我该怎么处理？？ - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛我该怎么处理？？

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

我该怎么处理？？

萍浮风中初生襁褓狮帖子:3 注册: 2007-05-01 来自:	发表于： 2007-05-01 16:48 \| 只看楼主短消息资料字号：小中大 1楼我该怎么处理？？我现在碰到这样一种情况：电脑启动后只出现桌面的背景图片，不出现任何图标，只有打开任务管理器结束了一个名为rundll32.exe的进程之后，一切才恢复正常。请教各位大侠，我该怎么处理？ 2007-05-04 16:34:26
萍浮风中初生襁褓狮帖子:3 注册: 2007-05-01 来自:	分享到：

klxq 自信弱冠狮帖子:418 注册: 2006-07-25 来自:	发表于： 2007-05-01 16:57 \| 短消息资料字号：小中大 2楼你说的rundll32.exe是病毒 rundll32.exe的正常位置:c:\windows\system32\rundll32.exe
klxq 自信弱冠狮帖子:418 注册: 2006-07-25 来自:

carabe 初生襁褓狮帖子:63 注册: 2007-01-16 来自:	发表于： 2007-05-01 17:02 \| 短消息资料字号：小中大 3楼首先用sreng扫日志发上来如不会sreng，去这里： http://202.116.160.44/dachong/goldsword/article.asp?id=40
carabe 初生襁褓狮帖子:63 注册: 2007-01-16 来自:

萍浮风中初生襁褓狮帖子:3 注册: 2007-05-01 来自:	发表于： 2007-05-04 16:44 \| 只看楼主短消息资料字号：小中大 4楼【回复“carabe”的帖子】启动项目注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Corporation] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <CnsM.dll><Rundll32.exe C:\PROGRA~1\3721\CnsM.dll,Rundll32> [N/A] <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [奇虎网] <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system> [Beijing Rising Technology Co., Ltd.] <explorer><C:\WINDOWS\explorer.exe > [(Verified)Microsoft Corporation] <IMSCMig><; C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload> [(Verified)Microsoft Corporation] <stup.exe><; C:\PROGRA~1\TENCENT\Adplus\stup.exe> [N/A] <WebThunder><; D:\新建文件夹\WebThunder.exe> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <shell><Explorer.exe> [(Verified)Microsoft Corporation] <Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Corporation] <UIHost><logonui.exe> [(Verified)Microsoft Corporation] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll> [Beijing Rising Technology Co., Ltd.] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] <WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll> [(Verified)Microsoft Corporation] <emau><C:\PROGRA~1\dlst\emau.dll> [N/A] <wbwk><C:\PROGRA~1\dlst\emau.dll> [N/A] [HKEY_CURRENT_USER\Control Panel\Desktop] <SCRNSAVE.EXE><C:\WINDOWS\system32/SSDINE~1.SCR> [N/A] ================================== 启动文件夹 N/A ================================== 服务 [Human Interface Device Access / HidServ][Stopped/Disabled] <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A> [Vsn pxlc Service / pxlc][Stopped/Auto Start] <C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\vari\shvp.dll,Service><Microsoft Corporation> [Rising Process Communication Center / RsCCenter][Running/Auto Start] <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.> [smService / smService][Running/Auto Start] <C:\WINDOWS\system32\smService.exe><N/A> [yjsgts / yjsgts][Others/Auto Start] <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\PROGRA~1\ljsgts\ljsgts.dll>< > ================================== 驱动程序 [ADProt / ADProt][Stopped/System Start] <\SystemRoot\system32\drivers\ADProt.sys><腾讯科技（深圳）有限公司> [Albus / Albus][Stopped/Boot Start] <\SystemRoot\system32\drivers\Albus.SYS><N/A> [cdnprot / cdnprot][Stopped/] <2 - 系统找不到指定的文件。 ><N/A> [Crystal SoundFusion(tm) Driver / cwcspud][Running/Manual Start] <system32\drivers\cwcspud.sys><Crystal Semiconductor Corp.> [Crystal SoundFusion(tm) WDM Driver / cwcwdm][Running/Manual Start] <system32\drivers\cwcwdm.sys><Crystal Semiconductor Corp.> [decziib / decziib][Running/Boot Start] <\SystemRoot\system32\drivers\decziib.sys><> [3Com 10/100 MiniPCI Ethernet Adapter Driver / EL556ND5][Running/Manual Start] <system32\DRIVERS\EL556ND5.sys><3Com Corporation> [kmsinput / kmsinput][Stopped/Manual Start] <\??\C:\WINDOWS\system32\drivers\kmsinput.sys><N/A> [mjohnj / mjohnj][Running/Boot Start] <\SystemRoot\\SystemRoot\System32\drivers\mjohnj.sys><N/A> [npkcrypt / npkcrypt][Running/Auto Start] <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.> [npkycryp / npkycryp][Stopped/Manual Start] <\??\C:\Program Files\Tencent\QQ\npkycryp.sys><N/A> [NSC Infrared Device Driver / NSCIRDA][Running/Manual Start] <system32\DRIVERS\nscirda.sys><National Semiconductor Corporation> [Direct Parallel Link Driver / Ptilink][Running/Manual Start] <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.> [RsNTGDI / RsNTGDI][Running/Boot Start] <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.> [S3SavageMX / S3SavageMX][Running/Manual Start] <system32\DRIVERS\s3savmxm.sys><S3 Graphics, Inc.> [Secdrv / Secdrv][Stopped/Manual Start] <system32\DRIVERS\secdrv.sys><N/A> [TCP/IP Protocol Driver / Tcpip][Running/System Start] <system32\DRIVERS\tcpip.sys><Microsoft Corporation> [IBM PS/2 TrackPoint Filter Driver / TwoTrack][Running/Manual Start] <system32\DRIVERS\TwoTrack.sys><IBM Corporation> [WDHAALBAMiniPCI Winmodem / WDHAALBA][Running/Manual Start] <system32\DRIVERS\WDHAALBA.sys><3Com Corporation> [zcnsicuo / zcnsicuo][Running/Boot Start] <\SystemRoot\System32\DRIVERS\zcnsicuo.sys><Yahoo! China Corporation>
萍浮风中初生襁褓狮帖子:3 注册: 2007-05-01 来自:

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT