每次开机出现Blaster Rpc Exploit漏洞攻击,不知道该怎么办..已经用瑞星漏洞补丁程序把漏洞都补上了,但是这个攻击不知道怎么回事,每次开机都跳出来2次后就没有了..求救
这个是扫描出来的日志
HijackThis_zww汉化版扫描日志 V1.99.1
保存于 23:53:24, 日期 2005-11-29
操作系统: Windows XP SP2 (WinNT 5.01.2600)
浏览器: Internet Explorer v6.00 SP2 (6.00.2900.2180)
当前运行的进程:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
C:\PROGRAM FILES\RISING\RAV\RavStub.exe
d:\工具1\rising\rfw\rfwsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
d:\工具1\rising\rfw\RfwMain.exe
C:\WINDOWS\Resources\Themes\YzDock\Yzdock.exe
C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
C:\PROGRA~1\RISING\RAV\RAVMON.EXE
D:\工具1\千千静听\TTPlayer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\svchost.exe
D:\GHOST\HijackThis1991zww.exe
O3 - IE工具栏增项: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - 启动项HKLM\\Run: [YzDock] C:\WINDOWS\Resources\Themes\YzDock\Yzdock.exe
O4 - 启动项HKLM\\Run: [RavTimer] C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
O4 - 启动项HKLM\\Run: [RavMon] C:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM
O4 - 启动项HKLM\\Run: [TkBellExe] ; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - 启动项HKLM\\Run: [RfwMain] "D:\工具1\Rising\Rfw\rfwmain.exe" -Startup
O4 - 启动项HKLM\\Run: [BigDogPath] ; C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKCU\..\Run: [ctfmon.exe] ; C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: 腾讯QQ.lnk = D:\Program Files\qq\QQ.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - IE右键菜单中的新增项目: &使用迅雷下载全部链接 - D:\Program Files\迅雷5\getAllurl.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - D:\Program Files\qq\AddPanel.htm
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Program Files\QQ\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Program Files\QQ\QQ.EXE
O14 - IERESET.INF: START_PAGE_URL=
about:blank
O16 - DPF: {2354A44B-3CEB-4829-9940-545B03103538} (PowerPlr Control) - http://bbsky.wuhan.net.cn/htyy/plugin/PowerPlr.ocx
O16 - DPF: {2BFAA61B-5C83-4865-8281-D8BDBF863061} (PGEdit Class) - https://www.gnetpg.com/PG_ATL.cab
O16 - DPF: {DF6FE46D-1D23-4668-AD3A-CDEA1262B282} (PowerDld Control) - http://bbsky.wuhan.net.cn/plugin/PowerDld.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{EBAA0364-CE80-4F8A-82B9-05A7A4316132}: NameServer = 202.103.0.68,202.103.24.68
O23 - NT 服务: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - NT 服务: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - NT 服务: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Corporation Limited - d:\工具1\rising\rfw\rfwsrv.exe
O23 - NT 服务: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - rising - C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
O23 - NT 服务: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
