请各位高手指点：杀软杀不了，瑞星监控打不开，强行修改主页等。【原创】 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛请各位高手指点：杀软杀不了，瑞星监控打不开，强行修改主页等。【原创】

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

请各位高手指点：杀软杀不了，瑞星监控打不开，强行修改主页等。【原创】

kebi 初生襁褓狮帖子:1 注册: 2006-08-21 来自:	发表于： 2006-08-22 09:02 \| 显示全部短消息资料字号：小中大 1楼请各位高手指点：杀软杀不了，瑞星监控打不开，强行修改主页等。【原创】请教各位高手：我的电脑中毒了。现象为：1、瑞星监控不能打开，是红伞；2、文件夹选项中不能点选“显示所有文件和文件夹”，即选中退出后、再进入看时仍未选上；３、瑞星（最新版）杀毒杀不完，主要是Backdoor和Trojan两大类；４、强行修改ＩＥ主页和弹出动个网页，用瑞星咔咔修复后仍不能解决问题。下面是我的hijackthis日志，请帮我分析一下。我该怎样清除病毒，谢谢！ Logfile of HijackThis v1.99.1 Scan saved at 8:34:43, on 2006-8-22 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe d:\rising\rfw\rfwsrv.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\SYSTEM32\RUNDLL32.EXE C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\FixCamera.exe C:\WINDOWS\vsnp2std.exe C:\WINDOWS\System32\nvsvc32.exe E:\downloads\XDeskWeather_3_5_Setup\XDeskWeather.exe D:\Rising\Rav\RavTask.exe D:\Rising\Rfw\rfwmain.exe C:\WINDOWS\System32\ctfmon.exe D:\pda\wince\Microsoft ActiveSync\WCESCOMM.EXE C:\WINDOWS\System32\oodag.exe C:\WINDOWS\System32\svchost.exe D:\wl\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe D:\Rising\Rav\Ravmon.exe C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe D:\Microtek\ScanWizard 5\ScannerFinder.exe D:\pad\Palm\HOTSYNC.EXE D:\wl\CamZoomer\camzoomer.exe D:\rising\rav\Rav.exe D:\wl\Mozilla firefox\firefox.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Rising\KakaToolBar\Repair.exe D:\Personal\administrator\Desktop\HijackThis.exe R3 - Default URLSearchHook is missing F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\userinit.exe O2 - BHO: Shockwave Flash Object - {14A21378-5BB1-4BC4-95D5-5D3F51527F6F} - C:\WINDOWS\system32\smflash.ocx O2 - BHO: MyIEHelper Class - {16B770A0-0E87-4278-B748-2460D64A8386} - C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper2006815_4700.dll O2 - BHO: (no name) - {D424FE4E-CAF9-4fdd-BC5F-E6E6B91D53BF} - (no file) O3 - Toolbar: IE标准栏 - {954F618B-0DEC-4D1A-9317-E0FC96F87865} - C:\WINDOWS\system32\amstreamxb.dll O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\System32\kakatool.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\wl\FLASHGET\fgiebar.dll O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe O4 - HKLM\..\Run: [XDeskWeather] E:\downloads\XDeskWeather_3_5_Setup\XDeskWeather.exe O4 - HKLM\..\Run: [RavTask] "d:\Rising\Rav\RavTask.exe" -system O4 - HKLM\..\Run: [RfwMain] "d:\Rising\Rfw\rfwmain.exe" -Startup O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\pda\wince\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKCU\..\Run: [SpybotSD TeaTimer] d:\wl\Spybot - Search & Destroy\TeaTimer.exe O4 - Startup: HotSync Manager.lnk = D:\pad\Palm\HOTSYNC.EXE O4 - Startup: CamZoomer.lnk = D:\wl\CamZoomer\camzoomer.exe O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe O4 - Global Startup: Microtek 扫描仪探测器.lnk = D:\Microtek\ScanWizard 5\ScannerFinder.exe O8 - Extra context menu item: 使用网际快车下载 - D:\wl\FlashGet\jc_link.htm O8 - Extra context menu item: 使用网际快车下载全部链接 - D:\wl\FlashGet\jc_all.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java 控制台 - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wshcon32.dll O11 - Options group: [!IESearch] !IESearch O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll O16 - DPF: {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} (Edit Class) - https://www.sz1.cmbchina.com/download/CMBEdit.cab O16 - DPF: {15DDE989-CD45-4561-BF99-D22C0D5C2B74} - O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} (KX-HCM10 Control) - http://222.147.114.174/kxhcm10.ocx O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (CEditCtrl Object) - https://img.alipay.com/download/1007/aliedit.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {5932517A-3326-4439-A708-1C98EDB5C549} (Downloader Class) - file://C:\Documents and Settings\All Users\Application Data\Share Helper\Cast\GGS\d27968518b\js\iMopDl.cab O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class) - http://das.microsoft.com/activate/cab/x86/i486/NTANSI/retail/DASAct.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O16 - DPF: {CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA} (Java Runtime Environment 1.4.0) - O16 - DPF: {F4B47EEA-5D5D-4055-A6B5-ED59CC3C5BB3} (Upgrade Class) - http://update.qyule.com/client.cab O16 - DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} (pCastPanel Class) - http://ps.itv.mop.com/dn/files/pCastCtl-1.0.0.90-signed.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{53BEC82E-A4A8-4265-9AE9-C6F8238156CB}: NameServer = 218.246.195.4,218.246.195.5 O18 - Protocol: mp3 - {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - (no file) O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O21 - SSODL: webwork - {4C611512-2C1D-44b2-A044-872AD2AD5A61} - C:\WINDOWS\webwork\webwork.dll O21 - SSODL: themeadp - {64274C93-3CE7-4663-9C8D-CD2DC8A3590B} - C:\WINDOWS\System32\themeadp.dll O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\System32\oodag.exe O23 - Service: Rising Proxy Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - d:\rising\rfw\rfwproxy.exe O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - d:\rising\rfw\rfwsrv.exe O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\Rising\Rav\Ravmond.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe 2006-08-22 09:26:23
kebi 初生襁褓狮帖子:1 注册: 2006-08-21 来自:	分享到：

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT