rsgame133754 - 2012-5-2 23:11:00
瑞星也杀不了,杀了又自动生成,手动到systrm32/drivers/nsuzfeir删除文件,还是自动生成,晕倒,请高手帮忙,谢谢先
rsgame133754 - 2012-5-2 23:19:00
nsuzfeir瑞星杀不了,杀了后又自动生成,手动到system32/drivers里找到nsuzfeir删除文件后,也是自动生成,晕到,请高手帮帮忙杀了它,谢谢啦
天月来了 - 2012-5-3 8:38:00
扫描SRENG日志来看
并且那nsuzfeir就这文件名??还是后面还有扩展名???
rsgame133754 - 2012-5-3 13:40:00
天月版主,你好!
在文件夹里就是这个nsuzfeir名字,描述:TDI Wrapper Extesion,公司:Microsoft,文件:5.2.2.8,大小:15.2kb。在瑞星病毒隔离区、名称nsuzfeir.sys 、 原路径WINDOWS \system32\drivers、 病毒名称RootKit.Win32.Undef.cvt
我是个电脑菜鸟,有些知识不懂,别笑话哟,还是请费心看看,帮忙杀了这个病毒,谢谢
天月来了 - 2012-5-3 14:11:00
噢,是nsuzfeir.sys文件呀,将此文件压缩后发来看看呢
可能误报
rsgame133754 - 2012-5-3 14:29:00
天月来了 - 2012-5-3 15:55:00
将此文件改名后重启电脑看情况如何呢??
或者扫描SRENG日志来看看
rsgame133754 - 2012-5-3 23:00:00
改不了名字,瑞星直接杀,还是请版主看看日志吧
瑞星卡卡电脑诊断日志 v1.30 (2012-5-3 20:59:40) 北京瑞星信息技术有限公司
注释: [A]表示该文件存在自启动关联;
[M]表示该文件在内存中;
+ 注册表自运行项目
+ 系统服务
+ HKLM\System\CurrentControlSet\Services
AdobeFlashPlayerUpdateSvc
[A ] 1. c:\windows\system32\macromed\flash\flashplayerupdateservice.exe
DPSS
[AM] 2. c:\windows\system32\dpskpr.exe
GP_CLT_Service
[AM] 3. c:\windows\system32\gp_clt_service.exe
NVSvc
[AM] 4. c:\windows\system32\nvsvc32.exe
PsShutdownSvc
[A ] 5. c:\windows\system32\pssdnsvc.exe
RsMgrSvc
[AM] 6. c:\program files\rising\rsd\rsmgrsvc.exe
RsRavMon
[AM] 7. d:\瑞星\rising\rav\ravmond.exe
RsRFWMon
[AM] 8. c:\program files\rising\rfw\ravmond.exe
RsSafetyBoxMon
[A ] 9. d:\防火墙\rising\rfb\rssmond.exe
XLServicePlatform
[AM] 10. c:\program files\common files\thunder network\serviceplatform\xlsp.dll
+ 内核驱动
+ HKLM\System\CurrentControlSet\Services
ComputerZ
[A ] 11. d:\优化大师\ludashi\computerz.sys
cpuz135
[A ] 12. c:\docume~1\wj\locals~1\temp\cpuz135\cpuz135_x32.sys
HDAudBus
[A ] 13. c:\windows\system32\drivers\hdaudbus.sys
hooksys
[A ] 14. c:\windows\system32\drivers\hooksys.sys
HookTdi
[A ] 15. c:\windows\system32\drivers\hooktdi.sys
HyperVM
[A ] 16. c:\windows\system32\drivers\hvm.sys
IntcAzAudAddService
[A ] 17. c:\windows\system32\drivers\rtkhdaud.sys
L1e
[A ] 18. c:\windows\system32\drivers\l1e51x86.sys
LBeepKE
[A ] 19. c:\windows\system32\drivers\lbeepke.sys
LHidFilt
[A ] 20. c:\windows\system32\drivers\lhidfilt.sys
LMouFilt
[A ] 21. c:\windows\system32\drivers\lmoufilt.sys
LUsbFilt
[A ] 22. c:\windows\system32\drivers\lusbfilt.sys
MTsensor
[A ] 23. c:\windows\system32\drivers\asacpi.sys
mv61xx
[A ] 24. c:\windows\system32\drivers\mv61xx.sys
QqNetflpwControl
[A ] 25. c:\program files\common files\tencent\qqsafeguarder\qmnetflowxp.sys
rfwaf
[A ] 26. c:\program files\rising\rfw\rfwaf.sys
RFWARP
[A ] 27. c:\windows\system32\drivers\rfwarp.sys
RFWNDIS
[A ] 28. c:\windows\system32\drivers\rfwndis.sys
rfwtdi
[A ] 29. c:\program files\rising\rfw\rfwtdi.sys
rsdsys
[A ] 30. c:\windows\system32\drivers\protreg.sys
rsfwdrv
[A ] 31. c:\program files\rising\rfw\rsfwdrv.sys
RsProtect5
[A ] 32. c:\windows\system32\drivers\rsprotect.sys
Secdrv
[A ] 33. c:\windows\system32\drivers\secdrv.sys
SNPSTD3
[A ] 34. c:\windows\system32\drivers\snpstd3.sys
TCSafeBox
[A ] 35. c:\program files\common files\tencent\qqsafeguarder\tcsafebox.sys
TesSafe
[A ] 36. c:\windows\system32\tessafe.sys
Wdf01000
[A ] 37. c:\windows\system32\drivers\wdf01000.sys
+ 文件系统驱动
+ HKLM\System\CurrentControlSet\Services
exFat
[A ] 38. c:\windows\system32\drivers\exfat.sys
nsuzfeir
[A ] 39. c:\windows\system32\drivers\nsuzfeir.sys
+ IE浏览器加载模块
+ HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks
{CFBFAE00-17A6-11D0-99CB-00C04FD64497}
[AM] 40. c:\windows\system32\ieframe.dll
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
{0EA37B17-6B8B-4085-8257-F3A4AA69C27A}
[A ] 41. c:\program files\thunder network\thunder\bho\xlbrowseraddin1.0.6.69.dll
{889D2FEB-5411-4565-8998-1DD2C5261283}
[A ] 42. c:\program files\thunder network\thunder\bho\xunleibho7.2.5.3364.dll
{98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}
[A ] 43. c:\windows\system32\urlfilter.dll
+ HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions
Exec
[A ] 44. c:\program files\holdfast\platform 5.0\gameclient.exe
Exec
[A ] 45. c:\program files\china mobile\fetion\fetion.exe
Exec
[A ] 46. c:\windows\network diagnostic\xpnetdiag.exe
Exec
[A ] 47. c:\program files\messenger\msmsgs.exe
+ 资源管理器加载模块
+ HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}
[A ] 48. c:\windows\system32\ieudinit.exe
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
HyperTerminal Icon Ext
[A ] 49. c:\windows\system32\hticons.dll
IE Search Band
[AM] 40. c:\windows\system32\ieframe.dll
Shell DocObject Viewer
[AM] 40. c:\windows\system32\ieframe.dll
InternetShortcut
[AM] 40. c:\windows\system32\ieframe.dll
Microsoft Url History Service
[AM] 40. c:\windows\system32\ieframe.dll
History
[AM] 40. c:\windows\system32\ieframe.dll
Temporary Internet Files
[AM] 40. c:\windows\system32\ieframe.dll
Temporary Internet Files
[AM] 40. c:\windows\system32\ieframe.dll
Microsoft Url Search Hook
[AM] 40. c:\windows\system32\ieframe.dll
The Internet
[AM] 40. c:\windows\system32\ieframe.dll
Internet Name Space
[AM] 40. c:\windows\system32\ieframe.dll
NvCpl DesktopContext Class
[AM] 50. c:\windows\system32\nvcpl.dll
IE Microsoft BrowserBand
[AM] 40. c:\windows\system32\ieframe.dll
IE History and Feeds Shell Data Source for Windows Search
[AM] 40. c:\windows\system32\ieframe.dll
IE Fade Task
[AM] 40. c:\windows\system32\ieframe.dll
IE Menu Desk Bar
[AM] 40. c:\windows\system32\ieframe.dll
IE AutoComplete
[AM] 40. c:\windows\system32\ieframe.dll
IE Navigation Bar
[AM] 40. c:\windows\system32\ieframe.dll
IE Menu Site
[AM] 40. c:\windows\system32\ieframe.dll
IE Menu Band
[AM] 40. c:\windows\system32\ieframe.dll
IE Microsoft History AutoComplete List
[AM] 40. c:\windows\system32\ieframe.dll
IE Tracking Shell Menu
[AM] 40. c:\windows\system32\ieframe.dll
IE IShellFolderBand
[AM] 40. c:\windows\system32\ieframe.dll
IE BandProxy
[AM] 40. c:\windows\system32\ieframe.dll
Microsoft Web Browser
[AM] 40. c:\windows\system32\ieframe.dll
IE MRU AutoComplete List
[AM] 40. c:\windows\system32\ieframe.dll
IE RSS Feeder Folder
[AM] 40. c:\windows\system32\ieframe.dll
IE Microsoft Shell Folder AutoComplete List
[AM] 40. c:\windows\system32\ieframe.dll
IE Microsoft Multiple AutoComplete List Container
[AM] 40. c:\windows\system32\ieframe.dll
IE Shell Rebar BandSite
[AM] 40. c:\windows\system32\ieframe.dll
IE Shell Band Site Menu
[AM] 40. c:\windows\system32\ieframe.dll
&Links
[AM] 40. c:\windows\system32\ieframe.dll
