我经常上了一个多小时到两个小时就要掉次线。把猫关了再开就又好了。查不出病毒，怎么搞的啊

另外，刚才我玩游戏时点不开，说页面太小，提示内存不足。我就开任务管理器看，结果说模块不对还是找不到。用瑞星防火墙看进程，结果点了也没反映。现在重起才恢复正常。

大家帮我看下我的防火墙日志，看有没有木马进来啊``

2006-05-03 22:33:45, 系统禁止接收UDP数据包；地址为：222.42.75.165:1434 <= 210.131.60.201:1072 ；满足规则：防范2003蠕虫王攻击(1434端口)
2006-05-03 21:18:53, 系统禁止接收UDP数据包；地址为：222.42.75.165:1434 <= 220.249.207.189:1352 ；满足规则：防范2003蠕虫王攻击(1434端口)
2006-05-03 20:15:47, 系统禁止接收UDP数据包；地址为：222.42.75.165:1434 <= 202.107.219.9:1611 ；满足规则：防范2003蠕虫王攻击(1434端口)
2006-05-03 18:33:16, 系统禁止接收UDP数据包；地址为：222.42.75.165:1434 <= 222.183.92.117:3085 ；满足规则：防范2003蠕虫王攻击(1434端口)
2006-05-03 18:32:35, 系统禁止接收UDP数据包；地址为：222.42.75.165:1434 <= 222.56.118.27:1040 ；满足规则：防范2003蠕虫王攻击(1434端口)
2006-05-03 12:19:48, 系统禁止接收UDP数据包；地址为：222.42.74.116:1434 <= 202.103.164.50:1060 ；满足规则：防范2003蠕虫王攻击(1434端口)
2006-05-03 10:02:23, 系统禁止接收UDP数据包；地址为：222.42.72.197:1434 <= 205.209.161.170:1076 ；满足规则：防范2003蠕虫王攻击(1434端口)
2006-05-03 09:58:54, 系统禁止接收UDP数据包；地址为：222.42.72.197:1434 <= 10.240.0.2:2089 ；满足规则：防范2003蠕虫王攻击(1434端口)
2006-05-03 09:49:37, 系统禁止接收UDP数据包；地址为：222.42.72.197:1434 <= 218.30.71.80:1324 ；满足规则：防范2003蠕虫王攻击(1434端口)
2006-05-03 00:41:04, 系统禁止接收UDP数据包；地址为：222.42.75.148:1434 <= 218.75.73.36:1068 ；满足规则：防范2003蠕虫王攻击(1434端口)
2006-05-03 00:39:56, 系统允许接收ICMP数据包；地址为：222.42.75.148 <= 210.21.218.67 Code=0, Type=0 ；满足规则：允许Ping出
2006-05-03 00:39:56, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:39:55, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:39:55, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:39:54, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:39:54, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:39:53, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:39:52, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:39:52, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:39:51, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:39:50, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:39:50, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:39:49, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:39:48, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:39:48, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:39:47, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:39:47, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:39:46, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:38:20, 系统允许接收ICMP数据包；地址为：222.42.75.148 <= 210.21.218.67 Code=0, Type=0 ；满足规则：允许Ping出
2006-05-03 00:38:20, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:38:19, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:38:19, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:38:18, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:38:17, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:38:17, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:38:16, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:38:15, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:38:15, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:38:14, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:38:14, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:38:13, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:38:12, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:38:12, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:38:11, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:38:10, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:38:10, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:37:26, 系统允许接收ICMP数据包；地址为：222.42.75.148 <= 210.21.218.67 Code=0, Type=0 ；满足规则：允许Ping出
2006-05-03 00:37:26, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:37:25, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:37:25, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:37:24, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:37:23, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出

2006-05-03 00:37:23, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:37:22, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:37:21, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:37:21, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:37:20, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:37:20, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:37:19, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:37:18, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:37:18, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:37:17, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:37:16, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:37:16, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:37:11, 系统允许接收ICMP数据包；地址为：222.42.75.148 <= 210.21.218.67 Code=0, Type=0 ；满足规则：允许Ping出
2006-05-03 00:37:11, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:37:11, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:37:10, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:37:09, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:37:09, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:37:08, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:37:07, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:37:07, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:37:06, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:37:05, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:37:05, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:37:04, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:37:04, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:37:03, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:37:02, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:37:02, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:37:01, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:36:57, 系统允许接收ICMP数据包；地址为：222.42.75.148 <= 210.21.218.67 Code=0, Type=0 ；满足规则：允许Ping出
2006-05-03 00:36:57, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:36:56, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:36:56, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:36:55, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:36:55, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出

2006-05-03 00:36:54, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:36:53, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:36:53, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:36:52, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:36:51, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:36:51, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:36:50, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:36:49, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:36:49, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:36:48, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:36:47, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-03 00:36:47, 系统允许发送ICMP数据包；地址为：222.42.75.148 => 210.21.218.67 Code=0, Type=8 ；满足规则：允许Ping出
2006-05-02 20:49:09, 系统禁止接收UDP数据包；地址为：222.42.75.148:1434 <= 218.12.197.227:1071 ；满足规则：防范2003蠕虫王攻击(1434端口)
2006-05-02 19:19:37, 系统禁止接收UDP数据包；地址为：222.42.75.148:1434 <= 61.134.60.18:1084 ；满足规则：防范2003蠕虫王攻击(1434端口)
2006-05-02 18:37:23, 系统禁止接收UDP数据包；地址为：222.42.75.148:1434 <= 61.240.110.223:3378 ；满足规则：防范2003蠕虫王攻击(1434端口)
2006-05-02 13:22:35, 系统禁止接收UDP数据包；地址为：222.42.74.73:1434 <= 61.240.110.223:3378 ；满足规则：防范2003蠕虫王攻击(1434端口)
2006-05-02 11:23:33, 系统禁止接收UDP数据包；地址为：222.42.75.28:1434 <= 220.197.222.31:1688 ；满足规则：防范2003蠕虫王攻击(1434端口)
2006-05-02 10:42:11, 系统禁止接收ICMP数据包；地址为：222.42.75.28 <= 61.134.38.22 Code=0, Type=8 ；满足规则：禁止Ping入
2006-05-02 10:02:46, 系统禁止接收UDP数据包；地址为：222.42.75.28:1434 <= 219.146.180.131:43380 ；满足规则：防范2003蠕虫王攻击(1434端口)
2006-05-02 06:08:05, 系统禁止接收UDP数据包；地址为：222.42.72.222:1434 <= 222.180.10.32:1430 ；满足规则：防范2003蠕虫王攻击(1434端口)
2006-05-01 23:54:28, 系统禁止接收ICMP数据包；地址为：222.42.72.81 <= 202.108.144.124 Code=0, Type=8 ；满足规则：禁止Ping入
2006-05-01 23:54:10, 系统禁止接收ICMP数据包；地址为：222.42.72.81 <= 202.108.144.124 Code=0, Type=8 ；满足规则：禁止Ping入
2006-05-01 23:48:13, 系统禁止接收ICMP数据包；地址为：222.42.72.81 <= 61.131.3.98 Code=0, Type=8 ；满足规则：禁止Ping入
2006-05-01 23:47:33, 系统禁止接收ICMP数据包；地址为：222.42.72.81 <= 61.131.3.98 Code=0, Type=8 ；满足规则：禁止Ping入
2006-05-01 23:42:52, 系统禁止接收ICMP数据包；地址为：222.42.72.81 <= 61.131.3.98 Code=0, Type=8 ；满足规则：禁止Ping入
2006-05-01 23:42:41, 系统禁止接收ICMP数据包；地址为：222.42.72.81 <= 61.131.3.98 Code=0, Type=8 ；满足规则：禁止Ping入
2006-05-01 23:41:17, 系统禁止接收ICMP数据包；地址为：222.42.72.81 <= 61.131.3.98 Code=0, Type=8 ；满足规则：禁止Ping入
2006-05-01 23:18:08, 系统禁止接收UDP数据包；地址为：222.42.73.132:1434 <= 218.74.10.62:1780 ；满足规则：防范2003蠕虫王攻击(1434端口)
2006-05-01 17:40:00, 系统禁止接收UDP数据包；地址为：222.42.73.101:1434 <= 219.146.180.131:24393 ；满足规则：防范2003蠕虫王攻击(1434端口)
2006-05-01 17:38:56, 系统禁止接收UDP数据包；地址为：222.42.73.101:1434 <= 10.140.0.4:3720 ；满足规则：防范2003蠕虫王攻击(1434端口)
2006-05-01 17:06:32, 系统禁止接收UDP数据包；地址为：222.42.73.101:1434 <= 61.152.103.200:1040 ；满足规则：防范2003蠕虫王攻击(1434端口)
2006-05-01 16:49:00, 系统禁止接收UDP数据包；地址为：222.42.73.101:1434 <= 10.43.5.152:1778 ；满足规则：防范2003蠕虫王攻击(1434端口)
2006-05-01 16:05:58, 系统禁止接收UDP数据包；地址为：222.42.74.114:1434 <= 10.12.1.1:1129 ；满足规则：防范2003蠕虫王攻击(1434端口)
2006-05-01 15:39:25, 系统禁止接收ICMP数据包；地址为：222.42.74.114 <= 211.97.119.229 Code=0, Type=8 ；满足规则：禁止Ping入
2006-05-01 15:03:16, 系统禁止接收UDP数据包；地址为：222.42.74.114:1434 <= 61.134.25.72:1294 ；满足规则：防范2003蠕虫王攻击(1434端口)
2006-05-01 13:04:52, 系统禁止接收UDP数据包；地址为：222.42.72.58:1434 <= 219.146.96.77:1042[Bla木马] ；满足规则：防范2003蠕虫王攻击(1434端口)
2006-05-01 12:49:39, 系统禁止接收UDP数据包；地址为：222.42.72.58:1434 <= 220.248.226.226:4382 ；满足规则：防范2003蠕虫王攻击(1434端口)
2006-05-01 12:44:06, 系统禁止接收UDP数据包；地址为：222.42.72.58:1434 <= 222.37.13.143:1048 ；满足规则：防范2003蠕虫王攻击(1434端口)
2006-05-01 12:21:19, 系统禁止接收UDP数据包；地址为：222.42.72.58:1434 <= 10.240.0.2:2089 ；满足规则：防范2003蠕虫王攻击(1434端口)
2006-05-01 12:18:00, 系统禁止接收ICMP数据包；地址为：222.42.72.58 <= 220.175.25.22 Code=0, Type=8 ；满足规则：禁止Ping入
2006-05-01 11:47:30, 系统禁止接收UDP数据包；地址为：222.42.72.58:1434 <= 172.163.4.226:4335 ；满足规则：防范2003蠕虫王攻击(1434端口)

被ping是正常...

  我也遇到过...如果是电信包月用户可以改成猫硬件拨号..

      暂时解决...

你的电脑是不是装过多个类式google搜索软件呢,如果装过的话就全部都删掉

没有装啊``

我想问下我上面这些表明我中木马没？

怎么把进程信息复制上来啊，我不会把进程列表弄成文本形式复制

我也下了hijackthis，大家帮我看看

Logfile of HijackThis v1.99.1
Scan saved at 11:12:48, on 2006-5-4
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rising\Rav\Ravmond.exe
c:\program files\rising\rfw\rfwsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Rising\Rav\RavStub.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\Explorer.EXE
c:\program files\rising\rfw\RfwMain.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\ADSL拨号王\HNMainUI.exe
C:\WINDOWS\system32\conime.exe
D:\Program Files\Tencent\TT\TTraveler.exe
D:\Program Files\Tencent\QQ\QQ.exe
D:\Program Files\Tencent\QQ\TIMPlatform.exe
D:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE
D:\工具软件\HijackThis.exe

R3 - URLSearchHook: VeryCD Search Class - {88351CEF-BAC0-4A9B-8380-31A173E2926F} - C:\Program Files\YOK.com\SuperSearch\YOK_SuperSearch.dll (file missing)
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\KakaTool.dll
O3 - Toolbar: VeryCD超级搜索 - {F869BB38-FFEF-4589-B986-610B7AD0ADA2} - C:\Program Files\YOK.com\SuperSearch\YOK_SuperSearch.dll (file missing)
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [StormCodec_Helper] ; "D:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - HKLM\..\Run: [popo2004] ; D:\Program Files\Netease\popo2004\Start.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [Super Rabbit SafeEdit] D:\Program Files\Super Rabbit\MagicSet\SRFC.EXE /Load
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Super Rabbit IEPro] D:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE /LOAD
O4 - Startup: 腾讯QQ.lnk = D:\Program Files\QQ\QQ.exe
O4 - Global Startup: 壁纸自动换.lnk = C:\WINDOWS\system32\bgswitch.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: YOK搜索 - C:\Program Files\YOK.com\SuperSearch\yoksch.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\Program Files\Tencent\QQ\SendMMS.htm
O16 - DPF: {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} (Edit Class) - https://www.sz1.cmbchina.com/download/CMBEdit.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (CEditCtrl Object) - https://img.alipay.com/download/1007/aliedit.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1146676794812
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3E86EF6A-166F-4441-95B3-D3A76902A5F1}: NameServer = 202.103.24.68
O17 - HKLM\System\CCS\Services\Tcpip\..\{B8219065-CCCE-4F0B-90D2-72859E888A1B}: NameServer = 61.232.206.100 211.98.4.1
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe