急，防火墙跟监控中心全启动不了 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛急，防火墙跟监控中心全启动不了

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

急，防火墙跟监控中心全启动不了

仍然爱她初生襁褓狮帖子:375 注册: 2004-08-30 来自:	发表于： 2006-08-04 16:56 \| 显示全部短消息资料字号：小中大 1楼急，防火墙跟监控中心全启动不了今天下午上网上到一半，突然间监控中心跟防火墙自动退出了，我马上重新启动，不行，现在老启动不了，赁着经验，我删掉了几个应该是病毒的文件，一个在临时文件夹里面的AN85.EXE，一个是跟系统文件一样的在WINDOWS文件夹里面隐缠的SMSS.EXE文件，还有一个在SYSTEM里面的1.EXE的文件，删掉了所有的垃圾流氓软件，但是照样启动不了，有日志以经在安全模式下进行过查毒，根本没有任务发现，病毒库是最新的，8月4号早上升的级 Logfile of HijackThis v1.99.1 Scan saved at 16:40:06, on 2006-8-4 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.exe C:\Program Files\Rising\Rav\RavTask.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe F:\HijackThis V1.99\HijackThis.exe R3 - Default URLSearchHook is missing F2 - REG:system.ini: Shell=Explorer.exe 1 F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - C:\Program Files\Tencent\QQ\QQIEHelper.dll O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system O4 - HKLM\..\Run: [YOKAssiant] ;Rundll32.exe C:\PROGRA~1\YOK.com\SUPERS~1\YOK_SuperSearch.dll,YOKAssiant uninstall O4 - HKLM\..\Run: [TProgram] C:\WINDOWS\SMSS.EXE O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\Tencent\QQ\AddToNetDisk.htm O8 - Extra context menu item: 使用网际快车下载 - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: 使用网际快车下载全部链接 - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm O9 - Extra button: 体验家园主页 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.xpboy.com (file missing) O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll O16 - DPF: {036E1920-9157-4A3F-B0EE-C7A0DB66A3E5} (GL_CuVcPayment_UI.GL_CuVcPayment) - http://59.35.192.30:8899/power2000/DownLoad/GL/GL_CuVcPayment_UI.CAB O16 - DPF: {10C733D4-47AC-44F2-979F-B0A7D8C7C946} (ST_MoveBill_UI.ST_MoveBill) - http://59.35.192.30:8899/power2000/DownLoad/ST/ST_MoveBill_UI.CAB O16 - DPF: {1BC9B132-DF42-4D6E-8C4E-87702B63D5B3} (DS_ClientTotal_UI.DS_ClientTotal) - http://59.35.192.30:8899/power2000/DownLoad/DS/DS_ClientTotal_UI.CAB O16 - DPF: {1C60EE44-2C95-437B-8BDB-84A736B01C09} (PU_InBill_UI.PU_InBill) - http://59.35.192.30:8899/power2000/DownLoad/PU/PU_InBill_UI.CAB O16 - DPF: {2354A44B-3CEB-4829-9940-545B03103538} (PowerPlr Control) - http://5151c.wz16300.com/plugin/PowerPlr.ocx O16 - DPF: {23EA5C68-ECFF-4DF8-9AC0-1EADDD1FC195} (DS_ClientInOut_UI.DS_ClientInOut) - http://59.35.192.30:8899/power2000/DownLoad/DS/DS_ClientInOut_UI.CAB O16 - DPF: {3FEDE885-6AB5-4C71-B204-1090ED75393A} (HG_InBill_UI.HG_InBill) - http://59.35.192.30:8899/power2000/DownLoad/CU/HG_InBill_UI.CAB O16 - DPF: {40C430A6-5D78-4060-BBA6-F927D8B82366} (CRUFL_Power2000_API.GL) - http://59.35.192.30:8899/power2000/DownLoad/SY/CRUFL_Power2000_API.CAB O16 - DPF: {4E054337-E470-4DCF-8D89-4A76943CE796} (SY_MSWinCommonCtl.SY_MSWinCommon) - http://59.35.192.30:8899/power2000/DownLoad/SY/SY_MSWinCommonCtl.CAB O16 - DPF: {586A05F7-0D58-4078-9E93-B1E20E4F8593} (Power2000_UI.Power2000) - http://59.35.192.30:8899/power2000/DownLoad/SY/Power2000_UI.CAB O16 - DPF: {629A9E42-54F5-410A-BF54-5607735EC76D} (ST_UnPack_UI.ST_UnPack) - http://59.35.192.30:8899/power2000/DownLoad/ST/ST_UnPack_UI.CAB O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1125405223875 O16 - DPF: {66DB4616-3BC3-4913-9347-EEC79D86B79D} (PU_OutBill_UI.PU_OutBill) - http://59.35.192.30:8899/power2000/DownLoad/PU/PU_OutBill_UI.CAB O16 - DPF: {6DB39024-7048-43B7-818F-5204EA1E9442} (DS_Client_UI.DS_Client) - http://59.35.192.30:8899/power2000/DownLoad/DS/DS_Client_UI.CAB O16 - DPF: {737FBB00-BA52-46F5-8341-CC445E24B4FD} (SY_RichTextCtl.SY_RichText) - http://59.35.192.30:8899/power2000/DownLoad/SY/SY_RichTextCtl.CAB O16 - DPF: {77520D63-DA71-41A2-B4A5-5DD9212E0818} (GL_Voucher_UI.GL_Voucher) - http://59.35.192.30:8899/power2000/DownLoad/GL/GL_Voucher_UI.CAB O16 - DPF: {82377933-80D2-411D-B806-9B2B938BB48A} (ST_OutBill_UI.ST_OutBill) - http://59.35.192.30:8899/power2000/DownLoad/ST/ST_OutBill_UI.CAB O16 - DPF: {847030F0-EFAC-4388-BE61-B5F05592C6A9} (GL_CuVcRecBill_UI.GL_CuVcRecBill) - http://59.35.192.30:8899/power2000/DownLoad/GL/GL_CuVcRecBill_UI.CAB O16 - DPF: {854864AE-821E-41A7-9E7F-FE3FB40FFD94} (CA_Recment_UI.CA_Recment) - http://59.35.192.30:8899/power2000/DownLoad/CA/CA_Recment_UI.CAB O16 - DPF: {8837919F-9941-4BB8-B14F-672B1529D74D} (PU_InQuery_UI.PU_InQuery) - http://59.35.192.30:8899/power2000/DownLoad/PU/PU_InQuery_UI.CAB O16 - DPF: {888C0DEC-64C1-4693-A523-AF5C0CD7AD4A} (DS_OutBill_UI.DS_OutBill) - http://59.35.192.30:8899/power2000/DownLoad/DS/DS_OutBill_UI.CAB O16 - DPF: {9A960C38-996A-494D-9F7A-CE5ABC43A7BA} (CA_Payment_UI.CA_Payment) - http://59.35.192.30:8899/power2000/DownLoad/CA/CA_Payment_UI.CAB O16 - DPF: {A202D34D-3AD6-4697-B0C4-4FAB2D610450} (SM_DocPrint_UI.SM_DocPrint) - http://59.35.192.30:8899/power2000/DownLoad/SM/SM_DocPrint_UI.CAB O16 - DPF: {A4C479A7-3BEE-4305-960E-34C7C6882790} (SY_Print_UI.SY_Print) - http://59.35.192.30:8899/power2000/DownLoad/SY/SY_Print_UI.CAB O16 - DPF: {B08259E1-9940-4FBB-B2C0-8782824F4901} (ST_AdjBill_UI.ST_AdjBill) - http://59.35.192.30:8899/power2000/DownLoad/ST/ST_AdjBill_UI.CAB O16 - DPF: {B8B0F71F-BB0A-4E1C-A4FA-39F912B27427} (GL_Ledger_UI.GL_Ledger) - http://59.35.192.30:8899/power2000/DownLoad/GL/GL_Ledger_UI.CAB O16 - DPF: {BCC28A07-07A0-4ABF-946B-A9180CFA48C2} (FA_Depreciate_UI.FA_Depreciate) - http://59.35.192.30:8899/power2000/DownLoad/FA/FA_Depreciate_UI.CAB O16 - DPF: {BD072926-76BB-48B5-A23C-6EA06B60A984} (DS_ArticleTotal_UI.DS_ArticleTotal) - http://59.35.192.30:8899/power2000/DownLoad/DS/DS_ArticleTotal_UI.CAB O16 - DPF: {CC708C8D-FC24-4BF8-8FED-1D56F9A86983} (GL_CuVcRecment_UI.GL_CuVcRecment) - http://59.35.192.30:8899/power2000/DownLoad/GL/GL_CuVcRecment_UI.CAB O16 - DPF: {D09396B5-8F13-4156-82DD-3CBE8FF4374F} (GL_CuVcPayBill_UI.GL_CuVcPayBill) - http://59.35.192.30:8899/power2000/DownLoad/GL/GL_CuVcPayBill_UI.CAB O16 - DPF: {D3D47D40-A6F1-4D7D-897D-04924D3DDF66} (FD_Article_UI.FD_Article) - http://59.35.192.30:8899/power2000/DownLoad/FD/FD_Article_UI.CAB O16 - DPF: {D7E67DC4-FA06-40EE-9CFD-E219B1D8F941} (CA_RecBill_UI.CA_RecBill) - http://59.35.192.30:8899/power2000/DownLoad/CA/CA_RecBill_UI.CAB O16 - DPF: {DBB8BFCC-BF0D-4F68-A800-82EDA085D7EB} (SM_Email_UI.SM_Email) - http://59.35.192.30:8899/power2000/DownLoad/SM/SM_Email_UI.CAB O16 - DPF: {DBE2B047-0142-4C31-A208-60F878D2B625} (DS_InBill_UI.DS_InBill) - http://59.35.192.30:8899/power2000/DownLoad/DS/DS_InBill_UI.CAB O16 - DPF: {F138084D-84D7-48CD-BEA8-04772457516E} (VqqSpeedDlProxy Class) - http://59.36.97.38/jsxz/vqqsdl1009.cab O16 - DPF: {FAD33D8D-8FA5-4E5D-A070-49E344DF17A6} (SY_FlexGridCtl.SY_FlexGrid) - http://59.35.192.30:8899/power2000/DownLoad/SY/SY_FlexGridCtl.CAB O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O23 - Service: Rising Proxy Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe O23 - Service: Rising Personal Firewall Service (RfwService) - Unknown owner - c:\program files\rising\rfw\rfwsrv.exe O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe 2006-08-04 17:22:17
仍然爱她初生襁褓狮帖子:375 注册: 2004-08-30 来自:	分享到：

仍然爱她初生襁褓狮帖子:375 注册: 2004-08-30 来自:	发表于： 2006-08-04 17:06 \| 显示全部短消息资料字号：小中大 2楼回2楼的，那是我公司的内部网，不用担心
仍然爱她初生襁褓狮帖子:375 注册: 2004-08-30 来自:

仍然爱她初生襁褓狮帖子:375 注册: 2004-08-30 来自:	发表于： 2006-08-04 17:18 \| 显示全部短消息资料字号：小中大 3楼瑞星，别让我们失望啊，妈的，怎么没有人出来说解救方案啊，二楼的说的不对，我不是中了那个马，因为根本找不到那个贴里面的文件，但是是不是变种我就不晓得了，现在进程里面凡是属于瑞星的也全启动不了了
仍然爱她初生襁褓狮帖子:375 注册: 2004-08-30 来自:

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT