瑞星卡卡安全论坛个人产品讨论区瑞星杀毒软件瑞星杀毒软件2011 我的电脑中了木马.. 瑞星怎么查不出来..?

1   1  /  1  页   跳转

[求助] 我的电脑中了木马.. 瑞星怎么查不出来..?

我的电脑中了木马.. 瑞星怎么查不出来..?

这是我的日志
瑞星卡卡电脑诊断日志 v1.30 (2000-9-7 5:51:31)  北京瑞星信息技术有限公司
注释: [A]表示该文件存在自启动关联;
[M]表示该文件在内存中;
+ 注册表自运行项目
  + 系统服务
    + HKLM\System\CurrentControlSet\Services
      NVSvc
        [AM] 1. c:\windows\system32\nvsvc32.exe

      ose
        [A ] 2. c:\program files\common files\microsoft shared\source engine\ose.exe

      RfwProxySrv
        [AM] 3. f:\瑞新\rising\rfw\rfwproxy.exe

      RfwService
        [AM] 4. f:\瑞新\rising\rfw\rfwsrv.exe

      RsCCenter
        [AM] 5. f:\瑞新\rising\rav\ccenter.exe

      RsRavMon
        [AM] 6. f:\瑞新\rising\rav\ravmond.exe

      UMWdf
        [AM] 7. c:\windows\system32\wdfmgr.exe


  + 内核驱动
    + HKLM\System\CurrentControlSet\Services
      aaatimeo
        [A ] 8. c:\windows\system32\drivers\aaatimeo.sys

