最近中了个病毒....把word文档替换成exe文件....系统会自动弹出东西...比如一打开我的电脑就会跳出文件夹选项......不知道是不是trojan deldoc弄出来的....
我现在最新的瑞星没扫出病毒....但是文件夹选项里显示隐藏文件和显示已知文件扩展名都不能改....有没有人能帮帮我...
谢谢....

用Autoruns保存一个日志发上来
日志保存方法:选择File->Save菜单项
保存日志时注意选择Options->Hide Microsoft Entries菜单项(设置了这项后点工具栏的刷新按钮)

工具使用参考http://forum.ikaka.com/topic.asp?board=28&artid=7318038第14楼

怎么txt,doc,rar都说文件类型不对?只好这样 了...谢谢哦...
ssssssssssssssssssssssssssssssssssssssssssssssssssssssss


HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

+ ApointAlps Pointing-device DriverAlps Electric Co., Ltd.c:\program files\apoint\apoint.exe

+ AtiPTAATI Desktop Control PanelATI Technologies, Inc.c:\windows\system32\atiptaxx.exe

+ BigDogPathStill Image (STI) DriverVM.c:\windows\vm_sti.exe

+ CnsMin3721北京三七二一科技有限公司c:\windows\downloaded program files\cnsmin.dll

+ DAEMON Tools-2052Virtual DAEMON ManagerDAEMON'S HOMEd:\tools\daemon\daemon.exe

+ Dell QuickSetQuickSet MFC Applicationc:\program files\dell\quickset\quickset.exe

+ DVDLauncherCyberLink PowerCinema Resident ProgramCyberLink Corp.c:\program files\cyberlink\powerdvd\dvdlauncher.exe

+ IntelWirelessIntel Framework MFC ApplicationIntel Corporationc:\program files\intel\wireless\bin\ifrmewrk.exe

+ PCMServicePowerCinema Resident Program for DellCyberLink Corp.c:\program files\dell\media experience\pcmservice.exe

+ RavMonRavMon Rising realtime monitor Beijing Rising Technology Co., Ltd.d:\tools\rising\rav\ravmon.exe

+ RavTimerRavTimerBeijing Rising Technology Co., Ltd.d:\tools\rising\rav\ravtimer.exe

+ SunJavaUpdateSchedc:\program files\java\j2re1.4.2_03\bin\jusched.exe

+ TkBellExeRealNetworks SchedulerRealNetworks, Inc.c:\program files\common files\real\update_ob\realsched.exe

C:\Documents and Settings\All Users\「开始」菜单\程序\启动

+ Adobe Reader Speed Launch.lnkAdobe Acrobat SpeedLauncherAdobe Systems Incorporatedc:\program files\adobe\acrobat 7.0\reader\reader_sl.exe

+ Digital Line Detect.lnkDigital Line DetectionBVRP Softwarec:\program files\digital line detect\dlg.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run

+ AtiTrayToolsATI Tray ToolsRay Adamsc:\program files\radeon omega drivers\v2.6.71\ati tray tools\atitray.exe

HKLM\System\CurrentControlSet\Services

+ Ati HotKey PollerATI External Event Utility EXE ModuleATI Technologies Inc.c:\windows\system32\ati2evxx.exe

+ ATI SmartATI Smartc:\windows\system32\ati2sgag.exe

+ EvtEngIntel Event Trace ManagerIntel Corporationc:\program files\intel\wireless\bin\evteng.exe

+ HideFilesAndFolders_Sc:\windows\system32\hffsrv.exe

+ RegSrvcIntel Registry ServiceIntel Corporationc:\program files\intel\wireless\bin\regsrvc.exe

+ RsCCenterCCenterrisingd:\tools\rising\rav\ccenter.exe

+ RsRavMonRavMonBeijing Rising Technology Co., Ltd.d:\tools\rising\rav\ravmond.exe

+ S24EventMonitorHandles the Spectrum24 NDIS TrafficIntel Corporation c:\program files\intel\wireless\bin\s24evmon.exe

+ WLANKEEPERProvides Profile Switching Service for SSO Feature SetIntel? Corporationc:\program files\intel\wireless\bin\wlkeeper.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks

+ cnshook.dll3721 CNS Module北京三七二一科技有限公司c:\windows\downloaded program files\cnshook.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved

+ Display Panning CPL ExtensionFile not found: deskpan.dll

+ HyperTerminal Icon ExtHyperTerminal Applet LibraryHilgraeve, Inc.c:\windows\system32\hticons.dll

+ RISINGRising Shell Ext ModuleBeijing Rising Technology Co., Ltd.c:\windows\system32\ravext.dll

+ Shell Extensions for RealOne PlayerRealPlayer Shell ExtensionsRealNetworks, Inc.c:\program files\real\realplayer\rpshell.dll

+ WinRAR shell extensiond:\tools\winrar\rarext.dll

HKLM\Software\Classes\Folder\Shellex\ColumnHandlers

+ PDF Shell ExtensionPDF Shell ExtensionAdobe Systems, Inc.c:\program files\adobe\acrobat 7.0\activex\pdfshell.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

+ AcroIEHlprObj ClassAdobe Acrobat IE Helper Version 7.0 for ActiveXAdobe Systems Incorporatedc:\program files\adobe\acrobat 7.0\activex\acroiehelper.dll

+ CnsHook Class3721 CNS Module北京三七二一科技有限公司c:\windows\downloaded program files\cnshook.dll

+ IeCatch2 Classjccatch ModuleAmaze Softd:\tools\flashget\jccatch.dll

+ Infofo 工具栏珊瑚虫 Infofo 工具栏珊瑚虫工作室 泰格工作室c:\program files\infofo bar\infofobar.dll

+ 上网助手CoolBar3721c:\program files\3721\assist\asbar.dll

HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks

+ coolbarCoolBar3721c:\program files\3721\assist\asbar.dll

HKLM\Software\Microsoft\Internet Explorer\Toolbar

+ FlashGet BarFlashGet IE BarAmaze Softd:\tools\flashget\fgiebar.dll

+ 上网助手CoolBar3721c:\program files\3721\assist\asbar.dll

HKLM\Software\Microsoft\Internet Explorer\Extensions

+ &FlashGetFlashGetAmaze Softd:\tools\flashget\flashget.exe

+ Yahoo 1G电邮File not found: http://cn.mail.yahoo.com/promo/rd1

+ 浩方对战平台浩方对战平台上海浩方在线信息技术有限公司d:\game\浩方对战平台\gameclient.exe

+ 清理上网记录File not found: http://assistant.3721.com/clean1.htm?fb=Cns

+ 情景聊天File not found: http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/

+ 上网助手File not found: http://assistant.3721.com/index.htm?fb=Cns

+ 手机短信File not found: http://sms.3721.com/ie/index.htm?pid=U_emule_90050

+ 修复浏览器File not found: http://assistant.3721.com/security1.htm?fb=Cns

+ 寻宝乐趣多File not found: http://hot.3721.com/rd/shop_btn.htm

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify

+ AtiExtEventATI External Event Utility DLL ModuleATI Technologies Inc.c:\windows\system32\ati2evxx.dll

+ IntelWirelessLogonNotify DLLIntel Corporationc:\program files\intel\wireless\bin\lgnotify.dll

谁来帮帮忙啊?