這個是什麽木馬.!?瑞星根本殺不了嘛.!一删除了重新啓動馬上就恢復了.!究竟要怎麽處理才行.!?哪個高手來幫幫我.!?
再問個題外話.!究竟是不是這個病毒的原因導致我QQ發生錯誤.!?我有時打開QQ的時候就變成注册QQ的那界面.!怎麽關也關不掉.!要結束任務才行.!如果哪個高手知道的話請告知一二.!謝謝.!
補充一點.!我本來想進入安全模式删除得.!但是我已經無法進入安全模式了.!而且這個文件就算我不删除.!只要我啓動電腦一次.!就會生成一個這樣的文件.!
哪個高手幇我解决下這個難題.!?謝謝了.!
無緣無故又多了一個木馬.!我的天啊.....
這個東西太厲害了.!我用朋友推薦的ewido anti-spyware殺了5個感染文件硬是沒能把它幹掉.!一重啓又有了.!

希望哪個高手幫幫忙解决下這個問題.!!!謝謝了.!!!

引用:

【天真的尐图的贴子】這個是什麽木馬.!?瑞星根本殺不了嘛.!一删除了重新啓動馬上就恢復了.!究竟要怎麽處理才行.!?哪個高手來幫幫我.!? 再問個題外話.!究竟是不是這個病毒的原因導致我QQ發生錯誤.!?我有時打開QQ的時候就變成注册QQ的那界面.!怎麽關也關不掉.!要結束任務才行.!如果哪個高手知道的話請告知一二.!謝謝.! ………………

字体那么难看

引用:

【終生學習的贴子】 引用: 【天真的尐图的贴子】這個是什麽木馬.!?瑞星根本殺不了嘛.!一删除了重新啓動馬上就恢復了.!究竟要怎麽處理才行.!?哪個高手來幫幫我.!? 再問個題外話.!究竟是不是這個病毒的原因導致我QQ發生錯誤.!?我有時打開QQ的時候就變成注册QQ的那界面.!怎麽關也關不掉.!要結束任務才行.!如果哪個高手知道的話請告知一二.!謝謝.! ……………… 字体那么难看 ………………

暈.!現在是找人幇我解决問題.!不是解决字體問題吧.!?

有沒有高手在綫幫滿解决這個難題阿.!?
上百度也找不到相關資料啊.!

引用:

【天真的尐图的贴子】 引用: 【終生學習的贴子】 引用: 【天真的尐图的贴子】這個是什麽木馬.!?瑞星根本殺不了嘛.!一删除了重新啓動馬上就恢復了.!究竟要怎麽處理才行.!?哪個高手來幫幫我.!? 再問個題外話.!究竟是不是這個病毒的原因導致我QQ發生錯誤.!?我有時打開QQ的時候就變成注册QQ的那界面.!怎麽關也關不掉.!要結束任務才行.!如果哪個高手知道的話請告知一二.!謝謝.! ……………… 字体那么难看 ……………… 暈.!現在是找人幇我解决問題.!不是解决字體問題吧.!? ………………

我不是你图片里的字体难看，是说你发贴的时候那些字搞的颜色很难看，那些字怎么看啊啊，那么刺眼，怎么帮你啊？
扫个日志上来http://szcht.ys168.com

2006-11-30,00:24:18

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [NVIDIA Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <RavStub><"C:\Program Files\Rising\Rav\ravstub.exe" /RUNONCE>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [Microsoft Corporation]

==================================
启动文件夹
[腾讯QQ]
  <C:\Documents and Settings\new\「开始」菜单\程序\启动\腾讯QQ.lnk --> E:\PROGRA~1\腾迅QQ\QQ.exe [TENCENT]><N>

==================================

服务
[Alerter / Alerter]
  <C:\WINDOWS\system32\svchost.exe -k LocalService-->%SystemRoot%\system32\alrsvc.dll><Microsoft Corporation>
[Application Layer Gateway Service / ALG]
  <C:\WINDOWS\System32\alg.exe><Microsoft Corporation>
[Application Management / AppMgmt]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><Microsoft Corporation>
[Windows Audio / AudioSrv]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\audiosrv.dll><Microsoft Corporation>
[Background Intelligent Transfer Service / BITS]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\qmgr.dll><Microsoft Corporation>
[Computer Browser / Browser]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\browser.dll><Microsoft Corporation>
[Indexing Service / CiSvc]
  <C:\WINDOWS\system32\cisvc.exe><Microsoft Corporation>
[ClipBook / ClipSrv]
  <C:\WINDOWS\system32\clipsrv.exe><Microsoft Corporation>
[COM+ System Application / COMSysApp]
  <C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}><Microsoft Corporation>
[Cryptographic Services / CryptSvc]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\cryptsvc.dll><Microsoft Corporation>
[DCOM Server Process Launcher / DcomLaunch]
  <C:\WINDOWS\system32\svchost -k DcomLaunch-->%SystemRoot%\system32\rpcss.dll><Microsoft Corporation>
[DHCP Client / Dhcp]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\dhcpcsvc.dll><Microsoft Corporation>
[Logical Disk Manager Administrative Service / dmadmin]
  <C:\WINDOWS\System32\dmadmin.exe /com><Microsoft Corp., Veritas Software>
[Logical Disk Manager / dmserver]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\dmserver.dll><Microsoft Corp.>
[DNS Client / Dnscache]
  <C:\WINDOWS\system32\svchost.exe -k NetworkService-->%SystemRoot%\System32\dnsrslvr.dll><Microsoft Corporation>
[Error Reporting Service / ERSvc]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\ersvc.dll><Microsoft Corporation>
[Event Log / Eventlog]
  <C:\WINDOWS\system32\services.exe><Microsoft Corporation>
[COM+ Event System / EventSystem]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\es.dll><Microsoft Corporation>
[Fast User Switching Compatibility / FastUserSwitchingCompatibility]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\shsvcs.dll><Microsoft Corporation>
[Help and Support / helpsvc]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><Microsoft Corporation>
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[HTTP SSL / HTTPFilter]
  <C:\WINDOWS\System32\svchost.exe -k HTTPFilter-->%SystemRoot%\System32\w3ssl.dll><Microsoft Corporation>

[IMAPI CD-Burning COM Service / ImapiService]
  <C:\WINDOWS\system32\imapi.exe><Microsoft Corporation>
[Workstation / lanmanworkstation]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\wkssvc.dll><Microsoft Corporation>
[TCP/IP NetBIOS Helper / LmHosts]
  <C:\WINDOWS\system32\svchost.exe -k LocalService-->%SystemRoot%\System32\lmhsvc.dll><Microsoft Corporation>
[Messenger / Messenger]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\msgsvc.dll><Microsoft Corporation>
[NetMeeting Remote Desktop Sharing / mnmsrvc]
  <C:\WINDOWS\system32\mnmsrvc.exe><Microsoft Corporation>
[Distributed Transaction Coordinator / MSDTC]
  <C:\WINDOWS\system32\msdtc.exe><Microsoft Corporation>
[Windows Installer / MSIServer]
  <C:\WINDOWS\system32\msiexec.exe /V><Microsoft Corporation>
[Network DDE / NetDDE]
  <C:\WINDOWS\system32\netdde.exe><Microsoft Corporation>
[Network DDE DSDM / NetDDEdsdm]
  <C:\WINDOWS\system32\netdde.exe><Microsoft Corporation>
[Net Logon / Netlogon]
  <C:\WINDOWS\system32\lsass.exe><Microsoft Corporation>
[Network Connections / Netman]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\netman.dll><Microsoft Corporation>
[Network Location Awareness (NLA) / Nla]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\mswsock.dll><Microsoft Corporation>
[NT LM Security Support Provider / NtLmSsp]
  <C:\WINDOWS\system32\lsass.exe><Microsoft Corporation>
[Removable Storage / NtmsSvc]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\system32\ntmssvc.dll><Microsoft Corporation>
[NVIDIA Display Driver Service / NVSvc]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Plug and Play / PlugPlay]
  <C:\WINDOWS\system32\services.exe><Microsoft Corporation>
[IPSEC Services / PolicyAgent]
  <C:\WINDOWS\system32\lsass.exe><Microsoft Corporation>
[Protected Storage / ProtectedStorage]
  <C:\WINDOWS\system32\lsass.exe><Microsoft Corporation>
[Remote Access Auto Connection Manager / RasAuto]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\rasauto.dll><Microsoft Corporation>
[Remote Access Connection Manager / RasMan]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\rasmans.dll><Microsoft Corporation>
[Remote Desktop Help Session Manager / RDSessMgr]
  <C:\WINDOWS\system32\sessmgr.exe><Microsoft Corporation>
[Routing and Remote Access / RemoteAccess]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\mprdim.dll><Microsoft Corporation>
[Remote Registry / RemoteRegistry]
  <C:\WINDOWS\system32\svchost.exe -k LocalService-->%SystemRoot%\system32\regsvc.dll><Microsoft Corporation>
[Rising Proxy  Service / RfwProxySrv]
  <c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
  <c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Remote Procedure Call (RPC) Locator / RpcLocator]
  <C:\WINDOWS\system32\locator.exe><Microsoft Corporation>
[Remote Procedure Call (RPC) / RpcSs]
  <C:\WINDOWS\system32\svchost -k rpcss-->%SystemRoot%\system32\rpcss.dll><Microsoft Corporation>
[Rising Process Communication Center / RsCCenter]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon]
  <"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>

[QoS RSVP / RSVP]
  <C:\WINDOWS\system32\rsvp.exe><Microsoft Corporation>
[Security Accounts Manager / SamSs]
  <C:\WINDOWS\system32\lsass.exe><Microsoft Corporation>
[Smart Card / SCardSvr]
  <C:\WINDOWS\System32\SCardSvr.exe><Microsoft Corporation>
[Task Scheduler / Schedule]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\system32\schedsvc.dll><Microsoft Corporation>
[Secondary Logon / seclogon]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\seclogon.dll><Microsoft Corporation>
[System Event Notification / SENS]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\system32\sens.dll><Microsoft Corporation>
[Windows Firewall/Internet Connection Sharing (ICS) / SharedAccess]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\ipnathlp.dll><Microsoft Corporation>
[Shell Hardware Detection / ShellHWDetection]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\shsvcs.dll><Microsoft Corporation>
[Windows Services WinSocket / SocketServiceto]
  <><N/A>
[Print Spooler / Spooler]
  <C:\WINDOWS\system32\spoolsv.exe><Microsoft Corporation>
[System Restore Service / srservice]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\srsvc.dll><Microsoft Corporation>
[SSDP Discovery Service / SSDPSRV]
  <C:\WINDOWS\system32\svchost.exe -k LocalService-->%SystemRoot%\System32\ssdpsrv.dll><Microsoft Corporation>
[Windows Image Acquisition (WIA) / stisvc]
  <C:\WINDOWS\system32\svchost.exe -k imgsvc-->%SystemRoot%\system32\wiaservc.dll><Microsoft Corporation>
[MS Software Shadow Copy Provider / SwPrv]
  <C:\WINDOWS\system32\dllhost.exe /Processid:{7490D777-B956-4C68-9697-6C94F8333698}><Microsoft Corporation>
[Performance Logs and Alerts / SysmonLog]
  <C:\WINDOWS\system32\smlogsvc.exe><Microsoft Corporation>
[System Recover Servic / SysreSrv]
  <sysresrv.exe><N/A>
[Telephony / TapiSrv]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\tapisrv.dll><Microsoft Corporation>
[Terminal Services / TermService]
  <C:\WINDOWS\System32\svchost -k DComLaunch-->%SystemRoot%\System32\termsrv.dll><Microsoft Corporation>
[Themes / Themes]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\shsvcs.dll><Microsoft Corporation>
[Telnet / TlntSvr]
  <C:\WINDOWS\system32\tlntsvr.exe><Microsoft Corporation>
[Distributed Link Tracking Client / TrkWks]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\system32\trkwks.dll><Microsoft Corporation>
[Windows User Mode Driver Framework / UMWdf]
  <C:\WINDOWS\system32\wdfmgr.exe><Microsoft Corporation>
[Universal Plug and Play Device Host / upnphost]
  <C:\WINDOWS\system32\svchost.exe -k LocalService-->%SystemRoot%\System32\upnphost.dll><Microsoft Corporation>
[Uninterruptible Power Supply / UPS]
  <C:\WINDOWS\System32\ups.exe><Microsoft Corporation>
[User Privilege Service / usprserv]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs><Microsoft Corporation>
[Volume Shadow Copy / VSS]
  <C:\WINDOWS\System32\vssvc.exe><Microsoft Corporation>
[Windows Time / W32Time]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\w32time.dll><Microsoft Corporation>
[WebClient / WebClient]
  <C:\WINDOWS\system32\svchost.exe -k LocalService-->%SystemRoot%\System32\webclnt.dll><Microsoft Corporation>
[Windows Management Instrumentation / winmgmt]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\system32\wbem\WMIsvc.dll><Microsoft Corporation>
[Portable Media Serial Number Service / WmdmPmSN]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\mspmsnsv.dll><Microsoft Corporation>
[Windows Management Instrumentation Driver Extensions / Wmi]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\advapi32.dll><Microsoft Corporation>
[WMI Performance Adapter / WmiApSrv]
  <C:\WINDOWS\system32\wbem\wmiapsrv.exe><Microsoft Corporation>
[Security Center / wscsvc]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SYSTEMROOT%\system32\wscsvc.dll><Microsoft Corporation>
[Automatic Updates / wuauserv]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\wuauserv.dll><Microsoft Corporation>

==================================