真是越来越心寒啊。。。。

望高手指点。。。。。。。谢谢了~~~

后来用卡巴似乎扫到很多...

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run           

+ kav    Kaspersky Anti-Virus    Kaspersky Lab    e:\program files\kaspersky lab\kaspersky anti-virus 6.0\avp.exe

+ RavTask    RavTimer    Beijing Rising Technology Co., Ltd.    e:\program files\rising\rav\ravtask.exe

+ RfwMain    Rising Personal FireWall Main Program    Beijing Rising Technology Co., Ltd.    e:\program files\rising\rfw\rfwmain.exe

C:\Documents and Settings\wejfxh3kj fh34\「开始」菜单\程序\启动           

+ 腾讯QQ.lnk    QQ    TENCENT    e:\program files\tencent\qq\qq.exe

HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load           

+ C:\WINDOWS\rundl132.exe            c:\windows\rundl132.exe

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run           

+ Alexa            找不到文件:C:\WINDOWS\system32\qproecss.exe

+ Ver            找不到文件:2006.07.20

HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components           

+ 0            找不到文件:About:Home

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks           

+ Rising Execute File Exts hook    Rising Shell Ext Module    Beijing Rising Technology Co., Ltd.    c:\windows\system32\ravext.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved           

+ Display Panning CPL Extension            找不到文件:deskpan.dll

+ HyperTerminal Icon Ext    HyperTerminal Applet Library    Hilgraeve, Inc.    c:\windows\system32\hticons.dll

+ RISING    Rising Shell Ext Module    Beijing Rising Technology Co., Ltd.    c:\windows\system32\ravext.dll

+ Shell Extensions for RealOne Player    RealOne Player Shell Extensions    RealNetworks    c:\program files\real\realone player\rpshellext.dll

+ Web反病毒保护    Script Monitor Internet Explorer plugin    Kaspersky Lab    e:\program files\kaspersky lab\kaspersky anti-virus 6.0\scieplugin.dll

+ WinRAR shell extension            e:\program files\winrar\rarext.dll

HKLM\Software\Microsoft\Internet Explorer\Toolbar           

+ kakatool.dll        Beijing Rising Technology Co., Ltd.    c:\windows\system32\kakatool.dll

HKLM\Software\Microsoft\Internet Explorer\Extensions           

+ 启动迅雷            e:\program files\thunder network\thunder\thunder.exe

+ 腾讯QQ    QQ    TENCENT    e:\program files\tencent\qq\qq.exe

HKLM\System\CurrentControlSet\Services           

+ AVP    保护计算机远离病毒和间谍软件的威胁。    Kaspersky Lab    e:\program files\kaspersky lab\kaspersky anti-virus 6.0\avp.exe

+ ewido anti-spyware 4.0 guard    ewido anti-spyware guard    Anti-Malware Development a.s.    e:\program files\ewido anti-spyware 4.0\guard.exe

+ RfwService    Rising Personal Firewall Service    Beijing Rising Technology Co., Ltd.    e:\program files\rising\rfw\rfwsrv.exe

+ RsCCenter    CCenter    Beijing Rising Technology Co., Ltd.    e:\program files\rising\rav\ccenter.exe

+ RsRavMon    RavMond    Beijing Rising Technology Co., Ltd.    e:\program files\rising\rav\ravmond.exe

+ SoundMAX Agent Service (default)    SoundMAX service agent component    Analog Devices, Inc.    c:\program files\analog devices\soundmax\smagent.exe

HKLM\System\CurrentControlSet\Services           

+ aeaudio    Andrea Audio Stub Driver    Andrea Electronics Corporation    c:\windows\system32\drivers\aeaudio.sys

+ BaseTDI    basetdi    Beijing Rising Technology Co., Ltd.    c:\windows\system32\drivers\basetdi.sys

+ dump_wmimmc            找不到文件:C:\WINDOWS\system32\drivers\dump_wmimmc.sys

+ ewido anti-spyware 4.0 driver            e:\program files\ewido anti-spyware 4.0\guard.sys

+ ExpScaner    ExpScan.sys        e:\program files\rising\rav\expscan.sys

+ FETNDIS    NDIS 5.0 miniport driver    VIA Technologies, Inc.                  c:\windows\system32\drivers\fetnd5.sys

+ FETNDISB    NDIS 5.0 miniport driver    VIA Technologies, Inc.                  c:\windows\system32\drivers\fetnd5b.sys

+ HookCont    TDI HOOK Driver    Rising tech Co. ltd    e:\program files\rising\rav\hookcont.sys

+ HookReg            e:\program files\rising\rav\hookreg.sys

+ HookSys    Hooksys    Rising    e:\program files\rising\rav\hooksys.sys

+ HookUrl    HookUrl    Beijing Rising Technology Co., Ltd.    e:\program files\rising\rfw\hookurl.sys

+ kl1    Kaspersky Unified Driver    Kaspersky Lab    c:\windows\system32\drivers\kl1.sys

+ klif    spuper-ptor    Kaspersky Lab    c:\windows\system32\drivers\klif.sys

+ kmsinput            c:\windows\system32\drivers\kmsinput.sys

+ MEMSCAN    MemScan Driver    瑞星软件有限公司    e:\program files\rising\rav\memscan.sys

+ mProcRs    Rising Personal FireWall  mprocrs.sys    Beijing Rising Technology Co., Ltd.    e:\program files\rising\rfw\mprocrs.sys

+ npkcrypt    nProtect KeyCrypt Driver    INCA Internet Co., Ltd.    e:\program files\tencent\qq\npkcrypt.sys

+ npkycryp            找不到文件:E:\Program Files\Tencent\QQ\npkycryp.sys

+ NPPTNT2    nProtect NPSC Kernel Mode Driver for NT    INCA Internet Co., Ltd.    c:\windows\system32\npptnt2.sys

+ NTSIM    Network Device Monitor Utility    VIA Technologies, Inc.                  c:\windows\system32\ntsim.sys

+ nv    NVIDIA Compatible Windows 2000 Miniport Driver, Version 56.73     NVIDIA Corporation    c:\windows\system32\drivers\nv4_mini.sys

+ nvcap            找不到文件:system32\DRIVERS\nvcap.sys

+ Ptilink    Direct Parallel Link Driver    Parallel Technologies, Inc.    c:\windows\system32\drivers\ptilink.sys

+ RsFwDrv    nt_fwdrv    Beijing Rising Technology Co., Ltd.    e:\program files\rising\rfw\rsfwdrv.sys

+ Secdrv    SafeDisc driver        c:\windows\system32\drivers\secdrv.sys

+ smwdm    SoundMAX Integrated Digital Audio     Analog Devices, Inc.    c:\windows\system32\drivers\smwdm.sys

+ TSP    spuper-ptor    Kaspersky Lab    c:\windows\system32\drivers\klif.sys

+ viaagp1    VIA NT AGP Filter    VIA Technologies, Inc.    c:\windows\system32\drivers\viaagp1.sys

+ viasraid    VIA SATA RAID DRIVER FOR WINXP    VIA Technologies inc,.ltd    c:\windows\system32\drivers\viasraid.sys

+ vulfnths    VIA USB Host Controller Lower Filter Driver    VIA Technologies, Inc.    c:\windows\system32\drivers\vulfnth.sys

+ vulfntrs    VIA USB Roothub Lower Filter Driver    VIA Technologies, Inc.    c:\windows\system32\drivers\vulfntr.sys

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify           

+ klogon    Logon Visualizer    Kaspersky Lab    c:\windows\system32\klogon.dll

请用http://forum.ikaka.com/topic.asp?board=36&artid=8144360    工具Autoruns扫描日志上来.


Autoruns日志特别提醒：扫描日志前请先点击Option菜单——将Hide Microsoft Entries前面打上勾，再去保存日志。如果不这样做，日志会很长，浪费空间，我们也不好分析

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

+ RavTaskRavTimerBeijing Rising Technology Co., Ltd.e:\program files\rising\rav\ravtask.exe

+ RfwMainRising Personal FireWall Main ProgramBeijing Rising Technology Co., Ltd.e:\program files\rising\rfw\rfwmain.exe

+ TkBellExe找不到文件:;

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

+ RavStubRising RavStubBeijing Rising Technology Co., Ltd.e:\program files\rising\rav\ravstub.exe

C:\Documents and Settings\wejfxh3kj fh34\「开始」菜单\程序\启动

+ 腾讯QQ.lnkQQTENCENTe:\program files\tencent\qq\qq.exe

HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components

+ 0找不到文件:About:Home

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved

+ Display Panning CPL Extension找不到文件:deskpan.dll

+ HyperTerminal Icon ExtHyperTerminal Applet LibraryHilgraeve, Inc.c:\windows\system32\hticons.dll

+ RISINGRising Shell Ext ModuleBeijing Rising Technology Co., Ltd.c:\windows\system32\ravext.dll

+ Shell Extensions for RealOne PlayerRealOne Player Shell ExtensionsRealNetworksc:\program files\real\realone player\rpshellext.dll

+ Web反病毒保护找不到文件:C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll

+ WinRAR shell extensione:\program files\winrar\rarext.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

+ QQBrowserHelperObject ClassQQIEHelper Module深圳市腾讯计算机系统有限公司e:\program files\tencent\qq\qqiehelper.dll

HKLM\Software\Microsoft\Internet Explorer\Toolbar

+ BitComet工具栏BitComet Toolbar for IEe:\program files\bitcomet\bitcometbar\bitcometbar0.6.dll

+ kakatool.dllBeijing Rising Technology Co., Ltd.c:\windows\system32\kakatool.dll

