cmd进程病毒 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛 cmd进程病毒

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

2 / 3 页

跳转页

[求助] cmd进程病毒

1234567i 初生襁褓狮帖子:26 注册: 2005-06-20 来自:	发表于： 2008-09-02 22:08 \| 只看楼主短消息资料字号：小中大 11楼回复：cmd进程病毒继续
1234567i 初生襁褓狮帖子:26 注册: 2005-06-20 来自:

1234567i 初生襁褓狮帖子:26 注册: 2005-06-20 来自:	发表于： 2008-09-02 22:09 \| 只看楼主短消息资料字号：小中大 12楼回复：cmd进程病毒 ================================== 正在运行的进程 [PID: 536 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 596 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [PID: 624 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll] [Cognizance Corporation, 2.5.0.077] [C:\WINDOWS\system32\MSVCR70.dll] [Microsoft Corporation, 7.00.9955.0] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\bin\ItMsg.dll] [Cognizance Corporation, 1.21.0.410] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\TrayIcon.dll] [Cognizance Corporation, 2.5.0.285] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\bin\brand.dll] [ASUSTeK Computer Inc., 1.01.0.014] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\bin\CHS\brand.dll] [ASUSTeK Computer Inc., 1.01.0.008] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\bin\CHS\ItMsg.dll] [Cognizance Corporation, 1.21.0.413] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsChnl.dll] [Cognizance Corporation, 1.27.0.160] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItDAC.dll] [Cognizance Corporation, 1.00.317] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItReports.DLL] [Cognizance Corporation, 1.5.0.046] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\BioAuth.dll] [Cognizance Corporation, 2.5.0.306] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\bin\CHS\BioAuth.dll] [Cognizance Corporation, 2.5.0.301] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASBioAT.dll] [Cognizance Corporation, 2.5.0.083] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItVCClient.dll] [Cognizance Corporation, 2.1.0.182] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AuthWiz.dll] [Cognizance Corporation, 2.5.0.558] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\bin\CHS\AuthWiz.dll] [Cognizance Corporation, 2.5.0.538] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [PID: 668 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\AppPatch\AcAdProc.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [PID: 680 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\bin\ASWLNPkg.dll] [Cognizance Corporation, 2.5.0.077] [C:\WINDOWS\system32\MSVCR70.dll] [Microsoft Corporation, 7.00.9955.0] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\bin\ItMsg.dll] [Cognizance Corporation, 1.21.0.410] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [PID: 852 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [c:\program files\asus security center\asus security protect manager\bin\aswlnpkg.dll] [Cognizance Corporation, 2.5.0.077] [C:\WINDOWS\system32\MSVCR70.dll] [Microsoft Corporation, 7.00.9955.0] [c:\program files\asus security center\asus security protect manager\bin\ItMsg.dll] [Cognizance Corporation, 1.21.0.410] [c:\program files\asus security center\asus security protect manager\bin\aschnl.dll] [Cognizance Corporation, 1.27.0.160] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\BioAuthSrv.dll] [Cognizance Corporation, 2.1.0.083] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItDAC.dll] [Cognizance Corporation, 1.00.317] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItReports.DLL] [Cognizance Corporation, 1.5.0.046] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItVCServer.dll] [Cognizance Corporation, 1.00.132] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItVCard.dll] [Cognizance Corporation, 1.01.173] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\bin\CHS\ItMsg.dll] [Cognizance Corporation, 1.21.0.413] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\bin\brand.dll] [ASUSTeK Computer Inc., 1.01.0.014] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\bin\CHS\brand.dll] [ASUSTeK Computer Inc., 1.01.0.008] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItAuth.dll] [Cognizance Corporation, 1.01.227] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AuthWiz.dll] [Cognizance Corporation, 2.5.0.558] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\bin\CHS\AuthWiz.dll] [Cognizance Corporation, 2.5.0.538] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\NetAdmin.dll] [Cognizance Corporation, 1.5.0.178] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\bin\CHS\NetAdmin.dll] [Cognizance Corporation, 1.5.0.177] [PID: 876 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [PID: 936 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [PID: 1028 / SYSTEM][C:\Program Files\Rising\Rav\CCenter.exe] [Beijing Rising Information Technology Co., Ltd., 20.0.0.33] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [PID: 1068 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [PID: 1152 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [PID: 1284 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)] [PID: 1336 / SYSTEM][C:\Program Files\Rising\Rfw\rfwsrv.exe] [Beijing Rising Information Technology Co., Ltd., 7.0.0.76] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Rising\Rfw\ProcCom.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\Program Files\Rising\Rfw\RsCommX2.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\Program Files\Rising\Rfw\RSAPPMGR.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.1] [C:\Program Files\Rising\Rfw\CfgDll.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.19] [C:\Program Files\Rising\Rfw\RfwRule.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.17] [C:\Program Files\Rising\Rfw\rfwlog.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.16] [C:\Program Files\Rising\Rfw\Rfwdrv.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.48] [C:\Program Files\Rising\Rfw\ijt_ctrl.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.0] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\Program Files\Rising\Rfw\unvdet.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.8] [C:\Program Files\Rising\Rfw\mPorts.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.6] [PID: 1468 / SYSTEM][C:\Program Files\Rising\Rfw\rfwProxy.exe] [Beijing Rising Information Technology Co., Ltd., 7.0.0.37] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Rising\Rfw\ProcCom.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\Program Files\Rising\Rfw\RsCommX2.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\Program Files\Rising\Rfw\RfwRule.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.17] [C:\Program Files\Rising\Rfw\urlrule.dll] [Beijing Rising Information Technology Co., Ltd., 1.0.0.15] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\Program Files\Rising\Rfw\MonMid.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.6] [PID: 1700 / SYSTEM][C:\Program Files\Rising\Rfw\rfwstub.exe] [Beijing Rising Information Technology Co., Ltd., 7.0.0.12] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Rising\Rfw\RSCOMMON.DLL] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [PID: 264 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2] [C:\WINDOWS\system32\tbtmon.dll] [TOSHIBA CORPORATION., 5, 0, 1208, 0] [C:\WINDOWS\system32\TosBtHcrpAPI.dll] [TOSHIBA CORPORATION., 5, 0, 1201, 0] [C:\WINDOWS\system32\TosBtAPI.dll] [TOSHIBA CORPORATION., 5.00.7615.0] [C:\WINDOWS\system32\TosBdAPI.dll] [TOSHIBA CORPORATION., 4, 1, 1612, 0]
1234567i 初生襁褓狮帖子:26 注册: 2005-06-20 来自:

rainyblue 强壮不惑狮帖子:1251 注册: 2008-07-05 来自:Grand line	发表于： 2008-09-02 22:09 \| 短消息资料字号：小中大 13楼回复：cmd进程病毒麻烦日志以附件形式上传……
rainyblue 强壮不惑狮帖子:1251 注册: 2008-07-05 来自:Grand line

1234567i 初生襁褓狮帖子:26 注册: 2005-06-20 来自:	发表于： 2008-09-02 22:09 \| 只看楼主短消息资料字号：小中大 14楼回复：cmd进程病毒 [C:\WINDOWS\system32\tbtmon98Language.dll] [TOSHIBA CORPORATION., 5, 0, 1204, 0] [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2] [PID: 1020 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\SFSShell.dll] [Cognizance Corporation, 1.22.0.239] [C:\WINDOWS\system32\MSVCR70.dll] [Microsoft Corporation, 7.00.9955.0] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItMsg.dll] [Cognizance Corporation, 1.21.0.410] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\bin\CHS\SFSShell.dll] [Cognizance Corporation, 1.22.0.240] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 8.1.0.0] [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS] [Adobe Systems, Inc., 8.0.0.0] [C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)] [C:\WINDOWS\system32\nvcpl.dll] [NVIDIA Corporation, 6.14.11.5680] [C:\WINDOWS\system32\NVRSZHC.DLL] [NVIDIA Corporation, 6.14.11.5680] [C:\WINDOWS\system32\nvapi.dll] [NVIDIA Corporation, 6.14.11.5680] [C:\WINDOWS\system32\nvshell.dll] [, ] [C:\WINDOWS\system32\APSHook.dll] [Cognizance Corporation, 2.0.0.015] [C:\WINDOWS\system32\WPDShServiceObj.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)] [C:\WINDOWS\system32\PortableDeviceTypes.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)] [C:\WINDOWS\system32\PortableDeviceApi.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 2, 0, 1005] [C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.18] [D:\Program Files\网络\迅雷5\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.5.29] [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 8.0.0.2006102200] [D:\Program Files\网络\迅雷5\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 96] [D:\Program Files\网络\迅雷5\Components\ResWorker\DsBho_00.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 20] [D:\Program Files\网络\迅雷5\Components\ResWorker\DataProcessor_00.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 16] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll] [Bioscrypt Inc., 2.1.078] [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510] [C:\Program Files\WinRAR\rarext.dll] [N/A, ] [D:\Program Files\编程\ultraedit\ue32ctmn.dll] [, 1, 0, 0, 2] [C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17] [C:\Program Files\Common Files\Adobe\Shell\PSICON.DLL] [Adobe Systems, Incorporated, 7.0] [C:\WINDOWS\system32\dfshim.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\WINDOWS\system32\mscoree.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Shfusion.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Fusion.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\culture.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\zh-CHS\ShFusRes.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\PROGRA~1\MICROS~3\Wcesview.dll] [Microsoft Corporation, 4.5.5096.0] [C:\PROGRA~1\MICROS~3\pegconv.dll] [Microsoft Corporation, 4.5.5096.0] [C:\WINDOWS\system32\CEUTIL.dll] [Microsoft Corporation, 4.5.5096.0] [C:\WINDOWS\system32\RAPI.dll] [Microsoft Corporation, 4.5.5096.0] [C:\WINDOWS\system32\wpdshext.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)] [C:\WINDOWS\system32\Audiodev.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)] [C:\WINDOWS\system32\LinkDropHandler.dll] [Altova GmbH, 1, 0, 0, 7] [C:\WINDOWS\system32\StkCWIA.dll] [Syntek America Inc., 1.0.0.2] [PID: 1108 / Administrator][C:\Program Files\Rising\Rfw\RfwMain.exe] [Beijing Rising Information Technology Co., Ltd., 7.0.1.70] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Rising\Rfw\RsGuiLib.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90] [C:\Program Files\Rising\Rfw\ProcCom.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\Program Files\Rising\Rfw\RsCommX2.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\Program Files\Rising\Rfw\RSAPPMGR.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.1] [C:\Program Files\Rising\Rfw\CfgDll.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.19] [C:\Program Files\Rising\Rfw\RSCOMMON.DLL] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17] [C:\Program Files\Rising\Rfw\RfwCtrl.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\Program Files\Rising\Rfw\RsXML.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2] [C:\Program Files\Rising\Rfw\PngDll.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\Program Files\Rising\Rfw\RfwRule.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.17] [PID: 1304 / SYSTEM][C:\WINDOWS\system32\inetsrv\inetinfo.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [PID: 1748 / SYSTEM][C:\PROGRA~1\MICROS~2\MSSQL\binn\sqlservr.exe] [Microsoft Corporation, 2000.080.2273.00 Hotfix 2259] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\PROGRA~1\MICROS~2\MSSQL\binn\opends60.dll] [Microsoft Corporation, 2000.080.2039.00] [C:\PROGRA~1\MICROS~2\MSSQL\binn\sqlsort.dll] [Microsoft Corporation, 2000.080.2273.00 Hotfix 2259] [C:\PROGRA~1\MICROS~2\MSSQL\binn\ums.dll] [Microsoft Corporation, 2000.080.2273.00 Hotfix 2259] [C:\PROGRA~1\MICROS~2\MSSQL\binn\Resources\2052\sqlevn70.RLL] [Microsoft Corporation, 2000.080.2273.00 Hotfix 2259] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\Program Files\Microsoft SQL Server\MSSQL\binn\SSNETLIB.dll] [Microsoft Corporation, 2000.080.2039.00] [C:\PROGRA~1\MICROS~2\MSSQL\binn\SSmsLPCn.dll] [Microsoft Corporation, 2000.080.2039.00] [C:\PROGRA~1\MICROS~2\MSSQL\binn\SSnmPN70.dll] [Microsoft Corporation, 2000.080.2039.00] [C:\Program Files\Common Files\System\Ole DB\sqloledb.dll] [Microsoft Corporation, 2000.085.1132.00 (xpsp.080413-0852)] [C:\PROGRA~1\MICROS~2\MSSQL\binn\xpsqlbot.dll] [Microsoft Corporation, 2000.080.2039.00] [C:\Program Files\Microsoft SQL Server\MSSQL\binn\odsole70.dll] [Microsoft Corporation, 2000.080.2273.00 Hotfix 2259] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)] [PID: 196 / Administrator][C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe] [Cognizance Corporation, 2.5.0.057] [C:\WINDOWS\system32\MSVCR70.dll] [Microsoft Corporation, 7.00.9955.0] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItMsg.dll] [Cognizance Corporation, 1.21.0.410] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWallet.dll] [Bioscrypt Inc., 2.0.0.110] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\bin\CHS\ASWallet.dll] [Bioscrypt Inc., 2.0.0.110] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItSSO.dll] [Cognizance Corporation, 2.5.0.410] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\RasAdmin.dll] [Cognizance Corporation, 1.5.0.028] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItReports.DLL] [Cognizance Corporation, 1.5.0.046] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\bin\CHS\RasAdmin.dll] [Cognizance Corporation, 1.5.0.028] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\SFSShell.dll] [Cognizance Corporation, 1.22.0.239] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\bin\CHS\SFSShell.dll] [Cognizance Corporation, 1.22.0.240] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\PkiAdmin.dll] [Cognizance Corporation, 1.5.0.025] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\bin\brand.dll] [ASUSTeK Computer Inc., 1.01.0.014] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\bin\CHS\brand.dll] [ASUSTeK Computer Inc., 1.01.0.008] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\bin\CHS\ItMsg.dll] [Cognizance Corporation, 1.21.0.413] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\bin\CHS\PkiAdmin.dll] [Cognizance Corporation, 1.5.0.025] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItVCClient.dll] [Cognizance Corporation, 2.1.0.182] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItVCard.dll] [Cognizance Corporation, 1.01.173] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItAPS.dll] [Cognizance Corporation, 2.5.0.064] [C:\WINDOWS\system32\APSHook.dll] [Cognizance Corporation, 2.0.0.015] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\bin\CHS\ItAPS.dll] [Cognizance Corporation, 2.5.0.063] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\TrayIcon.dll] [Cognizance Corporation, 2.5.0.285] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\BioAuth.dll] [Cognizance Corporation, 2.5.0.306] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\bin\CHS\BioAuth.dll] [Cognizance Corporation, 2.5.0.301] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsChnl.dll] [Cognizance Corporation, 1.27.0.160] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\NetAdmin.dll] [Cognizance Corporation, 1.5.0.178] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\bin\CHS\NetAdmin.dll] [Cognizance Corporation, 1.5.0.177] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\SSOMngr.dll] [Cognizance Corporation, 2.25.0.293] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\bin\CHS\SSOMngr.dll] [Cognizance Corporation, 2.25.0.296] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASBioAT.dll] [Cognizance Corporation, 2.5.0.083] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItEncryptedDisk.dll] [Cognizance Corporation, 1.5.0.054] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItEncrypt.dll] [Cognizance Corporation, 1.01.037] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ittal.dll] [Cognizance Corporation, 2.5.0.208] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AuthWiz.dll] [Cognizance Corporation, 2.5.0.558] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\bin\CHS\AuthWiz.dll] [Cognizance Corporation, 2.5.0.538] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItDAC.dll] [Cognizance Corporation, 1.00.317] [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 2, 0, 1005] [C:\WINDOWS\system32\ATSC70.dll] [AuthenTec, Inc., 7, 8, 1, 14] [PID: 584 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe] [NVIDIA Corporation, 6.14.11.5680] [C:\WINDOWS\system32\nvapi.dll] [NVIDIA Corporation, 6.14.11.5680] [PID: 1684 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 2148 / SYSTEM][C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe] [TOSHIBA CORPORATION, 1, 0, 1402, 0] [PID: 2448 / SYSTEM][C:\Program Files\Microsoft SQL Server\MSSQL\binn\sqlagent.exe] [Microsoft Corporation, 2000.080.2273.00 Hotfix 2259] [C:\Program Files\Microsoft SQL Server\MSSQL\binn\SQLRESLD.dll] [Microsoft Corporation, 2000.080.2039.00] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Microsoft SQL Server\MSSQL\binn\SQLSVC.dll] [Microsoft Corporation, 2000.080.2039.00] [C:\WINDOWS\system32\odbcbcp.dll] [Microsoft Corporation, 2000.085.1132.00 (xpsp.080413-0852)] [C:\Program Files\Microsoft SQL Server\MSSQL\binn\W95SCM.dll] [Microsoft Corporation, 2000.080.2039.00] [C:\Program Files\Microsoft SQL Server\MSSQL\binn\SEMMAP.dll] [Microsoft Corporation, 2000.080.2273.00 Hotfix 2259] [C:\Program Files\Microsoft SQL Server\MSSQL\binn\Resources\2052\SQLSVC.RLL] [Microsoft Corporation, 2000.080.0194.00] [C:\Program Files\Microsoft SQL Server\MSSQL\binn\Resources\2052\SEMMAP.RLL] [Microsoft Corporation, 2000.080.0194.00] [C:\Program Files\Microsoft SQL Server\MSSQL\binn\Resources\2052\sqlagent.RLL] [Microsoft Corporation, 2000.080.2039.00] [C:\Program Files\Microsoft SQL Server\MSSQL\binn\SQLAGENT.DLL] [Microsoft Corporation, 2000.080.2039.00] [C:\Program Files\Microsoft SQL Server\MSSQL\BINN\SQLCMDSS.DLL] [Microsoft Corporation, 2000.080.2039.00] [C:\Program Files\Microsoft SQL Server\MSSQL\BINN\Resources\2052\SQLCMDSS.RLL] [Microsoft Corporation, 2000.080.2039.00] [C:\Program Files\Microsoft SQL Server\MSSQL\BINN\SQLREPSS.DLL] [Microsoft Corporation, 2000.080.2039.00] [C:\Program Files\Microsoft SQL Server\MSSQL\BINN\Resources\2052\SQLREPSS.RLL] [Microsoft Corporation, 2000.080.2039.00] [C:\Program Files\Microsoft SQL Server\MSSQL\BINN\SQLATXSS.DLL] [Microsoft Corporation, 2000.080.2039.00] [C:\Program Files\Microsoft SQL Server\MSSQL\binn\ATXCORE.dll] [Microsoft Corporation, 2000.080.2039.00] [C:\Program Files\Microsoft SQL Server\MSSQL\binn\Resources\2052\ATXCORE.RLL] [Microsoft Corporation, 2000.080.2039.00] [C:\Program Files\Microsoft SQL Server\MSSQL\BINN\Resources\2052\SQLATXSS.RLL] [Microsoft Corporation, 2000.080.0194.00] [C:\Program Files\Microsoft SQL Server\80\Tools\BINN\AXSCPHST.DLL] [Microsoft Corporation, 2000.080.2039.00] [C:\Program Files\Microsoft SQL Server\80\Tools\BINN\Resources\2052\AXSCPHST.RLL] [Microsoft Corporation, 2000.080.0194.00] [C:\WINDOWS\system32\SQLSRV32.dll] [Microsoft Corporation, 2000.085.1132.00 (xpsp.080413-0852)] [C:\WINDOWS\system32\sqlsrv32.rll] [Microsoft Corporation, 2000.085.1117.00 built by: (_sqlbld)] [C:\WINDOWS\system32\DBmsLPCn.dll] [Microsoft Corporation, 2000.080.2039.00]
1234567i 初生襁褓狮帖子:26 注册: 2005-06-20 来自:

1234567i 初生襁褓狮帖子:26 注册: 2005-06-20 来自:	发表于： 2008-09-02 22:09 \| 只看楼主短消息资料字号：小中大 15楼回复：cmd进程病毒 [PID: 2852 / LOCAL SERVICE][C:\WINDOWS\System32\SCardSvr.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [PID: 2936 / Administrator][C:\WINDOWS\ATK0100\HControl.exe] [, 1043, 2, 15, 65] [C:\WINDOWS\ATK0100\CMSSC.dll] [N/A, ] [C:\WINDOWS\ATK0100\inter_f2.dll] [ATK, 1043, 2, 15, 52] [C:\WINDOWS\ATK0100\ATKWLIOC.DLL] [ACTIONTEC Electronics,Inc, 2.01.02] [C:\WINDOWS\ATK0100\SiSPkt.dll] [Silicon Integrated Systems Corp., 1, 0, 0, 45] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\WINDOWS\system32\APSHook.dll] [Cognizance Corporation, 2.0.0.015] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\SynCOM.dll] [Synaptics, Inc., 8.3.5 25May06] [PID: 3060 / Administrator][C:\Program Files\Rising\Rav\RavTask.exe] [Beijing Rising Information Technology Co., Ltd., 20.0.0.24] [C:\Program Files\Rising\Rav\ProcCom.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\Program Files\Rising\Rav\RsCommX2.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17] [C:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Information Technology Co., Ltd., 20.0.0.1] [C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.19] [PID: 3352 / Administrator][C:\Program Files\Synaptics\SynTP\SynTPEnh.exe] [Synaptics, Inc., 8.3.5 25May06] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\WINDOWS\system32\APSHook.dll] [Cognizance Corporation, 2.0.0.015] [C:\WINDOWS\system32\SynCOM.dll] [Synaptics, Inc., 8.3.5 25May06] [C:\WINDOWS\system32\SynTPAPI.dll] [Synaptics, Inc., 8.3.5 25May06] [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 2, 0, 1005] [PID: 3616 / Administrator][C:\WINDOWS\ATK0100\ATKOSD.exe] [, 1043, 2, 15, 63] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\WINDOWS\system32\APSHook.dll] [Cognizance Corporation, 2.0.0.015] [PID: 3636 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 3840 / Administrator][C:\Program Files\Wireless Console 2\wcourier.exe] [, 2, 0, 10, 0] [C:\Program Files\Wireless Console 2\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\WINDOWS\system32\APSHook.dll] [Cognizance Corporation, 2.0.0.015] [PID: 3984 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\WINDOWS\system32\APSHook.dll] [Cognizance Corporation, 2.0.0.015] [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 2, 0, 1005] [PID: 4000 / Administrator][C:\Program Files\DAEMON Tools Lite\daemon.exe] [DT Soft Ltd, 4.12.2.0] [C:\WINDOWS\system32\APSHook.dll] [Cognizance Corporation, 2.0.0.015] [C:\Program Files\DAEMON Tools Lite\DaemonPlugin.dll] [DT Soft Ltd, 4.12.0.0] [C:\Program Files\DAEMON Tools Lite\daemon.dll] [DT Soft Ltd., 4.12.0.0] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\SFSShell.dll] [Cognizance Corporation, 1.22.0.239] [C:\WINDOWS\system32\MSVCR70.dll] [Microsoft Corporation, 7.00.9955.0] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItMsg.dll] [Cognizance Corporation, 1.21.0.410] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\bin\CHS\SFSShell.dll] [Cognizance Corporation, 1.22.0.240] [C:\Program Files\DAEMON Tools Lite\Lang\CHS.dll] [N/A, ] [C:\Program Files\DAEMON Tools Lite\Lang\ENU.dll] [N/A, ] [C:\Program Files\DAEMON Tools Lite\Plugins\Images\bw5mount.dll] [, 1.1.3.0] [C:\Program Files\DAEMON Tools Lite\Plugins\Images\bwtmount.dll] [DT Soft Ltd., 1.01.0.0] [C:\Program Files\DAEMON Tools Lite\Plugins\Images\ccdmount.dll] [DT Soft Ltd., 1.10.0.0] [C:\Program Files\DAEMON Tools Lite\Plugins\Images\cuemount.dll] [DT Soft Ltd., 1.02.0.0] [C:\Program Files\DAEMON Tools Lite\Plugins\Images\iszmount.dll] [DT Soft Ltd., 1.03.0.0] [C:\Program Files\DAEMON Tools Lite\Plugins\Images\nrgmount.dll] [DT Soft Ltd., 1.12.0.0] [C:\Program Files\DAEMON Tools Lite\Plugins\Images\pdimount.dll] [DT Soft Ltd., 1.01.0.0] [C:\Program Files\DAEMON Tools Lite\Plugins\Images\pfcmount.dll] [DT Soft Ltd., 1.00.0.0] [C:\Program Files\DAEMON Tools Lite\pfctoc.dll] [Padus(R), Inc., 1, 0, 0, 12] [PID: 4020 / Administrator][C:\Program Files\Microsoft ActiveSync\wcescomm.exe] [Microsoft Corporation, 4.5.5096.0] [C:\WINDOWS\system32\CEUTIL.dll] [Microsoft Corporation, 4.5.5096.0] [C:\WINDOWS\system32\RAPI.dll] [Microsoft Corporation, 4.5.5096.0] [C:\Program Files\Microsoft ActiveSync\TCP2UDP.dll] [Microsoft Corporation, 4.5.5096.0] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\Program Files\Microsoft ActiveSync\rapiproxystub.dll] [Microsoft Corporation, 4.5.5096.0] [C:\WINDOWS\system32\APSHook.dll] [Cognizance Corporation, 2.0.0.015] [C:\Program Files\Microsoft ActiveSync\dtptdns.dll] [Microsoft Corporation, 4.5.5096.0] [PID: 828 / Administrator][C:\PROGRA~1\MICROS~3\rapimgr.exe] [Microsoft Corporation, 4.5.5096.0] [C:\WINDOWS\system32\CEUTIL.dll] [Microsoft Corporation, 4.5.5096.0] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\WINDOWS\system32\APSHook.dll] [Cognizance Corporation, 2.0.0.015] [C:\Program Files\Microsoft ActiveSync\rapiproxystub.dll] [Microsoft Corporation, 4.5.5096.0] [PID: 164 / Administrator][C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe] [TOSHIBA CORPORATION., 5.00.7802.ALL] [C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosCpsAPI.dll] [TOSHIBA CORPORATION., 3.01.5520.0] [C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMngHelp.dll] [TOSHIBA CORPORATION., 5.00.6z01.ALL] [C:\WINDOWS\system32\TosAvAPI.dll] [TOSHIBA CORPORATION., 5.00.6804.0] [C:\WINDOWS\system32\TosBtSDDB.dll] [TOSHIBA CORPORATION., 5.00.7515.0] [C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMngLang.dll] [TOSHIBA CORPORATION., 5.00.6920.0] [C:\WINDOWS\system32\TosBdAPI.dll] [TOSHIBA CORPORATION., 4, 1, 1612, 0] [C:\WINDOWS\system32\TosCommAPI.dll] [N/A, ] [C:\WINDOWS\system32\TosLaneAPI.dll] [TOSHIBA CORPORATION., 1, 0, 3, 0] [C:\WINDOWS\system32\TosBtAPI.dll] [TOSHIBA CORPORATION., 5.00.7615.0] [C:\WINDOWS\system32\LCWizard.dll] [TOSHIBA CORPORATION, 5.0.0.ALL] [C:\Program Files\Toshiba\Bluetooth Toshiba Stack\BtUsrMod.dll] [TOSHIBA CORPORATION, 1, 01, 11, US] [C:\WINDOWS\system32\TosHidAPI.dll] [TOSHIBA CORPORATION., 4, 0, 1108, 0] [C:\WINDOWS\system32\TosGnsAPI.dll] [TOSHIBA CORPORATION., 5, 0, 0, 0] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\WINDOWS\system32\TosAcpiAPI.dll] [TOSHIBA CORPORATION., 1, 0, 3, 0] [C:\WINDOWS\system32\APSHook.dll] [Cognizance Corporation, 2.0.0.015] [C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtLoad.dll] [TOSHIBA CORPORATION, 5, 10, 0, 0] [PID: 2884 / Administrator][C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe] [TOSHIBA CORPORATION., 5.00.7227.ALL] [C:\WINDOWS\system32\TosBtECCAPI.dll] [TOSHIBA CORPORATION., 3.00.6510.0] [C:\WINDOWS\system32\TosBtAPI.dll] [TOSHIBA CORPORATION., 5.00.7615.0] [C:\WINDOWS\system32\TosBdAPI.dll] [TOSHIBA CORPORATION., 4, 1, 1612, 0] [C:\WINDOWS\system32\TosAvdtAPI.dll] [TOSHIBA CORPORATION., 5.00.7410.0] [C:\WINDOWS\system32\TosSndAPI.dll] [TOSHIBA CORPORATION., 5.00.7117.0] [C:\WINDOWS\system32\TosSndPlug.dll] [TOSHIBA CORPORATION., 5.00.7529.ALL]
1234567i 初生襁褓狮帖子:26 注册: 2005-06-20 来自:

1234567i 初生襁褓狮帖子:26 注册: 2005-06-20 来自:	发表于： 2008-09-02 22:10 \| 只看楼主短消息资料字号：小中大 16楼回复：cmd进程病毒 [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\WINDOWS\system32\APSHook.dll] [Cognizance Corporation, 2.0.0.015] [PID: 2916 / Administrator][C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe] [TOSHIBA CORPORATION., 4, 1, 1323, 0] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\WINDOWS\system32\APSHook.dll] [Cognizance Corporation, 2.0.0.015] [PID: 3160 / Administrator][C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe] [TOSHIBA CORPORATION., 5.10.05.70426] [C:\WINDOWS\system32\TosBtECCAPI.dll] [TOSHIBA CORPORATION., 3.00.6510.0] [C:\WINDOWS\system32\TosBtAPI.dll] [TOSHIBA CORPORATION., 5.00.7615.0] [C:\WINDOWS\system32\TosBdAPI.dll] [TOSHIBA CORPORATION., 4, 1, 1612, 0] [C:\WINDOWS\system32\LCWizard.dll] [TOSHIBA CORPORATION, 5.0.0.ALL] [C:\WINDOWS\system32\TosSndAPI.dll] [TOSHIBA CORPORATION., 5.00.7117.0] [C:\WINDOWS\system32\TosSndPlug.dll] [TOSHIBA CORPORATION., 5.00.7529.ALL] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\WINDOWS\system32\APSHook.dll] [Cognizance Corporation, 2.0.0.015] [PID: 816 / SYSTEM][C:\PROGRAM FILES\RISING\RAV\ravmond.exe] [Beijing Rising Information Technology Co., Ltd., 20.0.0.80] [C:\PROGRAM FILES\RISING\RAV\BWList.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.5] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.1] [C:\PROGRAM FILES\RISING\RAV\CfgDll.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.19] [C:\PROGRAM FILES\RISING\RAV\RsLog.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.36] [C:\PROGRAM FILES\RISING\RAV\ProcCom.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\PROGRAM FILES\RISING\RAV\RsCommX2.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\PROGRAM FILES\RISING\RAV\MonRule.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.29] [C:\PROGRAM FILES\RISING\RAV\Hooksys.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 12] [C:\PROGRAM FILES\RISING\RAV\HookReg.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] [C:\PROGRAM FILES\RISING\RAV\HookNtos.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] [C:\PROGRAM FILES\RISING\RAV\rswalmon.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 24] [C:\PROGRAM FILES\RISING\RAV\recomp.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 41] [C:\PROGRAM FILES\RISING\RAV\refs.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18] [C:\PROGRAM FILES\RISING\RAV\ffr.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 16] [C:\Program Files\Rising\Rav\RsStore.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.9] [C:\PROGRAM FILES\RISING\RAV\HookCont.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] [C:\Program Files\Rising\Rav\fakescan.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.14] [C:\Program Files\Rising\Rav\Scanner.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.39] [C:\PROGRAM FILES\RISING\RAV\viruslib.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27] [C:\PROGRAM FILES\RISING\RAV\relibldr.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17] [C:\PROGRAM FILES\RISING\RAV\HookWeb.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.3] [C:\PROGRAM FILES\RISING\RAV\nvfile.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7] [C:\PROGRAM FILES\RISING\RAV\scanexec.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 22] [C:\PROGRAM FILES\RISING\RAV\unexe.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 6] [C:\PROGRAM FILES\RISING\RAV\scanex.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90] [C:\PROGRAM FILES\RISING\RAV\pearc.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 8] [C:\PROGRAM FILES\RISING\RAV\scanpack.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10] [C:\PROGRAM FILES\RISING\RAV\revm.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11] [C:\PROGRAM FILES\RISING\RAV\urutils.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7] [C:\PROGRAM FILES\RISING\RAV\ur000.dat] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\PROGRAM FILES\RISING\RAV\extfile.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 32] [C:\PROGRAM FILES\RISING\RAV\scansct.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11] [C:\PROGRAM FILES\RISING\RAV\extole.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 13] [C:\PROGRAM FILES\RISING\RAV\posttrt.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 24] [C:\PROGRAM FILES\RISING\RAV\scriptci.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 4] [C:\PROGRAM FILES\RISING\RAV\ur001.dat] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 4] [C:\PROGRAM FILES\RISING\RAV\ur023.dat] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 3] [C:\PROGRAM FILES\RISING\RAV\uroutine.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27] [C:\PROGRAM FILES\RISING\RAV\extmail.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10] [PID: 3624 / SYSTEM][C:\PROGRAM FILES\RISING\RAV\RavStub.exe] [Beijing Rising Information Technology Co., Ltd., 20.0.0.10] [C:\PROGRAM FILES\RISING\RAV\ProcCom.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\PROGRAM FILES\RISING\RAV\RsCommX2.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17] [PID: 496 / Administrator][C:\Program Files\Rising\Rav\RAVMON.EXE] [Beijing Rising Information Technology Co., Ltd., 20.0.01.27] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Rising\Rav\ProcCom.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\Program Files\Rising\Rav\RsCommX2.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17] [C:\Program Files\Rising\Rav\recomp.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 41] [C:\Program Files\Rising\Rav\refs.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18] [C:\Program Files\Rising\Rav\viruslib.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27] [C:\Program Files\Rising\Rav\relibldr.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17] [C:\Program Files\Rising\Rav\RSAPPMGR.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.1] [C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.19] [C:\Program Files\Rising\Rav\MonRule.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.29] [C:\Program Files\Rising\Rav\PngDll.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5] [C:\Program Files\Rising\Rav\Rsguilib.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90] [C:\Program Files\Rising\Rav\RsXML.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2] [PID: 2268 / Administrator][C:\Documents and Settings\Administrator\桌面\Procexp.exe] [Sysinternals, 10.20] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 2, 0, 1005] [C:\WINDOWS\system32\APSHook.dll] [Cognizance Corporation, 2.0.0.015] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\SFSShell.dll] [Cognizance Corporation, 1.22.0.239] [C:\WINDOWS\system32\MSVCR70.dll] [Microsoft Corporation, 7.00.9955.0] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItMsg.dll] [Cognizance Corporation, 1.21.0.410] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\bin\CHS\SFSShell.dll] [Cognizance Corporation, 1.22.0.240] [PID: 2504 / Administrator][C:\WINDOWS\system32\conime.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 2, 0, 1005] [C:\WINDOWS\system32\APSHook.dll] [Cognizance Corporation, 2.0.0.015] [PID: 2816 / Administrator][D:\Program Files\应用\同花顺核新2008\zdsj.exe] [杭州核新软件技术有限公司, 2008, 7, 1, 0] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [D:\Program Files\应用\同花顺核新2008\RICHED20.dll] [Microsoft Corporation, 5.30.23.1205] [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 2, 0, 1005] [C:\WINDOWS\system32\APSHook.dll] [Cognizance Corporation, 2.0.0.015] [PID: 3992 / Administrator][C:\WINDOWS\system32\notepad.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 2, 0, 1005] [C:\WINDOWS\system32\APSHook.dll] [Cognizance Corporation, 2.0.0.015] [PID: 3912 / Administrator][C:\Program Files\Rising\Rfw\RfwCfg.exe] [Beijing Rising Information Technology Co., Ltd., 7.0.2.62] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Rising\Rfw\RsGuiLib.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90] [C:\Program Files\Rising\Rfw\ProcCom.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\Program Files\Rising\Rfw\RsCommX2.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\Program Files\Rising\Rfw\RSAPPMGR.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.1] [C:\Program Files\Rising\Rfw\CfgDll.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.0.19] [C:\Program Files\Rising\Rfw\RSCOMMON.DLL] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17] [C:\Program Files\Rising\Rfw\RfwCtrl.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\Program Files\Rising\Rfw\ProxyCtr.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.3] [C:\Program Files\Rising\Rfw\RsXML.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2] [C:\Program Files\Rising\Rfw\PngDll.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5] [C:\Program Files\Rising\Rfw\RfwRule.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.17] [PID: 2272 / Administrator][D:\工具\网络\Maxthon2\Maxthon.exe] [Maxthon International ltd., 2, 1, 0, 1870] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)] [D:\工具\网络\Maxthon2\mxpp.dll] [Maxthon International ltd., 1, 0, 0, 107] [D:\工具\网络\Maxthon2\MxSk.dll] [Maxthon, 1, 0, 0, 351] [D:\工具\网络\Maxthon2\MxProxy2.dll] [Maxthon International ltd., 1, 0, 0, 4030] [D:\工具\网络\Maxthon2\MxExt.dll] [N/A, ] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 2, 0, 1005] [C:\WINDOWS\system32\APSHook.dll] [Cognizance Corporation, 2.0.0.015] [D:\工具\网络\Maxthon2\mxtool.dll] [, 1, 0, 0, 1] [D:\工具\网络\Maxthon2\maxzlib.dll] [, 1.2.3] [D:\工具\网络\Maxthon2\mxfeedU.dll] [, 1, 0, 45, 92] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\SFSShell.dll] [Cognizance Corporation, 1.22.0.239] [C:\WINDOWS\system32\MSVCR70.dll] [Microsoft Corporation, 7.00.9955.0] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItMsg.dll] [Cognizance Corporation, 1.21.0.410] [C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\bin\CHS\SFSShell.dll] [Cognizance Corporation, 1.22.0.240] [D:\工具\网络\Maxthon2\Modules\MxWebBoost\MxWebBoost.dll] [Maxthon, 1,0,2,1187] [D:\工具\网络\Maxthon2\mxdb.dll] [Max, 3, 5, 3, 125] [C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\JDWB20.IME] [五星工作室, 4.00.950] [C:\WINDOWS\system32\GOOGLEPINYIN.IME] [Google Inc., ] [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx] [Adobe Systems, Inc., 9,0,124,0] [PID: 2712 / Administrator][D:\工具\系统工具\系统诊断工具sreng2\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900] [C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)] [C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)] [C:\Program Files\Rising\Rfw\ijt_base.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.21] [C:\Program Files\Rising\Rfw\olemon.dll] [Beijing Rising Information Technology Co., Ltd., 7.0.0.9] [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 2, 0, 1005] [C:\WINDOWS\system32\APSHook.dll] [Cognizance Corporation, 2.0.0.015] [D:\工具\系统工具\系统诊断工具sreng2\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
1234567i 初生襁褓狮帖子:26 注册: 2005-06-20 来自:

1234567i 初生襁褓狮帖子:26 注册: 2005-06-20 来自:	发表于： 2008-09-02 22:10 \| 只看楼主短消息资料字号：小中大 17楼回复：cmd进程病毒 ================================== 文件关联 .TXT Error. [C:\WINDOWS\notepad.exe %1] .EXE OK. ["%1" %] .COM OK. ["%1" %] .PIF OK. ["%1" %] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %] .SCR OK. ["%1" /S] .CHM Error. ["hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] .INI Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .VBS Error. [超级解霸3000] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock 提供者 N/A ================================== Autorun.inf N/A ================================== HOSTS 文件 127.0.0.1 localhost 127.0.0.1 yu.8s7.net 127.0.0.1 1.jopanqc.com 127.0.0.1 2.joppnqq.com 127.0.0.1 wg.47255.com 127.0.0.1 1.joppnqq.com 127.0.0.1 xxx.m111.biz 127.0.0.1 1.jopenqc.com 127.0.0.1 1.jopenkk.com 127.0.0.1 xxx.vh7.biz 127.0.0.1 xxx.j41m.com 127.0.0.1 3.joppnqq.com 127.0.0.1 d.93se.com 127.0.0.1 www.868wg.com 127.0.0.1 xxx.mmma.biz 127.0.0.1 ilove.com 127.0.0.1 tp.shpzhan.cn 127.0.0.1 www.tomwg.com 127.0.0.1 www.cike007.cn 127.0.0.1 www.22aaa.com 127.0.0.1 xx.exiao01.com 127.0.0.1 www.exiao01.com 127.0.0.1 www.exiao01.com 127.0.0.1 new.749571.com 127.0.0.1 xtx.kv8.info 127.0.0.1 cao.kv8.info 127.0.0.1 1.jopmmqq.com 127.0.0.1 171817.171817.com 127.0.0.1 d2.llsging.com 127.0.0.1 down.malasc.cn 127.0.0.1 llboss.com 127.0.0.1 nx.51ylb.cn 127.0.0.1 my.531jx.cn 127.0.0.1 qqq.dzydhx.com 127.0.0.1 qqq.hao1658.com 127.0.0.1 www.333292.com 127.0.0.1 down.18dd.net 127.0.0.1 up.22x44.com 127.0.0.1 aaa.faba01.com 127.0.0.1 bad.tqdlt.cn 127.0.0.1 1.chsipo.com 127.0.0.1 c3.aishangai.net 127.0.0.1 c2.aishangai.net 127.0.0.1 xxx.188dm.com 127.0.0.1 x2.1a2b3c1.com 127.0.0.1 d1.163500.net 127.0.0.1 down.google-serv.cn 127.0.0.1 idc.windowsupdeta.cn 127.0.0.1 nc.mskess.com 127.0.0.1 ok.sl8cjs.cn 127.0.0.1 dl.pvs360.com 127.0.0.1 ta.pvs360.com 127.0.0.1 cw.pvs360.com 127.0.0.1 fg.pvs360.com ================================== 进程特权扫描特殊特权被允许： SeLoadDriverPrivilege [PID = 1748, C:\PROGRA~1\MICROS~2\MSSQL\BINN\SQLSERVR.EXE] 特殊特权被允许： SeDebugPrivilege [PID = 196, C:\PROGRAM FILES\ASUS SECURITY CENTER\ASUS SECURITY PROTECT MANAGER\BIN\ASGHOST.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 196, C:\PROGRAM FILES\ASUS SECURITY CENTER\ASUS SECURITY PROTECT MANAGER\BIN\ASGHOST.EXE] 特殊特权被允许： SeDebugPrivilege [PID = 3840, C:\PROGRAM FILES\WIRELESS CONSOLE 2\WCOURIER.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 3840, C:\PROGRAM FILES\WIRELESS CONSOLE 2\WCOURIER.EXE] 特殊特权被允许： SeDebugPrivilege [PID = 164, C:\PROGRAM FILES\TOSHIBA\BLUETOOTH TOSHIBA STACK\TOSBTMNG.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 164, C:\PROGRAM FILES\TOSHIBA\BLUETOOTH TOSHIBA STACK\TOSBTMNG.EXE] 特殊特权被允许： SeDebugPrivilege [PID = 2884, C:\PROGRAM FILES\TOSHIBA\BLUETOOTH TOSHIBA STACK\TOSA2DP.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2884, C:\PROGRAM FILES\TOSHIBA\BLUETOOTH TOSHIBA STACK\TOSA2DP.EXE] 特殊特权被允许： SeDebugPrivilege [PID = 2916, C:\PROGRAM FILES\TOSHIBA\BLUETOOTH TOSHIBA STACK\TOSBTHID.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2916, C:\PROGRAM FILES\TOSHIBA\BLUETOOTH TOSHIBA STACK\TOSBTHID.EXE] 特殊特权被允许： SeDebugPrivilege [PID = 3160, C:\PROGRAM FILES\TOSHIBA\BLUETOOTH TOSHIBA STACK\TOSBTHSP.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 3160, C:\PROGRAM FILES\TOSHIBA\BLUETOOTH TOSHIBA STACK\TOSBTHSP.EXE] 特殊特权被允许： SeDebugPrivilege [PID = 2268, C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PROCEXP.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2268, C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PROCEXP.EXE] 特殊特权被允许： SeDebugPrivilege [PID = 2816, D:\PROGRAM FILES\应用\同花顺核新2008\ZDSJ.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2816, D:\PROGRAM FILES\应用\同花顺核新2008\ZDSJ.EXE] ================================== API HOOK 入口点错误：CreateProcessA (危险等级: 高, 被下面模块所HOOK: 0x00FF3DA5) 入口点错误：CreateProcessW (危险等级: 高, 被下面模块所HOOK: 0x00FF3E8D) ================================== 隐藏进程 N/A ================================== [/CODE]
1234567i 初生襁褓狮帖子:26 注册: 2005-06-20 来自:

月神の舞者拙长孩提狮帖子:132 注册: 2008-08-16 来自:神之仙阙	发表于： 2008-09-02 22:10 \| 短消息资料字号：小中大 18楼回复：cmd进程病毒 ……头大，杀个毒搞这么麻烦，要不要我去研究一下字节消失硬件，直接删除字节……
月神の舞者拙长孩提狮帖子:132 注册: 2008-08-16 来自:神之仙阙

SpeW 锋芒艾服狮帖子:1321 注册: 2008-07-11 来自:	发表于： 2008-09-02 22:18 \| 短消息资料字号：小中大 19楼回复: cmd进程病毒楼主前期用瑞星主防保护一下CMD就不会有这么多事了哎.............. 现在问题很复杂啊日志要看的话估计一时半伙还看不完
SpeW 锋芒艾服狮帖子:1321 注册: 2008-07-11 来自:

sihaiweijia 健康舞勺狮帖子:293 注册: 2006-01-31 来自:	发表于： 2008-09-02 23:45 \| 短消息资料字号：小中大 20楼回复：cmd进程病毒先不让cmd运行再删怎么样在组策略里把cmd禁用
sihaiweijia 健康舞勺狮帖子:293 注册: 2006-01-31 来自:

<<上一主题|下一主题>>

2 / 3 页

跳转页

页面顶部

Powered by Discuz!NT