瑞星卡卡安全论坛在线技术支持在线技术支持[已关闭] 求助!!!~~`高手来救救,这病毒删不清楚啊!!!!郁闷!!!!!

1   1  /  1  页   跳转

求助!!!~~`高手来救救,这病毒删不清楚啊!!!!郁闷!!!!!

收藏
春春
头像
初生襁褓狮
  • 帖子:3
  • 注册: 2004-12-03
  • 来自:
发表于: 2005-09-28 12:00 | 只看楼主 短消息 资料
字号: 1楼

求助!!!~~`高手来救救,这病毒删不清楚啊!!!!郁闷!!!!!

前天中了这个病毒!!!昨天开机瑞星跳出来说有病毒,删除成功,但今天开机有跳出来了,又是删除成功。病毒名  Backdoor.Gpigeon.oc 怎么删不清楚啊!!!!请高手帮忙,谢谢!!!!~~~~~~~~~~~下面是
Logfile of HijackThis v1.99.1
Scan saved at 11:54:36 , on 2005-9-28
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
C:\Program Files\rising\Rfw\rfwsrv.exe
C:\PROGRAM FILES\RISING\RAV\RavStub.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
C:\PROGRA~1\RISING\RAV\RAVMON.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\rising\Rfw\RfwMain.exe
D:\TTPlayer\TTPlayer.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
C:\WINDOWS\System32\wdfmgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\wuauclt.exe
C:\PROGRA~1\RISING\RAV\Rav.exe
C:\WINDOWS\System32\taskmgr.exe
G:\灰鸽子方法\155847200541134207\HijackThis.exe
C:\Program Files\金山快译 2006\FastAIT.exe

O1 - Hosts: 61.152.169.139 www.99bb.com
O1 - Hosts: 61.152.169.139 99bb.com
O1 - Hosts: 61.152.169.139 www.zdao.com
O1 - Hosts: 61.152.169.139 zdao.com
O1 - Hosts: 61.152.169.139 www.aisex.com
O1 - Hosts: 61.152.169.139 aisex.com
O1 - Hosts: 61.152.169.139 www.qq190.com
O1 - Hosts: 61.152.169.139 qq190.com
O1 - Hosts: 61.152.169.139 www.wanmm.com
O1 - Hosts: 61.152.169.139 wanmm.com
O1 - Hosts: 61.152.169.139 www.qq163.com
O1 - Hosts: 61.152.169.139 qq163.com
O1 - Hosts: 61.152.169.139 www.sex141.com
O1 - Hosts: 61.152.169.139 sex141.com
O1 - Hosts: 61.152.169.139 www.my990.com
O1 - Hosts: 61.152.169.139 my990.com
O1 - Hosts: 61.152.169.139 ad.my990.com
O1 - Hosts: 61.152.169.139 www.ttjj.com
O1 - Hosts: 61.152.169.139 ttjj.com
O1 - Hosts: 61.152.169.139 www.7t7t.com
O1 - Hosts: 61.152.169.139 7t7t.com
O1 - Hosts: 61.152.169.139 www.123987.com
O1 - Hosts: 61.152.169.139 www.123987.com/7sese/
O1 - Hosts: 61.152.169.139 www.oursm.com
O1 - Hosts: 61.152.169.139 oursm.com
O1 - Hosts: 61.152.169.139 www.palacemoon.com
O1 - Hosts: 61.152.169.139 palacemoon.com
O1 - Hosts: 61.152.169.139 18dy.com
O1 - Hosts: 61.152.169.139 www.18dy.com
O1 - Hosts: 61.152.169.139 49m.cn
O1 - Hosts: 61.152.169.139 www.49m.cn
O1 - Hosts: 61.152.169.139 123.xuanji8.com
O1 - Hosts: 61.152.169.139 ohkk.xuanji8.com
O1 - Hosts: 61.152.169.139 123.52lhc.com
O1 - Hosts: 61.152.169.139 7sese.com61.152.169.139 www.7sese.com
O1 - Hosts: 61.152.169.139 www.hao119.com
O1 - Hosts: 61.152.169.139 7sese.com
O1 - Hosts: 61.152.169.139 www.7sese.com
O1 - Hosts: 61.152.169.139 www.hao358.com
O1 - Hosts: 61.152.169.139 www.ee456.com
O1 - Hosts: 61.152.169.139 video.12san.com
O1 - Hosts: 61.152.169.139 www.eachz.com
O1 - Hosts: 61.152.169.139 www.avl.cn
O1 - Hosts: 61.152.169.139 avl.cn
O1 - Hosts: 61.152.169.139 www.98756.net
O1 - Hosts: 61.152.169.139 7sese.org
O1 - Hosts: 61.152.169.139 www.7sese.org
O1 - Hosts: 61.152.169.139 kanvcd.com
O1 - Hosts: 61.152.169.139 www.kanvcd.com
O1 - Hosts: 61.152.169.139 cn.movies.yahoo
O1 - Hosts: 61.152.169.139 www.zfvod.com
O1 - Hosts: 61.152.169.139 zfvod.com
O1 - Hosts: 61.152.169.139 media.netandtv.com
O1 - Hosts: 61.152.169.139 p2p.55660.com
O1 - Hosts: 61.152.169.139 media.netandtv.com
O1 - Hosts: 61.152.169.139 www.sol.sohu.com
O1 - Hosts: 61.152.169.139 www.sexhu.cn
O1 - Hosts: 61.152.169.139 sexhu.cn
O1 - Hosts: 61.152.169.139 www.blogchina.com
O1 - Hosts: 61.152.169.139 5blogchina.com
O1 - Hosts: 61.152.169.139 www.5806.net
O1 - Hosts: 61.152.169.139 zhao999.com
O1 - Hosts: 61.152.169.139 www.zhao999.com
O1 - Hosts: 61.152.169.139 movie.xmfdc.net
O1 - Hosts: 61.152.169.139 www.movie110.com
O1 - Hosts: 61.152.169.139 movie110.com
O1 - Hosts: 61.152.169.139 www.yesky.com
O1 - Hosts: 61.152.169.139 yesky.com
O1 - Hosts: 61.152.169.139 www.178ya.com
O1 - Hosts: 61.152.169.139 178ya.com
O1 - Hosts: 61.152.169.139 www.3668.cn
O1 - Hosts: 61.152.169.139 3668.cn
O1 - Hosts: 61.152.169.139 www.hao45.com
O1 - Hosts: 61.152.169.139 hao45.com
O1 - Hosts: 61.152.169.139 www.5sese.com
O1 - Hosts: 61.152.169.139 5sese.com
O1 - Hosts: 61.152.169.139 woyy.51.net
O1 - Hosts: 61.152.169.139 3668.cn
O1 - Hosts: 61.152.169.139 www.3668.cn
O1 - Hosts: 61.152.169.139 tu68.com
O1 - Hosts: 61.152.169.139 www.tu68.com
O1 - Hosts: 61.152.169.139 avxiu.com
O1 - Hosts: 61.152.169.139 www.avxiu.com
O1 - Hosts: 61.152.169.139 18dy.net
O1 - Hosts: 61.152.169.139 www.18dy.net
O1 - Hosts: 61.152.169.139 avxiu.com
O1 - Hosts: 61.152.169.139 www.avxiu.com
O1 - Hosts: 61.152.169.139 hk.18dy.com
O1 - Hosts: 61.152.169.139 dianying.gghggh.com
O1 - Hosts: 61.152.169.139 lady3.****net
O1 - Hosts: 61.152.169.139 kan56.zj.com
O1 - Hosts: 61.152.169.139 88848.net
O1 - Hosts: 61.152.169.139 www.88848.net
O1 - Hosts: 61.152.169.139 xonline.org
O1 - Hosts: 61.152.169.139 www.xonline.org
O1 - Hosts: 61.152.169.139 dy.nuoy.com
O1 - Hosts: 61.152.169.139 www.korea-av.com
O1 - Hosts: 61.152.169.139 korea-av.com
O1 - Hosts: 61.152.169.139 movie.bucuo.org
O1 - Hosts: 61.152.169.139 mv888.com
O1 - Hosts: 61.152.169.139 www.mv888.com
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\System32\xunleibho_v8.dll
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: 卡卡安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\System32\KakaTool.dll
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [internat.exe] internat.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [RavTimer] C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
O4 - HKLM\..\Run: [RavMon] C:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: !搜一搜(&S) - res://C:\Program Files\yisou\yisou.dll/232
O8 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 使用迅雷下载 - D:\迅雷\geturl.htm
O8 - Extra context menu item: 使用迅雷下载全部链接 - D:\迅雷\getAllurl.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm
O8 - Extra context menu item: 百度-搜索MP3 - res://C:\Program Files\金鹕山酱词拾霸?2006\BaiduBar.dll/BAIDUMP3.HTM
O8 - Extra context menu item: 百度-搜索图片 - res://C:\Program Files\金鹕山酱词拾霸?2006\BaiduBar.dll/BAIDUIMG.HTM
O8 - Extra context menu item: 百度-搜索新闻 - res://C:\Program Files\金鹕山酱词拾霸?2006\BaiduBar.dll/BAIDUNEWS.HTM
O8 - Extra context menu item: 百度-搜索歌词 - res://C:\Program Files\金鹕山酱词拾霸?2006\BaiduBar.dll/BAIDULYRIC.HTM
O8 - Extra context menu item: 百度-搜索网页 - res://C:\Program Files\金鹕山酱词拾霸?2006\BaiduBar.dll/BAIDUSEARCH.HTM
O8 - Extra context menu item: 百度-搜索贴吧 - res://C:\Program Files\金鹕山酱词拾霸?2006\BaiduBar.dll/BAIDUPOST.HTM
O8 - Extra context menu item: 百度-词典搜索 - res://C:\Program Files\金鹕山酱词拾霸?2006\BaiduBar.dll/BAIDU_DIC.HTM
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1125490295390
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1125490188203
O16 - DPF: {AC3A36A8-9BFF-410A-A33D-2279FFEB69D2} (QQPlayer Control) - http://qqmusic.qq.com/QQPlayer.cab
O16 - DPF: {E787FD25-8D7C-4693-AE67-9406BC6E22DF} (CPasswordEditCtrl Object) - https://tenpay.qq.com/download/qqedit.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{66C1AE0C-E511-435E-8DD2-94FE077A1613}: NameServer = 220.189.127.108 220.189.127.107
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Corporation Limited - C:\Program Files\rising\Rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - rising - C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
O23 - Service: windows启动程序 - Unknown owner - C:\WINDOWS\pood.exe

再请问一下那些乱七八糟的百度和一搜怎么删除清楚???谢谢!!!~~~~~~~`ƒ¬Rý҉ ¸³#bbs.ikaka.com©ìÔw•P!tá
最后编辑2005-09-28 14:32:07
分享到:
gototop
 
海生
头像
社区嘉宾
  • 帖子:21060
  • 注册: 2003-12-06
  • 来自:元老院
论坛9周年纪念一帮一小组成员
发表于: 2005-09-28 14:32 | 短消息 资料
字号: 2楼

你是XP的系统的,所以建议你先关闭系统还原,清空IE临时文件夹,重新启动进入安全模式杀毒。
关于百度和一搜和可以去反“流氓”软件版块的置顶帖子里面看看卸载的方法。如果有超级兔子的话,也可以用他卸载这2款软件。ƒ¬Rý҉ ¸³#bbs.ikaka.com©ìÔw•P!tá
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT