【求助】病毒Trojan.Win32.Agent.bvl瑞星杀不掉，怎么办呀？ - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛【求助】病毒Trojan.Win32.Agent.bvl瑞星杀不掉，怎么办呀？

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

12

1 / 2 页

跳转页

【求助】病毒Trojan.Win32.Agent.bvl瑞星杀不掉，怎么办呀？

水木屋初生襁褓狮帖子:8 注册: 2007-07-16 来自:	发表于： 2007-07-16 14:22 \| 只看楼主短消息资料字号：小中大 1楼【求助】病毒Trojan.Win32.Agent.bvl瑞星杀不掉，怎么办呀？在C:\WINNT\system32\drivers\wmoeu.sys文件中，请各位高人指点！ 2007-07-17 14:53:46
水木屋初生襁褓狮帖子:8 注册: 2007-07-16 来自:	分享到：

Leoooo 大版主帖子:2163 注册: 2007-06-05 来自:	发表于： 2007-07-16 14:52 \| 短消息资料字号：小中大 2楼 http://download.rising.com.cn/for_down/kakatool/kakasetupv4.exe下载卡卡上网安全助手4.0 1 运行瑞星卡卡上网安全助手 2 诊断求助=》电脑诊断日志 3 选择"文件详细信息"、"文件名相似分析"2个选项 4 开始扫描＝》导出信息，导成txt格式（也可以是htm格式方便自己看，不过论坛不能上传htm格式） 5 把日志中的报告完整拷贝贴上来，不要修改（一次发不完请分次发上来） 6 扫日志的时候尽量把不必要的软件关闭如QQ TM等 7 把扫描出来的可疑文件上传给瑞星http://up.rising.com.cn/webmail/uploadnew.htm
Leoooo 大版主帖子:2163 注册: 2007-06-05 来自:

