CAD老病毒最新升级瑞星还是杀不掉求教高手 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛 CAD老病毒最新升级瑞星还是杀不掉求教高手

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第四十七次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

12

1 / 2 页

跳转页

[求助] CAD老病毒最新升级瑞星还是杀不掉求教高手

isbm 初生襁褓狮帖子:17 注册: 2010-07-31 来自:	发表于： 2010-07-31 18:32 \| 只看楼主短消息资料字号：小中大 1楼 CAD老病毒最新升级瑞星还是杀不掉求教高手 cad病毒acaddoc.lsp 瑞星杀不出来的论坛一搜一堆装机过了还是存在附瑞星扫描纪录求教高手了用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
isbm 初生襁褓狮帖子:17 注册: 2010-07-31 来自:	分享到：

isbm 初生襁褓狮帖子:17 注册: 2010-07-31 来自:	发表于： 2010-07-31 18:33 \| 只看楼主短消息资料字号：小中大 2楼回复: CAD老病毒最新升级瑞星还是杀不掉求教高手未知家族病毒分析扫描结果: 无可疑文件系统活动进程 C:\WINDOWS\NOTEPAD.EXE C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL C:\PROGRAM FILES\RISING\ANTISPYWARE\REGCALL.DLL C:\PROGRAM FILES\RISING\RAV\RSAGENT.EXE C:\PROGRAM FILES\RISING\RAV\PROCCOMM.DLL C:\PROGRAM FILES\RISING\RAV\COMX3.DLL C:\PROGRAM FILES\RISING\RAV\SYSLAY.DLL C:\PROGRAM FILES\RISING\RAV\SCANPRXY.DLL C:\WINDOWS\SYSTEM32\SMSS.EXE C:\WINDOWS\SYSTEM32\CSRSS.EXE C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL C:\WINDOWS\SYSTEM32\WINLOGON.EXE C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL C:\WINDOWS\SYSTEM32\SERVICES.EXE C:\WINDOWS\APPPATCH\ACADPROC.DLL C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL C:\WINDOWS\SYSTEM32\LSASS.EXE C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL C:\WINDOWS\SYSTEM32\NVSVC32.EXE C:\WINDOWS\SYSTEM32\NVAPI.DLL C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\RSDETECT.EXE C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL C:\PROGRAM FILES\RISING\ANTISPYWARE\REGCALL.DLL C:\WINDOWS\SYSTEM32\SVCHOST.EXE C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL C:\WINDOWS\SYSTEM32\SVCHOST.EXE C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL C:\PROGRAM FILES\RISING\RAV\RAVMOND.EXE C:\PROGRAM FILES\RISING\RAV\COMBASE.DLL C:\PROGRAM FILES\RISING\RAV\CNT09.DLL C:\PROGRAM FILES\RISING\RAV\MONCOMM.DLL C:\PROGRAM FILES\RISING\RAV\MONBASE.DLL C:\PROGRAM FILES\RISING\RAV\RSLOG.DLL C:\PROGRAM FILES\RISING\RAV\MONDRV.DLL C:\PROGRAM FILES\RISING\RAV\DEFMON.DLL C:\PROGRAM FILES\RISING\RAV\MONCOM08.DLL C:\PROGRAM FILES\RISING\RAV\MONRULE.DLL C:\PROGRAM FILES\RISING\RAV\FILEMON.DLL C:\PROGRAM FILES\RISING\RAV\MAILMON.DLL C:\PROGRAM FILES\RISING\RAV\HOOKWEB.DLL C:\PROGRAM FILES\RISING\RAV\RSINDENT.DLL C:\PROGRAM FILES\RISING\RAV\SYSLAY.DLL C:\PROGRAM FILES\RISING\RAV\TASKPLUG.DLL C:\PROGRAM FILES\RISING\RAV\SCANSRVP.DLL C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL C:\PROGRAM FILES\RISING\RAV\CNT08.DLL C:\PROGRAM FILES\RISING\RAV\PROCCOMM.DLL C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.DLL C:\PROGRAM FILES\RISING\RAV\CFGDLL.DLL C:\PROGRAM FILES\RISING\RAV\COMX3.DLL C:\PROGRAM FILES\RISING\RAV\HOOKSYS.DLL C:\PROGRAM FILES\RISING\RAV\PROCCOM.DLL C:\PROGRAM FILES\RISING\RAV\RSCOMMX2.DLL C:\PROGRAM FILES\RISING\RAV\HOOKCONT.DLL C:\PROGRAM FILES\RISING\RAV\BACORE.DLL C:\PROGRAM FILES\RISING\RAV\RECOMP.DLL C:\PROGRAM FILES\RISING\RAV\REFS.DLL C:\PROGRAM FILES\RISING\RAV\VIRUSLIB.DLL C:\PROGRAM FILES\RISING\RAV\RELIBLDR.DLL C:\PROGRAM FILES\RISING\RAV\RSNETSVR.DLL C:\PROGRAM FILES\RISING\RAV\BAWHITE.DLL C:\PROGRAM FILES\RISING\RAV\RSSTORE.DLL C:\PROGRAM FILES\RISING\RAV\SCANNER.DLL C:\PROGRAM FILES\RISING\RAV\SCANADD.DLL C:\PROGRAM FILES\RISING\RAV\NCOMM2.DLL C:\PROGRAM FILES\RISING\RAV\RSTASK.DLL C:\PROGRAM FILES\RISING\RAV\RSSTUB.DLL C:\PROGRAM FILES\RISING\RAV\SCANSRV.DLL C:\PROGRAM FILES\RISING\RAV\SCANPE.DLL C:\PROGRAM FILES\RISING\RAV\PEARC.DLL C:\PROGRAM FILES\RISING\RAV\UR000.DAT C:\PROGRAM FILES\RISING\RAV\URUTILS.DLL C:\PROGRAM FILES\RISING\RAV\FFR.DLL C:\PROGRAM FILES\RISING\RAV\NVFILE.DLL C:\PROGRAM FILES\RISING\RAV\SCANEXEC.DLL C:\PROGRAM FILES\RISING\RAV\UNEXE.DLL C:\PROGRAM FILES\RISING\RAV\SCANEX.DLL C:\PROGRAM FILES\RISING\RAV\SCANTJ.DLL C:\PROGRAM FILES\RISING\RAV\METHODEX.DLL C:\PROGRAM FILES\RISING\RAV\REVM.DLL C:\PROGRAM FILES\RISING\RAV\HEUREX.DLL C:\PROGRAM FILES\RISING\RAV\PECOMPD.DLL C:\PROGRAM FILES\RISING\RAV\UR001.DAT C:\PROGRAM FILES\RISING\RAV\EXTMAIL.DLL C:\PROGRAM FILES\RISING\RAV\SCANSCT.DLL C:\PROGRAM FILES\RISING\RAV\SCANRAVT.DLL C:\PROGRAM FILES\RISING\RAV\SCANBT.DLL C:\PROGRAM FILES\RISING\RAV\SCANSTUB.DLL C:\WINDOWS\SYSTEM32\SVCHOST.EXE C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL C:\WINDOWS\SYSTEM32\SVCHOST.EXE C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL C:\WINDOWS\SYSTEM32\SVCHOST.EXE C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL C:\PROGRAM FILES\RISING\RFW\RFWSRV.EXE C:\WINDOWS\SYSTEM32\MFC71.DLL C:\WINDOWS\SYSTEM32\MSVCR71.DLL C:\WINDOWS\SYSTEM32\MSVCP71.DLL C:\PROGRAM FILES\RISING\RFW\PROCCOM.DLL C:\PROGRAM FILES\RISING\RFW\RSCOMMX2.DLL C:\PROGRAM FILES\RISING\RFW\RSAPPMGR.DLL C:\PROGRAM FILES\RISING\RFW\CFGDLL.DLL C:\PROGRAM FILES\RISING\RFW\RFWRULE.DLL C:\PROGRAM FILES\RISING\RFW\RFWLOG.DLL C:\PROGRAM FILES\RISING\RFW\RFWDRV.DLL C:\PROGRAM FILES\RISING\RFW\IJT_CTRL.DLL C:\PROGRAM FILES\RISING\RFW\UNVDET.DLL C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL C:\PROGRAM FILES\RISING\RFW\MPORTS.DLL C:\PROGRAM FILES\RISING\RFW\RFWPROXY.EXE C:\WINDOWS\SYSTEM32\MFC71.DLL C:\WINDOWS\SYSTEM32\MSVCR71.DLL C:\PROGRAM FILES\RISING\RFW\PROCCOM.DLL C:\PROGRAM FILES\RISING\RFW\RSCOMMX2.DLL C:\PROGRAM FILES\RISING\RFW\RFWRULE.DLL C:\PROGRAM FILES\RISING\RFW\URLRULE.DLL C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL C:\PROGRAM FILES\RISING\RFW\MONMID.DLL C:\WINDOWS\MSAGENT\AGENTSVR.EXE C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL C:\PROGRAM FILES\RISING\ANTISPYWARE\REGCALL.DLL C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\~E5D141.TMP C:\PROGRAM FILES\RISING\ANTISPYWARE\REGCALL.DLL C:\PROGRAM FILES\RISING\RFW\RFWSTUB.EXE C:\WINDOWS\SYSTEM32\MSVCP71.DLL C:\WINDOWS\SYSTEM32\MSVCR71.DLL C:\PROGRAM FILES\RISING\RFW\RSCOMMON.DLL C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL C:\WINDOWS\SYSTEM32\SVCHOST.EXE C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\SYSTEM32\ACSIGNICON.DLL C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL C:\PROGRAM FILES\COMMON FILES\AUTODESK SHARED\ACSIGNCORE16.DLL C:\PROGRAM FILES\RISING\ANTISPYWARE\REGCALL.DLL C:\WINDOWS\SYSTEM32\RAVEXT.DLL C:\WINDOWS\SYSTEM32\KAKAEXT.DLL C:\PROGRAM FILES\HAOZIP\HAOZIPEXT.DLL C:\PROGRAM FILES\HAOZIP\MSVCR80.DLL C:\PROGRAM FILES\THUNDER\COMDLLS\TDATONCE_NOW.DLL C:\PROGRAM FILES\THUNDER\COMDLLS\XUNLEIBHO_NOW.DLL C:\PROGRAM FILES\RISING\RAV\RAVSCRCH.DLL C:\WINDOWS\SYSTEM32\MSVCP71.DLL C:\WINDOWS\SYSTEM32\MSVCR71.DLL C:\WINDOWS\SYSTEM32\NVCPL.DLL C:\WINDOWS\SYSTEM32\NVRSZHC.DLL C:\PROGRAM FILES\NVIDIA CORPORATION\NVIEW\NVSHELL.DLL C:\WINDOWS\SYSTEM32\NVAPI.DLL C:\WINDOWS\SYSTEM32\DRIVERS\CDAC11BA.EXE C:\WINDOWS\SYSTEM32\SPOOLSV.EXE C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL C:\PROGRAM FILES\RISING\RFW\RFWMAIN.EXE C:\WINDOWS\SYSTEM32\MFC71.DLL C:\WINDOWS\SYSTEM32\MSVCR71.DLL C:\WINDOWS\SYSTEM32\MSVCP71.DLL C:\PROGRAM FILES\RISING\RFW\RSGUILIB.DLL C:\PROGRAM FILES\RISING\RFW\PROCCOM.DLL C:\PROGRAM FILES\RISING\RFW\RSCOMMX2.DLL C:\PROGRAM FILES\RISING\RFW\RSAPPMGR.DLL C:\PROGRAM FILES\RISING\RFW\CFGDLL.DLL C:\PROGRAM FILES\RISING\RFW\RSCOMMON.DLL C:\PROGRAM FILES\RISING\RFW\RFWCTRL.DLL C:\PROGRAM FILES\RISING\RFW\RSXML.DLL C:\PROGRAM FILES\RISING\RFW\PNGDLL.DLL C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL C:\PROGRAM FILES\RISING\RFW\RFWRULE.DLL C:\PROGRAM FILES\RISING\ANTISPYWARE\REGCALL.DLL C:\WINDOWS\SYSTEM32\ALG.EXE C:\PROGRAM FILES\RISING\ANTISPYWARE\RSTRAY.EXE C:\PROGRAM FILES\RISING\ANTISPYWARE\RSMGINFO.DLL C:\PROGRAM FILES\RISING\ANTISPYWARE\RSXML.DLL C:\PROGRAM FILES\RISING\ANTISPYWARE\REGCALL.DLL C:\PROGRAM FILES\RISING\ANTISPYWARE\COMSERV.DLL C:\PROGRAM FILES\RISING\ANTISPYWARE\SYSLAY.DLL C:\PROGRAM FILES\RISING\ANTISPYWARE\MSVCP71.DLL C:\PROGRAM FILES\RISING\ANTISPYWARE\MSVCR71.DLL C:\PROGRAM FILES\RISING\ANTISPYWARE\RSCOMMON.DLL C:\PROGRAM FILES\RISING\ANTISPYWARE\COMX3.DLL C:\PROGRAM FILES\RISING\ANTISPYWARE\RSXML1.DLL C:\PROGRAM FILES\RISING\ANTISPYWARE\PNGDLL.DLL C:\PROGRAM FILES\RISING\ANTISPYWARE\RUNIEP.DLL C:\PROGRAM FILES\RISING\ANTISPYWARE\NCOMM.DLL C:\PROGRAM FILES\RISING\RAV\PROCCOM.DLL C:\PROGRAM FILES\RISING\ANTISPYWARE\RSCOMMX2.DLL C:\PROGRAM FILES\RISING\RAV\RSTRAY.EXE C:\PROGRAM FILES\RISING\RAV\COMSERV.DLL C:\PROGRAM FILES\RISING\RAV\RSLANG.DLL C:\PROGRAM FILES\RISING\RAV\COMX3.DLL C:\PROGRAM FILES\RISING\RAV\SYSLAY.DLL C:\PROGRAM FILES\RISING\RAV\PROCCOMM.DLL C:\PROGRAM FILES\RISING\RAV\RSXML.DLL C:\PROGRAM FILES\RISING\RAV\MONSTATE.DLL C:\PROGRAM FILES\RISING\RAV\SCANEVNT.DLL C:\PROGRAM FILES\RISING\RAV\RSGUILIB.DLL C:\PROGRAM FILES\RISING\RAV\RSCONF.DLL C:\PROGRAM FILES\RISING\RAV\RSPALVD.DLL C:\PROGRAM FILES\RISING\RAV\RAVBINTL.DLL C:\PROGRAM FILES\RISING\RAV\MRULEUI.DLL C:\PROGRAM FILES\RISING\RAV\MONTRAY.DLL C:\PROGRAM FILES\RISING\RAV\RAVITRAY.DLL C:\PROGRAM FILES\RISING\RAV\RSMGINFO.DLL C:\PROGRAM FILES\RISING\RAV\SCANLEAK.DLL C:\PROGRAM FILES\RISING\RAV\RAVPPOPS.DLL C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.DLL C:\PROGRAM FILES\RISING\RAV\CFGDLL.DLL C:\PROGRAM FILES\RISING\RAV\PNGDLL.DLL C:\PROGRAM FILES\RISING\RAV\SCANPRXY.DLL
isbm 初生襁褓狮帖子:17 注册: 2010-07-31 来自:

isbm 初生襁褓狮帖子:17 注册: 2010-07-31 来自:	发表于： 2010-07-31 18:35 \| 只看楼主短消息资料字号：小中大 3楼回复: CAD老病毒最新升级瑞星还是杀不掉求教高手 C:\WINDOWS\SYSTEM32\CTFMON.EXE C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL C:\PROGRAM FILES\RISING\ANTISPYWARE\REGCALL.DLL C:\PROGRAM FILES\AUTOCAD 2004\ACAD.EXE C:\PROGRAM FILES\COMMON FILES\AUTODESK SHARED\AC1ST16.DLL C:\PROGRAM FILES\AUTOCAD 2004\MSVCR70.DLL C:\PROGRAM FILES\AUTOCAD 2004\MSVCP70.DLL C:\PROGRAM FILES\COMMON FILES\AUTODESK SHARED\ACDB16.DLL C:\PROGRAM FILES\COMMON FILES\AUTODESK SHARED\ACGE16.DLL C:\PROGRAM FILES\AUTOCAD 2004\MFC70.DLL C:\PROGRAM FILES\AUTOCAD 2004\ACUI16.DLL C:\PROGRAM FILES\AUTOCAD 2004\ANAV.DLL C:\PROGRAM FILES\AUTOCAD 2004\ADUI16.DLL C:\PROGRAM FILES\AUTOCAD 2004\DSWHIP.DLL C:\PROGRAM FILES\AUTOCAD 2004\HEIDI8.DLL C:\PROGRAM FILES\AUTOCAD 2004\DLINT8.DLL C:\PROGRAM FILES\AUTOCAD 2004\SFTTABAC.DLL C:\PROGRAM FILES\AUTOCAD 2004\USERDATA.DLL C:\PROGRAM FILES\AUTOCAD 2004\ADLMDLL.DLL C:\PROGRAM FILES\AUTOCAD 2004\ADCTRLS.DLL C:\PROGRAM FILES\AUTOCAD 2004\ADUI16RES.DLL C:\PROGRAM FILES\AUTOCAD 2004\ANAVRES.DLL C:\PROGRAM FILES\AUTOCAD 2004\ACUI16RES.DLL C:\PROGRAM FILES\AUTOCAD 2004\DSWHIPRES.DLL C:\PROGRAM FILES\AUTOCAD 2004\SFTTABACRES.DLL C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\~EF8DDA\~DF394B.TMP C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\~EF8DDA\~DE8C3A.TMP C:\PROGRAM FILES\AUTOCAD 2004\ADCTRLSRES.DLL C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL C:\PROGRAM FILES\AUTOCAD 2004\ACADBTN.DLL C:\PROGRAM FILES\AUTOCAD 2004\ACADRES.DLL C:\PROGRAM FILES\RISING\ANTISPYWARE\REGCALL.DLL C:\PROGRAM FILES\AUTOCAD 2004\ADLMRES.DLL C:\PROGRAM FILES\AUTOCAD 2004\PRXYINET.DLL C:\PROGRAM FILES\AUTOCAD 2004\PRXYINETRES.DLL C:\PROGRAM FILES\AUTOCAD 2004\OLEAPROT.ARX C:\TANGENT\TARCH6\SYS16\TCH.DLL C:\PROGRAM FILES\AUTOCAD 2004\COLORRES.DLL C:\PROGRAM FILES\AUTOCAD 2004\DRV\GDI8.HDI C:\PROGRAM FILES\AUTOCAD 2004\DRV\GDI8RES.DLL C:\PROGRAM FILES\AUTOCAD 2004\DRV\SZB8.HDI C:\PROGRAM FILES\AUTOCAD 2004\DRV\RBLAST8.HDI C:\PROGRAM FILES\AUTOCAD 2004\DRV\GDIFONT8.HDI C:\PROGRAM FILES\AUTOCAD 2004\ACGS.DLL C:\PROGRAM FILES\AUTOCAD 2004\ACGSRES.DLL C:\PROGRAM FILES\AUTOCAD 2004\APPERR.DLL C:\PROGRAM FILES\AUTOCAD 2004\PLOTCFG8.DLL C:\PROGRAM FILES\AUTOCAD 2004\PCTRES8.DLL C:\PROGRAM FILES\AUTOCAD 2004\APPERRRES.DLL C:\PROGRAM FILES\AUTOCAD 2004\PLCFMGR.DLL C:\PROGRAM FILES\AUTOCAD 2004\MSVCI70.DLL C:\PROGRAM FILES\AUTOCAD 2004\PLCFMGRRES.DLL C:\PROGRAM FILES\AUTOCAD 2004\PLCFERR.DLL C:\PROGRAM FILES\AUTOCAD 2004\PM8.DLL C:\PROGRAM FILES\AUTOCAD 2004\PMRES8.DLL C:\PROGRAM FILES\AUTOCAD 2004\PMUTIL8.DLL C:\PROGRAM FILES\AUTOCAD 2004\HCREG8.DLL C:\PROGRAM FILES\AUTOCAD 2004\HCREG8RES.DLL C:\PROGRAM FILES\AUTOCAD 2004\VL.ARX C:\PROGRAM FILES\AUTOCAD 2004\VLMSG.DLL C:\PROGRAM FILES\AUTOCAD 2004\VLLIB.DLL C:\PROGRAM FILES\AUTOCAD 2004\ACAPP.ARX C:\PROGRAM FILES\AUTOCAD 2004\ACDBLCLKEDIT.ARX C:\PROGRAM FILES\AUTOCAD 2004\ACDBLCLKEDITPE.ARX C:\PROGRAM FILES\AUTOCAD 2004\ACDBLCLKEDITRES.DLL C:\PROGRAM FILES\AUTOCAD 2004\ACDIM.ARX C:\PROGRAM FILES\AUTOCAD 2004\SHAREAC.DLL C:\PROGRAM FILES\AUTOCAD 2004\SHAREMFC.DLL C:\PROGRAM FILES\AUTOCAD 2004\ACDIMRES.DLL C:\PROGRAM FILES\AUTOCAD 2004\ACEPLOTX.ARX C:\PROGRAM FILES\COMMON FILES\AUTODESK SHARED\ACHAPI16.DBX C:\PROGRAM FILES\AUTOCAD 2004\ACEPLOTXRES.DLL C:\PROGRAM FILES\AUTOCAD 2004\ACHLNKUI.ARX C:\PROGRAM FILES\AUTOCAD 2004\ACHLNKUIRES.DLL C:\PROGRAM FILES\AUTOCAD 2004\ACIDROPMGR.ARX C:\PROGRAM FILES\AUTOCAD 2004\ACIDROPMGRRES.DLL C:\PROGRAM FILES\AUTOCAD 2004\ACLAYERP.ARX C:\PROGRAM FILES\AUTOCAD 2004\ACLAYERPRES.DLL C:\PROGRAM FILES\AUTOCAD 2004\ACSIGN.ARX C:\PROGRAM FILES\AUTOCAD 2004\ACSIGNRES.DLL C:\PROGRAM FILES\AUTOCAD 2004\ACSPACETRANS.ARX C:\PROGRAM FILES\AUTOCAD 2004\ACSPACETRANSRES.DLL C:\PROGRAM FILES\AUTOCAD 2004\ACSTD.ARX C:\PROGRAM FILES\AUTOCAD 2004\ACSTSTDRES.DLL C:\PROGRAM FILES\AUTOCAD 2004\ACTP.ARX C:\PROGRAM FILES\AUTOCAD 2004\ACTC.DLL C:\PROGRAM FILES\AUTOCAD 2004\ACTCUI.DLL C:\PROGRAM FILES\AUTOCAD 2004\ACTCRES.DLL C:\PROGRAM FILES\AUTOCAD 2004\ACTCUIRES.DLL C:\PROGRAM FILES\AUTOCAD 2004\WHOHAS.ARX C:\PROGRAM FILES\AUTOCAD 2004\WHOHASRES.DLL C:\PROGRAM FILES\AUTOCAD 2004\EXPRESS\FSCREEN.ARX C:\PROGRAM FILES\AUTOCAD 2004\ACETLODR.ARX C:\PROGRAM FILES\AUTOCAD 2004\EXPRESS\MOVEBAK.ARX C:\PROGRAM FILES\AUTOCAD 2004\EXPRESS\ACETUTIL.ARX C:\PROGRAM FILES\AUTOCAD 2004\EXPRESS\ACETUTIL.DLL C:\PROGRAM FILES\AUTOCAD 2004\WSCOMMCNTRACCON.ARX C:\PROGRAM FILES\AUTOCAD 2004\WSCOMMCNTRACCONRES.DLL C:\TANGENT\TARCH6\SYS16\TCH_INITSTART.ARX C:\TANGENT\TARCH6\SYS16\TCH_KERNAL.ARX C:\PROGRAM FILES\COMMON FILES\AUTODESK SHARED\ACISMOBJ16.DBX C:\PROGRAM FILES\COMMON FILES\AUTODESK SHARED\IE80.DLL C:\PROGRAM FILES\COMMON FILES\AUTODESK SHARED\IEBMPRD80.DLL C:\PROGRAM FILES\COMMON FILES\AUTODESK SHARED\IETIFFRD80.DLL C:\PROGRAM FILES\COMMON FILES\AUTODESK SHARED\IEJFIFRD80.DLL C:\PROGRAM FILES\COMMON FILES\AUTODESK SHARED\IECALSRD80.DLL C:\PROGRAM FILES\COMMON FILES\AUTODESK SHARED\IEPNGRD80.DLL C:\PROGRAM FILES\COMMON FILES\AUTODESK SHARED\IEPCXRD80.DLL C:\PROGRAM FILES\COMMON FILES\AUTODESK SHARED\IEFLICRD80.DLL C:\PROGRAM FILES\COMMON FILES\AUTODESK SHARED\IETGARD80.DLL C:\PROGRAM FILES\COMMON FILES\AUTODESK SHARED\IEPICTRD80.DLL C:\PROGRAM FILES\COMMON FILES\AUTODESK SHARED\IEBMPWR80.DLL C:\PROGRAM FILES\COMMON FILES\AUTODESK SHARED\IECALSWR80.DLL C:\PROGRAM FILES\COMMON FILES\AUTODESK SHARED\IEFLICWR80.DLL C:\PROGRAM FILES\COMMON FILES\AUTODESK SHARED\IEJFIFWR80.DLL C:\PROGRAM FILES\COMMON FILES\AUTODESK SHARED\IEPCXWR80.DLL C:\PROGRAM FILES\COMMON FILES\AUTODESK SHARED\IEPNGWR80.DLL C:\PROGRAM FILES\COMMON FILES\AUTODESK SHARED\IETGAWR80.DLL C:\PROGRAM FILES\COMMON FILES\AUTODESK SHARED\IETIFFWR80.DLL C:\TANGENT\TARCH6\SYS\TCH.DLL C:\TANGENT\TARCH6\SYS16\TAPI.ARX C:\TANGENT\TARCH6\SYS16\TCH3_KERNAL.ARX C:\TANGENT\TARCH6\SYS16\TCH_KERNCMD.ARX C:\TANGENT\TARCH6\SYS16\TCH_ANNOTATE.ARX C:\PROGRAM FILES\AUTOCAD 2004\VLCOM.DLL C:\PROGRAM FILES\AUTOCAD 2004\VLREAC.DLL C:\PROGRAM FILES\AUTOCAD 2004\AXDB16.DLL C:\WINDOWS\SYSTEM32\ACSIGNICON.DLL C:\TANGENT\TARCH6\SYS16\TCH_PIPEWIRE.ARX C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL C:\PROGRAM FILES\RISING\ANTISPYWARE\REGCALL.DLL C:\WINDOWS\SYSTEM32\ACSIGNICON.DLL C:\PROGRAM FILES\THUNDER\COMDLLS\TDATONCE_NOW.DLL C:\PROGRAM FILES\THUNDER\COMDLLS\XUNLEIBHO_NOW.DLL C:\WINDOWS\SYSTEM32\URLFILTER.DLL C:\PROGRAM FILES\RISING\ANTISPYWARE\URLRULE.DLL C:\PROGRAM FILES\RISING\RAV\RAVSCRCH.DLL C:\WINDOWS\SYSTEM32\MSVCP71.DLL C:\WINDOWS\SYSTEM32\MSVCR71.DLL C:\WINDOWS\SYSTEM32\MACROMED\FLASH\FLASH6.OCX C:\PROGRAM FILES\COMMON FILES\AUTODESK SHARED\ACSIGNCORE16.DLL C:\WINDOWS\SYSTEM32\NOTEPAD.EXE C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL C:\PROGRAM FILES\RISING\ANTISPYWARE\REGCALL.DLL
isbm 初生襁褓狮帖子:17 注册: 2010-07-31 来自:

isbm 初生襁褓狮帖子:17 注册: 2010-07-31 来自:	发表于： 2010-07-31 18:35 \| 只看楼主短消息资料字号：小中大 4楼回复: CAD老病毒最新升级瑞星还是杀不掉求教高手 C:\WINDOWS\SYSTEM32\SVCHOST.EXE C:\PROGRAM FILES\THUNDER\PROGRAM\THUNDER5.EXE C:\PROGRAM FILES\THUNDER\PROGRAM\BUGREPORT.DLL C:\PROGRAM FILES\THUNDER\PROGRAM\THUNDEREX.DLL C:\PROGRAM FILES\RISING\ANTISPYWARE\REGCALL.DLL C:\PROGRAM FILES\THUNDER\PROGRAM\TASKMANAGER.DLL C:\PROGRAM FILES\THUNDER\PROGRAM\DOWNLOAD_INTERFACE.DLL C:\PROGRAM FILES\THUNDER\PROGRAM\MSVCP71.DLL C:\PROGRAM FILES\THUNDER\PROGRAM\MSVCR71.DLL C:\PROGRAM FILES\THUNDER\PROGRAM\ASYN_FRAME.DLL C:\PROGRAM FILES\THUNDER\PROGRAM\ATL71.DLL C:\PROGRAM FILES\THUNDER\PROGRAM\FS.DLL C:\PROGRAM FILES\THUNDER\PROGRAM\XLNET.DLL C:\PROGRAM FILES\THUNDER\PROGRAM\BHOSTUB.DLL C:\PROGRAM FILES\THUNDER\COMPONENTS\DOWNANDPLAY\DOWNANDPLAY.DLL C:\PROGRAM FILES\THUNDER\PROGRAM\BACKEND_AGENT.DLL C:\PROGRAM FILES\THUNDER\PROGRAM\P2SP.DLL C:\PROGRAM FILES\THUNDER\PROGRAM\DOWN_DISPATCHER.DLL C:\PROGRAM FILES\THUNDER\PROGRAM\PTL.DLL C:\PROGRAM FILES\THUNDER\PROGRAM\XL_STAT.DLL C:\PROGRAM FILES\THUNDER\PROGRAM\ITARGETAD.DLL C:\PROGRAM FILES\RISING\RAV\RAVSCRCH.DLL C:\PROGRAM FILES\THUNDER\PROGRAM\P2P.DLL C:\PROGRAM FILES\THUNDER\PROGRAM\XLDC.DLL C:\PROGRAM FILES\THUNDER\PROGRAM\STREAM.DLL C:\PROGRAM FILES\THUNDER\PROGRAM\P2P_UPLOAD.DLL C:\PROGRAM FILES\THUNDER\PROGRAM\P2P_LOCAL_RES.DLL C:\PROGRAM FILES\THUNDER\PROGRAM\EMULE_ID.DLL C:\PROGRAM FILES\THUNDER\PROGRAM\AL.DLL C:\PROGRAM FILES\THUNDER\PROGRAM\P2P_NETWORK_COM.DLL C:\PROGRAM FILES\THUNDER\COMPONENTS\COMMUNITY\XLCOMMUNITY.DLL C:\PROGRAM FILES\THUNDER\PROGRAM\XLCOMMUNITYEX.DLL C:\PROGRAM FILES\THUNDER\PROGRAM\REGISTERDLL.DLL C:\PROGRAM FILES\THUNDER\PROGRAM\MSVCIRT.DLL C:\PROGRAM FILES\THUNDER\PROGRAM\IMDT.DLL C:\PROGRAM FILES\THUNDER\COMPONENTS\SECURITY\THUNDERSAFE.DLL C:\PROGRAM FILES\THUNDER\COMPONENTS\SECURITY\CONFIGMANAGER.DLL C:\PROGRAM FILES\THUNDER\COMPONENTS\SECURITY\SAFEMANAGER.DLL C:\PROGRAM FILES\THUNDER\PROGRAM\XLNETU.DLL C:\PROGRAM FILES\THUNDER\PLUGINS\XLSAFEHOST\XLSAFEHOST.DLL C:\PROGRAM FILES\THUNDER\PLUGINS\XLSAFEHOST\GUARD.DLL C:\PROGRAM FILES\THUNDER\PLUGINS\XLSAFEHOST\AUTOHELP.DLL C:\PROGRAM FILES\THUNDER\COMPONENTS\SEARCH\XLSEARCH.DLL C:\PROGRAM FILES\THUNDER\PROGRAM\LIVEUPDATE.DLL C:\PROGRAM FILES\THUNDER\COMPONENTS\XLSOFTBASE\XLSOFTWAREBASE.DLL C:\PROGRAM FILES\THUNDER\PLUGINS\GOUGOUTOP\GOUGOUTOP.DLL C:\PROGRAM FILES\THUNDER\COMPONENTS\EXPLORERHELPER\EXPLORERHELPER.DLL C:\PROGRAM FILES\THUNDER\COMPONENTS\TIPS\TIPSCLIENT.DLL C:\PROGRAM FILES\THUNDER\COMPONENTS\DOWNLOADSTAT\DOWNLOADSTAT.DLL C:\PROGRAM FILES\THUNDER\COMPONENTS\TIPS\XLIPC.DLL C:\PROGRAM FILES\COMMON FILES\AUTODESK SHARED\WSCOMMCNTR1.EXE C:\PROGRAM FILES\RISING\RFW\IJT_BASE.DLL C:\PROGRAM FILES\RISING\RFW\OLEMON.DLL C:\PROGRAM FILES\RISING\ANTISPYWARE\REGCALL.DLL C:\PROGRAM FILES\COMMON FILES\AUTODESK SHARED\WEBSERVICES1.DLL C:\PROGRAM FILES\RISING\RAV\RSLOGVW.EXE C:\WINDOWS\SYSTEM32\MSVCP71.DLL C:\WINDOWS\SYSTEM32\MSVCR71.DLL C:\PROGRAM FILES\RISING\RAV\RSPALMGR.DLL C:\PROGRAM FILES\RISING\RAV\RSXML.DLL C:\PROGRAM FILES\RISING\RAV\RSGUILIB.DLL C:\PROGRAM FILES\RISING\RAV\RSLANG.DLL C:\PROGRAM FILES\RISING\RAV\LOGQUERY.DLL C:\PROGRAM FILES\RISING\RAV\PNGDLL.DLL C:\PROGRAM FILES\RISING\RAV\PROCCOMM.DLL C:\PROGRAM FILES\RISING\RAV\RSLOGVW.DLL C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE C:\PROGRAM FILES\RISING\ANTISPYWARE\REGCALL.DLL C:\WINDOWS\SYSTEM32\ACSIGNICON.DLL C:\PROGRAM FILES\THUNDER\COMDLLS\TDATONCE_NOW.DLL C:\PROGRAM FILES\THUNDER\COMDLLS\XUNLEIBHO_NOW.DLL C:\WINDOWS\SYSTEM32\URLFILTER.DLL C:\PROGRAM FILES\RISING\ANTISPYWARE\URLRULE.DLL C:\PROGRAM FILES\RISING\RAV\RAVSCRCH.DLL C:\WINDOWS\SYSTEM32\MSVCP71.DLL C:\WINDOWS\SYSTEM32\MSVCR71.DLL C:\WINDOWS\SYSTEM32\MACROMED\FLASH\FLASH6.OCX C:\WINDOWS\SYSTEM32\SOGOUPY.IME C:\PROGRAM FILES\THUNDER\COMDLLS\THUNDERAGENT_NOW.DLL C:\PROGRAM FILES\COMMON FILES\AUTODESK SHARED\ACSIGNCORE16.DLL 普通自启动项 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run NvCplDaemon = ; RUNDLL32.EXE C:\WINDOWS\SYSTEM32\NVCPL.DLL,NVSTARTUP RfwMain = "C:\PROGRAM FILES\RISING\RFW\RFWMAIN.EXE" -STARTUP runeip = "C:\PROGRAM FILES\RISING\ANTISPYWARE\RSTRAY.EXE" /STARTUP RavTray = "C:\PROGRAM FILES\RISING\RAV\RSTRAY.EXE" -SYSTEM NvMediaCenter = ; RUNDLL32.EXE C:\WINDOWS\SYSTEM32\NVMCTRAY.DLL,NVTASKBARINIT nwiz = ; C:\PROGRAM FILES\NVIDIA CORPORATION\NVIEW\NWIZ.EXE /INSTALL Vistadrv = ; C:\PROGRAM FILES\VSDRV\VSDRV.EXE HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ctfmon.exe = C:\WINDOWS\SYSTEM32\CTFMON.EXE AppInit_DLLs HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows AppInit_DLLs = 系统文件关联 .exe ==> exefile = "%1" %* .com ==> comfile = "%1" %* .cmd ==> cmdfile = "%1" %* .bat ==> batfile = "%1" %* .txt ==> txtfile = %SystemRoot%\system32\NOTEPAD.EXE %1 .scr ==> scrfile = "%1" /S .reg ==> regfile = regedit.exe "%1" .doc ==> WordPad.Document.1 = "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" 其它启动项 WIN.INI 无信息 SYSTEM.INI SHELL = Explorer.exe SCRNSAVE.EXE = C:\WINDOWS\System32\logon.scr Winlogon 启动项 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Userinit = C:\WINDOWS\SYSTEM32\USERINIT.EXE, shell = EXPLORER.EXE IE - BHO HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects {01443AEC-0FD1-40fd-9C87-E93D1494C233} = C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll {889D2FEB-5411-4565-8998-1DD2C5261283} = C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} = C:\WINDOWS\system32\UrlFilter.dll Winsock SPI MSAFD Tcpip [TCP/IP] = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD Tcpip [UDP/IP] = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD Tcpip [RAW/IP] = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL RSVP UDP Service Provider = C:\WINDOWS\SYSTEM32\RSVPSP.DLL RSVP TCP Service Provider = C:\WINDOWS\SYSTEM32\RSVPSP.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{B579A779-6008-45B5-B1FB-BBFB4C7D6D0C}] SEQPACKET 0 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{B579A779-6008-45B5-B1FB-BBFB4C7D6D0C}] DATAGRAM 0 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{B30EBCE0-3B91-49FC-ACDB-DACBE3AA723C}] SEQPACKET 1 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{B30EBCE0-3B91-49FC-ACDB-DACBE3AA723C}] DATAGRAM 1 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{FDADE40B-3009-4FE0-80C1-A1723C9B015B}] SEQPACKET 2 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL MSAFD NetBIOS [\Device\NetBT_Tcpip_{FDADE40B-3009-4FE0-80C1-A1723C9B015B}] DATAGRAM 2 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL 系统服务项 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services Alerter = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE ALG = C:\WINDOWS\SYSTEM32\ALG.EXE AppMgmt = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS AudioSrv = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS BITS = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS Browser = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS C-DillaCdaC11BA = C:\WINDOWS\SYSTEM32\DRIVERS\CDAC11BA.EXE CiSvc = C:\WINDOWS\SYSTEM32\CISVC.EXE ClipSrv = C:\WINDOWS\SYSTEM32\CLIPSRV.EXE COMSysApp = C:\WINDOWS\SYSTEM32\DLLHOST.EXE /PROCESSID:{02D4B3F1-FD88-11D1-960D-00805FC79235} CryptSvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS DcomLaunch = C:\WINDOWS\SYSTEM32\SVCHOST -K DCOMLAUNCH Dhcp = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS dmadmin = C:\WINDOWS\SYSTEM32\DMADMIN.EXE /COM dmserver = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS Dnscache = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETWORKSERVICE Dot3svc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K DOT3SVC EapHost = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K EAPSVCS ERSvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS Eventlog = C:\WINDOWS\SYSTEM32\SERVICES.EXE EventSystem = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS FastUserSwitchingCompatibility = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS helpsvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS HidServ = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS hkmsvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS HTTPFilter = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K HTTPFILTER ImapiService = C:\WINDOWS\SYSTEM32\IMAPI.EXE LanmanServer = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS lanmanworkstation = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS LmHosts = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE Messenger = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS mnmsrvc = C:\WINDOWS\SYSTEM32\MNMSRVC.EXE MSDTC = C:\WINDOWS\SYSTEM32\MSDTC.EXE MSIServer = C:\WINDOWS\SYSTEM32\MSIEXEC.EXE /V napagent = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS NetDDE = C:\WINDOWS\SYSTEM32\NETDDE.EXE NetDDEdsdm = C:\WINDOWS\SYSTEM32\NETDDE.EXE Netlogon = C:\WINDOWS\SYSTEM32\LSASS.EXE Netman = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS Nla = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS NtLmSsp = C:\WINDOWS\SYSTEM32\LSASS.EXE NtmsSvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS nvsvc = C:\WINDOWS\SYSTEM32\NVSVC32.EXE PlugPlay = C:\WINDOWS\SYSTEM32\SERVICES.EXE PolicyAgent = C:\WINDOWS\SYSTEM32\LSASS.EXE ProtectedStorage = C:\WINDOWS\SYSTEM32\LSASS.EXE RasAuto = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS RasMan = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS RDSessMgr = C:\WINDOWS\SYSTEM32\SESSMGR.EXE RemoteAccess = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS RemoteRegistry = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE RfwProxySrv = C:\PROGRAM FILES\RISING\RFW\RFWPROXY.EXE RfwService = C:\PROGRAM FILES\RISING\RFW\RFWSRV.EXE RpcLocator = C:\WINDOWS\SYSTEM32\LOCATOR.EXE RpcSs = C:\WINDOWS\SYSTEM32\SVCHOST -K RPCSS RsRavMon = "C:\PROGRAM FILES\RISING\RAV\RAVMOND.EXE" RSVP = C:\WINDOWS\SYSTEM32\RSVP.EXE SamSs = C:\WINDOWS\SYSTEM32\LSASS.EXE SCardSvr = C:\WINDOWS\SYSTEM32\SCARDSVR.EXE Schedule = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS seclogon = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS SENS = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS SharedAccess = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS ShellHWDetection = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS Spooler = C:\WINDOWS\SYSTEM32\SPOOLSV.EXE srservice = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS SSDPSRV = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE stisvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K IMGSVC SwPrv = C:\WINDOWS\SYSTEM32\DLLHOST.EXE /PROCESSID:{659E9C53-C4F0-49DC-A0C5-5DC6C3777B85} SysmonLog = C:\WINDOWS\SYSTEM32\SMLOGSVC.EXE TapiSrv = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS TermService = C:\WINDOWS\SYSTEM32\SVCHOST -K DCOMLAUNCH Themes = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS TlntSvr = C:\WINDOWS\SYSTEM32\TLNTSVR.EXE TrkWks = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS upnphost = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE UPS = C:\WINDOWS\SYSTEM32\UPS.EXE VSS = C:\WINDOWS\SYSTEM32\VSSVC.EXE W32Time = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS WebClient = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE winmgmt = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS WmdmPmSN = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS Wmi = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS WmiApSrv = C:\WINDOWS\SYSTEM32\WBEM\WMIAPSRV.EXE wscsvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS wuauserv = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS WZCSVC = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS xmlprov = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS 文件驱动 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services FltMgr = C:\WINDOWS\SYSTEM32\DRIVERS\FLTMGR.SYS MRxDAV = C:\WINDOWS\SYSTEM32\DRIVERS\MRXDAV.SYS MRxSmb = C:\WINDOWS\SYSTEM32\DRIVERS\MRXSMB.SYS NetBIOS = C:\WINDOWS\SYSTEM32\DRIVERS\NETBIOS.SYS Rdbss = C:\WINDOWS\SYSTEM32\DRIVERS\RDBSS.SYS sr = C:\WINDOWS\SYSTEM32\DRIVERS\SR.SYS Srv = C:\WINDOWS\SYSTEM32\DRIVERS\SRV.SYS 系统驱动项 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services ACPI = C:\WINDOWS\SYSTEM32\DRIVERS\ACPI.SYS aec = C:\WINDOWS\SYSTEM32\DRIVERS\AEC.SYS AFD = C:\WINDOWS\SYSTEM32\DRIVERS\AFD.SYS AsyncMac = C:\WINDOWS\SYSTEM32\DRIVERS\ASYNCMAC.SYS atapi = C:\WINDOWS\SYSTEM32\DRIVERS\ATAPI.SYS Atmarpc = C:\WINDOWS\SYSTEM32\DRIVERS\ATMARPC.SYS audstub = C:\WINDOWS\SYSTEM32\DRIVERS\AUDSTUB.SYS CdaC15BA = C:\WINDOWS\SYSTEM32\DRIVERS\CDAC15BA.SYS Cdrom = C:\WINDOWS\SYSTEM32\DRIVERS\CDROM.SYS Disk = C:\WINDOWS\SYSTEM32\DRIVERS\DISK.SYS dmboot = C:\WINDOWS\SYSTEM32\DRIVERS\DMBOOT.SYS dmio = C:\WINDOWS\SYSTEM32\DRIVERS\DMIO.SYS dmload = C:\WINDOWS\SYSTEM32\DRIVERS\DMLOAD.SYS DMusic = C:\WINDOWS\SYSTEM32\DRIVERS\DMUSIC.SYS drmkaud = C:\WINDOWS\SYSTEM32\DRIVERS\DRMKAUD.SYS FsVga = C:\WINDOWS\SYSTEM32\DRIVERS\FSVGA.SYS Ftdisk = C:\WINDOWS\SYSTEM32\DRIVERS\FTDISK.SYS Gpc = C:\WINDOWS\SYSTEM32\DRIVERS\MSGPC.SYS HDAudBus = C:\WINDOWS\SYSTEM32\DRIVERS\HDAUDBUS.SYS hidusb = C:\WINDOWS\SYSTEM32\DRIVERS\HIDUSB.SYS hookcont = C:\WINDOWS\SYSTEM32\DRIVERS\HOOKCONT.SYS hooksys = C:\WINDOWS\SYSTEM32\DRIVERS\HOOKSYS.SYS HookUrl = C:\PROGRAM FILES\RISING\RFW\HOOKURL.SYS HOSTNT = C:\WINDOWS\SYSTEM32\DRIVERS\HOSTNT.SYS HTTP = C:\WINDOWS\SYSTEM32\DRIVERS\HTTP.SYS i8042prt = C:\WINDOWS\SYSTEM32\DRIVERS\I8042PRT.SYS Imapi = C:\WINDOWS\SYSTEM32\DRIVERS\IMAPI.SYS intelppm = C:\WINDOWS\SYSTEM32\DRIVERS\INTELPPM.SYS Ip6Fw = C:\WINDOWS\SYSTEM32\DRIVERS\IP6FW.SYS IpFilterDriver = C:\WINDOWS\SYSTEM32\DRIVERS\IPFLTDRV.SYS IpInIp = C:\WINDOWS\SYSTEM32\DRIVERS\IPINIP.SYS IpNat = C:\WINDOWS\SYSTEM32\DRIVERS\IPNAT.SYS IPSec = C:\WINDOWS\SYSTEM32\DRIVERS\IPSEC.SYS IRENUM = C:\WINDOWS\SYSTEM32\DRIVERS\IRENUM.SYS isapnp = C:\WINDOWS\SYSTEM32\DRIVERS\ISAPNP.SYS Kbdclass = C:\WINDOWS\SYSTEM32\DRIVERS\KBDCLASS.SYS kmixer = C:\WINDOWS\SYSTEM32\DRIVERS\KMIXER.SYS MHDRV = C:\WINDOWS\SYSTEM32\DRIVERS\MHDRV.SYS Mouclass = C:\WINDOWS\SYSTEM32\DRIVERS\MOUCLASS.SYS mouhid = C:\WINDOWS\SYSTEM32\DRIVERS\MOUHID.SYS MSKSSRV = C:\WINDOWS\SYSTEM32\DRIVERS\MSKSSRV.SYS MSPCLOCK = C:\WINDOWS\SYSTEM32\DRIVERS\MSPCLOCK.SYS MSPQM = C:\WINDOWS\SYSTEM32\DRIVERS\MSPQM.SYS mssmbios = C:\WINDOWS\SYSTEM32\DRIVERS\MSSMBIOS.SYS NdisTapi = C:\WINDOWS\SYSTEM32\DRIVERS\NDISTAPI.SYS Ndisuio = C:\WINDOWS\SYSTEM32\DRIVERS\NDISUIO.SYS NdisWan = C:\WINDOWS\SYSTEM32\DRIVERS\NDISWAN.SYS NetBT = C:\WINDOWS\SYSTEM32\DRIVERS\NETBT.SYS nv = C:\WINDOWS\SYSTEM32\DRIVERS\NV4_MINI.SYS NVHDA = C:\WINDOWS\SYSTEM32\DRIVERS\NVHDA32.SYS NwlnkFlt = C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKFLT.SYS NwlnkFwd = C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKFWD.SYS Parport = C:\WINDOWS\SYSTEM32\DRIVERS\PARPORT.SYS PCI = C:\WINDOWS\SYSTEM32\DRIVERS\PCI.SYS PCIIde = C:\WINDOWS\SYSTEM32\DRIVERS\PCIIDE.SYS PptpMiniport = C:\WINDOWS\SYSTEM32\DRIVERS\RASPPTP.SYS PSched = C:\WINDOWS\SYSTEM32\DRIVERS\PSCHED.SYS Ptilink = C:\WINDOWS\SYSTEM32\DRIVERS\PTILINK.SYS RasAcd = C:\WINDOWS\SYSTEM32\DRIVERS\RASACD.SYS Rasl2tp = C:\WINDOWS\SYSTEM32\DRIVERS\RASL2TP.SYS RasPppoe = C:\WINDOWS\SYSTEM32\DRIVERS\RASPPPOE.SYS Raspti = C:\WINDOWS\SYSTEM32\DRIVERS\RASPTI.SYS RCMHDOG = C:\WINDOWS\SYSTEM32\DRIVERS\RCMHDOG.SYS RDPCDD = C:\WINDOWS\SYSTEM32\DRIVERS\RDPCDD.SYS rdpdr = C:\WINDOWS\SYSTEM32\DRIVERS\RDPDR.SYS redbook = C:\WINDOWS\SYSTEM32\DRIVERS\REDBOOK.SYS RfwBase = C:\WINDOWS\SYSTEM32\DRIVERS\RFWBASE.SYS rsassist = C:\WINDOWS\SYSTEM32\DRIVERS\RSASSIST.SYS RsFwDrv = C:\PROGRAM FILES\RISING\RFW\RSFWDRV.SYS RsNTGDI = C:\WINDOWS\SYSTEM32\DRIVERS\RSNTGDI.SYS rtl8139 = C:\WINDOWS\SYSTEM32\DRIVERS\RTL8139.SYS Secdrv = C:\WINDOWS\SYSTEM32\DRIVERS\SECDRV.SYS serenum = C:\WINDOWS\SYSTEM32\DRIVERS\SERENUM.SYS Serial = C:\WINDOWS\SYSTEM32\DRIVERS\SERIAL.SYS splitter = C:\WINDOWS\SYSTEM32\DRIVERS\SPLITTER.SYS swenum = C:\WINDOWS\SYSTEM32\DRIVERS\SWENUM.SYS swmidi = C:\WINDOWS\SYSTEM32\DRIVERS\SWMIDI.SYS sysaudio = C:\WINDOWS\SYSTEM32\DRIVERS\SYSAUDIO.SYS Tcpip = C:\WINDOWS\SYSTEM32\DRIVERS\TCPIP.SYS TermDD = C:\WINDOWS\SYSTEM32\DRIVERS\TERMDD.SYS Update = C:\WINDOWS\SYSTEM32\DRIVERS\UPDATE.SYS usbehci = C:\WINDOWS\SYSTEM32\DRIVERS\USBEHCI.SYS usbhub = C:\WINDOWS\SYSTEM32\DRIVERS\USBHUB.SYS USBSTOR = C:\WINDOWS\SYSTEM32\DRIVERS\USBSTOR.SYS usbuhci = C:\WINDOWS\SYSTEM32\DRIVERS\USBUHCI.SYS VgaSave = C:\WINDOWS\SYSTEM32\DRIVERS\VGA.SYS Wanarp = C:\WINDOWS\SYSTEM32\DRIVERS\WANARP.SYS wdmaud = C:\WINDOWS\SYSTEM32\DRIVERS\WDMAUD.SYS
isbm 初生襁褓狮帖子:17 注册: 2010-07-31 来自:

isbm 初生襁褓狮帖子:17 注册: 2010-07-31 来自:	发表于： 2010-07-31 18:36 \| 只看楼主短消息资料字号：小中大 5楼回复: CAD老病毒最新升级瑞星还是杀不掉求教高手附件为：病毒生成垃圾文件附件: 文件名:acaddoc.zip 下载次数:270 文件类型:application/x-zip-compressed 文件大小: 上传时间:2010-7-31 18:35:55 描述:zip
isbm 初生襁褓狮帖子:17 注册: 2010-07-31 来自:

木马bbbb 强壮不惑狮帖子:1168 注册: 2008-02-26 来自:瑞星火星用户	发表于： 2010-07-31 18:51 \| 短消息资料字号：小中大 6楼回复: CAD老病毒最新升级瑞星还是杀不掉求教高手进入安全模式。打开我的电脑，依次点击【工具】-【文件夹选项】-【查看】，把“隐藏受保护的操作系统文件”之前的小勾去掉，勾选“显示所有文件和文件夹”，点击确定。全盘搜索以下文件打包上传。 C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\~E5D141.TMP C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\~EF8DDA\~DF394B.TMP C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\~EF8DDA\~DE8C3A.TMP C:\PROGRAM FILES\VSDRV\VSDRV.EXE acaddoc.lsp文件已经上报瑞星。查询编号：RS20100731183709890213 查询地址：http://mailcenter.rising.com.cn/FileCheck/Default.aspx
木马bbbb 强壮不惑狮帖子:1168 注册: 2008-02-26 来自:瑞星火星用户

isbm 初生襁褓狮帖子:17 注册: 2010-07-31 来自:	发表于： 2010-07-31 21:32 \| 只看楼主短消息资料字号：小中大 7楼回复：CAD老病毒最新升级瑞星还是杀不掉求教高手已经上传了个人感觉acaddoc.lsp为病毒生成垃圾文件是查不出病毒的真正的病毒文件隐藏了所以需要瑞星专家人士给与专业指导我到现在也没搞懂为什么其他杀毒软件能杀而瑞星不能我一直是瑞星正版忠实用户我相信瑞星的工程师也一定是全国一流的可老问题问什么没有明确回复呢？？？
isbm 初生襁褓狮帖子:17 注册: 2010-07-31 来自:

isbm 初生襁褓狮帖子:17 注册: 2010-07-31 来自:	发表于： 2010-07-31 21:38 \| 只看楼主短消息资料字号：小中大 8楼回复: CAD老病毒最新升级瑞星还是杀不掉求教高手引用: 原帖由木马bbbb 于 2010-7-31 18:51:00 发表进入安全模式。打开我的电脑，依次点击【工具】-【文件夹选项】-【查看】，把“隐藏受保护的操作系统文件”之前的小勾去掉，勾选“显示所有文件和文件夹”，点击确定。全盘搜索以下文件打包上传。 C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\~E5D141.TMP C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\~EF8DDA\~DF394B. 已经按照楼上操作了再次上传给瑞星谢谢楼上不知您是否瑞星工作人员至少您是个热心的做实事的人谢谢了
isbm 初生襁褓狮帖子:17 注册: 2010-07-31 来自:

isbm 初生襁褓狮帖子:17 注册: 2010-07-31 来自:	发表于： 2010-07-31 21:42 \| 只看楼主短消息资料字号：小中大 9楼回复：CAD老病毒最新升级瑞星还是杀不掉求教高手 RS20100731213437734460 最新上传
isbm 初生襁褓狮帖子:17 注册: 2010-07-31 来自:

isbm 初生襁褓狮帖子:17 注册: 2010-07-31 来自:	发表于： 2010-07-31 21:55 \| 只看楼主短消息资料字号：小中大 10楼回复: CAD老病毒最新升级瑞星还是杀不掉求教高手 1.jpg (86.35 K) 2010-7-31 21:54:37 明显有病毒
isbm 初生襁褓狮帖子:17 注册: 2010-07-31 来自:

<<上一主题|下一主题>>

12

1 / 2 页

跳转页

页面顶部

Powered by Discuz!NT