瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 求助!瑞星监控和防火墙都打不开了!

1   1  /  1  页   跳转

求助!瑞星监控和防火墙都打不开了!

收藏
游来游去的羊
头像
初生襁褓狮
  • 帖子:3
  • 注册: 2006-09-30
  • 来自:
发表于: 2006-10-12 00:00 | 显示全部 短消息 资料
字号: 1楼

求助!瑞星监控和防火墙都打不开了!

刚才在网络服务商的影院,突然中毒提示!然后不停的弹网页!杀完毒后电脑就不正常了,一开始瑞星监控和防火墙都看不到了!然后修复,还是不行,瑞星监控老是启动后就变成红色的小雨伞,瑞星防火墙还是不能打开,超级兔子打开后一下就自动关闭!郁闷!请问是什么原因啊!顺便上传一个用完美卸载扫描的系统日志!请高手帮忙看看,是什么原因,不想重装系统啊!谢谢了
                完美卸载 - 系统检查检测报告!
建议:修复时请按照高手的反馈编号在修复工具中打勾进行修复.

--------------------------系统环境-------------------------
检测日期: 2006-10-11 23:46
Windows: Microsoft Windows XP
ServicePack: Service Pack 2
Update: 2600.xpsp_sp2_gdr.050301-1519
Internet Explorer: 6.0.2900.2180


-----------------------网络基础安全测试--------------------
密码安全检测:已经设置了管理员密码,建议:将密码复杂度和长度提高!
网络漏洞检测:存在IPC$空连接,但已经禁止匿名访问,安全!

服务名称        是否运行              描述
RemoteRegistry [已停止] [说明:这个服务可能被利用远程操作注册表]
Windows Time  [运行中] [说明:这个服务可能被黑客利用来启动木马]
Telnet        [已停止] [说明:这个服务可能被黑客登录到您计算机]
Messenger      [已停止] [说明:这个服务常被广告商用来发垃圾广告]
Server        [运行中] [说明:如果你的电脑不用局域网中,可以关闭]
建议在[控制面板]-[管理工具]-[服务]中,找到这些服务关闭并设置为[禁用].

-----------------------计算机网络端口----------------------
协议      端口号              端口类型
TCP        135        微软DCE RPC end-point mapper服务
TCP        445        Microsoft-DS
TCP        139        微软Netbios Name服务(用于文件及打印机共享)
TCP      1036        未知类型
TCP      1090        未知类型
TCP      1091        未知类型
TCP      1092        未知类型
TCP      1093        未知类型
TCP      1094        未知类型
TCP      1096        未知类型
TCP      1097        未知类型
TCP      1098        未知类型
TCP      1099        未知类型
TCP      1101        未知类型
TCP      1029        未知类型
TCP        445        公共Internet文件系统(CIFS)
TCP        500        Internet密钥交换
TCP      1025        Maverick's Matrix 1.2 - 2.0
TCP      4500        sae-urn
TCP        123        未知类型
TCP        137        未知类型
TCP        138        未知类型
TCP        123        未知类型
TCP      1027        UC聊天软件,Trojan.Huigezi.e
TCP      1035        未知类型
TCP      1037        未知类型
TCP      1088        未知类型
TCP      1095        未知类型


--------------------计算机系统组件体检----------------------
[编号:0]
[名称:\SystemRoot\System32\smss.exe]
[类型:运行进程]
[内容:未知]

[编号:1]
[名称:\??\C:\WINDOWS\system32\csrss.exe]
[类型:运行进程]
[内容:未知]

[编号:2]
[名称:\??\C:\WINDOWS\system32\winlogon.exe]
[类型:运行进程]
[内容:未知]

[编号:3]
[名称:C:\WINDOWS\system32\services.exe]
[类型:运行进程]
[内容:Microsoft(R) Windows(R) Operating System (C) Microsoft Corporation. All rights reserved.]

[编号:4]
[名称:C:\WINDOWS\system32\lsass.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:5]
[名称:C:\WINDOWS\system32\Ati2evxx.exe]
[类型:运行进程]
[内容:ATI External Event Utility for WindowsNT and Windows9X Copyright ? 1999-2004 ATI Technologies Inc.]

