瑞星卡卡安全论坛

电脑在使用过程中无故重启，瑞星升到最新版本杀毒，显示没有病毒，格式化系统盘，重装XP操作系统，一切OK，没有再出现无故重启的现象，3天后，又无故重启，查毒，依然没有病毒提示！
谁来救救我！

用Autoruns保存一个日志发上来
日志保存方法:选择File->Save菜单项
保存日志时注意选择Options->Hide Microsoft Entries菜单项(设置了这项后点工具栏的刷新按钮)
工具的下载、使用参考http://forum.ikaka.com/topic.asp?board=28&artid=7318038第14楼

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

+ BigDog303VimicroVimicrod:\windows\vm303_sti.exe

+ BigDogPathStill Image (STI) DriverVM.d:\windows\vm_sti.exe

+ C-Media MixerMixerC-Media Electronic Inc. (www.cmedia.com.tw)d:\windows\mixer.exe

+ CdnCtrLiveUpdate Moduled:\program files\cnnic\cdn\cdnup.exe

+ CnsMin3721北京三七二一科技有限公司d:\windows\downloaded program files\cnsmin.dll

+ DAEMON Tools-2052Virtual DAEMON ManagerDAEMON'S HOMEd:\program files\d-tools\daemon.exe

+ MINI_BFYYFile not found: D:\Ringz Studio\Storm Downloader\StormDownloader.exe

+ NeroFilterCheckNeroCheckAhead Software Gmbhd:\windows\system32\nerocheck.exe

+ RavMonRavMon Rising realtime monitor Beijing Rising Technology Co., Ltd.d:\program files\rising\rav\ravmon.exe

+ RavTimerRavTimerBeijing Rising Technology Co., Ltd.d:\program files\rising\rav\ravtimer.exe

+ RfwMainRising Personal FireWall Main ProgramBeijing Rising Technology Corporation Limitedd:\program files\rising\rfw\rfwmain.exe

+ snpproCameraMonitor ApplicationSonixd:\windows\vsnppro.exe

+ snpstd3CameraMonitor ApplicationSonixd:\windows\vsnpstd3.exe

+ TkBellExeRealNetworks SchedulerRealNetworks, Inc.d:\program files\common files\real\update_ob\realsched.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved

+ Display Panning CPL ExtensionFile not found: deskpan.dll

+ HyperTerminal Icon ExtHyperTerminal Applet LibraryHilgraeve, Inc.d:\windows\system32\hticons.dll

+ mp3infpmp3infp DLLwin32lab.comd:\windows\system32\mp3infp.dll

+ RISINGRising Shell Ext ModuleBeijing Rising Technology Co., Ltd.d:\windows\system32\ravext.dll

+ Shell Extensions for RealOne PlayerRealPlayer Shell ExtensionsRealNetworks, Inc.d:\ringz studio\storm codec\rpshell.dll

+ WinRAR shell extensiond:\winrar\rarext.dll

HKLM\Software\Classes\Folder\Shellex\ColumnHandlers

+ mp3infpmp3infp DLLwin32lab.comd:\windows\system32\mp3infp.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

+ CNNIC_IDNCndnIEHelper Moduled:\program files\cnnic\cdn\cdniehlp.dll

HKLM\Software\Microsoft\Internet Explorer\Toolbar

+ FlashGet BarFlashGet IE BarAmaze Softd:\flashget\fgiebar.dll

HKLM\Software\Microsoft\Internet Explorer\Extensions

+ &FlashGetFlashGetAmaze Softd:\flashget\flashget.exe

+ 新浪UC北京新浪信息技术有限公司d:\sina\uc\uc.exe

HKLM\System\CurrentControlSet\Services

+ RfwServiceRising Personal Firewall ServiceBeijing Rising Technology Corporation Limitedd:\program files\rising\rfw\rfwsrv.exe

+ RsCCenterCCenterrisingd:\program files\rising\rav\ccenter.exe

+ RsRavMonRavMonBeijing Rising Technology Co., Ltd.d:\program files\rising\rav\ravmond.exe

HKLM\System\CurrentControlSet\Services

+ BaseTDIbasetdiRisingd:\windows\system32\drivers\basetdi.sys

+ cdnprotd:\windows\system32\drivers\cdnprot.sys

+ cdntrand:\windows\system32\drivers\cdntran.sys

+ cmpciC-Media Audio WDM DriverC-Media Incd:\windows\system32\drivers\cmaudio.sys

+ d347busPnP BIOS Extension d:\windows\system32\drivers\d347bus.sys

+ d347prtSCSI miniport d:\windows\system32\drivers\d347prt.sys

+ ExpScanerExpScan.sysd:\program files\rising\rav\expscan.sys

+ HookContTDI HOOK DriverRising tech Co. ltdd:\program files\rising\rav\hookcont.sys

+ HookRegd:\program files\rising\rav\hookreg.sys

+ HookSys瑞星d:\program files\rising\rav\hooksys.sys

+ nvNVIDIA Compatible Windows 2000 Miniport Driver, Version 56.73 NVIDIA Corporationd:\windows\system32\drivers\nv4_mini.sys

+ PtilinkDirect Parallel Link DriverParallel Technologies, Inc.d:\windows\system32\drivers\ptilink.sys

+ RsFwDrvnt_fwdrvRisingd:\program files\rising\rfw\rsfwdrv.sys

+ rtl8139Realtek RTL8139 NDIS 5.0 DriverRealtek Semiconductor Corporationd:\windows\system32\drivers\rtl8139.sys

+ SecdrvSafeDisc driverd:\windows\system32\drivers\secdrv.sys

+ SNPPROPC Camera driverd:\windows\system32\drivers\snppro.sys

+ SNPSTD3PC Camera driverd:\windows\system32\drivers\snpstd3.sys

+ ZSMC301bVideo streaming and Capture Device DriverVMd:\windows\system32\drivers\usbvm31b.sys

+ ZSMC303Video streaming and Capture Device DriverVimicro Corporationd:\windows\system32\drivers\usbvm303.sys

是这样的日志吗？

+ snpstd3CameraMonitor ApplicationSonixd:\windows\vsnpstd3.exe

HKLM\Software\Classes\Folder\Shellex\ColumnHandlers
+ mp3infpmp3infp DLLwin32lab.comd:\windows\system32\mp3infp.dll

删除启动项
重启
删除d:\windows\system32\mp3infp.dll
d:\windows\vsnpstd3.exe

已经按照各位的提示做了，这个是病毒吗？

只是比较可疑，删除应该不会有问题的

感谢楼上的筒子！90度鞠躬！