==================================
正在运行的进程
[PID: 480][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 536][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 560][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 608][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 620][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 780][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 832][d:\Program Files\Rising\CCenter.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
[PID: 860][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 956][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 1112][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 1152][d:\Program Files\Rising\Ravmond.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 1, 35>
    [d:\Program Files\Rising\BWList.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
    [d:\Program Files\Rising\RsCommX.dll]  <rising><18, 0, 0, 1>
    [d:\Program Files\Rising\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [d:\Program Files\Rising\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [d:\Program Files\Rising\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [d:\Program Files\Rising\RsLog.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 20>
    [d:\Program Files\Rising\HOOKSYS.dll]  <Beijing Rising Technology Co., Ltd.><18, 1, 0, 11>
    [d:\Program Files\Rising\Scanner.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 32>
    [d:\Program Files\Rising\libload.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [d:\Program Files\Rising\VirusLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 12>
    [d:\Program Files\Rising\regmon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
    [d:\Program Files\Rising\HookWeb.dll]  <rising><18, 0, 0, 2>
    [d:\Program Files\Rising\MemMon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [d:\Program Files\Rising\expscan.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [d:\Program Files\Rising\mPorts.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 3>
    [d:\Program Files\Rising\MailMon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [d:\Program Files\Rising\SpamEng.dll]  <N/A><18, 0, 0, 6>
    [d:\Program Files\Rising\engine.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 34>
    [d:\Program Files\Rising\PostTrt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 15>
    [d:\Program Files\Rising\UnExe.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [d:\Program Files\Rising\ScanExec.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [d:\Program Files\Rising\ScanEx.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 20>
    [d:\Program Files\Rising\RSUnpack.dll]  <Beijing Rising Technology Co., Ltd.><1, 0, 0, 13>
    [d:\Program Files\Rising\NvFile.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
    [d:\Program Files\Rising\ScanMac.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 9>
    [d:\Program Files\Rising\ScanSct.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 18>
    [d:\Program Files\Rising\Unpacker.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [d:\Program Files\Rising\ExtFile.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
    [d:\Program Files\Rising\ExtOLE.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
    [d:\Program Files\Rising\RsStore.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
    [d:\Program Files\Rising\ScanNet.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[PID: 1340][C:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.0 (XPClient.010817-1148)>
[PID: 1556][C:\WINDOWS\Explorer.EXE]  <Microsoft Corporation><6.00.2800.1106 (xpsp1.020828-1920)>
    [D:\PROGRA~1\FlashGet\jccatch.dll]  <Amaze Soft><1, 1, 4, 0>
