【求助】发现病毒杀不掉,谁来帮帮我 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛【求助】发现病毒杀不掉,谁来帮帮我

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

12

2 / 2 页

跳转页

【求助】发现病毒杀不掉,谁来帮帮我

七七宝初生襁褓狮帖子:12 注册: 2007-08-24 来自:	发表于： 2007-08-24 23:30 \| 短消息资料字号：小中大 11楼 [C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4543] [C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9] [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9] [C:\Program Files\WinRAR\rarext.dll] [N/A, ] [E:\费尔\Twshlext.dll] [Filseclab Corp., 2, 0, 1, 988] [E:\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5] [C:\windows\system32\Audiodev.dll] [Microsoft Corporation, 5.2.3790.3646 built by: DNSRV(bld4act)] [PID: 1620 / SYSTEM][C:\windows\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1728 / SYSTEM][E:\RISING\RAV\RavStub.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 4] [E:\RISING\RAV\RsCommX.dll] [rising, 18, 0, 0, 1] [E:\RISING\RAV\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5] [E:\应用软件程序\mmsk\ProcessHook.dll] [Fygsoft and Microsoft, 1.1.0.102] [E:\应用软件程序\mmsk\Filehook.dll] [Fygsoft and Microsoft, 2.1.0.1] [PID: 968 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: DNSRV(bld4act)] [PID: 1920 / LOCAL SERVICE][C:\windows\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 2036 / Acer][C:\Program Files\Synaptics\SynTP\SynTPEnh.exe] [Synaptics, Inc., 8.3.0 28Apr06] [C:\WINDOWS\system32\SynCOM.dll] [Synaptics, Inc., 8.3.0 28Apr06] [C:\windows\system32\SynTPAPI.dll] [Synaptics, Inc., 8.3.0 28Apr06] [E:\Rising\kk\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10] [PID: 2044 / Acer][E:\Rising\Rav\RavTask.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9] [E:\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5] [E:\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2] [E:\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13] [E:\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1] [E:\Rising\kk\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10] [PID: 160 / Acer][E:\Rising\Rav\Ravmon.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 45] [E:\Rising\Rav\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33] [E:\Rising\Rav\BWList.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10] [E:\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2] [E:\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13] [E:\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5] [E:\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1] [E:\Rising\Rav\RsXML.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2] [E:\Rising\Rav\PngDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5] [E:\Rising\kk\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10] [PID: 192 / Acer][E:\Rising\kk\runiep.exe] [Beijing Rising Technology Co., Ltd., 4.0.0.18] [E:\Rising\kk\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10] [PID: 2056 / Acer][E:\费尔\twister.exe] [Filseclab Corporation, 7, 0, 5, 21981] [E:\费尔\Twshlext.DLL] [Filseclab Corp., 2, 0, 1, 988] [E:\费尔\Quarantine.dll] [Filseclab Corp., 2, 0, 0, 581] [E:\费尔\W32Tools.dll] [Filseclab Corp., 1, 0, 2, 1772] [E:\费尔\virsubm.dll] [Filseclab Corp., 2, 0, 2, 496] [E:\费尔\psmgr.dll] [Filseclab Corp., 1, 0, 1, 1071] [E:\费尔\zipexp.dll] [Filseclab Corp., 1, 0, 1, 164] [E:\费尔\emlib.dll] [Filseclab Corp., 1, 0, 2, 1250] [E:\费尔\ctools.dll] [Filseclab Corp., 1, 0, 0, 19] [E:\费尔\Regpro.dll] [Filseclab Corp., 2, 0, 1, 1236] [E:\费尔\twsupdate.dll] [Filseclab Corp., 1, 0, 1, 499] [E:\费尔\FAPIConv.dll] [Filseclab Corp., 1, 0, 0, 45] [E:\费尔\mdcoder.dll] [Filseclab Corp., 1, 0, 0, 21] [E:\费尔\Schedule.dll] [Filseclab Corp., 1, 0, 1, 32] [E:\费尔\lsf.dll] [Filseclab Corp., 1, 0, 1, 286] [E:\费尔\falgorit.dll] [Filseclab Corp., 1, 0, 0, 446] [E:\费尔\message.dll] [Filseclab Corp., 1, 0, 1, 1598] [E:\费尔\fgui.dll] [Filseclab Corp., 1, 0, 1, 128] [E:\费尔\kdf.dll] [Filseclab Corp., 1, 0, 3, 1019] [E:\费尔\Decexp.dll] [Filseclab Corp., 2, 0, 2, 1940] [E:\费尔\Unchm.dll] [Filseclab Corp., 1, 0, 2, 114] [E:\费尔\unrar.dll] [N/A, ] [E:\费尔\unemb.dll] [Filseclab Corp., 2, 0, 2, 528] [E:\费尔\unsevzip.dll] [Filseclab Corp., 1, 0, 1, 95] [E:\费尔\unmisc.dll] [Filseclab Corp., 1, 0, 1, 211] [E:\费尔\AntiRK.dll] [Filseclab Corporation, 2, 0, 0, 2239] [E:\费尔\filvss.dll] [Filseclab Corporation, 2, 0, 0, 823] [E:\费尔\tsc.dll] [Filseclab Corp., 1, 0, 1, 71] [E:\费尔\filau.dll] [Filseclab, 1, 0, 0, 10] [E:\费尔\unzip32.dll] [Info-ZIP, 5.52] [E:\费尔\unacev2.dll] [N/A, ] [E:\费尔\filvss.cn] [Filseclab Corporation, 2, 0, 0, 824] [E:\费尔\AntiRK.cn] [Filseclab Corporation, 2, 0, 0, 2240] [E:\费尔\plus.dll] [Filseclab Corporation, 2.0.502.1050] [E:\Rising\kk\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10] [C:\windows\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9] [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9] [C:\windows\system32\Audiodev.dll] [Microsoft Corporation, 5.2.3790.3646 built by: DNSRV(bld4act)] [PID: 2088 / Acer][C:\windows\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [E:\Rising\kk\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10] [PID: 2096 / Acer][E:\应用软件程序\jj\jj4\jiajiasr.exe] [加加工作组, 4, 1, 0, 47] [E:\Rising\kk\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10] [PID: 2352 / Acer][E:\应用软件程序\绿鹰PC万能精灵\svchost.exe] [绿鹰网络, ] [E:\Rising\kk\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10] [PID: 2392 / Acer][C:\Program Files\Common Files\Filseclab\FilMsg.exe] [费尔安全实验室, 4, 0, 3, 999] [C:\Program Files\Common Files\Filseclab\twsupdate.dll] [Filseclab Corp., 1, 0, 1, 497] [C:\Program Files\Common Files\Filseclab\W32Tools.dll] [Filseclab Corp., 1, 0, 2, 1642] [C:\Program Files\Common Files\Filseclab\FAPIConv.dll] [Filseclab Corp., 1, 0, 0, 45] [C:\Program Files\Common Files\Filseclab\mdcoder.dll] [Filseclab Corp., 1, 0, 0, 21] [E:\Rising\kk\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10] [PID: 2708 / Acer][E:\Rising\Rising\Rfw\rfwmain.exe] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 72] [E:\Rising\Rising\Rfw\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33] [E:\应用软件程序\mmsk\ProcessHook.dll] [Fygsoft and Microsoft, 1.1.0.102] [E:\应用软件程序\mmsk\Filehook.dll] [Fygsoft and Microsoft, 2.1.0.1] [E:\Rising\Rising\Rfw\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5] [E:\Rising\Rising\Rfw\RfwCtrl.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11] [E:\Rising\Rising\Rfw\RsXML.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2] [E:\Rising\Rising\Rfw\PngDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5] [E:\Rising\kk\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10] [E:\Rising\Rising\Rfw\PSAPI.DLL] [Microsoft Corporation, 4.00] [PID: 2948 / SYSTEM][e:\rising\rising\rfw\rfwsrv.exe] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 35] [E:\应用软件程序\mmsk\ProcessHook.dll] [Fygsoft and Microsoft, 1.1.0.102] [E:\应用软件程序\mmsk\Filehook.dll] [Fygsoft and Microsoft, 2.1.0.1] [e:\rising\rising\rfw\RfwRule.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 3] [e:\rising\rising\rfw\rfwlog.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 2] [e:\rising\rising\rfw\Rfwdrv.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 10] [e:\rising\rising\rfw\psapi.dll] [Microsoft Corporation, 4.00] [e:\rising\rising\rfw\MonDrv.dll] [rs, 1, 0, 0, 4] [e:\rising\rising\rfw\ProcLib.dll] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 5] [e:\rising\rising\rfw\mPorts.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3] [PID: 3112 / Acer][E:\应用软件程序\WangWang\WangWang.exe] [阿里巴巴软件(上海)有限公司, 5, 5, 0, 2] [E:\应用软件程序\WangWang\AliViewCtrl.dll] [ 阿里巴巴软件(上海)有限公司, 1, 0, 0, 2] [E:\应用软件程序\WangWang\VLNetwork.dll] [阿里巴巴软件(上海)有限公司, 1, 0, 0, 6] [E:\应用软件程序\WangWang\MFC80.DLL] [Microsoft Corporation, 8.00.50727.762] [E:\应用软件程序\WangWang\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762] [E:\应用软件程序\WangWang\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.762] [E:\应用软件程序\WangWang\AliViewMedia.dll] [ 阿里巴巴软件(上海)有限公司, 1, 0, 0, 2] [E:\应用软件程序\WangWang\VideoCap.dll] [ 阿里巴巴软件(上海)有限公司, 1, 0, 0, 4] [E:\应用软件程序\WangWang\VLAudio.dll] [ 阿里巴巴软件(上海)有限公司, 1, 0, 0, 5] [E:\应用软件程序\WangWang\JsmShow.dll] [ 阿里巴巴软件(上海)有限公司, 1, 0, 0, 4] [E:\应用软件程序\WangWang\AliSkin.dll] [阿里巴巴软件(上海)有限公司, 1.0.0.1] [E:\应用软件程序\WangWang\PngLib.dll] [阿里巴巴软件(上海)有限公司, 1, 0, 0, 1] [E:\应用软件程序\WangWang\zlib.dll] [, 1.2.3] [E:\应用软件程序\WangWang\ww_network.dll] [阿里巴巴软件(上海)有限公司, 1, 0, 2, 2] [E:\应用软件程序\WangWang\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.762] [E:\应用软件程序\WangWang\Ali_Res.DLL] [N/A, ] [E:\Rising\kk\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10] [E:\应用软件程序\WangWang\WangWangX4.dll] [阿里巴巴软件(上海)有限公司, 1, 0, 0, 1] [E:\应用软件程序\WangWang\RICHED32.DLL] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [E:\应用软件程序\WangWang\RICHED20.dll] [Microsoft Corporation, 5.30.23.1221] [E:\应用软件程序\WangWang\RichOne.dll] [阿里巴巴软件(上海)有限公司, 1.0.0.1] [E:\应用软件程序\WangWang\TBProgress.dll] [阿里巴巴软件(上海)有限公司, 1.0.0.1] [E:\应用软件程序\WangWang\MessageNotify.dll] [, 1, 0, 0, 1] [E:\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4] [C:\windows\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\windows\system32\msdmo.dll] [, ] [C:\windows\system32\PYJJ4.IME] [加加工作组, 4, 1, 0, 48]
七七宝初生襁褓狮帖子:12 注册: 2007-08-24 来自:

七七宝初生襁褓狮帖子:12 注册: 2007-08-24 来自:	发表于： 2007-08-24 23:30 \| 短消息资料字号：小中大 12楼 [PID: 1392 / Acer][C:\Program Files\Tencent\TT\TTraveler.exe] [腾讯公司, 3, 3, 200, 290] [C:\Program Files\Tencent\TT\Plugins\QQFloatBar\QQFloatBar4TT2.dll] [腾讯公司, 1, 1, 0, 5] [C:\Program Files\Tencent\TT\Plugins\TWeather\TWeather.dll] [, 1, 0, 0, 3] [E:\Rising\kk\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10] [C:\Program Files\Tencent\TT\TTNetFavor.dll] [N/A, ] [E:\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4] [E:\应用软件程序\WangWang\WangWangX4.dll] [阿里巴巴软件(上海)有限公司, 1, 0, 0, 1] [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0] [C:\windows\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [PID: 920 / Acer][C:\windows\system32\conime.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [E:\Rising\kk\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10] [PID: 2604 / Acer][C:\Program Files\Thunder Network\Thunder\Program\Thunder5.exe] [Thunder Networking Technologies,LTD, 5, 5, 6, 274] [C:\Program Files\Thunder Network\Thunder\Program\TaskManager.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 14] [C:\Program Files\Thunder Network\Thunder\Program\download_interface.dll] [Thunder Networking Technologies,LTD, 2, 12, 2, 56] [C:\Program Files\Thunder Network\Thunder\Program\asyn_dns.dll] [Thunder Networking Technologies,LTD, 2, 12, 2, 56] [C:\Program Files\Thunder Network\Thunder\Program\iTargetAD.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 16] [C:\Program Files\Thunder Network\Thunder\Program\BHOStub.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 8] [E:\Rising\kk\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10] [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0] [C:\windows\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\Program Files\Thunder Network\Thunder\Components\DiagnoseHelper\DiagnoseHelper.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 10] [C:\Program Files\Thunder Network\Thunder\Components\PortVerify\PortVerify.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 1] [C:\Program Files\Thunder Network\Thunder\Components\ExplorerHelper\ExplorerHelper.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 1] [C:\Program Files\Thunder Network\Thunder\Components\DTAG\DTAG.dll] [Thunder Networking Technologies,LTD, 1, 1, 0, 2] [C:\Program Files\Thunder Network\Thunder\Components\DTAG\ExtractMediaTag.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 1] [C:\Program Files\Thunder Network\Thunder\Program\LiveUpdate.dll] [, 1, 0, 1, 17] [C:\Program Files\Thunder Network\Thunder\Components\InMedia\iEmbedShell.dll] [　, 1, 0, 0, 15] [E:\应用软件程序\web迅雷\InMedia\iEmbed10.dll] [　, 3, 3, 1, 83] [C:\Program Files\Thunder Network\Thunder\Components\Community\XLCommunity.dll] [Thunder Networking Technologies,LTD, 1, 0, 4, 15] [C:\Program Files\Thunder Network\Thunder\Program\RegisterDll.dll] [Thunder Networking Technologies,LTD, 2, 2, 1, 43] [C:\Program Files\Thunder Network\Thunder\Components\Search\XLSearch.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 7] [C:\Program Files\Thunder Network\Thunder\Components\P4PClient\P4PClient.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 14] [C:\Program Files\Thunder Network\Thunder\Components\VPSHELL\VPSHELL.dll] [, 1, 1, 0, 4] [C:\Program Files\Thunder Network\Thunder\Components\VPSHELL\VideoPicture.dll] [XunLei, 1, 1, 0, 4] [C:\Program Files\Thunder Network\Thunder\Components\Tips\TipsClient.dll] [Thunder Networking Technologies,LTD, 2, 1, 1, 50] [E:\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4] [C:\Program Files\Thunder Network\Thunder\Plugins\BhoAdv\bho_adv.dll] [深圳市迅雷网络技术有限公司, 1.0.1.0] [C:\Program Files\Thunder Network\Thunder\Components\P4PClient\GZipDll.dll] [N/A, ] [PID: 2228 / Acer][C:\DOCUME~1\Acer\LOCALS~1\Temp\Rar$EX00.937\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900] [E:\Rising\kk\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10] [C:\DOCUME~1\Acer\LOCALS~1\Temp\Rar$EX00.937\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15] ================================== 文件关联 .TXT Error. [Notepad.exe %1] .EXE OK. ["%1" %] .COM OK. ["%1" %] .PIF OK. ["%1" %] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %] .SCR OK. ["%1" /S] .CHM Error. ["hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] .INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .LNK OK. [{00021401-0000-0000-C000-000000000046}]
七七宝初生襁褓狮帖子:12 注册: 2007-08-24 来自:

七七宝初生襁褓狮帖子:12 注册: 2007-08-24 来自:	发表于： 2007-08-24 23:30 \| 短消息资料字号：小中大 13楼 ================================== Winsock 提供者 N/A ================================== Autorun.inf N/A ================================== HOSTS 文件 127.0.0.1 localhost ================================== 进程特权扫描特殊特权被允许： SeLoadDriverPrivilege [PID = 1728, E:\RISING\RAV\RAVSTUB.EXE] 特殊特权被允许： SeSystemtimePrivilege [PID = 1728, E:\RISING\RAV\RAVSTUB.EXE] 特殊特权被允许： SeSystemtimePrivilege [PID = 192, E:\RISING\KK\RUNIEP.EXE] 特殊特权被允许： SeDebugPrivilege [PID = 192, E:\RISING\KK\RUNIEP.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 192, E:\RISING\KK\RUNIEP.EXE] 特殊特权被允许： SeSystemtimePrivilege [PID = 2056, E:\费尔\TWISTER.EXE] 特殊特权被允许： SeDebugPrivilege [PID = 2056, E:\费尔\TWISTER.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2056, E:\费尔\TWISTER.EXE] 特殊特权被允许： SeSystemtimePrivilege [PID = 2096, E:\应用软件程序\JJ\JJ4\JIAJIASR.EXE] 特殊特权被允许： SeDebugPrivilege [PID = 2096, E:\应用软件程序\JJ\JJ4\JIAJIASR.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2096, E:\应用软件程序\JJ\JJ4\JIAJIASR.EXE] 特殊特权被允许： SeSystemtimePrivilege [PID = 2352, E:\应用软件程序\绿鹰PC万能精灵\SVCHOST.EXE] 特殊特权被允许： SeDebugPrivilege [PID = 2352, E:\应用软件程序\绿鹰PC万能精灵\SVCHOST.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2352, E:\应用软件程序\绿鹰PC万能精灵\SVCHOST.EXE] 特殊特权被允许： SeSystemtimePrivilege [PID = 2392, C:\PROGRAM FILES\COMMON FILES\FILSECLAB\FILMSG.EXE] 特殊特权被允许： SeDebugPrivilege [PID = 2392, C:\PROGRAM FILES\COMMON FILES\FILSECLAB\FILMSG.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2392, C:\PROGRAM FILES\COMMON FILES\FILSECLAB\FILMSG.EXE] 特殊特权被允许： SeSystemtimePrivilege [PID = 2708, E:\RISING\RISING\RFW\RFWMAIN.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2708, E:\RISING\RISING\RFW\RFWMAIN.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2948, E:\RISING\RISING\RFW\RFWSRV.EXE] 特殊特权被允许： SeSystemtimePrivilege [PID = 2948, E:\RISING\RISING\RFW\RFWSRV.EXE] 特殊特权被允许： SeSystemtimePrivilege [PID = 3112, E:\应用软件程序\WANGWANG\WANGWANG.EXE] 特殊特权被允许： SeDebugPrivilege [PID = 3112, E:\应用软件程序\WANGWANG\WANGWANG.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 3112, E:\应用软件程序\WANGWANG\WANGWANG.EXE] 特殊特权被允许： SeSystemtimePrivilege [PID = 1392, C:\PROGRAM FILES\TENCENT\TT\TTRAVELER.EXE] 特殊特权被允许： SeDebugPrivilege [PID = 1392, C:\PROGRAM FILES\TENCENT\TT\TTRAVELER.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 1392, C:\PROGRAM FILES\TENCENT\TT\TTRAVELER.EXE] 特殊特权被允许： SeSystemtimePrivilege [PID = 2604, C:\PROGRAM FILES\THUNDER NETWORK\THUNDER\PROGRAM\THUNDER5.EXE] 特殊特权被允许： SeDebugPrivilege [PID = 2604, C:\PROGRAM FILES\THUNDER NETWORK\THUNDER\PROGRAM\THUNDER5.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2604, C:\PROGRAM FILES\THUNDER NETWORK\THUNDER\PROGRAM\THUNDER5.EXE] ================================== API HOOK 入口点错误：FreeLibrary (危险等级: 高, 被下面模块所HOOK: 0x7170002D) ================================== 隐藏进程 N/A ================================== [/CODE]
七七宝初生襁褓狮帖子:12 注册: 2007-08-24 来自:

七七宝初生襁褓狮帖子:12 注册: 2007-08-24 来自:	发表于： 2007-08-24 23:32 \| 短消息资料字号：小中大 14楼版主，已经照你说的都复制上来了～就拜托你帮俺看看了～我现在杀毒软件都堆了一堆了～
七七宝初生襁褓狮帖子:12 注册: 2007-08-24 来自:

毒害惨了初生襁褓狮帖子:2 注册: 2007-08-23 来自:	发表于： 2007-08-25 11:15 \| 只看楼主短消息资料字号：小中大 15楼版主我和他中的是一样的毒我还需要发下我的报告吗?
毒害惨了初生襁褓狮帖子:2 注册: 2007-08-23 来自:

newcenturymoon 社区嘉宾帖子:15158 注册: 2005-08-03 来自:	发表于： 2007-08-25 11:18 \| 短消息资料字号：小中大 16楼安全模式下(开机后不断按F8键然后出来一个高级菜单选择第一项安全模式进入系统) 打开sreng （就是你扫日志的软件） “启动项目”-“服务”-“Win32服务应用程序”中点“隐藏经认证的微软项目”，选中以下项目，点“删除服务”，再点“设置”，在弹出的框中点“否”： 3926639E / 3926639E 双击我的电脑，工具，文件夹选项，查看，单击选取"显示隐藏文件或文件夹" 并清除"隐藏受保护的操作系统文件（推荐）"前面的钩。在提示确定更改时，单击“是” 然后确定点击菜单栏下方的文件夹按钮（搜索右边的按钮）从左边的资源管理器进入C盘删除如下文件C:\windows\system32\FD244EA3.EXE
newcenturymoon 社区嘉宾帖子:15158 注册: 2005-08-03 来自:

小keoоО 初生襁褓狮帖子:37 注册: 2007-05-30 来自:	发表于： 2007-08-25 11:56 \| 短消息资料字号：小中大 17楼真没办法就系统还原下
小keoоО 初生襁褓狮帖子:37 注册: 2007-05-30 来自:

<<上一主题|下一主题>>

12

2 / 2 页

跳转页

页面顶部

Powered by Discuz!NT