我QQ中毒 ，杀不掉，重装系统也没用
请各位大虾帮忙，谢谢！
扫描日志如下：

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  <bgswitch><C:\WINDOWS\system32\bgswitch.exe>
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <load><>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <IgfxTray><C:\WINDOWS\system32\igfxtray.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <HotKeysCmds><C:\WINDOWS\system32\hkcmd.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <Persistence><C:\WINDOWS\system32\igfxpers.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <RavTask><"F:\瑞星\Rising\Rav\RavTask.exe" -system>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
  <RavStub><"F:\瑞星\Rising\Rav\ravstub.exe" /RUNONCE>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <shell><Explorer.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <Userinit><C:\WINDOWS\system32\userinit.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <AppInit_DLLs><>

==================================
启动文件夹
[腾讯QQ]
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\腾讯QQ.lnk><N>

==================================
服务
[Rising Process Communication Center / RsCCenter]
  <"F:\瑞星\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"F:\瑞星\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>

==================================
浏览器加载项
[WebThunder Browser Helper]
  {00000AAA-A363-466E-BEF5-9BB68697AA7F} <C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_010.dll, Thunder Networking Technologies,LTD>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <F:\腾讯QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <F:\迅雷\ComDlls\XunLeiBHO_001.dll, Thunder Networking Technologies,LTD>
[番茄花园]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.tomatolei.com, N/A>
[启动Web迅雷]
  {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} <http://my.xunlei.com, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <F:\腾讯QQ\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <F:\腾讯QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[WebThunder Browser Helper]
  {00000AAA-A363-466E-BEF5-9BB68697AA7F} <C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_010.dll, Thunder Networking Technologies,LTD>
[KLeakScan Control]
  {1FFFA3E9-A615-41FA-972D-7DB61F23AE90} <C:\WINDOWS\system32\Kingsoft\ONLINE~1\KLkScan.OCX, kingsoft>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <F:\腾讯QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[MediaComm Class]
  {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <C:\Program Files\Thunder Network\WebThunder\MediaAddin04.dll, Thunder Networking Technologies,LTD>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <F:\迅雷\ComDlls\XunLeiBHO_001.dll, Thunder Networking Technologies,LTD>
[KSHScan Control]
  {ACFE8232-03C5-4AEC-AF5E-42B806724096} <C:\WINDOWS\system32\Kingsoft\ONLINE~1\KSHScan.OCX, kingsoft>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Kingsoft DUBA OnlineScan]
  {C8BD9ACB-F7EC-48E6-BB2F-DAADC6789E9A} <C:\WINDOWS\system32\Kingsoft\ONLINE~1\KAVClean.OCX, kingsoft>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\macromed\flash\Flash85.ocx, Macromedia, Inc.>
[&使用迅雷下载]
  <F:\迅雷\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <F:\迅雷\Program\GetAllUrl.htm, N/A>
[上传到QQ网络硬盘]
  <F:\腾讯QQ\AddToNetDisk.htm, N/A>
[使用Web迅雷下载]
  <C:\Program Files\Thunder Network\WebThunder\GetUrl.htm, N/A>
[添加到QQ自定义面板]
  <F:\腾讯QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <F:\腾讯QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <F:\腾讯QQ\SendMMS.htm, N/A>

==================================
正在运行的进程
[PID: 304][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 360][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 384][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 428][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 440][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 588][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 648][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 692][F:\瑞星\Rising\Rav\CCenter.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
[PID: 708][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 756][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 836][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 848][F:\瑞星\Rising\Rav\Ravmond.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 1, 22>
    [F:\瑞星\Rising\Rav\BWList.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 18>
    [F:\瑞星\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [F:\瑞星\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [F:\瑞星\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [F:\瑞星\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [F:\瑞星\Rising\Rav\RsLog.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 20>
    [F:\瑞星\Rising\Rav\HOOKSYS.dll]  <Rising><18, 1, 0, 9>
    [F:\瑞星\Rising\Rav\Scanner.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 30>
    [F:\瑞星\Rising\Rav\libload.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [F:\瑞星\Rising\Rav\VirusLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [F:\瑞星\Rising\Rav\regmon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
    [F:\瑞星\Rising\Rav\HookWeb.dll]  <rising><18, 0, 0, 1>
    [F:\瑞星\Rising\Rav\MemMon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 9>
    [F:\瑞星\Rising\Rav\expscan.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [F:\瑞星\Rising\Rav\mPorts.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 3>
    [F:\瑞星\Rising\Rav\MailMon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [F:\瑞星\Rising\Rav\SpamEng.dll]  <N/A><18, 0, 0, 6>
    [F:\瑞星\Rising\Rav\engine.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 28>
    [F:\瑞星\Rising\Rav\PostTrt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 9>
    [F:\瑞星\Rising\Rav\UnExe.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [F:\瑞星\Rising\Rav\ScanExec.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [F:\瑞星\Rising\Rav\ScanEx.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 8>
    [F:\瑞星\Rising\Rav\NvFile.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
    [F:\瑞星\Rising\Rav\ScanMac.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
    [F:\瑞星\Rising\Rav\ScanSct.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 15>
    [F:\瑞星\Rising\Rav\Unpacker.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
[PID: 996][C:\WINDOWS\Explorer.EXE]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\Program Files\Common Files\Microsoft Shared\MSINFO\xiaran.dat]  <N/A><N/A>
    [C:\WINDOWS\system32\RavExt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
    [C:\WINDOWS\system32\igfxpph.dll]  <Intel Corporation><3.0.0.4299>
    [C:\WINDOWS\system32\hccutils.DLL]  <Intel Corporation><3.0.0.4299>
    [C:\WINDOWS\system32\igfxres.dll]  <Intel Corporation><3.0.0.4299>
    [C:\WINDOWS\system32\igfxress.dll]  <Intel Corporation><3.0.0.4299>
    [C:\WINDOWS\system32\igfxsrvc.dll]  <Intel Corporation><3.0.0.4299>
    [C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_010.dll]  <Thunder Networking Technologies,LTD><6, 0, 0, 1>
    [F:\迅雷\ComDlls\XunLeiBHO_001.dll]  <Thunder Networking Technologies,LTD><5, 0, 0, 1>
[PID: 1108][C:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
[PID: 1240][F:\瑞星\Rising\Rav\RavStub.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 13>
    [F:\瑞星\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [F:\瑞星\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[PID: 1492][C:\WINDOWS\system32\wdfmgr.exe]  <Microsoft Corporation><5.2.3790.1230 built by: dnsrv(bld4act)>
[PID: 1652][C:\WINDOWS\system32\igfxtray.exe]  <Intel Corporation><3.0.0.4299>
    [C:\WINDOWS\system32\hccutils.DLL]  <Intel Corporation><3.0.0.4299>
    [C:\WINDOWS\system32\igfxsrvc.dll]  <Intel Corporation><3.0.0.4299>
    [C:\WINDOWS\system32\igfxres.dll]  <Intel Corporation><3.0.0.4299>
    [C:\WINDOWS\system32\igfxress.dll]  <Intel Corporation><3.0.0.4299>
[PID: 1668][C:\WINDOWS\system32\hkcmd.exe]  <Intel Corporation><3.0.0.4299>
    [C:\WINDOWS\system32\hccutils.DLL]  <Intel Corporation><3.0.0.4299>
    [C:\WINDOWS\system32\igfxsrvc.dll]  <Intel Corporation><3.0.0.4299>
    [C:\WINDOWS\system32\igfxres.dll]  <Intel Corporation><3.0.0.4299>
[PID: 1724][C:\WINDOWS\system32\igfxpers.exe]  <Intel Corporation><3.0.0.4299>
    [C:\WINDOWS\system32\igfxsrvc.dll]  <Intel Corporation><3.0.0.4299>
[PID: 1752][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  <RealNetworks, Inc.><0.1.0.3510>
[PID: 1796][F:\瑞星\Rising\Rav\RavTask.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 22>
    [F:\瑞星\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [F:\瑞星\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [F:\瑞星\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [F:\瑞星\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
[PID: 1820][F:\瑞星\Rising\Rav\Ravmon.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 1, 19>
    [F:\瑞星\Rising\Rav\RsGuiLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 24>
    [F:\瑞星\Rising\Rav\BWList.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 18>
    [F:\瑞星\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [F:\瑞星\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [F:\瑞星\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [F:\瑞星\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [F:\瑞星\Rising\Rav\PngDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[PID: 1832][C:\WINDOWS\system32\ctfmon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 936][C:\WINDOWS\System32\alg.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1156][F:\瑞星\Rising\Rav\RsAgent.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 12>
    [F:\瑞星\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
[PID: 1044][C:\WINDOWS\msagent\AgentSvr.exe]  <Microsoft Corporation><2.00.0.3422>
[PID: 1992][F:\新建文件夹\DubaTool_QQTail(1).EXE]  <><2006, 2, 9, 21>
[PID: 2092][C:\WINDOWS\system32\wuauclt.exe]  <Microsoft Corporation><5.4.3790.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 2128][C:\Program Files\WinRAR\WinRAR.exe]  <N/A><N/A>
[PID: 2172][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.562\SREng.exe]  <Smallfrogs Studio><2.0.12.350>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

大虾都睡觉了吗？  SOS`~

C:\Program Files\Common Files\Microsoft Shared\MSINFO\xiaran.dat
在安全模式下删除此文件。

另外，说清楚中毒症状及病毒名、病毒文件名称与具体路径。

很遗憾，看不出问题来。
请下载HijackThis.exe，扫描并保存报告帖上来。
http://forum.ikaka.com/topic.asp?board=67&artid=5188931
天晚了，走人了，明天再来。

嗯，楼上说的对，这项是有问题，刚刚没看出来。
C:\Program Files\Common Files\Microsoft Shared\MSINFO\xiaran.dat

不知在安全模式下能不能删除它，它似乎插入了桌面的进程，先试试吧
重新启动电脑, 开机检测完后, 按[F8]键(可以一直按到启动菜单出来为止), 选择安全模式进入Windows
双击我的电脑--工具---文件夹选项--查看--单击选取"显示隐藏文件或文件夹"清除"隐藏受保护的操作系统文件（推荐）"复选框。在提示您确定更改时，单击“是”

或者用killbox删除，killbox在http://forum.ikaka.com/topic.asp?board=28&artid=6979213下载，运行后，输入文件路径，勾选“先结束Explorer.EXE进程”，然后再kill。