有日志~~~帮忙看下~~~ - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛有日志~帮忙看下~

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第四十七次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

有日志~帮忙看下~

桃子头淼宝初生襁褓狮帖子:10 注册: 2007-07-16 来自:	发表于： 2007-07-17 17:32 \| 只看楼主短消息资料字号：小中大 1楼有日志~~~帮忙看下~~~ 瑞星卡卡电脑诊断日志 v1.30 (2007-7-17 17:7:19) 北京瑞星科技股份有限公司注释: [A]表示该文件存在自启动关联; [M]表示该文件在内存中; + 注册表自运行项目 + 系统服务 + HKLM\System\CurrentControlSet\Services KAVSvc [AM] 1. c:\kav5\kavsvc.exe kingsoft Antivirus KAVSvc .text,.rdata,.data,.rsrc, NVSvc [AM] 2. c:\windows\system32\nvsvc32.exe NVIDIA Corporation NVIDIA Driver Helper Service, Version 66.93 .text,.rdata,.data,.rsrc, UMWdf [AM] 3. c:\windows\system32\wdfmgr.exe Microsoft Corporation Windows User Mode Driver Manager .text,.data,.rsrc, + 内核驱动 + HKLM\System\CurrentControlSet\Services KWatch2 [A ] 4. c:\windows\system32\drivers\kwatch2.sys Kingsoft Antivirus KWatch2 .text,.data,INIT,.rsrc,.reloc, mdmxsdk [A ] 5. c:\windows\system32\drivers\mdmxsdk.sys Conexant Diagnostic Interface DRIVER .text,.rdata,.data,INIT,.rsrc,.reloc, RsAntiSpyware [A ] 6. c:\windows\system32\drivers\rsboot.sys Beijing Rising Technology Co., Ltd. Anti-RootKit Driver .text,.rdata,.data,INIT,.rsrc,.reloc, Secdrv [A ] 7. c:\windows\system32\drivers\secdrv.sys .text,.data,INIT,.reloc, VIAudio [A ] 8. c:\windows\system32\drivers\viaudios.sys VIA Technologies, Inc. Vinyl AC'97 Codec Combo WDM Driver .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, + IE浏览器加载模块 + HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar {A9BE2902-C447-420A-BB7F-A5DE921E6138} [A ] 9. c:\kav5\kaieplus.dll KAIEPlus Module .text,.rdata,.data,.rsrc,.reloc, {E0E899AB-F487-11D5-8D29-0050BA6940E3} [A ] 10. c:\program files\flashget\fgiebar.dll Amaze Soft FlashGet IE Bar .text,.rdata,.data,.rsrc,.reloc, + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects {A5366673-E8CA-11D3-9CD9-0090271D075B} [A ] 11. c:\program files\flashget\jccatch.dll Amaze Soft jccatch Module .text,.rdata,.data,.rsrc,.reloc, + HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions Exec [A ] 12. c:\program files\flashget\flashget.exe Amaze Soft FlashGet .text,.rdata,.data,.rsrc, Exec [A ] 13. c:\kav5\kavie.htm Exec [A ] 14. c:\program files\messenger\msmsgs.exe Microsoft Corporation Windows Messenger .text,.data,.rsrc, + 资源管理器加载模块 + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved HyperTerminal Icon Ext [A ] 15. c:\windows\system32\hticons.dll Hilgraeve, Inc. HyperTerminal Applet Library .text,.data,.rsrc,.reloc, NvCpl DesktopContext Class [A ] 16. c:\windows\system32\nvcpl.dll NVIDIA Corporation NVIDIA Display Properties Extension .text,.rdata,.data,.rsrc,.reloc, Play on my TV helper [A ] 16. c:\windows\system32\nvcpl.dll NVIDIA Corporation NVIDIA Display Properties Extension .text,.rdata,.data,.rsrc,.reloc, Desktop Explorer [A ] 17. c:\windows\system32\nvshell.dll NVIDIA Corporation NVIDIA Desktop Explorer, Version 66.93 .text,.rdata,.data,.idata,.shared,.rsrc,.reloc, Desktop Explorer Menu [A ] 17. c:\windows\system32\nvshell.dll NVIDIA Corporation NVIDIA Desktop Explorer, Version 66.93 .text,.rdata,.data,.idata,.shared,.rsrc,.reloc, nView Desktop Context Menu [A ] 17. c:\windows\system32\nvshell.dll NVIDIA Corporation NVIDIA Desktop Explorer, Version 66.93 .text,.rdata,.data,.idata,.shared,.rsrc,.reloc, WinRAR shell extension [AM] 18. c:\program files\winrar\rarext.dll .text,.data,.tls,.idata,.edata,.rsrc,.reloc, Shell Extensions for RealOne Player [A ] 19. c:\program files\real\realplayer\rpshell.dll RealNetworks, Inc. RealPlayer Shell Extensions .text,.rdata,.data,.rsrc,.reloc, Portable Media Devices [A ] 20. c:\windows\system32\audiodev.dll Microsoft Corporation 便携媒体设备命令行解释器扩展 .text,.data,.rsrc,.reloc, Portable Media Devices Menu [A ] 20. c:\windows\system32\audiodev.dll Microsoft Corporation 便携媒体设备命令行解释器扩展 .text,.data,.rsrc,.reloc, 金山毒霸 V OEM版 [AM] 21. c:\kav5\kavext.dll Kingsoft Corp. 金山毒霸右键菜单支持程序 DiDUBA,TiDUBA,.rsrc, + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks {AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A} [AM] 22. c:\windows\system32\shlhook.dll Beijing Rising Technology Co., Ltd. shlhook Module .text,.rdata,.data,.rsrc,.reloc, + 用户登陆自运行项目 + HKLM\Software\Microsoft\Windows\CurrentVersion\Run nwiz [A ] 23. c:\windows\system32\nwiz.exe NVIDIA Corporation NVIDIA nView Wizard, Version 66.93 .text,.rdata,.data,.rsrc, RemoteControl [AM] 24. c:\program files\cyberlink\powerdvd\pdvdserv.exe Cyberlink Corp. PowerDVD RC Service .text,.rdata,.data,.rsrc, TkBellExe [AM] 25. c:\program files\common files\real\update_ob\realsched.exe RealNetworks, Inc. RealNetworks Scheduler .text,.rdata,.data,.rsrc, KAVRun [A ] 26. c:\kav5\kavrun.exe kingsoft KAVRun .text,.rdata,.data,.rsrc, runeip [A ] 27. c:\rising\antispyware\runiep.exe Beijing Rising Technology Co., Ltd. Rising AntiSpyware Monitor .text,.rdata,.data,.rsrc, + 其他自启动项目 + C:\Documents and Settings\able\「开始」菜单\程序\启动腾讯QQ.lnk [A ] 28. d:\tencent\qq\qq.exe TENCENT QQ .text,.rdata,.data,.rsrc, 附件: 文件名:9027542007717172158.txt 下载次数:97 文件类型:application/octet-stream 文件大小: 上传时间:2007-7-17 17:32:20 描述: 2007-07-17 17:25:28
桃子头淼宝初生襁褓狮帖子:10 注册: 2007-07-16 来自:	分享到：

桃子头淼宝初生襁褓狮帖子:10 注册: 2007-07-16 来自:	发表于： 2007-07-17 17:33 \| 只看楼主短消息资料字号：小中大 2楼 + 正在运行的进程 + 00000230(560) smss.exe + 00000270(624) csrss.exe + 00000290(656) winlogon.exe 72C80000[00008000] [ M] 29. c:\windows\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, + 000002c0(704) services.exe + 000002cc(716) lsass.exe + 00000360(864) svchost.exe + 000003b0(944) svchost.exe + 00000410(1040) svchost.exe 50E60000[0000C000] [ M] 30. c:\windows\system32\wups2.dll Microsoft Corporation Windows Update client proxy stub 2 .text,.orpc,.data,.rsrc,.reloc, + 00000444(1092) svchost.exe + 0000045c(1116) KAVSVC.EXE 00400000[0000D000] [AM] 1. c:\kav5\kavsvc.exe kingsoft Antivirus KAVSvc .text,.rdata,.data,.rsrc, 10000000[0000D000] [ M] 31. c:\kav5\svccomm.dll kingsoft Antivirus SvcComm .text,.rdata,.data,.rsrc,.reloc, 003E0000[0000D000] [ M] 32. c:\kav5\svcwatch.dll kingsoft Antivirus SvcKWatch .text,.rdata,.data,.rsrc,.reloc, 009F0000[0006F000] [ M] 33. c:\kav5\svctimer.dll CODE,DATA,BSS,.idata,.edata,.reloc,.rsrc,.iDUBA,.data, 00A80000[00010000] [ M] 34. c:\kav5\kavcomm.dll Kingsoft Corporation KavComm .text,.rdata,.data,.rsrc,.reloc, 00AA0000[00006000] [ M] 35. c:\kav5\rpcbrge.dll kingsoft RPCBrge .text,.rdata,.data,.rsrc,.reloc, + 000004c8(1224) svchost.exe + 00000548(1352) alg.exe + 00000584(1412) spoolsv.exe + 00000654(1620) Explorer.EXE 72C80000[00008000] [ M] 29. c:\windows\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, 10000000[0001B000] [ M] 36. c:\rising\antispyware\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, 02320000[00011000] [AM] 21. c:\kav5\kavext.dll Kingsoft Corp. 金山毒霸右键菜单支持程序 DiDUBA,TiDUBA,.rsrc, 029F0000[0002B000] [AM] 18. c:\program files\winrar\rarext.dll .text,.data,.tls,.idata,.edata,.rsrc,.reloc, 02390000[00011000] [AM] 22. c:\windows\system32\shlhook.dll Beijing Rising Technology Co., Ltd. shlhook Module .text,.rdata,.data,.rsrc,.reloc, + 000006c0(1728) nvsvc32.exe 00400000[00021000] [AM] 2. c:\windows\system32\nvsvc32.exe NVIDIA Corporation NVIDIA Driver Helper Service, Version 66.93 .text,.rdata,.data,.rsrc, 00F40000[00032000] [ M] 37. c:\windows\system32\nvrszhc.dll NVIDIA Corporation NVIDIA Simplified Chinese language resource library .rsrc,.reloc, + 000006dc(1756) PDVDServ.exe 00400000[00008000] [AM] 24. c:\program files\cyberlink\powerdvd\pdvdserv.exe Cyberlink Corp. PowerDVD RC Service .text,.rdata,.data,.rsrc, 10000000[0000A000] [ M] 38. c:\program files\cyberlink\powerdvd\clrcengine2.dll CyberLink Corp. Cyberlink Remote Control Module for PCM .text,.rdata,.data,.hdata,.rsrc,.reloc, + 000006e4(1764) realsched.exe 00400000[0002E000] [AM] 25. c:\program files\common files\real\update_ob\realsched.exe RealNetworks, Inc. RealNetworks Scheduler .text,.rdata,.data,.rsrc, + 000006f4(1780) ctfmon.exe 10000000[0001B000] [ M] 36. c:\rising\antispyware\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, + 00000778(1912) wdfmgr.exe 01000000[0000C000] [AM] 3. c:\windows\system32\wdfmgr.exe Microsoft Corporation Windows User Mode Driver Manager .text,.data,.rsrc, + 0000099c(2460) wuauclt.exe 50E60000[0000C000] [ M] 30. c:\windows\system32\wups2.dll Microsoft Corporation Windows Update client proxy stub 2 .text,.orpc,.data,.rsrc,.reloc, + 00000c14(3092) Ras.exe 00400000[0013F000] [ M] 39. c:\rising\antispyware\ras.exe Beijing Rising Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc, 10000000[000A3000] [ M] 40. c:\rising\antispyware\rasgui.dll Beijing Rising Technology Co., Ltd. RasGUI .text,.rdata,.data,.rsrc,.reloc, 015E0000[0001B000] [ M] 36. c:\rising\antispyware\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc,
桃子头淼宝初生襁褓狮帖子:10 注册: 2007-07-16 来自:

桃子头淼宝初生襁褓狮帖子:10 注册: 2007-07-16 来自:	发表于： 2007-07-17 17:35 \| 只看楼主短消息资料字号：小中大 3楼我的电脑有一键恢复功能~但是不管用~~~ 我的QQ和WOW的号都被盗了~~~请帮忙解决下~~~好感谢呀~..... 我用过一个叫:"木马清除大师"的东西杀过~出现病毒为trojan.win32vb.sc
桃子头淼宝初生襁褓狮帖子:10 注册: 2007-07-16 来自:

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT