高手帮我看看吧,前一段那个木马搞得我头都大了,后来病毒是除了,但是网速很慢,是不是病毒没有除清啊.这是AutoRuns日志
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run           

+ BigDog303    Vimicro    Vimicro    c:\windows\vm303_sti.exe

+ ExFilter    cdnspie        c:\program files\cnnic\cdn\cdnspie.dll

+ LenSoft    FlyShuttle Microsoft 基础类应用程序        c:\program files\lenovo\幸福一键通\flyshuttle.exe

+ Lskbdrv            c:\program files\lenovo\幸福一键通\kbdriver.exe

+ NvCplDaemon    NVIDIA Taskbar Utility Library    NVIDIA Corporation    c:\windows\system32\nvqtwk.dll

+ nwiz    NVIDIA nView Control Panel, Version 28.32     NVIDIA Corporation    c:\windows\system32\nwiz.exe

+ RavMon    RavMon Rising realtime monitor     Beijing Rising Technology Co., Ltd.    c:\program files\rising\rav\ravmon.exe

+ RavTimer    RavTimer    Beijing Rising Technology Co., Ltd.    c:\program files\rising\rav\ravtimer.exe

+ RfwMain    Rising Personal FireWall Main Program    Beijing Rising Technology Corporation Limited    c:\program files\rising\rfw\rfwmain.exe

+ SoundMan    Realtek Sound Manager    Realtek Semiconductor Corp.    C:\WINDOWS\soundman.exe

+ TkBellExe    RealNetworks Scheduler    RealNetworks, Inc.    c:\program files\common files\real\update_ob\realsched.exe

C:\Documents and Settings\All Users\「开始」菜单\程序\启动           

+ InterVideo WinCinema Manager.lnk    WinCinema Manager        c:\program files\intervideo\common\bin\wincinemamgr.exe

C:\Documents and Settings\Owner\「开始」菜单\程序\启动           

+ 腾讯QQ.lnk            d:\program files\新建文件夹\qq.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved           

+ RISING    Rising Shell Ext Module    Beijing Rising Technology Co., Ltd.    c:\windows\system32\ravext.dll

+ Shell Extensions for RealOne Player    RealPlayer Shell Extensions    RealNetworks, Inc.    c:\program files\real\realplayer\rpshell.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects           

+ NTIECatcher Class    Net Transport IE Helper Module    Xi    d:\program files\xi\nettransport 2\ntiehelper.dll

+ QQBrowserHelperObject Class    QQIEHelper Module    深圳市腾讯计算机系统有限公司    c:\program files\tencent\qq\qqiehelper.dll

HKLM\Software\Microsoft\Internet Explorer\Extensions           

+ 联想            File not found: http://www.legend.com

+ 腾讯QQ            d:\program files\新建文件夹\qq.exe

HKLM\System\CurrentControlSet\Services           

+ NVSvc    NVIDIA Driver Helper Service, Version 28.32    NVIDIA Corporation    c:\windows\system32\nvsvc32.exe

+ RfwService    Rising Personal Firewall Service    Beijing Rising Technology Corporation Limited    c:\program files\rising\rfw\rfwsrv.exe

+ RsCCenter    CCenter    rising    c:\program files\rising\rav\ccenter.exe

+ RsRavMon    RavMon    Beijing Rising Technology Co., Ltd.    c:\program files\rising\rav\ravmond.exe

HKLM\System\CurrentControlSet\Services           

+ ALCXWDM    Realtek AC'97 Audio Driver (WDM)    Realtek Semiconductor Corp.    c:\windows\system32\drivers\alcxwdm.sys

+ BaseTDI    basetdi    Rising    c:\windows\system32\drivers\basetdi.sys

+ basic2    NTRksample driver    Conexant    c:\windows\system32\drivers\hsf_bsc2.sys

+ ExpScaner    ExpScan.sys        c:\program files\rising\rav\expscan.sys

+ HookCont    TDI HOOK Driver    Rising tech Co. ltd    c:\program files\rising\rav\hookcont.sys

+ HookReg            c:\program files\rising\rav\hookreg.sys

+ HookSys        瑞星    c:\program files\rising\rav\hooksys.sys

+ HSF_DP    HSF_DP driver    Conexant Systems    c:\windows\system32\drivers\hsf_dp.sys

+ hsf_msft    WinACHSF driver    Conexant    c:\windows\system32\drivers\hsf_msft.sys

+ HSFHWBS2    HSF_HWB2 WDM driver    Conexant Systems    c:\windows\system32\drivers\hsfhwbs2.sys

+ kmsinput            c:\windows\system32\drivers\kmsinput.sys

+ mdmxsdk    Diagnostic Interface DRIVER    Conexant    c:\windows\system32\drivers\mdmxsdk.sys

+ npkcrypt    nProtect KeyCrypt Driver    INCA Internet Co., Ltd.    c:\program files\tencent\qq\npkcrypt.sys

+ nv    NVIDIA Compatible Windows 2000 Miniport Driver, Version 28.32     NVIDIA Corporation    c:\windows\system32\drivers\nv4_mini.sys

+ Ptilink    Direct Parallel Link Driver    Parallel Technologies, Inc.    c:\windows\system32\drivers\ptilink.sys

+ Rksample    Rksample WDM driver    Conexant    c:\windows\system32\drivers\hsf_samp.sys

+ RsFwDrv    nt_fwdrv    Rising    c:\program files\rising\rfw\rsfwdrv.sys

+ rtl8139    NDIS 5.0 driver                                                                      Realtek Semiconductor Corporation                                                    c:\windows\system32\drivers\rtl8139.sys

+ Secdrv    SafeDisc driver        c:\windows\system32\drivers\secdrv.sys

+ sisagp    SiS NT AGP Filter    Silicon Integrated Systems Corporation    c:\windows\system32\drivers\sisagpx.sys

+ SiSide    SiS PCI Mini IDE Driver    Silicon Integrated Systems Corp.    c:\windows\system32\drivers\siside.sys

+ sisperf    SiS Filter Driver    Silicon Integrated Systems Corp.    c:\windows\system32\drivers\sisperf.sys

+ UIUSys    Diagnostic Interface DRIVER    Conexant    c:\windows\system32\drivers\uiusys.sys

+ winachsf    WinACHSF driver    Conexant Systems    c:\windows\system32\drivers\hsf_cnxt.sys

+ ZSMC303    Video streaming and Capture Device Driver    VM    c:\windows\system32\drivers\usbvm303.sys

hijackthis日志
运行进程:           
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
C:\PROGRAM FILES\RISING\RAV\RavStub.exe
C:\Program Files\rising\Rfw\rfwsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lenovo\幸福一键通\Kbdriver.exe
C:\Program Files\Lenovo\幸福一键通\FlyShuttle.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\rising\Rfw\RfwMain.exe
C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
C:\PROGRA~1\RISING\RAV\RAVMON.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\VM303_STI.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
D:\Program Files\BT\BitComet\BitComet.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Tencent\qq\QQ.exe
D:\Program Files\新建文件夹\TIMPlatform.exe
C:\Program Files\Windows Media Player\wmplayer.exe
D:\Program Files\shadu\HijackThis v1.99.1 汉化版\HijackThis.exe

R3 - Default URLSearchHook is missing
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - D:\Program Files\Xi\NetTransport 2\NTIEHelper.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (没有文件) 
O3 - Toolbar: (no name) - {F60C7D81-8471-4D40-AAFE-56D318F34C2D} - (没有文件) 
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Lskbdrv] C:\Program Files\Lenovo\幸福一键通\Kbdriver.exe
O4 - HKLM\..\Run: [LenSoft] C:\Program Files\Lenovo\幸福一键通\FlyShuttle.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ExFilter] Rundll32.exe "C:\PROGRA~1\CNNIC\Cdn\cdnspie.dll",ExecFilter solo
O4 - HKLM\..\Run: [RavTimer] C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [RavMon] C:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM
O4 - HKLM\..\Run: [NMGameX_AutoRun] C:\WINDOWS\System32\Rundll32.exe NMGameX.dll,LiveProcess /aa
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - HKLM\..\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: 腾讯QQ.lnk = ?
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O8 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\Tencent\qq\AddToNetDisk.htm
O8 - Extra context menu item: 使用影音传送带下载 - D:\Program Files\Xi\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: 使用影音传送带下载全部链接 - D:\Program Files\Xi\NetTransport 2\NTAddList.html
O8 - Extra context menu item: 收藏此页到ViVi - http://vivi.sina.com.cn/collect/click.php?agent=ddt
O8 - Extra context menu item: 新浪搜索 - http://cha.sina.com.cn/ddt.html
O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\Tencent\qq\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\qq\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\Tencent\qq\SendMMS.htm
O9 - Extra button: 联想 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.legend.com (文件故障)
O9 - Extra button: 卓越 - {8DE0FCD4-5EB5-11D3-AD25-00002100131B} - C:\PROGRA~1\Kingsoft\XDict\IEPlugin.dll
O9 - Extra button: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: 金山词霸 - {C8CE29C5-7589-11D3-B81B-0080C8DC5DC8} - C:\PROGRA~1\Kingsoft\XDict\IEPlugin.dll
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Program Files\新建文件夹\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Program Files\新建文件夹\QQ.EXE
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.legend.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{59F3EB3F-D3EB-4D56-A585-46BCB5684BE4}: NameServer = 211.98.192.3 61.233.65.3
O17 - HKLM\System\CS1\Services\Tcpip\..\{59F3EB3F-D3EB-4D56-A585-46BCB5684BE4}: NameServer = 211.98.192.3 61.233.65.3
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: cdl - {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: file - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ftp - {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: gopher - {79EAC9E4-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: http - {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: https - {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ipp - (no CLSID) - (没有文件) 
O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: local - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: mailto - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11D0-85E3-00C04FD85AB4} - C:\WINDOWS\System32\inetcomm.dll
O18 - Protocol: mk - {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll
O18 - Protocol: msdaipp - (no CLSID) - (没有文件) 
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\System32\wiascr.dll