救救啊! - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛救救啊!

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

救救啊!

Maxwell2005 初生襁褓狮帖子:45 注册: 2006-01-20 来自:	发表于： 2006-10-28 17:03 \| 显示全部短消息资料字号：小中大 1楼救救啊! 我电脑近日染毒,用瑞星杀过了.可是现在每次开机监控都会跳出说发现病毒Trojan Clicker.Vb.abu,怎么办啊?(好象瑞星杀了还有杀了还有,安全模式也杀过,开机还是有) 2006-10-29 19:21:24
Maxwell2005 初生襁褓狮帖子:45 注册: 2006-01-20 来自:	分享到：

Maxwell2005 初生襁褓狮帖子:45 注册: 2006-01-20 来自:	发表于： 2006-10-28 18:19 \| 显示全部短消息资料字号：小中大 2楼 Logfile of HijackThis v1.99.1 Scan saved at 18:09:01, on 2006-10-28 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Unable to get Internet Explorer version! Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe D:\Rising\Rav\CCenter.exe C:\WINDOWS\System32\svchost.exe D:\Rising\Rav\Ravmond.exe C:\Program Files\Rising\Rfw\rfwsrv.exe C:\WINDOWS\Explorer.EXE D:\Rising\Rav\RavStub.exe D:\Rising\Rav\RavTask.exe F:\winpatrol.exe D:\Rising\Rav\Ravmon.exe C:\Program Files\Rising\Rfw\rfwmain.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\ChinaNet\VnetClient.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\System32\svchost.exe F:\Program Files\BitSpirit\BitSpirit.exe C:\Program Files\Tencent\QQ\QQ.exe C:\Program Files\Tencent\QQ\TIMPlatform.exe C:\Program Files\Tencent\QQ\QQ.exe C:\Program Files\Tencent\QQ\QQexternal.exe C:\Program Files\Tencent\QQ\QQ.exe C:\Program Files\Real\RealPlayer\realplay.exe F:\hijackthis\HijackThis.exe F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: VnetCookie Class - {4E83D567-4697-4F7B-B1F0-A513B01DB89A} - c:\PROGRA~1\chinanet\VNETTR~1.DLL O2 - BHO: ntsvr Class - {79B8A2B5-CCAB-40CD-B939-A18B916FAD95} - C:\WINDOWS\System32\ntsvr.dll O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\System32\KakaTool.dll O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [RavTask] "D:\Rising\Rav\RavTask.exe" -system O4 - HKLM\..\Run: [WinPatrol] f:\winpatrol.exe O4 - HKLM\..\Run: [Rising Personal FireWall Main Program] C:\Program Files\Rising\Rfw\rfwmain.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Super Rabbit SafeEdit] F:\Program Files\Super Rabbit\MagicSet\SRFC.EXE /Load O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: 星空极速.lnk = C:\Program Files\ChinaNet\VnetClient.exe O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm O8 - Extra context menu item: 用比特精灵下载(&B) - F:\Program Files\BitSpirit\bsurl.htm O16 - DPF: {7623BE59-D4CF-4379-ABC4-B39E11854D66} (MabinogiWebAvatarRenderer Class) - http://avatarluoqi.tiancity.com/Modules/mabiweb.cab O16 - DPF: {DE2F5163-9E87-469F-A05B-4422B22A6688} (ClientTestOCX Control) - http://service.luoqi.com.cn/download/ClientTestOCX.ocx O17 - HKLM\System\CCS\Services\Tcpip\..\{306AFFB3-7E0C-4FBF-9C2E-457F27F77825}: NameServer = 61.152.82.18 202.96.209.6 O17 - HKLM\System\CS1\Services\Tcpip\..\{306AFFB3-7E0C-4FBF-9C2E-457F27F77825}: NameServer = 61.152.82.18 202.96.209.6 O18 - Protocol: dic - {C21F5C32-F57A-4A0D-8E0A-B672691C52D0} - C:\PROGRA~1\Kingsoft\POWERW~1\XDictExB.dll O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O21 - SSODL: DVDBurn - {790448C3-4239-45AF-C98B-367991A8B103} - C:\WINDOWS\Downloaded Program Files\AfxEdit.dll (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: host Service For Windows (mshosts) - Unknown owner - C:\WINDOWS\mshosts.exe (file missing) O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rfw\rfwsrv.exe O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - D:\Rising\Rav\CCenter.exe O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\Rising\Rav\Ravmond.exe
Maxwell2005 初生襁褓狮帖子:45 注册: 2006-01-20 来自:

Maxwell2005 初生襁褓狮帖子:45 注册: 2006-01-20 来自:	发表于： 2006-10-28 18:23 \| 显示全部短消息资料字号：小中大 3楼另外mshosts.exe 这个FIX了再扫还是有,手动安照路径却找不到(我钩掉了隐藏后找的),奇怪.
Maxwell2005 初生襁褓狮帖子:45 注册: 2006-01-20 来自:

Maxwell2005 初生襁褓狮帖子:45 注册: 2006-01-20 来自:	发表于： 2006-10-28 18:46 \| 显示全部短消息资料字号：小中大 4楼呵呵,这样就可以了吗?
Maxwell2005 初生襁褓狮帖子:45 注册: 2006-01-20 来自:

Maxwell2005 初生襁褓狮帖子:45 注册: 2006-01-20 来自:	发表于： 2006-10-29 19:29 \| 显示全部短消息资料字号：小中大 5楼不行,还是有病毒啊!
Maxwell2005 初生襁褓狮帖子:45 注册: 2006-01-20 来自:

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT