帮忙看下不重装系统的情况下能否查杀干净！谢谢！
以下是日志：
System Repair Engineer
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe>  [Microsoft Corporation]
    <MsnMsgr><"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><C:\WINDOWS\rundl132.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [Microsoft Corporation]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup>  [NVIDIA Corporation]
    <nwiz><nwiz.exe /install>  [NVIDIA Corporation]
    <SoundMan><SOUNDMAN.EXE>  [Realtek Semiconductor Corp.]
    <BigDogPath><C:\WINDOWS\VM_STI.EXE HYUNDAI PC Camera>  []
    <RavTask><"E:\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <CertificateRegistration><SafeSignCertReg.exe>  [A.E.T. Europe B.V.]
    <MenuOrder><C:\Program Files\ICBCPe~1\ICBC\BHDC(Personal)\MenuOrder\MenuOrder.exe>  []
    <hxgame-update><C:\Program Files\hxupdate\hxgame-update.exe>  []
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <SKYNET Personal FireWall><D:\天网\Firewall\pfw.exe>  [广州众达天网技术有限公司]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <RavStub><"E:\Rising\Rav\ravstub.exe" /RUNONCE>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]

==================================
启动文件夹
[Adobe Gamma Loader]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Gamma Loader.lnk><N>
[Microsoft Office]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Microsoft Office.lnk><N>

==================================
服务
[Crypkey License / Crypkey License]
  <crypserv.exe><Kenonic Controls Ltd.>
[NVIDIA Display Driver Service / NVSvc]
  <C:\WINDOWS\System32\nvsvc32.exe><NVIDIA Corporation>
[Rising Process Communication Center / RsCCenter]
  <"E:\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"E:\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[显示器必备程序 / wincll.exe]
  <C:\WINDOWS\wincll.exe><N/A>

==================================
浏览器加载项
[IeCatch5 Class]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <D:\FlashGet\jccatch.dll, FlashGet>
[IEHlpObj Class]
  {A1A2C6B8-1C34-40E7-B07F-4EC85AC27CF4} <C:\Program Files\Colorwo\Daily.dll, >
[IEHlpObj Class]
  {EFBCA345-14DC-4640-994E-4AF1DFDEB4FD} <C:\Program Files\Riptide\Plugin\Plugin.dll, >
[启动迅雷]
  {0062C9BD-B349-40DE-91A0-755F37ACD559} <D:\讯雷\Thunder.exe, >
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[发现音视频地址]
  {CFB84BBD-959B-4fcb-9A03-22ACE091043C} <C:\Program Files\Riptide\Monitor.exe, Colormedia Corporation>
[FlashGet]
  {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <D:\FlashGet\flashget.exe, FlashGet.com>
[电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <D:\FlashGet\fgiebar.dll, Amaze Soft>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\System32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[nEdit Control]
  {32D72994-45B9-42B5-8980-FB561D1BE2D0} <C:\WINDOWS\System32\nEdit\nEdit.ocx, NetEase Information Technology (Beijing) Co. Ltd>
[CEditCtrl Object]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\System32\aliedit\AliEdit.dll, www.alipay.com>
[InfoSecNetSign Class]
  {62B938C4-4190-4F37-8CF0-A92B0A91CC77} <C:\WINDOWS\System32\NetSign.dll, Infosec Technologies Co., Ltd.>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\System32\wuweb.dll, Microsoft Corporation>
[AxInputControl Class]
  {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\System32\INPUTC~1.DLL, >
[AxSubmitControl Class]
  {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\System32\SUBMIT~1.DLL, >
[MsnMessengerSetupDownloadControl Class]
  {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} <C:\WINDOWS\Downloaded Program Files\MsnMessengerSetupDownloader.ocx, Microsoft Corporation>
[cardctl Class]
  {B753331A-9543-41D2-83B2-492E5ADB7911} <C:\WINDOWS\System32\ICCARD~1.DLL, Infosec Technologies Co., Ltd.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash8a.ocx, Macromedia, Inc.>
[AxUSBKey Class]
  {DA215190-98B2-47DE-AE24-DA95481DFFBA} <C:\WINDOWS\System32\USBKey.dll, >
[&_找本网页音视频链接_]
  <C:\Program Files\Riptide\Plugin\Monitor.htm, N/A>
[&使用迅雷下载]
  <D:\讯雷\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <D:\讯雷\Program\GetAllUrl.htm, N/A>
[上传到QQ网络硬盘]
  <E:\Tencent\AddToNetDisk.htm, N/A>
[使用网际快车下载]
  <D:\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <D:\FlashGet\jc_all.htm, N/A>
[添加到QQ自定义面板]
  <E:\Tencent\AddPanel.htm, N/A>
[添加到QQ表情]
  <E:\Tencent\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <E:\Tencent\SendMMS.htm, N/A>
[用比特精灵下载(&B)]
  <D:\BT\BitSpirit\bsurl.htm, N/A>

==================================
正在运行的进程
[PID: 572][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 644][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 668][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 720][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 732][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 900][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 1000][E:\Rising\Rav\CCenter.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
[PID: 1028][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 1132][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 1208][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 1228][E:\Rising\Rav\Ravmond.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 1, 35>
    [E:\Rising\Rav\BWList.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
    [E:\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [E:\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [E:\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [E:\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [E:\Rising\Rav\RsLog.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 20>
    [E:\Rising\Rav\HOOKSYS.dll]  <Beijing Rising Technology Co., Ltd.><18, 1, 0, 11>
    [E:\Rising\Rav\Scanner.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 32>
    [E:\Rising\Rav\libload.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [E:\Rising\Rav\VirusLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 12>
    [E:\Rising\Rav\regmon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
    [E:\Rising\Rav\HookWeb.dll]  <rising><18, 0, 0, 2>
    [E:\Rising\Rav\MemMon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [E:\Rising\Rav\expscan.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [E:\Rising\Rav\mPorts.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 3>
    [E:\Rising\Rav\MailMon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [E:\Rising\Rav\SpamEng.dll]  <N/A><18, 0, 0, 6>
    [E:\Rising\Rav\engine.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 34>
    [E:\Rising\Rav\UnExe.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [E:\Rising\Rav\PostTrt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 16>
    [E:\Rising\Rav\ScanExec.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [E:\Rising\Rav\ScanEx.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 27>
    [E:\Rising\Rav\RSUnpack.dll]  <Beijing Rising Technology Co., Ltd.><1, 0, 0, 17>
    [E:\Rising\Rav\NvFile.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
    [E:\Rising\Rav\ScanMac.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [E:\Rising\Rav\ScanSct.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
    [E:\Rising\Rav\ExtFile.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
    [E:\Rising\Rav\Unpacker.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [E:\Rising\Rav\ExtOLE.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
[PID: 1416][C:\WINDOWS\Explorer.EXE]  <Microsoft Corporation><6.00.2800.1221 (xpsp2.030511-1403)>
    [C:\WINDOWS\system32\RavExt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
    [D:\FlashGet\jccatch.dll]  <FlashGet><1, 1, 5, 0>
    [C:\WINDOWS\System32\mp3infp.dll]  <win32lab.com><2.50.5.0>
    [C:\WINDOWS\System32\nvshell.dll]  <NVIDIA Corporation><6.14.10.5303>
    [C:\WINDOWS\System32\NVWRSZHC.DLL]  <NVIDIA Corporation><6.14.10.5303>
[PID: 1564][C:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.0 (XPClient.010817-1148)>
[PID: 1652][C:\WINDOWS\System32\alg.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 1664][C:\WINDOWS\system32\crypserv.exe]  <Kenonic Controls Ltd.><5.4.0>
[PID: 1732][C:\WINDOWS\System32\nvsvc32.exe]  <NVIDIA Corporation><6.14.10.5303>
[PID: 1852][C:\WINDOWS\System32\SCardSvr.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 1916][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 1968][C:\WINDOWS\System32\wdfmgr.exe]  <Microsoft Corporation><5.2.3790.1230 built by: dnsrv(bld4act)>
[PID: 272][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  <Microsoft Corporation><6.00.2800.1106 (xpsp1.020828-1920)>
[PID: 628][E:\Rising\Rav\RavStub.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 16>
    [E:\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [E:\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[PID: 412][C:\WINDOWS\VM_STI.EXE]  <VM.><4.2.610.4>
    [C:\WINDOWS\System32\msdmo.dll]  <N/A><N/A>
    [C:\WINDOWS\System32\VM31bPrp.Ax]  <VM><4.2.711.31>
[PID: 436][E:\Rising\Rav\RavTask.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 22>
    [E:\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [E:\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [E:\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [E:\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
[PID: 444][C:\WINDOWS\System32\SafeSignCertReg.exe]  <A.E.T. Europe B.V.><2.0.0.2>
[PID: 1828][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  <RealNetworks, Inc.><0.1.0.3536>
[PID: 268][C:\WINDOWS\System32\ctfmon.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 3288][C:\WINDOWS\Logo1_.exe]  <><1.0.0.0>
[PID: 3580][C:\WINDOWS\System32\conime.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 2840][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  <Microsoft Corporation><6.00.2800.1106 (xpsp1.020828-1920)>
    [C:\WINDOWS\System32\KakaTool.dll]  <Beijing Rising Technology Co., Ltd.><2, 0, 0, 9>
    [D:\FlashGet\jccatch.dll]  <FlashGet><1, 1, 5, 0>
    [C:\Program Files\Colorwo\Daily.dll]  <><1, 0, 0, 1>
    [C:\Program Files\Riptide\Plugin\Plugin.dll]  <><1, 0, 0, 1>
    [E:\Rising\Rav\RavScrCh.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\WINDOWS\System32\Macromed\Flash\Flash8a.ocx]  <Macromedia, Inc.><8,0,24,0>
[PID: 3724][C:\WINDOWS\System32\wuauclt.exe]  <Microsoft Corporation><5.8.0.2469 built by: lab01_n(wmbla)>
[PID: 1216][D:\查杀工具\SREng\SREng.exe]  <Smallfrogs Studio><2.0.21.505>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

以下是HijackThis日志
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
E:\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
E:\Rising\Rav\Ravmond.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\crypserv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
E:\Rising\Rav\RavStub.exe
C:\WINDOWS\VM_STI.EXE
E:\Rising\Rav\RavTask.exe
C:\WINDOWS\System32\SafeSignCertReg.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\Logo1_.exe
C:\WINDOWS\System32\conime.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\wuauclt.exe
D:\查杀工具\SREng\SREng.exe
D:\查杀工具\hijackthis\HijackThis.exe

F3 - REG:win.ini: load=C:\WINDOWS\rundl132.exe
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - D:\FlashGet\jccatch.dll
O2 - BHO: Colorwo BHO - {A1A2C6B8-1C34-40E7-B07F-4EC85AC27CF4} - C:\Program Files\Colorwo\Daily.dll
O2 - BHO: Riptide BHO - {EFBCA345-14DC-4640-994E-4AF1DFDEB4FD} - C:\Program Files\Riptide\Plugin\Plugin.dll
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\FlashGet\fgiebar.dll
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\System32\KakaTool.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE HYUNDAI PC Camera
O4 - HKLM\..\Run: [RavTask] "E:\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [CertificateRegistration] SafeSignCertReg.exe
O4 - HKLM\..\Run: [MenuOrder] C:\Program Files\ICBCPe~1\ICBC\BHDC(Personal)\MenuOrder\MenuOrder.exe
O4 - HKLM\..\Run: [hxgame-update] C:\Program Files\hxupdate\hxgame-update.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [SKYNET Personal FireWall] D:\天网\Firewall\pfw.exe
O4 - HKLM\..\RunOnce: [RavStub] "E:\Rising\Rav\ravstub.exe" /RUNONCE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = ?SystemRoot%\Installer\{90280804-6000-11D3-8CFE-0050048383C9}\misc.exe
O8 - Extra context menu item: &_找本网页音视频链接_ - C:\Program Files\Riptide\Plugin\Monitor.htm
O8 - Extra context menu item: &使用迅雷下载 - D:\讯雷\Program\GetUrl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - D:\讯雷\Program\GetAllUrl.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - E:\Tencent\AddToNetDisk.htm
O8 - Extra context menu item: 使用网际快车下载 - D:\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - D:\FlashGet\jc_all.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - E:\Tencent\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - E:\Tencent\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - E:\Tencent\SendMMS.htm
O8 - Extra context menu item: 用比特精灵下载(&B) - D:\BT\BitSpirit\bsurl.htm
O9 - Extra button: 启动迅雷 - {0062C9BD-B349-40DE-91A0-755F37ACD559} - D:\讯雷\Thunder.exe
O9 - Extra 'Tools' menuitem: 启动迅雷 - {0062C9BD-B349-40DE-91A0-755F37ACD559} - D:\讯雷\Thunder.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: 发现音视频地址 - {CFB84BBD-959B-4fcb-9A03-22ACE091043C} - C:\Program Files\Riptide\Monitor.exe
O9 - Extra 'Tools' menuitem: 发现音视频地址 - {CFB84BBD-959B-4fcb-9A03-22ACE091043C} - C:\Program Files\Riptide\Monitor.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\FlashGet\flashget.exe
O16 - DPF: {32D72994-45B9-42B5-8980-FB561D1BE2D0} (nEdit Control) - https://ekey.163.com/nEdit.cab
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (CEditCtrl Object) - https://img.alipay.com/download/1007/aliedit.cab
O16 - DPF: {62B938C4-4190-4F37-8CF0-A92B0A91CC77} (InfoSecNetSign Class) - https://mybank.icbc.com.cn/icbc/NetSign.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1160118583656
O16 - DPF: {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (AxInputControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab
O16 - DPF: {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} (AxSubmitControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B753331A-9543-41D2-83B2-492E5ADB7911} (cardctl Class) - https://mybank.icbc.com.cn/icbc/perbank/iccarddll.cab
O16 - DPF: {DA215190-98B2-47DE-AE24-DA95481DFFBA} (AxUSBKey Class) - https://mybank.icbc.com.cn/icbc/perbank/AxUSBKey.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{F9EBB5B1-BED5-4175-929F-FF5AED9E03D9}: NameServer = 202.106.0.20 202.106.46.151
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - E:\Rising\Rav\CCenter.exe
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - E:\Rising\Rav\Ravmond.exe
O23 - Service: 显示器必备程序 (wincll.exe) - Unknown owner - C:\WINDOWS\wincll.exe

帮忙看下怎么解决，注册表里没有，C盘里的杀掉重起又回出现，杀不干净。
另外请问下
[显示器必备程序 / wincll.exe]
  <C:\WINDOWS\wincll.exe><N/A>
这个是什么东西？是病毒吗删不掉 网上也搜索不到关于这个文件的内容。

没用我试过安全模式下杀完重起后依然还会有

中了必须全格吗。。。晕 重装系统格C盘不行吗？我先去试下你的方法。在悄悄话留言给你，谢谢

必须要全格吗？只格C盘重装系统可以吗？
我试了8楼的方法不行 重起后卡一分钟病毒又回来了。有Dll.dll Logo1_.exe rundl132.exe等等可能还有我知道的病毒就有这几个
现在去试一下11楼的方法。
大虾们谁有好方法说一下谢谢大家！

11楼的不行。。。你E盘下的那个扫描不到病毒
高手们谁有解决办法啊55555555555555555

现在的日志。。帮看下还有什么病毒。。。是不是必须格全盘555555
System Repair Engineer
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe>  [Microsoft Corporation]
    <MsnMsgr><"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [Microsoft Corporation]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup>  [NVIDIA Corporation]
    <nwiz><nwiz.exe /install>  [NVIDIA Corporation]
    <SoundMan><SOUNDMAN.EXE>  [Realtek Semiconductor Corp.]
    <BigDogPath><C:\WINDOWS\VM_STI.EXE HYUNDAI PC Camera>  []
    <RavTask><"E:\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <CertificateRegistration><SafeSignCertReg.exe>  [A.E.T. Europe B.V.]
    <MenuOrder><C:\Program Files\ICBCPe~1\ICBC\BHDC(Personal)\MenuOrder\MenuOrder.exe>  []
    <hxgame-update><C:\Program Files\hxupdate\hxgame-update.exe>  []
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <SKYNET Personal FireWall><D:\天网\Firewall\pfw.exe>  [广州众达天网技术有限公司]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <RavStub><"E:\Rising\Rav\ravstub.exe" /RUNONCE>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]

==================================
启动文件夹
[Adobe Gamma Loader]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Gamma Loader.lnk><N>
[Microsoft Office]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Microsoft Office.lnk><N>

==================================
服务
[Crypkey License / Crypkey License]
  <crypserv.exe><Kenonic Controls Ltd.>
[NVIDIA Display Driver Service / NVSvc]
  <C:\WINDOWS\System32\nvsvc32.exe><NVIDIA Corporation>
[Rising Process Communication Center / RsCCenter]
  <"E:\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"E:\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>

==================================
浏览器加载项
[IeCatch5 Class]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <D:\FlashGet\jccatch.dll, FlashGet>
[启动迅雷]
  {0062C9BD-B349-40DE-91A0-755F37ACD559} <D:\讯雷\Thunder.exe, >
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[FlashGet]
  {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <D:\FlashGet\flashget.exe, FlashGet.com>
[电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <D:\FlashGet\fgiebar.dll, Amaze Soft>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\System32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[nEdit Control]
  {32D72994-45B9-42B5-8980-FB561D1BE2D0} <C:\WINDOWS\System32\nEdit\nEdit.ocx, NetEase Information Technology (Beijing) Co. Ltd>
[CEditCtrl Object]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\System32\aliedit\AliEdit.dll, www.alipay.com>
[InfoSecNetSign Class]
  {62B938C4-4190-4F37-8CF0-A92B0A91CC77} <C:\WINDOWS\System32\NetSign.dll, Infosec Technologies Co., Ltd.>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\System32\wuweb.dll, Microsoft Corporation>
[AxInputControl Class]
  {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\System32\INPUTC~1.DLL, >
[AxSubmitControl Class]
  {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\System32\SUBMIT~1.DLL, >
[MsnMessengerSetupDownloadControl Class]
  {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} <C:\WINDOWS\Downloaded Program Files\MsnMessengerSetupDownloader.ocx, Microsoft Corporation>
[cardctl Class]
  {B753331A-9543-41D2-83B2-492E5ADB7911} <C:\WINDOWS\System32\ICCARD~1.DLL, Infosec Technologies Co., Ltd.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash8a.ocx, Macromedia, Inc.>
[&使用迅雷下载]
  <D:\讯雷\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <D:\讯雷\Program\GetAllUrl.htm, N/A>
[上传到QQ网络硬盘]
  <E:\Tencent\AddToNetDisk.htm, N/A>
[使用网际快车下载]
  <D:\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <D:\FlashGet\jc_all.htm, N/A>
[添加到QQ自定义面板]
  <E:\Tencent\AddPanel.htm, N/A>
[添加到QQ表情]
  <E:\Tencent\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <E:\Tencent\SendMMS.htm, N/A>
[用比特精灵下载(&B)]
  <D:\BT\BitSpirit\bsurl.htm, N/A>