水木屋初生襁褓狮帖子:8 注册: 2007-07-16 来自:	发表于： 2007-07-16 15:34 \| 只看楼主短消息资料字号：小中大 3楼瑞星卡卡电脑诊断日志 v1.30 (2007-7-16 15:13:2) 北京瑞星科技股份有限公司注释:[A]表示该文件存在自启动关联; [M]表示该文件在内存中; + 注册表自运行项目 + 系统服务 + HKLM\System\CurrentControlSet\Services aspnet_state [A ] 1. c:\winnt\microsoft.net\framework\v1.1.4322\aspnet_state.exe Microsoft Corporation aspnet_state.exe .text,.data,.rsrc, Autodesk Licensing Service [A ] 2. c:\program files\common files\autodesk shared\service\adskscsrv.exe Autodesk System Level Service Utility .text,.rdata,.data,.rsrc, NVSvc [AM] 3. c:\winnt\system32\nvsvc32.exe NVIDIA Corporation NVIDIA Driver Helper Service, Version 61.72 .text,.rdata,.data,.rsrc, RavService [AM] 4. c:\program files\rising\rav\ravservice.exe Beijing Rising Technology Co., Ltd. .text,.rdata,.data,.rsrc, RsCCenter [AM] 5. c:\program files\rising\rav\ccenter.exe Beijing Rising Technology Co., Ltd. CCenter .text,.rdata,.data,.rsrc, RsRavMon [A ] 6. c:\program files\rising\rav\ravmond.exe Beijing Rising Technology Co., Ltd. RavMond .text,.rdata,.data,.rsrc, WmdmPmSN [A ] 7. c:\winnt\system32\mspmsnsv.dll Microsoft Corporation Microsoft Media Device Service Provider .text,.data,.rsrc,.reloc, + 内核驱动 + HKLM\System\CurrentControlSet\Services ALCXSENS [A ] 8. c:\winnt\system32\drivers\alcxsens.sys Sensaura Sensaura WDM 3D Audio Driver .text,page,init,.data,.CRT,init,INIT,.rsrc,.reloc, ALCXWDM [A ] 9. c:\winnt\system32\drivers\alcxwdm.sys Realtek Semiconductor Corp. Realtek AC'97 Audio Driver (WDM) .text,.rdata,.data,.CRT,.data1,PAGE,INIT,.rsrc,.reloc, BaseTDI [A ] 10. c:\winnt\system32\drivers\basetdi.sys Beijing Rising Technology Co., Ltd. basetdi .text,.rdata,.data,INIT,.rsrc,.reloc, d347bus [A ] 11. c:\winnt\system32\drivers\d347bus.sys PnP BIOS Extension .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, d347prt [A ] 12. c:\winnt\system32\drivers\d347prt.sys SCSI miniport .text,.rdata,.data,INIT,.rsrc,.reloc, ExpScaner [A ] 13. c:\program files\rising\rav\expscan.sys ExpScan.sys .text,.rdata,.data,INIT,.rsrc,.reloc, HookCont [A ] 14. c:\program files\rising\rav\hookcont.sys Rising HookCont .text,.rdata,.data,INIT,.rsrc,.reloc, HookReg [A ] 15. c:\program files\rising\rav\hookreg.sys .text,.rdata,.data,INIT,.rsrc,.reloc, HookSys [A ] 16. c:\program files\rising\rav\hooksys.sys Rising Hooksys .text,.rdata,.data,INIT,.rsrc,.reloc, IMNPF [A ] 17. c:\winnt\system32\drivers\imnpf.sys LUMDriver [A ] 18. c:\winnt\system32\drivers\lumdriver.sys IBM LUM Runtime .text,.data,INIT,.rsrc,.reloc, MEMSCAN [A ] 19. c:\program files\rising\rav\memscan.sys 瑞星软件有限公司 MemScan Driver .text,.rdata,.data,INIT,.rsrc,.reloc, NPF [A ] 20. c:\winnt\system32\npf.sys npkcrypt [A ] 21. c:\program files\tencent\qq\npkcrypt.sys nv [A ] 22. c:\winnt\system32\drivers\nv4_mini.sys NVIDIA Corporation NVIDIA Compatible Windows 2000 Miniport Driver, Version 61.72 .text,_NVTEXT3,.rdata,.data,PAGE,PAGE,INIT,.rsrc,.reloc, RsAntiSpyware [A ] 23. c:\winnt\system32\drivers\rsboot.sys Beijing Rising Technology Co., Ltd. Anti-RootKit Driver .text,.rdata,.data,INIT,.rsrc,.reloc, RsNTGDI [A ] 24. c:\winnt\system32\drivers\rsntgdi.sys Beijing Rising Technology Co., Ltd. RsNTGDI .text,.rdata,INIT,.rsrc,.reloc, RSPPSYS [A ] 25. c:\program files\rising\rav\rsppsys.sys Rising RSPPSYS .text,.rdata,.data,INIT,.rsrc,.reloc, RTL8023 [A ] 26. c:\winnt\system32\drivers\rtlnic5.sys Realtek Semiconductor Corporation Realtek 10/100/1000 NDIS 5.0 Driver .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, Sense3 [A ] 27. c:\winnt\system32\drivers\sense3.sys Beijing Senselock SENSE3 Driver for NT .text,.rdata,.data,INIT,.rsrc,.reloc, Sentinel [A ] 28. c:\winnt\system32\drivers\sentinel.sys Rainbow Technologies, Inc. Sentinel System Driver (NT Parallel driver) .text,.bss,.rsrc,.data,.idata,.reloc, SISAGP [A ] 29. c:\winnt\system32\drivers\sisagpx.sys Silicon Integrated Systems Corporation SiS AGPv3.5 Filter .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, usbehci [A ] 30. c:\winnt\system32\drivers\usbehci.sys Microsoft Corporation EHCI eUSB Miniport Driver .text,.rdata,.data,INIT,.rsrc,.reloc, usbhub20 [A ] 31. c:\winnt\system32\drivers\usbhub20.sys Microsoft Corporation Default Hub Driver for USB 2.0 .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, usbsermpt [A ] 32. c:\winnt\system32\drivers\usbsermpt.sys Microsoft Corporation USB Modem Driver .text,.rdata,.data,PAGEUSBS,PAGEUSBS,PAGEUBS0,INIT,.rsrc,.reloc, wmoeu [A ] 33. c:\winnt\system32\drivers\wmoeu.sys + IE浏览器加载模块 + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} [AM] 34. c:\program files\flashget\jccatch.dll www.flashget.com Flashget CatchUrl Module .text,.rdata,.data,.rsrc,.reloc, {F156768E-81EF-470C-9057-481BA8380DBA} [AM] 35. c:\program files\flashget\getflash.dll www.flashget.com Flashget GetFlash Module .text,.rdata,.data,.rsrc,.reloc, + HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions Exec [A ] 36. c:\program files\flashget\flashget.exe FlashGet.com FlashGet .text,.rdata,.data,.rsrc, + 资源管理器加载模块 + HKLM\SOFTWARE\Classes\PROTOCOLS\Filter application/octet-stream [A ] 37. c:\winnt\system32\mscoree.dll Microsoft Corporation Microsoft .NET Runtime Execution Engine .text,.data,.rsrc,.reloc, application/x-complus [A ] 37. c:\winnt\system32\mscoree.dll Microsoft Corporation Microsoft .NET Runtime Execution Engine .text,.data,.rsrc,.reloc, application/x-msdownload [A ] 37. c:\winnt\system32\mscoree.dll Microsoft Corporation Microsoft .NET Runtime Execution Engine .text,.data,.rsrc,.reloc, + HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components {9EF0045A-CDD9-438e-95E6-02B9AFEC8E11} [A ] 38. c:\winnt\system32\updcrl.exe Microsoft Corporation UPDCRL .text,.data,.rsrc, [A ] 39. c:\winnt\system32\verisignpub1.crl + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved Multimedia File Property Sheet [A ] 40. c:\winnt\system32\mmsys.cpl Microsoft Corporation Control Panel Drivers Applet .text,.data,.rsrc,.reloc, HyperTerminal Icon Ext [A ] 41. c:\winnt\system32\hticons.dll Hilgraeve, Inc. HyperTerminal Applet Library .text,.data,.rsrc,.reloc, Shell Application Manager [A ] 42. c:\winnt\system32\appwiz.cpl Microsoft Corporation Shell Application Manager .text,.data,.rsrc,.reloc, Installed Apps Enumerator [A ] 42. c:\winnt\system32\appwiz.cpl Microsoft Corporation Shell Application Manager .text,.data,.rsrc,.reloc, Darwin App Publisher [A ] 42. c:\winnt\system32\appwiz.cpl Microsoft Corporation Shell Application Manager .text,.data,.rsrc,.reloc, Desktop Explorer [AM] 43. c:\winnt\system32\nvshell.dll NVIDIA Corporation NVIDIA Desktop Explorer, Version 61.72 .text,.rdata,.data,.idata,.shared,.rsrc,.reloc, Desktop Explorer Menu [AM] 43. c:\winnt\system32\nvshell.dll NVIDIA Corporation NVIDIA Desktop Explorer, Version 61.72 .text,.rdata,.data,.idata,.shared,.rsrc,.reloc, nView Desktop Context Menu [AM] 43. c:\winnt\system32\nvshell.dll NVIDIA Corporation NVIDIA Desktop Explorer, Version 61.72 .text,.rdata,.data,.idata,.shared,.rsrc,.reloc, Microsoft Outlook Custom Icon Handler [A ] 44. c:\program files\microsoft office\office\olkfstub.dll Microsoft Corporation Microsoft Outlook Shell Hook for Start/Find .text,.data,.rsrc,.reloc,
水木屋初生襁褓狮帖子:8 注册: 2007-07-16 来自:

水木屋初生襁褓狮帖子:8 注册: 2007-07-16 来自:	发表于： 2007-07-16 15:34 \| 只看楼主短消息资料字号：小中大 4楼 RISING [AM] 45. c:\winnt\system32\ravext.dll Beijing Rising Technology Co., Ltd. Rising Shell Ext Module .text,.rdata,.data,.rsrc,.reloc, Web Folders [A ] 46. c:\program files\common files\microsoft shared\web folders\msonsext.dll Microsoft Corporation Microsoft Web Folders .text,.data,.rsrc,.reloc, Fusion Cache [A ] 37. c:\winnt\system32\mscoree.dll Microsoft Corporation Microsoft .NET Runtime Execution Engine .text,.data,.rsrc,.reloc, IronCAD Shell Extensions [A ] 47. c:\caxa\caxa interface\bin\ironcadshellext.dll IronCAD, LLC IronCADShellExt Module .text,.rdata,.data,.rsrc,.reloc, WinRAR shell extension [AM] 48. c:\program files\winrar\rarext.dll .text,.data,.tls,.idata,.edata,.rsrc,.reloc, + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks {AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A} [AM] 49. c:\winnt\system32\shlhook.dll Beijing Rising Technology Co., Ltd. shlhook Module .text,.rdata,.data,.rsrc,.reloc, + 用户登陆自运行项目 + HKLM\Software\Microsoft\Windows\CurrentVersion\Run RavTimer [AM] 50. c:\program files\rising\rav\ravtimer.exe Beijing Rising Technology Co., Ltd. RavTimer .text,.rdata,.data,.rsrc, RavTray [AM] 51. c:\program files\rising\rav\ravtray.exe Rising RavNet Tray .text,.rdata,.data,.rsrc, RavTask [A ] 52. c:\program files\rising\rav\ravtask.exe Beijing Rising Technology Co., Ltd. RavTimer .text,.rdata,.data,.rsrc, runeip [AM] 53. c:\program files\rising\antispyware\runiep.exe Beijing Rising Technology Co., Ltd. Rising AntiSpyware Monitor .text,.rdata,.data,.rsrc, + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce KKDelay [A ] 54. c:\program files\rising\antispyware\runonce.exe Beijing Rising Technology Co., Ltd. RunOnce Application .text,.rdata,.data,.rsrc, 360safeuninst [A ] 55. c:\documents and settings\administrator\local settings\temp\remove360.bat + 开机执行 + HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order BootExecute [A ] 56. c:\winnt\system32\bsmain.exe Beijing Rising Technology Co., Ltd. BootScan .text,.data,.rsrc,.reloc, [A ] 57. c:\winnt\system32\kknative.exe Beijing Rising Technology Co., Ltd. NativeAp .text,.data,.rsrc,.reloc, + 映像劫持 + HKCR\.html htmlfile\Edit\Command [A ] 58. c:\program files\microsoft office\office\msohtmed.exe Microsoft Corporation Microsoft Office 2000 component .text,.data,.idata,.rsrc, htmlfile\Print\Command [A ] 58. c:\program files\microsoft office\office\msohtmed.exe Microsoft Corporation Microsoft Office 2000 component .text,.data,.idata,.rsrc, + HKCR\.htm htmlfile\Edit\Command [A ] 58. c:\program files\microsoft office\office\msohtmed.exe Microsoft Corporation Microsoft Office 2000 component .text,.data,.idata,.rsrc, htmlfile\Print\Command [A ] 58. c:\program files\microsoft office\office\msohtmed.exe Microsoft Corporation Microsoft Office 2000 component .text,.data,.idata,.rsrc, + HKCR\.mp3 mp3file\open\Command [A ] 59. c:\program files\windows media player\wmplayer.exe Microsoft Corporation Windows Media Player .text,.data,.rsrc, mp3file\play\Command [A ] 59. c:\program files\windows media player\wmplayer.exe Microsoft Corporation Windows Media Player .text,.data,.rsrc, + 打印机监控 + HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors Canon BJ Language Monitor i6100 [AM] 60. c:\winnt\system32\cnmlm4s.dll CANON INC. BJ Language Monitor .text,.data,.rsrc,.reloc, FPP2: [AM] 61. c:\winnt\system32\fppmon2.dll FinePrint Software, LLC pdfFactory .text,.rdata,.data,.rsrc,.reloc, + 正在运行的进程 + 000000a8(168) smss.exe + 000000c8(200) csrss.exe + 000000dc(220) winlogon.exe 77520000[00008000] [ M] 62. c:\winnt\system32\wdmaud.drv Microsoft Corporation WDM Audio driver mapper .text,.data,.rsrc,.reloc, 773C0000[00008000] [ M] 63. c:\winnt\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, + 000000f8(248) services.exe + 00000104(260) lsass.exe + 000001a0(416) svchost.exe + 000001c8(456) CCenter.exe 00400000[0001E000] [AM] 5. c:\program files\rising\rav\ccenter.exe Beijing Rising Technology Co., Ltd. CCenter .text,.rdata,.data,.rsrc, + 00000204(516) spoolsv.exe 66D00000[00018000] [AM] 60. c:\winnt\system32\cnmlm4s.dll CANON INC. BJ Language Monitor .text,.data,.rsrc,.reloc, 27000000[0004E000] [AM] 61. c:\winnt\system32\fppmon2.dll FinePrint Software, LLC pdfFactory .text,.rdata,.data,.rsrc,.reloc, 41000000[0001D000] [ M] 64. c:\winnt\system32\fppr232.dll FinePrint Software, LLC pdfFactory .rsrc,.reloc, 00E50000[00007000] [ M] 65. c:\winnt\system32\spool\prtprocs\w32x86\cnmpd4s.dll CANON INC. Canon BJ Print Processor Dispatcher .text,.data,.rsrc,.reloc, + 00000220(544) CATSysDemon.exe 00400000[00010000] [ M] 66. c:\program files\dassault systemes\b12\intel_a\code\bin\catsysdemon.exe Dassault Systemes System .text,.rdata,.data,.rsrc,.reloc, + 00000230(560) svchost.exe 63B50000[00034000] [ M] 67. c:\winnt\system32\unimdm.tsp Microsoft Corporation Unimodem 5 Service Provider .text,.data,.rsrc,.reloc, 63BC0000[00008000] [ M] 68. c:\winnt\system32\kmddsp.tsp Microsoft Corporation TAPI Kernel-Mode Service Provider .text,.data,.rsrc,.reloc, 63BB0000[0000C000] [ M] 69. c:\winnt\system32\ndptsp.tsp Microsoft Corporation NDIS Proxy TAPI Service Provider .text,.data,.rsrc,.reloc, 63BD0000[00006000] [ M] 70. c:\winnt\system32\ipconf.tsp Microsoft Corporation Microsoft Multicast Conference TAPI Service Provider .text,.data,.rsrc,.reloc, 63BE0000[00044000] [ M] 71. c:\winnt\system32\h323.tsp Microsoft Corporation Microsoft H.323 TAPI Service Provider .text,.data,.rsrc,.reloc, 1F660000[0001F000] [ M] 72. c:\winnt\system32\msdart.dll Microsoft Corporation Microsoft Data Access - OLE DB Runtime Routines .text,.data,.rsrc,.reloc, + 00000258(600) nvsvc32.exe 00400000[0001E000] [AM] 3. c:\winnt\system32\nvsvc32.exe NVIDIA Corporation NVIDIA Driver Helper Service, Version 61.72 .text,.rdata,.data,.rsrc, + 00000294(660) RAVMON.EXE 00400000[00099000] [ M] 73. c:\program files\rising\rav\ravmon.exe Beijing Rising Technology Co., Ltd. RavMon .text,.rdata,.data,.rsrc, 26600000[0007C000] [ M] 74. c:\program files\rising\rav\rsguilib.dll Beijing Rising Technology Co., Ltd. Rising GUI Library Loader .text,.rdata,.data,.rsrc,.reloc, 780C0000[00061000] [ M] 75. c:\winnt\system32\msvcp60.dll Microsoft Corporation Microsoft (R) C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 10000000[0002E000] [ M] 76. c:\program files\rising\rav\bwlist.dll Beijing Rising Technology Co., Ltd. BWList DLL .text,.rdata,.data,.rsrc,.reloc, 00980000[0000E000] [ M] 77. c:\program files\rising\rav\rsappmgr.dll Beijing Rising Technology Co., Ltd. Rising Application Manager .text,.rdata,.data,.rsrc,.reloc, 089A0000[0002F000] [ M] 78. c:\program files\rising\rav\cfgdll.dll Beijing Rising Technology Co., Ltd. CfgDll .text,.rdata,.data,.rsrc,.reloc, 23700000[0001A000] [ M] 79. c:\program files\rising\rav\rscommon.dll Beijing Rising Technology Co., Ltd. Rising Common Function Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 09060000[0001B000] [ M] 80. c:\program files\rising\rav\rscommx.dll rising RsCommX .text,.rdata,.data,.rsrc,.reloc, 23800000[0001A000] [ M] 81. c:\program files\rising\rav\rsxml.dll Beijing Rising Technology Co., Ltd. RsXML .text,.rdata,.data,.rsrc,.reloc, 23900000[00031000] [ M] 82. c:\program files\rising\rav\pngdll.dll Beijing Rising Technology Co., Ltd. Rising .Png File Loader Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 09F60000[0001B000] [ M] 83. c:\program files\rising\antispyware\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc,
水木屋初生襁褓狮帖子:8 注册: 2007-07-16 来自:

水木屋初生襁褓狮帖子:8 注册: 2007-07-16 来自:	发表于： 2007-07-16 15:35 \| 只看楼主短消息资料字号：小中大 5楼 + 000002a0(672) regsvc.exe + 000002ac(684) MSTask.exe + 00000368(872) RavService.exe 00400000[0013C000] [AM] 4. c:\program files\rising\rav\ravservice.exe Beijing Rising Technology Co., Ltd. .text,.rdata,.data,.rsrc, 780C0000[00061000] [ M] 75. c:\winnt\system32\msvcp60.dll Microsoft Corporation Microsoft (R) C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 10000000[000D1000] [ M] 84. c:\program files\rising\rav\dlcenter.dll Beijing Rising Technology Co., Ltd. DLCenter DLL .text,.rdata,.data,.rsrc,.reloc, 00BE0000[0001B000] [ M] 80. c:\program files\rising\rav\rscommx.dll rising RsCommX .text,.rdata,.data,.rsrc,.reloc, + 000003a4(932) WinMgmt.exe + 000003b0(944) rsvp.exe + 000003f4(1012) svchost.exe 50640000[00009000] [ M] 85. c:\winnt\system32\wups.dll Microsoft Corporation Windows Update client proxy stub .orpc,.text,.data,.rsrc,.reloc, + 00000404(1028) RavStub.exe 00400000[00018000] [ M] 86. c:\program files\rising\rav\ravstub.exe Beijing Rising Technology Co., Ltd. Rising RavStub .text,.rdata,.data,.rsrc, 10000000[0001B000] [ M] 80. c:\program files\rising\rav\rscommx.dll rising RsCommX .text,.rdata,.data,.rsrc,.reloc, 23700000[0001A000] [ M] 79. c:\program files\rising\rav\rscommon.dll Beijing Rising Technology Co., Ltd. Rising Common Function Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, + 00000420(1056) svchost.exe + 000004d0(1232) RavTray.exe 00400000[000D7000] [AM] 51. c:\program files\rising\rav\ravtray.exe Rising RavNet Tray .text,.rdata,.data,.rsrc, 10000000[0003E000] [ M] 87. c:\program files\rising\rav\ravuilib.dll RavUILib DLL .text,.rdata,.data,.rsrc,.reloc, 780C0000[00061000] [ M] 75. c:\winnt\system32\msvcp60.dll Microsoft Corporation Microsoft (R) C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 00E30000[00021000] [ M] 88. c:\program files\rising\rav\ravtray936.dll Rising 瑞星杀毒软件网络版托盘程序 .text,.rdata,.data,.rsrc,.reloc, 00E60000[0001B000] [ M] 80. c:\program files\rising\rav\rscommx.dll rising RsCommX .text,.rdata,.data,.rsrc,.reloc, 01220000[0001D000] [ M] 89. c:\program files\rising\rav\bdengine.dll Beijing Rising Technology Co., Ltd. BDEngine Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 13100000[0002E000] [ M] 90. c:\program files\rising\rav\libload.dll Beijing Rising Technology Co., Ltd. LibLoad .text,.rdata,.data,.rsrc,.reloc, 01260000[00013000] [ M] 91. c:\program files\rising\rav\bdex.dll Beijing Rising Technology Co., Ltd. BDEngine 动态链接库 .text,.rdata,.data,.rsrc,.reloc, 01290000[00014000] [ M] 92. c:\program files\rising\rav\bdlib.dll Beijing Rising Technology Co., Ltd. BDLib .text,.rdata,.data,.rsrc,.reloc, 01590000[0001B000] [ M] 83. c:\program files\rising\antispyware\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, + 0000057c(1404) Explorer.EXE 23000000[00056000] [ M] 93. c:\winnt\apppatch\aclayers.dll Microsoft Corporation Windows 2000 Shim Accessory DLL .text,.data,.CRT,.rsrc,.reloc, 60280000[0002D000] [ M] 94. c:\winnt\system32\msimtf.dll Microsoft Corporation Active IMM Server DLL .text,.data,.rsrc,.reloc, 60000000[0004B000] [ M] 95. c:\winnt\system32\msctf.dll Microsoft Corporation MSUIM Server DLL .text,.data,.rsrc,.reloc, 10000000[00070000] [AM] 43. c:\winnt\system32\nvshell.dll NVIDIA Corporation NVIDIA Desktop Explorer, Version 61.72 .text,.rdata,.data,.idata,.shared,.rsrc,.reloc, 77520000[00008000] [ M] 62. c:\winnt\system32\wdmaud.drv Microsoft Corporation WDM Audio driver mapper .text,.data,.rsrc,.reloc, 773C0000[00008000] [ M] 63. c:\winnt\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, 75CE0000[00006000] [ M] 96. c:\winnt\system32\msadp32.acm Microsoft Corporation Microsoft ADPCM CODEC for MSACM .text,.rsrc,.reloc, 032F0000[00019000] [ M] 97. c:\program files\rising\rav\ravscrch.dll Beijing Rising Technology Co., Ltd. RavScrCh Module .text,.rdata,.data,.rsrc,.reloc, 035D0000[0002B000] [AM] 48. c:\program files\winrar\rarext.dll .text,.data,.tls,.idata,.edata,.rsrc,.reloc, 03A00000[0001B000] [AM] 45. c:\winnt\system32\ravext.dll Beijing Rising Technology Co., Ltd. Rising Shell Ext Module .text,.rdata,.data,.rsrc,.reloc, 23700000[0001A000] [ M] 79. c:\program files\rising\rav\rscommon.dll Beijing Rising Technology Co., Ltd. Rising Common Function Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 05060000[0001B000] [ M] 83. c:\program files\rising\antispyware\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, 03EA0000[00011000] [AM] 49. c:\winnt\system32\shlhook.dll Beijing Rising Technology Co., Ltd. shlhook Module .text,.rdata,.data,.rsrc,.reloc, 06C30000[00004000] [ M] 98. c:\winnt\system32\wuaucpl.cpl.mui Microsoft Corporation Automatic Updates Control Panel .rsrc,.reloc, 06C40000[00DA2000] [ M] 99. c:\winnt\system32\alsndmgr.cpl Realtek Semiconductor Corp. Realtek AC97 Audio Control Panel .text,.rdata,.data,.rsrc,.reloc, 07E00000[0001E000] [ M] 100. c:\winnt\system32\input.cpl Microsoft Corporation Text Input DLL .text,.data,.rsrc,.reloc, 07E30000[00005000] [ M] 101. c:\winnt\mui\fallback\0804\input.cpl.mui Microsoft Corporation Text Input DLL .rsrc,.reloc, 646D0000[0001B000] [ M] 102. c:\winnt\system32\powercfg.cpl Microsoft Corporation Power Management Configuration Control Panel Applet .text,.data,.rsrc,.reloc, 07E40000[00013000] [ M] 103. c:\winnt\system32\nvtuicpl.cpl NVIDIA Corporation NVIDIA nView Control Panel, Version 61.72 .text,.rdata,.data,.rsrc,.reloc, 07E70000[00023000] [ M] 104. c:\winnt\system32\nvwrszhc.dll NVIDIA Corporation NVIDIA nView Desktop and Window Manager .rsrc,.reloc, + 00000584(1412) RavTimer.exe 00400000[00021000] [AM] 50. c:\program files\rising\rav\ravtimer.exe Beijing Rising Technology Co., Ltd. RavTimer .text,.rdata,.data,.rsrc, 23700000[0001A000] [ M] 79. c:\program files\rising\rav\rscommon.dll Beijing Rising Technology Co., Ltd. Rising Common Function Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 10000000[0000E000] [ M] 77. c:\program files\rising\rav\rsappmgr.dll Beijing Rising Technology Co., Ltd. Rising Application Manager .text,.rdata,.data,.rsrc,.reloc, 089E0000[0002F000] [ M] 78. c:\program files\rising\rav\cfgdll.dll Beijing Rising Technology Co., Ltd. CfgDll .text,.rdata,.data,.rsrc,.reloc, 08F90000[0001B000] [ M] 80. c:\program files\rising\rav\rscommx.dll rising RsCommX .text,.rdata,.data,.rsrc,.reloc,
水木屋初生襁褓狮帖子:8 注册: 2007-07-16 来自:

