瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 一开机就报毒,清除后重启又有,防火墙也被自动关了。

1   1  /  1  页   跳转

[已解决] 一开机就报毒,清除后重启又有,防火墙也被自动关了。

收藏
sdugeryu
头像
初生襁褓狮
  • 帖子:4
  • 注册: 2009-05-01
  • 来自:
发表于: 2009-05-01 22:53 | 显示全部 短消息 资料
字号: 1楼

一开机就报毒,清除后重启又有,防火墙也被自动关了。

是这样吗?

附件附件:

下载次数:146
文件类型:text/plain
文件大小:
上传时间:2009-5-1 23:06:48
描述:txt

最后编辑sdugeryu 最后编辑于 2009-05-02 11:17:08
分享到:
gototop
 
sdugeryu
头像
初生襁褓狮
  • 帖子:4
  • 注册: 2009-05-01
  • 来自:
发表于: 2009-05-01 22:54 | 显示全部 短消息 资料
字号: 2楼

回复:一开机就报毒,清除后重启又有,防火墙也被自动关了。

==================================
正在运行的进程
[PID: 756 / SYSTEM][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 908 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1056 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1148 / SYSTEM][C:\WINDOWS\system32\services.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
[PID: 1160 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1392 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4218]
    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2513]
    [C:\WINDOWS\system32\atipdlxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2545]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1408 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1468 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1604 / SYSTEM][C:\Program Files\Rising\Rav\CCENTER.EXE]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\Rav\combase.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [C:\Program Files\Rising\Rav\cnt09.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37]
    [C:\Program Files\Rising\Rav\cnt08.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1640 / SYSTEM][C:\Program Files\Rising\RFW\CCENTER.EXE]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\RFW\combase.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [C:\Program Files\Rising\RFW\cnt09.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1648 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [c:\windows\system32\showip.dll]  [N/A, ]
    [c:\windows\system32\msi.dll]  [Microsoft Corporation, 4.5.6001.22159]
[PID: 1756 / SYSTEM][C:\Program Files\Rising\Rav\RavTask.exe]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24]
    [C:\Program Files\Rising\Rav\proccomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Rising\Rav\rsconf.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\Rav\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.19]
    [C:\Program Files\Rising\Rav\rstask.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 36]
    [C:\Program Files\Rising\Rav\rsstub.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1796 / SYSTEM][C:\Program Files\Rising\RFW\RavTask.exe]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24]
    [C:\Program Files\Rising\RFW\proccomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Rising\RFW\rsconf.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\RFW\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
    [C:\Program Files\Rising\RFW\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.19]
    [C:\Program Files\Rising\RFW\rstask.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 36]
    [C:\Program Files\Rising\RFW\rsstub.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1888 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1944 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 172 / SYSTEM][C:\Program Files\Rising\RFW\rfwsrv.exe]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
    [C:\Program Files\Rising\RFW\combase.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Rising\RFW\MonBase.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6]
    [C:\Program Files\Rising\RFW\MonComm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
    [C:\Program Files\Rising\RFW\rfwlog.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13]
    [C:\Program Files\Rising\RFW\rfwrule.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.25]
    [C:\Program Files\Rising\RFW\rfwsrv.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.84]
    [C:\Program Files\Rising\RFW\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\Program Files\Rising\RFW\mPorts.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.0]
    [C:\Program Files\Rising\RFW\rfwdrvc.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.3]
    [C:\Program Files\Rising\RFW\Rfwdrv.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.5]
    [C:\Program Files\Rising\RFW\rsnetsvr.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14]
    [C:\Program Files\Rising\RFW\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\RFW\urlrule.dll]  [Beijing Rising Information Technology Co., Ltd., 1.0.0.18]
    [C:\Program Files\Rising\RFW\recomp.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\RFW\refs.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [C:\Program Files\Rising\RFW\viruslib.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\RFW\relibldr.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\RFW\rfwproxy.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.25]
    [C:\Program Files\Rising\RFW\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
    [C:\Program Files\Rising\RFW\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.19]
    [C:\Program Files\Rising\RFW\proccomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Program Files\Rising\RFW\urllib.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
[PID: 228 / SYSTEM][C:\Program Files\Rising\Rav\RavMonD.exe]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
    [C:\Program Files\Rising\Rav\combase.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Rising\Rav\moncomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
    [C:\Program Files\Rising\Rav\MonBase.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6]
    [C:\Program Files\Rising\Rav\Rslog.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.36]
    [C:\Program Files\Rising\Rav\mondrv.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9]
    [C:\Program Files\Rising\Rav\defmon.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 31]
    [C:\Program Files\Rising\Rav\moncom08.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
    [C:\Program Files\Rising\Rav\MonRule.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9]
    [C:\Program Files\Rising\Rav\FileMon.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 27]
    [C:\Program Files\Rising\Rav\MailMon.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24]
    [C:\Program Files\Rising\Rav\HookWeb.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [C:\Program Files\Rising\Rav\proccomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [C:\Program Files\Rising\Rav\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.19]
    [C:\Program Files\Rising\Rav\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\Rav\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\Program Files\Rising\Rav\Hooksys.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 18]
    [C:\Program Files\Rising\Rav\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [C:\Program Files\Rising\Rav\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
    [C:\Program Files\Rising\Rav\HookCont.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 12]
    [C:\Program Files\Rising\Rav\rsnetsvr.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14]
    [C:\Program Files\Rising\Rav\BACore.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 22]
gototop
 
sdugeryu
头像
初生襁褓狮
  • 帖子:4
  • 注册: 2009-05-01
  • 来自:
发表于: 2009-05-01 22:54 | 显示全部 短消息 资料
字号: 3楼

回复:一开机就报毒,清除后重启又有,防火墙也被自动关了。

[C:\Program Files\Rising\Rav\recomp.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\Rav\refs.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [C:\Program Files\Rising\Rav\RSStore.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [C:\Program Files\Rising\Rav\ScanAdd.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.17]
    [C:\Program Files\Rising\Rav\Scanner.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.38]
    [C:\Program Files\Rising\Rav\viruslib.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\Rav\relibldr.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Program Files\Rising\Rav\ffr.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [C:\Program Files\Rising\Rav\nvfile.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [C:\Program Files\Rising\Rav\extfile.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13]
    [C:\Program Files\Rising\Rav\scanexec.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5]
    [C:\Program Files\Rising\Rav\unexe.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
    [C:\Program Files\Rising\Rav\scanex.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 36]
    [C:\Program Files\Rising\Rav\pearc.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\Rav\scanpe.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
    [C:\Program Files\Rising\Rav\ur000.dat]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13]
    [C:\Program Files\Rising\Rav\urutils.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\Rav\revm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [C:\Program Files\Rising\Rav\scriptci.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
    [C:\Program Files\Rising\Rav\uroutine.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\Rav\posttrt.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\Rav\ur001.dat]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7]
    [C:\Program Files\Rising\Rav\scansct.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [C:\Program Files\Rising\Rav\extmail.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5]
[PID: 540 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 640 / SYSTEM][C:\Program Files\Rising\Rav\rsnetsvr.exe]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 15]
    [C:\Program Files\Rising\Rav\NComm.dll]  [Beijing Rising Information Technology Co., Ltd., 6.0.0.12]
    [C:\Program Files\Rising\Rav\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\Program Files\Rising\Rav\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\Rav\ProcComm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 828 / Administrator][C:\WINDOWS\Explorer.exe]  [(Verified) Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\msi.dll]  [Microsoft Corporation, 4.5.6001.22159]
    [D:\Program Files\Tencent\QQDoctor\TSVulMon.DAT]  [Tencent, 2009, 4, 2, 10]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 120]
    [C:\WINDOWS\system32\shdoclc.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\flyplug.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\flymain.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\fly139.dll]  [, 1, 0, 0, 1]
[PID: 1176 / Administrator][C:\Program Files\Rising\Rav\RsTray.exe]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.22]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Program Files\Rising\Rav\ComServ.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.49]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Rising\Rav\rslang.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28]
    [C:\Program Files\Rising\Rav\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\Rav\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\Program Files\Rising\Rav\rsxml.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\Rav\ProcComm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [C:\Program Files\Rising\Rav\MonState.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7]
    [C:\Program Files\Rising\Rav\ScanEvnt.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.14]
    [C:\Program Files\Rising\Rav\rsguilib.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 73]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Rising\Rav\rsconf.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\Rav\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.19]
    [C:\Program Files\Rising\Rav\rspalvd.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.24]
    [C:\Program Files\Rising\Rav\ravbintl.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28]
    [C:\Program Files\Rising\Rav\mruleui.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10]
    [C:\Program Files\Rising\Rav\MonTray.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.1.0]
    [C:\Program Files\Rising\Rav\PngDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\Rav\RavITray.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23]
    [C:\Program Files\Rising\Rav\ScanPrxy.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.17]
    [C:\Program Files\Rising\Rav\rsmginfo.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
[PID: 1532 / Administrator][D:\Program Files\Tencent\QQDoctor\QQDoctorRTP.exe]  [Copyright Tencent 2008. All Rights Reserved, 2, 1, 9, 202]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [D:\Program Files\Tencent\QQDoctor\TSFSEngine.dat]  [Tencent, 2009, 3, 11, 7]
    [D:\Program Files\Tencent\QQDoctor\TSFileFilter.dat]  [tencent, 2007, 12, 5, 01]
    [D:\Program Files\Tencent\QQDoctor\TSVulMon.DAT]  [Tencent, 2009, 4, 2, 10]
    [D:\Program Files\Tencent\QQDoctor\TSKSPLIB.dat]  [Tencent, 2009, 3, 16, 10]
[PID: 1584 / Administrator][C:\WINDOWS\system32\ctfmon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [D:\Program Files\Tencent\QQDoctor\TSVulMon.DAT]  [Tencent, 2009, 4, 2, 10]
[PID: 1636 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 304 / SYSTEM][C:\Program Files\StormII\stormliv.exe]  [北京暴风网际科技有限公司, 3, 8, 3, 15]
    [C:\Program Files\StormII\MSVCP60.dll]  [Microsoft Corporation, 6.02.3104.0]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1920 / SYSTEM][C:\Program Files\Rising\Rav\ScanFrm.exe]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.11]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Rising\Rav\combase.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [C:\Program Files\Rising\Rav\moncomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
    [C:\Program Files\Rising\Rav\scansrvp.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.12]
    [C:\Program Files\Rising\Rav\proccomm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
    [C:\Program Files\Rising\Rav\ScanSrv.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.10]
    [C:\Program Files\Rising\Rav\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
    [C:\Program Files\Rising\Rav\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Program Files\Rising\Rav\ScanRavT.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.25]
    [C:\Program Files\Rising\Rav\ScanBT.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.46]
    [C:\Program Files\Rising\Rav\ScanStub.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.9]
    [C:\Program Files\Rising\Rav\RsLog.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.36]
    [C:\Program Files\Rising\Rav\ScanAdd.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.17]
    [C:\Program Files\Rising\Rav\RSAPPMGR.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.19]
    [C:\Program Files\Rising\Rav\Scanner.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.38]
    [C:\Program Files\Rising\Rav\recomp.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\Rav\refs.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [C:\Program Files\Rising\Rav\viruslib.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\Rav\relibldr.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\Rav\SysMail.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.5]
    [C:\Program Files\Rising\Rav\mvengine.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [C:\Program Files\Rising\Rav\posttrt.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
    [C:\Program Files\Rising\Rav\ffr.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [C:\Program Files\Rising\Rav\nvfile.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [C:\Program Files\Rising\Rav\scanexec.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5]
    [C:\Program Files\Rising\Rav\unexe.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
    [C:\Program Files\Rising\Rav\scanex.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 36]
    [C:\Program Files\Rising\Rav\pearc.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\Rav\scanpe.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
    [C:\Program Files\Rising\Rav\ur000.dat]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13]
    [C:\Program Files\Rising\Rav\urutils.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\Rav\revm.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [C:\Program Files\Rising\Rav\ur001.dat]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7]
    [C:\Program Files\Rising\Rav\extfile.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13]
    [C:\Program Files\Rising\Rav\extmail.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5]
    [C:\Program Files\Rising\Rav\scansct.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
    [C:\Program Files\Rising\Rav\extole.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
    [C:\Program Files\Rising\Rav\scriptci.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
    [C:\Program Files\Rising\Rav\uroutine.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
    [C:\Program Files\Rising\Rav\rsstore.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
    [C:\Program Files\Rising\Rav\scanmac.dll]  [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
[PID: 2052 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 3340 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 3952 / SYSTEM][C:\WINDOWS\system32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 2244 / SYSTEM][C:\WINDOWS\system32\ntsd.exe]  [(Verified) Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[PID: 824 / SYSTEM][C:\program files\internet explorer\iexplore.exe]  [Microsoft Corporation, 7.00.6000.16827 (vista_gdr.090226-1506)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.34]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 120]
    [C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx]  [Adobe Systems, Inc., 10,0,22,87]
[PID: 2764 / SYSTEM][C:\WINDOWS\system32\ntsd.exe]  [(Verified) Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[PID: 4048 / Administrator][E:\sreng2\SREngLdr.EXE]  [Smallfrogs Studio, 2.7.1.1261]
[PID: 2708 / Administrator][E:\sreng2\SRE58bb104c.EXE]  [Smallfrogs Studio, 2.7.1.1261]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [D:\Program Files\Tencent\QQDoctor\TSVulMon.DAT]  [Tencent, 2009, 4, 2, 10]
    [E:\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 1056, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1392, C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 4048, E:\SRENG2\SRENGLDR.EXE]

==================================
计划任务
[已启用] SogouImeMgr.job
        C:\PROGRA~1\SOGOUI~1\400~1.195\PinyinRepair.exe

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE
gototop
 
sdugeryu
头像
初生襁褓狮
  • 帖子:4
  • 注册: 2009-05-01
  • 来自:
发表于: 2009-05-02 00:40 | 显示全部 短消息 资料
字号: 4楼

回复:一开机就报毒,清除后重启又有,防火墙也被自动关了。

谢谢了,先去整整,希望不会在出问题。
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT