是不是新的木马变种导致我的电脑非常卡?请高手过目
未知 - Process: RavMonD.exe [Rising Realtime Moniter] - D:\瑞星杀毒\RISING\RAV\ravmond.exe -step
未知 - Process: rfwsrv.exe [Rising Personal FireWall Service] - d:\瑞星杀毒\rising\rfw\rfwsrv.exe
未知 - Process: rfwProxy.exe [Rising Personal Proxy Service] - d:\瑞星杀毒\rising\rfw\rfwproxy.exe
未知 - Process: rfwstub.exe [Rising Personal FireWall Service Rfwstub ] - d:\瑞星杀毒\rising\rfw\rfwstub.exe
未知 - Process: RavStub.exe [Rising RavStub] - D:\瑞星杀毒\RISING\RAV\RavStub.exe /RAVMOND=1023
未知 - Process: rfwmain.exe [Rising Personal FireWall Main Program] - d:\瑞星杀毒\rising\rfw\RfwMain.exe
未知 - Process: RavTask.exe [RavTimer] - D:\瑞星杀毒\Rising\Rav\RavTask.exe
未知 - Process: RavMon.exe [Rising realtime monitor shell] - D:\瑞星杀毒\Rising\Rav\Ravmon.exe
未知 - Process: QQ.exe [] -
未知 - Process: TXPlatform.exe [TM2008] - F:\腾讯\TXPlatform.exe
mencrb - sys 应用程序 - C:\WINDOWS\system32\drivers\mencrb.sys - (running) - sys 应用程序 - 北京三七二一科技有限公司 - 5b4e2643d8a53150b425db7a2b3fed88
EagleNT - EagleNT - C:\WINDOWS\system32\drivers\EagleNT.sys - (not running) - - -
TesSafe - TesSafe - C:\WINDOWS\system32\TesSafe.sys - (not running) - - - dc41942275c39ff85e8b122250590548
w810bus - w810bus - C:\WINDOWS\system32\DRIVERS\w810bus.sys - (not running) - - -
w810mdfl - w810mdfl - C:\WINDOWS\system32\DRIVERS\w810mdfl.sys - (not running) - - -
w810mdm - w810mdm - C:\WINDOWS\system32\DRIVERS\w810mdm.sys - (not running) - - -
w810mgmt - w810mgmt - C:\WINDOWS\system32\DRIVERS\w810mgmt.sys - (not running) - - -
w810obex - w810obex - C:\WINDOWS\system32\DRIVERS\w810obex.sys - (not running) - - -
Explorer.EXE - Thunder Networking Technologies,LTD - C:\Program Files\Thunder\ComDlls\XunLeiBHO_002.dll - XunLeiBHO - 8915c81b9c015cf5571fad917a614a85
RUNDLL32.EXE - NVIDIA Corporation - C:\WINDOWS\system32\NVRSZHC.DLL - NVIDIA Simplified Chinese language resource library - 5d6512586533ac3d577a0bbe4e928da0
未知 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page=http://www.qq.com/
未知 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page=http://www.yahoo.com.cn
未知 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page=http://www.yahoo.com.cn
未知 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL=C:\WINDOWS\Web\index.htm
未知 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL=http://www.yahoo.com.cn/?source=toolbar_yassist_button&pid=416169_1006
IE搜索项
返回顶部安全 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINDOWS\system32\blank.htm
安全 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINDOWS\system32\blank.htm
地址栏挂钩
返回顶部安全 - URLSearchHook: (Tencent SearchHook) - [搜搜工具条,搜索工具栏。] - {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} - C:\Program Files\TENCENT\SSPlus\SAddr1.dll
IE第三方工具条
返回顶部未知 - Toolbar: (第三方IE工具栏) - [无效的CLSID:{710EB7A1-45ED-11D0-924A-0020AFC7AC4D}] - {710EB7A1-45ED-11D0-924A-0020AFC7AC4D} -
未知 - Toolbar: (第三方IE工具栏) - [无效的CLSID:{1E796980-9CC5-11D1-A83F-00C04FC99D61}] - {1E796980-9CC5-11D1-A83F-00C04FC99D61} -
{6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - C:\WINDOWS\system32\KuGoo3DownXControl.ocx
IE右键菜单额外项
返回顶部未知 - Extra context menu item: 使用迅雷下载 - C:\Program Files\Thunder\Program\GetUrl.htm
未知 - Extra context menu item: 使用迅雷下载全部链接 - C:\Program Files\Thunder\Program\GetAllUrl.htm
未知 - Extra context menu item: 添加到QQ表情 - F:\腾讯\AddEmotion.htm
安全 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE高级选项额外项
返回顶部未知 - Options Group: 中文搜搜
Activex
返回顶部未知 - DPF: {8686F2A6-DC01-4E8F-BDE3-DCC7DBBAD6AE} (163Uploader Control) -
http://photo.163.com/163Uploader.cab网络协议过滤
返回顶部未知 - Protocol: KuGoo - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - C:\WINDOWS\system32\KuGoo3DownXControl.ocx
未知 - Protocol: KuGo
安全 - Protocol: OFFICE 相关 - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
协议关联及协议图标
返回顶部未知 - Protocol Icons: HKCR\http\shell\open\command - "F:\腾讯\TTraveler.exe" "%1"
未知 - Protocol Icons: HKCR\ftp\shell\open\command - "F:\腾讯\TTraveler.exe" "%1"
未知 - Protocol Icons: HKCR\https\shell\open\command - "F:\腾讯\TTraveler.exe" "%1"
未知 - Protocol Icons: HKCR\htmlfile\shell\open\command - "F:\腾讯\TTraveler.exe" "%1"
系统服务
返回顶部未知 - Service: RfwProxySrv [Rising Personal Proxy Service] - d:\瑞星杀毒\rising\rfw\rfwproxy.exe - (running)
未知 - Service: RfwService [Rising Personal Firewall Service] - d:\瑞星杀毒\rising\rfw\rfwsrv.exe - (running)
未知 - Service: RsCCenter [Rising Process Communication Center] - "D:\瑞星杀毒\Rising\Rav\CCenter.exe" - (running)
未知 - Service: RsRavMon [Rising RealTime Monitor] - "D:\瑞星杀毒\RISING\RAV\Ravmond.exe" - (not running)
安全 - Service: NVSvc [是NVIDIA显示卡相关程序。] - C:\WINDOWS\system32\nvsvc32.exe - (running)
浏览器的链接
返回顶部未知 - IELINK: C:\DOCUME~1\ADMINI~1\APPLIC~1\MICROS~1\INTERN~1\QUICKL~1\启动IN~1.LNK - c:\windows\web\index.htm
其他自启动程序
返回顶部未知 - HKCU\..\Desktop: [Scrnsave.exe] [Bubbles Screen Saver] C:\WINDOWS\system32\肥皂泡泡.SCR
Autoruns
返回顶部未知 - SEApproved: {42071714-76d4-11d1-8b24-00a0c9068ff3} - deskpan.dll - - - - 0 -
未知 - SEApproved: 无效的CLSID:Shell extensions for file compression - - - - - 0 -
未知 - SEApproved: 无效的CLSID:加密上下文菜单 - - - - - 0 -
未知 - SEApproved: {0DF44EAA-FF21-4412-828E-260A8728E7F1} - - - - - 0 -
未知 - SEApproved: {00E7B358-F65B-4dcf-83DF-CD026B94BFD4} - - - - - 0 -
未知 - SEApproved: {7A9D77BD-5403-11d2-8785-2E0420524153} - - - - - 0 -
未知 - SEApproved: {B41DB860-8EE4-11D2-9906-E49FADC173CA} - C:\Program Files\WinRAR\rarext.dll - - - - 126464 - 30216f5577e7389cef5b1b9be820cb1c
未知 - SEApproved: 无效的CLSID:Shell Extensions for RealOne Player - - - - - 0 -
未知 - SEApproved: {1CDB2949-8F65-4355-8456-263E7C208A5D} - C:\WINDOWS\system32\nvshell.dll - - - 6.14.10.11014 - 466944 - 27bc5fa5668bed5253d8fbc9e1b50e47
未知 - SEApproved: {1E9B04FB-F9E5-4718-997B-B8DA88302A47} - C:\WINDOWS\system32\nvshell.dll - - - 6.14.10.11014 - 466944 - 27bc5fa5668bed5253d8fbc9e1b50e47
未知 - SEApproved: {1E9B04FB-F9E5-4718-997B-B8DA88302A48} - C:\WINDOWS\system32\nvshell.dll - - - 6.14.10.11014 - 466944 - 27bc5fa5668bed5253d8fbc9e1b50e47
未知 - Directory Menu: {B41DB860-8EE4-11D2-9906-E49FADC173CA} - C:\Program Files\WinRAR\rarext.dll - - - - 126464 - 30216f5577e7389cef5b1b9be820cb1c
未知 - BootExecute: bsmain - - - - 0 -
未知 - LSA: Security Packages - sv1_0.dll - - - - 0 -
未知 - LSA: Security Packages - channel.dll - - - - 0 -
用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; TencentTraveler )
