Trojan.PSW.Win32.OnlineGames.yyd,这是最近浏览网站不小心中的毒,应该是盗游戏的木马,当时中毒时,瑞星提示的是当场删除成功,后来有点不放心,在安全和非安全模式下都杀了几次毒,都无。我担心的是当时浏览网站时被瑞星当场杀出的毒,是否真的已经杀掉?
    请教各位大师,除了杀毒外,能否手工查出电脑是否存在病毒！

对！通过进程管理器可以看到异常的进程！！

以下是我在长期制作系统中所做的经验总结,对现在有许多病毒连杀毒软件都束手无策,看到大家都在为病毒烦恼,所以我放出这个注册表,禁止病毒的进程运行.包括现在最火的logo_.exe

LSAS*.**E等许多病毒.大家如果发现新病毒进程,可以自己修改这个注册表对这个病毒进行免疫.

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Control Panel\Desktop]
"AutoEndTasks"="1"
"HungAppTimeout"="200"
"WaitToKillAppTimeout"="200"
"WaitTOKillService"="200"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control]
"WaitToKillServiceTimeout"="200"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters]
"EnablePrefetcher"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"SFCDisable"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AlwaysUnloadDLL]
@="0"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters]
"AutoShareServer"=dword:00000000
"AutoSharewks"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Windows]
"NoPopUpsOnBoot"=dword:00000001
[HKEY_CLASSES_ROOT\lnkfile]
@="快捷方式"
"EditFlags"=dword:00000001
"NeverShowExt"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RemoteComputer\NameSpace]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RemoteComputer\NameSpace\{2227A280-3AEA-1069-A2DE-08002B30309D}]
@="Printers"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer]
"Link"=hex:00,00,00,00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters]
"EnablePrefetcher"=dword:00000003
[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"FontSmoothing"="2"
"FontSmoothingType"=dword:00000002
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"MaxConnectionsPer1_0Server"=dword:00000008
"MaxConnectionsPerServer"=dword:00000008
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control]
"WaitToKillServiceTimeout"="1000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Shareaza.exe]
"Debugger"="c:\\中国超级BT.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Option*\4047.**e]
"Debugger"="c:\\中国超级BT捆绑的病毒.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TuoTu.exe]
"Debugger"="c:\\P2P类.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qqfo1.0_dl.exe]
"Debugger"="c:\\P2P类.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SuperLANadmin.exe]
"Debugger"="c:\\破坏类.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WinPcap30.exe]
"Debugger"="c:\\破坏类.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WinPcap.exe]
"Debugger"="c:\\破坏类.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Robocop.exe]
"Debugger"="c:\\破坏类.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\diaoxian.exe]
"Debugger"="c:\\破坏类.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\network.exe]
"Debugger"="c:\\破坏类.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Option*\冰点还原终结者.**e]
"Debugger"="c:\\破坏类.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Option*\3389.**e]
"Debugger"="c:\\破坏类.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\3389.rar]
"Debugger"="c:\\破坏类.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sc.exe]
"Debugger"="c:\\破坏类.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mstsc.exe]
"Debugger"="c:\\破坏类.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\3389dl.exe]
"Debugger"="c:\\破坏类.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\3389dl.rar]
"Debugger"="c:\\破坏类.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Option*\黑社会.**e]
"Debugger"="c:\\破坏类.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Poco2004.exe]
"Debugger"="c:\\下载类.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Vagaa.exe]
"Debugger"="c:\\下载类.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Kamun.exe]
"Debugger"="c:\\下载类.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Option*\黑社会.**e]
"Debugger"="c:\\下载类.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Option*\还原精灵密码察看器.**e]
"Debugger"="bcvb"

不知道楼主记录了路径没有？！

要是有路径直接找就可以了！

我的电脑是XP的,我的系统进程里存在6个SVCHOST.EXE,都查过位置,都没什么不对的,网上说一般5个,多于5个以上就可能中毒了。
    现在瞒郁闷的,开网页,网速等都瞒正常,是否我自己太过担心了！以下是我电脑的进程;

Ras.exe    RavStub.exe    Ravmond.exe    alg.exe    WMPNetwk.exe    iexplore.exe    RfwMain.exe    uphclean.exe    6个SVCHPST.EXE      Ravmon.exe    rfwsrv.exe    WMPNSCFG.exe      ctfmon.exe    realsched.exe      runiep.exe  CCenter.exe      RavTask.exe    LSASS.EXE    SERVICES.EXE        winlogon.exe      csrss.exe    taskmgr.exe

病毒路径
c;／documents  and  settings/lenovo/local  settings/temporary  internet  files/content.ie5/k3vbawdd