水木屋初生襁褓狮帖子:8 注册: 2007-07-16 来自:	发表于： 2007-07-16 15:37 \| 只看楼主短消息资料字号：小中大 6楼 0EDA0000[0001B000] [ M] 83. c:\program files\rising\antispyware\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, + 00000588(1416) internat.exe 10000000[0001B000] [ M] 83. c:\program files\rising\antispyware\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, + 000007f0(2032) iexplore.exe 10000000[00017000] [AM] 34. c:\program files\flashget\jccatch.dll www.flashget.com Flashget CatchUrl Module .text,.rdata,.data,.rsrc,.reloc, 016B0000[00029000] [AM] 35. c:\program files\flashget\getflash.dll www.flashget.com Flashget GetFlash Module .text,.rdata,.data,.rsrc,.reloc, 017F0000[0001B000] [ M] 83. c:\program files\rising\antispyware\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, 02A80000[00019000] [ M] 97. c:\program files\rising\rav\ravscrch.dll Beijing Rising Technology Co., Ltd. RavScrCh Module .text,.rdata,.data,.rsrc,.reloc, 30000000[002EF000] [ M] 105. c:\winnt\system32\macromed\flash\flash9c.ocx Adobe Systems, Inc. Adobe Flash Player 9.0 r45 .text,.rdata,.data,.rsrc,.reloc, 77520000[00008000] [ M] 62. c:\winnt\system32\wdmaud.drv Microsoft Corporation WDM Audio driver mapper .text,.data,.rsrc,.reloc, 773C0000[00008000] [ M] 63. c:\winnt\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, 75CE0000[00006000] [ M] 96. c:\winnt\system32\msadp32.acm Microsoft Corporation Microsoft ADPCM CODEC for MSACM .text,.rsrc,.reloc, + 00000804(2052) runiep.exe 00400000[00012000] [AM] 53. c:\program files\rising\antispyware\runiep.exe Beijing Rising Technology Co., Ltd. Rising AntiSpyware Monitor .text,.rdata,.data,.rsrc, 00B30000[0001B000] [ M] 83. c:\program files\rising\antispyware\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, + 000008c0(2240) U82.exe 00400000[00044000] [ M] 106. d:\软件\u82.exe Ultrasurf UPX0,UPX1,.rsrc, 780C0000[00061000] [ M] 75. c:\winnt\system32\msvcp60.dll Microsoft Corporation Microsoft (R) C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 10000000[0001B000] [ M] 83. c:\program files\rising\antispyware\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, + 00000920(2336) conime.exe 10000000[0001B000] [ M] 83. c:\program files\rising\antispyware\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, + 000009f4(2548) Ras.exe 00400000[0013F000] [ M] 107. c:\program files\rising\antispyware\ras.exe Beijing Rising Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc, 780C0000[00061000] [ M] 75. c:\winnt\system32\msvcp60.dll Microsoft Corporation Microsoft (R) C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 10000000[000A3000] [ M] 108. c:\program files\rising\antispyware\rasgui.dll Beijing Rising Technology Co., Ltd. RasGUI .text,.rdata,.data,.rsrc,.reloc, 018A0000[0001B000] [ M] 83. c:\program files\rising\antispyware\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, 60280000[0002D000] [ M] 94. c:\winnt\system32\msimtf.dll Microsoft Corporation Active IMM Server DLL .text,.data,.rsrc,.reloc, 60000000[0004B000] [ M] 95. c:\winnt\system32\msctf.dll Microsoft Corporation MSUIM Server DLL .text,.data,.rsrc,.reloc, + 00000a48(2632) WINWORD.EXE 30000000[00836000] [ M] 109. c:\program files\microsoft office\office\winword.exe Microsoft Corporation Microsoft Word for Windows .text,.data,.tls,.CRT,.rsrc, 308C0000[0055C000] [ M] 110. c:\program files\microsoft office\office\mso9.dll Microsoft Corporation Microsoft Office 2000 component .text,.data,.rsrc,.reloc, 10000000[0002D000] [ M] 111. c:\program files\rising\rav\rsplugin.dll Beijing Rising Technology Co., Ltd. RsPlugIn Module .text,.rdata,.data,.rsrc,.reloc, 01610000[00024000] [ M] 112. c:\program files\common files\kingsoft\extract\pwoffice2.dll Kingsoft Co, Ltd. Powerword Grab Addin for Office .text,.rdata,.data,.rsrc,.reloc, 02140000[0001B000] [ M] 83. c:\program files\rising\antispyware\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, 65000000[00252000] [ M] 113. c:\program files\common files\microsoft shared\vba\vba6\vbe6.dll Microsoft Corporation Visual Basic Design Time Environment .text,.data,.rsrc,.reloc, 65300000[00027000] [ M] 114. c:\program files\common files\microsoft shared\vba\vba6\2052\vbe6intl.dll Microsoft Corporation Visual Basic Environment 的国际资源 .rdata,.rsrc,.reloc, 77520000[00008000] [ M] 62. c:\winnt\system32\wdmaud.drv Microsoft Corporation WDM Audio driver mapper .text,.data,.rsrc,.reloc, 66900000[0015B000] [ M] 115. c:\winnt\system32\spool\drivers\w32x86\3\cnmui4s.dll CANON INC. BJ Printer Driver Interface Driver .text,.data,.rsrc,.reloc, 66400000[00064000] [ M] 116. c:\winnt\system32\spool\drivers\w32x86\3\cnmdr4s.dll CANON INC. BJ Raster Printer Graphics Driver .text,.data,.rsrc,.reloc, 507C0000[00084000] [ M] 117. c:\program files\common files\microsoft shared\proof\mslid.dll Microsoft Corporation Microsoft Language Identification DLL .text,.data,.rsrc,.reloc, 06170000[000AB000] [ M] 118. c:\program files\common files\microsoft shared\proof\wdbrkchs.dll Microsoft Corporation Microsoft (R) Simplified Chinese Wordbreaker .text,.rdata,.data,.idata,.rsrc,.reloc, 3F000000[00015000] [ M] 119. c:\program files\common files\microsoft shared\proof\msspell3.dll Microsoft Corporation Microsoft Speller .text,.data,.rsrc,.reloc, 066E0000[00024000] [ M] 120. c:\program files\common files\microsoft shared\proof\2052\msgr2sc.dll Microsoft Corporation Microsoft (R) Simplified Chinese Grammar Checker .text,.rdata,.data,.rsrc,.reloc, 50880000[001D9000] [ M] 121. c:\program files\common files\microsoft shared\proof\2052\msgr2en.dll Microsoft Corporation Microsoft 语法检查动态链接库 .text,.rdata,.data,.rsrc,.reloc,
水木屋初生襁褓狮帖子:8 注册: 2007-07-16 来自:

Leoooo 大版主帖子:2163 注册: 2007-06-05 来自:	发表于： 2007-07-16 15:49 \| 短消息资料字号：小中大 7楼把c:\winnt\system32\updcrl.exe c:\winnt\system32\verisignpub1.crl打包上传给瑞星http://up.rising.com.cn/webmail/uploadnew.htm
Leoooo 大版主帖子:2163 注册: 2007-06-05 来自:

水木屋初生襁褓狮帖子:8 注册: 2007-07-16 来自:	发表于： 2007-07-17 09:05 \| 只看楼主短消息资料字号：小中大 8楼已经把两个文件上传给瑞星了，但回复不是病毒！想发送病毒样本提示又不可复制。怎么办呀？有高人能告诉我怎么杀掉此毒吗？
水木屋初生襁褓狮帖子:8 注册: 2007-07-16 来自:

panxiaoting 锋芒艾服狮帖子:1397 注册: 2007-06-01 来自:	发表于： 2007-07-17 09:39 \| 短消息资料字号：小中大 9楼你中的是“木马代理”去看看我签名处的帮助主题吧！希望有点帮助。^_^
panxiaoting 锋芒艾服狮帖子:1397 注册: 2007-06-01 来自:

水木屋初生襁褓狮帖子:8 注册: 2007-07-16 来自:	发表于： 2007-07-17 10:58 \| 只看楼主短消息资料字号：小中大 10楼楼上，我怎么打不开呀再顶顶，期待出现高人！
水木屋初生襁褓狮帖子:8 注册: 2007-07-16 来自:

<<上一主题|下一主题>>

12

1 / 2 页

跳转页

页面顶部

Powered by Discuz!NT