最近本本总用两个病毒，svchost.exe 和 iexplorer.exe　　每次杀完下次再杀是还是那两个！有时直接导致自动重启！请教怎么回事？

iexplorer.exe  和 svchost.exe  都属于正常的系统进程啊（被病毒感染另当别论）

你怎么判断他们是病毒的？

瑞星查出来的后门病毒！我也纳闷着呢！

楼主,住手啊,那可不是病毒,是应用程序,比较重要,不懂不要乱删,小心机子瘫痪!!!!!!!!!!

???????????????
还是发个日志上来吧,分析一下

病毒名都是Backdoor.PcClient.kc

用Autoruns保存一个日志发上来
日志保存方法:选择File->Save菜单项保存日志时注意选择Options->Hide Microsoft Entries菜单项(设置了这项后点工具栏的刷新按钮)

工具的下载、使用参考http://forum.ikaka.com/topic.asp?board=28&artid=7318038

另外注意，那两个进程不是病毒，只是被病毒注入了，真正的源头不在那里

那源头在哪呀？

这是用Autoruns保存一个日志：

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

+ RavTaskRavTimerBeijing Rising Technology Co., Ltd.c:\program files\rising\rav\ravtask.exe

+ RfwMainRising Personal FireWall Main ProgramBeijing Rising Technology Co., Ltd.c:\program files\rising\rfw\rfwmain.exe

C:\Documents and Settings\WMY\「开始」菜单\程序\启动

+ Dr.COM 宽带客户端.lnkc:\program files\北京城市热点资讯有限公司\dr.com 宽带客户端\ishare_user.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks

+ msshlapi.dllc:\windows\msshlapi.dll

+ Rising Execute File Exts hookRising Shell Ext ModuleBeijing Rising Technology Co., Ltd.c:\windows\system32\ravext.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved

+ Display Panning CPL ExtensionFile not found: deskpan.dll

+ HyperTerminal Icon ExtHyperTerminal Applet LibraryHilgraeve, Inc.c:\windows\system32\hticons.dll

+ Portable Media DevicesFile not found: C:\WINDOWS\system32\Audiodev.dll

+ Portable Media Devices MenuFile not found: C:\WINDOWS\system32\Audiodev.dll

+ RISINGRising Shell Ext ModuleBeijing Rising Technology Co., Ltd.c:\windows\system32\ravext.dll

+ Shell Extensions for RealOne PlayerRealPlayer Shell ExtensionsRealNetworks, Inc.c:\program files\real\realplayer\rpshell.dll

+ Synaptics Control PanelTouchPad Control Panel ExtensionsSynaptics, Inc.c:\program files\synaptics\syntp\syntpcpl.dll

+ WinRAR shell extensionc:\program files\winrar\rarext.dll

HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved

+ Web 文件夹c:\program files\common files\microsoft shared\web folders\msonsext.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

+ AcroIEHlprObj ClassAdobe Acrobat IE Helper Version 6.0 for ActivieXAdobe Systems Incorporatedc:\program files\adobe\acrobat 6.0\reader\activex\acroiehelper.dll

+ CAutoLinkBHO ObjectEncyclopediaSohu.com Inc.e:\程序\p4p\autolink.dll

+ CPub ObjectIE MonitorSohu.com Inc.e:\程序\p4p\sodaie.dll

+ ThunderIEHelper ClassXunLei BHOThunder Networking Technologies,LTDc:\windows\system32\xunleibho_v14.dll

HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks

+ socul.dllSogou Expressc:\windows\system32\socul.dll

HKLM\Software\Microsoft\Internet Explorer\Extensions

+ 易趣购物File not found: http://click2.ad4all.net/url2/urlmanage/url.asp?id=5

HKLM\System\CurrentControlSet\Services

+ P4P ServiceSogou P4P ServiceSohu.com Inc.e:\程序\p4p\p2psvr.exe

+ RfwServiceRising Personal Firewall ServiceBeijing Rising Technology Co., Ltd.c:\program files\rising\rfw\rfwsrv.exe

+ RsCCenterCCenterBeijing Rising Technology Co., Ltd.c:\program files\rising\rav\ccenter.exe

+ RsRavMonRavMondBeijing Rising Technology Co., Ltd.c:\program files\rising\rav\ravmond.exe

HKLM\System\CurrentControlSet\Services

+ BaseTDIbasetdiBeijing Rising Technology Co., Ltd.c:\windows\system32\drivers\basetdi.sys

+ BCM43XXBroadcom 802.11 Network Adapter wireless driverBroadcom Corporationc:\windows\system32\drivers\bcmwl5.sys

+ bxyvubonFile not found: C:\WINDOWS\system32\drivers\bxyvubon.sys

+ CAMCAUDConexant WDM AC97 Audio DriverConexant Systems Inc.c:\windows\system32\drivers\camc6aud.sys

+ CAMCHALAConexant AmcHal DriverConexant Systems Inc.c:\windows\system32\drivers\camc6hal.sys

+ eabfiltrQLB PS/2 Keyboard filter driverHewlett-Packard Companyc:\windows\system32\drivers\eabfiltr.sys

+ EagleNTFile not found: C:\WINDOWS\system32\drivers\EagleNT.sys

+ ExpScanerExpScan.sysc:\program files\rising\rav\expscan.sys

+ GEARAspiWDMCDRom Class Filter DriverGEAR Software Inc.c:\windows\system32\drivers\gearaspiwdm.sys

+ HookContTDI HOOK DriverRising tech Co. ltdc:\program files\rising\rav\hookcont.sys

+ HookRegc:\program files\rising\rav\hookreg.sys

+ HookSysHooksysRisingc:\program files\rising\rav\hooksys.sys

+ HookUrlHookUrlBeijing Rising Technology Co., Ltd.c:\program files\rising\rfw\hookurl.sys

+ HSF_DPHSF_DP driverConexant Systems, Inc.c:\windows\system32\drivers\hsf_dp.sys

+ HSFHWICHHSFHWICH WDM driverConexant Systems, Inc.c:\windows\system32\drivers\hsfhwich.sys

+ ialmIntel Graphics Miniport DriverIntel Corporationc:\windows\system32\drivers\ialmnt5.sys

+ mdmxsdkDiagnostic Interface DRIVERConexantc:\windows\system32\drivers\mdmxsdk.sys

+ MEMSCANMemScan Driver瑞星软件有限公司c:\program files\rising\rav\memscan.sys

+ mProcRsRising Personal FireWall  mprocrs.sysBeijing Rising Technology Co., Ltd.c:\program files\rising\rfw\mprocrs.sys

+ PtilinkDirect Parallel Link DriverParallel Technologies, Inc.c:\windows\system32\drivers\ptilink.sys

+ PxHelp20Px Engine Device Driver for Windows 2000/XPSonic Solutionsc:\windows\system32\drivers\pxhelp20.sys

+ RsFwDrvnt_fwdrvBeijing Rising Technology Co., Ltd.c:\program files\rising\rfw\rsfwdrv.sys

+ RTL8023xpRealtek 10/100/1000 NDIS 5.1 Driver                        Realtek Semiconductor Corporation                          c:\windows\system32\drivers\rtlnicxp.sys

+ rtl8139Realtek RTL8139 NDIS 5.0 DriverRealtek Semiconductor Corporationc:\windows\system32\drivers\rtl8139.sys

+ SecdrvSafeDisc driverc:\windows\system32\drivers\secdrv.sys

+ SynTPSynaptics Touchpad DriverSynaptics, Inc.c:\windows\system32\drivers\syntp.sys

+ tifm21tifm21.sysTexas Instrumentsc:\windows\system32\drivers\tifm21.sys

+ winachsfHSF_CNXT driverConexant Systems, Inc.c:\windows\system32\drivers\hsf_cnxt.sys

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls

+ C:\WINDOWS\system32\SoDAHK.DLLSodaHKSohu.com Inc.c:\windows\system32\sodahk.dll

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify

+ igfxcuiigfxsrvc ModuleIntel Corporationc:\windows\system32\igfxsrvc.dll