12   1  /  2  页   跳转

[求助]瑞星自动关闭!

收藏
温柔阳光
头像
初生襁褓狮
  • 帖子:22
  • 注册: 2005-05-15
  • 来自:
发表于: 2005-10-01 18:31 | 只看楼主 短消息 资料
字号: 1楼

[求助]瑞星自动关闭!

我的瑞星杀毒监控和防火墙今天突然就不能打开了!昨天晚上以前一直都很正常,杀毒监控和防火墙都能随系统启动。但是昨晚上凯神BT(bt.kaicn.com)的时候,杀毒监控报告发现Exploit.HTML.Mht.bc病毒,然后报告说杀毒成功。当时我也没在意,但是过了一会,发现杀毒监控自动关闭了,防火墙也关了。之后,从开始菜单中启动,防火墙可以重新启动,但杀毒监控无法启动。我将瑞星全部卸载后重装,故障依旧,升级到最新版本也不行。不论是采用瑞星最新版杀毒还是在瑞星网站上杀毒都没有发现病毒,请问大侠这是什么原因,有什么办法解决?
查看防火墙(见图),发现网络活动中有一句“Sokets-de木马”,这是什么意思?是不是说我中了木马?
倒数第2个程序:sell32.exe是什么东西?是不是病毒?

请大侠赐教!我今天都快被这个事整成神经了!谢谢~谢谢~~万分感谢!!!

附件附件:

下载次数:0
文件类型:application/octet-stream
文件大小:
上传时间:2005-10-1 18:31:06
描述:



最后编辑2005-10-27 16:21:15
分享到:
gototop
 
温柔阳光
头像
初生襁褓狮
  • 帖子:22
  • 注册: 2005-05-15
  • 来自:
发表于: 2005-10-01 18:35 | 只看楼主 短消息 资料
字号: 2楼

顶起来~~~
在线等!
gototop
 
温柔阳光
头像
初生襁褓狮
  • 帖子:22
  • 注册: 2005-05-15
  • 来自:
发表于: 2005-10-01 18:38 | 只看楼主 短消息 资料
字号: 3楼

日志记录:

请高手帮忙分析一下!

Logfile of HijackThis v1.99.1
Scan saved at 18:37:33, on 2005-10-1
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\sell32.exe
C:\WINDOWS\System32\pscnty.exe
E:\工具\RISING\RAV\RAVTIMER.EXE
E:\工具\RISING\RAV\RAVMON.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
E:\工具\RISING\RAV\CCENTER.EXE
C:\WINDOWS\System32\svchost.exe
E:\工具\Rising\Rfw\rfwmain.exe
E:\工具\Rising\Rfw\rfwsrv.exe
C:\Program Files\MyIE2\MYIE.EXE
E:\工具\BitComet\BitComet.exe
E:\工具\Tencent\qq\QQ.exe
E:\工具\Tencent\qq\TIMPlatform.exe
D:\下载\HijackThis\HijackThis.exe

R3 - Default URLSearchHook is missing
O1 - Hosts: 218.85.132.177 zs.3721.com
O1 - Hosts: 218.85.132.177 seek.3721.com
O1 - Hosts: 218.85.132.177 auto.search.msn.com
O1 - Hosts: 218.85.132.177 dir.sina.com.cn
O1 - Hosts: 218.85.132.177 pic.sina.com.cn
O1 - Hosts: 218.85.132.177 search.sina.com.cn
O1 - Hosts: 218.85.132.177 dir.sohu.com
O1 - Hosts: 218.85.132.177 dir.sogou.com
O1 - Hosts: 218.85.132.177 dir.yahoo.com
O1 - Hosts: 218.85.132.177 popme.163.com
O1 - Hosts: 218.85.132.177 site.baidu.com
O1 - Hosts: 218.85.132.177 www.432.cn
O1 - Hosts: 218.85.132.177 x.baidu.com
O1 - Hosts: 218.85.132.177 assistant.3721.com
O1 - Hosts: 218.85.132.177 sms.3721.com
O1 - Hosts: 218.85.132.177 cnsmin.3721.com
O1 - Hosts: 218.85.132.177 hot.3721.com
O1 - Hosts: 218.85.132.177 3721.com
O1 - Hosts: 218.85.132.177 www.3721.com
O1 - Hosts: 218.85.132.177 dl.3721.com
O1 - Hosts: 218.85.132.177 www.skycn.com
O1 - Hosts: 218.85.132.177 skycn.com
O1 - Hosts: 218.85.132.177 nmsearch.3721.com
O1 - Hosts: 218.85.132.177 cmail.3721.com
O1 - Hosts: 218.85.132.177 corp.3721.com
O1 - Hosts: 218.85.132.177 download.3721.com
O1 - Hosts: 218.85.132.177 www.hao123.com
O1 - Hosts: 218.85.132.177 www.hao123.net
O1 - Hosts: 218.85.132.177 hao123.com
O1 - Hosts: 218.85.132.177 hao123.net
O1 - Hosts: 218.85.132.177 www.265.com
O1 - Hosts: 218.85.132.177 265.com
O1 - Hosts: 218.85.132.177 www.3tom.com
O1 - Hosts: 218.85.132.177 www.da123.com
O1 - Hosts: 218.85.132.177 www.ttjj.com
O1 - Hosts: 218.85.132.177 www.gjj.cc
O1 - Hosts: 218.85.132.177 www.516.com
O1 - Hosts: 218.85.132.177 union.265.com
O1 - Hosts: 218.85.132.177 wn.265.com
O1 - Hosts: 218.85.132.177 music.265.com
O1 - Hosts: 218.85.132.177 516.com
O1 - Hosts: 218.85.132.177 mp3.516.com
O1 - Hosts: 218.85.132.177 www.sowang.com
O1 - Hosts: 218.85.132.177 www.asiacool.com
O1 - Hosts: 218.85.132.177 www.haodx.com
O1 - Hosts: 218.85.132.177 www.365key.com
O1 - Hosts: 218.85.132.177 www.365key.com
O1 - Hosts: 218.85.132.177 www.5566.net
O1 - Hosts: 218.85.132.177 5566.net
O1 - Hosts: 218.85.132.177 www.v111.com
O1 - Hosts: 218.85.132.177 v111.com
O1 - Hosts: 218.85.132.177 www.tthao.com
O1 - Hosts: 218.85.132.177 www.51115.com
O1 - Hosts: 218.85.132.177 www.K369.com
O1 - Hosts: 218.85.132.177 www.37021.com
O1 - Hosts: 218.85.132.177 www.qqwz.com
O1 - Hosts: 218.85.132.177 www.haokan123.com
O1 - Hosts: 218.85.132.177 www.zhao99.com
O1 - Hosts: 218.85.132.177 www.vv11.com
O1 - Hosts: 218.85.132.177 www.114.com.cn
O1 - Hosts: 218.85.132.177 url.114.com.cn
O1 - Hosts: 218.85.132.177 www.34se.com
O1 - Hosts: 218.85.132.177 www.chinadmoz.net
O1 - Hosts: 218.85.132.177 webspacecn.com
O1 - Hosts: 218.85.132.177 www.seed.cn
O1 - Hosts: 218.85.132.177 www.56ds.com
O1 - Hosts: 218.85.132.177 dianying2009.com
O1 - Hosts: 218.85.132.177 vod.epac.to
O1 - Hosts: 218.85.132.177 www.zhaoshang.net.cn
O1 - Hosts: 218.85.132.177 www.282.com.cn
O1 - Hosts: 218.85.132.177 51.163.com
O1 - Hosts: 218.85.132.177 www.op99.com
O1 - Hosts: 218.85.132.177 op99.com
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\System32\xunleibho_v4.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - E:\工ぞ具運\NetTransport 2\NTIEHelper.dll (file missing)
O2 - BHO: IEHlprObj Class - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - C:\WINDOWS\System32\qylhelper.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - e:\工具\FlashFXP\IEFlash.dll
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - E:\工ぞ具運\FlashGet\fgiebar.dll (file missing)
O3 - Toolbar: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - E:\工具\Kingsoft\FastAIT 2005\IEBand.dll
O3 - Toolbar: BitCometBar - {3F1ABCDB-A875-46c1-8345-B72A4567E486} - E:\工具\BitComet\BitCometBar\BitCometBar0.1.dll
O3 - Toolbar: IE伴郎 - {B225B89D-5E95-4194-98E8-149993071B31} - C:\PROGRA~1\COMMON~1\IETOOL~1.DLL
O4 - HKLM\..\Run: [] CnsMin
O4 - HKLM\..\Run: [RfwMain] "E:\工具\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [RavTimer] E:\工具\RISING\RAV\RAVTIMER.EXE
O4 - HKLM\..\Run: [RavMon] E:\工具\RISING\RAV\RAVMON.EXE -SYSTEM
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O8 - Extra context menu item: &使用暴风下载器下载 - e:\工具\Ringz Studio\Storm Downloader\geturl.htm
O8 - Extra context menu item: 使用影音传送带下载 - E:\工具\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: 使用影音传送带下载全部链接 - E:\工具\NetTransport 2\NTAddList.html
O8 - Extra context menu item: 使用网际快车下载 - E:\工具\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - E:\工具\FlashGet\jc_all.htm
O8 - Extra context menu item: 导出到 Microsoft Excel(&x) - res://E:\工具\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ自定义面板 - E:\工具\Tencent\qq\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - E:\工具\Tencent\qq\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - E:\工具\Tencent\qq\SendMMS.htm
O9 - Extra button: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-E800A446447A} - E:\games\浩方对战平台\GameClient.exe
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\工具\Tencent\qq\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\工具\Tencent\qq\QQ.EXE
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\工具\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\工具\FlashGet\flashget.exe
O9 - Extra button: 易趣购物 - {DE60714F-AC19-427e-861A-FD60ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing)
O9 - Extra 'Tools' menuitem: 易趣购物 - {DE60714F-AC19-427e-861A-FD60ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=about:blank
O16 - DPF: {10003000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:oo.mht!http://xxxmoviestv.com/gallery/module.chm::/in.exe
O16 - DPF: {11311111-1111-1111-1111-111111111157} - file://D:\Recycled\Q375359.exe
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (CEditCtrl Object) - https://img.alipay.com/download/aliedit.cab
O16 - DPF: {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (Rising Web Scan Object) - http://download.rising.com.cn/register/pcver/autoupgradepad/Ver2005/OL2005.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D84E0550-827D-459E-95DA-A2F9D9B7A2C4}: NameServer = 61.154.22.41,202.101.98.55
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Corporation Limited - E:\工具\Rising\Rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - rising - E:\工具\RISING\RAV\CCENTER.EXE
gototop
 
国王的电脑
头像
初生襁褓狮
  • 帖子:31
  • 注册: 2005-05-29
  • 来自:
发表于: 2005-10-01 18:50 | 短消息 资料
字号: 4楼

缘分哪!!!我也是!!!
gototop
 
沥酒临江
头像
初生襁褓狮
  • 帖子:2
  • 注册: 2005-10-01
  • 来自:
发表于: 2005-10-01 18:53 | 短消息 资料
字号: 5楼

是的,今天早上突然关闭。我的是上一个论坛后,论坛没有打开,右下角出来一个小网页,瑞星就突然关闭了,重装也启动不了
gototop
 
温柔阳光
头像
初生襁褓狮
  • 帖子:22
  • 注册: 2005-05-15
  • 来自:
发表于: 2005-10-01 19:11 | 只看楼主 短消息 资料
字号: 6楼

在线等啊~
请高手赐教!!
gototop
 
cora1
头像
初生襁褓狮
  • 帖子:195
  • 注册: 2005-08-02
  • 来自:
发表于: 2005-10-01 19:20 | 短消息 资料
字号: 7楼

重装哈,记得给你的瑞星加上密码哈
gototop
 
闪电风暴
头像
特邀体验者
  • 帖子:5462
  • 注册: 2005-01-12
  • 来自:0GiNr
发表于: 2005-10-01 19:41 | 短消息 资料
字号: 8楼

修复:
O1 - Hosts: 218.85.132.177 zs.3721.com
O1 - Hosts: 218.85.132.177 seek.3721.com
O1 - Hosts: 218.85.132.177 auto.search.msn.com
O1 - Hosts: 218.85.132.177 dir.sina.com.cn
O1 - Hosts: 218.85.132.177 pic.sina.com.cn
O1 - Hosts: 218.85.132.177 search.sina.com.cn
O1 - Hosts: 218.85.132.177 dir.sohu.com
O1 - Hosts: 218.85.132.177 dir.sogou.com
O1 - Hosts: 218.85.132.177 dir.yahoo.com
O1 - Hosts: 218.85.132.177 popme.163.com
O1 - Hosts: 218.85.132.177 site.baidu.com
O1 - Hosts: 218.85.132.177 www.432.cn
O1 - Hosts: 218.85.132.177 x.baidu.com
O1 - Hosts: 218.85.132.177 assistant.3721.com
O1 - Hosts: 218.85.132.177 sms.3721.com
O1 - Hosts: 218.85.132.177 cnsmin.3721.com
O1 - Hosts: 218.85.132.177 hot.3721.com
O1 - Hosts: 218.85.132.177 3721.com
O1 - Hosts: 218.85.132.177 www.3721.com
O1 - Hosts: 218.85.132.177 dl.3721.com
O1 - Hosts: 218.85.132.177 www.skycn.com
O1 - Hosts: 218.85.132.177 skycn.com
O1 - Hosts: 218.85.132.177 nmsearch.3721.com
O1 - Hosts: 218.85.132.177 cmail.3721.com
O1 - Hosts: 218.85.132.177 corp.3721.com
O1 - Hosts: 218.85.132.177 download.3721.com
O1 - Hosts: 218.85.132.177 www.hao123.com
O1 - Hosts: 218.85.132.177 www.hao123.net
O1 - Hosts: 218.85.132.177 hao123.com
O1 - Hosts: 218.85.132.177 hao123.net
O1 - Hosts: 218.85.132.177 www.265.com
O1 - Hosts: 218.85.132.177 265.com
O1 - Hosts: 218.85.132.177 www.3tom.com
O1 - Hosts: 218.85.132.177 www.da123.com
O1 - Hosts: 218.85.132.177 www.ttjj.com
O1 - Hosts: 218.85.132.177 www.gjj.cc
O1 - Hosts: 218.85.132.177 www.516.com
O1 - Hosts: 218.85.132.177 union.265.com
O1 - Hosts: 218.85.132.177 wn.265.com
O1 - Hosts: 218.85.132.177 music.265.com
O1 - Hosts: 218.85.132.177 516.com
O1 - Hosts: 218.85.132.177 mp3.516.com
O1 - Hosts: 218.85.132.177 www.sowang.com
O1 - Hosts: 218.85.132.177 www.asiacool.com
O1 - Hosts: 218.85.132.177 www.haodx.com
O1 - Hosts: 218.85.132.177 www.365key.com
O1 - Hosts: 218.85.132.177 www.365key.com
O1 - Hosts: 218.85.132.177 www.5566.net
O1 - Hosts: 218.85.132.177 5566.net
O1 - Hosts: 218.85.132.177 www.v111.com
O1 - Hosts: 218.85.132.177 v111.com
O1 - Hosts: 218.85.132.177 www.tthao.com
O1 - Hosts: 218.85.132.177 www.51115.com
O1 - Hosts: 218.85.132.177 www.K369.com
O1 - Hosts: 218.85.132.177 www.37021.com
O1 - Hosts: 218.85.132.177 www.qqwz.com
O1 - Hosts: 218.85.132.177 www.haokan123.com
O1 - Hosts: 218.85.132.177 www.zhao99.com
O1 - Hosts: 218.85.132.177 www.vv11.com
O1 - Hosts: 218.85.132.177 www.114.com.cn
O1 - Hosts: 218.85.132.177 url.114.com.cn
O1 - Hosts: 218.85.132.177 www.34se.com
O1 - Hosts: 218.85.132.177 www.chinadmoz.net
O1 - Hosts: 218.85.132.177 webspacecn.com
O1 - Hosts: 218.85.132.177 www.seed.cn
O1 - Hosts: 218.85.132.177 www.56ds.com
O1 - Hosts: 218.85.132.177 dianying2009.com
O1 - Hosts: 218.85.132.177 vod.epac.to
O1 - Hosts: 218.85.132.177 www.zhaoshang.net.cn
O1 - Hosts: 218.85.132.177 www.282.com.cn
O1 - Hosts: 218.85.132.177 51.163.com
O1 - Hosts: 218.85.132.177 www.op99.com
O1 - Hosts: 218.85.132.177 op99.com
删除病毒服务sell32.exe
删除文件C:\WINDOWS\SYSTEM32\SELL.EXE
gototop
 
闪电风暴
头像
特邀体验者
  • 帖子:5462
  • 注册: 2005-01-12
  • 来自:0GiNr
发表于: 2005-10-01 19:42 | 短消息 资料
字号: 9楼

你真的很倒霉
gototop
 
網事如夢
头像
强壮不惑狮
  • 帖子:758
  • 注册: 2005-07-24
  • 来自:
发表于: 2005-10-01 19:49 | 短消息 资料
字号: 10楼

【回复“温柔阳光”的帖子】建议修复全部01项!
C:\WINDOWS\System32\sell32.exe
C:\WINDOWS\System32\pscnty.exe这2个能否打包发到我的邮箱dksms@163.com
gototop
 
<<上一主题|下一主题>>
12   1  /  2  页   跳转
页面顶部
Powered by Discuz!NT