      AFAMgt
        [A ] 9. c:\windows\system32\drivers\afamgt.sys

      ahcix86
        [A ] 10. c:\windows\system32\drivers\ahcix86.sys

      amdbusdr
        [A ] 11. c:\windows\system32\drivers\amdbusdr.sys

      amdeide
        [A ] 12. c:\windows\system32\drivers\amdeide.sys

      AmdK8
        [A ] 13. c:\windows\system32\drivers\amdk8.sys

      AmdLLD
        [A ] 14. c:\windows\system32\drivers\amdlld.sys

      ASH1205
        [A ] 15. c:\windows\system32\drivers\ash1205.sys

      ata1200a
        [A ] 16. c:\windows\system32\drivers\ata1200a.sys

      atiide
        [A ] 17. c:\windows\system32\drivers\atiide.sys

      bb-run
        [A ] 18. c:\windows\system32\drivers\bb-run.sys

      cercsr6
        [A ] 19. c:\windows\system32\drivers\cercsr6.sys

      Cpq32fs2
        [A ] 20. c:\windows\system32\drivers\cpq32fs2.sys

      dontgo
        [A ] 21. c:\windows\system32\drivers\dontgo.sys

      fttxr52P
        [A ] 22. c:\windows\system32\drivers\fttxr52p.sys

      HDAudBus
        [A ] 23. c:\windows\system32\drivers\hdaudbus.sys

      HookCont
        [A ] 24. c:\windows\system32\drivers\hookcont.sys

      HookNtos
        [A ] 25. c:\windows\system32\drivers\hookntos.sys

      HookReg
        [A ] 26. c:\windows\system32\drivers\hookreg.sys

      HookSys
        [A ] 27. c:\windows\system32\drivers\hooksys.sys

      HookUrl
        [A ] 28. f:\瑞新\rising\rfw\hookurl.sys

      HpCISSm2
        [A ] 29. c:\windows\system32\drivers\hpcissm2.sys

      hptmv6
        [A ] 30. c:\windows\system32\drivers\hptmv6.sys

      iaStor55
        [A ] 31. c:\windows\system32\drivers\iastor55.sys

      iaStor70
        [A ] 32. c:\windows\system32\drivers\iastor70.sys

      IntcAzAudAddService
        [A ] 33. c:\windows\system32\drivers\rtkhdaud.sys

      MTsensor
        [A ] 34. c:\windows\system32\drivers\asacpi.sys

      mv61xx
        [A ] 35. c:\windows\system32\drivers\mv61xx.sys

      mvSata
        [A ] 36. c:\windows\system32\drivers\mvsata.sys

      NVATABUS
        [A ] 37. c:\windows\system32\drivers\nvatabus.sys

      NVENETFD
        [A ] 38. c:\windows\system32\drivers\nvenetfd.sys

      nvgts
        [A ] 39. c:\windows\system32\drivers\nvgts.sys

      nvnetbus
        [A ] 40. c:\windows\system32\drivers\nvnetbus.sys

      nvrd32
        [A ] 41. c:\windows\system32\drivers\nvrd32.sys

      ql2100
        [A ] 42. c:\windows\system32\drivers\ql2100.sys

      ql2200
        [A ] 43. c:\windows\system32\drivers\ql2200.sys

      RfwBase
        [A ] 44. c:\windows\system32\drivers\rfwbase.sys

      rr172x
        [A ] 45. c:\windows\system32\drivers\rr172x.sys

      rr174x
        [A ] 46. c:\windows\system32\drivers\rr174x.sys

      rr2340
        [A ] 47. c:\windows\system32\drivers\rr2340.sys

      RsFwDrv
        [A ] 48. f:\瑞新\rising\rfw\rsfwdrv.sys

      RsNTGDI
        [A ] 49. c:\windows\system32\drivers\rsntgdi.sys

      SafeBoxKrnl
        [A ] 50. c:\windows\system32\drivers\safeboxkrnl.sys

      Secdrv
        [A ] 51. c:\windows\system32\drivers\secdrv.sys

      SiRemFil
        [A ] 52. c:\windows\system32\drivers\siremfil.sys

      sisraidx
        [A ] 53. c:\windows\system32\drivers\sisraidx.sys

      ss_bus
        [A ] 54. c:\windows\system32\drivers\ss_bus.sys

      ss_mdfl
        [A ] 55. c:\windows\system32\drivers\ss_mdfl.sys

      ss_mdm
        [A ] 56. c:\windows\system32\drivers\ss_mdm.sys

      TesSafe
        [A ] 57. c:\windows\system32\tessafe.sys

      ViBus
        [A ] 58. c:\windows\system32\drivers\vibus.sys

      videX32
        [A ] 59. c:\windows\system32\drivers\videx32.sys

      ViPrt
        [A ] 60. c:\windows\system32\drivers\viprt.sys

      xfilt
        [A ] 61. c:\windows\system32\drivers\xfilt.sys

      xpt
        [A ] 62. c:\windows\system32\drivers\xpt.ahc


  + 系统登陆自运行
    + HKCU\Control Panel\Desktop
      Scrnsave.exe
        [A ] 63. c:\windows\system32\七彩极光.scr


  + IE浏览器加载模块
    + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
      {01443AEC-0FD1-40fd-9C87-E93D1494C233}
        [AM] 64. e:\program files\thunder network\thunder\comdlls\tdatonce_now.dll

      {889D2FEB-5411-4565-8998-1DD2C5261283}
        [AM] 65. e:\program files\thunder network\thunder\comdlls\xunleibho_now.dll

      {B69F34DD-F0F9-42DC-9EDD-957187DA688D}
        [AM] 66. c:\program files\360safe\safemon\safemon.dll

    + HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions
      Exec
        [A ] 67. e:\program files\thunder network\thunder\thunder.exe


  + 资源管理器加载模块
    + HKLM\SOFTWARE\Classes\PROTOCOLS\Filter
      text/xml
        [AM] 68. c:\program files\common files\microsoft shared\office11\msoxmlmf.dll

    + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
      HyperTerminal Icon Ext
        [A ] 69. c:\windows\system32\hticons.dll

      WinRAR shell extension
        [A ] 70. c:\program files\winrar\rarext.dll

      Microsoft Office HTML Icon Handler
        [AM] 71. c:\program files\microsoft office\office11\msohev.dll

      Web Folders
        [A ] 72. c:\program files\common files\microsoft shared\web folders\msonsext.dll

      Portable Media Devices
        [A ] 73. c:\windows\system32\audiodev.dll

      Portable Media Devices Menu
        [A ] 73. c:\windows\system32\audiodev.dll

      NvCpl DesktopContext Class
        [A ] 74. c:\windows\system32\nvcpl.dll

      Play on my TV helper
        [A ] 74. c:\windows\system32\nvcpl.dll

      Desktop Explorer
        [A ] 75. c:\windows\system32\nvshell.dll

      Desktop Explorer Menu
        [A ] 75. c:\windows\system32\nvshell.dll

      nView Desktop Context Menu
        [A ] 75. c:\windows\system32\nvshell.dll

      RISING
        [AM] 76. c:\windows\system32\ravext.dll

      Shell Extensions for RealOne Player
        [A ] 77. c:\program files\real\realplayer\rpshell.dll

    + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
      {32CD708B-60A7-4C00-9377-D73EAA495F0F}
        [AM] 76. c:\windows\system32\ravext.dll


  + 用户登陆自运行项目
    + HKLM\Software\Microsoft\Windows\CurrentVersion\Run
      runeip
        [AM] 78. f:\瑞新\rstray.exe

      RavTask
        [AM] 79. f:\瑞新\rising\rav\ravtask.exe

      RfwMain
        [AM] 80. f:\瑞新\rising\rfw\rfwmain.exe

      360Safebox
        [A ] 81. c:\program files\360safebox\safeboxtray.exe

      !!QQKav
        [AM] 82. c:\documents and settings\administrator\桌面\qqkav_newhua.exe

    + HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
      KKDelay
        [A ] 83. f:\瑞新\runonce.exe


  + 开机执行
    + HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
      BootExecute
        [A ] 84. c:\windows\system32\kknative.exe


  + 映像劫持
    + HKCR\.html
      htmlfile\Edit\Command
        [A ] 85. c:\program files\microsoft office\office11\msohtmed.exe

      htmlfile\Print\Command
        [A ] 85. c:\program files\microsoft office\office11\msohtmed.exe

    + HKCR\.htm
      htmlfile\Edit\Command
        [A ] 85. c:\program files\microsoft office\office11\msohtmed.exe

      htmlfile\Print\Command
        [A ] 85. c:\program files\microsoft office\office11\msohtmed.exe

    + HKCR\.mp3
      kwfile\open\Command
        [A ] 86. e:\program files\kwmusic\kwmusic.exe


  + 程序初始化和已知动态连接库
    + HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
      AppInit_DLLs
        [AM] 87. c:\windows\system32\kmon.dll


+ 正在运行的进程
  + 00000088(136) spoolsv.exe
    70000000[00019000]
      [ M] 88. f:\瑞新\rising\rfw\ijt_base.dll

    75000000[0000F000]
      [ M] 89. f:\瑞新\rising\rfw\olemon.dll

  + 0000013c(316) qqkav_newhua.exe
    00400000[00220000]
      [AM] 82. c:\documents and settings\administrator\桌面\qqkav_newhua.exe

    60000000[00074000]
      [AM] 87. c:\windows\system32\kmon.dll

    10000000[0002E000]
      [ M] 90. f:\瑞新\comx3.dll

    00F60000[00019000]
      [ M] 91. f:\瑞新\syslay.dll

    03280000[00028000]
      [ M] 92. f:\瑞新\rising\rav\ravscrch.dll

    30000000[003AF000]
      [ M] 93. c:\windows\system32\macromed\flash\flash9f.ocx

    72C80000[00008000]
      [ M] 94. c:\windows\system32\msacm32.drv

  + 000001cc(460) rstray.exe
    00400000[00023000]
      [AM] 78. f:\瑞新\rstray.exe

    60000000[00074000]
      [AM] 87. c:\windows\system32\kmon.dll

    70000000[00019000]
      [ M] 88. f:\瑞新\rising\rfw\ijt_base.dll

    75000000[0000F000]
      [ M] 89. f:\瑞新\rising\rfw\olemon.dll

    10000000[0003C000]
      [ M] 95. f:\瑞新\rsmginfo.dll

    23800000[00022000]
      [ M] 96. f:\瑞新\rsxml.dll

    7C3A0000[0007B000]
      [ M] 97. f:\瑞新\msvcp71.dll

    7C340000[00056000]
      [ M] 98. f:\瑞新\msvcr71.dll

    00C10000[00024000]
      [ M] 99. f:\瑞新\comserv.dll

    00C40000[00019000]
      [ M] 91. f:\瑞新\syslay.dll

    23700000[00026000]
      [ M] 100. f:\瑞新\rscommon.dll

    00C80000[0002E000]
      [ M] 90. f:\瑞新\comx3.dll

    23900000[00040000]
      [ M] 101. f:\瑞新\pngdll.dll

    010E0000[0005C000]
      [ M] 102. f:\瑞新\runiep.dll

    01140000[0001F000]
      [ M] 103. f:\瑞新\rising\rav\proccom.dll

    01160000[00024000]
      [ M] 104. f:\瑞新\rising\rav\rscommx2.dll

    02570000[0001C000]
      [AM] 76. c:\windows\system32\ravext.dll



  + 0000025c(604) explorer.exe
    72C80000[00008000]
      [ M] 94. c:\windows\system32\msacm32.drv


    7C140000[00103000]
      [ M] 109. c:\windows\system32\mfc71.dll

    7C340000[00056000]
      [ M] 110. c:\windows\system32\msvcr71.dll

    7C3A0000[0007B000]
      [ M] 111. c:\windows\system32\msvcp71.dll



  + 000003b4(948) QQ.exe
    00400000[0001E000]
      [ M] 120. d:\program files\tencent\qq2009\bin\qq.exe

    10000000[001BB000]
      [ M] 121. d:\program files\tencent\qq2009\bin\common.dll

    00420000[0008D000]
      [ M] 122. d:\program files\tencent\qq2009\bin\kernelutil.dll

    60000000[00074000]
      [AM] 87. c:\windows\system32\kmon.dll

    00C60000[0002E000]
      [ M] 90. f:\瑞新\comx3.dll

    00B30000[00019000]
      [ M] 91. f:\瑞新\syslay.dll

    70000000[00019000]
      [ M] 88. f:\瑞新\rising\rfw\ijt_base.dll

    75000000[0000F000]
      [ M] 89. f:\瑞新\rising\rfw\olemon.dll

    01450000[00249000]
      [ M] 123. d:\program files\tencent\qq2009\bin\gf.dll

    01E30000[00166000]
      [ M] 124. d:\program files\tencent\qq2009\bin\mainframe.dll

    01FB0000[00126000]
      [ M] 125. d:\program files\tencent\qq2009\bin\apputil.dll

    03510000[0002E000]
      [ M] 126. d:\program files\tencent\qq2009\bin\tasktray.dll

    03570000[0000A000]
      [ M] 127. d:\program files\tencent\qq2009\bin\txpfproxy.dll

    03AA0000[000CC000]
      [ M] 128. d:\program files\tencent\qq2009\bin\appmisc.dll

    03B80000[000D4000]
      [ M] 129. d:\program files\tencent\qq2009\bin\chatframe.dll

    03C70000[0008C000]
      [ M] 130. d:\program files\tencent\qq2009\bin\configcenter.dll

    03D10000[00060000]
      [ M] 131. d:\program files\tencent\qq2009\bin\customface.dll

    03D70000[002B4000]
      [ M] 132. d:\program files\tencent\qq2009\bin\im.dll

    04030000[0004E000]
      [ M] 133. d:\program files\tencent\qq2009\bin\kernelmisc.dll

    04090000[000BD000]
      [ M] 134. d:\program files\tencent\qq2009\bin\longcnn.dll

    04160000[00084000]
      [ M] 135. d:\program files\tencent\qq2009\bin\msgmgr.dll

    04250000[0004F000]
      [ M] 136. d:\program files\tencent\qq2009\bin\systemmsg.dll

    042B0000[000B8000]
      [ M] 137. c:\program files\common files\tencent\txsso\bin\ssoplatform.dll

    035A0000[0001A000]
      [ M] 138. d:\program files\tencent\qq2009\bin\skinmgr.dll

    70410000[0008D000]
      [ M] 139. d:\program files\tencent\qq2009\bin\riched20.dll

    04790000[00077000]
      [ M] 140. d:\program files\tencent\qq2009\plugin\com.tencent.audiovideo\bin\audiovideo.dll

    06A90000[00029000]
      [ M] 141. d:\program files\tencent\qq2009\plugin\com.tencent.mail\bin\mail.dll

    0A240000[00058000]
      [ M] 142. d:\program files\tencent\qq2009\plugin\com.tencent.paipai\bin\paipai.dll

    0ABF0000[00020000]
      [ M] 143. d:\program files\tencent\qq2009\plugin\com.tencent.qbar\bin\qbar.dll

    0B040000[0002A000]
      [ M] 144. d:\program files\tencent\qq2009\plugin\com.tencent.qqchat\bin\qqchat.dll

    0B8C0000[00035000]
      [ M] 145. d:\program files\tencent\qq2009\plugin\com.tencent.qqgame\bin\qqgame.dll

    0D610000[0001C000]
      [ M] 146. d:\program files\tencent\qq2009\plugin\com.tencent.qqpet\bin\qqpet.dll

    0A2B0000[00029000]
      [ M] 147. d:\program files\tencent\qq2009\plugin\com.tencent.qqring\bin\qqring.dll

    0A310000[00080000]
      [ M] 148. d:\program files\tencent\qq2009\plugin\com.tencent.qqshow\bin\qqshow.dll

    0E790000[00050000]
      [ M] 149. d:\program files\tencent\qq2009\plugin\com.tencent.qzone\bin\qzone.dll

    0DEE0000[0002E000]
      [ M] 150. d:\program files\tencent\qq2009\plugin\com.tencent.soso\bin\soso.dll

    0FCA0000[0001B000]
      [ M] 151. d:\program files\tencent\qq2009\plugin\com.tencent.today\bin\today.dll

    0FD50000[00012000]
      [ M] 152. d:\program files\tencent\qq2009\plugin\com.tencent.vas\bin\vas.dll

    0FDA0000[00037000]
      [ M] 153. d:\program files\tencent\qq2009\plugin\com.tencent.wenwen\bin\wenwen.dll

    0FE60000[00096000]
      [ M] 154. d:\program files\tencent\qq2009\plugin\com.tencent.wireless\bin\wireless.dll

    14C40000[00040000]
      [ M] 155. d:\program files\tencent\qq2009\plugin\com.tencent.qqshow\bin\flashavatardll.dll

    30000000[003AF000]
      [ M] 93. c:\windows\system32\macromed\flash\flash9f.ocx

    72C80000[00008000]
      [ M] 94. c:\windows\system32\msacm32.drv

    16EC0000[00062000]
      [ M] 156. d:\program files\tencent\qq2009\plugin\com.tencent.filetransfer\bin\filetransfer.dll

    16F40000[0000D000]
      [AM] 68. c:\program files\common files\microsoft shared\office11\msoxmlmf.dll

    17350000[0001C000]
      [AM] 76. c:\windows\system32\ravext.dll

    17380000[0002A000]
      [ M] 157. d:\program files\tencent\qq2009\bin\camera.dll

    17180000[00028000]
      [ M] 92. f:\瑞新\rising\rav\ravscrch.dll

    19660000[0000D000]
      [ M] 158. d:\program files\tencent\qq2009\bin\timwp.dll

    03790000[0001D000]
      [ M] 159. d:\program files\tencent\qq2009\plugin\com.tencent.qqmusic\bin\qqmusic.dll

  + 000003e4(996) svchost.exe
    70000000[00019000]
      [ M] 88. f:\瑞新\rising\rfw\ijt_base.dll

    75000000[0000F000]
      [ M] 89. f:\瑞新\rising\rfw\olemon.dll

  + 0000043c(1084) CCenter.exe
 


  + 0000050c(1292) nvsvc32.exe
    00400000[0002B000]
      [AM] 1. c:\windows\system32\nvsvc32.exe

    60000000[00074000]
      [AM] 87. c:\windows\system32\kmon.dll

    00A20000[00060000]
      [ M] 162. c:\windows\system32\nvapi.dll



    7C140000[00103000]
      [ M] 109. c:\windows\system32\mfc71.dll

    7C340000[00056000]
      [ M] 110. c:\windows\system32\msvcr71.dll

    7C3A0000[0007B000]
      [ M] 111. c:\windows\system32\msvcp71.dll



    7C140000[00103000]
      [ M] 109. c:\windows\system32\mfc71.dll

    7C340000[00056000]
      [ M] 110. c:\windows\system32\msvcr71.dll

    7C3A0000[0007B000]
      [ M] 111. c:\windows\system32\msvcp71.dll

    60000000[00074000]
      [AM] 87. c:\windows\system32\kmon.dll

    7C140000[00103000]
      [ M] 109. c:\windows\system32\mfc71.dll

    7C340000[00056000]
      [ M] 110. c:\windows\system32\msvcr71.dll

    60000000[00074000]
      [AM] 87. c:\windows\system32\kmon.dll


  + 0000063c(1596) ctfmon.exe
    60000000[00074000]
      [AM] 87. c:\windows\system32\kmon.dll


    7C3A0000[0007B000]
      [ M] 111. c:\windows\system32\msvcp71.dll

    7C340000[00056000]
      [ M] 110. c:\windows\system32\msvcr71.dll

+ 000006c8(1736) wdfmgr.exe
    01000000[0000C000]
      [AM] 7. c:\windows\system32\wdfmgr.exe

    60000000[00074000]
      [AM] 87. c:\windows\system32\kmon.dll



  + 00000760(1888) RavStub.exe
    00400000[00021000]

    7C140000[00103000]
      [ M] 109. c:\windows\system32\mfc71.dll

    7C340000[00056000]
      [ M] 110. c:\windows\system32\msvcr71.dll

    7C3A0000[0007B000]
      [ M] 111. c:\windows\system32\msvcp71.dll

   
    30000000[003AF000]
      [ M] 93. c:\windows\system32\macromed\flash\flash9f.ocx

    72C80000[00008000]
      [ M] 94. c:\windows\system32\msacm32.drv

  + 00000c68(3176) TXPlatform.exe
    00400000[00025000]
      [ M] 220. d:\program files\tencent\qq2009\bin\txplatform.exe

    60000000[00074000]
      [AM] 87. c:\windows\system32\kmon.dll

 
    00C10000[0000A000]
      [ M] 127. d:\program files\tencent\qq2009\bin\txpfproxy.dll

  + 00000fd4(4052) iexplore.exe
    60000000[00074000]
      [AM] 87. c:\windows\system32\kmon.dll

   
    01140000[0002C000]
      [AM] 64. e:\program files\thunder network\thunder\comdlls\tdatonce_now.dll

    01180000[00031000]
      [AM] 65. e:\program files\thunder network\thunder\comdlls\xunleibho_now.dll

    240C0000[0000E000]
      [ M] 221. e:\program files\thunder network\thunder\components\resworker\dsbho_00.dll

    24070000[0001E000]
      [ M] 222. e:\program files\thunder network\thunder\components\resworker\dataprocessor_00.dll

    01280000[00029000]
      [AM] 66. c:\program files\360safe\safemon\safemon.dll

    325C0000[00012000]
      [AM] 71. c:\program files\microsoft office\office11\msohev.dll

    02170000[00028000]
      [ M] 92. f:\瑞新\rising\rav\ravscrch.dll

    30000000[003AF000]
      [ M] 93. c:\windows\system32\macromed\flash\flash9f.ocx

    72C80000[00008000]
      [ M] 94. c:\windows\system32\msacm32.drv

    04150000[0009C000]
      [ M] 223. c:\windows\system32\xpsp3res.dll

    08790000[00162000]
      [ M] 224. c:\windows\system32\sogoupy.ime

    09C20000[00042000]
      [ M] 225. c:\program files\sogouinput\plugin\sgimeword.dll


用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
分享到:
gototop
 

回复:我的电脑中了木马.. 瑞星怎么查不出来..?

没..
  是用个叫迈克的..杀木马软件找出来的.. 
  但是瑞星查不出来..
gototop
 
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT