【求助】前辈指点这个问题困扰我好久了（有日志） bbs.ikaka.com

liweizmd - 2006-9-16 23:11:00

打开IE没有任何问题但输入任何一个网址就弹出电信的一个网页如果重起就没有这个现象如果关机或用兔子和优化大师又会出现这个现象用瑞星扫描正常用木马清道夫扫描也正常这是怎么会事呢请前辈们指点

HijackThis_815汉化版扫描日志 V1.99.1
保存于 20:22:43, 日期 2006-9-16
操作系统： Windows XP SP2 (WinNT 5.01.2600)
浏览器： Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程：
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
d:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
d:\Program Files\Rising\Rav\Ravmond.exe
d:\program files\rising\rfw\rfwsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Rising\Rfw\rfwmain.exe
D:\Program Files\Rising\Rav\RavTask.exe
D:\Program Files\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Thunder_V5.4.0.226_Cr_Rip_Cnfan.org\Thunder\Program\Thunder5.exe
D:\Program Files\HijackThis1991\HijackThis1991zww.exe

O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - D:\Program Files\Thunder_V5.4.0.226_Cr_Rip_Cnfan.org\Thunder\ComDlls\XunLeiBHO_002.dll
O3 - IE工具栏增项: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - 启动项HKLM\\Run: [RfwMain] "d:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - 启动项HKLM\\Run: [RavTask] "d:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - IE右键菜单中的新增项目: 使用迅雷下载 - D:\Program Files\Thunder_V5.4.0.226_Cr_Rip_Cnfan.org\Thunder\Program\GetUrl.htm
O8 - IE右键菜单中的新增项目: 使用迅雷下载全部链接 - D:\Program Files\Thunder_V5.4.0.226_Cr_Rip_Cnfan.org\Thunder\Program\GetAllUrl.htm
O8 - IE右键菜单中的新增项目: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - 浏览器额外的按钮: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - 浏览器额外的“工具”菜单项: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} (AxSubmitControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F0006CAD-6ECE-48EA-99C6-466EB74D36FB}: NameServer = 219.150.150.150 222.88.88.88
O23 - NT 服务: Rising Proxy Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - d:\program files\rising\rfw\rfwproxy.exe
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - d:\program files\rising\rfw\rfwsrv.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - d:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - d:\Program Files\Rising\Rav\Ravmond.exe

liweizmd - 2006-9-16 23:14:00

这是用AUTORUNS的扫描
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

+ RavTaskRavTimerBeijing Rising Technology Co., Ltd.d:\program files\rising\rav\ravtask.exe

+ RfwMainRising Personal FireWall Main ProgramBeijing Rising Technology Co., Ltd.d:\program files\rising\rfw\rfwmain.exe

HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components

+ 0找不到文件:About:Home

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks

+ Rising Execute File Exts hookRising Shell Ext ModuleBeijing Rising Technology Co., Ltd.c:\windows\system32\ravext.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved

+ RISINGRising Shell Ext ModuleBeijing Rising Technology Co., Ltd.c:\windows\system32\ravext.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

+ Thunder Browser HelperXunLeiBHOThunder Networking Technologies,LTDd:\program files\thunder_v5.4.0.226_cr_rip_cnfan.org\thunder\comdlls\xunleibho_002.dll

HKLM\System\CurrentControlSet\Services

+ RfwServiceRising Personal Firewall ServiceBeijing Rising Technology Co., Ltd.d:\program files\rising\rfw\rfwsrv.exe

+ RsCCenterCCenterBeijing Rising Technology Co., Ltd.d:\program files\rising\rav\ccenter.exe

+ RsRavMonRavMondBeijing Rising Technology Co., Ltd.d:\program files\rising\rav\ravmond.exe

HKLM\System\CurrentControlSet\Services

+ a320raidAdaptec HostRAID for Ultra320 SCSIAdaptec, Inc.c:\windows\system32\drivers\a320raid.sys

+ AACAdaptec RAID Miniport DriverAdaptec, Inc.c:\windows\system32\drivers\aac.sys

+ aar1210Adaptec HostRAID for Serial ATAAdaptec, Inc.c:\windows\system32\drivers\aar1210.sys

+ adpu320Adaptec Win2K/XP/Server2003 Ultra320 SCSI DriverAdaptec, Inc.c:\windows\system32\drivers\adpu320.sys

+ aec6210ACARD Technology Corp.c:\windows\system32\drivers\aec6210.sys

+ aec6260ID=0006, 0007ACARD Technology Corp.c:\windows\system32\drivers\aec6260.sys

+ aec6280AEC6280 Miniport DriverACARD Technology Corp.c:\windows\system32\drivers\aec6280.sys

+ AEC6290AEC6280 Miniport DriverACARD Technology Corp.c:\windows\system32\drivers\aec6290.sys

+ AEC67160AEC67160 PCI Ultra3 LVD/SE Adapter DriverACARD Technology Corp.c:\windows\system32\drivers\aec67160.sys

+ AEC671XAEC671X PCI Ultra/W SCSI3 Adapter DriverACARD Technology Corp.c:\windows\system32\drivers\aec671x.sys

+ AEC6880AEC6880/90 PCI Ultra ATA133 RAID Adapter DriverACARD Technology Corp.c:\windows\system32\drivers\aec6880.sys

+ AEC6890AEC6880/90 PCI Ultra ATA133 RAID Adapter DriverACARD Technology Corp.c:\windows\system32\drivers\aec6890.sys

+ aec68x5AEC6885/95/96 PCI ATA133 4 Channel RAID Adapter DriverACARD Technology Corp.c:\windows\system32\drivers\aec68x5.sys

+ ALCXWDMRealtek AC'97 Audio Driver (WDM)Realtek Semiconductor Corp.c:\windows\system32\drivers\alcxwdm.sys

+ AliIdeALi mini IDE DriverAcer Laboratories Inc.c:\windows\system32\drivers\aliide.sys

+ arcAdaptec RAID Storport DriverAdaptec, Inc.c:\windows\system32\drivers\arc.sys

+ ascAdvanSys SCSI Controller DriverAdvanced System Products, Inc.c:\windows\system32\drivers\asc.sys

+ asc3550AdvanSys Ultra-Wide PCI SCSI DriverAdvanced System Products, Inc.c:\windows\system32\drivers\asc3550.sys

+ ati2mtagATI Radeon WindowsNT Miniport DriverATI Technologies Inc.c:\windows\system32\drivers\ati2mtag.sys

+ BaseTDIbasetdiBeijing Rising Technology Co., Ltd.c:\windows\system32\drivers\basetdi.sys

+ CmdIdeCMD PCI IDE Bus DriverCMD Technology, Inc.c:\windows\system32\drivers\cmdide.sys

+ dac2w2kMylex Disk Array Controller DriverMylex Corporationc:\windows\system32\drivers\dac2w2k.sys

+ elxstorStorport Miniport Driver for LightPulse HBAsEmulexc:\windows\system32\drivers\elxstor.sys

+ ExpScanerExpScan.sysd:\program files\rising\rav\expscan.sys

+ FASTSXPromise FastTRAK SX4/SX4000 Driver for WindowsXPPromise Technology, Inc.c:\windows\system32\drivers\fastsx.sys

+ fasttrakPromise FastTrak Series Driver for WinXPPromise Technology, Inc.c:\windows\system32\drivers\fasttrak.sys

+ fasttx2kPromise Driver for Windows XPPromise Technology, Inc.c:\windows\system32\drivers\fasttx2k.sys

+ fasttx2k2Promise FastTrak Series Driver for WindowsXPPromise Technology, Inc.c:\windows\system32\drivers\fasttx2k2.sys

+ HookContTDI HOOK DriverRising tech Co. ltdd:\program files\rising\rav\hookcont.sys

+ HookRegd:\program files\rising\rav\hookreg.sys

+ HookSysHooksysRisingd:\program files\rising\rav\hooksys.sys

+ HookUrlHookUrlBeijing Rising Technology Co., Ltd.d:\program files\rising\rfw\hookurl.sys

+ HpCISSsSmart Array 5x and 6x Controllers Storport DriverHewlett-Packard Companyc:\windows\system32\drivers\hpcisss.sys

+ HPT371HPT3xx Miniport DriverHighPoint Technologies, Inc.c:\windows\system32\drivers\hpt371.sys

+ hpt374HPT374 Miniport DriverHighPoint Technologies, Inc.c:\windows\system32\drivers\hpt374.sys

liweizmd - 2006-9-16 23:15:00

+ hpt3xxHPT3xx Miniport DriverHighPoint Technologies, Inc.c:\windows\system32\drivers\hpt3xx.sys

+ hptmvhptmv Miniport DriverHighPoint Technologies, Inc.c:\windows\system32\drivers\hptmv.sys

+ hptproHptproHighPoint Technologies, Inc.c:\windows\system32\drivers\hptpro.sys

+ iaStorIntel Application Accelerator driverIntel Corporationc:\windows\system32\drivers\iastor.sys

+ iirspIntel/ICP Raid Storport DriverIntel Corp./ICP vortex GmbHc:\windows\system32\drivers\iirsp.sys

+ IntelIde找不到文件:System32\DRIVERS\intelide.sys

+ iteraidITE IT8212 ATA RAID SCSI miniportIntegrated Technology Express, Inc.c:\windows\system32\drivers\iteraid.sys

+ KPENUMKYOCERA PHS BusEnum DriverAmerican Megatrends, Inc. Japanc:\windows\system32\drivers\kpenum.sys

+ KPMDM2KKYOCERA PHS USB Modem DriverAmerican Megatrends, Inc. Japanc:\windows\system32\drivers\kpmdm2k.sys

+ KPPORT2KKYOCERA PHS USB Data DriverAmerican Megatrends, Inc. Japanc:\windows\system32\drivers\kpport2k.sys

+ KPUSBKYOCERA PHS USB DriverAmerican Megatrends, Inc. Japanc:\windows\system32\drivers\kpusb.sys

+ LSI_FCLSI Logic Fusion-MPT FC Driver (StorPort)LSI Logicc:\windows\system32\drivers\lsi_fc.sys

+ LSI_SASLSI Logic Fusion-MPT SAS Driver (StorPort)LSI Logicc:\windows\system32\drivers\lsi_sas.sys

+ LSI_SCSILSI Logic Fusion-MPT SCSI Driver (StorPort)LSI Logicc:\windows\system32\drivers\lsi_scsi.sys

+ m5228M5228 ATA RAID Controller DriverALi Corporation.c:\windows\system32\drivers\m5228.sys

+ m5281M5281 SATA RAID Controller DriverALi Corporationc:\windows\system32\drivers\m5281.sys

+ MegaIDELSI MegaRAID IDE DriverLSI Logic Corporation.c:\windows\system32\drivers\megaide.sys

+ megasasMEGASAS RAID Controller Driver for Windows for x86LSI Logic Corporationc:\windows\system32\drivers\megasas.sys

+ MEMSCANMemScan Driver瑞星软件有限公司d:\program files\rising\rav\memscan.sys

+ mProcRsRising Personal FireWall mprocrs.sysBeijing Rising Technology Co., Ltd.d:\program files\rising\rfw\mprocrs.sys

+ mraid2kMEGARAID SCSI Controller Driver for Windows 2000 PAEAmerican Megatrends, Inc.c:\windows\system32\drivers\mraid2k.sys

+ mraid35xMegaRAID RAID Controller Driver for Windows Whistler 32American Megatrends Inc.c:\windows\system32\drivers\mraid35x.sys

+ nfrd960IBM ServeRAID Controller DriverIBM Corporationc:\windows\system32\drivers\nfrd960.sys

+ Nokia USB GenericNokia USB Phone Generic ClientNokiac:\windows\system32\drivers\nmwcdc.sys

+ Nokia USB ModemNokia USB Phone Modem ClientNokiac:\windows\system32\drivers\nmwcdcm.sys

+ Nokia USB Phone ParentNokia USB Phone Bus DriverNokiac:\windows\system32\drivers\nmwcd.sys

+ npkcryptnProtect KeyCrypt DriverINCA Internet Co., Ltd.d:\program files\qq\npkcrypt.sys

+ nvNVIDIA Compatible Windows 2000 Miniport Driver, Version 56.73 NVIDIA Corporationc:\windows\system32\drivers\nv4_mini.sys

+ nvraidNVIDIA? nForce(TM) RAID DriverNVIDIA Corporationc:\windows\system32\drivers\nvraid.sys

+ PNP649RIDE RAID miniport driverCMD Technology, Inc.c:\windows\system32\drivers\pnp649r.sys

+ Pnp680DMA capable ATA miniport driverSilicon Image, Inc.c:\windows\system32\drivers\pnp680.sys

+ Pnp680rDMA capable ATA RAID miniport driver Silicon Image, Incc:\windows\system32\drivers\pnp680r.sys

+ PtilinkDirect Parallel Link DriverParallel Technologies, Inc.c:\windows\system32\drivers\ptilink.sys

+ ql1080Miniport Driver for QLogic ISP PCI AdaptersQLogic Corporationc:\windows\system32\drivers\ql1080.sys

+ ql12160Miniport Driver for QLogic ISP PCI AdaptersQLogic Corporationc:\windows\system32\drivers\ql12160.sys

+ ql1280Miniport Driver for QLogic ISP PCI AdaptersQLogic Corporationc:\windows\system32\drivers\ql1280.sys

+ ql2300QLogic Fibre Channel Stor Miniport DriverQLogic Corporationc:\windows\system32\drivers\ql2300.sys

+ RAIDSRCIntel(r)/ICP Miniport DriverIntel/ICPc:\windows\system32\drivers\raidsrc.sys

+ RsFwDrvnt_fwdrvBeijing Rising Technology Co., Ltd.d:\program files\rising\rfw\rsfwdrv.sys

+ rtl8139Realtek RTL8139 NDIS 5.0 DriverRealtek Semiconductor Corporationc:\windows\system32\drivers\rtl8139.sys

+ S150SX8Promise SATAII150 SX8 Driver for WindowsXPPromise Technology, Inc.c:\windows\system32\drivers\s150sx8.sys

+ SI3112Serial ATA miniport driverSilicon Image, Inc.c:\windows\system32\drivers\si3112.sys

+ SI3112rSerial ATA RAID Miniport DriverSilicon Image, Incc:\windows\system32\drivers\si3112r.sys

+ SI3114Serial ATA miniport driverSilicon Image, Inc.c:\windows\system32\drivers\si3114.sys

+ SI3114rSATARAID Miniport DriverSilicon Image, Incc:\windows\system32\drivers\si3114r.sys

+ SI3124Serial ATA miniport driverSilicon Image, Inc.c:\windows\system32\drivers\si3124.sys

+ SI3124rSATARAID miniport driver (PRE-RELEASE)Silicon Image, Incc:\windows\system32\drivers\si3124r.sys

+ SiFilterWindows Accelerator DriverSilicon Image, Inc.c:\windows\system32\drivers\siwinacc.sys

+ SISIDESiS PCI Mini IDE DriverSilicon Integrated Systems Corp.c:\windows\system32\drivers\siside.sys

+ SiSRaidSiS RAID Miniport DriverSilicon Integrated Systemsc:\windows\system32\drivers\sisraid.sys

+ SiSRaid1SiS RAID Miniport DriverSilicon Integrated Systemsc:\windows\system32\drivers\sisraid1.sys

+ SISRAIDSSiS RAID Miniport DriverSilicon Integrated Systems Corpc:\windows\system32\drivers\sisraids.sys

+ SparrowAdaptec AIC-6x60 series SCSI miniportAdaptec, Inc.c:\windows\system32\drivers\sparrow.sys

+ sptrakPromise SuperTrak Family Driver for WindowsNTPromise Technology, Inc.c:\windows\system32\drivers\sptrak.sys

+ sym_hiSymbios Hi-Perf SCSI Miniport DriverLSI Logicc:\windows\system32\drivers\sym_hi.sys

+ sym_u3Symbios Ultra3 SCSI Miniport DriverLSI Logicc:\windows\system32\drivers\sym_u3.sys

+ symc810Symbios Logic Inc. SCSI Miniport DriverSymbios Logic Inc.c:\windows\system32\drivers\symc810.sys

+ symc8xxSymbios 8XX SCSI Miniport DriverLSI Logicc:\windows\system32\drivers\symc8xx.sys

+ SYMMPILSI Logic Fusion-MPT MiniPort Driver (ScsiPort)LSI Logicc:\windows\system32\drivers\symmpi.sys

+ UlSataPromise Ultra/Sata Series Driver for WinXPPromise Technology, Inc.c:\windows\system32\drivers\ulsata.sys

+ ULSATASPromise SATAII150 Series Driver for Win2003Promise Technology, Inc.c:\windows\system32\drivers\ulsatas.sys

+ ultraPromise Ultra66 Miniport 驱动程序Promise Technology, Inc.c:\windows\system32\drivers\ultra.sys

+ viamraidVIA RAID DRIVER FOR WIN 2000/XP/2003IA32VIA Technologies inc,.ltdc:\windows\system32\drivers\viamraid.sys

+ viapdskVIA VT4149 PATA DriverVIA Technologies, Inc.c:\windows\system32\drivers\viapdsk.sys

+ viaraidVT6410 RAID DRIVER FOR WINXPVIA Technologies inc,.ltdc:\windows\system32\drivers\viaraid.sys

+ viasraidVIA SATA RAID DRIVER FOR WINXPVIA Technologies inc,.ltdc:\windows\system32\drivers\viasraid.sys

+ vmscsiVMware SCSI ControllerVMware, Inc.c:\windows\system32\drivers\vmscsi.sys

我无邪 - 2006-9-16 23:30:00

你首先确认一下，问一下有和你同用电信的朋友，他们是否有这样的问题
如果有，那就没有解决的方法

如果没有，你可以这样试一下
重新创建一下用户，并以这个用户登陆系统
看能不能解决问题
如果依旧
请下载 System Repair Engineer，使用“智能扫描”，按下“扫描”按钮进行扫描，扫描完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告日志文件内容复制-粘贴上来
下载网址
http://www.kztechs.com/sreng/sreng2.zip
http://forum.ikaka.com/topic.asp?board=67&artid=5188931
日志一次粘不完，分次粘完，请不要修改。
完后可以给我发个悄悄话。

liweizmd - 2006-9-16 23:38:00

前辈您看上面的扫描我的系统有什么问题吗？谢谢严重的谢谢

liweizmd - 2006-9-16 23:53:00

2006-09-16,23:42:14

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<RfwMain><"d:\Program Files\Rising\Rfw\rfwmain.exe" -Startup> [Beijing Rising Technology Co., Ltd.]
<RavTask><"d:\Program Files\Rising\Rav\RavTask.exe" -system> [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [Microsoft Corporation]
<UIHost><logonui.exe> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll> [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<PCSuiteTrayApplication><; D:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup> [Nokia]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<PcSync><; D:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog> [Time Information Services Ltd.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<SoundMan><; SOUNDMAN.EXE> [Realtek Semiconductor Corp.]

==================================
启动文件夹
服务
[Rising Proxy Service / RfwProxySrv]
<d:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
<d:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
<"d:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
<"d:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[ServiceLayer / ServiceLayer]
<"C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe"><Nokia.>

==================================
浏览器加载项
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <D:\Program Files\Thunder_V5.4.0.226_Cr_Rip_Cnfan.org\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[AxSubmitControl Class]
{8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\DOWNLO~1\SUBMIT~1.DLL, >
[Web Browser Applet Control]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\system32\Msjava.dll, Microsoft Corporation>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\Mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AxInputControl Class]
{73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\DOWNLO~1\INPUTC~1.DLL, >
[Microsoft Web 浏览器]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <D:\Program Files\Thunder_V5.4.0.226_Cr_Rip_Cnfan.org\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[AxSubmitControl Class]
{8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\DOWNLO~1\SUBMIT~1.DLL, >
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RealPlayer G2 Control]
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\macromed\flash\Flash85.ocx, Macromedia, Inc.>
[使用迅雷下载]
<D:\Program Files\Thunder_V5.4.0.226_Cr_Rip_Cnfan.org\Thunder\Program\GetUrl.htm, N/A>
[使用迅雷下载全部链接]
<D:\Program Files\Thunder_V5.4.0.226_Cr_Rip_Cnfan.org\Thunder\Program\GetAllUrl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
<res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>

liweizmd - 2006-9-16 23:55:00

正在运行的进程
[PID: 452][\SystemRoot\System32\smss.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 504][\??\C:\WINDOWS\system32\csrss.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 528][\??\C:\WINDOWS\system32\winlogon.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 572][C:\WINDOWS\system32\services.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 584][C:\WINDOWS\system32\lsass.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 728][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 788][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 868][d:\Program Files\Rising\Rav\CCenter.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
[PID: 884][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 940][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1012][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1028][d:\Program Files\Rising\Rav\Ravmond.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 1, 35>
[d:\Program Files\Rising\Rav\BWList.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
[d:\Program Files\Rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1>
[d:\Program Files\Rising\Rav\RSAPPMGR.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
[d:\Program Files\Rising\Rav\CfgDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
[d:\Program Files\Rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[d:\Program Files\Rising\Rav\RsLog.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 20>
[d:\Program Files\Rising\Rav\HOOKSYS.dll] <Beijing Rising Technology Co., Ltd.><18, 1, 0, 11>
[d:\Program Files\Rising\Rav\Scanner.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 32>
[d:\Program Files\Rising\Rav\libload.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
[d:\Program Files\Rising\Rav\VirusLib.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 12>
[d:\Program Files\Rising\Rav\regmon.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
[d:\Program Files\Rising\Rav\HookWeb.dll] <rising><18, 0, 0, 2>
[d:\Program Files\Rising\Rav\MemMon.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
[d:\Program Files\Rising\Rav\expscan.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[d:\Program Files\Rising\Rav\mPorts.dll] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 3>
[d:\Program Files\Rising\Rav\MailMon.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[d:\Program Files\Rising\Rav\SpamEng.dll] <N/A><18, 0, 0, 6>
[d:\Program Files\Rising\Rav\engine.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 34>
[d:\Program Files\Rising\Rav\PostTrt.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 15>
[d:\Program Files\Rising\Rav\UnExe.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
[d:\Program Files\Rising\Rav\ScanExec.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
[d:\Program Files\Rising\Rav\ScanEx.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
[d:\Program Files\Rising\Rav\RSUnpack.dll] <Beijing Rising Technology Co., Ltd.><1, 0, 0, 13>
[d:\Program Files\Rising\Rav\NvFile.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
[d:\Program Files\Rising\Rav\ScanMac.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 9>
[d:\Program Files\Rising\Rav\ScanSct.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 18>
[d:\Program Files\Rising\Rav\Unpacker.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[d:\Program Files\Rising\Rav\ExtOLE.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>

liweizmd - 2006-9-16 23:55:00

[PID: 1200][d:\program files\rising\rfw\rfwsrv.exe] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 33>
[d:\program files\rising\rfw\RfwRule.dll] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 13>
[d:\program files\rising\rfw\rfwlog.dll] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 6>
[d:\program files\rising\rfw\Rfwdrv.dll] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 21>
[d:\program files\rising\rfw\MonDrv.dll] <rs><1, 0, 0, 4>
[d:\program files\rising\rfw\ProcLib.dll] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 9>
[d:\program files\rising\rfw\mPorts.dll] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 3>
[PID: 1280][C:\WINDOWS\Explorer.EXE] <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\RavExt.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
[D:\Program Files\Thunder_V5.4.0.226_Cr_Rip_Cnfan.org\Thunder\ComDlls\XunLeiBHO_002.dll] <Thunder Networking Technologies,LTD><5, 0, 0, 2>
[d:\Program Files\Rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[C:\Program Files\WinRAR\rarext.dll] <N/A><N/A>
[D:\Program Files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll] <Nokia><6, 81, 46, 1>
[D:\Program Files\Nokia\Nokia PC Suite 6\PCSCM.dll] <Nokia><6, 81, 68, 0>
[C:\WINDOWS\system32\ConnAPI.DLL] <Nokia.><6, 81, 62, 0>
[D:\Program Files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_chi-sc.nlr] <Nokia><6, 81, 29, 0>
[D:\Program Files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr] <Nokia><6, 81, 11, 0>
[PID: 1412][C:\WINDOWS\system32\spoolsv.exe] <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
[PID: 1776][C:\WINDOWS\system32\wdfmgr.exe] <Microsoft Corporation><5.2.3790.1230 built by: dnsrv(bld4act)>
[PID: 1788][D:\Program Files\Rising\Rfw\rfwmain.exe] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 52>
[D:\Program Files\Rising\Rfw\RsGuiLib.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 23>
[D:\Program Files\Rising\Rfw\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[D:\Program Files\Rising\Rfw\PngDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[PID: 1864][D:\Program Files\Rising\Rav\RavTask.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 22>
[D:\Program Files\Rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[D:\Program Files\Rising\Rav\RSAPPMGR.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
[D:\Program Files\Rising\Rav\CfgDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
[D:\Program Files\Rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1>
[PID: 1924][D:\Program Files\Rising\Rav\Ravmon.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 1, 33>
[D:\Program Files\Rising\Rav\RsGuiLib.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 26>
[D:\Program Files\Rising\Rav\BWList.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
[D:\Program Files\Rising\Rav\RSAPPMGR.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
[D:\Program Files\Rising\Rav\CfgDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
[D:\Program Files\Rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[D:\Program Files\Rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1>
[D:\Program Files\Rising\Rav\PngDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[PID: 1952][C:\WINDOWS\system32\ctfmon.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 948][C:\WINDOWS\System32\alg.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 4036][C:\Program Files\Internet Explorer\iexplore.exe] <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[D:\Program Files\Thunder_V5.4.0.226_Cr_Rip_Cnfan.org\Thunder\ComDlls\XunLeiBHO_002.dll] <Thunder Networking Technologies,LTD><5, 0, 0, 2>
[C:\WINDOWS\system32\macromed\flash\Flash85.ocx] <Macromedia, Inc.><8,5,0,133>
[C:\WINDOWS\system32\WINABCX.IME] <PKUETI><5.22.216>
[D:\Program Files\Thunder_V5.4.0.226_Cr_Rip_Cnfan.org\Thunder\ComDlls\ThunderAgent_003.dll] <Thunder Networking Technologies,LTD><1, 0, 0, 10>
[C:\WINDOWS\system32\RavExt.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
[PID: 3552][C:\WINDOWS\system32\conime.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 4072][C:\Program Files\Internet Explorer\iexplore.exe] <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[D:\Program Files\Thunder_V5.4.0.226_Cr_Rip_Cnfan.org\Thunder\ComDlls\XunLeiBHO_002.dll] <Thunder Networking Technologies,LTD><5, 0, 0, 2>
[C:\WINDOWS\system32\WINABCX.IME] <PKUETI><5.22.216>
[PID: 3452][D:\Program Files\QQ\QQ.exe] <TENCENT><0, 0, 0, 0>
[D:\Program Files\QQ\CoralAssist.DLL] <Coral Team><4.5.0 build 20060515>
[D:\Program Files\QQ\CoralQQ.DLL] <Coral Team><4.5.1 Build 20060620>
[D:\Program Files\QQ\ipsearcher.dll] <N/A><1.0.0.4>
[D:\Program Files\QQ\QQBaseClassInDll.dll] <><1, 0, 0, 1>
[D:\Program Files\QQ\QQHelperDll.dll] <><1, 0, 0, 1>
[D:\Program Files\QQ\BasicCtrlDll.dll] <Tencent><5, 0, 200, 160>
[D:\Program Files\QQ\QQAPI.dll] <><1, 0, 0, 1>
[D:\Program Files\QQ\LoginCtrl.dll] <><1, 0, 0, 1>
[D:\Program Files\QQ\npkcntc.dll] <INCA Internet Co., Ltd.><2006, 3, 2, 1>
[D:\Program Files\QQ\npkpdb.dll] <INCA Internet Co., Ltd.><2003, 10, 1, 1>
[D:\Program Files\QQ\QQRes.dll] <tencent><1, 0, 0, 1>
[D:\Program Files\QQ\QQMainFrame.dll] <N/A><N/A>
[D:\Program Files\QQ\CQQApplication.dll] <N/A><N/A>
[D:\Program Files\QQ\NewSkin.dll] <><1, 0, 0, 1>
[D:\Program Files\QQ\HostingMgr.dll] <><1, 0, 0, 1>
[D:\Program Files\QQ\CameraDll.dll] <><1, 0, 0, 1>
[D:\Program Files\QQ\MailSummary.dll] <><1, 0, 0, 1>
[D:\Program Files\QQ\QQSpace.dll] <><1, 0, 0, 1>
[C:\WINDOWS\system32\msdmo.dll] <N/A><N/A>
[D:\Program Files\QQ\QQGroupMng.dll] <><1, 0, 0, 1>
[D:\Program Files\QQ\GroupLive.dll] <N/A><N/A>
[D:\Program Files\QQ\UserDefinedHead.dll] <><1, 0, 0, 1>
[D:\Program Files\QQ\QQPlugin.dll] <N/A><N/A>
[D:\Program Files\QQ\QQConfigPlugin.dll] <><1, 0, 0, 1>
[D:\Program Files\QQ\LongConnection.dll] <tencent><5, 0, 200, 160>
[D:\Program Files\QQ\QRingMng.dll] <N/A><N/A>
[D:\Program Files\QQ\PhoneAPI.dll] <><1, 0, 0, 1>
[D:\Program Files\QQ\DialerAllinOne.dll] <tencent><1, 4, 0, 0>
[D:\Program Files\QQ\QQAvatar.dll] <N/A><N/A>
[D:\Program Files\QQ\FlashAvatarDll.dll] <><1, 4, 0, 1>
[D:\Program Files\QQ\QQPet.dll] <><1, 0, 0, 1>
[D:\Program Files\QQ\QQSysMsgMng.dll] <N/A><N/A>
[D:\Program Files\QQ\QQAllInOne.dll] <N/A><N/A>
[D:\Program Files\QQ\SCCore.dll] <N/A><N/A>
[D:\Program Files\QQ\QQCustomFace.dll] <N/A><N/A>
[D:\Program Files\QQ\BQQApplication.dll] <N/A><N/A>
[C:\WINDOWS\system32\RavExt.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
[D:\Program Files\QQ\CommercesMng.dll] <><1, 0, 0, 1>
[D:\Program Files\QQ\PersonalDesktop.dll] <深圳市腾讯计算机系统公司QQ工作小组><1, 0, 0, 2>
[D:\Program Files\QQ\QQUdpGetFileLib.dll] <tencent><0, 2, 2, 3>
[D:\Program Files\QQ\QQAddr.dll] <深圳市腾讯计算机系统有限公司><5, 0, 101, 200>
[D:\Program Files\QQ\QQSceneMng.dll] <N/A><N/A>
[C:\WINDOWS\system32\macromed\flash\Flash85.ocx] <Macromedia, Inc.><8,5,0,133>
[C:\WINDOWS\system32\WINABCX.IME] <PKUETI><5.22.216>
[D:\Program Files\QQ\QQMagicFace.dll] <><1, 0, 0, 1>
[PID: 200][C:\Program Files\Internet Explorer\iexplore.exe] <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
[D:\Program Files\Thunder_V5.4.0.226_Cr_Rip_Cnfan.org\Thunder\ComDlls\XunLeiBHO_002.dll] <Thunder Networking Technologies,LTD><5, 0, 0, 2>
[C:\WINDOWS\system32\macromed\flash\Flash85.ocx] <Macromedia, Inc.><8,5,0,133>
[PID: 3232][D:\Program Files\Thunder_V5.4.0.226_Cr_Rip_Cnfan.org\Thunder\Program\Thunder5.exe] <Thunder Networking Technologies,LTD><5.4.0.226>
[D:\Program Files\Thunder_V5.4.0.226_Cr_Rip_Cnfan.org\Thunder\Program\UpdateDownload.dll] <N/A><N/A>
[D:\Program Files\Thunder_V5.4.0.226_Cr_Rip_Cnfan.org\Thunder\Program\msgmanage.dll] <N/A><N/A>
[D:\Program Files\Thunder_V5.4.0.226_Cr_Rip_Cnfan.org\Thunder\Program\historyinfo_manage.dll] <Thunder Networking Technologies,LTD><5, 2, 0, 148>
[D:\Program Files\Thunder_V5.4.0.226_Cr_Rip_Cnfan.org\Thunder\Program\download_interface.dll] <Thunder Networking Technologies,LTD><2, 0, 0, 1>
[D:\Program Files\Thunder_V5.4.0.226_Cr_Rip_Cnfan.org\Thunder\Program\stlport_vc646.dll] <STLport Consulting, Inc.><4.6.2003.1031>
[D:\Program Files\Thunder_V5.4.0.226_Cr_Rip_Cnfan.org\Thunder\Program\log4cplus.dll] <><1, 0, 2, 1>
[D:\Program Files\Thunder_V5.4.0.226_Cr_Rip_Cnfan.org\Thunder\Program\asyn_dns.dll] <N/A><N/A>
[D:\Program Files\Thunder_V5.4.0.226_Cr_Rip_Cnfan.org\Thunder\Program\RegisterDll.dll] <Thunder Networking Technologies,LTD><2, 1, 0, 18>
[D:\Program Files\Thunder_V5.4.0.226_Cr_Rip_Cnfan.org\Thunder\Program\FloatBar.dll] <Thunder Networking Technologies,LTD><1, 0, 0, 2>
[C:\WINDOWS\system32\RavExt.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
[D:\Program Files\Thunder_V5.4.0.226_Cr_Rip_Cnfan.org\Thunder\Program\iTargetAd.dll] <N/A><N/A>
[PID: 2052][D:\Program Files\SREng2\SREng.exe] <Smallfrogs Studio><2.0.21.505>

瑞星卡卡安全论坛