IE Registry Tree Options Utility
[AM] 40. c:\windows\system32\ieframe.dll
IE Custom MRU AutoCompleted List
[AM] 40. c:\windows\system32\ieframe.dll
Play on my TV helper
[AM] 50. c:\windows\system32\nvcpl.dll
WinRAR shell extension
[AM] 51. d:\rar压缩\rarext.dll
+ 用户登陆自运行项目
+ HKCU\Software\Microsoft\Windows\CurrentVersion\Run
PPS Accelerator
[AM] 52. c:\program files\ppstream\ppsap.exe
+ HKLM\Software\Microsoft\Windows\CurrentVersion\Run
SafetyBox
[AM] 53. d:\防火墙\rising\rfb\safetybox.exe
RavTRAY
[AM] 54. d:\瑞星\rising\rav\rstray.exe
RFWTRAY
[AM] 55. c:\program files\rising\rfw\rstray.exe
runeip
[AM] 56. d:\瑞星卡卡\rstray.exe
+ 开机执行
+ HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
BootExecute
[A ] 57. c:\windows\system32\bsmain.exe
+ 映像劫持
+ HKCR\.html
TheWorldURL\open\Command
[A ] 58. d:\世界之窗浏览器\theworld.exe
+ HKCR\.htm
TheWorldURL\open\Command
[A ] 58. d:\世界之窗浏览器\theworld.exe
+ HKCR\.mp3
Audio.mp3\open\Command
[A ] 59. d:\千千静听\ttplayer.exe
Audio.mp3\PlayList\Command
[A ] 59. d:\千千静听\ttplayer.exe
+ 程序初始化和已知动态连接库
+ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
AppInit_DLLs
[AM] 60. c:\windows\system32\kmon.dll
+ 其他自启动项目
+ C:\WINDOWS\Tasks
WpsUpdateTask_wj.job
[A ] 61. c:\program files\kingsoft\wps office personal\office6\wpsupdate.exe
AliUpdater{45D478F4-34C6-4B57-9E08-B0E41CEF3B1E}.job
[A ] 62. d:\旺旺\alitask.exe
Adobe Flash Player Updater.job
[A ] 1. c:\windows\system32\macromed\flash\flashplayerupdateservice.exe
+ 正在运行的进程
+ 00000278(632) GP_CLT.exe
00400000[00010000]
[ M] 63. c:\windows\system32\gp_clt.exe
10000000[00029000]
[ M] 64. c:\windows\system32\gp_ifd.dll
00910000[00055000]
[ M] 65. c:\windows\system32\gp_cos.dll
00A40000[0013F000]
[ M] 66. c:\windows\system32\gp_res.dll
+ 000002ac(684) smss.exe
+ 000002e8(744) csrss.exe
+ 00000300(768) winlogon.exe
72C80000[00008000]
[ M] 67. c:\windows\system32\msacm32.drv
+ 0000032c(812) services.exe
46040000[0000F000]
[ M] 68. c:\windows\apppatch\acadproc.dll
+ 00000338(824) lsass.exe
+ 000003d0(976) nvsvc32.exe
00400000[0002D000]
[AM] 4. c:\windows\system32\nvsvc32.exe
00A00000[00114000]
[ M] 69. c:\windows\system32\nvapi.dll
00E30000[00038000]
[ M] 70. c:\windows\system32\nvrszhc.dll
+ 00000400(1024) svchost.exe
+ 0000046c(1132) svchost.exe
10000000[00072000]
[ M] 71. c:\windows\system32\tenlsp.dll
+ 00000498(1176) SafetyBox.exe
00400000[00088000]
[AM] 53. d:\防火墙\rising\rfb\safetybox.exe
10000000[00025000]
[ M] 72. d:\防火墙\rising\rfb\rsslogvw.dll
00490000[00090000]
[ M] 73. d:\防火墙\rising\rfb\rssdb.dll
23900000[00040000]
[ M] 74. d:\防火墙\rising\rfb\pngdll.dll
23700000[00023000]
[ M] 75. d:\防火墙\rising\rfb\rslang.dll
00B50000[0002D000]
[ M] 76. d:\防火墙\rising\rfb\comx3.dll
00B80000[00019000]
[ M] 77. d:\防火墙\rising\rfb\syslay.dll
26600000[00086000]
[ M] 78. d:\防火墙\rising\rfb\rsguilib.dll
00D50000[00032000]
[ M] 79. d:\防火墙\rising\rfb\combase.dll
23800000[00039000]
[ M] 80. d:\防火墙\rising\rfb\rsxml.dll
3EAB0000[001EB000]
[ M] 81. c:\windows\system32\iertutil.dll
01710000[00009000]
[ M] 82. c:\windows\system32\normaliz.dll
02A10000[0004F000]
[ M] 83. d:\防火墙\rising\rfb\rsmginfo.dll
02D90000[00072000]
[ M] 71. c:\windows\system32\tenlsp.dll
+ 000004b0(1200) RsMgrSvc.exe
