瑞星卡卡安全论坛

首页 » 个人产品讨论区 » 瑞星杀毒软件 » 瑞星杀毒软件2011 » 瑞星不能安装,不能启动
jimmy浩南 - 2008-4-12 1:32:00
本人在用电脑时突然关机自动重启,然后瑞星就不见了,显示文件被损坏用什么chkdsk来修复,并且在桌面上也找不到瑞星杀毒软件了,但是瑞星防火墙能正常运行及升级。我就准备重新安装,但是在安装途中也被显示损坏文件(附图),我在瑞星的安装目录里面找到一个文件夹,发现那个文件里面有36G的文件(附图),但我C盘总共才20G。我想用系统还原也不行了,想在安全模式下运行安装也不行。我也用了SREngPS.EXE扫描和瑞星听诊器,现将这些文件发给你们,你们帮我想下办法,谢谢!!
未知家族病毒分析
扫描结果:
无可疑文件


系统活动进程
C:\WINDOWS\SYSTEM32\NVSVC32.EXE
C:\WINDOWS\SYSTEM32\NVAPI.DLL
C:\DOCUME~1\JIMMY\LOCALS~1\TEMP\RSV1A.TMP

C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\DOCUME~1\JIMMY\LOCALS~1\TEMP\RSV1A.TMP

C:\WINDOWS\SYSTEM32\WSCNTFY.EXE
C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL
C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL
C:\DOCUME~1\JIMMY\LOCALS~1\TEMP\RSV1A.TMP

C:\WINDOWS\SYSTEM32\SMSS.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL
C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL
C:\DOCUME~1\JIMMY\LOCALS~1\TEMP\RSV1A.TMP

C:\WINDOWS\SYSTEM32\WINLOGON.EXE
C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL
C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL
C:\WINDOWS\SYSTEM32\MSACM32.DRV
C:\DOCUME~1\JIMMY\LOCALS~1\TEMP\RSV1A.TMP

C:\WINDOWS\SYSTEM32\SERVICES.EXE
C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL
C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL
C:\DOCUME~1\JIMMY\LOCALS~1\TEMP\RSV1A.TMP

C:\WINDOWS\SYSTEM32\LSASS.EXE
C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL
C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL
C:\DOCUME~1\JIMMY\LOCALS~1\TEMP\RSV1A.TMP

C:\WINDOWS\SYSTEM32\TASKMGR.EXE
C:\DOCUME~1\JIMMY\LOCALS~1\TEMP\RSV1A.TMP
C:\PROGRAM FILES\360SAFE\SAFEMON\SAFEMON.DLL

C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL
C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL
C:\DOCUME~1\JIMMY\LOCALS~1\TEMP\RSV1A.TMP

C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL
C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL
C:\DOCUME~1\JIMMY\LOCALS~1\TEMP\RSV1A.TMP

C:\WINDOWS\SYSTEM32\ALG.EXE
C:\DOCUME~1\JIMMY\LOCALS~1\TEMP\RSV1A.TMP

C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL
C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL
C:\WINDOWS\SYSTEM32\WUPS2.DLL
C:\DOCUME~1\JIMMY\LOCALS~1\TEMP\RSV1A.TMP

C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL
C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL
C:\DOCUME~1\JIMMY\LOCALS~1\TEMP\RSV1A.TMP

C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL
C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL
C:\DOCUME~1\JIMMY\LOCALS~1\TEMP\RSV1A.TMP

RSHIDE
C:\WINDOWS\SYSTEM32\MFC71.DLL
C:\WINDOWS\SYSTEM32\MSVCR71.DLL
C:\WINDOWS\SYSTEM32\MSVCP71.DLL
C:\PROGRAM FILES\RISING\RFW\PROCCOM.DLL
C:\PROGRAM FILES\RISING\RFW\RSCOMMX2.DLL
C:\PROGRAM FILES\RISING\RFW\RSAPPMGR.DLL
C:\PROGRAM FILES\RISING\RFW\CFGDLL.DLL
C:\PROGRAM FILES\RISING\RFW\RFWRULE.DLL
C:\PROGRAM FILES\RISING\RFW\RFWLOG.DLL
C:\PROGRAM FILES\RISING\RFW\RFWDRV.DLL
C:\PROGRAM FILES\RISING\RFW\IJT_CTRL.DLL
C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL
C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL
C:\PROGRAM FILES\RISING\RFW\UNVDET.DLL
C:\PROGRAM FILES\RISING\RFW\MPORTS.DLL
C:\DOCUME~1\JIMMY\LOCALS~1\TEMP\RSV1A.TMP

C:\PROGRAM FILES\RISING\RFW\RFWPROXY.EXE
C:\WINDOWS\SYSTEM32\MFC71.DLL
C:\WINDOWS\SYSTEM32\MSVCR71.DLL
C:\PROGRAM FILES\RISING\RFW\PROCCOM.DLL
C:\PROGRAM FILES\RISING\RFW\RSCOMMX2.DLL
C:\PROGRAM FILES\RISING\RFW\RFWRULE.DLL
C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL
C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL
C:\PROGRAM FILES\RISING\RFW\MONMID.DLL
C:\DOCUME~1\JIMMY\LOCALS~1\TEMP\RSV1A.TMP

C:\PROGRAM FILES\RISING\RFW\RFWSTUB.EXE
C:\WINDOWS\SYSTEM32\MSVCP71.DLL
C:\WINDOWS\SYSTEM32\MSVCR71.DLL
C:\PROGRAM FILES\RISING\RFW\RSCOMMON.DLL
C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL
C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL
C:\DOCUME~1\JIMMY\LOCALS~1\TEMP\RSV1A.TMP

C:\WINDOWS\SYSTEM32\CTFMON.EXE
C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL
C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL
C:\DOCUME~1\JIMMY\LOCALS~1\TEMP\RSV1A.TMP

C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL
C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL
C:\PROGRAM FILES\COMMON FILES\ADOBE\ACROBAT\ACTIVEX\PDFSHELL.DLL
C:\PROGRAM FILES\COMMON FILES\ADOBE\ACROBAT\ACTIVEX\PDFSHELL.CHS
C:\PROGRAM FILES\360SAFE\SAFEMON\SAFEMON.DLL
C:\WINDOWS\SYSTEM32\NVCPL.DLL
C:\WINDOWS\SYSTEM32\MSACM32.DRV
C:\WINDOWS\SYSTEM32\NVAPI.DLL
C:\WINDOWS\SYSTEM32\NVSHELL.DLL
C:\DOCUME~1\JIMMY\LOCALS~1\TEMP\RSV1A.TMP

C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL
C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL
C:\WINDOWS\SYSTEM32\HPBMMON.DLL
C:\WINDOWS\SYSTEM32\HPPAMON0.DLL
C:\WINDOWS\SYSTEM32\HPDOMON.DLL
C:\WINDOWS\SYSTEM32\HPBHEALR.DLL
C:\WINDOWS\SYSTEM32\SPOOL\PRTPROCS\W32X86\IMFPRINT.DLL
C:\WINDOWS\SYSTEM32\IMF32.DLL
C:\WINDOWS\SYSTEM32\ZTAG32.DLL
C:\WINDOWS\SYSTEM32\ZSPOOL.DLL
C:\DOCUME~1\JIMMY\LOCALS~1\TEMP\RSV1A.TMP

RSHIDE
C:\WINDOWS\SYSTEM32\MFC71.DLL
C:\WINDOWS\SYSTEM32\MSVCR71.DLL
C:\WINDOWS\SYSTEM32\MSVCP71.DLL
C:\PROGRAM FILES\RISING\RFW\RSGUILIB.DLL
C:\PROGRAM FILES\RISING\RFW\PROCCOM.DLL
C:\PROGRAM FILES\RISING\RFW\RSCOMMX2.DLL
C:\PROGRAM FILES\RISING\RFW\RSAPPMGR.DLL
C:\PROGRAM FILES\RISING\RFW\CFGDLL.DLL
C:\PROGRAM FILES\RISING\RFW\RSCOMMON.DLL
C:\PROGRAM FILES\RISING\RFW\RFWCTRL.DLL
C:\PROGRAM FILES\RISING\RFW\RSXML.DLL
C:\PROGRAM FILES\RISING\RFW\PNGDLL.DLL
C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL
C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL
C:\PROGRAM FILES\RISING\RFW\RFWRULE.DLL
C:\PROGRAM FILES\360SAFE\SAFEMON\SAFEMON.DLL
C:\DOCUME~1\JIMMY\LOCALS~1\TEMP\RSV1A.TMP

C:\WINDOWS\SYSTEM32\CONIME.EXE
C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL
C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL
C:\PROGRAM FILES\360SAFE\SAFEMON\SAFEMON.DLL
C:\DOCUME~1\JIMMY\LOCALS~1\TEMP\RSV1A.TMP

C:\WINDOWS\SYSTEM32\WUAUCLT.EXE
C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL
C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL
C:\PROGRAM FILES\360SAFE\SAFEMON\SAFEMON.DLL
C:\WINDOWS\SYSTEM32\WUPS2.DLL

C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL
C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL
C:\PROGRAM FILES\360SAFE\SAFEMON\SAFEMON.DLL


[用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; InfoPath.2)


附件: 646434200841212040.jpg
jimmy浩南 - 2008-4-12 1:36:00
C:\DOCUME~1\JIMMY\LOCALS~1\TEMP\RSV1A.TMP

C:\WINDOWS\RTHDCPL.EXE
C:\PROGRAM FILES\360SAFE\SAFEMON\SAFEMON.DLL
C:\WINDOWS\SYSTEM32\MSACM32.DRV
C:\DOCUME~1\JIMMY\LOCALS~1\TEMP\RSV1A.TMP

C:\DOCUMENTS AND SETTINGS\JIMMY\桌面\RSDETECT.EXE
C:\DOCUME~1\JIMMY\LOCALS~1\TEMP\RSV1A.TMP
C:\PROGRAM FILES\360SAFE\SAFEMON\SAFEMON.DLL

RSHIDE
C:\PROGRAM FILES\RISING\ANTISPYWARE\MFC71.DLL
C:\PROGRAM FILES\RISING\ANTISPYWARE\MSVCR71.DLL
C:\PROGRAM FILES\360SAFE\SAFEMON\SAFEMON.DLL
C:\WINDOWS\SYSTEM32\IEPROT.DLL
C:\DOCUME~1\JIMMY\LOCALS~1\TEMP\RSV1A.TMP

C:\WINDOWS\VM_STI.EXE
C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL
C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL
C:\PROGRAM FILES\360SAFE\SAFEMON\SAFEMON.DLL
C:\WINDOWS\SYSTEM32\VM31BPRP.AX
C:\DOCUME~1\JIMMY\LOCALS~1\TEMP\RSV1A.TMP

C:\PROGRAM FILES\DAEMON TOOLS\DAEMON.EXE
C:\PROGRAM FILES\DAEMON TOOLS\DAEMON.DLL
C:\PROGRAM FILES\DAEMON TOOLS\CRYPTAPI.DLL
C:\PROGRAM FILES\DAEMON TOOLS\PLUGINS\IMAGES\BW5MOUNT.DLL
C:\PROGRAM FILES\DAEMON TOOLS\PLUGINS\IMAGES\BWTMOUNT.DLL
C:\PROGRAM FILES\DAEMON TOOLS\PLUGINS\IMAGES\CCDMOUNT.DLL
C:\PROGRAM FILES\DAEMON TOOLS\PLUGINS\IMAGES\CUEMOUNT.DLL
C:\PROGRAM FILES\DAEMON TOOLS\PLUGINS\IMAGES\ISZMOUNT.DLL
C:\PROGRAM FILES\DAEMON TOOLS\PLUGINS\IMAGES\MDSMOUNT.DLL
C:\PROGRAM FILES\DAEMON TOOLS\PLUGINS\IMAGES\NRGMOUNT.DLL
C:\PROGRAM FILES\DAEMON TOOLS\PLUGINS\IMAGES\PDIMOUNT.DLL
C:\PROGRAM FILES\DAEMON TOOLS\PLUGINS\IMAGES\PFCMOUNT.DLL
C:\PROGRAM FILES\DAEMON TOOLS\PFCTOC.DLL
C:\PROGRAM FILES\360SAFE\SAFEMON\SAFEMON.DLL
C:\DOCUME~1\JIMMY\LOCALS~1\TEMP\RSV1A.TMP

C:\PROGRAM FILES\HEWLETT-PACKARD\TOOLBOX2.0\JAVASOFT\JRE\1.3.1\BIN\JAVAW.EXE
C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL
C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL
C:\PROGRAM FILES\HEWLETT-PACKARD\TOOLBOX2.0\JAVASOFT\JRE\1.3.1\BIN\HOTSPOT\JVM.DLL
C:\PROGRAM FILES\HEWLETT-PACKARD\TOOLBOX2.0\JAVASOFT\JRE\1.3.1\BIN\HPI.DLL
C:\PROGRAM FILES\HEWLETT-PACKARD\TOOLBOX2.0\JAVASOFT\JRE\1.3.1\BIN\VERIFY.DLL
C:\PROGRAM FILES\HEWLETT-PACKARD\TOOLBOX2.0\JAVASOFT\JRE\1.3.1\BIN\JAVA.DLL
C:\PROGRAM FILES\HEWLETT-PACKARD\TOOLBOX2.0\JAVASOFT\JRE\1.3.1\BIN\ZIP.DLL
C:\PROGRAM FILES\HEWLETT-PACKARD\TOOLBOX2.0\JAVASOFT\JRE\1.3.1\BIN\NET.DLL
C:\WINDOWS\SYSTEM32\D4CHANNEL.DLL
C:\DOCUME~1\JIMMY\LOCALS~1\TEMP\RSV1A.TMP


普通自启动项
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\SYSTEM32\NVCPL.DLL,NVSTARTUP
nwiz = NWIZ.EXE /INSTALL
NvMediaCenter = RUNDLL32.EXE C:\WINDOWS\SYSTEM32\NVMCTRAY.DLL,NVTASKBARINIT
SkyTel = SKYTEL.EXE
360Safetray = C:\PROGRAM FILES\360SAFE\SAFEMON\360TRAY.EXE /START
RTHDCPL = RTHDCPL.EXE
Alcmtr = ALCMTR.EXE
Microsoft Pinyin IME Migration = C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL
RfwMain = "C:\PROGRAM FILES\RISING\RFW\RFWMAIN.EXE" -STARTUP
runeip = "C:\PROGRAM FILES\RISING\ANTISPYWARE\RUNIEP.EXE" /STARTUP
TomcatStartup = C:\PROGRAM FILES\HEWLETT-PACKARD\TOOLBOX2.0\HPBPSTTP.EXE
Adobe Reader Speed Launcher = "C:\PROGRAM FILES\ADOBE\READER 8.0\READER\READER_SL.EXE"
BigDogPath = C:\WINDOWS\VM_STI.EXE USB PC CAMERA 301P

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
ctfmon.exe = C:\WINDOWS\SYSTEM32\CTFMON.EXE
DAEMON Tools = "C:\PROGRAM FILES\DAEMON TOOLS\DAEMON.EXE" -LANG 1033


系统文件关联
.exe ==> exefile = "%1" %*
.com ==> comfile = "%1" %*
.cmd ==> cmdfile = "%1" %*
.bat ==> batfile = "%1" %*
.txt ==> txtfile = C:\WINDOWS\notepad.exe %1
.scr ==> scrfile = "%1" /S
.reg ==> regfile = regedit.exe "%1"
.doc ==> Word.Document.8 = "C:\Program Files\Microsoft Office\Office12\WINWORD.EXE" /n /dde

其它启动项
WIN.INI
无信息

SYSTEM.INI
SHELL = Explorer.exe
SCRNSAVE.EXE = C:\WINDOWS\system32\ravss.scr


Winlogon 启动项
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
crypt32chain = CRYPT32.DLL
cryptnet = CRYPTNET.DLL
cscdll = CSCDLL.DLL
ScCertProp = WLNOTIFY.DLL
Schedule = WLNOTIFY.DLL
sclgntfy = SCLGNTFY.DLL
SensLogn = WLNOTIFY.DLL
termsrv = WLNOTIFY.DLL
wlballoon = WLNOTIFY.DLL

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Userinit = C:\WINDOWS\SYSTEM32\USERINIT.EXE,
shell = EXPLORER.EXE


IE - BHO
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} = NULL
{B69F34DD-F0F9-42DC-9EDD-957187DA688D} = C:\Program Files\360safe\safemon\safemon.dll


Winsock SPI
MSAFD Tcpip [TCP/IP] = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD Tcpip [UDP/IP] = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD Tcpip [RAW/IP] = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
RSVP UDP Service Provider = C:\WINDOWS\SYSTEM32\RSVPSP.DLL
RSVP TCP Service Provider = C:\WINDOWS\SYSTEM32\RSVPSP.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{1FB0CC6B-51DF-4BB1-A501-DD055AA74CEA}] SEQPACKET 3 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{1FB0CC6B-51DF-4BB1-A501-DD055AA74CEA}] DATAGRAM 3 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{13A0C7F8-21E8-4D07-AB85-585B3A74A416}] SEQPACKET 0 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{13A0C7F8-21E8-4D07-AB85-585B3A74A416}] DATAGRAM 0 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{F4E67ACE-8F7C-4DFB-93EA-E949E70353C5}] SEQPACKET 1 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{F4E67ACE-8F7C-4DFB-93EA-E949E70353C5}] DATAGRAM 1 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{3D317A7B-F2D2-470B-8577-69306365E4E7}] SEQPACKET 2 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{3D317A7B-F2D2-470B-8577-69306365E4E7}] DATAGRAM 2 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL

系统服务项
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
ALG = C:\WINDOWS\SYSTEM32\ALG.EXE
AppMgmt = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
AudioSrv = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
BITS = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
jimmy浩南 - 2008-4-12 1:38:00
Browser = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
ClipSrv = C:\WINDOWS\SYSTEM32\CLIPSRV.EXE
COMSysApp = C:\WINDOWS\SYSTEM32\DLLHOST.EXE /PROCESSID:{02D4B3F1-FD88-11D1-960D-00805FC79235}
CryptSvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
DcomLaunch = C:\WINDOWS\SYSTEM32\SVCHOST -K DCOMLAUNCH
Dhcp = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
dmadmin = C:\WINDOWS\SYSTEM32\DMADMIN.EXE /COM
dmserver = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
Dnscache = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETWORKSERVICE
Eventlog = C:\WINDOWS\SYSTEM32\SERVICES.EXE
EventSystem = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
FastUserSwitchingCompatibility = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
HidServ = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
HTTPFilter = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K HTTPFILTER
ImapiService = C:\WINDOWS\SYSTEM32\IMAPI.EXE
lanmanserver = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
lanmanworkstation = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
LmHosts = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE
MSDTC = C:\WINDOWS\SYSTEM32\MSDTC.EXE
MSIServer = C:\WINDOWS\SYSTEM32\MSIEXEC.EXE /V
NetDDE = C:\WINDOWS\SYSTEM32\NETDDE.EXE
NetDDEdsdm = C:\WINDOWS\SYSTEM32\NETDDE.EXE
Netlogon = C:\WINDOWS\SYSTEM32\LSASS.EXE
Netman = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
Nla = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
NtLmSsp = C:\WINDOWS\SYSTEM32\LSASS.EXE
NVSvc = C:\WINDOWS\SYSTEM32\NVSVC32.EXE
odserv = "C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\OFFICE12\ODSERV.EXE"
ose = "C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\SOURCE ENGINE\OSE.EXE"
PlugPlay = C:\WINDOWS\SYSTEM32\SERVICES.EXE
Pml Driver HPZ12 = C:\WINDOWS\SYSTEM32\HPZIPM12.EXE
PolicyAgent = C:\WINDOWS\SYSTEM32\LSASS.EXE
ProtectedStorage = C:\WINDOWS\SYSTEM32\LSASS.EXE
RasAuto = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
RasMan = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
RDSessMgr = C:\WINDOWS\SYSTEM32\SESSMGR.EXE
RemoteAccess = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
RfwProxySrv = C:\PROGRAM FILES\RISING\RFW\RFWPROXY.EXE
RfwService = C:\PROGRAM FILES\RISING\RFW\RFWSRV.EXE
rpcapd = "%PROGRAMFILES%\WINPCAP\RPCAPD.EXE" -D -F "%PROGRAMFILES%\WINPCAP\RPCAPD.INI"
RpcLocator = C:\WINDOWS\SYSTEM32\LOCATOR.EXE
RpcSs = C:\WINDOWS\SYSTEM32\SVCHOST -K RPCSS
RSVP = C:\WINDOWS\SYSTEM32\RSVP.EXE
SamSs = C:\WINDOWS\SYSTEM32\LSASS.EXE
SCardSvr = C:\WINDOWS\SYSTEM32\SCARDSVR.EXE
Schedule = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
seclogon = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
SENS = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
SharedAccess = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
ShellHWDetection = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
Spooler = C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
srservice = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
SSDPSRV = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE
stisvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K IMGSVC
SysmonLog = C:\WINDOWS\SYSTEM32\SMLOGSVC.EXE
TapiSrv = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
TermService = C:\WINDOWS\SYSTEM32\SVCHOST -K DCOMLAUNCH
Themes = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
TrkWks = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
upnphost = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE
usprserv = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
W32Time = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
WebClient = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE
winmgmt = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
WmdmPmSN = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
Wmi = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
WmiApSrv = C:\WINDOWS\SYSTEM32\WBEM\WMIAPSRV.EXE
wscsvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
wuauserv = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
WZCSVC = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
xmlprov = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS


文件驱动
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
FltMgr = C:\WINDOWS\SYSTEM32\DRIVERS\FLTMGR.SYS
MRxDAV = C:\WINDOWS\SYSTEM32\DRIVERS\MRXDAV.SYS
MRxSmb = C:\WINDOWS\SYSTEM32\DRIVERS\MRXSMB.SYS
NetBIOS = C:\WINDOWS\SYSTEM32\DRIVERS\NETBIOS.SYS
Rdbss = C:\WINDOWS\SYSTEM32\DRIVERS\RDBSS.SYS
Sr = C:\WINDOWS\SYSTEM32\DRIVERS\SR.SYS
Srv = C:\WINDOWS\SYSTEM32\DRIVERS\SRV.SYS


系统驱动项
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
ACPI = C:\WINDOWS\SYSTEM32\DRIVERS\ACPI.SYS
aec = C:\WINDOWS\SYSTEM32\DRIVERS\AEC.SYS
AFD = C:\WINDOWS\SYSTEM32\DRIVERS\AFD.SYS
AsyncMac = C:\WINDOWS\SYSTEM32\DRIVERS\ASYNCMAC.SYS
atapi = C:\WINDOWS\SYSTEM32\DRIVERS\ATAPI.SYS
audstub = C:\WINDOWS\SYSTEM32\DRIVERS\AUDSTUB.SYS
BIOS = C:\WINDOWS\SYSTEM32\DRIVERS\BIOS.SYS
CCDECODE = C:\WINDOWS\SYSTEM32\DRIVERS\CCDECODE.SYS
Cdrom = C:\WINDOWS\SYSTEM32\DRIVERS\CDROM.SYS
Disk = C:\WINDOWS\SYSTEM32\DRIVERS\DISK.SYS
dmboot = C:\WINDOWS\SYSTEM32\DRIVERS\DMBOOT.SYS
dmio = C:\WINDOWS\SYSTEM32\DRIVERS\DMIO.SYS
dmload = C:\WINDOWS\SYSTEM32\DRIVERS\DMLOAD.SYS
DMusic = C:\WINDOWS\SYSTEM32\DRIVERS\DMUSIC.SYS
dot4 = C:\WINDOWS\SYSTEM32\DRIVERS\DOT4.SYS
Dot4Print = C:\WINDOWS\SYSTEM32\DRIVERS\DOT4PRT.SYS
dot4usb = C:\WINDOWS\SYSTEM32\DRIVERS\DOT4USB.SYS
drmkaud = C:\WINDOWS\SYSTEM32\DRIVERS\DRMKAUD.SYS
Fdc = C:\WINDOWS\SYSTEM32\DRIVERS\FDC.SYS
FsVga = C:\WINDOWS\SYSTEM32\DRIVERS\FSVGA.SYS
Ftdisk = C:\WINDOWS\SYSTEM32\DRIVERS\FTDISK.SYS
Gpc = C:\WINDOWS\SYSTEM32\DRIVERS\MSGPC.SYS
HDAudBus = C:\WINDOWS\SYSTEM32\DRIVERS\HDAUDBUS.SYS
hidusb = C:\WINDOWS\SYSTEM32\DRIVERS\HIDUSB.SYS
HookUrl = C:\PROGRAM FILES\RISING\RFW\HOOKURL.SYS
HTTP = C:\WINDOWS\SYSTEM32\DRIVERS\HTTP.SYS
i8042prt = C:\WINDOWS\SYSTEM32\DRIVERS\I8042PRT.SYS
Imapi = C:\WINDOWS\SYSTEM32\DRIVERS\IMAPI.SYS
IntcAzAudAddService = C:\WINDOWS\SYSTEM32\DRIVERS\RTKHDAUD.SYS
Ip6Fw = C:\WINDOWS\SYSTEM32\DRIVERS\IP6FW.SYS
IpFilterDriver = C:\WINDOWS\SYSTEM32\DRIVERS\IPFLTDRV.SYS
IpInIp = C:\WINDOWS\SYSTEM32\DRIVERS\IPINIP.SYS
IpNat = C:\WINDOWS\SYSTEM32\DRIVERS\IPNAT.SYS
IPSec = C:\WINDOWS\SYSTEM32\DRIVERS\IPSEC.SYS
IRENUM = C:\WINDOWS\SYSTEM32\DRIVERS\IRENUM.SYS
jimmy浩南 - 2008-4-12 1:38:00
isapnp = C:\WINDOWS\SYSTEM32\DRIVERS\ISAPNP.SYS
Kbdclass = C:\WINDOWS\SYSTEM32\DRIVERS\KBDCLASS.SYS
kmixer = C:\WINDOWS\SYSTEM32\DRIVERS\KMIXER.SYS
Mouclass = C:\WINDOWS\SYSTEM32\DRIVERS\MOUCLASS.SYS
mouhid = C:\WINDOWS\SYSTEM32\DRIVERS\MOUHID.SYS
MSKSSRV = C:\WINDOWS\SYSTEM32\DRIVERS\MSKSSRV.SYS
MSPCLOCK = C:\WINDOWS\SYSTEM32\DRIVERS\MSPCLOCK.SYS
MSPQM = C:\WINDOWS\SYSTEM32\DRIVERS\MSPQM.SYS
mssmbios = C:\WINDOWS\SYSTEM32\DRIVERS\MSSMBIOS.SYS
MSTEE = C:\WINDOWS\SYSTEM32\DRIVERS\MSTEE.SYS
NABTSFEC = C:\WINDOWS\SYSTEM32\DRIVERS\NABTSFEC.SYS
NdisIP = C:\WINDOWS\SYSTEM32\DRIVERS\NDISIP.SYS
NdisTapi = C:\WINDOWS\SYSTEM32\DRIVERS\NDISTAPI.SYS
Ndisuio = C:\WINDOWS\SYSTEM32\DRIVERS\NDISUIO.SYS
NdisWan = C:\WINDOWS\SYSTEM32\DRIVERS\NDISWAN.SYS
NetBT = C:\WINDOWS\SYSTEM32\DRIVERS\NETBT.SYS
NPF = C:\WINDOWS\SYSTEM32\DRIVERS\NPF.SYS
nv = C:\WINDOWS\SYSTEM32\DRIVERS\NV4_MINI.SYS
nvata = C:\WINDOWS\SYSTEM32\DRIVERS\NVATA.SYS
NVENETFD = C:\WINDOWS\SYSTEM32\DRIVERS\NVENETFD.SYS
nvnetbus = C:\WINDOWS\SYSTEM32\DRIVERS\NVNETBUS.SYS
NwlnkFlt = C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKFLT.SYS
NwlnkFwd = C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKFWD.SYS
p2pfilter = C:\PROGRAM FILES\GRABSUN\NETSENSE\P2PFILTER.SYS
Parport = C:\WINDOWS\SYSTEM32\DRIVERS\PARPORT.SYS
PCI = C:\WINDOWS\SYSTEM32\DRIVERS\PCI.SYS
PCIIde = C:\WINDOWS\SYSTEM32\DRIVERS\PCIIDE.SYS
PptpMiniport = C:\WINDOWS\SYSTEM32\DRIVERS\RASPPTP.SYS
Processor = C:\WINDOWS\SYSTEM32\DRIVERS\PROCESSR.SYS
PSched = C:\WINDOWS\SYSTEM32\DRIVERS\PSCHED.SYS
Ptilink = C:\WINDOWS\SYSTEM32\DRIVERS\PTILINK.SYS
RasAcd = C:\WINDOWS\SYSTEM32\DRIVERS\RASACD.SYS
Rasl2tp = C:\WINDOWS\SYSTEM32\DRIVERS\RASL2TP.SYS
RasPppoe = C:\WINDOWS\SYSTEM32\DRIVERS\RASPPPOE.SYS
Raspti = C:\WINDOWS\SYSTEM32\DRIVERS\RASPTI.SYS
RDPCDD = C:\WINDOWS\SYSTEM32\DRIVERS\RDPCDD.SYS
rdpdr = C:\WINDOWS\SYSTEM32\DRIVERS\RDPDR.SYS
redbook = C:\WINDOWS\SYSTEM32\DRIVERS\REDBOOK.SYS
RfwBase = C:\WINDOWS\SYSTEM32\DRIVERS\RFWBASE.SYS
RsAntiSpyware = C:\WINDOWS\SYSTEM32\DRIVERS\RSBOOT.SYS
RsFwDrv = C:\PROGRAM FILES\RISING\RFW\RSFWDRV.SYS
Secdrv = C:\WINDOWS\SYSTEM32\DRIVERS\SECDRV.SYS
serenum = C:\WINDOWS\SYSTEM32\DRIVERS\SERENUM.SYS
Serial = C:\WINDOWS\SYSTEM32\DRIVERS\SERIAL.SYS
SLIP = C:\WINDOWS\SYSTEM32\DRIVERS\SLIP.SYS
splitter = C:\WINDOWS\SYSTEM32\DRIVERS\SPLITTER.SYS
sptd = C:\WINDOWS\SYSTEM32\DRIVERS\SPTD.SYS
streamip = C:\WINDOWS\SYSTEM32\DRIVERS\STREAMIP.SYS
swenum = C:\WINDOWS\SYSTEM32\DRIVERS\SWENUM.SYS
swmidi = C:\WINDOWS\SYSTEM32\DRIVERS\SWMIDI.SYS
sysaudio = C:\WINDOWS\SYSTEM32\DRIVERS\SYSAUDIO.SYS
Tcpip = C:\WINDOWS\SYSTEM32\DRIVERS\TCPIP.SYS
TermDD = C:\WINDOWS\SYSTEM32\DRIVERS\TERMDD.SYS
Update = C:\WINDOWS\SYSTEM32\DRIVERS\UPDATE.SYS
usbehci = C:\WINDOWS\SYSTEM32\DRIVERS\USBEHCI.SYS
usbhub = C:\WINDOWS\SYSTEM32\DRIVERS\USBHUB.SYS
usbohci = C:\WINDOWS\SYSTEM32\DRIVERS\USBOHCI.SYS
USBSTOR = C:\WINDOWS\SYSTEM32\DRIVERS\USBSTOR.SYS
VgaSave = C:\WINDOWS\SYSTEM32\DRIVERS\VGA.SYS
Wanarp = C:\WINDOWS\SYSTEM32\DRIVERS\WANARP.SYS
wdmaud = C:\WINDOWS\SYSTEM32\DRIVERS\WDMAUD.SYS
WSTCODEC = C:\WINDOWS\SYSTEM32\DRIVERS\WSTCODEC.SYS
ZSMC301b = C:\WINDOWS\SYSTEM32\DRIVERS\USBVM31B.SYS


魅影007 - 2008-4-12 14:19:00
该用户帖子内容已被屏蔽
沂縁 - 2008-4-12 14:37:00
估计是有病毒了    把 你的报告贴到反病毒去吧  让那边的版主给你看看
0813pinsou - 2008-4-12 16:48:00
瑞星杀毒?鬼扯皮!!!是被毒杀!!!
最近连续被黑,花了钱想买个安全,可瑞星你给用户安全了吗?
到底是你杀毒?还是毒杀你?????
气死人了!!!!!!
如杀不了毒,就不要乱收钱!!!!!!
电脑应用 - 2008-4-12 17:08:00
安装过程无法完成的解决              http://forum.ikaka.com/topic.asp?board=117&artid=8409203
磁盘空间不足,请释放部分空间后重试  http://forum.ikaka.com/topic.asp?board=117&artid=8412484
万事达 - 2008-4-13 10:04:00
把C:\Documents and Settings\All Users\Application Data\Rising\Rav目录下所有文件删除,卸载瑞星重新安装
1
查看完整版本: 瑞星不能安装,不能启动
© 2000 - 2024 Rising Corp. Ltd.