瑞星卡卡安全论坛

我有电脑原来是四个分区C，D，E，F，今天打开我有电脑，发现，新增加一个RamDisk(s:) 的盘。大小是15.9mb,可用15.1mb。是不是中毒了？无法删除和格式化。怎么办？

附件: SREngLOG.log (2008-5-21 11:22:25, 27.40 K)
该附件被下载次数 91

用户系统信息：Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)

这是Hijack的扫描：
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:36:14, on 2008-5-21
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
d:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
D:\PROGRAM FILES\RISING\RAV\ravmond.exe
D:\PROGRAM FILES\RISING\RAV\RavStub.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
D:\Program Files\Rising\Rav\RavTask.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\ADMINI~2.TOM\LOCALS~1\Temp\Rar$EX00.406\HijackThis.exe

O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - D:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll
O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - D:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll
O4 - HKLM\..\Run: [RavTask] "d:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [360Safetray] D:\Program Files\360safe\safemon\360tray.exe /start
O4 - HKLM\..\Run: [360Safebox] ; "C:\Program Files\360Safebox\safeboxTray.exe" /r
O4 - HKLM\..\Run: [BigDogPath] ; C:\WINDOWS\VM_STI.EXE YXT USB PC Camera
O4 - HKLM\..\Run: [killrodog] ;
O4 - HKLM\..\Run: [runeip] ; "C:\Program Files\Rising\AntiSpyware\runiep.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] ; C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] ctfmon.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] ctfmon.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O8 - Extra context menu item: 使用迅雷下载 - D:\Program Files\Thunder Network\Thunder\Program\geturl.htm
O8 - Extra context menu item: 使用迅雷下载全部链接 - D:\Program Files\Thunder Network\Thunder\Program\getallurl.htm
O8 - Extra context menu item: 添加到QQ表情 - d:\Program Files\Tencent\QQ\AddEmotion.htm
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {BF8C499A-AC6E-4F58-82EA-9E5FCC41C34B} (PicUploadCtrl Class) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A8D87FDF-F7CE-4D17-96D5-F49B55A24215}: NameServer = 203.190.96.2,203.190.96.3
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - d:\Program Files\Rising\Rav\CCenter.exe
O23 - Service: Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\PROGRAM FILES\RISING\RAV\Ravmond.exe

--
End of file - 2996 bytes

日志没有发现问题,你是不是用的品牌机?选择隐藏系统文件看看

貌似超级兔子虚拟磁盘加速器的杰作
你用过这个软件吧？

lqqk7:四楼的，你太历害了！！！我查了一下，就是这超级兔子虚拟磁盘加速器