浏览器奇慢，几乎上不了网了，麻烦高手帮忙看一下日志。顺便问一下，spsys.exe是什么程序啊？先谢了！

Logfile of HijackThis v1.99.1
Scan saved at 22:34:23, on 2006-1-1
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WIN98\System32\smss.exe
C:\WIN98\system32\winlogon.exe
C:\WIN98\system32\services.exe
C:\WIN98\system32\lsass.exe
C:\WIN98\system32\svchost.exe
C:\WIN98\System32\svchost.exe
C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
C:\Program Files\rising\Rav\Ravmond.exe
c:\program files\rising\rfw\rfwsrv.exe
C:\WIN98\System32\brsvc01a.exe
C:\WIN98\system32\spoolsv.exe
C:\WIN98\System32\brss01a.exe
C:\Program Files\rising\Rav\RavStub.exe
C:\WIN98\System32\Ati2evxx.exe
C:\Program Files\P4P\p2psvr.exe
C:\WIN98\System32\tcpsvcs.exe
C:\WIN98\System32\svchost.exe
C:\WIN98\Explorer.EXE
c:\program files\rising\rfw\RfwMain.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\rising\Rav\RavTask.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WIN98\System32\ctfmon.exe
C:\Program Files\SnowFox\DesktopSprite2\DesktopSprite.exe
C:\WIN98\System32\conime.exe
C:\WIN98\System32\spsys.exe
C:\Program Files\rising\rav\RavMon.exe
D:\tools\ha_hijackthis_1991\HijackThis.exe

R3 - URLSearchHook: MyURLSearchHook Class - {982CB676-38F0-4D9A-BB72-D9371ABE876E} - C:\Program Files\P4P\ToolBar.dll
O2 - BHO: SohuDAIEHelper - {0CA51D02-7739-43EA-8D9A-1E8AD4327B03} - C:\Program Files\P4P\sodaie.dll
O4 - HKLM\..\Run: [internat.exe] internat.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [MS-4011 Memory Patch] D:\tools\RavSasser.exe -Patch
O4 - HKLM\..\Run: [DAEMON Tools-2052] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WIN98\System32\ctfmon.exe
O4 - HKCU\..\Run: [DesktopSprite] C:\Program Files\SnowFox\DesktopSprite2\DesktopSprite.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: 快捷方式 到 u8.lnk = C:\Documents and Settings\shewei\u8.bat
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WIN98\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WIN98\web\related.htm
O16 - DPF: {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} (Edit Class) - https://www.sz1.cmbchina.com/download/CMBEdit.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {2354A44B-3CEB-4829-9940-545B03103538} (PowerPlr Control) - http://vod.ruyi.com/plugin/PowerPlr.ocx
O16 - DPF: {3D8F74EE-8692-4F8F-B8D2-7522E732519E} (WebActivater Control) - http://game.qq.com/QQGame2.cab
O16 - DPF: {62B938C4-4190-4F37-8CF0-A92B0A91CC77} (InfoSecNetSign Class) - https://www.bjtax.gov.cn/NetSign.dll
O16 - DPF: {98A62E3F-A8C5-4EF0-8A00-C70CF9D18A89} (LoaderCore Class) - http://tb.sogou.com/DLLoader.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {D0A29C6C-AA71-4423-8C4A-5998B774C448} (IEDown Class) - http://download.ourgame.com/IEDown2.cab
O16 - DPF: {DA984A6D-508E-11D6-AA49-0050FF3C628D} (Ravonline) - http://download.rising.com.cn/ravkill/rsonline.cab
O20 - AppInit_DLLs: C:\WIN98\System32\SoDAHK.DLL
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WIN98\System32\Ati2evxx.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WIN98\System32\brsvc01a.exe
O23 - Service: P4P Service - Sohu.com Inc. - C:\Program Files\P4P\p2psvr.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\rising\Rav\Ravmond.exe
O23 - Service: SP service (SPsys) - Unknown owner - C:\WIN98\System32\spsys.exe
O23 - Service: U8管理软件 (UFNet) - Unknown owner - C:\WIN98\System32\ServerNT.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WIN98\System32\UAService7.exe

【回复“索尼”的帖子】
如果您有疑问可以把spsys.exe这个文件压缩加密virus发到rsvirus@163.com

不好意思啊，版主，能教我怎么把他压缩加密virus吗？

先禁用它看看

开始→控制面板→性能和维护→管理工具→服务→查找SP service→右击→属性→启动类型→禁止→应用→停止→确定。

找到C:\WIN98\System32\spsys.exe
用winrar这个压缩软件将它压缩打包，压缩时可以设置密码。再将原文件删除

嗯，禁用之后好像没什么问题了，文件也已经按要求发送了，谢谢两位版主了！