瑞星当前版本18.42.12

每次开机瑞星监控中心都不能自己启动，需要手动开启
查杀两个病毒，重起后情况依然，病毒还是着两个，查杀情况如下：
文件名              病毒名                状态
services.exe    Trojan.PSW.QQGame.v      清除成功
IEXPLORE.EXE    Backdoor.Gpigeon.gwv    清除成功

services.exe 文件路径 services.exe>>C:\WINNT\system32\services.exe
IEXPLORE.EXE 文件路径 IEXPLORE.EXE>>C:\Program Files\Internet Explorer\IEXPLORE.EXE

HijackThis_zww汉化版扫描日志 V1.99.1
保存于      9:24:44, 日期 2006-8-31
操作系统：  Windows 2000 SP4 (WinNT 5.00.2195)
浏览器：    Internet Explorer v6.00 (6.00.2600.0000)

当前运行的进程：         
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\System32\SCardSvr.exe
d:\rising\rfw\rfwsrv.exe
C:\WINNT\system32\svchost.exe
D:\Rising\Rav\CCenter.exe
D:\Rising\Rav\Ravmond.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\msdtc.exe
D:\Rising\Rav\RavStub.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\llssrv.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\Dfssvc.exe
C:\WINNT\System32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\Explorer.EXE
d:\rising\rfw\RfwMain.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\SOUNDMAN.EXE
C:\WINNT\system32\internat.exe
D:\Rising\Rav\RavMon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Rising\Rav\Rav.exe
C:\WINNT\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Administrator\桌面

\HijackThis1[1].99.1\HijackThis1991zww.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -

C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SnapFlash Class - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} -

C:\Program Files\Common Files\justDo\Jd2002.dll
O2 - BHO: (no name) - {D032570A-5F63-4812-A094-87D007C23012} -

C:\PROGRA~1\Maxthon\Plugin\iebho\IEBHO.dll
O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [RfwMain] "D:\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common

Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - IE右键菜单中的新增项目: &使用迅雷下载 - C:\Program Files\Thunder

Network\Thunder\Program\GetUrl.htm
O8 - IE右键菜单中的新增项目: &使用迅雷下载全部链接 - C:\Program Files\Thunder

Network\Thunder\Program\GetAllUrl.htm
O8 - IE右键菜单中的新增项目: Save Flash with Flash Catcher - res://C:\Program

Files\Common Files\justDo\IECatcher.DLL/FlashCatcher.htm
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 -

D:\Tencent\QQ\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - D:\Tencent\QQ\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - D:\Tencent\QQ\AddEmotion.htm
O9 - 浏览器额外的按钮: 启动迅雷 - {0062C9BD-B349-40DE-91A0-755F37ACD559} -

C:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - 浏览器额外的“工具”菜单项: 启动迅雷 -

{0062C9BD-B349-40DE-91A0-755F37ACD559} - C:\Program Files\Thunder

Network\Thunder\Thunder.exe
O9 - 浏览器额外的按钮: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12}

- C:\Program Files\Common Files\justDo\IECatcher.DLL
O9 - 浏览器额外的“工具”菜单项: Flash Catcher -

{90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Common

Files\justDo\IECatcher.DLL
O9 - 浏览器额外的按钮: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -

C:\WINNT\web\related.htm
O9 - 浏览器额外的“工具”菜单项: Show &Related Links -

{c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - 浏览器额外的按钮: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} -

F:\tools\FLASHGET\flashget.exe (file missing)
O9 - 浏览器额外的“工具”菜单项: &FlashGet -

{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - F:\tools\FLASHGET\flashget.exe (file

missing)
O16 - DPF: {87CCFDB0-C4BE-4BC2-A78C-9EAA7CF96667} (pcastup Class) -

http://ps.itv.mop.com/dn/files/vodupdate_1.0.0.9_20060425.cab
O16 - DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} (pCastPanel Class) -

http://cache10.itv.mop.com/pCastCtl-1.0.0.88_signed.cab
O17 -

HKLM\System\CCS\Services\Tcpip\..\{5849FB48-DA5D-4DFC-860B-B70488C1D2B6}:

NameServer = 202.102.134.68,202.102.128.68
O17 -

HKLM\System\CCS\Services\Tcpip\..\{E135EAB5-4955-4E25-BCD8-0C107A5842B7}:

NameServer = 202.102.134.68,202.102.128.68
O20 - AppInit_DLLs: KB75976M.LOG
O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: PCANotify - C:\WINNT\SYSTEM32\PCANotify.dll
O21 - SSODL: DLMon - {590498A3-4131-4D8F-BA4B-36791A0803B1} -

C:\WINNT\system32\DLMain.dll (file missing)
O23 - NT 服务: pcAnywhere Host Service (awhost32) - Symantec Corporation -

C:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 - NT 服务: Logical Disk Manager Administrative Service (dmadmin) -

VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - NT 服务: InstallDriver Table Manager (IDriverT) - Macrovision

Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel

32\IDriverT.exe
O23 - NT 服务: Macromedia Licensing Service - Unknown owner - C:\Program

Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - NT 服务: NWS (Net Work Services) - Unknown owner -

C:\WINNT\ntkernel.exe
O23 - NT 服务: Rising Proxy  Service (RfwProxySrv) - Beijing Rising

Technology Co., Ltd. - d:\rising\rfw\rfwproxy.exe
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising

Technology Co., Ltd. - d:\rising\rfw\rfwsrv.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing

Rising Technology Co., Ltd. - D:\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co.,

Ltd. - D:\Rising\Rav\Ravmond.exeV¦¹ólÇwu3øbbs.ikaka.comwŸ2¸ê ØVX¸

瑞星啊瑞星！用了你这么多年，为什么总是长不大呢？V¦¹ólÇwu3øbbs.ikaka.comwŸ2¸ê ØVX¸

【回复“mengxi”的帖子】
原先用着还行，不管中了什么病毒，借助瑞星查杀、注册表恢复、再上网查查，一般都可以搞定。
    现在这病毒先把瑞星干掉，我就没办法了
    再说我监控一直开着，它怎么感染的呢？而且查杀不干净V¦¹ólÇwu3øbbs.ikaka.comwŸ2¸ê ØVX¸

到安全模式查查看吧V¦¹ólÇwu3øbbs.ikaka.comwŸ2¸ê ØVX¸

【回复“好朋友2”的帖子】
谢谢
没用V¦¹ólÇwu3øbbs.ikaka.comwŸ2¸ê ØVX¸

斑主呢？？？？帮帮忙啊

谢谢V¦¹ólÇwu3øbbs.ikaka.comwŸ2¸ê ØVX¸

监控问题：卸载瑞星，在卸载中选修复即可
杀毒问题：升极到18.42.32自然解决V¦¹ólÇwu3øbbs.ikaka.comwŸ2¸ê ØVX¸