我机器上有个病毒,用最新的瑞星杀不掉。我在DOS下把C盘格式化了 ,然后用正常的非GHOST安装盘重装系统 ,然后刚刚装好 ,在没有重启的前提下,
用 橙色八月专业提取清理工具 发现他还在!就是这个,高手看一下,谢谢了!
还有看看这个啊是病毒?wowexec.exe
e:\Tencent\QQ\QQ.exe
E:\TTPlayer\TTPlayer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WinRAR\WinRAR.exe
O2 - BHO: WebThunderBHO - {00000AAA-A363-466E-BEF5-9BB68697AA7F} - C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_013.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - e:\Tencent\QQ\QQIEHelper.dll
O2 - BHO: 比特精灵工具栏 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\Program Files\Baidu\Bar\BaiduBar.dll
O3 - Toolbar: 比特精灵工具栏 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\Program Files\Baidu\Bar\BaiduBar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [WebThunder] C:\Program Files\Thunder Network\WebThunder\WebThunder.exe
O4 - HKLM\..\Run: [CmiRemoveDir] C:\WINDOWS\CMIRMR~1.EXE
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [StormCodec_Helper] "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - HKLM\..\Run: [CBitSpirit] "E:\BitSpirit\BitSpirit.exe" /start
O4 - HKLM\..\RunOnce: [regsvr32 /s C:\PROGRA~1\baidu\bar\BaiduBar.dll] regsvr32 /s C:\PROGRA~1\baidu\bar\BaiduBar.dll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE
O4 - HKCU\..\Run: [pyjj] C:\Program Files\jj4\jjsvr4.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: Reboot.exe
O4 - Startup: 腾讯QQ.lnk = E:\Tencent\QQ\QQ.exe
O8 - Extra context menu item: 上传到QQ网络硬盘 - e:\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 使用Web迅雷下载 - C:\Program Files\Thunder Network\WebThunder\GetUrl.htm
O8 - Extra context menu item: 使用Web迅雷下载全部链接 - C:\Program Files\Thunder Network\WebThunder\GetAllUrl.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - e:\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - e:\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - e:\Tencent\QQ\SendMMS.htm
O8 - Extra context menu item: 用比特精灵下载(&B) - E:\BitSpirit\bsurl.htm
O9 - Extra button: 启动Web迅雷 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - http://my.xunlei.com (file missing)
O9 - Extra 'Tools' menuitem: 启动Web迅雷 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - http://my.xunlei.com (file missing)
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - e:\Tencent\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - e:\Tencent\QQ\QQ.EXE
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - e:\Tencent\QQ\QQIEHelper.dll
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - e:\Tencent\QQ\QQIEHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{9C7B7945-0AEC-4935-AB86-9E6C7F79C3FB}: NameServer = 61.177.7.1 221.228.255.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Rising Proxy Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe
