RavMonD.exe这个进程是不是病毒？ - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛 RavMonD.exe这个进程是不是病毒？

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

RavMonD.exe这个进程是不是病毒？

joewen 初生襁褓狮帖子:17 注册: 2006-10-24 来自:	发表于： 2006-10-31 12:08 \| 显示全部短消息资料字号：小中大 1楼 RavMonD.exe这个进程是不是病毒？ RavMonD.exe这个进程是不是病毒？前几天看到RavMonE.exe这个病毒，今天查了查，发现进程里有RavMonD.exe，这个是病毒的变种吗？ 2006-10-31 20:02:52
joewen 初生襁褓狮帖子:17 注册: 2006-10-24 来自:	分享到：

joewen 初生襁褓狮帖子:17 注册: 2006-10-24 来自:	发表于： 2006-10-31 13:03 \| 显示全部短消息资料字号：小中大 2楼哦，那就好
joewen 初生襁褓狮帖子:17 注册: 2006-10-24 来自:

joewen 初生襁褓狮帖子:17 注册: 2006-10-24 来自:	发表于： 2006-10-31 15:22 \| 显示全部短消息资料字号：小中大 3楼晕，到底是什么？有明白的人没
joewen 初生襁褓狮帖子:17 注册: 2006-10-24 来自:

joewen 初生襁褓狮帖子:17 注册: 2006-10-24 来自:	发表于： 2006-10-31 17:17 \| 显示全部短消息资料字号：小中大 4楼索性来一把看看，当前运行的进程： C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Rising\Rav\CCenter.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE c:\program files\rising\rfw\rfwsrv.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\rising\rfw\RfwMain.exe E:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Apoint2K\Apoint.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe E:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\Apoint2K\Apntex.exe C:\WINDOWS\system32\conime.exe C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe C:\Program Files\Rising\Rav\RavTask.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\MICROS~2\wcescomm.exe C:\PROGRA~1\MICROS~2\rapimgr.exe C:\Program Files\HPQ\shared\hpqwmi.exe C:\Program Files\Google\Google Talk\googletalk.exe f:\Program Files\Thunder Network\Thunder\Program\Thunder5.exe E:\Program Files\Tencent\QQ\QQ.exe e:\Program Files\Tencent\QQ\TIMPlatform.exe C:\Program Files\Rising\Rav\Ravmond.exe C:\Program Files\Rising\Rav\RAVMON.EXE C:\Program Files\Rising\Rav\RavStub.exe E:\Program Files\ScanSoft\PDF Professional 4.0\bin\PDFPlus.exe E:\Program Files\ScanSoft\PDF Professional 4.0\PdfPro4Hook.exe E:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\WINDOWS\system32\taskmgr.exe d:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\ltt919\LOCALS~1\Temp\Rar$EX00.985\HijackThis1991zww.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - (no file) O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - e:\Program Files\Tencent\QQ\QQIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - f:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll O2 - BHO: ACA Capture - {93C69D87-A11D-4FFC-BC56-BE7EE0D235BA} - E:\Program Files\SuperCapturePro\scap003p.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - IE工具栏增项: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - IE工具栏增项: BitComet工具栏 - {3F1ABCDB-A875-46c1-8345-B72A4567E486} - e:\Program Files\BitComet\BitCometBar\BitCometBar0.6.dll O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - 启动项HKLM\\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - 启动项HKLM\\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray O4 - 启动项HKLM\\Run: [AGRSMMSG] AGRSMMSG.exe O4 - 启动项HKLM\\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - 启动项HKLM\\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - 启动项HKLM\\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - 启动项HKLM\\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload O4 - 启动项HKLM\\Run: [Acrobat Assistant 7.0] "E:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - 启动项HKLM\\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start O4 - 启动项HKLM\\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - 启动项HKLM\\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup O4 - 启动项HKLM\\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe O4 - 启动项HKLM\\Run: [StormCodec_Helper] "e:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti O4 - 启动项HKLM\\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system O4 - 启动项HKLM\\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - 启动项HKLM\\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - 启动项HKLM\\Run: [PDF4 Registry Controller] "E:\Program Files\ScanSoft\PDF Professional 4.0\\RegistryController.exe" O4 - 启动项HKLM\\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - 启动项HKLM\\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - 启动项HKLM\\Run: [ScanSoft PDF Professional 4-reminder] "E:\Program Files\ScanSoft\PDF Professional 4.0\Ereg\ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PDF Professional\4\Ereg\ereg.ini" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MICROS~2\wcescomm.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O15 - “受信任的站点”中添加项: http://office.microsoft.com O17 - HKLM\System\CCS\Services\Tcpip\..\{FEA52FE0-86A9-471D-842C-F2BB7CCBBC30}: NameServer = 218.108.245.157 218.108.248.219 O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - NT 服务: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - NT 服务: BlueSoleil Hid Service - Unknown owner - E:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - NT 服务: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\shared\hpqwmi.exe O23 - NT 服务: Rising Proxy Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe O23 - NT 服务: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe O23 - NT 服务: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
joewen 初生襁褓狮帖子:17 注册: 2006-10-24 来自:

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT