瑞星卡卡安全论坛

为什么用户名为空啊?
也不能定位啊!

附件: 6408702006111213410.jpg

我也是这样的问题，为什么啊？

不会是正常的吧.............
高手帮忙啊.........

今天好多都是这样，是不是瑞星的问题？

更新后我的问题也是这样

看一下路径．．．．如果对的话就没有问题

没有路径的啊........
难道是瑞星的更新包有问题吗?

晕了...........

有你用HAJICETHIS可以扫到

瑞星防火墙跟瑞星杀毒软件升级之后出现冲突

我也是这个问题啊，今天 刚发现，还以为病毒呢，到底是怎么回事情？

我更新完也是今天早上发现的．．．．我从装瑞星呢．完了内存监空打不开了靠！！！

ravmon.exe病毒的解决方法
http://www.pcav.cn/Article/fdjq/200608/7014.html

清除RavMonE.exe 病毒


http://www.pcav.cn/Article/aqff/200608/6754.html

用HiJackThis扫描也没看到路径啊....

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Rising\Rav\RavStub.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Founder\Emergency Center\Hotkey.exe
C:\Program Files\jmesoft\hotkey.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\jmesoft\hkload.exe
D:\Program Files\Tencent\qq\QQ.exe
d:\Program Files\Tencent\QQ\TIMPlatform.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\taskmgr.exe
D:\安装程序\hijackthis\hijackthis英文版\HijackThis.exe

O2 - BHO: Thunder Browser Helper - {889D2FEB-5411-4565-8998-1DD2C5261283} - d:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll
O2 - BHO: (no name) - {A9930D97-9CF0-42A0-A10D-4F28836579D5} - D:\PROGRA~1\KuGoo3\KUGOO3~1.OCX
O4 - HKLM\..\Run: [IMJPMIG8.1] ; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] ; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] ; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMan] ; SOUNDMAN.EXE
O4 - HKLM\..\Run: [jmekey] C:\Program Files\jmesoft\hotkey.exe
O4 - HKLM\..\Run: [OhgInstall] ; C:\Program Files\智能驱动\Install.exe S
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [StormCodec_Helper] ; "d:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - HKLM\..\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - HKLM\..\Run: [TkBellExe] ; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: N8Player.lnk = D:\n8player\n8player\N8Player.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O4 - Global Startup: 服务管理器.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: &使用迅雷下载 - d:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - d:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\Program Files\Tencent\qq\AddToNetDisk.htm
O8 - Extra context menu item: 使用KuGoo3下载(&K) - D:\Program Files\KuGoo3\KuGoo3DownX.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\Program Files\Tencent\qq\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\Program Files\Tencent\qq\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\Program Files\Tencent\qq\SendMMS.htm
O9 - Extra button: 红心游戏 - {00000000-DAEB-480d-867B-D746D955765B} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: 红心游戏世界 - {00000000-DAEB-480d-867B-D746D955765B} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: 启动迅雷 - {0062C9BD-B349-40DE-91A0-755F37ACD559} - d:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra 'Tools' menuitem: 启动迅雷 - {0062C9BD-B349-40DE-91A0-755F37ACD559} - d:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra button: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Program Files\Tencent\qq\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Program Files\Tencent\qq\QQ.EXE
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - d:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - d:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O16 - DPF: {8686F2A6-DC01-4E8F-BDE3-DCC7DBBAD6AE} (163Uploader Control) - http://upload.photo.163.com/163Uploader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{22C81DA6-0E66-4317-9B8E-ED2B4F9BC0BF}: NameServer = 202.102.128.68,202.102.134.68
O17 - HKLM\System\CCS\Services\Tcpip\..\{7CE0327F-7074-4053-86A4-C0EE2E56DEAC}: NameServer = 202.102.128.68,202.102.134.68
O17 - HKLM\System\CCS\Services\Tcpip\..\{E04A2BC2-75CB-48C2-9FC4-BB47EB10A8CA}: NameServer = 202.102.128.68,202.102.134.68
O17 - HKLM\System\CS1\Services\Tcpip\..\{22C81DA6-0E66-4317-9B8E-ED2B4F9BC0BF}: NameServer = 202.102.128.68,202.102.134.68
O17 - HKLM\System\CS2\Services\Tcpip\..\{22C81DA6-0E66-4317-9B8E-ED2B4F9BC0BF}: NameServer = 202.102.128.68,202.102.134.68
O18 - Protocol: dynascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - Service: Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe
O23 - Service: Sysbak hotkey Server (Sysbak_hotkey_Server) - Unknown owner - C:\Program Files\Founder\Emergency Center\Hotkey.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - D:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe

引用:

【flywithyou的贴子】ravmon.exe病毒的解决方法 http://www.pcav.cn/Article/fdjq/200608/7014.html 清除RavMonE.exe 病毒 http://www.pcav.cn/Article/aqff/200608/6754.html ………………

里面没有ravmonlog.exe程序文件啊.
应该不是病毒吧..
我也是升级后才发现的.

顶 希望达人注意到