00400000[00024000]
[AM] 6. c:\program files\rising\rsd\rsmgrsvc.exe
10000000[0002E000]
[ M] 84. c:\program files\rising\rsd\comx3.dll
003E0000[00019000]
[ M] 85. c:\program files\rising\rsd\syslay.dll
+ 000004c0(1216) RavMonD.exe
00400000[00029000]
[AM] 7. d:\瑞星\rising\rav\ravmond.exe
10000000[00039000]
[ M] 86. d:\瑞星\rising\rav\combase.dll
003E0000[00009000]
[ M] 82. c:\windows\system32\normaliz.dll
3EAB0000[001EB000]
[ M] 81. c:\windows\system32\iertutil.dll
01290000[0004B000]
[ M] 87. d:\瑞星\rising\rav\rsconf.dll
012F0000[00017000]
[ M] 88. d:\瑞星\rising\rav\scansrvp.dll
01320000[00086000]
[ M] 89. d:\瑞星\rising\rav\cnt09.dll
013C0000[00019000]
[ M] 90. d:\瑞星\rising\rav\moncomm.dll
01540000[0001C000]
[ M] 91. d:\瑞星\rising\rav\monbase.dll
01570000[00081000]
[ M] 92. d:\瑞星\rising\rav\rslog.dll
01620000[00029000]
[ M] 93. d:\瑞星\rising\rav\rsstore.dll
01DB0000[0001A000]
[ M] 94. d:\瑞星\rising\rav\mondrvd.dll
01DE0000[00034000]
[ M] 95. d:\瑞星\rising\rav\defmon.dll
01E30000[00010000]
[ M] 96. d:\瑞星\rising\rav\moncom08.dll
01F50000[00018000]
[ M] 97. d:\瑞星\rising\rav\taskplug.dll
02080000[00010000]
[ M] 98. d:\瑞星\rising\rav\mondrvm.dll
020A0000[0007F000]
[ M] 99. d:\瑞星\rising\rav\monrule.dll
02140000[00028000]
[ M] 100. d:\瑞星\rising\rav\filemon.dll
02180000[00030000]
[ M] 101. d:\瑞星\rising\rav\mailmon.dll
021F0000[00084000]
[ M] 102. d:\瑞星\rising\rav\rsindent.dll
02680000[0001D000]
[ M] 103. d:\瑞星\rising\rav\cnt08.dll
028A0000[00019000]
[ M] 104. d:\瑞星\rising\rav\proccomm.dll
02DF0000[0002E000]
[ M] 105. d:\瑞星\rising\rav\comx3.dll
02E20000[00019000]
[ M] 106. d:\瑞星\rising\rav\syslay.dll
00F70000[00020000]
[ M] 107. d:\瑞星\rising\rav\hooksys.dll
01020000[0001F000]
[ M] 108. d:\瑞星\rising\rav\proccom.dll
01040000[00024000]
[ M] 109. d:\瑞星\rising\rav\rscommx2.dll
01420000[0002A000]
[ M] 110. d:\瑞星\rising\rav\rstask.dll
014E0000[00018000]
[ M] 111. d:\瑞星\rising\rav\rsstub.dll
23700000[00023000]
[ M] 112. d:\瑞星\rising\rav\rslang.dll
03810000[0000D000]
[ M] 113. d:\瑞星\rising\rav\hooktdi.dll
03940000[0008F000]
[ M] 114. d:\瑞星\rising\rav\bacore.dll
039F0000[00081000]
[ M] 115. d:\瑞星\rising\rav\rsnetsvr.dll
03DC0000[00016000]
[ M] 116. d:\瑞星\rising\rav\bawhite.dll
03FF0000[0001C000]
[ M] 117. d:\瑞星\rising\rav\scanadd.dll
04020000[00047000]
[ M] 118. d:\瑞星\rising\rav\scanner.dll
04080000[0003A000]
[ M] 119. d:\瑞星\rising\rav\recomp.dll
040D0000[00039000]
[ M] 120. d:\瑞星\rising\rav\refs.dll
04120000[00034000]
[ M] 121. d:\瑞星\rising\rav\viruslib.dll
04170000[00029000]
[ M] 122. d:\瑞星\rising\rav\relibldr.dll
05980000[00072000]
[ M] 71. c:\windows\system32\tenlsp.dll
061B0000[00019000]
[ M] 123. d:\瑞星\rising\rav\scansrv.dll
06760000[00073000]
[ M] 124. d:\瑞星\rising\rav\scanpe.dll
09360000[0002D000]
[ M] 125. d:\瑞星\rising\rav\pearc.dll
09500000[000CA000]
[ M] 126. d:\瑞星\rising\rav\vmicore.dll
0A240000[0005B000]
[ M] 127. d:\瑞星\rising\rav\engext.dll
09FD0000[00032000]
[ M] 128. d:\瑞星\rising\rav\ffr.dll
0A020000[00026000]
[ M] 129. d:\瑞星\rising\rav\nvfile.dll
13AB0000[00049000]
[ M] 130. d:\瑞星\rising\rav\scanexec.dll
0AF20000[00297000]
[ M] 131. d:\瑞星\rising\rav\unexe.dll
0B400000[000D2000]
[ M] 132. d:\瑞星\rising\rav\scanex.dll
0A1C0000[00010000]
[ M] 133. d:\瑞星\rising\rav\scantj.dll
0D0B0000[0001D000]
[ M] 134. d:\瑞星\rising\rav\extsfx.dll
0D110000[00023000]
[ M] 135. d:\瑞星\rising\rav\scansct.dll
00EA0000[00017000]
[ M] 136. d:\瑞星\rising\rav\ur029.dat
0FFA0000[0002A000]
[ M] 137. d:\瑞星\rising\rav\posttrt.dll
0FB90000[000F9000]
[ M] 138. d:\瑞星\rising\rav\extarch.dll
11EC0000[00061000]
[ M] 139. d:\瑞星\rising\rav\extcomp.dll
139E0000[0003A000]
[ M] 140. d:\瑞星\rising\rav\extmail.dll
+ 000004d8(1240) rstray.exe
00400000[00023000]
[AM] 56. d:\瑞星卡卡\rstray.exe
10000000[00044000]
[ M] 141. d:\瑞星卡卡\rsmginfo.dll
00910000[00009000]
[ M] 82. c:\windows\system32\normaliz.dll
3EAB0000[001EB000]
[ M] 81. c:\windows\system32\iertutil.dll
23800000[00022000]
[ M] 142. d:\瑞星卡卡\rsxml.dll
7C3A0000[0007B000]
[ M] 143. d:\瑞星卡卡\msvcp71.dll
7C340000[00056000]
[ M] 144. d:\瑞星卡卡\msvcr71.dll
00CE0000[00024000]
[ M] 145. d:\瑞星卡卡\comserv.dll
00D10000[00019000]
[ M] 146. d:\瑞星卡卡\syslay.dll
23700000[00026000]
[ M] 147. d:\瑞星卡卡\rscommon.dll
00D50000[0002D000]
[ M] 148. d:\瑞星卡卡\comx3.dll
23900000[00040000]
[ M] 149. d:\瑞星卡卡\pngdll.dll
00F60000[00068000]
[ M] 150. d:\瑞星卡卡\runiep.dll
00FD0000[00034000]
[ M] 151. d:\瑞星卡卡\ncomm.dll
01030000[0001F000]
[ M] 108. d:\瑞星\rising\rav\proccom.dll
01050000[00024000]
[ M] 152. d:\瑞星卡卡\rscommx2.dll
01DD0000[000C1000]
[ M] 153. d:\瑞星卡卡\pscan.dll
7C140000[00103000]
[ M] 154. d:\瑞星卡卡\mfc71.dll
02DF0000[00072000]
[ M] 71. c:\windows\system32\tenlsp.dll
+ 000004f8(1272) RavMonD.exe
00400000[00029000]
[AM] 8. c:\program files\rising\rfw\ravmond.exe
10000000[00039000]
[ M] 155. c:\program files\rising\rfw\combase.dll
003E0000[00009000]
[ M] 82. c:\windows\system32\normaliz.dll
3EAB0000[001EB000]
[ M] 81. c:\windows\system32\iertutil.dll
01B70000[00086000]
[ M] 156. c:\program files\rising\rfw\cnt09.dll
012A0000[0001C000]
[ M] 157. c:\program files\rising\rfw\monbase.dll
01C00000[00019000]
[ M] 158. c:\program files\rising\rfw\moncomm.dll
01C30000[0004B000]
[ M] 159. c:\program files\rising\rfw\rsconf.dll
01C90000[00085000]
[ M] 160. c:\program files\rising\rfw\rfwlog.dll
01D40000[0000C000]
[ M] 161. c:\program files\rising\rfw\rfwrule.dll
7C3A0000[0007B000]
[ M] 162. c:\windows\system32\msvcp71.dll
rsgame133754 - 2012-5-3 23:00:00
7C340000[00056000]
[ M] 163. c:\windows\system32\msvcr71.dll
01D60000[00061000]
[ M] 164. c:\program files\rising\rfw\rfwsrv.dll
01DD0000[00019000]
[ M] 165. c:\program files\rising\rfw\syslay.dll
01ED0000[0001B000]
[ M] 166. c:\program files\rising\rfw\mports.dll
01F00000[00011000]
[ M] 167. c:\program files\rising\rfw\rfwdrvc.dll
02430000[000B6000]
[ M] 168. c:\program files\rising\rfw\fishweb.dll
024F0000[00084000]
[ M] 169. c:\program files\rising\rfw\rsindent.dll
02590000[00018000]
[ M] 170. c:\program files\rising\rfw\taskplug.dll
025C0000[00012000]
[ M] 171. c:\program files\rising\rfw\rfwpgdef.dll
02B00000[00019000]
[ M] 172. c:\program files\rising\rfw\proccomm.dll
02E30000[0002E000]
[ M] 173. c:\program files\rising\rfw\comx3.dll
02FA0000[00012000]
[ M] 174. c:\program files\rising\rfw\rfwdrv.dll
03300000[00014000]
[ M] 175. c:\program files\rising\rfw\urlrule.dll
03530000[0003A000]
[ M] 176. c:\program files\rising\rfw\recomp.dll
03580000[00039000]
[ M] 177. c:\program files\rising\rfw\refs.dll
037E0000[00034000]
[ M] 178. c:\program files\rising\rfw\viruslib.dll
03830000[00029000]
[ M] 179. c:\program files\rising\rfw\relibldr.dll
038B0000[0004E000]
[ M] 180. c:\program files\rising\rfw\rfwproxy.dll
03910000[00072000]
[ M] 71. c:\windows\system32\tenlsp.dll
23700000[00023000]
[ M] 181. c:\program files\rising\rfw\rslang.dll
04400000[0001B000]
[ M] 182. c:\program files\rising\rfw\fwfish.dll
04440000[0003A000]
[ M] 183. c:\program files\rising\rfw\fwcomp.dll
04490000[00039000]
[ M] 184. c:\program files\rising\rfw\fwfs.dll
046F0000[00034000]
[ M] 185. c:\program files\rising\rfw\fwvirlib.dll
04740000[00029000]
[ M] 186. c:\program files\rising\rfw\fwlibldr.dll
074A0000[0002A000]
[ M] 187. c:\program files\rising\rfw\rstask.dll
07A20000[00018000]
[ M] 188. c:\program files\rising\rfw\rsstub.dll
00F70000[0000E000]
[ M] 189. c:\program files\rising\rfw\urllib.dll
+ 0000050c(1292) svchost.exe
10000000[00072000]
[ M] 71. c:\windows\system32\tenlsp.dll
01950000[00009000]
[ M] 82. c:\windows\system32\normaliz.dll
3EAB0000[001EB000]
[ M] 81. c:\windows\system32\iertutil.dll
+ 00000530(1328) RSTRAY.EXE
00400000[0002C000]
[AM] 54. d:\瑞星\rising\rav\rstray.exe
10000000[00037000]
[ M] 190. d:\瑞星\rising\rav\comserv.dll
3EAB0000[001EB000]
[ M] 81. c:\windows\system32\iertutil.dll
23700000[00023000]
[ M] 112. d:\瑞星\rising\rav\rslang.dll
00BC0000[0002E000]
[ M] 105. d:\瑞星\rising\rav\comx3.dll
00BF0000[00019000]
[ M] 106. d:\瑞星\rising\rav\syslay.dll
00D80000[00019000]
[ M] 104. d:\瑞星\rising\rav\proccomm.dll
23800000[00039000]
[ M] 191. d:\瑞星\rising\rav\rsxml.dll
00FC0000[00014000]
[ M] 192. d:\瑞星\rising\rav\monstate.dll
00FF0000[00016000]
[ M] 193. d:\瑞星\rising\rav\scanevnt.dll
26600000[0007B000]
[ M] 194. d:\瑞星\rising\rav\rsguilib.dll
01030000[0004B000]
[ M] 87. d:\瑞星\rising\rav\rsconf.dll
01090000[00024000]
[ M] 195. d:\瑞星\rising\rav\rspalvd.dll
010D0000[0007D000]
[ M] 196. d:\瑞星\rising\rav\mruleui.dll
01160000[000D6000]
[ M] 197. d:\瑞星\rising\rav\montray.dll
012D0000[0004F000]
[ M] 198. d:\瑞星\rising\rav\rsmginfo.dll
01320000[00009000]
[ M] 82. c:\windows\system32\normaliz.dll
01370000[00013000]
[ M] 199. d:\瑞星\rising\rav\usbserv.dll
01390000[0003A000]
[ M] 200. d:\瑞星\rising\rav\scantray.dll
23900000[00040000]
[ M] 201. d:\瑞星\rising\rav\pngdll.dll
3ECA0000[00A96000]
[AM] 40. c:\windows\system32\ieframe.dll
02610000[000BA000]
[ M] 202. d:\瑞星\rising\rav\dfw.dll
027E0000[00087000]
[ M] 203. d:\瑞星\rising\rav\scanprxy.dll
02BC0000[00038000]
[ M] 204. d:\瑞星\rising\rav\gcompt.dll
02880000[0001F000]
[ M] 205. d:\瑞星\rising\rav\isol.dll
02C10000[00029000]
[ M] 93. d:\瑞星\rising\rav\rsstore.dll
03CD0000[00072000]
[ M] 71. c:\windows\system32\tenlsp.dll
+ 00000548(1352) RSTRAY.EXE
00400000[0002C000]
[AM] 55. c:\program files\rising\rfw\rstray.exe
10000000[00037000]
[ M] 206. c:\program files\rising\rfw\comserv.dll
3EAB0000[001EB000]
[ M] 81. c:\windows\system32\iertutil.dll
23700000[00023000]
[ M] 181. c:\program files\rising\rfw\rslang.dll
00B70000[0002E000]
[ M] 173. c:\program files\rising\rfw\comx3.dll
00BA0000[00019000]
[ M] 165. c:\program files\rising\rfw\syslay.dll
00D80000[00019000]
[ M] 172. c:\program files\rising\rfw\proccomm.dll
23800000[00039000]
[ M] 207. c:\program files\rising\rfw\rsxml.dll
00FC0000[00014000]
[ M] 208. c:\program files\rising\rfw\monstate.dll
00FF0000[0000C000]
[ M] 161. c:\program files\rising\rfw\rfwrule.dll
7C3A0000[0007B000]
[ M] 162. c:\windows\system32\msvcp71.dll
7C340000[00056000]
[ M] 163. c:\windows\system32\msvcr71.dll
01010000[0004B000]
[ M] 159. c:\program files\rising\rfw\rsconf.dll
01070000[00024000]
[ M] 209. c:\program files\rising\rfw\rspalvd.dll
26600000[0007B000]
[ M] 210. c:\program files\rising\rfw\rsguilib.dll
010C0000[00081000]
[ M] 211. c:\program files\rising\rfw\rsnetsvr.dll
01160000[0004F000]
[ M] 212. c:\program files\rising\rfw\rsmginfo.dll
011B0000[00009000]
[ M] 82. c:\windows\system32\normaliz.dll
011E0000[000DC000]
[ M] 213. c:\program files\rising\rfw\rfwtray.dll
018E0000[00085000]
[ M] 160. c:\program files\rising\rfw\rfwlog.dll
23900000[00040000]
[ M] 214. c:\program files\rising\rfw\pngdll.dll
3ECA0000[00A96000]
[AM] 40. c:\windows\system32\ieframe.dll
03550000[00072000]
[ M] 71. c:\windows\system32\tenlsp.dll
+ 00000554(1364) svchost.exe
10000000[00072000]
[ M] 71. c:\windows\system32\tenlsp.dll
+ 00000574(1396) ctfmon.exe
+ 00000590(1424) ppsap.exe
00400000[00038000]
[AM] 52. c:\program files\ppstream\ppsap.exe
00380000[00009000]
[ M] 82. c:\windows\system32\normaliz.dll
3EAB0000[001EB000]
[ M] 81. c:\windows\system32\iertutil.dll
10000000[00072000]
[ M] 71. c:\windows\system32\tenlsp.dll
16000000[0019B000]
[ M] 215. c:\program files\ppstream\vodnet.dll
22000000[00017000]
[ M] 216. c:\program files\ppstream\ppsmb.dll
2F000000[000CA000]
[ M] 217. c:\program files\ppstream\vodres.dll
+ 000005a4(1444) dpskpr.exe
00400000[00010000]
[AM] 2. c:\windows\system32\dpskpr.exe
10000000[00020000]
[ M] 218. c:\windows\system32\dpssvc.dll
003A0000[00009000]
[ M] 82. c:\windows\system32\normaliz.dll
3EAB0000[001EB000]
[ M] 81. c:\windows\system32\iertutil.dll
01100000[00072000]
[ M] 71. c:\windows\system32\tenlsp.dll
+ 00000618(1560) svchost.exe
10000000[00072000]
[ M] 71. c:\windows\system32\tenlsp.dll
+ 000006fc(1788) GP_CLT_Service.exe
00400000[00031000]
[AM] 3. c:\windows\system32\gp_clt_service.exe
+ 00000724(1828) Explorer.EXE
00400000[00009000]
[ M] 82. c:\windows\system32\normaliz.dll
3EAB0000[001EB000]
[ M] 81. c:\windows\system32\iertutil.dll
3ECA0000[00A96000]
[AM] 40. c:\windows\system32\ieframe.dll
72C80000[00008000]
[ M] 67. c:\windows\system32\msacm32.drv
10000000[00072000]
[ M] 71. c:\windows\system32\tenlsp.dll
039B0000[0001C000]
[ M] 219. d:\瑞星\rising\rav\ravscrch.dll
7C3A0000[0007B000]
[ M] 162. c:\windows\system32\msvcp71.dll
7C340000[00056000]
[ M] 163. c:\windows\system32\msvcr71.dll
04270000[0093F000]
[ M] 220. c:\windows\system32\macromed\flash\flash32_11_2_202_233.ocx
47060000[00021000]
[ M] 221. c:\windows\system32\xmllite.dll
43EE0000[00040000]
[ M] 222. c:\program files\internet explorer\ieproxy.dll
053B0000[00034000]
[AM] 51. d:\rar压缩\rarext.dll
09D70000[0003D000]
[ M] 223. c:\windows\system32\ravext.dll
0EAE0000[00D38000]
[AM] 50. c:\windows\system32\nvcpl.dll
05B40000[00038000]
[ M] 70. c:\windows\system32\nvrszhc.dll
0C710000[00114000]
[ M] 69. c:\windows\system32\nvapi.dll
+ 000007a0(1952) svchost.exe
+ 000007c8(1992) svchost.exe
25070000[00014000]
[AM] 10. c:\program files\common files\thunder network\serviceplatform\xlsp.dll
7C3C0000[0007C000]
[ M] 224. c:\program files\common files\thunder network\serviceplatform\msvcp71.dll
7C360000[00056000]
[ M] 225. c:\program files\common files\thunder network\serviceplatform\msvcr71.dll
217E0000[0004E000]
[ M] 226. c:\program files\common files\thunder network\serviceplatform\xlbughandler.dll
25050000[00010000]
[ M] 227. c:\program files\common files\thunder network\serviceplatform\xldocser.dll
10000000[00072000]
[ M] 71. c:\windows\system32\tenlsp.dll
+ 00000870(2160) alg.exe
10000000[00072000]
[ M] 71. c:\windows\system32\tenlsp.dll
+ 000009a0(2464) svchost.exe
+ 00000eb8(3768) knownsvr.exe
00400000[00072000]
[ M] 228. d:\瑞星卡卡\knownsvr.exe
10000000[00034000]
[ M] 151. d:\瑞星卡卡\ncomm.dll
00390000[00009000]
[ M] 82. c:\windows\system32\normaliz.dll
3EAB0000[001EB000]
[ M] 81. c:\windows\system32\iertutil.dll
60000000[00074000]
[AM] 60. c:\windows\system32\kmon.dll
00BD0000[0002D000]
[ M] 148. d:\瑞星卡卡\comx3.dll
00C00000[00019000]
[ M] 146. d:\瑞星卡卡\syslay.dll
+ 00000ec8(3784) popwndexe.exe
00400000[00021000]
[ M] 229. c:\program files\rising\rsd\popwndexe.exe
10000000[0007C000]
[ M] 230. c:\program files\rising\rsd\rsdk.dll
00990000[00055000]
[ M] 231. c:\program files\rising\rsd\rsmginfo.dll
00A00000[00009000]
[ M] 82. c:\windows\system32\normaliz.dll
3EAB0000[001EB000]
[ M] 81. c:\windows\system32\iertutil.dll
01FB0000[00072000]
[ M] 71. c:\windows\system32\tenlsp.dll
+ 00000fb4(4020) ras.exe
00400000[0000B000]
[ M] 232. d:\瑞星卡卡\ras.exe
7C140000[00103000]
[ M] 154. d:\瑞星卡卡\mfc71.dll
7C340000[00056000]
[ M] 144. d:\瑞星卡卡\msvcr71.dll
60000000[00074000]
[AM] 60. c:\windows\system32\kmon.dll
3EAB0000[001EB000]
[ M] 81. c:\windows\system32\iertutil.dll
10000000[00047000]
[ M] 233. d:\瑞星卡卡\kakamgr.dll
7C3A0000[0007B000]
[ M] 143. d:\瑞星卡卡\msvcp71.dll
00A40000[00019000]
[ M] 146. d:\瑞星卡卡\syslay.dll
00A70000[0001F000]
[ M] 108. d:\瑞星\rising\rav\proccom.dll
00A90000[00024000]
[ M] 152. d:\瑞星卡卡\rscommx2.dll
00BE0000[0002D000]
[ M] 148. d:\瑞星卡卡\comx3.dll
00D50000[00058000]
[ M] 234. d:\瑞星卡卡\dbmgr.dll
23800000[00022000]
[ M] 142. d:\瑞星卡卡\rsxml.dll
00EB0000[0002D000]
[ M] 235. d:\瑞星卡卡\pweb.dll
00F20000[000C1000]
[ M] 153. d:\瑞星卡卡\pscan.dll
00FF0000[00009000]
[ M] 82. c:\windows\system32\normaliz.dll
01000000[00034000]
[ M] 151. d:\瑞星卡卡\ncomm.dll
01280000[00070000]
[ M] 236. d:\瑞星卡卡\pset.dll
012F0000[0002A000]
[ M] 237. d:\瑞星卡卡\pdefend.dll
01320000[000B6000]
[ M] 238. d:\瑞星卡卡\ptools.dll
014E0000[0008D000]
[ M] 239. d:\瑞星卡卡\psysinfo.dll
3ECA0000[00A96000]
[AM] 40. c:\windows\system32\ieframe.dll
23900000[00040000]
[ M] 149. d:\瑞星卡卡\pngdll.dll
03000000[00072000]
[ M] 71. c:\windows\system32\tenlsp.dll
03710000[0001C000]
[ M] 219. d:\瑞星\rising\rav\ravscrch.dll
03E80000[0093F000]
[ M] 220. c:\windows\system32\macromed\flash\flash32_11_2_202_233.ocx
天月来了 - 2012-5-4 8:41:00
要SRENG日志,你给的不是SRENG日志
置顶的工具贴内自己去找SRENG工具去
瑞星工程师12 - 2012-5-4 11:23:00
样本已收集反馈。
瑞星工程师12 - 2012-5-4 11:29:00
nsuzfeir.sys 确认是病毒。
© 2000 - 2024 Rising Corp. Ltd.