你可以换个杀软试试

每次开机，感染每个系统进程。RFW是这么报的，开机就会弹出对话框，提示某个进程杀毒成功。然后不停的弹，直到每个进程都没有病毒。就是这种情况。 香水要上传什么工具，告诉名字，俄自己去下就好了。还请高手帮帮忙，谢了先......

开机 RFW不报警了 ，这是现在的扫描日至


Logfile of HijackThis v1.99.1
Scan saved at 10:27:27, on 2005/09/12
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\RAV\Ravmond.exe
d:\rav\rfw\rfwsrv.exe
C:\WINDOWS\system32\spoolsv.exe
D:\RAV\CCENTER.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\Explorer.EXE
d:\rav\rfw\RfwMain.exe
D:\RAV\RAVTIMER.EXE
D:\RAV\RAVMON.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
D:\MSNShell\BIN\MSNShell.exe
D:\Adobe\Distillr\acrotray.exe
D:\Adobe\Read\Reader\reader_sl.exe
C:\WINDOWS\System32\mdm.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\PowerBulider\PowerBuilder 8.0\pb80.exe
D:\Hijackthis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Adobe\Acrobat\AcroIEFavClient.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\zh-cn\msntb.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - d:\NetTransport\NTIEHelper.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\zh-cn\msntb.dll
O3 - Toolbar: ラジオ(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: ﾍ・ﾀﾍ・ｨ - {F43BD772-ABDD-43b7-A96A-3E9E61946EC0} - C:\WINDOWS\WORLD2\TOOLBAR\hmtoolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Adobe\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - (no file)
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - HKLM\..\Run: [RavTimer] D:\RAV\RAVTIMER.EXE
O4 - HKLM\..\Run: [RavMon] D:\RAV\RAVMON.EXE -SYSTEM
O4 - HKLM\..\Run: [RfwMain] "D:\Rav\Rfw\rfwmain.exe" -Startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSNShell] D:\MSNShell\BIN\MSNShell.exe autorun
O8 - Extra context menu item: Download all by Net Transport - D:\NetTransport\NTAddList.html
O8 - Extra context menu item: Download by Net Transport - D:\NetTransport\NTAddLink.html
O8 - Extra context menu item: 添加到QQ自定?面板 - D:\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信?送??片 - D:\Tencent\QQ\SendMMS.htm
O8 - Extra context menu item: ｵｼｳｱﾇｰﾒｳｵｽｳｬﾐﾇﾔﾄﾀﾀﾆ・&A) - D:\SSREADER\ss_all.htm
O8 - Extra context menu item: ｵｼｳ｡ﾖﾐｲｿｷﾖｵｽｳｬﾐﾇﾔﾄﾀﾀﾆ・&S) - D:\SSREADER\ss_select.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Java コンソール (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: 信息?索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ﾒﾗﾈ､ｹｺﾎ・ - {DE60714F-AC17-427e-861A-FD60CBDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing)
O9 - Extra 'Tools' menuitem: ﾒﾗﾈ､ｹｺﾎ・ - {DE60714F-AC17-427e-861A-FD60CBDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_01) -
O16 - DPF: {E3489C0D-D07D-4281-A4A7-ADA8E9A0893F} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/cn/filesharingctrl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CEF6F4FD-E24D-4664-90A4-45DDF494A3CB}: NameServer = 202.96.64.68,210.52.149.2
O18 - Protocol: dynascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: koboo - {7DEE9D05-FA0A-4416-A6F3-6537D0EAB6A6} - C:\WINDOWS\System32\mbprot.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: apihookdll.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Corporation Limited - d:\rav\rfw\rfwsrv.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Rising Process Communication Center (RsCCenter) - rising - D:\RAV\CCENTER.EXE
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\RAV\Ravmond.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

问题好像解决了，主要的问题出现在system/drivers/ups.exe这里
参看了
http://forum.ikaka.com/topic.asp?board=28&artid=7134326
用楼主建议的工具把ups.exe删掉，RFW就不再报警了！

但是注册表里的信息好没有删掉，不知道在哪里，高手帮忙！

没有人帮忙哦？

怎么这么多人中了啊？为什么啊？我怎么也中了啊~~~

C:\WINDOWS\System32\mdm.exe
O3 - Toolbar: ラジオ(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: ﾍ・ﾀﾍ・ｨ - {F43BD772-ABDD-43b7-A96A-3E9E61946EC0} - C:\WINDOWS\WORLD2\TOOLBAR\hmtoolbar.dll
O8 - Extra context menu item: ｵｼｳｱﾇｰﾒｳｵｽｳｬﾐﾇﾔﾄﾀﾀﾆ・&A) - D:\SSREADER\ss_all.htm
O8 - Extra context menu item: ｵｼｳ｡ﾖﾐｲｿｷﾖｵｽｳｬﾐﾇﾔﾄﾀﾀﾆ・&S) - D:\SSREADER\ss_select.htm

O9 - Extra 'Tools' menuitem: Java コンソール (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: ﾒﾗﾈ､ｹｺﾎ・ - {DE60714F-AC17-427e-861A-FD60CBDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing)
O9 - Extra 'Tools' menuitem: ﾒﾗﾈ､ｹｺﾎ・ - {DE60714F-AC17-427e-861A-FD60CBDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

楼上的高手 什么意思？ 那些项应该被修复吗？

ｐｓ：俄是日文操作系统

网上买耗材的好去处http://www.dpk123.com

购物100元以上免平邮费; 
兼容墨盒200元免送货上门费 ;
下单加1元礼物任你选;
5元,8元,12元墨盒,超低的价格你不心动吗?
买格之格品牌硒鼓一个送A4彩喷纸一包;
买杰思特品牌硒鼓一个送A4彩喷纸一包;
买天威品牌硒鼓一个送A4彩喷纸一包;
买天威兼容STAR cr3240/NX2420色带架, 超低价还买五送一;
买天威兼容EPSON LQ1600K色带架 超低价还买十送二;
格之格兼容EPSON T038/T039墨盒套装60.00元
买格之格兼容HP2612硒鼓超低价还送格之格兼容HP2612碳粉一支;
买格之格兼容HP7115A硒鼓超低价还送格之格兼容HP7115碳粉一支;
买格之格兼容EPSON T026/T027套装超低价还送短平快兼容T026BK墨盒1个;
买格之格兼容EPSON T028/T029套装超低价还送短平快兼容T028BK墨盒1个;
买格之格兼容CANON BCI-24BK/24C套装;超低价还送 BCI-24CMY彩色墨盒1个
短平快商城http://www.dpk123.com热忱欢迎您的光临!

  短 平 快 商 城 是短平快公司自营的网上购物平台，面向全国经营,国内最大的专业耗材电子商务销售平台；提供最新行业信息；实用及维修技术支持；30多个品牌近万种产品；价格同行最低；50多个城市提供货到付款。是目前国内耗材门类、品种最齐全的网上购物平台，竭诚为用户提供各式打印机原装和通用耗材，包括EPSON,CANON、HP、天威、格之格、耐力、格力、杰思特、双杰、活彩、短平快等品牌全系列墨盒、墨水、激光碳粉、硒鼓、色带、打印纸、相纸、光盘和磁盘，并以良好的服务、便捷的支付方式、优惠的价格、成熟的物流体系为 广大网 民提供便捷、舒适的网上购物环境。