病毒终于被消灭，感谢反病毒论坛的朋友们 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛病毒终于被消灭，感谢反病毒论坛的朋友们

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

2 / 3 页

跳转页

病毒终于被消灭，感谢反病毒论坛的朋友们

天依梦儿初生襁褓狮帖子:14 注册: 2007-04-09 来自:	发表于： 2007-04-10 14:35 \| 只看楼主短消息资料字号：小中大 11楼驱动程序 [Service for Avance AC97 Audio (WDM) / ALCXWDM][Running/Manual Start] <system32\drivers\ALCXWDM.SYS><Avance Logic, Inc.> [Rising TDI Base Driver / BaseTDI][Running/Auto Start] <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.> [bootdrv / bootdrv][Stopped/Boot Start] <\SystemRoot\System32\Drivers\bootdrv.sys><N/A> [ExpScaner / ExpScaner][Running/Auto Start] <\??\D:\金山独霸\Rising\Rav\ExpScan.sys><> [VIA Rhine Family Fast Ethernet Adapter Driver / FETNDIS][Running/Manual Start] <system32\DRIVERS\fetnd5b.sys><VIA Technologies, Inc.> [HookCont / HookCont][Running/Auto Start] <\??\D:\金山独霸\Rising\Rav\HOOKCONT.sys><Rising> [HookReg / HookReg][Running/Auto Start] <\??\D:\金山独霸\Rising\Rav\HookReg.sys><> [HookSys / HookSys][Running/Auto Start] <\??\D:\金山独霸\Rising\Rav\HookSys.sys><Rising> [HookUrl / HookUrl][Stopped/Auto Start] <\??\D:\瑞星防火墙\Rising\Rfw\HookUrl.sys><N/A> [iahbjhhc / iahbjhhc][Running/Boot Start] <\SystemRoot\system32\drivers\iahbjhhc.sys><中国互联网络信息中心(CNNIC)> [kmsinput / kmsinput][Stopped/Manual Start] <\??\C:\WINDOWS\system32\drivers\kmsinput.sys><N/A> [MEMSCAN / MEMSCAN][Running/Auto Start] <\??\D:\金山独霸\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司> [mProcRs / mProcRs][Stopped/Auto Start] <\??\d:\瑞星防火墙\rising\rfw\mProcRs.sys><N/A> [Ndis4815 / Ndis4815][Running/Boot Start] <\SystemRoot\system32\Drivers\pn4815.sys><360Safe> [npkcrypt / npkcrypt][Stopped/Auto Start] <\??\E:\各种插件\各种插件\qq\npkcrypt.sys><N/A> [nv / nv][Running/Manual Start] <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation> [PnpWmkDrv / PnpWmkDrv][Running/System Start] <\??\C:\WINDOWS\system32\drivers\PnpWmkDrv.sys><N/A> [Direct Parallel Link Driver / Ptilink][Running/Manual Start] <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.> [PxHelp20 / PxHelp20][Running/Boot Start] <\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions> [RsFwDrv / RsFwDrv][Stopped/Auto Start] <\??\D:\瑞星防火墙\Rising\Rfw\RsFwDrv.sys><N/A> [RsNTGDI / RsNTGDI][Running/Boot Start] <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.> [RSPPSYS / RSPPSYS][Running/Auto Start] <\??\D:\金山独霸\Rising\Rav\RSPPSYS.sys><Rising> [Secdrv / Secdrv][Stopped/Manual Start] <system32\DRIVERS\secdrv.sys><N/A> [SKNFW / SKNFW][Running/System Start] <\??\C:\WINDOWS\system32\Drivers\SKNFW.sys><N/A> [SkyProcs / SkyProcs][Running/Manual Start] <\??\D:\防火墙\FIREWALL\SkyProcs.sys><N/A> [SVKP / SVKP][Running/Auto Start] <\??\C:\WINDOWS\system32\SVKP.sys><AntiCracking> [ViaIde / ViaIde][Running/Boot Start] <\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation> [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start] <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation> [Windows Driver Foundation - User-mode Driver Framework Platform Driver / WudfPf][Stopped/Manual Start] <system32\DRIVERS\WudfPf.sys><Microsoft Corporation> [Windows Driver Foundation - User-mode Driver Framework Reflector / WudfRd][Stopped/Manual Start] <system32\DRIVERS\wudfrd.sys><Microsoft Corporation> [XPROTECTOR / XPROTECTOR][Running/Auto Start] <\??\C:\WINDOWS\system32\drivers\Xprotector.sys><N/A> [VIMICRO USB PC Camera / ZSMC301b][Stopped/Manual Start] <System32\Drivers\usbVM31b.sys><VM> [AVG Anti-Spyware Clean Driver / AvgAsCln][Stopped/System Start] <System32\DRIVERS\AvgAsCln.sys><GRISOFT, s.r.o.> 浏览器加载项 [QQCycloneHelper Class] {00000000-12C9-4305-82F9-43058F20E8D2} <C:\Program Files\Tencent\QQDownload\QQIEHelper01.dll, N/A> [新浪UC] {2253922F-1B26-4C74-8B57-E3AEE748DBB8} <D:\uc\uc.exe, 北京新浪信息技术有限公司> [QQ] {c95fe080-8f5d-11d2-a20b-00aa003c157b} <E:\各种插件\各种插件\qq\QQ.EXE, TENCENT> [Filetran Control] {88734439-46D0-42C0-A13F-7E881EE550CF} <C:\WINDOWS\DOWNLO~1\filetran.ocx, Bluesky Studio(http://www.bluesky.cn)> [QQCycloneHelper Class] {00000000-12C9-4305-82F9-43058F20E8D2} <C:\Program Files\Tencent\QQDownload\QQIEHelper01.dll, N/A> [TencentVmpCtl Class] {D9819BD5-422B-4281-8523-726466ED692B} <C:\Program Files\Tencent\Viewpoint Media Player\AxMetaStream.dll, Viewpoint Corporation> [&使用迅雷下载] <D:\迅雷\Program\GetUrl.htm, N/A> [&使用迅雷下载全部链接] <D:\迅雷\Program\GetAllUrl.htm, N/A> [上传到QQ网络硬盘] <E:\各种插件\各种插件\qq\AddToNetDisk.htm, N/A> [添加到QQ自定义面板] <E:\各种插件\各种插件\qq\AddPanel.htm, N/A> [添加到QQ表情] <E:\各种插件\各种插件\qq\AddEmotion.htm, N/A> [用QQ彩信发送该图片] <E:\各种插件\各种插件\qq\SendMMS.htm, N/A>
天依梦儿初生襁褓狮帖子:14 注册: 2007-04-09 来自:

天依梦儿初生襁褓狮帖子:14 注册: 2007-04-09 来自:	发表于： 2007-04-10 14:38 \| 只看楼主短消息资料字号：小中大 12楼正在运行的进程 [PID: 548][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 612][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 636][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WINABCX.IME] [PKUETI, 5.22.216] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [PID: 680][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 692][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 868][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 932][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1060][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1584][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WINABCX.IME] [PKUETI, 5.22.216] [C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9] [D:\ewido木马查杀\AVG Anti-Spyware\shellexecutehook.dll] [Anti-Malware Development a.s., 7, 5, 0, 47] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [D:\金山独霸\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5] [E:\各种插件\各种插件\压缩\rarext.dll] [N/A, ] [C:\WINDOWS\system32\icm32.dll] [Microsoft Corporation, 5.1.2600.2709 (xpsp_sp2_gdr.050628-1518)] [D:\ewido木马查杀\AVG Anti-Spyware\context.dll] [Anti-Malware Development a.s., 7, 5, 0, 49] [C:\WINDOWS\system32\wpdshext.dll] [Microsoft Corporation, 5.2.5358.4827 (WMP_11.060509-2009)] [C:\WINDOWS\system32\PortableDeviceApi.dll] [Microsoft Corporation, 5.2.5358.4827 (WMP_11.060509-2009)] [C:\WINDOWS\system32\Audiodev.dll] [Microsoft Corporation, 5.2.5358.4827 (WMP_11.060509-2009)] [PID: 272][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\WINABCX.IME] [PKUETI, 5.22.216] [PID: 288][C:\WINDOWS\system32\SVCH0ST.exe] [N/A, ] [PID: 2556][D:\PS软件\Photoshop.exe] [Adobe Systems, Incorporated, 8.0.1 (8.0x125)] [D:\PS软件\UID.mr.dll] [Adobe Systems, Inc., 1, 1, 0, 0] [D:\PS软件\AWSCommonUI.dll] [Adobe Systems, Incorporated, 3.0.0.432] [D:\PS软件\AWSSCL.dll] [Adobe Systems, 4.0.0.34] [D:\PS软件\WebAccessUtils.dll] [Adobe Systems, Incorporated, 3.0.0.432] [D:\PS软件\BIBUtils.dll] [Adobe Systems Incorporated, 1.00.0] [D:\PS软件\Photoshop.dll] [, ] [D:\PS软件\PSViews.dll] [Adobe Systems, Incorporated, 8.0.1 (8.0x125)] [D:\PS软件\PSArt.dll] [Adobe Systems, Incorporated, 8.0.1 (8.0x125)] [C:\WINDOWS\system32\WINABCX.IME] [PKUETI, 5.22.216] [D:\PS软件\asn.er.dll] [Adobe Systems Incorporated, 1.51x3, EndUser, Release] [D:\PS软件\增效工具\扩展\FastCore.8BX] [Adobe Systems, Incorporated, 8.0.1 (8.0x126)] [D:\PS软件\PLUGIN.dll] [Adobe Systems, Incorporated, 8.0.1 (8.0x125)] [D:\PS软件\增效工具\扩展\MMXCore.8BX] [Adobe Systems, Incorporated, 8.0.1 (8.0x126)] [D:\PS软件\Required\ADMPlugin.apl] [Adobe Systems Incorporated, 2.84pe69a 02.06.17-00:03:36h] [D:\PS软件\Required\PNGIcons.apl] [Adobe Systems Incorporated, 1.21x7 2001.12.14-1602h.21s] [D:\PS软件\Required\ASDataStream.apl] [Adobe Systems Incorporated, 1.02x7 02.02.15-01:45:06h] [D:\PS软件\增效工具\解析程序\PDF 增效工具.8BI] [Adobe Systems, Incorporated, 8.0.1 (8.0x126)] [D:\PS软件\BIB.dll] [Adobe Systems Incorporated, 1.1.16] [D:\PS软件\JP2KLib.dll] [Adobe systems Incorporated, 1.0.28706] [D:\PS软件\增效工具\文件格式\Camera Raw.8BI] [Adobe Systems Incorporated, 2.0] [D:\PS软件\ACE.dll] [Adobe Systems Incorporated, 2.05.16] [D:\PS软件\AGM.dll] [Adobe Systems Incorporated, 4.12.36] [D:\PS软件\CoolType.dll] [Adobe Systems Incorporated, 4.14.20] [C:\WINDOWS\system32\ATMLIB.dll] [Adobe Systems, 5.1 Build 226] [D:\PS软件\AWSCommonSymbols.dll] [Adobe Systems, Incorporated, 3.0.0.432] [D:\PS软件\ARM.dll] [Adobe Systems, Incorporated, 3.0.0.432] [D:\PS软件\shfolder.dll] [Microsoft Corporation, 5.50.4027.300] [D:\PS软件\FileInfo.dll] [Adobe Systems, Incorporated, 3.0.0.432] [C:\WINDOWS\system32\wpdshext.dll] [Microsoft Corporation, 5.2.5358.4827 (WMP_11.060509-2009)] [C:\WINDOWS\system32\PortableDeviceApi.dll] [Microsoft Corporation, 5.2.5358.4827 (WMP_11.060509-2009)] [C:\WINDOWS\system32\Audiodev.dll] [Microsoft Corporation, 5.2.5358.4827 (WMP_11.060509-2009)] [D:\PS软件\增效工具\Adobe Photoshop Only\自动\脚本支持.8li] [Adobe Systems Incorporated, 8.0] [D:\PS软件\ExtendScriptIDE.dll] [Adobe Systems, Incorporated, 3.2.21] [D:\PS软件\ExtendScript.dll] [Adobe Systems, Incorporated, 3.2.21] [D:\PS软件\ScCore.dll] [Adobe Systems, Incorporated, 3.2.21] [D:\PS软件\MSVCP60.dll] [Microsoft Corporation, 6.00.8972.0] [D:\PS软件\Tw10122.dat] [Adobe Systems, Incorporated, 8.0.1 (8.0x125)] [PID: 2852][E:\各种插件\各种插件\遨游浏览器\Maxthon\Maxthon.exe] [Maxthon International Ltd., 1, 5, 9, 30] [E:\各种插件\各种插件\遨游浏览器\Maxthon\maxzlib.dll] [ , 1, 0, 0, 2] [C:\WINDOWS\system32\WINABCX.IME] [PKUETI, 5.22.216] [C:\WINDOWS\system32\odbcbcp.dll] [Microsoft Corporation, 2000.085.1117.00 (xpsp_sp2_rtm.040803-2158)] [E:\各种插件\各种插件\遨游浏览器\Maxthon\Services\RealTime\real_time.dll] [, 1, 0, 0, 1] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx] [Adobe Systems, Inc., 9,0,16,0] [C:\WINDOWS\system32\Macromed\Common\SwSupport.dll] [Macromedia, Inc., 8.5r321] [PID: 3972][E:\各种插件\各种软件\SREng.EXE] [Smallfrogs Studio, 2.4.12.806] [C:\WINDOWS\system32\WINABCX.IME] [PKUETI, 5.22.216] 这个就是用那个软件扫描出来的全部东西，希望您能帮看下，表示万分的感谢
天依梦儿初生襁褓狮帖子:14 注册: 2007-04-09 来自:

天依梦儿初生襁褓狮帖子:14 注册: 2007-04-09 来自:	发表于： 2007-04-10 15:29 \| 只看楼主短消息资料字号：小中大 13楼日志贴上来了，可怎么没人理呢，我只好不停的顶上去，天！问题多多，回复却少的可怜
天依梦儿初生襁褓狮帖子:14 注册: 2007-04-09 来自:

天依梦儿初生襁褓狮帖子:14 注册: 2007-04-09 来自:	发表于： 2007-04-10 17:14 \| 只看楼主短消息资料字号：小中大 14楼
天依梦儿初生襁褓狮帖子:14 注册: 2007-04-09 来自:

孤独更可靠锋芒艾服狮帖子:1788 注册: 2007-01-27 来自:	发表于： 2007-04-10 17:26 \| 短消息资料字号：小中大 15楼 <NMGameX_AutoRun><C:\WINDOWS\system32\Rundll32.exe NMGameX.dll,LiveProcess /aa> [NMGameX] 这个自己斟酌 [PnpWmkDrv / PnpWmkDrv][Running/System Start] <\??\C:\WINDOWS\system32\drivers\PnpWmkDrv.sys><N/A> 这个可以先设置为"已禁用" [PID: 288][C:\WINDOWS\system32\SVCH0ST.exe] [N/A, ] 这个注意,是svch0st.exe 删 SRENG操作方法: http://hi.baidu.com/%B9%C2%B6%C0%B8%FC%BF%C9%BF%BF/blog/item/9025a818a7592ab44aedbc05.html
孤独更可靠锋芒艾服狮帖子:1788 注册: 2007-01-27 来自:

郁闷24小时初生襁褓狮帖子:118 注册: 2006-12-06 来自:	发表于： 2007-04-10 17:28 \| 短消息资料字号：小中大 16楼我也是新手,不过我看到你里面怎么什么都装?没用的都卸了吧,建议装个 WINDOWS优化大师和卡卡先清理一下其他的让高手帮你吧
郁闷24小时初生襁褓狮帖子:118 注册: 2006-12-06 来自:

天依梦儿初生襁褓狮帖子:14 注册: 2007-04-09 来自:	发表于： 2007-04-10 17:40 \| 只看楼主短消息资料字号：小中大 17楼 [PID: 288][C:\WINDOWS\system32\SVCH0ST.exe] [N/A, ] 这个注意,是svch0st.exe 删我删不掉这个呀，不过还是谢谢您，其他的我该怎么斟酌？郁闷
天依梦儿初生襁褓狮帖子:14 注册: 2007-04-09 来自:

郁闷24小时初生襁褓狮帖子:118 注册: 2006-12-06 来自:	发表于： 2007-04-10 17:47 \| 短消息资料字号：小中大 18楼安全模式冰刃
郁闷24小时初生襁褓狮帖子:118 注册: 2006-12-06 来自:

天依梦儿初生襁褓狮帖子:14 注册: 2007-04-09 来自:	发表于： 2007-04-10 17:50 \| 只看楼主短消息资料字号：小中大 19楼谢谢您郁闷24小时，我已经郁闷48小时了
天依梦儿初生襁褓狮帖子:14 注册: 2007-04-09 来自:

郁闷24小时初生襁褓狮帖子:118 注册: 2006-12-06 来自:	发表于： 2007-04-10 17:59 \| 短消息资料字号：小中大 20楼好了没我努力学习呢
郁闷24小时初生襁褓狮帖子:118 注册: 2006-12-06 来自:

<<上一主题|下一主题>>

2 / 3 页

跳转页

页面顶部

Powered by Discuz!NT