PID: 2428 / Owner][C:\Program Files\Rising\Rav\Ravmon.exe]  [Beijing Rising Technology Co., Ltd., 20.0.01.05]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MFC71CHS.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Rising\Rav\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [C:\Program Files\Rising\Rav\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [C:\Program Files\Rising\Rav\recomp.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [C:\Program Files\Rising\Rav\refs.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9]
    [C:\Program Files\Rising\Rav\viruslib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 14]
    [C:\Program Files\Rising\Rav\relibldr.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 12]
    [C:\Program Files\Rising\Rav\RSAPPMGR.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.10]
    [C:\Program Files\Rising\Rav\MonRule.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.24]
    [C:\Program Files\Rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [C:\Program Files\Rising\Rav\Rsguilib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 79]
    [C:\Program Files\Rising\Rav\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 0]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 2464 / Owner][C:\WINDOWS\system32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\nview.dll]  [, ]
    [C:\WINDOWS\system32\NVWRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.11060]
    [C:\WINDOWS\system32\nvwddi.dll]  [NVIDIA Corporation, 6.14.10.9371]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
    [C:\WINDOWS\system32\nvapi.dll]  [N/A, ]
    [C:\WINDOWS\system32\nvshell.dll]  [, ]
[PID: 2484 / Owner][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 3216 / Owner][C:\Program Files\Chinanet\VnetClient.exe]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\nview.dll]  [, ]
    [C:\WINDOWS\system32\NVWRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.11060]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
[PID: 3712 / Owner][E:\Download\新建文件夹 (2)\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [C:\WINDOWS\system32\nview.dll]  [, ]
    [C:\WINDOWS\system32\NVWRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.11060]
    [C:\WINDOWS\system32\nvwddi.dll]  [NVIDIA Corporation, 6.14.10.9371]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
    [E:\Download\新建文件夹 (2)\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]

文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  Error. [winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
进程特权扫描
特殊特权被允许： SeLoadDriverPrivilege [PID = 2304, C:\PROGRAM FILES\ANALOG DEVICES\SOUNDMAX\SMAX4.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2316, C:\WINDOWS\LHOTKEY.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2336, C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2352, C:\PROGRAM FILES\RISING\ANTISPYWARE\RUNIEP.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 3216, C:\PROGRAM FILES\CHINANET\VNETCLIENT.EXE]

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]

貌似挺严重的，连我的电脑图标都变了！还是重装系统得了！

注意：删除病毒可能会具有一定的危险性 所以强烈建议操作前要把重要资料转移至非系统分区！
打开sreng

“启动项目”-“服务”-“Win32服务应用程序”中点“隐藏经认证的微软项目”，
选中以下项目，点“删除服务”，再点“设置”，在弹出的框中点“否”：
[0106net / 0106net][Stopped/Auto Start]
<C:\WINDOWS\0106net.exe><N/A>
[Transaction Provisioning Service / skycncnc][Stopped/Auto Start]
<C:\WINDOWS\system32\SVCH0ST.exe><N/A>

重启计算机进入安全模式下删除
<C:\WINDOWS\system32\SVCH0ST.exe><N/A>
<C:\WINDOWS\0106net.exe><N/A>

我照你说的做了,但是在这之前,图表的样子就变回来了,是电脑中毒了么!!!!!!!!!!!!!!!!!!!!!!!!

电脑肯定有病毒，这没错。

把文件发送到http://up.rising.com.cn/webmail/uploadnew.htm

上传给瑞星http://up.rising.com.cn/webmail/uploadnew.htm

鄙视 千里寻,不会装什么高手,乱盖,哪有什么病毒,让我删的什么东西!!!!!!!!!!!!!!!!强烈鄙视你

引用:

【fhaeua的贴子】鄙视 千里寻,不会装什么高手,乱盖,哪有什么病毒,让我删的什么东西!!!!!!!!!!!!!!!!强烈鄙视你 ………………

怎么了？？？

是不是删除所指的文件后，系统异常了？？？？

删这个删出问题了？？？？

C:\WINDOWS\system32\SVCH0ST.exe