞星杀毒软件\Rising\Rav\RavMond.exe"
O4 - HKLM\..\RunServices: [RavMon] "F:\瑞星杀毒软件\Rising\Rav\RavMon.exe" -system
O4 - HKLM\..\RunServices: [LoadPowerProfile] ; Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] ; mstask.exe
O4 - HKLM\..\RunServices: [*StateMgr] ; C:\WINDOWS\SYSTEM\Restore\StateMgr.exe
O8 - Extra context menu item: 添加到QQ自定义面板 - F:\123\123\配置&应用程序\QSP1NT\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - F:\123\123\配置&应用程序\QSP1NT\AddEmotion.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - F:\123\123\配置&应用程序\QSP1NT\AddToNetDisk.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - F:\123\123\配置&应用程序\QSP1NT\SendMMS.htm
O8 - Extra context menu item: >>彩信发送<< - res://C:\PROGRAM FILES\MMSASSIST\MMSASS~1.DLL/mms.htm
O8 - Extra context menu item: 雅虎搜索 - res://C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YASBAR.DLL/246
O9 - Extra Button: @shdoclc.dll,-866@2052,相关站点 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\SYSTEM\SHDOCVW.DLL
O9 - Extra 'Tools' menuitem: @shdoclc.dll,-866@2052,相关站点 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\SYSTEM\SHDOCVW.DLL
O9 - Extra Button: 雅虎助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist (file missing)
O9 - Extra Button: 寻宝乐趣多 - {59BC54A2-56B3-44a0-93E5-432D58746E26} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=taobao (file missing)
O9 - Extra Button: Yahoo 1G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail (file missing)
O9 - Extra Button: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg (file missing)
O9 - Extra Button: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing)
O9 - Extra 'Tools' menuitem: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing)
O9 - Extra Button: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing)
O9 - Extra 'Tools' menuitem: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing)
O10 - Unknown file in Winsock LSP: C:\WINDOWS\SYSTEM\WMPCD32.DLL
O10 - Unknown file in Winsock LSP: C:\WINDOWS\SYSTEM\WMPCD32.DLL
O10 - Unknown file in Winsock LSP: C:\WINDOWS\SYSTEM\WMPCD32.DLL
O10 - Unknown file in Winsock LSP: C:\WINDOWS\SYSTEM\WMPCD32.DLL
O11 - Options group: [!CNS]  网络实名
O14 - IERESET.INF: START_PAGE_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
O16 - DPF: DirectAnimation Java Classes - file://C:\WINDOWS\SYSTEM\dajava.cab
O16 - DPF: _{18F57D30-EF36-4C0E-9343-7BFA6DF79B4A} - http://active.micr0media.com/swflash.CAB
O18 - Protocol: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM\urlmon.dll
O18 - Protocol: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM\urlmon.dll
O18 - Protocol: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM\urlmon.dll
O18 - Protocol: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM\urlmon.dll
O18 - Protocol: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM\urlmon.dll
O18 - Protocol: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM\urlmon.dll
O18 - Protocol: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM\urlmon.dll
O18 - Protocol: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\SYSTEM\urlmon.dll
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM\MSHTML.DLL
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM\MSHTML.DLL
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM\MSHTML.DLL
O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM\MSHTML.DLL
O18 - Protocol: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM\MSHTML.DLL
O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\SYSTEM\MSHTML.DLL
O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\SYSTEM\ITSS.DLL
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\SYSTEM\ITSS.DLL
O18 - Protocol: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\SYSTEM\INETCOMM.DLL
O18 - Protocol: msdaipp - (no CLSID) - (no file)
O18 - Protocol: ndwiat - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\SYSTEM\WIASCR.DLL
O18 - Protocol: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O21 - SSODL: AUHook - {BCBCD383-3E06-11D3-91A9-00C04F68105C} - C:\WINDOWS\SYSTEM\AUHOOK.DLL
O21 - SSODL: stdup - {6A512BF7-EC78-4e8d-9841-6C02E8FA9838} - C:\WINDOWS\SYSTEM32\STDUP.DLL
O21 - SSODL: Vision - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\MMSASS~1.DLL

快点来救命啊！

C:\WINDOWS\svchost.exe
下载超级兔子。
http://www.pctutu.com/srmsdown.asp
安装好后，打开“超级兔子清理王”“专业卸载,卸载所有提示的垃圾软件，卸载是不要打开任何浏览窗口。卸载不了可以重启后再去卸载。
卸载完后
重启
请下载 System Repair Engineer，使用“智能扫描”，按下“扫描”按钮进行扫描，扫描完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告日志文件内容复制-粘贴上来
下载网址
http://www.kztechs.com/sreng/sreng2.zip
http://forum.ikaka.com/topic.asp?board=67&artid=5188931
日志一次粘不完，分次粘完，请不要修改。

HijackThis_815汉化版扫描日志 V1.99.1
保存于 22:47:50, 日期 2006-7-15
操作系统： Windows Me 4.90.3000
浏览器： Internet Explorer 4.0.0000 (54134.0100)

当前运行的进程：
[SPOOL32.EXE]
CommandLine = C:\WINDOWS\SYSTEM\spool32.exe

[MPREXE.EXE]
CommandLine = C:\WINDOWS\SYSTEM\MPREXE.EXE

[CCENTER.EXE]
CommandLine = "F:\瑞星杀毒软件\Rising\Rav\CCenter.exe"

[RAVMOND.EXE]
CommandLine = "F:\瑞星杀毒软件\Rising\Rav\RavMond.exe"

[RAVMON.EXE]
CommandLine = "F:\瑞星杀毒软件\Rising\Rav\RavMon.exe" -system

[mmtask.tsk]
CommandLine =

[EXPLORER.EXE]
CommandLine = C:\WINDOWS\Explorer.exe

[RPCSS.EXE]
CommandLine = RPCSS

[RUNDLL32.EXE]
CommandLine = Rundll32.exe

[INTERNAT.EXE]
CommandLine = "C:\WINDOWS\SYSTEM\internat.exe"

[SYSTRAY.EXE]
CommandLine = "C:\WINDOWS\SYSTEM\SysTray.Exe"

[YLIVE.EXE]
CommandLine = "C:\PROGRA~1\YAHOO!\ASSIST~1\YLive.exe"

[YASSISTSE.EXE]
CommandLine = "C:\PROGRAM FILES\YAHOO!\ASSISTANT\YASSISTSE.EXE"

[RAVTASK.EXE]
CommandLine = "F:\瑞星杀毒软件\RISING\RAV\RAVTASK.EXE" -SYSTEM

[MEMDEF.EXE]
CommandLine = "F:\超级兔子\MAGICSET123\MEMDEF.EXE" /LOAD

[RUNDLL32.EXE]
CommandLine = "C:\WINDOWS\rundll32.exe"

[WMIEXE.EXE]
CommandLine = WmiExe WMI_ffe3cd4d

[RAV.EXE]
CommandLine = "F:\瑞星杀毒软件\Rising\Rav\Rav.exe"

[RNAAPP.EXE]
CommandLine = rnaapp.exe -l

[TAPISRV.EXE]
CommandLine = tapisrv.exe

[IEXPLORE.EXE]
CommandLine = "F:\INTERN~1\iexplore.exe"

[KKSCAN.EXE]
CommandLine = "F:\瑞星杀毒软件\Rising卡卡上网安全助手2.0\KkScan.exe"

[PSTORES.EXE]
CommandLine = C:\WINDOWS\SYSTEM\PSTORES.EXE

[STIMON.EXE]
CommandLine = C:\WINDOWS\SYSTEM\STIMON.EXE -Embedding

R3 - URLSearchHook: (no name) - {BB936323-19FA-4521-BA29-ECA6A121BC78} - (no file)
O2 - BHO: CnsHook Class - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSHOOK.DLL
O2 - BHO: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YASBAR.DLL
O2 - BHO: Yahoo!Photo - {33BBE430-0E42-4f12-B075-8D21ACB10DCB} - C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YPHTB.DLL
O2 - BHO: AntiFish Class - {38928D50-8A48-44C2-945F-D2F23F771410} - C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YANGLING.DLL
O2 - BHO: XBTP03129 Class - {6029B367-250A-4696-925C-641709CA7381} - C:\PROGRA~1\KUAISO~1\KUAISO~1.DLL (file missing)
O2 - BHO: Status Class - {7BDAF75A-0D6F-4F50-AFE9-333D08DF4005} - C:\PROGRAM FILES\BAIGOO\BGOOBHO.DLL (file missing)
O2 - BHO: stdup - {6A512BF7-EC78-4e8d-9841-6C02E8FA9838} - C:\WINDOWS\SYSTEM32\STDUP.DLL
O2 - BHO: (file missing)
O2 - BHO: (file missing)
O2 - BHO: (file missing)
O2 - BHO: (file missing)
O2 - BHO: bho Class - {ED8DFC5C-10EF-45AB-9DC2-0639AFF5A270} - C:\PROGRA~1\COMMON~1\WNWB\WNWBIO.DLL
O3 - Toolbar: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YASBAR.DLL
O3 - Toolbar: @msdxmLC.dll,-1@2052,电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\SYSTEM\KAKATOOL.DLL
O4 - HKCU\..\Run: [Super Rabbit IEPro] rem ; F:\超级兔子\MAGICSET123\SRIECLI.EXE /LOAD
O4 - HKCU\..\Run: [LetsCool] C:\PROGRAM FILES\LETSCOOL\LETSCOOL.EXE
O4 - HKLM\..\Run: [internat.exe] internat.exe
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] ; C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] rem ; C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [CnsMin] Rundll32.exe C:\WINDOWS\DOWNLO~1\CNSMIN.DLL,Rundll32
O4 - HKLM\..\Run: [YLive.exe] C:\PROGRA~1\YAHOO!\ASSIST~1\YLive.exe
O4 - HKLM\..\Run: [yassistse] "C:\PROGRAM FILES\YAHOO!\ASSISTANT\YASSISTSE.EXE"
O4 - HKLM\..\Run: [RavTask] "F:\瑞星杀毒软件\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [Super Rabbit Memory] F:\超级兔子\MAGICSET123\MEMDEF.EXE /LOAD
O4 - HKLM\..\Run: [LoadQM] rem ; loadqm.exe
O4 - HKLM\..\Run: [CnxDslTaskBar] rem ; C:\WINDOWS\SYSTEM\CnxDslTb.exe
O4 - HKLM\..\Run: [LoadPowerProfile] rem ; Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [helper.dll] C:\WINDOWS\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32
O4 - HKLM\..\Run: [spoolsv] C:\WINDOWS\SYSTEM\spoolsv\spoolsv.exe -printer
O4 - HKLM\..\Run: [svc] C:\WINDOWS\svchost.exe
O4 - HKLM\..\RunServices: [RsCcenter] "F:\瑞星杀毒软件\Rising\Rav\CCenter.exe"
O4 - HKLM\..\RunServices: [RavMond] "F:\瑞星杀毒软件\Rising\Rav\RavMond.exe"
O4 - HKLM\..\RunServices: [RavMon] "F:\瑞星杀毒软件\Rising\Rav\RavMon.exe" -system
O4 - HKLM\..\RunServices: [LoadPowerProfile] ; Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] ; mstask.exe
O4 - HKLM\..\RunServices: [*StateMgr] ; C:\WINDOWS\SYSTEM\Restore\StateMgr.exe
O8 - Extra context menu item: 添加到QQ自定义面板 - F:\123\123\配置&应用程序\QSP1NT\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - F:\123\123\配置&应用程序\QSP1NT\AddEmotion.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - F:\123\123\配置&应用程序\QSP1NT\AddToNetDisk.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - F:\123\123\配置&应用程序\QSP1NT\SendMMS.htm
O8 - Extra context menu item: >>彩信发送<< - res://C:\PROGRAM FILES\MMSASSIST\MMSASS~1.DLL/mms.htm
O8 - Extra context menu item: 雅虎搜索 - res://C:\PROGRAM FILES\YAHOO!\ASSISTANT\ASSIST\YASBAR.DLL/246
O9 - Extra Button: @shdoclc.dll,-866@2052,相关站点 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\SYSTEM\SHDOCVW.DLL
O9 - Extra 'Tools' menuitem: @shdoclc.dll,-866@2052,相关站点 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\SYSTEM\SHDOCVW.DLL
O9 - Extra Button: 雅虎助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist (file missing)
O9 - Extra Button: 寻宝乐趣多 - {59BC54A2-56B3-44a0-93E5-432D58746E26} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=taobao (file missing)
O9 - Extra Button: Yahoo 1G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail (file missing)
O9 - Extra Button: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg (file missing)
O9 - Extra Button: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing)
O9 - Extra 'Tools' menuitem: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing)
O9 - Extra Button: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing)
O9 - Extra 'Tools' menuitem: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing)
O10 - Unknown file in Winsock LSP: C:\WINDOWS\SYSTEM\WMPCD32.DLL
O10 - Unknown file in Winsock LSP: C:\WINDOWS\SYSTEM\WMPCD32.DLL
O10 - Unknown file in Winsock LSP: C:\WINDOWS\SYSTEM\WMPCD32.DLL
O10 - Unknown file in Winsock LSP: C:\WINDOWS\SYSTEM\WMPCD32.DLL
O11 - Options group: [!CNS] 网络实名
O14 - IERESET.INF: START_PAGE_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
O16 - DPF: DirectAnimation Java Classes - file://C:\WINDOWS\SYSTEM\dajava.cab
O16 - DPF: _{18F57D30-EF36-4C0E-9343-7BFA6DF79B4A} - http://active.micr0media.com/swflash.CAB
O18 - Protocol: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM\urlmon.dll
O18 - Protocol: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM\urlmon.dll
O18 - Protocol: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM\urlmon.dll
O18 - Protocol: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM\urlmon.dll
O18 - Protocol: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM\urlmon.dll
O18 - Protocol: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM\urlmon.dll
O18 - Protocol: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM\urlmon.dll
O18 - Protocol: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\SYSTEM\urlmon.dll
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM\MSHTML.DLL
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM\MSHTML.DLL
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM\MSHTML.DLL
O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM\MSHTML.DLL
O18 - Protocol: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM\MSHTML.DLL
O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\SYSTEM\MSHTML.DLL
O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\SYSTEM\ITSS.DLL
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\SYSTEM\ITSS.DLL
O18 - Protocol: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\SYSTEM\INETCOMM.DLL
O18 - Protocol: msdaipp - (no CLSID) - (no file)
O18 - Protocol: ndwiat - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\SYSTEM\WIASCR.DLL
O18 - Protocol: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O21 - SSODL: AUHook - {BCBCD383-3E06-11D3-91A9-00C04F68105C} - C:\WINDOWS\SYSTEM\AUHOOK.DLL
O21 - SSODL: stdup - {6A512BF7-EC78-4e8d-9841-6C02E8FA9838} - C:\WINDOWS\SYSTEM32\STDUP.DLL
O21 - SSODL: Vision - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\MMSASS~1.DLL

头疼 直接最简单的方法 系统重新装下得了

不是吧！

你先用兔子卸载系统的流氓软件
最后再清除病毒
卸载完后
请下载 System Repair Engineer，使用“智能扫描”，按下“扫描”按钮进行扫描，扫描完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告日志文件内容复制-粘贴上来
下载网址
http://www.kztechs.com/sreng/sreng2.zip
http://forum.ikaka.com/topic.asp?board=67&artid=5188931
日志一次粘不完，分次粘完，请不要修改。