    [d:\Program Files\Rising\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [d:\Program Files\WinRAR\rarext.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\RavExt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
    [C:\WINDOWS\System32\msdmo.dll]  <N/A><N/A>
    [C:\WINDOWS\System32\l3codeca.acm]  <Fraunhofer Institut Integrierte Schaltungen IIS><1, 9, 0, 0305>
    [C:\Program Files\Internet Explorer\PLUGINS\system.sys]  <N/A><N/A>
    [C:\MICKNEWWOWTRO\MICKNEWWOWTRO.DLL]  <N/A><N/A>
    [C:\Program Files\Common Files\Adobe\Shell\PSICON.DLL]  <Adobe Systems, Incorporated><7.0>
    [d:\Program Files\UltraEdit-32\ue32ctmn.dll]  <><1, 0, 0, 1>
    [C:\WINDOWS\System32\WINABCX.IME]  <PKUETI><5.22.216>
[PID: 1676][d:\Program Files\Rising\RavStub.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 16>
    [d:\Program Files\Rising\RsCommX.dll]  <rising><18, 0, 0, 1>
    [d:\Program Files\Rising\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[PID: 1856][C:\WINDOWS\System32\nvsvc32.exe]  <NVIDIA Corporation><6.14.10.5216>
[PID: 220][C:\program files\YuanZhi\Recovery Genius\WinNT\HDDGMon.exe]  <><5, 0, 0, 350>
    [C:\program files\YuanZhi\Recovery Genius\WinNT\SimCom.dll]  <N/A><N/A>
    [C:\program files\YuanZhi\Recovery Genius\WinNT\chkID.dll]  <N/A><N/A>
    [C:\program files\YuanZhi\Recovery Genius\WinNT\HMRes.dll]  <><5, 0, 0, 350>
    [C:\Program Files\Internet Explorer\PLUGINS\system.sys]  <N/A><N/A>
    [C:\MICKNEWWOWTRO\MICKNEWWOWTRO.DLL]  <N/A><N/A>
[PID: 228][D:\Program Files\Rising\RavTask.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 22>
    [D:\Program Files\Rising\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [D:\Program Files\Rising\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [D:\Program Files\Rising\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [D:\Program Files\Rising\RsCommX.dll]  <rising><18, 0, 0, 1>
    [C:\MICKNEWWOWTRO\MICKNEWWOWTRO.DLL]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\PLUGINS\system.sys]  <N/A><N/A>
[PID: 328][C:\Program Files\MSN Messenger\MsnMsgr.Exe]  <Microsoft Corporation><8.0.0792.00>
    [C:\WINDOWS\System32\msdmo.dll]  <N/A><N/A>
    [C:\MICKNEWWOWTRO\MICKNEWWOWTRO.DLL]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\PLUGINS\system.sys]  <N/A><N/A>
[PID: 432][C:\WINDOWS\system32\internat.exe]  <Microsoft Corporation><5.00.2920.0000>
    [C:\Program Files\Internet Explorer\PLUGINS\system.sys]  <N/A><N/A>
    [C:\MICKNEWWOWTRO\MICKNEWWOWTRO.DLL]  <N/A><N/A>
[PID: 1132][D:\Program Files\Winamp\Winamp.exe]  <Nullsoft><2.81>
    [D:\Program Files\Winamp\Plugins\IN_CDDA.DLL]  <N/A><N/A>
    [D:\Program Files\Winamp\Plugins\IN_MIDI.DLL]  <N/A><N/A>
    [D:\Program Files\Winamp\Plugins\read_file.dll]  <N/A><N/A>
    [D:\Program Files\Winamp\Plugins\IN_MOD.DLL]  <N/A><N/A>
    [D:\Program Files\Winamp\Plugins\IN_MP3.DLL]  <N/A><N/A>
    [D:\Program Files\Winamp\Plugins\in_vorbis.dll]  <N/A><N/A>
    [D:\Program Files\Winamp\Plugins\IN_WAVE.DLL]  <N/A><N/A>
    [D:\Program Files\Winamp\Plugins\IN_WM.DLL]  <N/A><N/A>
    [D:\Program Files\Winamp\Plugins\OUT_DISK.DLL]  <N/A><N/A>
    [D:\Program Files\Winamp\Plugins\OUT_DS.DLL]  <N/A><N/A>
    [D:\Program Files\Winamp\Plugins\out_wave.dll]  <N/A><N/A>
    [D:\Program Files\Winamp\Plugins\OUT_WM.DLL]  <N/A><N/A>
    [C:\WINDOWS\System32\tssoft32.acm]  <DSP GROUP, INC.><1.01>
    [C:\WINDOWS\System32\tsd32.dll]  <N/A><N/A>
    [C:\WINDOWS\System32\sl_anet.acm]  <Sipro Lab Telecom Inc.><3.02>
    [C:\WINDOWS\System32\l3codeca.acm]  <Fraunhofer Institut Integrierte Schaltungen IIS><1, 9, 0, 0305>
    [C:\MICKNEWWOWTRO\MICKNEWWOWTRO.DLL]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\PLUGINS\system.sys]  <N/A><N/A>

[PID: 3152][C:\WINDOWS\System32\conime.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
    [C:\Program Files\Internet Explorer\PLUGINS\system.sys]  <N/A><N/A>
    [C:\MICKNEWWOWTRO\MICKNEWWOWTRO.DLL]  <N/A><N/A>
[PID: 2292][C:\WINDOWS\System32\taskmgr.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
    [C:\Program Files\Internet Explorer\PLUGINS\system.sys]  <N/A><N/A>
    [C:\MICKNEWWOWTRO\MICKNEWWOWTRO.DLL]  <N/A><N/A>
[PID: 1936][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 3084][C:\Program Files\Internet Explorer\iexplore.exe]  <Microsoft Corporation><6.00.2800.1106 (xpsp1.020828-1920)>
    [C:\Program Files\MSN Toolbar\01.01.2607.0\zh-cn\msntb.dll]  <Microsoft Corporation><01.01.2607.0>
    [C:\Program Files\MSN Toolbar\01.01.2607.0\zh-cn\mtbres.dll]  <Microsoft Corporation><01.01.2607.0>
    [D:\PROGRA~1\FlashGet\jccatch.dll]  <Amaze Soft><1, 1, 4, 0>
    [C:\WINDOWS\System32\Macromed\Flash\Flash9.ocx]  <Adobe Systems, Inc.><9,0,16,0>
    [C:\WINDOWS\System32\WINABCX.IME]  <PKUETI><5.22.216>
    [C:\Program Files\Internet Explorer\PLUGINS\system.sys]  <N/A><N/A>
    [C:\MICKNEWWOWTRO\MICKNEWWOWTRO.DLL]  <N/A><N/A>
    [C:\Documents and Settings\Administrator\桌面\VirusKiller.scr]  <Beijing Rising Tech. Co., Ltd.><1, 0, 0, 1>
    [C:\Program Files\Internet Explorer\PLUGINS\system.sys]  <N/A><N/A>
    [C:\MICKNEWWOWTRO\MICKNEWWOWTRO.DLL]  <N/A><N/A>
[PID: 2752][C:\Program Files\MSN Apps\Updater\01.02.0002.1001\zh-cn\msnappau.exe]  <Microsoft Corporation><01.02.0002.1001>
    [C:\Program Files\MSN Apps\Updater\01.02.0002.1001\zh-cn\au_util.dll]  <Microsoft Corporation><01.02.0002.1001>
    [C:\Program Files\MSN Apps\Updater\01.02.0002.1001\zh-cn\TBDwnMgr.dll]  <Microsoft Corporation><01.02.0002.1001>
[PID: 3880][D:\Program Files\Rising\RavMon.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 1, 33>
    [D:\Program Files\Rising\RsGuiLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 26>
    [D:\Program Files\Rising\BWList.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
    [D:\Program Files\Rising\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [D:\Program Files\Rising\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [D:\Program Files\Rising\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [D:\Program Files\Rising\RsCommX.dll]  <rising><18, 0, 0, 1>
    [D:\Program Files\Rising\PngDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\Program Files\Internet Explorer\PLUGINS\system.sys]  <N/A><N/A>
    [C:\MICKNEWWOWTRO\MICKNEWWOWTRO.DLL]  <N/A><N/A>
[PID: 2084][D:\资料\软件\系统工具\sreng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>
    [C:\Program Files\Internet Explorer\PLUGINS\system.sys]  <N/A><N/A>
    [C:\MICKNEWWOWTRO\MICKNEWWOWTRO.DLL]  <N/A><N/A>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  Error. ["d:\网页三剑客\Dreamweaver MX 2004\Dreamweaver.exe" "%1"]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================

我们单位都中了这个病毒，他感染硬盘上全部的EXE文件，只有装卡巴的没中。

怎么办啊？

很不幸，我也中这两个，，瑞星监控打不开。。。。

Mcafee 4850病毒库已经可以查杀，清除这个病毒了，我今天修复了600多个exe文件。Mcafee不愧是杀软大厂，大家快去试试。

Mcafee 4850病毒库已经可以查杀，清除这个病毒了，我今天修复了600多个exe文件。Mcafee不愧是杀软大厂，大家快去试试。 什么地方有下载啊??

引用:

【songsong123的贴子】Mcafee 4850病毒库已经可以查杀，清除这个病毒了，我今天修复了600多个exe文件。Mcafee不愧是杀软大厂，大家快去试试。 什么地方有下载啊?? ………………

哇  都什么时候拉，还回帖，，病毒早就清除完了