123   3  /  3  页   跳转

[求助] xp-b2504789.exe是病毒吗。为何总是自动连接上网?

收藏
xbydz118
头像
初生襁褓狮
  • 帖子:36
  • 注册: 2008-07-26
  • 来自:
发表于: 2008-07-28 10:50 | 只看楼主 短消息 资料
字号: 21楼

回复:xp-b2504789.exe是病毒吗。为何总是自动连接上网?

[PID: 3936][C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe]  [Yahoo! Inc., 3.1.4]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\iphlpapi.dll]  [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSIMG32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSVFW32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3354 (xpsp_sp2_gdr.080417-1412)]
    [C:\WINDOWS\system32\RICHED20.dll]  [Microsoft Corporation, 5.30.23.1228]
    [C:\WINDOWS\system32\IMM32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Yahoo!\Yahoo! Widget Engine\js32.dll]  [N/A, ]
    [C:\Program Files\Yahoo!\Yahoo! Widget Engine\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\PSAPI.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINHTTP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Yahoo!\Yahoo! Widget Engine\LIBEAY32.dll]  [The OpenSSL Project, http://www.openssl.org/, 0.9.8a]
    [C:\WINDOWS\system32\WSOCK32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\comdlg32.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINSPOOL.DRV]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3266]
    [C:\WINDOWS\system32\WININET.dll]  [Microsoft Corporation, 6.00.2900.3354 (xpsp_sp2_gdr.080417-1412)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [D:\kaka6.0\comx3.dll]  [Beijing Rising Technology Co., Ltd., 21.0.0.20]
    [D:\kaka6.0\Syslay.dll]  [Beijing Rising Technology Co., Ltd., 21.0.0.4]
    [C:\WINDOWS\system32\urlmon.dll]  [Microsoft Corporation, 6.00.2900.3354 (xpsp_sp2_gdr.080417-1412)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\瑞星正版\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [D:\瑞星正版\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSCTF.dll]  [Microsoft Corporation, 5.1.2600.3284 (xpsp_sp2_gdr.071231-1252)]
    [C:\WINDOWS\system32\RICHED32.DLL]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SETUPAPI.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\CLBCATQ.DLL]  [Microsoft Corporation, 2001.12.4414.308]
    [C:\WINDOWS\system32\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.258]
    [C:\WINDOWS\system32\mlang.dll]  [Microsoft Corporation, 6.00.2900.2530 (xpsp.040919-1030)]
    [C:\WINDOWS\system32\xpsp2res.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Yahoo!\Yahoo! Widget Engine\WLive.dll]  [, 1, 0, 0, 1001]
    [C:\WINDOWS\system32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106)]
    [C:\WINDOWS\system32\SXS.DLL]  [Microsoft Corporation, 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414)]
    [C:\WINDOWS\system32\RASAPI32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\rasman.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\TAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\rtutils.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msv1_0.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\sensapi.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.3394 (xpsp_sp2_gdr.080620-1245)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.3394 (xpsp_sp2_gdr.080620-1245)]
    [C:\WINDOWS\system32\rasadhlp.dll]  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)]
    [C:\WINDOWS\system32\appHelp.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\shdocvw.dll]  [Microsoft Corporation, 6.00.2900.3354 (xpsp_sp2_gdr.080417-1412)]
    [C:\WINDOWS\system32\CRYPTUI.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINTRUST.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMAGEHLP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\webcheck.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SOGOUPY.IME]  [Sogou.com Inc., 3.5.0.0]
    [C:\WINDOWS\system32\NTMARTA.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SAMLIB.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\sohu\SogouInput\Plugin\SgImeWord.dll]  [Sogou.com Inc., 3.5.0.0]
    [C:\WINDOWS\system32\hnetcfg.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\wshtcpip.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 156][D:\瑞星下载\杀毒软件\Rising\Rav\RAVTASK.EXE]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.24]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\COMCTL32.dll]  [Microsoft Corporation, 5.82 (xpsp.060825-0040)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3354 (xpsp_sp2_gdr.080417-1412)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3266]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [C:\WINDOWS\system32\urlmon.dll]  [Microsoft Corporation, 6.00.2900.3354 (xpsp_sp2_gdr.080417-1412)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\瑞星下载\杀毒软件\Rising\Rav\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [D:\瑞星下载\杀毒软件\Rising\Rav\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [D:\瑞星下载\杀毒软件\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [D:\瑞星下载\杀毒软件\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [D:\瑞星下载\杀毒软件\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.18]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSCTF.dll]  [Microsoft Corporation, 5.1.2600.3284 (xpsp_sp2_gdr.071231-1252)]
    [C:\WINDOWS\system32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
gototop
 
xbydz118
头像
初生襁褓狮
  • 帖子:36
  • 注册: 2008-07-26
  • 来自:
发表于: 2008-07-28 10:51 | 只看楼主 短消息 资料
字号: 22楼

回复:xp-b2504789.exe是病毒吗。为何总是自动连接上网?

[PID: 1752][D:\瑞星下载\杀毒软件\RISING\RAV\ravmond.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.77]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [D:\瑞星下载\杀毒软件\RISING\RAV\BWList.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.4]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3354 (xpsp_sp2_gdr.080417-1412)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3266]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\WSOCK32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [C:\WINDOWS\system32\comctl32.dll]  [Microsoft Corporation, 5.82 (xpsp.060825-0040)]
    [C:\WINDOWS\system32\urlmon.dll]  [Microsoft Corporation, 6.00.2900.3354 (xpsp_sp2_gdr.080417-1412)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\瑞星下载\杀毒软件\RISING\RAV\RSAPPMGR.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [D:\瑞星下载\杀毒软件\RISING\RAV\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.18]
    [D:\瑞星下载\杀毒软件\RISING\RAV\RsLog.dll]  [Beijing Rising Information Technology Co., Ltd., 20.0.0.36]
    [D:\瑞星下载\杀毒软件\RISING\RAV\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [D:\瑞星下载\杀毒软件\RISING\RAV\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [D:\瑞星下载\杀毒软件\RISING\RAV\MonRule.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.29]
    [D:\瑞星下载\杀毒软件\RISING\RAV\Hooksys.dll]  [Beijing Rising Technology Co., Ltd, 22, 0, 0, 10]
    [D:\瑞星下载\杀毒软件\RISING\RAV\HookReg.dll]  [Beijing Rising Technology Co., Ltd, 22, 0, 0, 4]
    [D:\瑞星下载\杀毒软件\RISING\RAV\HookNtos.dll]  [Beijing Rising Technology Co., Ltd, 22, 0, 0, 2]
    [D:\瑞星下载\杀毒软件\RISING\RAV\rswalmon.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 22]
    [D:\瑞星下载\杀毒软件\RISING\RAV\recomp.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 39]
    [D:\瑞星下载\杀毒软件\RISING\RAV\refs.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 17]
    [D:\瑞星下载\杀毒软件\RISING\RAV\ffr.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 15]
    [C:\WINDOWS\system32\sfc.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINTRUST.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMAGEHLP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\瑞星下载\杀毒软件\Rising\Rav\RsStore.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.8]
    [D:\瑞星下载\杀毒软件\RISING\RAV\HookCont.dll]  [Beijing Rising Technology Co., Ltd, 22, 0, 0, 1]
    [D:\瑞星下载\杀毒软件\Rising\Rav\fakescan.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.13]
    [D:\瑞星下载\杀毒软件\Rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.36]
    [D:\瑞星下载\杀毒软件\RISING\RAV\viruslib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]
    [D:\瑞星下载\杀毒软件\RISING\RAV\relibldr.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [C:\WINDOWS\system32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.3394 (xpsp_sp2_gdr.080620-1245)]
    [C:\WINDOWS\system32\hnetcfg.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\wshtcpip.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\瑞星下载\杀毒软件\RISING\RAV\HookWeb.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.2]
    [C:\WINDOWS\system32\CLBCATQ.DLL]  [Microsoft Corporation, 2001.12.4414.308]
    [C:\WINDOWS\system32\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.258]
    [C:\WINDOWS\system32\xpsp2res.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\瑞星下载\杀毒软件\RISING\RAV\nvfile.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 6]
    [D:\瑞星下载\杀毒软件\RISING\RAV\scanexec.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [D:\瑞星下载\杀毒软件\RISING\RAV\unexe.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 5]
    [D:\瑞星下载\杀毒软件\RISING\RAV\scanex.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 82]
    [D:\瑞星下载\杀毒软件\RISING\RAV\pearc.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 5]
    [D:\瑞星下载\杀毒软件\RISING\RAV\scansct.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9]
    [D:\瑞星下载\杀毒软件\RISING\RAV\scanpack.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9]
    [D:\瑞星下载\杀毒软件\RISING\RAV\revm.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 8]
    [D:\瑞星下载\杀毒软件\RISING\RAV\urutils.dll]  [, 20, 0, 0, 6]
    [D:\瑞星下载\杀毒软件\RISING\RAV\ur000.dat]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 18]
    [D:\瑞星下载\杀毒软件\RISING\RAV\extfile.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 29]
    [D:\瑞星下载\杀毒软件\RISING\RAV\extmail.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9]
    [D:\瑞星下载\杀毒软件\RISING\RAV\extole.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 12]
    [D:\瑞星下载\杀毒软件\RISING\RAV\scriptci.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [D:\瑞星下载\杀毒软件\RISING\RAV\ur023.dat]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 1]
    [D:\瑞星下载\杀毒软件\RISING\RAV\uroutine.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]
[PID: 344][D:\瑞星下载\杀毒软件\RISING\RAV\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.9]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)]
    [C:\WINDOWS\system32\COMCTL32.dll]  [Microsoft Corporation, 5.82 (xpsp.060825-0040)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\瑞星下载\杀毒软件\RISING\RAV\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [D:\瑞星下载\杀毒软件\RISING\RAV\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [D:\瑞星下载\杀毒软件\RISING\RAV\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 488][D:\瑞星下载\杀毒软件\Rising\Rav\RAVMON.EXE]  [Beijing Rising Technology Co., Ltd., 20.0.01.20]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3354 (xpsp_sp2_gdr.080417-1412)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3266]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\瑞星下载\杀毒软件\Rising\Rav\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [D:\瑞星下载\杀毒软件\Rising\Rav\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [D:\瑞星下载\杀毒软件\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [D:\瑞星下载\杀毒软件\Rising\Rav\recomp.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 39]
    [D:\瑞星下载\杀毒软件\Rising\Rav\refs.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 17]
    [D:\瑞星下载\杀毒软件\Rising\Rav\viruslib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]
    [D:\瑞星下载\杀毒软件\Rising\Rav\relibldr.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [D:\瑞星下载\杀毒软件\Rising\Rav\RSAPPMGR.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [D:\瑞星下载\杀毒软件\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.18]
    [D:\瑞星下载\杀毒软件\Rising\Rav\MonRule.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.29]
    [D:\瑞星下载\杀毒软件\Rising\Rav\PngDll.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5]
    [C:\WINDOWS\system32\wtsapi32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINSTA.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106)]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSCTF.dll]  [Microsoft Corporation, 5.1.2600.3284 (xpsp_sp2_gdr.071231-1252)]
    [C:\WINDOWS\system32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\瑞星下载\杀毒软件\Rising\Rav\Rsguilib.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90]
    [D:\瑞星下载\杀毒软件\Rising\Rav\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 0]
    [C:\WINDOWS\system32\perfproc.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2536][D:\kaka6.0\knownsvr.exe]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.11]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\kaka6.0\NComm.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.6]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3266]
    [C:\WINDOWS\system32\WININET.dll]  [Microsoft Corporation, 6.00.2900.3354 (xpsp_sp2_gdr.080417-1412)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3354 (xpsp_sp2_gdr.080417-1412)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [C:\WINDOWS\system32\urlmon.dll]  [Microsoft Corporation, 6.00.2900.3354 (xpsp_sp2_gdr.080417-1412)]
    [D:\kaka6.0\comx3.dll]  [Beijing Rising Technology Co., Ltd., 21.0.0.20]
    [D:\kaka6.0\Syslay.dll]  [Beijing Rising Technology Co., Ltd., 21.0.0.4]
gototop
 
xbydz118
头像
初生襁褓狮
  • 帖子:36
  • 注册: 2008-07-26
  • 来自:
发表于: 2008-07-28 10:51 | 只看楼主 短消息 资料
字号: 23楼

回复:xp-b2504789.exe是病毒吗。为何总是自动连接上网?

[PID: 2476][D:\kaka6.0\ras.exe]  [Beijing Rising Technology Co., Ltd., 6.0.0.6]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [D:\kaka6.0\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [D:\kaka6.0\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3354 (xpsp_sp2_gdr.080417-1412)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSCTF.dll]  [Microsoft Corporation, 5.1.2600.3284 (xpsp_sp2_gdr.071231-1252)]
    [D:\kaka6.0\KakaMgr.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.26]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)]
    [D:\kaka6.0\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [D:\kaka6.0\Syslay.dll]  [Beijing Rising Technology Co., Ltd., 21.0.0.4]
    [D:\瑞星下载\杀毒软件\Rising\Rav\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [D:\瑞星下载\杀毒软件\Rising\Rav\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [D:\kaka6.0\comx3.dll]  [Beijing Rising Technology Co., Ltd., 21.0.0.20]
    [D:\kaka6.0\dbmgr.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.4]
    [D:\kaka6.0\RSXML.DLL]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2]
    [D:\kaka6.0\pweb.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.18]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3266]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RICHED20.DLL]  [Microsoft Corporation, 5.30.23.1228]
    [D:\kaka6.0\pscan.dll]  [Beijing Rising Technology Co., Ltd., 6.0.0.48]
    [C:\WINDOWS\system32\WININET.dll]  [Microsoft Corporation, 6.00.2900.3354 (xpsp_sp2_gdr.080417-1412)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106)]
    [C:\WINDOWS\system32\iphlpapi.dll]  [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)]
    [D:\kaka6.0\NComm.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.6]
    [D:\kaka6.0\pset.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.11]
    [D:\kaka6.0\pdefend.dll]  [Beijing Rising Technology Co., Ltd., 6.0.0.11]
    [D:\kaka6.0\ptools.dll]  [Beijing Rising Technology Co., Ltd., 6.0.0.13]
    [C:\WINDOWS\system32\comdlg32.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\sfc.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINTRUST.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMAGEHLP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\kaka6.0\psysinfo.dll]  [Beijing Rising Technology Co., Ltd., 6.0.0.53]
    [C:\WINDOWS\system32\appHelp.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\CLBCATQ.DLL]  [Microsoft Corporation, 2001.12.4414.308]
    [C:\WINDOWS\system32\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.258]
    [C:\WINDOWS\system32\shdocvw.dll]  [Microsoft Corporation, 6.00.2900.3354 (xpsp_sp2_gdr.080417-1412)]
    [C:\WINDOWS\system32\CRYPTUI.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\urlmon.dll]  [Microsoft Corporation, 6.00.2900.3354 (xpsp_sp2_gdr.080417-1412)]
    [C:\WINDOWS\system32\SETUPAPI.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\kaka6.0\PngDll.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5]
    [C:\WINDOWS\system32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SXS.DLL]  [Microsoft Corporation, 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414)]
    [C:\WINDOWS\system32\shdoclc.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\xpsp2res.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\mlang.dll]  [Microsoft Corporation, 6.00.2900.2530 (xpsp.040919-1030)]
    [C:\WINDOWS\system32\mshtml.dll]  [Microsoft Corporation, 6.00.2900.3354 (xpsp_sp2_gdr.080417-1412)]
    [C:\WINDOWS\system32\msls31.dll]  [Microsoft Corporation, 3.10.349.0]
    [C:\WINDOWS\system32\PSAPI.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\inetcomm.dll]  [Microsoft Corporation, 6.00.2900.3198 (xpsp_sp2_gdr.070820-1448)]
    [C:\WINDOWS\system32\MSOERT2.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\inetres.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msimtf.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.3394 (xpsp_sp2_gdr.080620-1245)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.3394 (xpsp_sp2_gdr.080620-1245)]
    [C:\WINDOWS\System32\winrnr.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\rasadhlp.dll]  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)]
    [C:\WINDOWS\system32\wsock32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\hnetcfg.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\wshtcpip.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RASAPI32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\rasman.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\TAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\rtutils.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msv1_0.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\sensapi.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\瑞星下载\杀毒软件\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [C:\WINDOWS\system32\vbscript.dll]  [Microsoft Corporation, 5.6.0.8820]
    [C:\WINDOWS\system32\MFC42.DLL]  [Microsoft Corporation, 6.02.4131.0]
    [C:\WINDOWS\system32\MFC42LOC.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [C:\WINDOWS\system32\jscript.dll]  [Microsoft Corporation, 5.6.0.8834]
    [C:\WINDOWS\system32\macromed\flash\Flash9e.ocx]  [Adobe Systems, Inc., 9,0,115,0]
    [C:\WINDOWS\system32\wdmaud.drv]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\midimap.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\mshtmled.dll]  [Microsoft Corporation, 6.00.2900.3354 (xpsp_sp2_gdr.080417-1412)]
    [C:\WINDOWS\system32\actxprxy.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2788][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3354 (xpsp_sp2_gdr.080417-1412)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHDOCVW.dll]  [Microsoft Corporation, 6.00.2900.3354 (xpsp_sp2_gdr.080417-1412)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\CRYPTUI.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINTRUST.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMAGEHLP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3266]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [C:\WINDOWS\system32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106)]
    [C:\WINDOWS\system32\WININET.dll]  [Microsoft Corporation, 6.00.2900.3354 (xpsp_sp2_gdr.080417-1412)]
    [C:\WINDOWS\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [D:\kaka6.0\comx3.dll]  [Beijing Rising Technology Co., Ltd., 21.0.0.20]
    [D:\kaka6.0\Syslay.dll]  [Beijing Rising Technology Co., Ltd., 21.0.0.4]
    [D:\瑞星正版\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)]
    [C:\WINDOWS\system32\comctl32.dll]  [Microsoft Corporation, 5.82 (xpsp.060825-0040)]
    [D:\瑞星正版\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSCTF.dll]  [Microsoft Corporation, 5.1.2600.3284 (xpsp_sp2_gdr.071231-1252)]
    [C:\WINDOWS\system32\BROWSEUI.dll]  [Microsoft Corporation, 6.00.2900.3354 (xpsp_sp2_gdr.080417-1412)]
    [C:\WINDOWS\system32\browselc.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\appHelp.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\CLBCATQ.DLL]  [Microsoft Corporation, 2001.12.4414.308]
    [C:\WINDOWS\system32\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.258]
    [C:\WINDOWS\system32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\cscui.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\CSCDLL.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SETUPAPI.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\urlmon.dll]  [Microsoft Corporation, 6.00.2900.3354 (xpsp_sp2_gdr.080417-1412)]
    [D:\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 61]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\Thunder\Components\ResWorker\DsBho_00.dll]  [, 1, 0, 0, 17]
    [C:\WINDOWS\system32\MSVCP60.dll]  [Microsoft Corporation, 6.02.3104.0]
    [D:\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [C:\WINDOWS\system32\xpsp2res.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\actxprxy.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SXS.DLL]  [Microsoft Corporation, 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414)]
    [C:\WINDOWS\system32\mshtml.dll]  [Microsoft Corporation, 6.00.2900.3354 (xpsp_sp2_gdr.080417-1412)]
    [C:\WINDOWS\system32\msls31.dll]  [Microsoft Corporation, 3.10.349.0]
    [C:\WINDOWS\system32\PSAPI.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\wsock32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\shdoclc.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\mlang.dll]  [Microsoft Corporation, 6.00.2900.2530 (xpsp.040919-1030)]
    [C:\WINDOWS\system32\msimtf.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
gototop
 
xbydz118
头像
初生襁褓狮
  • 帖子:36
  • 注册: 2008-07-26
  • 来自:
发表于: 2008-07-28 10:52 | 只看楼主 短消息 资料
字号: 24楼

回复:xp-b2504789.exe是病毒吗。为何总是自动连接上网?

C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
    [C:\WINDOWS\system32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.3394 (xpsp_sp2_gdr.080620-1245)]
    [C:\WINDOWS\system32\hnetcfg.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\wshtcpip.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RASAPI32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\rasman.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\TAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\rtutils.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msv1_0.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\iphlpapi.dll]  [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)]
    [C:\WINDOWS\system32\sensapi.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.3394 (xpsp_sp2_gdr.080620-1245)]
    [C:\WINDOWS\system32\rasadhlp.dll]  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)]
    [D:\瑞星下载\杀毒软件\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [C:\WINDOWS\system32\vbscript.dll]  [Microsoft Corporation, 5.6.0.8820]
    [C:\WINDOWS\system32\MFC42.DLL]  [Microsoft Corporation, 6.02.4131.0]
    [C:\WINDOWS\system32\MFC42LOC.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [C:\WINDOWS\system32\jscript.dll]  [Microsoft Corporation, 5.6.0.8834]
    [C:\WINDOWS\system32\macromed\flash\Flash9e.ocx]  [Adobe Systems, Inc., 9,0,115,0]
    [C:\WINDOWS\system32\comdlg32.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\wdmaud.drv]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\midimap.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\schannel.dll]  [Microsoft Corporation, 5.1.2600.3126 (xpsp_sp2_gdr.070425-0226)]
    [C:\WINDOWS\system32\ddrawex.dll]  [Microsoft Corporation, 5.03.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\DDRAW.dll]  [Microsoft Corporation, 5.03.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\DCIMAN32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ImgUtil.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\pngfilt.dll]  [Microsoft Corporation, 6.00.2900.3354 (xpsp_sp2_gdr.080417-1412)]
    [C:\WINDOWS\system32\mshtmled.dll]  [Microsoft Corporation, 6.00.2900.3354 (xpsp_sp2_gdr.080417-1412)]
    [C:\WINDOWS\system32\iepeers.dll]  [Microsoft Corporation, 6.00.2900.3354 (xpsp_sp2_gdr.080417-1412)]
    [C:\WINDOWS\system32\WINSPOOL.DRV]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msxml3.dll]  [Microsoft Corporation, 8.90.1101.0]
    [C:\WINDOWS\system32\SOGOUPY.IME]  [Sogou.com Inc., 3.5.0.0]
    [C:\WINDOWS\system32\MSIMG32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\NTMARTA.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SAMLIB.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\sohu\SogouInput\Plugin\SgImeWord.dll]  [Sogou.com Inc., 3.5.0.0]
    [C:\WINDOWS\system32\dxtrans.dll]  [Microsoft Corporation, 6.00.2900.3354 (xpsp_sp2_gdr.080417-1412)]
    [C:\WINDOWS\system32\ATL.DLL]  [Microsoft Corporation, 3.05.2284]
    [C:\WINDOWS\system32\dxtmsft.dll]  [Microsoft Corporation, 6.00.2900.3354 (xpsp_sp2_gdr.080417-1412)]
    [D:\Thunder\ComDlls\ThunderAgent_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 4, 23]
[PID: 3164][D:\智能扫描下载\SREngLdr.EXE]  [Smallfrogs Studio, 2.6.11.992]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\瑞星正版\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3354 (xpsp_sp2_gdr.080417-1412)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kmon.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
    [D:\kaka6.0\comx3.dll]  [Beijing Rising Technology Co., Ltd., 21.0.0.20]
    [D:\kaka6.0\Syslay.dll]  [Beijing Rising Technology Co., Ltd., 21.0.0.4]
    [C:\WINDOWS\system32\urlmon.dll]  [Microsoft Corporation, 6.00.2900.3354 (xpsp_sp2_gdr.080417-1412)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\瑞星正版\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
    [C:\WINDOWS\system32\Apphelp.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2348][D:\智能扫描下载\SREe36504ad.EXE]  [Smallfrogs Studio, 2.6.11.992]
    [C:\WINDOWS\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)]
    [C:\WINDOWS\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)]
    [C:\WINDOWS\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316)]
    [C:\WINDOWS\system32\comdlg32.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3354 (xpsp_sp2_gdr.080417-1412)]
    [C:\WINDOWS\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051)]
    [C:\WINDOWS\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248)]
    [C:\WINDOWS\system32\WINSPOOL.DRV]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\oledlg.dll]  [Microsoft Corporation, 1.0 (xpsp_sp2_gdr.061016-0148)]
    [C:\WINDOWS\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
    [C:\WINDOWS\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.3266]
    [C:\WINDOWS\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WININET.dll]  [Microsoft Corporation, 6.00.2900.3354 (xpsp_sp2_gdr.080417-1412)]
    [C:\WINDOWS\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\瑞星正版\Rising\Rfw\ijt_base.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.21]
    [D:\瑞星正版\Rising\Rfw\olemon.dll]  [Beijing Rising Information Technology Co., Ltd., 7.0.0.9]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RICHED20.DLL]  [Microsoft Corporation, 5.30.23.1228]
    [C:\WINDOWS\system32\NTMARTA.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SAMLIB.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSCTF.dll]  [Microsoft Corporation, 5.1.2600.3284 (xpsp_sp2_gdr.071231-1252)]
    [C:\WINDOWS\system32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\sfc.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINTRUST.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\IMAGEHLP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\智能扫描下载\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
    [C:\WINDOWS\system32\wsock32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RASAPI32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\rasman.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106)]
    [C:\WINDOWS\system32\TAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\rtutils.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msv1_0.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\iphlpapi.dll]  [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)]
    [C:\WINDOWS\system32\sensapi.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\urlmon.dll]  [Microsoft Corporation, 6.00.2900.3354 (xpsp_sp2_gdr.080417-1412)]
    [C:\WINDOWS\System32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.3394 (xpsp_sp2_gdr.080620-1245)]
    [C:\WINDOWS\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.3394 (xpsp_sp2_gdr.080620-1245)]
    [C:\WINDOWS\system32\rasadhlp.dll]  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)]
    [C:\WINDOWS\system32\hnetcfg.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\wshtcpip.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\xpsp2res.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\rsaenh.dll]  [Microsoft Corporation, 5.1.2600.2161 (xpsp.040706-1629)]
    [C:\WINDOWS\system32\CLBCATQ.DLL]  [Microsoft Corporation, 2001.12.4414.308]
    [C:\WINDOWS\system32\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.258]
gototop
 
xbydz118
头像
初生襁褓狮
  • 帖子:36
  • 注册: 2008-07-26
  • 来自:
发表于: 2008-07-28 10:52 | 只看楼主 短消息 资料
字号: 25楼

回复:xp-b2504789.exe是病毒吗。为何总是自动连接上网?

[C:\WINDOWS\system32\LINKINFO.dll]  [Microsoft Corporation, 5.1.2600.2751 (xpsp_sp2_gdr.050831-1520)]
    [C:\WINDOWS\system32\ntshrui.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ATL.DLL]  [Microsoft Corporation, 3.05.2284]
    [C:\WINDOWS\system32\SETUPAPI.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Winsta.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\utildll.dll]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\cryptnet.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\WINHTTP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Cabinet.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\MSISIP.DLL]  [Microsoft Corporation, 3.1.4000.1823]
    [C:\WINDOWS\system32\wshext.dll]  [Microsoft Corporation, 5.6.0.8820]
    [C:\WINDOWS\system32\MFC42.DLL]  [Microsoft Corporation, 6.02.4131.0]
    [C:\WINDOWS\system32\MFC42LOC.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [C:\WINDOWS\system32\wshCHS.DLL]  [Microsoft Corporation, 5.6.0.6626]
    [C:\PROGRA~1\MICROS~1\OFFICE11\MCPS.DLL]  [Microsoft Corporation, 11.0.8164]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 968, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 412, C:\WINDOWS\EXPLORER.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 412, C:\WINDOWS\EXPLORER.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 660, C:\WINDOWS\SYSTEM32\SPOOLSV.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 2492, C:\WINDOWS\SYSTEM32\XP-B2504789.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2492, C:\WINDOWS\SYSTEM32\XP-B2504789.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 2580, C:\PROGRAM FILES\SAMSUNG\SMARTHRU\PORTCTRL.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2580, C:\PROGRAM FILES\SAMSUNG\SMARTHRU\PORTCTRL.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 3200, C:\PROGRAM FILES\YAHOO!\YAHOO! WIDGET ENGINE\YAHOOWIDGETENGINE.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3200, C:\PROGRAM FILES\YAHOO!\YAHOO! WIDGET ENGINE\YAHOOWIDGETENGINE.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 2040, C:\PROGRAM FILES\YAHOO!\YAHOO! WIDGET ENGINE\YAHOOWIDGETENGINE.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2040, C:\PROGRAM FILES\YAHOO!\YAHOO! WIDGET ENGINE\YAHOOWIDGETENGINE.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 3568, C:\PROGRAM FILES\YAHOO!\YAHOO! WIDGET ENGINE\YAHOOWIDGETENGINE.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3568, C:\PROGRAM FILES\YAHOO!\YAHOO! WIDGET ENGINE\YAHOOWIDGETENGINE.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 3936, C:\PROGRAM FILES\YAHOO!\YAHOO! WIDGET ENGINE\YAHOOWIDGETENGINE.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3936, C:\PROGRAM FILES\YAHOO!\YAHOO! WIDGET ENGINE\YAHOOWIDGETENGINE.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 3164, D:\智能扫描下载\SRENGLDR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3164, D:\智能扫描下载\SRENGLDR.EXE]

==================================
API HOOK
入口点错误:CreateProcessA (危险等级: 高,  被下面模块所HOOK: 0x00EC1FFD)
入口点错误:CreateProcessW (危险等级: 高,  被下面模块所HOOK: 0x00EC20E5)

==================================
隐藏进程
N/A

==================================


[/CODE]
gototop
 
xbydz118
头像
初生襁褓狮
  • 帖子:36
  • 注册: 2008-07-26
  • 来自:
发表于: 2008-07-28 10:52 | 只看楼主 短消息 资料
字号: 26楼

回复:xp-b2504789.exe是病毒吗。为何总是自动连接上网?

请帮忙看看。谢谢。
gototop
 
aaccbbdd
头像
卡卡巡查
  • 帖子:45933
  • 注册: 2007-11-17
  • 来自:蜀山仙剑派
论坛8周年活动礼物卡卡名人堂祖国六十华诞09欢乐圣诞吃货勋章2012我眼中的你们幸福玫瑰
发表于: 2008-07-28 11:02 | 短消息 资料
字号: 27楼

汗,日志没放附件里,发了3页,看得我晕了

建议先上传给瑞星病毒样本http://mailcenter.rising.com.cn/uploadnew.aspx

操作方法见我签名
删除启动项及对应文件
<XP-B2504789><C:\WINDOWS\system32\XP-B2504789.EXE>  []

删除启动文件夹
[   ]
  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\   .lnk --> C:\WINDOWS\system32\XP-B25~1.EXE [N/A]><N>

删除文件
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\E_4\com.run
  [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\E_4\dp1.fne] 
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\E_4\shell.fne] 
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\E_4\eAPI.fne

C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\E_4\internet.fne


以下文件自己测下,地址http://www.virscan.org/
http://www.virustotal.com/zh-cn/

C:\WINDOWS\system32\odbcint.dll
gototop
 
aaccbbdd
头像
卡卡巡查
  • 帖子:45933
  • 注册: 2007-11-17
  • 来自:蜀山仙剑派
论坛8周年活动礼物卡卡名人堂祖国六十华诞09欢乐圣诞吃货勋章2012我眼中的你们幸福玫瑰
发表于: 2008-07-28 11:05 | 短消息 资料
字号: 28楼

回复:xp-b2504789.exe是病毒吗。为何总是自动连接上网?

补充:开始-运行
dllcache
找到Explorer.exe
用其替换Windos目录的同名文件
最后编辑aaccbbdd 最后编辑于 2008-07-28 11:06:08
gototop
 
xbydz118
头像
初生襁褓狮
  • 帖子:36
  • 注册: 2008-07-26
  • 来自:
发表于: 2008-07-28 11:59 | 只看楼主 短消息 资料
字号: 29楼

回复 27F aaccbbdd 的帖子

抱歉,我还是没有找到粘贴附件的位置
gototop
 
百事灵
头像
大版主
  • 帖子:4022
  • 注册: 2007-08-17
  • 来自:
发表于: 2008-07-28 14:18 | 短消息 资料
字号: 30楼

回复:xp-b2504789.exe是病毒吗。为何总是自动连接上网?

点击回复就可以看到了
gototop
 
<<上一主题|下一主题>>
123   3  /  3  页   跳转
页面顶部
Powered by Discuz!NT