HKLM\Software\Microsoft\Internet Explorer\Extensions

+ 启动迅雷Thunder Networking Technologies,LTDe:\program files\thunder network\thunder\thunder.exe

+ 腾讯QQQQTENCENTe:\program files\tencent\qq\qq.exe

HKLM\System\CurrentControlSet\Services

+ RfwServiceRising Personal Firewall ServiceBeijing Rising Technology Co., Ltd.e:\program files\rising\rfw\rfwsrv.exe

+ RsCCenterCCenterBeijing Rising Technology Co., Ltd.e:\program files\rising\rav\ccenter.exe

+ RsRavMonRavMondBeijing Rising Technology Co., Ltd.e:\program files\rising\rav\ravmond.exe

+ SoundMAX Agent Service (default)SoundMAX service agent componentAnalog Devices, Inc.c:\program files\analog devices\soundmax\smagent.exe

HKLM\System\CurrentControlSet\Services

+ aeaudioAndrea Audio Stub DriverAndrea Electronics Corporationc:\windows\system32\drivers\aeaudio.sys

+ BaseTDIbasetdiBeijing Rising Technology Co., Ltd.c:\windows\system32\drivers\basetdi.sys

+ ExpScanerExpScan.syse:\program files\rising\rav\expscan.sys

+ FETNDISNDIS 5.0 miniport driverVIA Technologies, Inc.              c:\windows\system32\drivers\fetnd5.sys

+ FETNDISBNDIS 5.0 miniport driverVIA Technologies, Inc.              c:\windows\system32\drivers\fetnd5b.sys

+ HookContTDI HOOK DriverRising tech Co. ltde:\program files\rising\rav\hookcont.sys

+ HookRege:\program files\rising\rav\hookreg.sys

+ HookSysHooksysRisinge:\program files\rising\rav\hooksys.sys

+ HookUrlHookUrlBeijing Rising Technology Co., Ltd.e:\program files\rising\rfw\hookurl.sys

+ kl1Kaspersky Unified DriverKaspersky Labc:\windows\system32\drivers\kl1.sys

+ klifspuper-ptorKaspersky Labc:\windows\system32\drivers\klif.sys

+ MEMSCANMemScan Driver瑞星软件有限公司e:\program files\rising\rav\memscan.sys

+ mProcRsRising Personal FireWall  mprocrs.sysBeijing Rising Technology Co., Ltd.e:\program files\rising\rfw\mprocrs.sys

+ npkcryptnProtect KeyCrypt DriverINCA Internet Co., Ltd.e:\program files\tencent\qq\npkcrypt.sys

+ npkycryp找不到文件:E:\Program Files\Tencent\QQ\npkycryp.sys

+ NPPTNT2nProtect NPSC Kernel Mode Driver for NTINCA Internet Co., Ltd.c:\windows\system32\npptnt2.sys

+ NTSIMNetwork Device Monitor UtilityVIA Technologies, Inc.              c:\windows\system32\ntsim.sys

+ nvNVIDIA Compatible Windows 2000 Miniport Driver, Version 56.73 NVIDIA Corporationc:\windows\system32\drivers\nv4_mini.sys

+ nvcap找不到文件:system32\DRIVERS\nvcap.sys

+ PtilinkDirect Parallel Link DriverParallel Technologies, Inc.c:\windows\system32\drivers\ptilink.sys

+ RsFwDrvnt_fwdrvBeijing Rising Technology Co., Ltd.e:\program files\rising\rfw\rsfwdrv.sys

+ SecdrvSafeDisc driverc:\windows\system32\drivers\secdrv.sys

+ smwdmSoundMAX Integrated Digital Audio Analog Devices, Inc.c:\windows\system32\drivers\smwdm.sys

+ viaagp1VIA NT AGP FilterVIA Technologies, Inc.c:\windows\system32\drivers\viaagp1.sys

+ viasraidVIA SATA RAID DRIVER FOR WINXPVIA Technologies inc,.ltdc:\windows\system32\drivers\viasraid.sys

+ vulfnthsVIA USB Host Controller Lower Filter DriverVIA Technologies, Inc.c:\windows\system32\drivers\vulfnth.sys

+ vulfntrsVIA USB Roothub Lower Filter DriverVIA Technologies, Inc.c:\windows\system32\drivers\vulfntr.sys

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify

+ klogonLogon VisualizerKaspersky Labc:\windows\system32\klogon.dll

是这样吗？

第一次用这个。。。

那个选项我点了 

还有别的要扫描吗？

感觉比别人的少很多。。。呵呵

我一直都不敢做别的事。。。

还一直看帖子呢，，。。

不过感觉方法有点不一样。。。

似乎也没什么杀毒软件可以直接清除的。。。

当然了 。。。我也一直认为杀毒软件只是辅助工具。。。

真的要杀毒还是要自己。。。。