【求助】帮我看看日志，IE超慢阿 bbs.ikaka.com

mrzyf - 2006-5-21 10:11:00

大侠们，帮我看看日志，IE超慢阿，地址栏再打开每个网页前显示www.t355.com/...之类信息。

Logfile of HijackThis v1.99.1
Scan saved at 10:08:39, on 2006-5-21
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\Program Files\Rising\Rav\Ravmond.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\drivers\CDAC11BA.EXE
C:\WINNT\system32\svchost.exe
C:\WINNT\Intellution\iLicenseSvc.exe
C:\WINNT\system32\nvsvc32.exe
C:\program files\common files\Siemens\S7IEPG\s7oiehsx.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Rising\Rav\RavStub.exe
C:\WINNT\system32\sim9sync.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINNT\system32\spool\ugplot\ugiipqd.exe
D:\Program Files\EDS\License Servers\UGNXFLEXlm\lmgrd.exe
C:\WINNT\System32\ups.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
D:\Program Files\EDS\License Servers\UGNXFLEXlm\uglmd.exe
C:\WINNT\Explorer.EXE
c:\program files\rising\rfw\rfwsrv.exe
C:\Program Files\Rising\Rfw\RfwMain.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Rising\Rav\Ravmon.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\Tencent\RTX\rtxc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\zyf\桌面\ha_hijackthis_1991\HijackThis.exe

R3 - URLSearchHook: 全能助手广告拦截专家 - {ED51E9A3-16C5-4236-99E0-9F093B021433} - C:\PROGRA~1\TWEAKA~1\AssistIEBar.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: TeachingHandler - {31EBA2E2-58B2-4980-9C41-F12F5F1422C5} - C:\Program Files\Common Files\Collegesoft\Share Components\TPHANDLE.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - E:\Program Files\Tencent\QQ\QQIEHelper.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: BitCometBar - {3F1ABCDB-A875-46c1-8345-B72A4567E486} - C:\Program Files\BitComet\BitCometBar\BitCometBar0.2.dll
O3 - Toolbar: 全能助手广告拦截专家 - {ED51E9A3-16C5-4236-99E0-9F093B021433} - C:\PROGRA~1\TWEAKA~1\AssistIEBar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [IMSCMIG40W] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40W\IMSCMIG.EXE /SetPreload /Log
O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [DAEMON Tools-2052] "C:\Program Files\D-Tools\daemon.exe" -lang 2052
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - Startup: 腾讯QQ.lnk = E:\Program Files\Tencent\QQ\QQ.exe
O4 - Global Startup: 腾讯通.lnk = C:\Program Files\Tencent\RTX\rtxc.exe
O8 - Extra context menu item: 上传到QQ网络硬盘 - E:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 使用网际快车下载 - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ自定义面板 - E:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - E:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 添加到广告杀手 - C:\PROGRA~1\TWEAKA~1\AdKiller.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - E:\Program Files\Tencent\QQ\SendMMS.htm
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (CEditCtrl Object) - https://img.alipay.com/download/aliedit.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1135393499531
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{DB914258-B91C-4315-B584-FA11E1E311F7}: NameServer = 192.168.15.106,192.168.15.106
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINNT\system32\mshtml.dll
O18 - Protocol: cdl - {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - C:\WINNT\system32\urlmon.dll
O18 - Protocol: file - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINNT\system32\urlmon.dll
O18 - Protocol: ftp - {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B} - C:\WINNT\system32\urlmon.dll
O18 - Protocol: gopher - {79EAC9E4-BAF9-11CE-8C82-00AA004BA90B} - C:\WINNT\system32\urlmon.dll
O18 - Protocol: http - {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B} - C:\WINNT\system32\urlmon.dll
O18 - Protocol: https - {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} - C:\WINNT\system32\urlmon.dll
O18 - Protocol: ic32pp - {BBCA9F81-8F4F-11D2-90FF-0080C83D3571} - C:\WINNT\wc98pp.dll
O18 - Protocol: ipp - (no CLSID) - (no file)
O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINNT\system32\itss.dll
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINNT\system32\mshtml.dll
O18 - Protocol: local - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINNT\system32\urlmon.dll
O18 - Protocol: mailto - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINNT\system32\mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11D0-85E3-00C04FD85AB4} - C:\WINNT\system32\inetcomm.dll
O18 - Protocol: mk - {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B} - C:\WINNT\system32\urlmon.dll
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINNT\system32\itss.dll
O18 - Protocol: msdaipp - (no CLSID) - (no file)
O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINNT\system32\mshtml.dll
O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINNT\system32\mshtml.dll
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINNT\system32\mshtml.dll
O18 - Protocol: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINNT\system32\msdxm.ocx
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINNT\system32\drivers\CDAC11BA.EXE
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Fix - Unknown owner - D:\DYNAMICS\fixsrv.exe (file missing)
O23 - Service: Harmony - Unknown owner - D:\PROGRA~1\ROCKWE~1\RSCommon\RSOBSERV.EXE (file missing)
O23 - Service: HistorySvr - Unknown owner - d:\Program Files\Kingview\HistorySvr.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intellution Licensing Service (iLicenseSvc) - GE Fanuc International, Inc. - C:\WINNT\Intellution\iLicenseSvc.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - Service: Rising Proxy Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwproxy.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe
O23 - Service: RTX_HTTP - Unknown owner - C:\Program Files\RTXServer\apache\bin\apache.exe" -k runservice (file missing)
O23 - Service: SIMATIC IEPG Help Service (s7oiehsx) - SIEMENS AG - C:\program files\common files\Siemens\S7IEPG\s7oiehsx.exe
O23 - Service: SIMATIC NET Synchronization Service (Sim9Sync) - Siemens AG - C:\WINNT\system32\sim9sync.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Unigraphics Plot Server (ugiipqd) (ugiipqd) - Unigraphics Solutions, Inc - C:\WINNT\system32\spool\ugplot\ugiipqd.exe
O23 - Service: Unigraphics License Server (uglmd) - Macrovision Corporation - D:\Program Files\EDS\License Servers\UGNXFLEXlm\lmgrd.exe

我无邪 - 2006-5-21 13:41:00

O2 - BHO: TeachingHandler - {31EBA2E2-58B2-4980-9C41-F12F5F1422C5} - C:\Program Files\Common Files\Collegesoft\Share Components\TPHANDLE.dll（这项不知，如果你也不知道，建议修复）
开始→运行→输入services.msc，打开“服务”→查找 Unigraphics Plot Server→双击→启动类型→禁止→停止→应用→确定。禁止Unigraphics Plot Server这个服务
重启
关闭所有浏览窗口以及一些不必要的程序
运行Hijackthis，扫描结束后在下列选项前打上勾，然后选"修复""（如果有的话）
O2 - BHO: TeachingHandler - {31EBA2E2-58B2-4980-9C41-F12F5F1422C5} - C:\Program Files\Common Files\Collegesoft\Share Components\TPHANDLE.dll
O23 - Service: Unigraphics Plot Server (ugiipqd) (ugiipqd) - Unigraphics Solutions, Inc - C:\WINNT\system32\spool\ugplot\ugiipqd.exe
双击我的电脑--工具---文件夹选项--查看--单击选取"显示隐藏文件或文件夹"清除"隐藏受保护的操作系统文件（推荐）"复选框。在提示您确定更改时，单击“是”
删除 C:\WINNT\system32\spool\ugplot

C:\Program Files\Common Files\Collegesoft
如果还没有解决问题
请下载 System Repair Engineer，使用“智能扫描”，按下“扫描”按钮进行扫描，扫描完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告日志文件内容复制-粘贴上来
http://www.kztechs.com/sreng/sreng2.zip
http://forum.ikaka.com/topic.asp?board=67&artid=5188931
日志一次粘不完，分次粘完，不要修改。

mrzyf - 2006-5-21 18:24:00

楼上的大侠，下面02项为视频播放软件，03项为UG 打印服务程序，保证是应用程序，之前一直是正常的，今日在单位偶打开一垃圾视频网站，然后关闭就出现了这种状况，，打开网页超慢，而且许多网页都打不开，任务栏在打开每个网页前显示www.t355.com/...
O2 - BHO: TeachingHandler - {31EBA2E2-58B2-4980-9C41-F12F5F1422C5} - C:\Program Files\Common Files\Collegesoft\Share Components\TPHANDLE.dll
O23 - Service: Unigraphics Plot Server (ugiipqd) (ugiipqd) - Unigraphics Solutions, Inc - C:\WINNT\system32\spool\ugplot\ugiipqd.exe

我无邪 - 2006-5-21 19:45:00

原来如此，多谢指证。
日志看不出问题来
请下载 System Repair Engineer，使用“智能扫描”，按下“扫描”按钮进行扫描，扫描完成后按

下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告日志文件内容复制-粘贴上来
http://www.kztechs.com/sreng/sreng2.zip
http://forum.ikaka.com/topic.asp?board=67&artid=5188931
日志一次粘不完，分次粘完，不要修改。

mrzyf - 2006-5-21 20:32:00

多谢了，因是单位的电脑，只能明天上班在扫描上传了。
感谢你的热心帮助！

mrzyf - 2006-5-22 8:23:00

这是我的SRE扫描日志,有劳大侠看看了,谢谢!
2006-05-22,08:22:28

System Repair Engineer 2.0.12.350 (2.0 RC 1)
Windows 2000 Professional Service Pack 4 - 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><ctfmon.exe>
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<NvCplDaemon><RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<nwiz><nwiz.exe /install>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<NvMediaCenter><RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMSCMIG40W><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40W\IMSCMIG.EXE /SetPreload /Log>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<Synchronization Manager><mobsync.exe /logon>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<Userinit><C:\WINNT\system32\userinit.exe,>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><>

