C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
E:\新建文件夹 (2)\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
E:\新建文件夹 (2)\Rising\Rav\Ravmond.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
E:\新建文件夹 (2)\Rising\Rav\RavTask.exe
E:\歌\runiep.exe
E:\新建文件夹 (2)\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\conime.exe
C:\WINDOWS\Logo1_.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
E:\新建文件夹 (2)\WebThunder.exe
C:\DOCUME~1\new\LOCALS~1\Temp\Rar$EX00.483\HijackThis.exe

O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\KakaTool.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (file missing)
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [RavTask] "E:\新建文件夹 (2)\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [runeip] E:\歌\runiep.exe
O4 - HKLM\..\Run: [WebThunder] E:\新建文件夹 (2)\WebThunder.exe
O4 - HKLM\..\Run: [load] C:\WINDOWS\uninstall\rundl132.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 使用Web迅雷下载 - E:\新建文件夹 (2)\GetUrl.htm
O8 - Extra context menu item: 使用Web迅雷下载全部链接 - E:\新建文件夹 (2)\GetAllUrl.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\QQ\SendMMS.htm
O9 - Extra button: 启动Web迅雷 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - http://my.xunlei.com (file missing)
O9 - Extra 'Tools' menuitem: 启动Web迅雷 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - http://my.xunlei.com (file missing)
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\QQ\QQ.EXE
O10 - Broken Internet access because of LSP provider 'c:\windows\system32\cdnns.dll' missing
O16 - DPF: {E787FD25-8D7C-4693-AE67-9406BC6E22DF} (CPasswordEditCtrl Object) - https://password.qq.com/download/qqedit.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1F20D057-B425-4EC2-8916-F983F4F27672}: NameServer = 202.106.46.151 202.106.0.20
O17 - HKLM\System\CS1\Services\Tcpip\..\{1F20D057-B425-4EC2-8916-F983F4F27672}: NameServer = 202.106.46.151 202.106.0.20
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - E:\新建文件夹 (2)\Rising\Rav\CCenter.exe
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - E:\新建文件夹 (2)\Rising\Rav\Ravmond.exe

.“农夫山泉有点儿甜”的威金（logo1_.exe）专杀工具
http://forum.ikaka.com/topic.asp?board=28&artid=8235241


下载这个先升级  然后到安全模式下扫秒~!!

谢谢了~~~~~~~~~~~

没发更新啊~~~~~

没发更新~求助下在

到我网盘下载江民维金专杀.即可杀灭
http://wsf2823500.ys168.com

引用:

【飞速妞子的贴子】没发更新~求助下在 ………………

直接从http://nn1114.xinwen365.net/viking.vdt下载viking.vdt覆盖原来的同名文件。病毒库昨天刚更新。

江民维金网盘下载地址http://disk2.cech.com.cn/2641713/7eb50ce943e4327ed8cc7adf27c3da5fd00e36b8.down
再给你个下载地址

谢谢啊~~~~~~~~

引用:

【安全防卫的贴子】江民维金网盘下载地址http://disk2.cech.com.cn/2641713/7eb50ce943e4327ed8cc7adf27c3da5fd00e36b8.down 再给你个下载地址 ………………

下个收藏下