高手请进急！！！大侠帮忙看看郁闷呀！！！！！机子中大毒啦 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛高手请进急！！！大侠帮忙看看郁闷呀！！！！！机子中大毒啦

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第四十七次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

高手请进急！！！大侠帮忙看看郁闷呀！！！！！机子中大毒啦

本主题由技术团队魔法学徒于 2008-8-13 23:07:03 执行移动主题操作

瑞哥的小弟初生襁褓狮帖子:2 注册: 2008-08-13 来自:	发表于： 2008-08-13 19:22 \| 只看楼主短消息资料字号：小中大 1楼高手请进急！！！大侠帮忙看看郁闷呀！！！！！机子中大毒啦 + 其他自启动项目 + C:\Documents and Settings\All Users\「开始」菜单\程序\启动服务管理器.lnk [AM] 89. c:\program files\microsoft sql server\80\tools\binn\sqlmangr.exe Microsoft Corporation SQL Server Service Manager .text,.rdata,.data,.rsrc, J29JMXOU.lnk [A ] 90. c:\winnt\yu8f70.exe Microsoft Corporation Windows自动更新 .text,.rdata,.data,.rsrc, office.lnk [A ] 91. c:\winnt\system\sgcxcxxaspf080806.exe VL橸谚?_Y??G,QV?褤瑒, CT011F.lnk [A ] 92. c:\winnt\g6bl82d.exe drw.kills 在线修复Anti Virus .text,.rdata,.data,.rsrc, + 正在运行的进程 + 000000a4(164) smss.exe + 000000c0(192) csrss.exe 70000000[00019000] [ M] 93. c:\program files\rising\rfw\ijt_base.dll Beijing Rising Technology Co., Ltd. Inject Base .text,.rdata,.data,.rsrc,.reloc, 60000000[0000F000] [ M] 94. c:\program files\rising\rfw\olemon.dll Beijing Rising Technology Co., Ltd. Ole Mon Dll .text,.rdata,.data,.rsrc,.reloc, + 000000d4(212) winlogon.exe 70000000[00019000] [ M] 93. c:\program files\rising\rfw\ijt_base.dll Beijing Rising Technology Co., Ltd. Inject Base .text,.rdata,.data,.rsrc,.reloc, 60000000[0000F000] [ M] 94. c:\program files\rising\rfw\olemon.dll Beijing Rising Technology Co., Ltd. Ole Mon Dll .text,.rdata,.data,.rsrc,.reloc, 77520000[00008000] [ M] 95. c:\winnt\system32\wdmaud.drv Microsoft Corporation WDM Audio driver mapper .text,.data,.rsrc,.reloc, 773C0000[00008000] [ M] 96. c:\winnt\system32\msacm32.drv Microsoft Corporation Microsoft Sound Mapper .text,.data,.rsrc,.reloc, 10000000[00138000] [ M] 97. c:\winnt\system32\sogoupy.ime Sogou.com Inc. 搜狗拼音输入法 .text,.rdata,.data,.rsrc,.reloc, + 000000f0(240) services.exe 70000000[00019000] [ M] 93. c:\program files\rising\rfw\ijt_base.dll Beijing Rising Technology Co., Ltd. Inject Base .text,.rdata,.data,.rsrc,.reloc, 60000000[0000F000] [ M] 94. c:\program files\rising\rfw\olemon.dll Beijing Rising Technology Co., Ltd. Ole Mon Dll .text,.rdata,.data,.rsrc,.reloc, + 000000fc(252) lsass.exe 70000000[00019000] [ M] 93. c:\program files\rising\rfw\ijt_base.dll Beijing Rising Technology Co., Ltd. Inject Base .text,.rdata,.data,.rsrc,.reloc, 60000000[0000F000] [ M] 94. c:\program files\rising\rfw\olemon.dll Beijing Rising Technology Co., Ltd. Ole Mon Dll .text,.rdata,.data,.rsrc,.reloc, + 000001b4(436) RfwMain.exe 00400000[00092000] [AM] 81. c:\program files\rising\rfw\rfwmain.exe Beijing Rising Technology Co., Ltd. Rising Personal FireWall Main Program .text,.rdata,.data,.rsrc, 7C140000[00103000] [ M] 98. c:\winnt\system32\mfc71.dll Microsoft Corporation MFCDLL Shared Library - Retail Version .text,.data,.rsrc,.reloc, 7C340000[00056000] [ M] 99. c:\winnt\system32\msvcr71.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 7C3A0000[0007B000] [ M] 100. c:\winnt\system32\msvcp71.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 26600000[000B8000] [ M] 101. c:\program files\rising\rfw\rsguilib.dll Beijing Rising Technology Co., Ltd. Rising GUI Library Loader .text,.rdata,.data,.rsrc,.reloc, 10000000[0001F000] [ M] 102. c:\program files\rising\rfw\proccom.dll Beijing Rising Technology Co., Ltd. ProcessC Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00E00000[00024000] [ M] 103. c:\program files\rising\rfw\rscommx2.dll Beijing Rising Technology Co., Ltd. RsCommX2 .text,.rdata,.data,.rsrc,.reloc, 00F50000[0000E000] [ M] 104. c:\program files\rising\rfw\rsappmgr.dll Beijing Rising Technology Co., Ltd. Rising Application Manager .text,.rdata,.data,.rsrc,.reloc, 00F70000[00030000] [ M] 105. c:\program files\rising\rfw\cfgdll.dll Beijing Rising Technology Co., Ltd. CfgDll .text,.rdata,.data,.rsrc,.reloc, 23700000[00028000] [ M] 106. c:\program files\rising\rfw\rscommon.dll Beijing Rising Technology Co., Ltd. Rising Common Function Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01190000[00014000] [ M] 107. c:\program files\rising\rfw\rfwctrl.dll Beijing Rising Technology Co., Ltd. RfwCtrl DLL .text,.rdata,.data,.rsrc,.reloc, 23800000[00018000] [ M] 108. c:\program files\rising\rfw\rsxml.dll Beijing Rising Technology Co., Ltd. RsXML .text,.rdata,.data,.rsrc,.reloc, 23900000[00040000] [ M] 109. c:\program files\rising\rfw\pngdll.dll Beijing Rising Technology Co., Ltd. Rising .Png File Loader Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01870000[0000F000] [ M] 110. c:\program files\rising\rfw\rfwrule.dll Beijing Rising Technology Co., Ltd. rule DLL .text,.rdata,.data,.rsrc,.reloc, 70000000[00019000] [ M] 93. c:\program files\rising\rfw\ijt_base.dll Beijing Rising Technology Co., Ltd. Inject Base .text,.rdata,.data,.rsrc,.reloc, 60000000[0000F000] [ M] 94. c:\program files\rising\rfw\olemon.dll Beijing Rising Technology Co., Ltd. Ole Mon Dll .text,.rdata,.data,.rsrc,.reloc, 01F30000[0004C000] [ M] 111. c:\winnt\system32\msctf.dll Microsoft Corporation MSUIM Server DLL .text,.data,.rsrc,.reloc, + 000001c8(456) ravmond.exe 00400000[00069000] [AM] 8. d:\program files\rising\rav\ravmond.exe Beijing Rising Information Technology Co., Ltd. Rising Realtime Moniter .text,.rdata,.data,.rsrc, 10000000[00042000] [ M] 112. d:\program files\rising\rav\bwlist.dll Beijing Rising Information Technology Co., Ltd. BWList DLL .text,.rdata,.data,.rsrc,.reloc, 7C140000[00103000] [ M] 98. c:\winnt\system32\mfc71.dll Microsoft Corporation MFCDLL Shared Library - Retail Version .text,.data,.rsrc,.reloc, 7C340000[00056000] [ M] 99. c:\winnt\system32\msvcr71.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 7C3A0000[0007B000] [ M] 100. c:\winnt\system32\msvcp71.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 00EC0000[0000E000] [ M] 113. d:\program files\rising\rav\rsappmgr.dll Beijing Rising Information Technology Co., Ltd. Rising Application Manager .text,.rdata,.data,.rsrc,.reloc, 00EE0000[00030000] [ M] 114. d:\program files\rising\rav\cfgdll.dll Beijing Rising Information Technology Co., Ltd. CfgDll .text,.rdata,.data,.rsrc,.reloc, 01040000[00067000] [ M] 115. d:\program files\rising\rav\rslog.dll Beijing Rising Information Technology Co., Ltd. RsLog DLL .text,.rdata,.data,.rsrc,.reloc, 010B0000[0001F000] [ M] 116. d:\program files\rising\rav\proccom.dll Beijing Rising Information Technology Co., Ltd. ProcessC Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 010D0000[00024000] [ M] 117. d:\program files\rising\rav\rscommx2.dll Beijing Rising Information Technology Co., Ltd. RsCommX2 .text,.rdata,.data,.rsrc,.reloc, 01120000[00075000] [ M] 118. d:\program files\rising\rav\monrule.dll Beijing Rising Information Technology Co., Ltd. MonRule .text,.rdata,.data,.rsrc,.reloc, 012E0000[00013000] [ M] 119. d:\program files\rising\rav\hooksys.dll Beijing Rising Information Technology Co., Ltd. Hooksys Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 70000000[00019000] [ M] 93. c:\program files\rising\rfw\ijt_base.dll Beijing Rising Technology Co., Ltd. Inject Base .text,.rdata,.data,.rsrc,.reloc, 60000000[0000F000] [ M] 94. c:\program files\rising\rfw\olemon.dll Beijing Rising Technology Co., Ltd. Ole Mon Dll .text,.rdata,.data,.rsrc,.reloc, 01560000[00013000] [ M] 120. d:\program files\rising\rav\hookreg.dll Beijing Rising Information Technology Co., Ltd. HookReg Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 015C0000[00013000] [ M] 121. d:\program files\rising\rav\hookntos.dll Beijing Rising Information Technology Co., Ltd. SysMon Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 01620000[0001D000] [ M] 122. d:\program files\rising\rav\rswalmon.dll Beijing Rising Information Technology Co., Ltd. Rising WAL Monitor DLL .text,.rdata,.data,.rsrc,.reloc, 02450000[00035000] [ M] 123. d:\program files\rising\rav\recomp.dll Beijing Rising Information Technology Co., Ltd. component manager Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 02700000[00036000] [ M] 124. d:\program files\rising\rav\refs.dll Beijing Rising Information Technology Co., Ltd. filesystem Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 02750000[00023000] [ M] 125. d:\program files\rising\rav\ffr.dll Beijing Rising Information Technology Co., Ltd. ffr Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 02890000[00020000] [ M] 126. d:\program files\rising\rav\rsstore.dll Beijing Rising Information Technology Co., Ltd. RSStore .text,.rdata,.data,.rsrc,.reloc, 02AF0000[00028000] [ M] 127. d:\program files\rising\rav\fakescan.dll Beijing Rising Information Technology Co., Ltd. FakeScan Module .text,.rdata,.data,.rsrc,.reloc, 02B30000[00022000] [ M] 128. d:\program files\rising\rav\scanner.dll Beijing Rising Information Technology Co., Ltd. RsScanner Module .text,.rdata,.data,.rsrc,.reloc, 02B60000[00012000] [ M] 129. d:\program files\rising\rav\hookweb.dll Beijing Rising Information Technology Co., Ltd. Rising HookWeb Dll .text,.rdata,.data,.rsrc,.reloc, 02CA0000[0002F000] [ M] 130. d:\program files\rising\rav\viruslib.dll Beijing Rising Information Technology Co., Ltd. VirusLib Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 02DE0000[00028000] [ M] 131. d:\program files\rising\rav\relibldr.dll Beijing Rising Information Technology Co., Ltd. libloader Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 03A70000[00021000] [ M] 132. d:\program files\rising\rav\nvfile.dll Beijing Rising Information Technology Co., Ltd. NVFile .text,.rdata,.data,.rsrc,.reloc, 04340000[000DC000] [ M] 133. d:\program files\rising\rav\extfile.dll Beijing Rising Information Technology Co., Ltd. extFile Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 04430000[00027000] [ M] 134. d:\program files\rising\rav\pearc.dll Beijing Rising Information Technology Co., Ltd. pearchive Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 13AB0000[0004A000] [ M] 135. d:\program files\rising\rav\scanexec.dll Beijing Rising Information Technology Co., Ltd. ScanExec .text,.rdata,.data,.rsrc,.reloc, 05490000[002DC000] [ M] 136. d:\program files\rising\rav\unexe.dll Beijing Rising Information Technology Co., Ltd. UnExe .text,.rdata,.data,.rsrc,.reloc, 05780000[000D3000] [ M] 137. d:\program files\rising\rav\scanex.dll Beijing Rising Information Technology Co., Ltd. ScanEx .text,.rdata,.data,.rsrc,.reloc, 0BB00000[00036000] [ M] 138. d:\program files\rising\rav\scanpack.dll Beijing Rising Information Technology Co., Ltd. Unpack Engine .text,.rdata,.data,.rsrc,.reloc, 0BB50000[000B7000] [ M] 139. d:\program files\rising\rav\revm.dll Beijing Rising Information Technology Co., Ltd. REVM Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 0FE40000[00020000] [ M] 140. d:\program files\rising\rav\urutils.dll Beijing Rising Information Technology Co., Ltd. urutils Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 0FE70000[00018000] [ M] 141. d:\program files\rising\rav\ur000.dat Beijing Rising Information Technology Co., Ltd. Unpack Routine .text,.rdata,.data,.rsrc,.reloc, 0FEA0000[00038000] [ M] 142. d:\program files\rising\rav\scriptci.dll Beijing Rising Information Technology Co., Ltd. scriptci Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 011E0000[000F3000] [ M] 143. d:\program files\rising\rav\uroutine.dll Beijing Rising Information Technology Co., Ltd. Unpack Routine .text,.rdata,.data,.rsrc,.reloc, 14210000[00038000] [ M] 144. d:\program files\rising\rav\extmail.dll Beijing Rising Information Technology Co., Ltd. ExtMail .text,.rdata,.data,.rsrc,.reloc, 0CF50000[00023000] [ M] 145. d:\program files\rising\rav\scansct.dll Beijing Rising Information Technology Co., Ltd. ScanSct Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 12270000[00045000] [ M] 146. d:\program files\rising\rav\posttrt.dll Beijing Rising Information Technology Co., Ltd. PostTrt .text,.rdata,.data,.rsrc,.reloc, 208E0000[00017000] [ M] 147. d:\program files\rising\rav\ur023.dat Beijing Rising Information Technology Co., Ltd. Unpack Routine .text,.rdata,.data,.rsrc,.reloc, 26B40000[0001D000] [ M] 148. d:\program files\rising\rav\ur001.dat Beijing Rising Information Technology Co., Ltd. Unpack Routine .text,.rdata,.data,.rsrc,.reloc, + 000001d0(464) rfwsrv.exe 00400000[00037000] [AM] 6. c:\program files\rising\rfw\rfwsrv.exe Beijing Rising Technology Co., Ltd. Rising Personal FireWall Service .text,.rdata,.data,.rsrc, 7C140000[00103000] [ M] 98. c:\winnt\system32\mfc71.dll Microsoft Corporation MFCDLL Shared Library - Retail Version .text,.data,.rsrc,.reloc, 7C340000[00056000] [ M] 99. c:\winnt\system32\msvcr71.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 7C3A0000[0007B000] [ M] 100. c:\winnt\system32\msvcp71.dll Microsoft Corporation Microsoft? C++ Runtime Library .text,.rdata,.data,.rsrc,.reloc, 10000000[0001F000] [ M] 102. c:\program files\rising\rfw\proccom.dll Beijing Rising Technology Co., Ltd. ProcessC Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00B20000[00024000] [ M] 103. c:\program files\rising\rfw\rscommx2.dll Beijing Rising Technology Co., Ltd. RsCommX2 .text,.rdata,.data,.rsrc,.reloc, 00D70000[0000E000] [ M] 104. c:\program files\rising\rfw\rsappmgr.dll Beijing Rising Technology Co., Ltd. Rising Application Manager .text,.rdata,.data,.rsrc,.reloc, 00D90000[00030000] [ M] 105. c:\program files\rising\rfw\cfgdll.dll Beijing Rising Technology Co., Ltd. CfgDll .text,.rdata,.data,.rsrc,.reloc, 00EA0000[0000F000] [ M] 110. c:\program files\rising\rfw\rfwrule.dll Beijing Rising Technology Co., Ltd. rule DLL .text,.rdata,.data,.rsrc,.reloc, 00EB0000[0000C000] [ M] 149. c:\program files\rising\rfw\rfwlog.dll Beijing Rising Technology Co., Ltd. Rising Personal FireWall Logfile DLL .text,.rdata,.data,.rsrc,.reloc, 00EC0000[00018000] [ M] 150. c:\program files\rising\rfw\rfwdrv.dll Beijing Rising Technology Co., Ltd. Rising Personal FireWall Driver DLL .text,.rdata,.data,.rsrc,.reloc, 00EE0000[0000E000] [ M] 151. c:\program files\rising\rfw\ijt_ctrl.dll Beijing Rising Technology Co., Ltd. Injector Controller .text,.rdata,.data,.rsrc,.reloc, 70000000[00019000] [ M] 93. c:\program files\rising\rfw\ijt_base.dll Beijing Rising Technology Co., Ltd. Inject Base .text,.rdata,.data,.rsrc,.reloc, 60000000[0000F000] [ M] 94. c:\program files\rising\rfw\olemon.dll Beijing Rising Technology Co., Ltd. Ole Mon Dll .text,.rdata,.data,.rsrc,.reloc, 01030000[00016000] [ M] 152. c:\program files\rising\rfw\unvdet.dll Beijing Rising Technology Co., Ltd. ScanUnv .text,.rdata,.data,.rsrc,.reloc, 01C80000[00013000] [ M] 153. c:\program files\rising\rfw\mports.dll Beijing Rising Technology Co., Ltd. get ports list .text,.rdata,.data,.rsrc,.reloc, + 000001f4(500) rfwProxy.exe 00400000[00236000] [AM] 5. c:\program files\rising\rfw\rfwproxy.exe Beijing Rising Technology Co., Ltd. Rising Personal Proxy Service .text,.rdata,.data,.rsrc, 7C140000[00103000] [ M] 98. c:\winnt\system32\mfc71.dll Microsoft Corporation MFCDLL Shared Library - Retail Version .text,.data,.rsrc,.reloc, 7C340000[00056000] [ M] 99. c:\winnt\system32\msvcr71.dll Microsoft Corporation Microsoft? C Runtime Library .text,.rdata,.data,.rsrc,.reloc, 10000000[0001F000] [ M] 102. c:\program files\rising\rfw\proccom.dll Beijing Rising Technology Co., Ltd. ProcessC Dynamic Link Library .text,.rdata,.data,.rsrc,.reloc, 00D00000[00024000] [ M] 103. c:\program files\rising\rfw\rscommx2.dll Beijing Rising Technology Co., Ltd. RsCommX2 .text,.rdata,.data,.rsrc,.reloc, 00F50000[0000F000] [ M] 110. c:\program files\rising\rfw\rfwrule.dll Beijing Rising Technology Co., Ltd. rule DLL .text,.rdata,.data,.rsrc,.reloc, 00F60000[00011000] [ M] 154. c:\program files\rising\rfw\urlrule.dll Beijing Rising Technology Co., Ltd. Rising AntiSpyware UrlRule Library .text,.rdata,.data,.rsrc,.reloc, 用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Maxthon; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 1.1.4322) 附件: 文件名:可疑文件.zip 下载次数:189 文件类型:application/x-zip-compressed 文件大小: 上传时间:2008-8-13 19:22:18 描述:zip 附件: 文件名:rslog.txt 下载次数:109 文件类型:text/plain 文件大小: 上传时间:2008-8-13 19:22:18 描述:txt 瑞哥的小弟最后编辑于 2008-08-13 20:01:55
瑞哥的小弟初生襁褓狮帖子:2 注册: 2008-08-13 来自:	分享到：

liaky 飘泊而立狮帖子:574 注册: 2004-06-12 来自:	发表于： 2008-08-13 20:35 \| 短消息资料字号：小中大 2楼回复：高手请进急！！！大侠帮忙看看郁闷呀！！！！！机子中大毒啦病毒名: Trojan-Downloader.Win32.Small.aafp
liaky 飘泊而立狮帖子:574 注册: 2004-06-12 来自:

aaccbbdd 卡卡巡查帖子:45933 注册: 2007-11-17 来自:蜀山仙剑派	发表于： 2008-08-13 20:38 \| 短消息资料字号：小中大 3楼回复：高手请进急！！！大侠帮忙看看郁闷呀！！！！！机子中大毒啦没人看卡卡的日志的 1.扫日志前关闭无用进程，如QQ，迅雷及播放器程序 2.到官方下载SReng 地址 http://www.kztechs.com/sreng/download.html SREng/智能扫描等扫描完成,保存日志(LOG格式) 日志以附件上传，贴到反病毒区 PS：如主程序SREng**.exe无法运行,导致无法扫描日志将主程序改名为小狮子.bat 3.为了最大程度减少对病毒的误判，最好同时上传金山清理专家日志下载金山清理专家 http://www.duba.net/qing/ 金山清理专家-在线系统诊断（隐藏安全项）-导出诊断报告-（全选）-导出报告 4.如都无法运行尝试该版本SRENG http://bbs.ikaka.com/showtopic-8517758.aspx
aaccbbdd 卡卡巡查帖子:45933 注册: 2007-11-17 来自:蜀山仙剑派

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT