跪求各位大侠，s.exe反复出现，木马杀不完，我该怎么办？

1）只有上网才会启动病毒
2）中毒者上网之后，在C盘WINDOWS\SYSTEM32下释放s.exe
　　同时在WINDOWS\SYSTEM32\TEMP下生成N多个临时文件（如BN**.TMP）
　　释放完毕后会出现大量的SVCHOST.EXE进程，并暗地里启动电脑机器的默认浏览器（如：360SE.EXE），并调用一些安全进程来掩护自己。
3）接着把s.exe拷到注册表
　　HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
　　以及HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run下，以便下次开机时自动启动。
4）这个病毒的危险性在于，进程多，拖慢电脑速度，而且，如果中毒之后不管，几分钟内自动断网且电脑里的任何东西全部打不开，病毒、木马数不胜数杀不胜杀，还连局域网里其他的电脑也上不了网！
　　进程里有X(随机).tmp，reader_s.exe。system权限的iexplorer。
　　在windows\temp里释放几个临时文件还有MSAGNT32.DLL和vrrX(数字随机).tmp
　　IE下载许多木马。
用瑞星杀毒报告无毒，ARSWP能杀，只是杀完后只要插上网线马上又是自动生成s.exe……唉，跪求各位大侠救救我吧，这还是到别的电脑上来上网。

贴上LOG报告： ***********************
* 2010-10-02 11:52:24 *
*********************** [00000224 - 木马类程序]
D:\System Volume Information\_restore{49BF7CEC-9C5C-4BB7-8722-211002065A6D}\RP175\A0037385.exe (Delete File) ***********************
* 2010-10-21 06:49:35 *
*********************** [00000224 - 木马类程序]
D:\汇信软件\Patch.exe (Delete File) ***********************
* 2010-11-16 19:19:31 *
*********************** [00000C7C - KB981234.infoload]
HKEY_CLASSES_ROOT\.php\ (Delete RegKey)
HKEY_CLASSES_ROOT\php_auto_file\ (Delete RegKey) [00000224 - 木马类程序]
D:\汇信软件\Patch.exe (Delete File) ***********************
* 2010-11-16 20:11:47 *
*********************** [00000224 - 木马类程序]
D:\System Volume Information\_restore{49BF7CEC-9C5C-4BB7-8722-211002065A6D}\RP217\A0047121.exe (Delete File) ***********************
* 2011-03-19 21:39:10 *
*********************** [00000626 - 百度工具栏]
C:\Documents and Settings\Administrator\Application Data\BAIDU\ (Delete Path)
C:\Documents and Settings\Administrator\Application Data\BAIDU\BaiduMusicCtrl\ (Delete Path)
C:\Documents and Settings\Administrator\Application Data\BAIDU\BaiduMusicCtrl\Cache\ (Delete Path)
C:\Documents and Settings\Administrator\Application Data\BAIDU\BaiduMusicCtrl\Cache\20a8a8cd3c6d89c800269167fa0cf70f4bfd101b0c (Delete File)
C:\Documents and Settings\Administrator\Application Data\BAIDU\BaiduMusicCtrl\Cache\30a8a8cd3c6d89c800269167fa0cf70f4bfd101b0c (Delete File)
C:\Documents and Settings\Administrator\Application Data\BAIDU\BaiduMusicCtrl\fber.xml (Delete File)
C:\Documents and Settings\Administrator\Application Data\BAIDU\BaiduMusicCtrl\NetworkConfig.xml (Delete File)
C:\Documents and Settings\Administrator\Application Data\BAIDU\BaiduMusicCtrl\UsrApp\ (Delete Path)
C:\Documents and Settings\Administrator\Application Data\BAIDU\BaiduMusicCtrl\UsrApp\usrapp_20110315201350.dat (Delete File) ***********************
* 2011-04-05 15:31:16 *
*********************** [00000626 - 百度工具栏]
C:\Documents and Settings\Administrator\Application Data\BAIDU\ (Delete Path)
C:\Documents and Settings\Administrator\Application Data\BAIDU\BaiduMusicCtrl\ (Delete Path)
C:\Documents and Settings\Administrator\Application Data\BAIDU\BaiduMusicCtrl\Cache\ (Delete Path)
C:\Documents and Settings\Administrator\Application Data\BAIDU\BaiduMusicCtrl\Cache\2046885889_fber.xml (Delete File)
C:\Documents and Settings\Administrator\Application Data\BAIDU\BaiduMusicCtrl\Cache\609dda600818f593db22655904ebd72504b2515671 (Delete File)
C:\Documents and Settings\Administrator\Application Data\BAIDU\BaiduMusicCtrl\NetworkConfig.xml (Delete File)
C:\Documents and Settings\Administrator\Application Data\BAIDU\BaiduMusicCtrl\UsrApp\ (Delete Path)
C:\Documents and Settings\Administrator\Application Data\BAIDU\BaiduMusicCtrl\UsrApp\usrapp_20110323205149.dat (Delete File) ***********************
* 2011-04-09 12:13:14 *
*********************** [00000536 - SeaBar]
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F08555B0-9CC3-11D2-AA8E-000000000000}\ (Delete RegKey) ***********************

C:\WINDOWS\system32\xp1.exe (Delete File)
C:\WINDOWS\system32\xp1433.exe (Delete File)
C:\WINDOWS\system32\xp8.exe (Delete File)
C:\WINDOWS\system32\xpOath.exe (Delete File)
C:\WINDOWS\system32\xpserver.exe (Delete File)
C:\WINDOWS\system32\zy8.exe (Delete File) [7FFFFFF1 - Unknown Trojan Horse/Virus|未知的风险软件]
C:\WINDOWS\SYSTEM32\p.exe (Delete File)
C:\WINDOWS\SYSTEM32\q.exe (Delete File)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sacsvr\ (Delete RegKey) [000008A3 - Trojan.LsassX]
C:\Program Files\lsass.exe (Delete File) [00000224 - 木马类程序]
c:\WINDOWS\system32\wbem\osinter.exe (Delete File)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\estnod32 (Delete RegValue)
C:\Program Files\浙江省地方税务局\网税系统打印控件安装\Uninstall.exe (Delete File)
E:\备份\其他\用友税务通-中国税务答疑系统（普及版）\unins000.exe (Delete File)
E:\应用程序\NERO\Keygen.exe (Delete File) ***********************
* 2012-01-23 01:26:55 *
*********************** [7FFFFFF5 - 可能无用的对象]
C:\WINDOWS\system32\xp123.exe (Delete File)
C:\WINDOWS\system32\xpserver.exe (Delete File)
C:\WINDOWS\system32\xpsmss.exe (Delete File) [7FFFFFF1 - Unknown Trojan Horse/Virus|未知的风险软件]
C:\WINDOWS\SYSTEM32\p.exe (Delete File) [00000D53 - bn1LTZH]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Command Processor\AutoRun != (REG_SZ:) (Restore RegValue) [00000AF3 - Trojan.updatenf.ias]
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\shell (Delete RegValue) [00000224 - 木马类程序]
C:\WF821\Desktop\RunIE.exe (Delete File)
C:\WINDOWS\system32\Server95.exe (Delete File) ***********************
* 2012-01-23 01:31:34 *
*********************** [000008A3 - Trojan.LsassX]
C:\Program Files\lsass.exe (Delete File) ***********************
* 2012-01-23 01:48:45 *
*********************** [7FFFFFF1 - Unknown Trojan Horse/Virus|未知的风险软件]
C:\WINDOWS\SYSTEM32\q.exe (Delete File) [00000B23 - Risk.Unknown]
E:\主板驱动\Other\GSATA\Application\XSrvSetup.exe (Delete File) [00000224 - 木马类程序]
E:\pcp\我的文档\圣诞节的第一份礼物.exe (Delete File) [00000222 - 黑客类程序]
E:\down\radmin3.2\radmin.exe (Delete File) ***********************
* 2012-01-23 01:56:39 *
*********************** [00000D8C - cd2chain]
C:\WINDOWS\SYSTEM32\cd2chain.exe (Delete File) [00000AF3 - Trojan.updatenf.ias]
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\shell (Delete RegValue) ***********************
* 2012-01-23 20:40:10 *
*********************** [00000224 - 木马类程序]
C:\WF821\Desktop\RunIE.exe (Delete File)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{83241FE4-9972-11D3-BDC2-000021EA4FD8}\ (Delete RegKey)
C:\WINDOWS\system32\Server95.exe (Delete File) ***********************
* 2012-01-25 03:41:26 *
*********************** [7FFFFFF5 - 可能无用的对象]
C:\WINDOWS\system32\sh110.exe (Delete File)
C:\WINDOWS\system32\shmuhuo.exe (Delete File)
C:\WINDOWS\system32\zymuhuo.exe (Delete File) [7FFFFFF3 - 可疑对象]

d:\eae311afaf33db15409992\update\update.exe (Delete File)
d:\eae311afaf33db15409992\update\UPDSPAPI.dll (Delete File) ***********************
* 2012-01-25 03:56:42 *
*********************** [7FFFFFF1 - Unknown Trojan Horse/Virus|未知的风险软件]
C:\WINDOWS\SYSTEM32\p.exe (Delete File) ***********************
* 2012-01-25 04:12:58 *
*********************** [7FFFFFF5 - 可能无用的对象]
C:\WINDOWS\system32\xp8.exe (Delete File) [7FFFFFF3 - 可疑对象]
d:\f62eb7fffd994e980443a26105bbf3\update\update.exe (Delete File)
d:\f62eb7fffd994e980443a26105bbf3\update\UPDSPAPI.dll (Delete File) [7FFFFFF2 - 隐匿对象]
C:\WINDOWS\SYSTEM32\SH8.EXE (Delete File) ***********************
* 2012-01-25 04:18:39 *
*********************** [00000D53 - bn1LTZH]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Command Processor\AutoRun != (REG_SZ:EXIT) (Restore RegValue) ***********************
* 2012-01-25 04:35:39 *
*********************** [7FFFFFF1 - Unknown Trojan Horse/Virus|未知的风险软件]
C:\WINDOWS\SYSTEM32\s.exe (Delete File) ***********************
* 2012-01-25 04:48:35 *
*********************** [7FFFFFF2 - 隐匿对象]
C:\WINDOWS\SYSTEM32\RESULT.TXT (Delete File) [7FFFFFF1 - Unknown Trojan Horse/Virus|未知的风险软件]
C:\WINDOWS\SYSTEM32\s.exe (Delete File) ***********************
* 2012-01-25 05:40:28 *
*********************** [7FFFFFF1 - Unknown Trojan Horse/Virus|未知的风险软件]
C:\WINDOWS\SYSTEM32\s.exe (Delete File) ***********************
* 2012-01-25 12:35:08 *
*********************** [7FFFFFF1 - Unknown Trojan Horse/Virus|未知的风险软件]
C:\WINDOWS\SYSTEM32\s.exe (Delete File) ***********************
* 2012-01-25 13:12:18 *
*********************** [7FFFFFF1 - Unknown Trojan Horse/Virus|未知的风险软件]
C:\WINDOWS\SYSTEM32\s.exe (Delete File) ***********************
* 2012-01-25 13:18:43 *
*********************** [7FFFFFF2 - 隐匿对象]
C:\WINDOWS\SYSTEM32\S.EXE (Delete File) ***********************
* 2012-01-25 13:34:05 *
*********************** [7FFFFFF1 - Unknown Trojan Horse/Virus|未知的风险软件]
C:\WINDOWS\SYSTEM32\p.exe (Delete File)
C:\WINDOWS\SYSTEM32\s.exe (Delete File) ***********************
* 2012-01-25 13:40:02 *
*********************** [7FFFFFF1 - Unknown Trojan Horse/Virus|未知的风险软件]
C:\WINDOWS\SYSTEM32\s.exe (Delete File) ***********************
* 2012-01-25 13:43:55 *
*********************** [7FFFFFF2 - 隐匿对象]
C:\WINDOWS\SYSTEM32\S.EXE (Delete File) ***********************
* 2012-01-25 14:14:25 *
*********************** [7FFFFFF1 - Unknown Trojan Horse/Virus|未知的风险软件]
C:\WINDOWS\SYSTEM32\s.exe (Delete File)

C:\Program Files\Rising\RFW\fwfs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 5]
C:\Program Files\Rising\RFW\fwvirlib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 5]
C:\Program Files\Rising\RFW\fwlibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3]
C:\Program Files\Rising\RFW\rstask.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 7]
C:\Program Files\Rising\RFW\rsstub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.1] [PID: 1032 / SYSTEM] C:\Program Files\360\360Safe\deepscan\ZhuDongFangYu.exe [(Verified)360.cn, 3, 2, 2, 1040]
C:\Program Files\360\360Safe\360leakfixplugin.dll [(Verified)360.cn, 1, 0, 0, 1003]
C:\Program Files\360\360Safe\SoftMgr\360SoftMgrS.dll [(Verified)360.cn, 2, 1, 6, 1182]
C:\Program Files\360\360Safe\deepscan\qutmload.dll [(Verified)360.cn, 6, 9, 0, 1033] [PID: 1408 / SYSTEM] C:\WINDOWS\system32\spoolsv.exe [(Verified)Microsoft Corporation, 5.2.3790.4759 (srv03_sp2_gdr.100817-0343)]
C:\WINDOWS\system32\ZLhp1020.DLL [(Verified)Zenographics, Inc., 5, 60, 425, 0]
C:\WINDOWS\system32\spool\PRTPROCS\W32X86\ZIMFPrnt.DLL [(Verified)Zenographics, Inc., 6, 1, 1, 0]
C:\WINDOWS\system32\ZIMF.dll [(Verified)Zenographics, Inc., 5, 70, 616, 0]
C:\WINDOWS\system32\ZTAG.dll [(Verified)Zenographics, Inc., 5, 60, 1210, 0]
C:\WINDOWS\system32\ZSPOOL.dll [(Verified)Zenographics, Inc., 6, 1, 1, 0] [PID: 1604 / SYSTEM] C:\PROGRA~1\MICROS~3\MSSQL\binn\sqlservr.exe [Microsoft Corporation, 2000.080.2039.00]
C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0]
C:\PROGRA~1\MICROS~3\MSSQL\binn\opends60.dll [Microsoft Corporation, 2000.080.2039.00]
C:\PROGRA~1\MICROS~3\MSSQL\binn\sqlsort.dll [Microsoft Corporation, 2000.080.2039.00]
C:\PROGRA~1\MICROS~3\MSSQL\binn\ums.dll [Microsoft Corporation, 2000.080.2039.00]
C:\PROGRA~1\MICROS~3\MSSQL\binn\Resources\2052\sqlevn70.RLL [Microsoft Corporation, 2000.080.2039.00]
C:\Program Files\Microsoft SQL Server\MSSQL\binn\SSNETLIB.dll [Microsoft Corporation, 2000.080.2039.00]
C:\PROGRA~1\MICROS~3\MSSQL\binn\SS***PCn.dll [Microsoft Corporation, 2000.080.2039.00]
C:\PROGRA~1\MICROS~3\MSSQL\binn\SSnmPN70.dll [Microsoft Corporation, 2000.080.2039.00]
C:\Program Files\Microsoft SQL Server\MSSQL\binn\SQLFTQRY.DLL [Microsoft Corporation, 2000.080.2039.00] [PID: 1632 / SYSTEM] C:\WINDOWS\system32\nvsvc32.exe [(Verified)NVIDIA Corporation, 6.14.12.8558]
C:\WINDOWS\system32\nvapi.dll [(Verified)NVIDIA Corporation, 6.14.12.8558] [PID: 1756 / UpdatusUser] C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [(Verified)NVIDIA Corporation, 1.5.20.0] [PID: 1928 / SYSTEM] C:\WINDOWS\System32\xsynllib.exe [N/A]
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\2a2addf60bd35143ba7ee345dbcd2717\mscorlib.ni.dll [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e63eceaba99d7b4ea03ffc23a7d861df\System.ni.dll [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\440bbe63082eb641a5ea457e1d7d2062\System.Drawing.ni.dll [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\64cda71195a49e4493154ecae8f75aca\System.Windows.Forms.ni.dll [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3042784b14c7f64893b7820ab3ad1c3d\System.Configuration.ni.dll [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\acecbc8705d3684099176c3705fe82d2\System.Xml.ni.dll [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll [Microsoft Corporation, 8.0.50727.42]
C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [PID: 2008 / SYSTEM] C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe [Microsoft Corporation, 9.107.8320.9]
C:\Program Files\Common Files\System\MSSearch\Bin\mssws.dll [Microsoft Corporation, 9.107.8320.9]
C:\PROGRA~1\COMMON~1\System\MSSearch\Bin\mssrch.dll [Microsoft Corporation, 9.107.8320.9]
C:\Program Files\Common Files\System\MSSearch\Bin\tquery.dll [Microsoft Corporation, 9.107.8320.9]
C:\PROGRA~1\COMMON~1\System\MSSearch\Bin\propdefs.dll [Microsoft Corporation, 9.107.8320.9] [PID: 2744 / Administrator] C:\WINDOWS\Explorer.EXE [(Verified)Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)]
C:\Program Files\360\360Safe\safemon\safemon.dll [(Verified)360.cn, 7, 0, 1, 1015]
C:\Program Files\360\360Safe\safemon\iNetSafe.dll [(Verified)360.cn, 1, 0, 2, 1060]
C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll [Nero AG, 2, 0, 0, 8]
C:\Program Files\Common Files\Ahead\Lib\MFC71.DLL [Microsoft Corporation, 7.10.3077.0]
C:\Program Files\Common Files\Ahead\Lib\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0]

<{6BF52A52-394A-11d3-B153-00C04F79FAA6}> <rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub> [(Verified)Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | (Verified)Microsoft Corporation, 6.00.3790.3959 (srv03_sp2_rtm.070216-1710) | (Verified)N/A]
<{89B4C1CD-B018-4511-B0A1-5476DBF70820}> <C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install> [(Verified)Microsoft Corporation, 5.2.3790.3959 (srv03_sp2_rtm.070216-1710) | Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions]
<{83241FE4-9972-11D3-BDC2-000021EA4FD8}> <C:\WF821\Desktop\RunIE.exe> [N/A] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors]
<HPLJ1020LM> <ZLhp1020.DLL> [(Verified)Zenographics, Inc., 5, 60, 425, 0] ================================================================
启动组 [Adobe Gamma Loader]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Gamma Loader.lnk> <"C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe"> [Adobe Systems, Inc., 1, 0, 0, 1]
[服务管理器]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\服务管理器.lnk> <"C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe" /n> [Microsoft Corporation, 2000.080.2039.00] ================================================================
任务计划
================================================================
组件
--------------------------------
Shell Extension
[HyperTerminal Icon Ext]
<{88895560-9AA2-1069-930E-00AA0030EBC8}> <%systemroot%\system32\hticons.dll> []
[任务栏和「开始」菜单]
<{0DF44EAA-FF21-4412-828E-260A8728E7F1}> <> []
[WinRAR shell extension]
<{B41DB860-8EE4-11D2-9906-E49FADC173CA}> <C:\Program Files\WinRAR\rarext.dll> [N/A]
[NvCpl DesktopContext Class]
<{A70C977A-BF00-412C-90B7-034C51DA2439}> <C:\WINDOWS\system32\nvcpl.dll> [(Verified)NVIDIA Corporation, 6.14.12.8558]
[Desktop Explorer]
<{1CDB2949-8F65-4355-8456-263E7C208A5D}> <C:\Program Files\NVIDIA Corporation\nview\nvshell.dll> [(Verified)N/A]
[360软件管家右键卸载 Shell Extension]
<{5E19C0CE-C02C-46c2-98C3-A2E12EDE0E17}> <C:\Program Files\360\360Safe\SoftMgr\SoftMgrExt.dll> [(Verified)360.cn, 1, 0, 0, 1010]
[ScriptDropShellExt]
<{97C1D2CE-3AB4-4459-9142-D50D9338CB9A}> <C:\Program Files\ACD Systems\RoboEnhancer\ScriptDropShellExt.dll> [Copyright 2001, 0, 5, 0, 1]
[NeroDigitalIconHandler]
<{B327765E-D724-4347-8B16-78AE18552FC3}> <C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll> [Nero AG, 2, 0, 0, 8]
[ShellLink for Application References]
<{e82a2d71-5b2f-43a0-97b8-81be15854de8}> <C:\WINDOWS\system32\dfshim.dll> [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] --------------------------------

C:\Program Files\Rising\RAV\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.4]
C:\Program Files\Rising\RAV\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.1]
C:\Program Files\Rising\RAV\Hooksys.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 25, 0, 0, 8]
C:\Program Files\Rising\RAV\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
C:\Program Files\Rising\RAV\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
C:\Program Files\Rising\RAV\rstask.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 8]
C:\Program Files\Rising\RAV\rsstub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.1]
C:\Program Files\Rising\RAV\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.1]
C:\Program Files\Rising\RAV\hookTdi.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 25, 0, 0, 9]
C:\Program Files\Rising\RAV\BACore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 99]
C:\Program Files\Rising\RAV\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.12]
C:\Program Files\Rising\RAV\bawhite.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 5]
C:\Program Files\Rising\RAV\ScanAdd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23.0.0.31]
C:\Program Files\Rising\RAV\Scanner.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 70]
C:\Program Files\Rising\RAV\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 12]
C:\Program Files\Rising\RAV\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3]
C:\Program Files\Rising\RAV\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 8]
C:\Program Files\Rising\RAV\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1]
C:\Program Files\Rising\RAV\ScanSrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 17]
C:\Program Files\Rising\RAV\scanpe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 30]
C:\Program Files\Rising\RAV\pearc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 8]
C:\Program Files\Rising\RAV\engext.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 27]
C:\Program Files\Rising\RAV\vmicore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 18]
C:\Program Files\Rising\RAV\ffr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3]
C:\Program Files\Rising\RAV\nvfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 7]

那......
s.exe是怎么生成的呢？

注意你的磁盘 其余各个磁盘的隐藏文件 有些可能是释放病毒的源程序或者批处理
实在不行的硬盘重新分区 再装系统 这样 就该会被消灭掉

重装吧。。。。。。

不用重装，用金山毒霸杀，我刚刚搞定

360，瑞星都不行

说实话以前听看不起金山的，看来人不可貌相，软件业一样