==================================
启动文件夹
[腾讯通]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\腾讯通.lnk><N>
[腾讯QQ]
<C:\Documents and Settings\zyf\「开始」菜单\程序\启动\腾讯QQ.lnk><N>

==================================
服务
[C-DillaCdaC11BA / C-DillaCdaC11BA]
<C:\WINNT\system32\drivers\CDAC11BA.EXE><Macrovision>
[Logical Disk Manager Administrative Service / dmadmin]
<C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[Fix / Fix]
<D:\DYNAMICS\fixsrv.exe><N/A>
[Harmony / Harmony]
<D:\PROGRA~1\ROCKWE~1\RSCommon\RSOBSERV.EXE><N/A>
[HistorySvr / HistorySvr]
<d:\Program Files\Kingview\HistorySvr.exe><N/A>
[InstallDriver Table Manager / IDriverT]
<C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe><Macrovision Corporation>
[Intellution Licensing Service / iLicenseSvc]
<C:\WINNT\Intellution\iLicenseSvc.exe><GE Fanuc International, Inc.>
[iPodService / iPodService]
<C:\Program Files\iPod\bin\iPodService.exe><Apple Computer, Inc.>
[NVIDIA Display Driver Service / NVSvc]
<C:\WINNT\system32\nvsvc32.exe><NVIDIA Corporation>
[Rising Proxy Service / RfwProxySrv]
<c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
<c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
<"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
<"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[RTX_HTTP / RTX_HTTP]
<"C:\Program Files\RTXServer\apache\bin\apache.exe" -k runservice><N/A>
[SIMATIC IEPG Help Service / s7oiehsx]
<C:\program files\common files\Siemens\S7IEPG\s7oiehsx.exe><SIEMENS AG>
[SIMATIC NET Synchronization Service / Sim9Sync]
<C:\WINNT\system32\sim9sync.exe><Siemens AG>
[SoundMAX Agent Service / SoundMAX Agent Service (default)]
<C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe><Analog Devices, Inc.>
[Unigraphics Plot Server (ugiipqd) / ugiipqd]
<C:\WINNT\system32\spool\ugplot\ugiipqd.exe><Unigraphics Solutions, Inc>
[Unigraphics License Server (uglmd) / Unigraphics License Server (uglmd)]
<D:\Program Files\EDS\License Servers\UGNXFLEXlm\lmgrd.exe><Macrovision Corporation>

==================================
浏览器加载项
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <D:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[IEHandle Class]
{31EBA2E2-58B2-4980-9C41-F12F5F1422C5} <C:\Program Files\Common Files\Collegesoft\Share Components\TPHANDLE.dll, 江苏科建教育软件有限责任公司>
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <E:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[IeCatch2 Class]
{A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FlashGet\jccatch.dll, Amaze Soft>
[AcroIEToolbarHelper Class]
{AE7CD045-E861-484f-8273-0445EE161910} <D:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll, N/A>
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <E:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[FlashGet]
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <C:\PROGRA~1\FlashGet\flashget.exe, Amaze Soft>
[Adobe PDF]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} <D:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll, N/A>
[FlashGet Bar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FlashGet\fgiebar.dll, Amaze Soft>
[BitCometBar]
{3F1ABCDB-A875-46c1-8345-B72A4567E486} <C:\Program Files\BitComet\BitCometBar\BitCometBar0.2.dll, N/A>
[全能助手广告拦截专家]
{ED51E9A3-16C5-4236-99E0-9F093B021433} <C:\Program Files\TweakAssist\AssistIEBar.dll, 全能助手工作室>
[QuickTime Object]
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} <C:\Program Files\QuickTime\QTPlugin.ocx, Apple Computer, Inc.>
[CEditCtrl Object]
{488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINNT\system32\aliedit\AliEdit.dll, www.alipay.com>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINNT\system32\wuweb.dll, Microsoft Corporation>
[Java Plug-in 1.4.2]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll, JavaSoft / Sun Microsystems, Inc.>
[MsnMessengerSetupDownloadControl Class]
{B38870E4-7ECB-40DA-8C6A-595F0A5519FF} <C:\WINNT\Downloaded Program Files\MsnMessengerSetupDownloader.ocx, Microsoft Corporation>
[Java Plug-in 1.4.2]
{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} <C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll, JavaSoft / Sun Microsystems, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINNT\system32\Macromed\Flash\Flash8.ocx, Macromedia, Inc.>
[上传到QQ网络硬盘]
<E:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[使用网际快车下载]
<C:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
<C:\Program Files\FlashGet\jc_all.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
<res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
<E:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
<E:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[添加到广告杀手]
<C:\Program Files\TweakAssist\AdKiller.htm, N/A>
[用QQ彩信发送该图片]
<E:\Program Files\Tencent\QQ\SendMMS.htm, N/A>

==================================
正在运行的进程
[PID: 196][\SystemRoot\System32\smss.exe] <Microsoft Corporation><5.00.2195.6601>
[PID: 220][\??\C:\WINNT\system32\csrss.exe] <Microsoft Corporation><5.00.2195.6601>
[PID: 240][\??\C:\WINNT\system32\winlogon.exe] <Microsoft Corporation><5.00.2195.6898>
[C:\WINNT\system32\SYNCOR11.DLL] <SoundMAX><1.2.3>
[PID: 268][C:\WINNT\system32\services.exe] <Microsoft Corporation><5.00.2195.6700>
[C:\WINNT\system32\dmserver.dll] <VERITAS Software Corp.><2195.6605.297.3>
[PID: 280][C:\WINNT\system32\lsass.exe] <Microsoft Corporation><5.00.2195.6902>
[PID: 456][c:\program files\rising\rfw\rfwsrv.exe] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 32>

mrzyf - 2006-5-22 8:27:00

[PID: 468][C:\WINNT\system32\svchost.exe] <Microsoft Corporation><5.00.2134.1>
[PID: 496][C:\Program Files\Rising\Rav\CCenter.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
[PID: 520][C:\Program Files\Rising\Rav\Ravmond.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 1, 6>
[C:\Program Files\Rising\Rav\BWList.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 16>
[C:\Program Files\Rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1>
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
[C:\Program Files\Rising\Rav\CfgDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[C:\Program Files\Rising\Rav\RsLog.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 18>
[C:\Program Files\Rising\Rav\HOOKSYS.dll] <Rising><18, 1, 0, 9>
[C:\Program Files\Rising\Rav\Scanner.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 28>
[C:\Program Files\Rising\Rav\libload.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
[C:\Program Files\Rising\Rav\VirusLib.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
[C:\Program Files\Rising\Rav\regmon.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
[C:\Program Files\Rising\Rav\HookWeb.dll] <rising><18, 0, 0, 1>
[C:\Program Files\Rising\Rav\MemMon.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 8>
[C:\Program Files\Rising\Rav\expscan.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[C:\Program Files\Rising\Rav\mPorts.dll] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 3>
[C:\Program Files\Rising\Rav\MailMon.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[C:\Program Files\Rising\Rav\SpamEng.dll] <N/A><18, 0, 0, 4>
[C:\Program Files\Rising\Rav\engine.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 26>
[C:\Program Files\Rising\Rav\UnExe.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
[C:\Program Files\Rising\Rav\PostTrt.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 9>
[C:\Program Files\Rising\Rav\ScanExec.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
[C:\Program Files\Rising\Rav\ScanEx.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
[C:\Program Files\Rising\Rav\NvFile.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
[C:\Program Files\Rising\Rav\ScanMac.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
[C:\Program Files\Rising\Rav\ScanSct.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 13>
[C:\Program Files\Rising\Rav\Unpacker.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
[C:\Program Files\Rising\Rav\ExtOLE.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[C:\Program Files\Rising\Rav\ScanNet.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[PID: 604][C:\WINNT\system32\spoolsv.exe] <Microsoft Corporation><5.00.2195.7059>
[C:\WINNT\system32\AdobePDF.dll] <Adobe Systems Incorporated.><6.0.000>
[D:\Program Files\Adobe\Acrobat 6.0\Distillr\adistres.dll] <Adobe Systems Incorporated.><6.0.0.2003051500>
[C:\WINNT\system32\spool\PRTPROCS\W32X86\vprproc.dll] <Windows (R) 2000 DDK provider><5.00.2195.1620>
[PID: 652][C:\WINNT\system32\drivers\CDAC11BA.EXE] <Macrovision><4.20.020>
[PID: 676][C:\WINNT\system32\svchost.exe] <Microsoft Corporation><5.00.2134.1>
[PID: 708][C:\WINNT\Intellution\iLicenseSvc.exe] <GE Fanuc International, Inc.><4.0.5800.0>
[PID: 744][C:\WINNT\system32\nvsvc32.exe] <NVIDIA Corporation><6.14.10.5664>
[PID: 800][C:\program files\common files\Siemens\S7IEPG\s7oiehsx.exe] <SIEMENS AG><V06.02.00.00_01.07.00.01 release>
[PID: 876][C:\Program Files\Rising\Rav\RavStub.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 12>
[C:\Program Files\Rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1>
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[PID: 956][C:\WINNT\system32\MSTask.exe] <Microsoft Corporation><4.71.2195.6704>
[PID: 1032][C:\WINNT\system32\sim9sync.exe] <Siemens AG><V 6.505.1019.3013>
[PID: 1068][C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe] <Analog Devices, Inc.><3, 2, 6, 0>
[PID: 1084][C:\WINNT\system32\spool\ugplot\ugiipqd.exe] <Unigraphics Solutions, Inc><2.0.0.21>
[C:\WINNT\system32\spool\ugplot\libplotq.dll] <Unigraphics Solutions, Inc><2.0.0.21>
[C:\WINNT\system32\spool\ugplot\libsyss.dll] <Unigraphics Solutions, Inc><2.0.0.21>
[PID: 1100][D:\Program Files\EDS\License Servers\UGNXFLEXlm\lmgrd.exe] <Macrovision Corporation><8, 3, 2, 0>
[PID: 1120][C:\WINNT\System32\ups.exe] <Microsoft Corporation><5.00.2158.1>
[PID: 1132][C:\WINNT\System32\WBEM\WinMgmt.exe] <Microsoft Corporation><1.50.1085.0100>
[PID: 1148][C:\WINNT\system32\svchost.exe] <Microsoft Corporation><5.00.2134.1>
[PID: 1208][D:\Program Files\EDS\License Servers\UGNXFLEXlm\uglmd.exe] <N/A><N/A>
[PID: 1316][C:\WINNT\Explorer.EXE] <Microsoft Corporation><5.00.3700.6690>
[C:\WINNT\system32\AcSignIcon.dll] <Autodesk><16.0.0.86>
[C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll] <Autodesk><16.0.0.86>
[C:\WINNT\system32\SYNCOR11.DLL] <SoundMAX><1.2.3>
[C:\Program Files\Tencent\RTX\RTXOLAss.dll] <ìú??????óD?T1???><1, 0, 0, 1>
[C:\Program Files\Tencent\RTX\BQQHook.dll] <N/A><N/A>
[C:\WINNT\system32\RavExt.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 13>
[C:\Program Files\TweakAssist\AssistIEBar.dll] <全能助手工作室><6, 0, 5, 1>
[C:\WINNT\system32\Macromed\Flash\Flash8.ocx] <Macromedia, Inc.><8,0,22,0>
[D:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll] <Adobe Systems Incorporated><6.0.0.2003051500>
[C:\PROGRA~1\FlashGet\jccatch.dll] <Amaze Soft><1, 1, 4, 0>
[C:\Program Files\WinRAR\rarext.dll] <N/A><N/A>
[C:\Program Files\Tencent\RTX\RTXShl.dll] <Tencent><1, 0, 0, 1>
[C:\Program Files\TweakAssist\AssistQRunShell.dll] <全能助手工作室><3, 0, 0, 3>
[D:\Program Files\Adobe\Acrobat 6.0\Acrobat Elements\ContextMenu.dll] <Adobe Systems Inc.><1.0.0.2003051500>
[c:\winnt\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_7f0fbf5d\mscorlib.dll] <N/A><N/A>
[c:\program files\siemens\s7-200 explorer\bin\s7200explorernamespace.dll] <Siemens><1.0.3.8>
[c:\program files\siemens\s7-200 explorer\bin\windowsshell.dll] < ><1.0.0.0>
[c:\winnt\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_e2f1d1a1\system.windows.forms.dll] <N/A><N/A>
[C:\WINNT\system32\nvshell.dll] <NVIDIA Corporation><6.14.10.5664>
[C:\WINNT\system32\NVWRSZHC.DLL] <NVIDIA Corporation><6.14.10.5664>
[C:\Program Files\Common Files\Adobe\Shell\PSICON.DLL] <Adobe Systems, Incorporated><7.0>
[PID: 1364][c:\program files\rising\rfw\RfwMain.exe] <Beijing Rising Technology Co., Ltd.><4, 0, 0, 51>
[c:\program files\rising\rfw\RsGuiLib.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 23>
[C:\WINNT\system32\SYNCOR11.DLL] <SoundMAX><1.2.3>
[c:\program files\rising\rfw\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[c:\program files\rising\rfw\PngDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[C:\Program Files\Tencent\RTX\BQQHook.dll] <N/A><N/A>
[C:\Program Files\Tencent\RTX\RTXOLAss.dll] <ìú??????óD?T1???><1, 0, 0, 1>
[PID: 1512][C:\Program Files\Rising\Rav\RavTask.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 22>
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
[C:\Program Files\Rising\Rav\CfgDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
[C:\Program Files\Rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1>
[PID: 1524][C:\Program Files\Rising\Rav\Ravmon.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 99>
[C:\Program Files\Rising\Rav\RsGuiLib.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 22>
[C:\Program Files\Rising\Rav\BWList.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 16>
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
[C:\Program Files\Rising\Rav\CfgDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[C:\Program Files\Rising\Rav\RsCommX.dll] <rising><18, 0, 0, 1>
[C:\Program Files\Rising\Rav\PngDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[C:\Program Files\Tencent\RTX\BQQHook.dll] <N/A><N/A>
[C:\Program Files\Tencent\RTX\RTXOLAss.dll] <ìú??????óD?T1???><1, 0, 0, 1>