[编号:6]
[名称:C:\WINDOWS\system32\svchost.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:7]
[名称:C:\WINDOWS\system32\svchost.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:8]
[名称:C:\WINDOWS\System32\svchost.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:9]
[名称:C:\WINDOWS\system32\svchost.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:10]
[名称:C:\WINDOWS\system32\svchost.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:11]
[名称:C:\WINDOWS\system32\Ati2evxx.exe]
[类型:运行进程]
[内容:ATI External Event Utility for WindowsNT and Windows9X Copyright ? 1999-2004 ATI Technologies Inc.]

[编号:12]
[名称:C:\WINDOWS\system32\spoolsv.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:13]
[名称:C:\WINDOWS\Explorer.EXE]
[类型:运行进程]
[内容:Microsoft(R) Windows(R) Operating System (C) Microsoft Corporation. All rights reserved.]

[编号:14]
[名称:C:\WINDOWS\system32\ctfmon.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:15]
[名称:C:\Program Files\Internet Explorer\IEXPLORE.exe]
[类型:运行进程]
[内容:Microsoft(R) Windows(R) Operating System (C) Microsoft Corporation. All rights reserved.]

[编号:16]
[名称:C:\WINDOWS\system32\svchost.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:17]
[名称:C:\WINDOWS\system32\tpamon.exe]
[类型:运行进程]
[内容:UrlClient Module Copyright 2006]

[编号:18]
[名称:C:\WINDOWS\System32\alg.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:19]
[名称:C:\WINDOWS\system32\conime.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:20]
[名称:C:\WINDOWS\WINLOGON.EXE]
[类型:运行进程]
[内容:GtE8w0l9NLysBCdvZTRh (null)]

[编号:21]
[名称:C:\Program Files\南海视讯宽带网认证软件 V(3.1.1.NH03)\client.exe]
[类型:运行进程]
[内容:未知]

[编号:22]
[名称:C:\Program Files\Maxthon\Maxthon.exe]
[类型:运行进程]
[内容:Maxthon Application Copyright (C) 2002]

[编号:23]
[名称:C:\Program Files\完美卸载V2006\MainCon.exe]
[类型:运行进程]
[内容:完美卸载V2006 主控制台 版权所有 (C) 2005]

[编号:24]
[名称:C:\Program Files\完美卸载V2006\SysSec.exe]
[类型:运行进程]
[内容:完美卸载V2006-ChinaHijackThis 版权所有 (C) 2006]

[编号:25]
[分隔符:---------------------------------------------------------------------]

[编号:26]
[名称:C:\WINDOWS\919331M.BMP]
[类型:已加载DLL]
[内容:未知]

[编号:27]
[名称:C:\WINDOWS\system32\Ati2evxx.dll]
[类型:已加载DLL]
[内容:ATI External Event Utility for NT, W2K and W9X Copyright ? 1999-2004 ATI Technologies Inc.]

[编号:28]
[名称:C:\WINDOWS\system32\Ati2edxx.dll]
[类型:已加载DLL]
[内容:ATI External Device Utility Copyright (c) ATI Technologies Inc. 2003]

[编号:29]
[名称:C:\WINDOWS\system32\mywow.dll]
[类型:已加载DLL]
[内容:未知]

[编号:30]
[名称:C:\WINDOWS\system32\msdmo.dll]
[类型:已加载DLL]
[内容:(null) (null)]

[编号:31]
[名称:C:\Program Files\WinRAR\rarext.dll]
[类型:已加载DLL]
[内容:未知]

[编号:32]
[名称:C:\Program Files\Rising\Rav\RSCOMMON.DLL]
[类型:已加载DLL]
[内容:Rising Antivirus Software Copyright (c) 1998-2006 Rising Corp.]

[编号:33]
[名称:C:\WINDOWS\system32\sptd.dll]
[类型:已加载DLL]
[内容:IEGuard Module Copyright 2002]

[编号:34]
[名称:C:\WINDOWS\system32\SecurityC1.dll]
[类型:已加载DLL]
[内容:CNNET, Security  Certification Copyright (C) 2003-2006 CNNET, INC.]

[编号:35]
[名称:C:\PROGRA~1\KuGoo3\KUGOO3~1.OCX]
[类型:已加载DLL]
[内容:未知]

[编号:36]
[名称:C:\Program Files\Maxthon\maxzlib.dll]
[类型:已加载DLL]
[内容:  maxzlib Copyright ? 2005]

[编号:37]
[名称:C:\Program Files\Maxthon\Services\RealTime\real_time.dll]
[类型:已加载DLL]
[内容:RealTime Module Copyright 2003]

[编号:38]
[名称:C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]
[类型:已加载DLL]
[内容:Shockwave Flash ? 1996-2006 Adobe Macromedia Software LLC. All rights reserved.]

[编号:39]
[名称:C:\WINDOWS\system32\UNISPIM5.IME]
[类型:已加载DLL]
[内容:紫光华宇拼音 Copyright (c) Thunisoft]

[编号:40]
[名称:C:\Program Files\完美卸载V2006\SkinMagic.dll]
[类型:已加载DLL]
[内容:Appspeed SkinMagic Toolkit Copyright ? 2002-2006]

[编号:41]
[分隔符:---------------------------------------------------------------------]
最后编辑2006-10-12 00:01:18.217000000
分享到:
gototop
 
游来游去的羊
头像
初生襁褓狮
  • 帖子:3
  • 注册: 2006-09-30
  • 来自:
发表于: 2006-10-12 00:01 | 显示全部 短消息 资料
字号: 2楼

[编号:42]
[名称:IMJPMIG8.1]
[类型:开机启动]
[内容:; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32]

[编号:43]
[名称:PHIME2002ASync]
[类型:开机启动]
[内容:; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC]

[编号:44]
[名称:PHIME2002A]
[类型:开机启动]
[内容:; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName]

[编号:45]
[名称:NVMixerTray]
[类型:开机启动]
[内容:; "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"]

[编号:46]
[名称:ATIPTA]
[类型:开机启动]
[内容:; C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe]

[编号:47]
[名称:TkBellExe]
[类型:开机启动]
[内容:; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot]

[编号:48]
[名称:IMSCMig]
[类型:开机启动]
[内容:; C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload]

[编号:49]
[名称:NeroFilterCheck]
[类型:开机启动]
[内容:; C:\WINDOWS\system32\NeroCheck.exe]

[编号:50]
[名称:LiveUpatePower]
[类型:开机启动]
[内容:; C:\Program Files\完美卸载V2006\MyUpdate.exe -PowerOn]

[编号:51]
[名称:KernelFaultCheck]
[类型:开机启动]
[内容:%systemroot%\system32\dumprep 0 -k]

[编号:52]
[名称:Torjan Program]
[类型:开机启动]
[内容:C:\WINDOWS\WINLOGON.EXE]

[编号:53]
[名称:ctfmon.exe]
[类型:开机启动]
[内容:C:\WINDOWS\system32\ctfmon.exe]

[编号:54]
[名称:rx]
[类型:开机启动]
[内容:C:\WINDOWS\system32\explore.exe]

[编号:55]
[名称:wow]
[类型:开机启动]
[内容:C:\WINDOWS\system32\Launcher.exe]

[编号:56]
[分隔符:---------------------------------------------------------------------]

[编号:57]
[名称:AFD]
[类型:服务:未知]
[内容:\SystemRoot\System32\drivers\afd.sys]

[编号:58]
[名称:ATI Smart]
[类型:服务:ATI Smart Copyright (C) 1998 - 2004 ATI Technologies Inc.]
[内容:C:\WINDOWS\system32\ati2sgag.exe]

[编号:59]
[名称:Rising TDI Base Driver]
[类型:服务:Rising PFW Copyright(c) 1998-2006 Beijing  Rising  Technology  Corporation  Limited]
[内容:C:\WINDOWS\system32\drivers\basetdi.sys]

[编号:60]
[名称:DCOM Server Process Launcher]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\svchost ]

[编号:61]
[名称:ExpScaner]
[类型:服务:未知]
[内容:c:\program files\rising\rav\expscan.sys]

[编号:62]
[名称:HookCont]
[类型:服务:未知]
[内容:c:\program files\rising\rav\hookcont.sys]

[编号:63]
[名称:HookReg]
[类型:服务:未知]
[内容:c:\program files\rising\rav\hookreg.sys]

[编号:64]
[名称:HookSys]
[类型:服务:未知]
[内容:c:\program files\rising\rav\hooksys.sys]

[编号:65]
[名称:MEMSCAN]
[类型:服务:未知]
[内容:c:\program files\rising\rav\memscan.sys]

[编号:66]
[名称:mProcRs]
[类型:服务:未知]
[内容:c:\program files\rising\rfw\mprocrs.sys]

[编号:67]
[名称:Network AD Service]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\netdds.exe]

[编号:68]
[名称:Netgroup Packet Filter]
[类型:服务:WinPcap Netgroup Packet Filter Driver Copyright ? 2005 CACE Technologies. Copyright ? 2003-2005 NetGroup, Politecnico di Torino.]
[内容:C:\WINDOWS\system32\drivers\npf.sys]

[编号:69]
[名称:npkcrypt]
[类型:服务:未知]
[内容:c:\program files\tencent\qq\npkcrypt.sys]

[编号:70]
[名称:Service for NVIDIA(R) nForce(TM) Audio Enumerator]
[类型:服务:NVIDIA nForce(TM) Audio Driver Copyright(C) 2000-2005 NVIDIA Corporation]
[内容:C:\WINDOWS\system32\drivers\nvax.sys]

[编号:71]
[名称:NVIDIA Disk Cache Filter Driver]
[类型:服务:NVIDIA nForce(TM) Cache Filter Driver Copyright(C) 2001-2005 NVIDIA Corporation]
[内容:C:\WINDOWS\system32\drivers\nvcchflt.sys]

[编号:72]
[名称:NVIDIA nForce Networking Controller Driver]
[类型:服务:NVENETFD Copyright ? 2001-2003 NVIDIA Corporation]
[内容:C:\WINDOWS\system32\drivers\nvenetfd.sys]

[编号:73]
[名称:NVIDIA Network Bus Enumerator]
[类型:服务:NVNETBUS Copyright ? 2001-2003 NVIDIA Corporation]
[内容:C:\WINDOWS\system32\drivers\nvnetbus.sys]

[编号:74]
[名称:Service for NVIDIA(R) nForce(TM) Audio]
[类型:服务:NVIDIA nForce(TM) Audio Driver Copyright(C) 2000-2005 NVIDIA Corporation]
[内容:C:\WINDOWS\system32\drivers\nvapu.sys]

[编号:75]
[名称:PnpWmkDrv]
[类型:服务:未知]
[内容:c:\windows\system32\drivers\pnpwmkdrv.sys]

[编号:76]
[名称:Remote Procedure Call (RPC)]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\svchost ]

[编号:77]
[名称:Secdrv]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\drivers\secdrv.sys]

[编号:78]
[名称:USB PC Camera (SNPSTD3)]
[类型:服务:PC Camera driver Copyright 2001-2004]
[内容:C:\WINDOWS\system32\drivers\snpstd3.sys]

[编号:79]
[名称:Terminal Services]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\svchost ]

[编号:80]
[名称:WmNdisDrv]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\drivers\wmndisdrv.sys]

[编号:81]
[名称:WmRegProDrv]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\drivers\wmregprodrv.sys]

[编号:82]
[分隔符:---------------------------------------------------------------------]

[编号:83]
[名称:Start Page]
[类型:IE主页-当前用户]
[内容:about:blank]

[编号:84]
[名称:Search Page]
[类型:IE搜索-当前用户]
[内容:http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch]

[编号:85]
[名称:Start Page]
[类型:IE主页-所有用户]
[内容:about:blank]

[编号:86]
[名称:Search Page]
[类型:IE搜索-所有用户]
[内容:http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch]

[编号:87]
[名称:Default_Page_URL]
[类型:默认IE主页-所有用户]
[内容:http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome]

[编号:88]
[名称:Default_Search_URL]
[类型:默认IE搜索-所有用户]
[内容:http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch]

[编号:89]
[分隔符:---------------------------------------------------------------------]

[编号:90]
[名称:{92780B25-18CC-41C8-B9BE-3C9C571A8263}]
[类型:IE 扩展按钮]
[内容:信息检索 路径:信息检索]

[编号:91]
[名称:{D6E814A0-E0C5-11d4-8D29-0050BA6940E3}]
[类型:IE 扩展按钮]
[内容:FlashGet 路径:C:\PROGRA~1\FlashGet\flashget.exe]

[编号:92]
[名称:{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6}]
[类型:IE 扩展按钮]
[内容:QQ炫彩工具条设置 路径:QQ炫彩工具条设置]

[编号:93]
[名称:{FB5F1910-F110-11d2-BB9E-00C04F795683}]
[类型:IE 扩展按钮]
[内容:Messenger 路径:C:\Program Files\Messenger\msmsgs.exe]

[编号:94]
[分隔符:---------------------------------------------------------------------]

[编号:95]
[名称:&Google Search]
[类型:IE 右键按钮]
[内容: 路径:er\m]

[编号:96]
[名称:上传到QQ网络硬盘]
[类型:IE 右键按钮]
[内容: 路径:er\m]

[编号:97]
[名称:使用网际快车下载]
[类型:IE 右键按钮]
[内容: 路径:er\m]

[编号:98]
[名称:使用网际快车下载全部链接]
[类型:IE 右键按钮]
[内容: 路径:er\m]

[编号:99]
[名称:导出到 Microsoft Office Excel(&X)]
[类型:IE 右键按钮]
[内容: 路径:er\m]

[编号:100]
[名称:添加到QQ自定义面板]
[类型:IE 右键按钮]
[内容: 路径:er\m]

[编号:101]
[名称:添加到QQ表情]
[类型:IE 右键按钮]
[内容: 路径:er\m]

[编号:102]
[名称:用QQ彩信发送该图片]
[类型:IE 右键按钮]
[内容: 路径:er\m]

[编号:103]
[分隔符:---------------------------------------------------------------------]

[编号:104]
[名称:PostBootReminder]
[类型:正常嵌入对象]
[内容:%SystemRoot%\system32\SHELL32.dll]

[编号:105]
[名称:CDBurn]
[类型:正常嵌入对象]
[内容:%SystemRoot%\system32\SHELL32.dll]

[编号:106]
[名称:WebCheck]
[类型:正常嵌入对象]
[内容:%SystemRoot%\system32\webcheck.dll]

[编号:107]
[名称:SysTray]
[类型:正常嵌入对象]
[内容:C:\WINDOWS\system32\stobject.dll]

[编号:108]
[分隔符:---------------------------------------------------------------------]

[编号:109]
[名称:]
[类型:EXE关联]
[内容:"%1" %*]

[编号:110]
[名称:]
[类型:TXT关联]
[内容:%SystemRoot%\system32\NOTEPAD.EXE %1]

[编号:111]
[名称:]
[类型:vbs关联]
[内容:%SystemRoot%\System32\WScript.exe "%1" %*]

[编号:112]
[名称:]
[类型:Js关联]
[内容:%SystemRoot%\System32\WScript.exe "%1" %*]

[编号:113]
[名称:]
[类型:htmlfile关联]
[内容:"C:\Program Files\Maxthon\Maxthon.exe" "%1"]

[编号:114]
[名称:]
[类型:HTTP协议]
[内容:"C:\Program Files\Maxthon\Maxthon.exe" "%1"]

[编号:115]
[名称:]
[类型:FTP协议]
[内容:"C:\Program Files\Maxthon\Maxthon.exe" "%1"]

[编号:116]
[分隔符:---------------------------------------------------------------------]

[编号:117]
[名称:c:\windows\system32\deskpan.dll]
[类型:第三方 COM/ActiveX组件]
[内容:显示摇曳 CPL 扩展---发布公司:未知]

--------------------感谢您关注我们的软件---------------------
网站: http://www.killsoft.cn  产品:完美卸载V2006
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT