用Autoruns扫一个日志上来，注意隐藏微软信息进程

【详解“天天泡泡”的帖子】
版主说话一向言简意赅
http://forum.ikaka.com/topic.asp?board=28&artid=6979213第11楼下载Autoruns,“隐藏微软信息进程”即为选Options-Hide Microsoft Entries.

唉，我也下了，这是autoruns扫描的进程，好长好长的，费心了，只求尽快解决掉这个顽固的病毒
HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms

+ rdpclipRDP Clip MonitorMicrosoft Corporationc:\windows\system32\rdpclip.exe

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit

+ C:\WINDOWS\system32\userinit.exeUserinit Logon ApplicationMicrosoft Corporationc:\windows\system32\userinit.exe

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell

+ Explorer.exeWindows ExplorerMicrosoft Corporationc:\windows\explorer.exe

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

+ NvCplDaemonRun a DLL as an AppMicrosoft Corporationc:\windows\system32\rundll32.exe

+ RavTaskRavTimerBeijing Rising Technology Co., Ltd.c:\program files\rising\rav\ravtask.exe

+ TkBellExeFile not found: rem

HKLM\SOFTWARE\Classes\Protocols\Filter

+ application/octet-streamMicrosoft .NET Runtime Execution EngineMicrosoft Corporationc:\windows\system32\mscoree.dll

+ application/x-complusMicrosoft .NET Runtime Execution EngineMicrosoft Corporationc:\windows\system32\mscoree.dll

+ application/x-msdownloadMicrosoft .NET Runtime Execution EngineMicrosoft Corporationc:\windows\system32\mscoree.dll

+ Class Install HandlerOLE32 Extensions for Win32Microsoft Corporationc:\windows\system32\urlmon.dll

+ deflateOLE32 Extensions for Win32Microsoft Corporationc:\windows\system32\urlmon.dll

+ gzipOLE32 Extensions for Win32Microsoft Corporationc:\windows\system32\urlmon.dll

+ lzdhtmlOLE32 Extensions for Win32Microsoft Corporationc:\windows\system32\urlmon.dll

+ text/webviewhtmlWindows Shell Common DllMicrosoft Corporationc:\windows\system32\shell32.dll

HKLM\SOFTWARE\Classes\Protocols\Handler

+ aboutMicrosoft (R) HTML ViewerMicrosoft Corporationc:\windows\system32\mshtml.dll

+ cdlOLE32 Extensions for Win32Microsoft Corporationc:\windows\system32\urlmon.dll

+ dvdActiveX control for streaming videoMicrosoft Corporationc:\windows\system32\msvidctl.dll

+ fileOLE32 Extensions for Win32Microsoft Corporationc:\windows\system32\urlmon.dll

+ ftpOLE32 Extensions for Win32Microsoft Corporationc:\windows\system32\urlmon.dll

+ gopherOLE32 Extensions for Win32Microsoft Corporationc:\windows\system32\urlmon.dll

+ httpOLE32 Extensions for Win32Microsoft Corporationc:\windows\system32\urlmon.dll

+ httpsOLE32 Extensions for Win32Microsoft Corporationc:\windows\system32\urlmon.dll

+ itsMicrosoft? InfoTech Storage System LibraryMicrosoft Corporationc:\windows\system32\itss.dll

+ javascriptMicrosoft (R) HTML ViewerMicrosoft Corporationc:\windows\system32\mshtml.dll

+ localOLE32 Extensions for Win32Microsoft Corporationc:\windows\system32\urlmon.dll

+ mailtoMicrosoft (R) HTML ViewerMicrosoft Corporationc:\windows\system32\mshtml.dll

+ mhtmlMicrosoft Internet Messaging APIMicrosoft Corporationc:\windows\system32\inetcomm.dll

+ mkOLE32 Extensions for Win32Microsoft Corporationc:\windows\system32\urlmon.dll

+ resMicrosoft (R) HTML ViewerMicrosoft Corporationc:\windows\system32\mshtml.dll

+ sysimageMicrosoft (R) HTML ViewerMicrosoft Corporationc:\windows\system32\mshtml.dll

+ tvActiveX control for streaming videoMicrosoft Corporationc:\windows\system32\msvidctl.dll

+ vbscriptMicrosoft (R) HTML ViewerMicrosoft Corporationc:\windows\system32\mshtml.dll

+ wiaWIA Scripting LayerMicrosoft Corporationc:\windows\system32\wiascr.dll

算了，我放弃了，重装系统了，这样弄下去，越来越麻烦了，什么也看不出来，不好意思了