mrzyf - 2006-5-22 8:29:00

[PID: 1536][C:\WINNT\system32\ctfmon.exe] <Microsoft Corporation><1.00.2409.34 built by: Lab06_N>
[PID: 1540][C:\Program Files\Tencent\RTX\rtxc.exe] <Tencent><3,4,0,32>
[C:\Program Files\Tencent\RTX\RTXDbug.dll] <N/A><N/A>
[C:\Program Files\Tencent\RTX\Utility.dll] <Tencent><3,4,0,32>
[C:\Program Files\Tencent\RTX\UILib.dll] <Tencent><3,4,0,32>
[C:\Program Files\Tencent\RTX\Crypt.dll] <N/A><N/A>
[C:\Program Files\Tencent\RTX\BqqZip.dll] <N/A><N/A>
[C:\WINNT\system32\SYNCOR11.DLL] <SoundMAX><1.2.3>
[C:\Program Files\Tencent\RTX\QQRes.dll] <N/A><N/A>
[C:\Program Files\Tencent\RTX\Core.dll] <Tencent><3,4,0,32>
[C:\Program Files\Tencent\RTX\MPBase.dll] <Tencent><3,4,0,32>
[C:\Program Files\Tencent\RTX\RTXProxy.dll] <Tencent><3,4,0,32>
[C:\Program Files\Tencent\RTX\ProxySock.dll] <Tencent><3,4,0,32>
[C:\Program Files\Tencent\RTX\Psr.dll] <Tencent><3,4,0,32>
[C:\Program Files\Tencent\RTX\MsgRec.dll] <N/A><N/A>
[C:\Program Files\Tencent\RTX\MsgDb.dll] <N/A><N/A>
[C:\Program Files\Tencent\RTX\libdb42.dll] <Sleepycat Software><4.2.52>
[C:\Program Files\Tencent\RTX\BQQApi.dll] <Tencent><3,4,0,32>
[C:\Program Files\Tencent\RTX\Store.dll] <Tencent><3,4,0,32>
[C:\Program Files\Tencent\RTX\ClientAPI.dll] <Tencent><3,4,0,32>
[C:\Program Files\Tencent\RTX\RtxP2pMgr.dll] <Tencent><3,4,0,31>
[C:\Program Files\Tencent\RTX\P2pMgr.dll] <Tencent><3,4,0,32>
[C:\Program Files\Tencent\RTX\QQSkin.dll] <Tencent><3,4,0,32>
[C:\Program Files\Tencent\RTX\NewSkin.dll] <Tencent><3,4,0,32>
[C:\Program Files\Tencent\RTX\RTXOLAss.dll] <ìú??????óD?T1???><1, 0, 0, 1>
[C:\Program Files\Tencent\RTX\BQQHook.dll] <N/A><N/A>
[C:\Program Files\Tencent\RTX\DeptHideSet.dll] <Tencent><3,4,0,32>
[C:\Program Files\Tencent\RTX\RTCBuddy.dll] <Tencent><3,4,0,32>
[C:\Program Files\Tencent\RTX\MiniRTXPrj.dll] <Tencent><3,4,0,32>
[C:\Program Files\Tencent\RTX\RTXInfoComm.dll] <Tencent><3,4,0,32>
[C:\WINNT\system32\AcSignIcon.dll] <Autodesk><16.0.0.86>
[C:\Program Files\Tencent\RTX\IMMessenger.dll] <Tencent><3,4,0,32>
[C:\Program Files\Tencent\RTX\RecentRecord.dll] <Tencent><3,4,0,32>
[PID: 1580][E:\Program Files\Tencent\QQ\QQ.exe] <TENCENT><0, 0, 0, 0>
[E:\Program Files\Tencent\QQ\QQBaseClassInDll.dll] <><1, 0, 0, 1>
[E:\Program Files\Tencent\QQ\QQHelperDll.dll] <><1, 0, 0, 1>
[E:\Program Files\Tencent\QQ\BasicCtrlDll.dll] <Tencent><5, 0, 200, 14>
[C:\WINNT\system32\SYNCOR11.DLL] <SoundMAX><1.2.3>
[E:\Program Files\Tencent\QQ\QQAPI.dll] <><1, 0, 0, 1>
[E:\Program Files\Tencent\QQ\TIMProxy.dll] <tencent><0, 3, 2, 4>
[E:\Program Files\Tencent\QQ\LoginCtrl.dll] <><1, 0, 0, 1>
[E:\Program Files\Tencent\QQ\npkcntc.dll] <INCA Internet Co., Ltd.><2005, 9, 1, 1>
[E:\Program Files\Tencent\QQ\npkpdb.dll] <INCA Internet Co., Ltd.><2003, 10, 1, 1>
[C:\Program Files\Tencent\RTX\BQQHook.dll] <N/A><N/A>
[C:\Program Files\Tencent\RTX\RTXOLAss.dll] <ìú??????óD?T1???><1, 0, 0, 1>
[E:\Program Files\Tencent\QQ\QQRes.dll] <tencent><1, 0, 0, 1>
[E:\Program Files\Tencent\QQ\QQMainFrame.dll] <N/A><N/A>
[E:\Program Files\Tencent\QQ\CQQApplication.dll] <N/A><N/A>
[E:\Program Files\Tencent\QQ\NewSkin.dll] <><1, 0, 0, 1>
[E:\Program Files\Tencent\QQ\HostingMgr.dll] <><1, 0, 0, 1>
[E:\Program Files\Tencent\QQ\CameraDll.dll] <><1, 0, 0, 1>
[E:\Program Files\Tencent\QQ\MailSummary.dll] <><1, 0, 0, 1>
[E:\Program Files\Tencent\QQ\QQSpace.dll] <><1, 0, 0, 1>
[E:\Program Files\Tencent\QQ\QQConfigPlugin.dll] <><1, 0, 0, 1>
[E:\Program Files\Tencent\QQ\PhoneAPI.dll] <><1, 0, 0, 1>
[E:\Program Files\Tencent\QQ\DialerAllinOne.dll] <tencent><1, 4, 0, 0>
[E:\Program Files\Tencent\QQ\QQAvatar.dll] <N/A><N/A>
[E:\Program Files\Tencent\QQ\FlashAvatarDll.dll] <><1, 4, 0, 1>
[E:\Program Files\Tencent\QQ\BQQApplication.dll] <N/A><N/A>
[E:\Program Files\Tencent\QQ\QQPlugin.dll] <N/A><N/A>
[C:\WINNT\system32\RavExt.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 13>
[C:\WINNT\system32\AcSignIcon.dll] <Autodesk><16.0.0.86>
[E:\Program Files\Tencent\QQ\CommercesMng.dll] <><1, 0, 0, 1>
[E:\Program Files\Tencent\QQ\PersonalDesktop.dll] <深圳市腾讯计算机系统公司QQ工作小组><1, 0, 0, 2>
[E:\Program Files\Tencent\QQ\QQAddr.dll] <深圳市腾讯计算机系统有限公司><5, 0, 101, 141>
[E:\Program Files\Tencent\QQ\QQSceneMng.dll] <N/A><N/A>
[E:\Program Files\Tencent\QQ\QQPhoneHelper.dll] <腾讯科技（深圳）有限公司><2, 0, 3, 30>
[C:\WINNT\system32\msdmo.dll] <N/A><N/A>
[E:\Program Files\Tencent\QQ\QQAllInOne.dll] <N/A><N/A>
[E:\Program Files\Tencent\QQ\SCCore.dll] <N/A><N/A>
[E:\Program Files\Tencent\QQ\QRingMng.dll] <N/A><N/A>
[E:\Program Files\Tencent\QQ\QQGroupMng.dll] <><1, 0, 0, 1>
[E:\Program Files\Tencent\QQ\UserDefinedHead.dll] <><1, 0, 0, 1>
[E:\Program Files\Tencent\QQ\QQSysMsgMng.dll] <N/A><N/A>
[E:\Program Files\Tencent\QQ\QQPet.dll] <><1, 0, 0, 1>
[E:\Program Files\Tencent\QQ\LongConnection.dll] <tencent><0, 3, 3, 8>
[E:\Program Files\Tencent\QQ\QQCustomFace.dll] <N/A><N/A>
[C:\WINNT\system32\Macromed\Flash\Flash8.ocx] <Macromedia, Inc.><8,0,22,0>

mrzyf - 2006-5-22 8:30:00

[E:\Program Files\Tencent\QQ\GroupConnection.dll] <Tencent><0, 3, 3, 5>
[E:\Program Files\Tencent\QQ\ImageOle.dll] <TODO: <Company name>><1.0.0.1>
[E:\Program Files\Tencent\QQ\QQZip.dll] <tencent><0, 3, 2, 4>
[PID: 1636][E:\Program Files\Tencent\QQ\TIMPlatform.exe] <tencent><0, 3, 1, 8>
[E:\Program Files\Tencent\QQ\TIMProxy.dll] <tencent><0, 3, 2, 4>
[PID: 1504][C:\Program Files\Internet Explorer\IEXPLORE.EXE] <Microsoft Corporation><6.00.2800.1106>
[C:\WINNT\system32\AcSignIcon.dll] <Autodesk><16.0.0.86>
[C:\Program Files\TweakAssist\AssistIEBar.dll] <全能助手工作室><6, 0, 5, 1>
[C:\WINNT\system32\Macromed\Flash\Flash8.ocx] <Macromedia, Inc.><8,0,22,0>
[C:\WINNT\system32\SYNCOR11.DLL] <SoundMAX><1.2.3>
[D:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll] <Adobe Systems Incorporated><6.0.0.2003051500>
[C:\Program Files\Common Files\Collegesoft\Share Components\TPHANDLE.dll] <江苏科建教育软件有限责任公司><5, 1, 8, 1>
[E:\Program Files\Tencent\QQ\QQIEHelper.dll] <深圳市腾讯计算机系统有限公司><1, 1, 0, 5>
[C:\PROGRA~1\FlashGet\jccatch.dll] <Amaze Soft><1, 1, 4, 0>
[D:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll] <N/A><N/A>
[C:\Program Files\Tencent\RTX\BQQHook.dll] <N/A><N/A>
[C:\Program Files\Tencent\RTX\RTXOLAss.dll] <ìú??????óD?T1???><1, 0, 0, 1>
[PID: 1336][C:\WINNT\system32\conime.exe] <Microsoft Corporation><5.00.2195.6655>
[PID: 328][C:\DOCUME~1\zyf\LOCALS~1\Temp\ptc12_tmp.exe] <PTC><24, 0, 2002, 490>
[C:\Program Files\Tencent\RTX\BQQHook.dll] <N/A><N/A>
[C:\Program Files\Tencent\RTX\RTXOLAss.dll] <ìú??????óD?T1???><1, 0, 0, 1>
[C:\WINNT\system32\AcSignIcon.dll] <Autodesk><16.0.0.86>
[C:\WINNT\system32\SYNCOR11.DLL] <SoundMAX><1.2.3>
[PID: 1224][d:\Program Files\flexnet\i486_nt\obj\lmgrd.exe] <Macrovision Corporation><10, 8, 0, 3>
[PID: 1776][d:\Program Files\flexnet\i486_nt\obj\lmgrd.exe] <Macrovision Corporation><10, 8, 0, 3>
[PID: 1872][d:\Program Files\flexnet\i486_nt\obj\ptc_d.exe] <N/A><N/A>
[PID: 340][C:\Program Files\Internet Explorer\IEXPLORE.EXE] <Microsoft Corporation><6.00.2800.1106>
[C:\WINNT\system32\AcSignIcon.dll] <Autodesk><16.0.0.86>
[C:\Program Files\TweakAssist\AssistIEBar.dll] <全能助手工作室><6, 0, 5, 1>
[C:\WINNT\system32\Macromed\Flash\Flash8.ocx] <Macromedia, Inc.><8,0,22,0>
[C:\WINNT\system32\SYNCOR11.DLL] <SoundMAX><1.2.3>
[D:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll] <Adobe Systems Incorporated><6.0.0.2003051500>
[C:\Program Files\Common Files\Collegesoft\Share Components\TPHANDLE.dll] <江苏科建教育软件有限责任公司><5, 1, 8, 1>
[E:\Program Files\Tencent\QQ\QQIEHelper.dll] <深圳市腾讯计算机系统有限公司><1, 1, 0, 5>
[C:\PROGRA~1\FlashGet\jccatch.dll] <Amaze Soft><1, 1, 4, 0>
[D:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll] <N/A><N/A>
[C:\Program Files\Tencent\RTX\BQQHook.dll] <N/A><N/A>
[C:\Program Files\Tencent\RTX\RTXOLAss.dll] <ìú??????óD?T1???><1, 0, 0, 1>
[PID: 1340][C:\Program Files\FlashGet\flashget.exe] <Amaze Soft><1, 7, 1, 0>
[C:\WINNT\system32\SYNCOR11.DLL] <SoundMAX><1.2.3>
[C:\WINNT\system32\AcSignIcon.dll] <Autodesk><16.0.0.86>
[C:\Program Files\Tencent\RTX\BQQHook.dll] <N/A><N/A>
[C:\Program Files\Tencent\RTX\RTXOLAss.dll] <ìú??????óD?T1???><1, 0, 0, 1>
[PID: 1856][C:\program files\rising\rav\RsAgent.exe] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 12>
[C:\Program Files\Tencent\RTX\BQQHook.dll] <N/A><N/A>
[C:\Program Files\Tencent\RTX\RTXOLAss.dll] <ìú??????óD?T1???><1, 0, 0, 1>
[PID: 556][C:\WINNT\msagent\AgentSvr.exe] <Microsoft Corporation><2.00.0.3422>
[C:\WINNT\system32\SYNCOR11.DLL] <SoundMAX><1.2.3>
[C:\Program Files\Tencent\RTX\BQQHook.dll] <N/A><N/A>
[C:\Program Files\Tencent\RTX\RTXOLAss.dll] <ìú??????óD?T1???><1, 0, 0, 1>
[PID: 1320][C:\Downloads\sreng2\SREng.exe] <Smallfrogs Studio><2.0.12.350>
[C:\Program Files\Tencent\RTX\BQQHook.dll] <N/A><N/A>
[C:\Program Files\Tencent\RTX\RTXOLAss.dll] <ìú??????óD?T1???><1, 0, 0, 1>

==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINNT\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS Error. [C:\WINNT\system32\WScript.exe "%1" %*]
.JS Error. [C:\WINNT\system32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================

瑞星卡卡安全论坛