求助：怎么杀也杀不掉Trojan.IMMSG.Win32.TBMSG.jl救救 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛求助：怎么杀也杀不掉Trojan.IMMSG.Win32.TBMSG.jl救救

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

12

1 / 2 页

跳转页

求助：怎么杀也杀不掉Trojan.IMMSG.Win32.TBMSG.jl救救

wuxiaotian 初生襁褓狮帖子:14 注册: 2007-08-29 来自:	发表于： 2007-08-29 14:06 \| 只看楼主短消息资料字号：小中大 1楼求助：怎么杀也杀不掉Trojan.IMMSG.Win32.TBMSG.jl救救救救，杀不掉Trojan.IMMSG.Win32.TBMSG.jl啊+ 注册表自运行项目 + 系统服务 + HKLM\System\CurrentControlSet\Services aspnet_state [A ] 1. c:\windows\microsoft.net\framework\v2.0.50727\aspnet_state.exe Microsoft Corporation Microsoft ASP.NET State Server .text,.data,.rsrc, Ati HotKey Poller [AM] 2. c:\windows\system32\ati2evxx.exe ATI Technologies Inc. ATI External Event Utility EXE Module .text,.rdata,.data,.rsrc, ATI Smart [A ] 3. c:\windows\system32\ati2sgag.exe ATI Smart .text,.rdata,.data,.rsrc, AVG Anti-Spyware Guard [A ] 4. d:\杀马\avg anti-spyware 7.5\guard.exe GRISOFT s.r.o. AVG Anti-Spyware guard .text,.rdata,.data,.rsrc, clr_optimization_v2.0.50727_32 [A ] 5. c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe Microsoft Corporation .NET Runtime Optimization Service .text,.data,.rsrc, F7659C2 [A ] 6. c:\windows\system32\9d2cdde7.exe Microsoft Corporation ?&M0,?&M1,?&M2, NBService [A ] 7. c:\program files\nero\nero 7\nero backitup\nbservice.exe Nero AG Nero BackItUp .text,.rdata,.data,.rsrc, ose [A ] 8. c:\program files\common files\microsoft shared\source engine\ose.exe Microsoft Corporation Office Source Engine .text,.data,.rsrc, P4P Service [A ] 9. c:\program files\common files\sogou pxp\p2psvr.exe Sohu.com Inc. Sogou P4P Service .text,.rdata,.data,.rsrc, PnpWMmng [A ] 10. d:\系统工具\完美卸载\wmxzv25.92.7508\pnpwmmng.exe 完美卸载完美卸载防毒服务 .text,.rdata,.data,.rsrc, RfwProxySrv [A ] 11. c:\program files\rising\rfw\rfwproxy.exe Beijing Rising Technology Co., Ltd. Rising Personal Proxy Service .text,.rdata,.data,.rsrc, RfwService [A ] 12. c:\program files\rising\rfw\rfwsrv.exe Beijing Rising Technology Co., Ltd. Rising Personal FireWall Service .text,.rdata,.data,.rsrc, RsCCenter [A ] 13. c:\program files\rising\rav\ccenter.exe Beijing Rising Technology Co., Ltd. CCenter .text,.rdata,.data,.rsrc, RsRavMon [A ] 14. c:\program files\rising\rav\ravmond.exe Beijing Rising Technology Co., Ltd. RavMond .text,.rdata,.data,.rsrc, ShadowSystemService [AM] 15. c:\windows\system32\shadow\shadowservice.exe .text,.rdata,.data,.rsrc, WMPNetworkSvc [A ] 16. c:\program files\windows media player\wmpnetwk.exe Microsoft Corporation Windows Media Player 网络共享服务 .text,.data,.rsrc,.reloc, WudfSvc [AM] 17. c:\windows\system32\wudfsvc.dll Microsoft Corporation Windows Driver Foundation - User-mode Driver Framework Service .text,.data,.rsrc,.reloc, + 内核驱动 + HKLM\System\CurrentControlSet\Services ADIHdAudAddService [A ] 18. c:\windows\system32\drivers\adihdaud.sys Analog Devices, Inc. High Definition Audio Function Driver .text,CODE,.rdata,.data,PAGE,INIT,.rsrc,.reloc, AEAudio [A ] 19. c:\windows\system32\drivers\aeaudio.sys Andrea Electronics Corporation Audio Noise Filtering Driver (32-bit) .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, AntiArpNdisProt [A ] 20. c:\windows\system32\drivers\antiarpndisprot.sys Windows (R) 2000 DDK provider NDIS User mode I/O Driver .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, AsIO [A ] 21. c:\windows\system32\drivers\asio.sys .text,.rdata,.data,INIT,.reloc, ATITool [A ] 22. c:\windows\system32\drivers\atitool.sys Low-Level Driver .text,.data,INIT,.rsrc,.reloc, AVG Anti-Spyware Driver [A ] 23. d:\杀马\avg anti-spyware 7.5\guard.sys .text,.rdata,.data,INIT,.reloc, AvgAsCln [A ] 24. c:\windows\system32\drivers\avgascln.sys GRISOFT, s.r.o. AVG7 Clean Driver .text,.rdata,.data,INIT,.rsrc,.reloc, BaseTDI [A ] 25. c:\windows\system32\drivers\basetdi.sys Beijing Rising Technology Co., Ltd. basetdi .text,.rdata,.data,INIT,.rsrc,.reloc, EagleNT [A ] 26. c:\windows\system32\drivers\eaglent.sys ENTECH [A ] 27. c:\windows\system32\drivers\entech.sys EnTech Taiwan .text,.data,.CRT,.STL,PAGE,INIT,.rsrc,.reloc, ExpScaner [A ] 28. c:\program files\rising\rav\expscan.sys ExpScan.sys .text,.rdata,.data,INIT,.rsrc,.reloc, GKeyUSB [A ] 29. c:\windows\system32\drivers\gkeyusb.sys Gemplus USB Key Smart Card Reader Driver .text,page,init,.data,.edata,INIT,.rsrc,.reloc, HDAudBus [A ] 30. c:\windows\system32\drivers\hdaudbus.sys Windows (R) Server 2003 DDK provider High Definition Audio Bus Driver v1.0a .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, HookCont [A ] 31. c:\program files\rising\rav\hookcont.sys Rising HookCont .text,.rdata,.data,INIT,.rsrc,.reloc, HookReg [A ] 32. c:\program files\rising\rav\hookreg.sys .text,.rdata,.data,INIT,.rsrc,.reloc, HookSys [A ] 33. c:\program files\rising\rav\hooksys.sys Rising Hooksys .text,.rdata,.data,INIT,.rsrc,.reloc, HookUrl [A ] 34. c:\program files\rising\rfw\hookurl.sys Beijing Rising Technology Co., Ltd. HookUrl .text,.rdata,.data,INIT,.rsrc,.reloc, JGOGO [A ] 35. c:\windows\system32\drivers\jgogo.sys JMicron SCSI Port upper filter driver .text,.rdata,.data,INIT,.rsrc,.reloc, JRAID [A ] 36. c:\windows\system32\drivers\jraid.sys JMicron Technology Corp. JMicron JR036X RAID Driver .text,.rdata,.data,INIT,.rsrc,.reloc, [用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Embedded Web Browser from: http://bsalsa.com/; Maxthon; .NET CLR 2.0.50727) 2007-08-31 00:52:47
wuxiaotian 初生襁褓狮帖子:14 注册: 2007-08-29 来自:	分享到：

wuxiaotian 初生襁褓狮帖子:14 注册: 2007-08-29 来自:	发表于： 2007-08-29 14:08 \| 只看楼主短消息资料字号：小中大 2楼 kl1 [A ] 37. c:\windows\system32\drivers\kl1.sys MagicTune [A ] 38. c:\windows\system32\drivers\mtictwl.sys .text,.rdata,.data,INIT,.reloc, MEMSCAN [A ] 39. c:\program files\rising\rav\memscan.sys Beijing Rising Technology Co., Ltd. MemScan Driver .text,.rdata,.data,INIT,.rsrc,.reloc, motmodem [A ] 40. c:\windows\system32\drivers\motmodem.sys Motorola Motorola USB Modem and Ports Driver .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, mProcRs [A ] 41. c:\program files\rising\rfw\mprocrs.sys Beijing Rising Technology Co., Ltd. Rising Personal FireWall mprocrs.sys .text,.rdata,.data,INIT,.rsrc,.reloc, MTsensor [A ] 42. c:\windows\system32\drivers\asacpi.sys ATK0110 ACPI Utility .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, netpasadapter1 [A ] 43. c:\windows\system32\drivers\netpas.sys Netpas Netpas Win32 Virtual Network Driver .text,.rdata,.data,INIT,.rsrc,.reloc, npkcrypt [A ] 44. d:\网络工具\qq\npkcrypt.sys INCA Internet Co., Ltd. nProtect KeyCrypt Driver .text,.rdata,.data,INIT,.rsrc,.reloc, oreans32 [A ] 45. c:\windows\system32\drivers\oreans32.sys .text,.rdata,.data,INIT,.reloc, PnpWmkDrv [A ] 46. c:\windows\system32\drivers\pnpwmkdrv.sys .text,.rdata,.data,INIT,.reloc, prodrv06 [A ] 47. c:\windows\system32\drivers\prodrv06.sys Protection Technology StarForce Protection Environment Driver .text,.data,.rsrc,.reloc, prohlp02 [A ] 48. c:\windows\system32\drivers\prohlp02.sys Protection Technology StarForce Protection Helper Driver .text,.data,.rsrc,.reloc, prosync1 [A ] 49. c:\windows\system32\drivers\prosync1.sys Protection Technology StarForce Protection Synchronization Driver .text,.data,INIT,.rsrc,.reloc, RsAntiSpyware [A ] 50. c:\windows\system32\drivers\rsboot.sys Beijing Rising Technology Co., Ltd. Anti-RootKit Driver .text,.rdata,.data,INIT,.rsrc,.reloc, RsFwDrv [A ] 51. c:\program files\rising\rfw\rsfwdrv.sys Beijing Rising Technology Co., Ltd. nt_fwdrv .text,.rdata,.data,INIT,.rsrc,.reloc, RsNTGDI [A ] 52. c:\windows\system32\drivers\rsntgdi.sys Beijing Rising Technology Co., Ltd. RsNTGDI .text,.rdata,INIT,.rsrc,.reloc, RSPPSYS [A ] 53. c:\program files\rising\rav\rsppsys.sys Rising RSPPSYS.SYS .text,.rdata,.data,INIT,.rsrc,.reloc, RTLE8023xp [A ] 54. c:\windows\system32\drivers\rtenicxp.sys Realtek Semiconductor Corporation Realtek 10/100/1000 NDIS 5.1 Driver .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, Secdrv [A ] 55. c:\windows\system32\drivers\secdrv.sys Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. Macrovision SECURITY Driver .text,.rdata,.data,INIT,.rsrc,.reloc,pnidata, SenFiltService [A ] 56. c:\windows\system32\drivers\senfilt.sys Sensaura Sensaura WDM 3D Audio Driver .text,page,init,.data,.CRT,init,INIT,.rsrc,.reloc, sfhlp01 [A ] 57. c:\windows\system32\drivers\sfhlp01.sys Protection Technology StarForce Protection Helper Driver .text,.data,PAGE,INIT,.rsrc,.reloc, snpshot [A ] 58. c:\windows\system32\drivers\snpshot.sys PowerShadow Shadow System .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, sptd [A ] 59. c:\windows\system32\drivers\sptd.sys Wdf01000 [A ] 60. c:\windows\system32\drivers\wdf01000.sys Microsoft Corporation WDF Dynamic .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, WmNdisDrv [A ] 61. c:\windows\system32\drivers\wmndisdrv.sys WpdUsb [A ] 62. c:\windows\system32\drivers\wpdusb.sys Microsoft Corporation WPD USB Driver .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, WudfPf [A ] 63. c:\windows\system32\drivers\wudfpf.sys Microsoft Corporation Windows Driver Foundation - User-mode Driver Framework Platform Driver .text,.rdata,.data,PAGE,.edata,INIT,.rsrc,.reloc, WudfRd [A ] 64. c:\windows\system32\drivers\wudfrd.sys Microsoft Corporation Windows Driver Foundation - User-mode Driver Framework Reflector .text,.rdata,.data,PAGE,INIT,.rsrc,.reloc, xAntiArp [A ] 65. c:\windows\system32\drivers\xantiarp.sys Windows (R) 2000 DDK provider Sample NDIS 4.0 Intermediate Miniport Driver .text,.rdata,.data,INIT,.rsrc,.reloc, + 系统登陆自运行 + HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify AtiExtEvent [AM] 66. c:\windows\system32\ati2evxx.dll ATI Technologies Inc. ATI External Event Utility DLL Module .text,.rdata,.data,.rsrc,.reloc, WgaLogon [AM] 67. c:\windows\system32\wgalogon.dll Microsoft Corporation Windows 正版增值计划通知 .text,.data,.rsrc,.reloc, + IE浏览器加载模块 + HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} [A ] 68. c:\windows\system32\kakatool.dll Beijing Rising Technology Co., Ltd. Rising AntiSpyware Toolbar .text,.rdata,.data,MonitorS,.rsrc,.reloc, + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects {00000AAA-A363-466E-BEF5-9BB68697AA7F} [A ] 69. d:\网络工具\webthunder\webthunderbho_now.dll Thunder Networking Technologies,LTD XunLeiBHO .text,.rdata,.data,.rsrc,.reloc, {01443AEC-0FD1-40fd-9C87-E93D1494C233} [A ] 70. d:\网络工具\thunder\comdlls\tdatonce_now.dll Thunder Networking Technologies,LTD 迅雷浏览器高级特性支持模块 .text,.rdata,.data,.rsrc,.reloc, {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [A ] 71. d:\阅读软件\acrobat 7.0\activex\acroiehelper.dll Adobe Systems Incorporated Adobe Acrobat IE Helper Version 7.0 for ActiveX .text,.rdata,.data,.rsrc,.reloc, {2F364305-AA45-47B5-9F9D-39A8B94E7EF7} [A ] 72. d:\网络工具\thunder\comdlls\xunleibho_now.dll Thunder Networking Technologies,LTD XunLeiBHO .text,.rdata,.data,.rsrc,.reloc, {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} [A ] 73. d:\网络工具\flashget\jccatch.dll www.flashget.com Flashget CatchUrl Module .text,.rdata,.data,.rsrc,.reloc, {889D2FEB-5411-4565-8998-1DD2C5261283} [A ] 72. d:\网络工具\thunder\comdlls\xunleibho_now.dll Thunder Networking Technologies,LTD XunLeiBHO .text,.rdata,.data,.rsrc,.reloc, + HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions Exec [A ] 74. d:\网络工具\thunder\thunder.exe Thunder Networking Technologies,LTD .text,.rdata,.data,.rsrc, Exec [A ] 75. e:\浩方对战平台\gameclient.exe 上海浩方在线信息技术有限公司浩方对战平台 .text,.rdata,.data,.rsrc, + 资源管理器加载模块 + HKLM\SOFTWARE\Classes\PROTOCOLS\Filter application/octet-stream [A ] 76. c:\windows\system32\mscoree.dll Microsoft Corporation Microsoft .NET Runtime Execution Engine .text,.data,.rsrc,.reloc, application/x-complus [A ] 76. c:\windows\system32\mscoree.dll Microsoft Corporation Microsoft .NET Runtime Execution Engine .text,.data,.rsrc,.reloc, application/x-msdownload [A ] 76. c:\windows\system32\mscoree.dll Microsoft Corporation Microsoft .NET Runtime Execution Engine .text,.data,.rsrc,.reloc, text/xml [A ] 77. c:\program files\common files\microsoft shared\office11\msoxmlmf.dll Microsoft Corporation Microsoft Office XML MIME Filter .text,.data,.rsrc,.reloc, + HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers {7D4D6379-F301-4311-BEBA-E26EB0561882} [A ] 78. c:\program files\common files\ahead\lib\nerodigitalext.dll Nero AG Nero Digital Shell Extension .text,.code,.rdata,.data,.rsrc,.reloc, {F9DB5320-233E-11D1-9F84-707F02C10627} [A ] 79. d:\阅读软件\acrobat 7.0\activex\pdfshell.dll Adobe Systems, Inc. PDF Shell Extension .text,.rdata,.data,.rsrc,.reloc, + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved ShellLink for Application References [A ] 80. c:\windows\system32\dfshim.dll Microsoft Corporation Application Deployment Support Library .text,.data,.rsrc,.reloc, Shell Icon Handler for Application References [A ] 80. c:\windows\system32\dfshim.dll Microsoft Corporation Application Deployment Support Library .text,.data,.rsrc,.reloc,
wuxiaotian 初生襁褓狮帖子:14 注册: 2007-08-29 来自:

wuxiaotian 初生襁褓狮帖子:14 注册: 2007-08-29 来自:	发表于： 2007-08-29 14:08 \| 只看楼主短消息资料字号：小中大 3楼【回复“wuxiaotian”的帖子】 WinRAR shell extension [A ] 81. c:\program files\winrar\rarext.dll .text,.data,.tls,.idata,.edata,.rsrc,.reloc, Microsoft Office HTML Icon Handler [A ] 82. c:\program files\microsoft office\office11\msohev.dll Microsoft Corporation Microsoft Office 2003 component .text,.data,.rsrc,.reloc, Web Folders [A ] 83. c:\program files\common files\microsoft shared\web folders\msonsext.dll Microsoft Corporation Microsoft Web Folders .text,.data,.rsrc,.reloc, NeroDigitalIconHandler [A ] 78. c:\program files\common files\ahead\lib\nerodigitalext.dll Nero AG Nero Digital Shell Extension .text,.code,.rdata,.data,.rsrc,.reloc, NeroDigitalPropSheetHandler [A ] 78. c:\program files\common files\ahead\lib\nerodigitalext.dll Nero AG Nero Digital Shell Extension .text,.code,.rdata,.data,.rsrc,.reloc, Portable Media Devices [A ] 84. c:\windows\system32\audiodev.dll Microsoft Corporation Portable Media Devices Shell Extension .text,.data,.rsrc,.reloc, Portable Devices [A ] 85. c:\windows\system32\wpdshext.dll Microsoft Corporation Portable Devices Shell Extension .text,.data,.rsrc,.reloc, Portable Devices Menu [A ] 85. c:\windows\system32\wpdshext.dll Microsoft Corporation Portable Devices Shell Extension .text,.data,.rsrc,.reloc, Catalyst Context Menu extension [A ] 86. c:\program files\ati technologies\ati.ace\core-static\atiacmxx.dll ACE Context Menu .text,.rdata,.data,.rsrc,.reloc, RISING [A ] 87. c:\windows\system32\ravext.dll Beijing Rising Technology Co., Ltd. Rising Shell Ext Module .text,.rdata,.data,.rsrc,.reloc, + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks {57B86673-276A-48B2-BAE7-C6DBB3020EB8} [AM] 88. d:\杀马\avg anti-spyware 7.5\shellexecutehook.dll GRISOFT s.r.o. AVG Anti-Spyware shellexecutehook .text,.rdata,.data,.rsrc,.reloc, + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad WPDShServiceObj [AM] 89. c:\windows\system32\wpdshserviceobj.dll Microsoft Corporation Windows Portable Device Shell Service Object .text,.data,.rsrc,.reloc, + 用户登陆自运行项目 + HKCU\Software\Microsoft\Windows\CurrentVersion\Run BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} [AM] 90. c:\program files\common files\ahead\lib\nmbgmonitor.exe Nero AG Nero Home .text,.rdata,.data,.rsrc, + HKLM\Software\Microsoft\Windows\CurrentVersion\Run SoundMAXPnP [AM] 91. c:\program files\analog devices\core\smax4pnp.exe Analog Devices, Inc. SMax4PNP .text,.rdata,.data,.rsrc, SoundMAX [A ] 92. c:\program files\analog devices\soundmax\smax4.exe Analog Devices, Inc. Audio Control Panel .text,.rdata,.data,.rsrc, RunShadowTip [A ] 93. c:\windows\system32\shadow\shadowtip.exe PowerShadow ShadowTip .text,.rdata,.data,.rsrc, NetpasAcc [AM] 94. d:\网络工具\netpas acc\netpas_acc.exe .text,.data,.rdata,.bss,.idata,.rsrc, RfwMain [AM] 95. c:\program files\rising\rfw\rfwmain.exe Beijing Rising Technology Co., Ltd. Rising Personal FireWall Main Program .text,.rdata,.data,.rsrc, RavTask [A ] 96. c:\program files\rising\rav\ravtask.exe Beijing Rising Technology Co., Ltd. RavTimer .text,.rdata,.data,.rsrc, runeip [AM] 97. c:\program files\rising\antispyware\runiep.exe Beijing Rising Technology Co., Ltd. Rising AntiSpyware Monitor .text,.rdata,.data,.rsrc, !AVG Anti-Spyware [AM] 98. d:\杀马\avg anti-spyware 7.5\avgas.exe GRISOFT s.r.o. AVG Anti-Spyware .text,.rdata,.data,.rsrc, AntiARPStandalone [A ] 99. c:\program files\antiarp stand-alone edition\antiarp.exe CODE,DATA,BSS,.idata,.tls,.rdata,.vmp0,.rsrc,.vmp1,.reloc, + 开机执行 + HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order BootExecute [A ] 100. c:\windows\system32\bsmain.exe Beijing Rising Technology Co., Ltd. BootScan .text,.data,.rsrc,.reloc, + 映像劫持 + HKCR\.html htmlfile\Edit\Command [A ] 101. c:\program files\microsoft office\office11\msohtmed.exe Microsoft Corporation Microsoft Office 2003 component .text,.data,.rsrc, htmlfile\Print\Command [A ] 101. c:\program files\microsoft office\office11\msohtmed.exe Microsoft Corporation Microsoft Office 2003 component .text,.data,.rsrc, + HKCR\.htm htmlfile\Edit\Command [A ] 101. c:\program files\microsoft office\office11\msohtmed.exe Microsoft Corporation Microsoft Office 2003 component .text,.data,.rsrc, htmlfile\Print\Command [A ] 101. c:\program files\microsoft office\office11\msohtmed.exe Microsoft Corporation Microsoft Office 2003 component .text,.data,.rsrc, + HKCR\.mp3 NeroShowTime.Files7.mp3\play\Command [A ] 102. c:\program files\nero\nero 7\nero showtime\showtime.exe Nero AG Nero ShowTime .text,.rdata,.data,.rsrc, + 其他自启动项目 + C:\Documents and Settings\All Users\「开始」菜单\程序\启动 Adobe Reader Speed Launch.lnk [AM] 103. d:\阅读软件\acrobat 7.0\reader\reader_sl.exe Adobe Systems Incorporated Adobe Acrobat SpeedLauncher .text,.rdata,.data,.rsrc, + 正在运行的进程 + 00000154(340) Ati2evxx.exe 00400000[0007A000] [AM] 2. c:\windows\system32\ati2evxx.exe ATI Technologies Inc. ATI External Event Utility EXE Module .text,.rdata,.data,.rsrc, 00D00000[00010000] [ M] 104. c:\windows\system32\ati2edxx.dll ATI Technologies, Inc. ati2edxx .text,.data,.SHAREDS,.rsrc,.reloc, 10000000[00024000] [ M] 105. c:\windows\system32\atipdlxx.dll ATI Technologies, Inc. ATI Desktop CWDDEDI DLL .text,.rdata,.data,.rsrc,.reloc, 00D30000[0001F000] [AM] 66. c:\windows\system32\ati2evxx.dll ATI Technologies Inc. ATI External Event Utility DLL Module .text,.rdata,.data,.rsrc,.reloc, + 0000016c(364) RfwMain.exe 00400000[00073000] [AM] 95. c:\program files\rising\rfw\rfwmain.exe Beijing Rising Technology Co., Ltd. Rising Personal FireWall Main Program .text,.rdata,.data,.rsrc, 26600000[0007D000] [ M] 106. c:\program files\rising\rfw\rsguilib.dll Beijing Rising Technology Co., Ltd. Rising GUI Library Loader .text,.rdata,.data,.rsrc,.reloc, 23700000[0001A000] [ M] 107. c:\program files\rising\rfw\rscommon.dll Beijing Rising Technology Co., Ltd. Rising Common Function Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 10000000[0000F000] [ M] 108. c:\program files\rising\rfw\rfwctrl.dll Beijing Rising Technology Co., Ltd. RfwCtrl DLL .text,.rdata,.data,.rsrc,.reloc, 23800000[0001A000] [ M] 109. c:\program files\rising\rfw\rsxml.dll Beijing Rising Technology Co., Ltd. RsXML .text,.rdata,.data,.rsrc,.reloc,
wuxiaotian 初生襁褓狮帖子:14 注册: 2007-08-29 来自:

wuxiaotian 初生襁褓狮帖子:14 注册: 2007-08-29 来自:	发表于： 2007-08-29 14:09 \| 只看楼主短消息资料字号：小中大 4楼【回复“wuxiaotian”的帖子】 23900000[00031000] [ M] 110. c:\program files\rising\rfw\pngdll.dll Beijing Rising Technology Co., Ltd. Rising .Png File Loader Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01320000[0001B000] [ M] 111. c:\program files\rising\antispyware\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, + 00000278(632) RavStub.exe 00400000[00018000] [ M] 112. c:\program files\rising\rav\ravstub.exe Beijing Rising Technology Co., Ltd. Rising RavStub .text,.rdata,.data,.rsrc, 10000000[0001B000] [ M] 113. c:\program files\rising\rav\rscommx.dll rising RsCommX .text,.rdata,.data,.rsrc,.reloc, 23700000[0001A000] [ M] 114. c:\program files\rising\rav\rscommon.dll Beijing Rising Technology Co., Ltd. Rising Common Function Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, + 000002f0(752) SCardSvr.exe + 00000378(888) ShadowService.exe 00400000[0000F000] [AM] 15. c:\windows\system32\shadow\shadowservice.exe .text,.rdata,.data,.rsrc, + 00000388(904) svchost.exe + 000004c4(1220) Netpas_Acc.exe 00400000[00166000] [AM] 94. d:\网络工具\netpas acc\netpas_acc.exe .text,.data,.rdata,.bss,.idata,.rsrc, 10000000[001E1000] [ M] 115. c:\windows\system32\sogoupy.ime Sohu.com Inc. 搜狗拼音输入法 3.0公测第一版 .text,.rdata,.data,.SogouIn,.rsrc,.reloc, 01030000[0001F000] [ M] 116. c:\windows\system32\dllmergedict.dll Sogou.com Inc. dll used by SogouPy.ime and PinyinUp.exe to build the system words lib .text,.rdata,.data,.rsrc,.reloc, 014B0000[00046000] [ M] 117. d:\输入法\sogouinput搜狗拼音输入法\plugin\sgimeword.dll test1 Module .text,.rdata,.data,.rsrc,.reloc, 03C10000[0001B000] [ M] 111. c:\program files\rising\antispyware\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, + 000004d0(1232) alg.exe + 000004f0(1264) smss.exe + 00000520(1312) smax4pnp.exe 00400000[000CE000] [AM] 91. c:\program files\analog devices\core\smax4pnp.exe Analog Devices, Inc. SMax4PNP .text,.rdata,.data,.rsrc, 10000000[0005B000] [ M] 118. c:\program files\analog devices\core\smwdmif.dll Analog Devices, Inc. SMWDM Interface DLL .text,.rdata,.data,.idata,.rsrc,.reloc, 00B90000[001E1000] [ M] 115. c:\windows\system32\sogoupy.ime Sohu.com Inc. 搜狗拼音输入法 3.0公测第一版 .text,.rdata,.data,.SogouIn,.rsrc,.reloc, 00D90000[0001F000] [ M] 116. c:\windows\system32\dllmergedict.dll Sogou.com Inc. dll used by SogouPy.ime and PinyinUp.exe to build the system words lib .text,.rdata,.data,.rsrc,.reloc, 03550000[00046000] [ M] 117. d:\输入法\sogouinput搜狗拼音输入法\plugin\sgimeword.dll test1 Module .text,.rdata,.data,.rsrc,.reloc, 72C80000[00008000] [ M] 119. c:\windows\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, 03820000[0001B000] [ M] 111. c:\program files\rising\antispyware\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, + 00000528(1320) csrss.exe + 00000544(1348) winlogon.exe 10000000[0001F000] [AM] 66. c:\windows\system32\ati2evxx.dll ATI Technologies Inc. ATI External Event Utility DLL Module .text,.rdata,.data,.rsrc,.reloc, 01410000[0003B000] [AM] 67. c:\windows\system32\wgalogon.dll Microsoft Corporation Windows 正版增值计划通知 .text,.data,.rsrc,.reloc, 012A0000[00012000] [ M] 120. c:\windows\system32\51c9df40.dll Microsoft Corporation .text,.rdata,.data,.rsrc,.reloc, 016D0000[001E1000] [ M] 115. c:\windows\system32\sogoupy.ime Sohu.com Inc. 搜狗拼音输入法 3.0公测第一版 .text,.rdata,.data,.SogouIn,.rsrc,.reloc, 018D0000[0001F000] [ M] 116. c:\windows\system32\dllmergedict.dll Sogou.com Inc. dll used by SogouPy.ime and PinyinUp.exe to build the system words lib .text,.rdata,.data,.rsrc,.reloc, 01B50000[00046000] [ M] 117. d:\输入法\sogouinput搜狗拼音输入法\plugin\sgimeword.dll test1 Module .text,.rdata,.data,.rsrc,.reloc, 72C80000[00008000] [ M] 119. c:\windows\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, + 00000570(1392) services.exe 47260000[0000F000] [ M] 121. c:\windows\apppatch\acadproc.dll Microsoft Corporation Windows Compatibility DLL .text,.data,.rsrc,.reloc, + 0000057c(1404) lsass.exe + 00000610(1552) Ati2evxx.exe 00400000[0007A000] [AM] 2. c:\windows\system32\ati2evxx.exe ATI Technologies Inc. ATI External Event Utility EXE Module .text,.rdata,.data,.rsrc, 00CB0000[00010000] [ M] 104. c:\windows\system32\ati2edxx.dll ATI Technologies, Inc. ati2edxx .text,.data,.SHAREDS,.rsrc,.reloc, 10000000[00024000] [ M] 105. c:\windows\system32\atipdlxx.dll ATI Technologies, Inc. ATI Desktop CWDDEDI DLL .text,.rdata,.data,.rsrc,.reloc, + 00000628(1576) svchost.exe + 00000678(1656) svchost.exe + 000006d8(1752) runiep.exe 00400000[00013000] [AM] 97. c:\program files\rising\antispyware\runiep.exe Beijing Rising Technology Co., Ltd. Rising AntiSpyware Monitor .text,.rdata,.data,.rsrc, 10000000[001E1000] [ M] 115. c:\windows\system32\sogoupy.ime Sohu.com Inc. 搜狗拼音输入法 3.0公测第一版 .text,.rdata,.data,.SogouIn,.rsrc,.reloc, 00AF0000[0001F000] [ M] 116. c:\windows\system32\dllmergedict.dll Sogou.com Inc. dll used by SogouPy.ime and PinyinUp.exe to build the system words lib .text,.rdata,.data,.rsrc,.reloc, 032B0000[00046000] [ M] 117. d:\输入法\sogouinput搜狗拼音输入法\plugin\sgimeword.dll test1 Module .text,.rdata,.data,.rsrc,.reloc, 03450000[0001B000] [ M] 111. c:\program files\rising\antispyware\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, + 000006e4(1764) avgas.exe 00400000[00675000] [AM] 98. d:\杀马\avg anti-spyware 7.5\avgas.exe GRISOFT s.r.o. AVG Anti-Spyware .text,.rdata,.data,.rsrc, 10000000[000DE000] [ M] 122. d:\杀马\avg anti-spyware 7.5\engine.dll GRISOFT s.r.o. AVG Anti-Spyware Scan Engine .text,.rdata,.data,.rsrc,.reloc, 03170000[001E1000] [ M] 115. c:\windows\system32\sogoupy.ime Sohu.com Inc. 搜狗拼音输入法 3.0公测第一版 .text,.rdata,.data,.SogouIn,.rsrc,.reloc, 03370000[0001F000] [ M] 116. c:\windows\system32\dllmergedict.dll Sogou.com Inc. dll used by SogouPy.ime and PinyinUp.exe to build the system words lib .text,.rdata,.data,.rsrc,.reloc, 03800000[00046000] [ M] 117. d:\输入法\sogouinput搜狗拼音输入法\plugin\sgimeword.dll test1 Module .text,.rdata,.data,.rsrc,.reloc, 08410000[0001B000] [ M] 111. c:\program files\rising\antispyware\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, + 0000073c(1852) svchost.exe + 00000764(1892) svchost.exe 007B0000[00010000] [AM] 17. c:\windows\system32\wudfsvc.dll Microsoft Corporation Windows Driver Foundation - User-mode Driver Framework Service .text,.data,.rsrc,.reloc, 007C0000[0002C000] [ M] 123. c:\windows\system32\wudfplatform.dll Microsoft Corporation Windows Driver Foundation - User-mode Platform Library .text,.data,.rsrc,.reloc, + 00000794(1940) svchost.exe + 000007b8(1976) userinit.exe + 000007c8(1992) Explorer.EXE 10000000[001E1000] [ M] 115. c:\windows\system32\sogoupy.ime Sohu.com Inc. 搜狗拼音输入法 3.0公测第一版 .text,.rdata,.data,.SogouIn,.rsrc,.reloc, 00BB0000[0001F000] [ M] 116. c:\windows\system32\dllmergedict.dll Sogou.com Inc. dll used by SogouPy.ime and PinyinUp.exe to build the system words lib .text,.rdata,.data,.rsrc,.reloc, 00E40000[00046000] [ M] 117. d:\输入法\sogouinput搜狗拼音输入法\plugin\sgimeword.dll test1 Module .text,.rdata,.data,.rsrc,.reloc, 00F20000[00012000] [ M] 120. c:\windows\system32\51c9df40.dll Microsoft Corporation .text,.rdata,.data,.rsrc,.reloc, 04300000[00013000] [AM] 88. d:\杀马\avg anti-spyware 7.5\shellexecutehook.dll GRISOFT s.r.o. AVG Anti-Spyware shellexecutehook .text,.rdata,.data,.rsrc,.reloc, 04650000[0001B000] [ M] 111. c:\program files\rising\antispyware\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, 164A0000[00023000] [AM] 89. c:\windows\system32\wpdshserviceobj.dll Microsoft Corporation Windows Portable Device Shell Service Object .text,.data,.rsrc,.reloc, 109C0000[0002C000] [ M] 124. c:\windows\system32\portabledevicetypes.dll Microsoft Corporation Windows Portable Device (Parameter) Types Component .text,.orpc,.data,.rsrc,.reloc, 10930000[00049000] [ M] 125. c:\windows\system32\portabledeviceapi.dll Microsoft Corporation Windows Portable Device API Components .text,.orpc,.data,.rsrc,.reloc, 72C80000[00008000] [ M] 119. c:\windows\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc,
wuxiaotian 初生襁褓狮帖子:14 注册: 2007-08-29 来自:

wuxiaotian 初生襁褓狮帖子:14 注册: 2007-08-29 来自:	发表于： 2007-08-29 14:10 \| 只看楼主短消息资料字号：小中大 5楼【回复“wuxiaotian”的帖子】 + 000007f8(2040) 65D7E73B.exe 00400000[00013000] [ M] 126. c:\windows\system32\65d7e73b.exe >N諯0,>N諯1,>N諯2, 73390000[00154000] [ M] 127. c:\windows\system32\msvbvm60.dll Microsoft Corporation Visual Basic Virtual Machine .text,ENGINE,.data,.rsrc,.reloc, 66630000[0001C000] [ M] 128. c:\windows\system32\vb6chs.dll Microsoft Corporation Visual Basic Environment International Resources .rdata,.rsrc,.reloc, 10000000[001E1000] [ M] 115. c:\windows\system32\sogoupy.ime Sohu.com Inc. 搜狗拼音输入法 3.0公测第一版 .text,.rdata,.data,.SogouIn,.rsrc,.reloc, 00EC0000[0001F000] [ M] 116. c:\windows\system32\dllmergedict.dll Sogou.com Inc. dll used by SogouPy.ime and PinyinUp.exe to build the system words lib .text,.rdata,.data,.rsrc,.reloc, 03700000[00046000] [ M] 117. d:\输入法\sogouinput搜狗拼音输入法\plugin\sgimeword.dll test1 Module .text,.rdata,.data,.rsrc,.reloc, 04D80000[0001B000] [ M] 111. c:\program files\rising\antispyware\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, + 00000850(2128) ctfmon.exe 10000000[001E1000] [ M] 115. c:\windows\system32\sogoupy.ime Sohu.com Inc. 搜狗拼音输入法 3.0公测第一版 .text,.rdata,.data,.SogouIn,.rsrc,.reloc, 00A10000[0001F000] [ M] 116. c:\windows\system32\dllmergedict.dll Sogou.com Inc. dll used by SogouPy.ime and PinyinUp.exe to build the system words lib .text,.rdata,.data,.rsrc,.reloc, 031D0000[00046000] [ M] 117. d:\输入法\sogouinput搜狗拼音输入法\plugin\sgimeword.dll test1 Module .text,.rdata,.data,.rsrc,.reloc, 03290000[0001B000] [ M] 111. c:\program files\rising\antispyware\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, + 00000874(2164) svchost.exe + 00000884(2180) NMBgMonitor.exe 00400000[00022000] [AM] 90. c:\program files\common files\ahead\lib\nmbgmonitor.exe Nero AG Nero Home .text,.rdata,.data,.rsrc, 7C3A0000[0007B000] [ M] 129. c:\program files\common files\ahead\lib\msvcp71.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 7C340000[00056000] [ M] 130. c:\program files\common files\ahead\lib\msvcr71.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 10000000[002BE000] [ M] 131. c:\program files\common files\ahead\lib\advrcntr2.dll Nero AG AdvrCntr Module .text,.orpc,.rdata,.data,.tls,.shared,.sharedv,.rsrc,.reloc, 01000000[001E1000] [ M] 115. c:\windows\system32\sogoupy.ime Sohu.com Inc. 搜狗拼音输入法 3.0公测第一版 .text,.rdata,.data,.SogouIn,.rsrc,.reloc, 00F50000[0001F000] [ M] 116. c:\windows\system32\dllmergedict.dll Sogou.com Inc. dll used by SogouPy.ime and PinyinUp.exe to build the system words lib .text,.rdata,.data,.rsrc,.reloc, 03990000[00046000] [ M] 117. d:\输入法\sogouinput搜狗拼音输入法\plugin\sgimeword.dll test1 Module .text,.rdata,.data,.rsrc,.reloc, 03C00000[0001B000] [ M] 111. c:\program files\rising\antispyware\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, 03D30000[00008000] [ M] 132. c:\program files\common files\ahead\lib\nmindexstoresvrps.dll Nero AG Nero Home .text,.orpc,.rdata,.data,.rsrc,.reloc, 03D50000[0013D000] [ M] 133. c:\program files\common files\ahead\lib\nmdataservices.dll Nero AG Nero Home .text,.orpc,.rdata,.data,.rsrc,.reloc, + 00000948(2376) Ras.exe 00400000[0013F000] [ M] 134. c:\program files\rising\antispyware\ras.exe Beijing Rising Technology Co., Ltd. Rising AntiSpyware .text,.rdata,.data,.rsrc, 10000000[000A3000] [ M] 135. c:\program files\rising\antispyware\rasgui.dll Beijing Rising Technology Co., Ltd. RasGUI .text,.rdata,.data,.rsrc,.reloc, 01360000[001E1000] [ M] 115. c:\windows\system32\sogoupy.ime Sohu.com Inc. 搜狗拼音输入法 3.0公测第一版 .text,.rdata,.data,.SogouIn,.rsrc,.reloc, 01560000[0001F000] [ M] 116. c:\windows\system32\dllmergedict.dll Sogou.com Inc. dll used by SogouPy.ime and PinyinUp.exe to build the system words lib .text,.rdata,.data,.rsrc,.reloc, 03D20000[00046000] [ M] 117. d:\输入法\sogouinput搜狗拼音输入法\plugin\sgimeword.dll test1 Module .text,.rdata,.data,.rsrc,.reloc, 03F50000[0001B000] [ M] 111. c:\program files\rising\antispyware\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, + 000009e0(2528) NMIndexStoreSvr.exe 00400000[000D9000] [ M] 136. c:\program files\common files\ahead\lib\nmindexstoresvr.exe Nero AG Nero Home .text,.rdata,.data,.rsrc, 10000000[00046000] [ M] 137. c:\program files\common files\ahead\lib\nmsqldb.dll Nero AG Nero Home .text,.rdata,.data,.rsrc,.reloc, 7C3A0000[0007B000] [ M] 129. c:\program files\common files\ahead\lib\msvcp71.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 7C340000[00056000] [ M] 130. c:\program files\common files\ahead\lib\msvcr71.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 00BC0000[001E1000] [ M] 115. c:\windows\system32\sogoupy.ime Sohu.com Inc. 搜狗拼音输入法 3.0公测第一版 .text,.rdata,.data,.SogouIn,.rsrc,.reloc, 00DC0000[0001F000] [ M] 116. c:\windows\system32\dllmergedict.dll Sogou.com Inc. dll used by SogouPy.ime and PinyinUp.exe to build the system words lib .text,.rdata,.data,.rsrc,.reloc, 03580000[00046000] [ M] 117. d:\输入法\sogouinput搜狗拼音输入法\plugin\sgimeword.dll test1 Module .text,.rdata,.data,.rsrc,.reloc, 03600000[00010000] [ M] 138. c:\program files\common files\ahead\lib\nmlogcxx.dll Nero AG Nero Home .text,.orpc,.rdata,.data,.rsrc,.reloc, 03610000[000B5000] [ M] 139. c:\program files\common files\ahead\lib\log4cxx.dll Nero AG Log4cxx is C++ port of Log4j .text,.rdata,.data,.rsrc,.reloc, 04460000[0007A000] [ M] 140. c:\program files\common files\ahead\lib\nmcofoundation.dll Nero AG Nero Home .text,.orpc,.rdata,.data,.rsrc,.reloc, 045E0000[00019000] [ M] 141. c:\program files\common files\ahead\lib\nmpluginbase.dll Nero AG Nero Home .text,.orpc,.rdata,.data,.rsrc,.reloc, 04820000[00026000] [ M] 142. c:\program files\common files\ahead\lib\nmfulltextextraction.dll Nero AG Nero Home .text,.orpc,.rdata,.data,.rsrc,.reloc, 048A0000[0002A000] [ M] 143. c:\program files\common files\ahead\lib\nmsearchpluginsimilarimages.dll Nero AG Nero Home .text,.orpc,.rdata,.data,.rsrc,.reloc, 04910000[00337000] [ M] 144. c:\program files\common files\ahead\lib\neroipp.dll Nero AG Nero IPP Proxy .text,.rdata,.data,.idata,.data1,.rsrc,.reloc, 048D0000[00008000] [ M] 132. c:\program files\common files\ahead\lib\nmindexstoresvrps.dll Nero AG Nero Home .text,.orpc,.rdata,.data,.rsrc,.reloc, 04D50000[0013D000] [ M] 133. c:\program files\common files\ahead\lib\nmdataservices.dll Nero AG Nero Home .text,.orpc,.rdata,.data,.rsrc,.reloc, + 00000ad0(2768) reader_sl.exe 00400000[0000A000] [AM] 103. d:\阅读软件\acrobat 7.0\reader\reader_sl.exe Adobe Systems Incorporated Adobe Acrobat SpeedLauncher .text,.rdata,.data,.rsrc, 7C3A0000[0007B000] [ M] 145. c:\windows\system32\msvcp71.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 7C340000[00056000] [ M] 146. c:\windows\system32\msvcr71.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 10000000[001E1000] [ M] 115. c:\windows\system32\sogoupy.ime Sohu.com Inc. 搜狗拼音输入法 3.0公测第一版 .text,.rdata,.data,.SogouIn,.rsrc,.reloc, 00AC0000[0001F000] [ M] 116. c:\windows\system32\dllmergedict.dll Sogou.com Inc. dll used by SogouPy.ime and PinyinUp.exe to build the system words lib .text,.rdata,.data,.rsrc,.reloc, 03280000[00046000] [ M] 117. d:\输入法\sogouinput搜狗拼音输入法\plugin\sgimeword.dll test1 Module .text,.rdata,.data,.rsrc,.reloc, 033F0000[0001B000] [ M] 111. c:\program files\rising\antispyware\ieprot.dll Beijing Rising Technology Co., Ltd. IE Protector .text,.rdata,.data,.rsrc,.reloc, + 00000b3c(2876) svchost.exe
wuxiaotian 初生襁褓狮帖子:14 注册: 2007-08-29 来自:

wuxiaotian 初生襁褓狮帖子:14 注册: 2007-08-29 来自:	发表于： 2007-08-29 14:11 \| 只看楼主短消息资料字号：小中大 6楼救救我，这是我第一次遇到这么顽强的病毒！
wuxiaotian 初生襁褓狮帖子:14 注册: 2007-08-29 来自:

wuxiaotian 初生襁褓狮帖子:14 注册: 2007-08-29 来自:	发表于： 2007-08-29 14:35 \| 只看楼主短消息资料字号：小中大 7楼？？？？？？没人理吗，伤心啊
wuxiaotian 初生襁褓狮帖子:14 注册: 2007-08-29 来自:

panxiaoting 锋芒艾服狮帖子:1397 注册: 2007-06-01 来自:	发表于： 2007-08-29 15:41 \| 短消息资料字号：小中大 8楼同志，这个病毒是不好杀我就这个病毒专门问过瑞星工程师。他的回答是： 1、把硬盘拆下来挂到其他计算机上查杀 2、在中毒的计算机上再装一个系统，然后装上杀毒软件，升级到最高版本，然后查杀，完成后，再把那个系统格式化。这两个方法的目的都是一样的，由于该病毒插入了系统的核心进程，且在安全模式下删除无效，强杀也没有作用。所以要想一个脱离中毒系统的办法，让被病毒插入的系统核心进程停止运行，才能彻底杀毒我做过试验，这种病毒用以下手段查杀无效 1、安全模式下查毒,无法识别 2、冰刃，解锁工具，粉碎等工具强删无效 3、光盘杀毒，磁盘符无法识别 4、开机抢险加载扫描无法识别
panxiaoting 锋芒艾服狮帖子:1397 注册: 2007-06-01 来自:

wuxiaotian 初生襁褓狮帖子:14 注册: 2007-08-29 来自:	发表于： 2007-08-29 23:32 \| 只看楼主短消息资料字号：小中大 9楼重装系统可以吗？
wuxiaotian 初生襁褓狮帖子:14 注册: 2007-08-29 来自:

wuxiaotian 初生襁褓狮帖子:14 注册: 2007-08-29 来自:	发表于： 2007-08-31 01:00 \| 只看楼主短消息资料字号：小中大 10楼 Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能以下内容被选中：所有的启动项目（包括注册表、启动文件夹、服务等）浏览器加载项正在运行的进程（包括进程模块信息）文件关联 Winsock 提供者 Autorun.inf HOSTS 文件进程特权扫描启动项目注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] <ctfmon.exe><C:\windows\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher] <BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}><"C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"> [Nero AG] [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] <load><> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <SoundMAXPnP><C:\Program Files\Analog Devices\Core\smax4pnp.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <SoundMAX><"C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray> [Analog Devices, Inc.] <RunShadowTip><C:\WINDOWS\system32\shadow\ShadowTip.exe> [PowerShadow] <NetpasAcc><d:\网络工具\NETPAS ACC\Netpas_Acc.exe> [] <RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup> [Beijing Rising Technology Co., Ltd.] <StormCodec_Helper><"C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti> [N/A] <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system> [Beijing Rising Technology Co., Ltd.] <runeip><"C:\Program Files\Rising\AntiSpyware\runiep.exe" /startup> [Beijing Rising Technology Co., Ltd.] <!AVG Anti-Spyware><"D:\杀马\AVG Anti-Spyware 7.5\avgas.exe" /minimized> [(Verified)GRISOFT LTD] <AntiARPStandalone><C:\Program Files\AntiARP Stand-alone Edition\AntiArp.exe> [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] <QQDoctor><"D:\网络工具\QQ\QQDoctor\QQDoctor.exe" /fork> [(Verified)Tencent Technology(Shenzhen) Company Limited] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher] <Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] <AppInit_DLLs><> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] <WPDShServiceObj><C:\windows\system32\WPDShServiceObj.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] <WinlogonNotify: WgaLogon><WgaLogon.dll> [(Verified)Microsoft Corporation] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\windows\INF\wmp11.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] <N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install> [Microsoft Corporation] ================================== 启动文件夹 [Adobe Reader Speed Launch] <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Reader Speed Launch.lnk --> D:\阅读软件\ACROBA~1.0\Reader\READER~1.EXE [Adobe Systems Incorporated]><N> ================================== 服务 [Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start] <C:\windows\system32\Ati2evxx.exe><ATI Technologies Inc.> [ATI Smart / ATI Smart][Stopped/Auto Start] <C:\WINDOWS\system32\ati2sgag.exe><> [AVG Anti-Spyware Guard / AVG Anti-Spyware Guard][Running/Auto Start] <D:\杀马\AVG Anti-Spyware 7.5\guard.exe><GRISOFT s.r.o.> [F7659C2 / F7659C2][Stopped/Auto Start] <C:\windows\system32\9D2CDDE7.EXE -a><Microsoft Corporation> [Human Interface Device Access / HidServ][Stopped/Disabled] <C:\windows\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A> [NBService / NBService][Stopped/Manual Start] <C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe><Nero AG> [P4P Service / P4P Service][Stopped/Disabled] <C:\Program Files\Common Files\Sogou PXP\p2psvr.exe><Sohu.com Inc.> [PnpWMmng / PnpWMmng][Stopped/Disabled] <D:\系统工具\完美卸载\wmxzV25.92.7508\PnpWMmng.exe><完美卸载> [Rising Proxy Service / RfwProxySrv][Stopped/Manual Start] <c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.> [Rising Personal Firewall Service / RfwService][Running/Auto Start] <c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.> [Rising Process Communication Center / RsCCenter][Running/Auto Start] <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.> [Rising RealTime Monitor / RsRavMon][Running/Auto Start] <"C:\PROGRAM FILES\RISING\RAV\Ravmond.exe"><Beijing Rising Technology Co., Ltd.> [Shadow System Service / ShadowSystemService][Running/Auto Start] <C:\WINDOWS\system32\shadow\ShadowService.exe><N/A> [UPS / UPS][Stopped/Manual Start] <C:\windows\System32\ups.exe><N/A> [TSECleanUpAssist / TSECleanUpAssist][Stopped/Auto Start] <C:\windows\system32\1dbd.com><N/A>
wuxiaotian 初生襁褓狮帖子:14 注册: 2007-08-29 来自:

<<上一主题|下一主题>>

12

1 / 2 页

跳转页

页面顶部

Powered by Discuz!NT