[C:\Program Files\ThinkPad\ConnectUtilities\Res\SC\TrayRes.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.13 08Nov04]
    [C:\Program Files\ThinkPad\ConnectUtilities\ANCA.dll]  [IBM Corp., 8.3]
    [C:\Program Files\ThinkPad\ConnectUtilities\ANC.dll]  [IBM Corp., 8.3]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 5, 1023]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll]  [Yahoo! China, 3, 1, 9, 1025]
[PID: 3352][C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE]  [IBM Corp., 3, 7, 1, 0]
    [C:\Program Files\ThinkPad\ConnectUtilities\QCON.dll]  [IBM Corp., 3, 7, 1, 0]
    [C:\Program Files\ThinkPad\ConnectUtilities\MerlinC201.dll]  [Novatel Wireless Inc., 1, 0, 0, 1]
    [C:\Program Files\ThinkPad\ConnectUtilities\Res\SC\IconRes.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.13 08Nov04]
[PID: 3360][C:\WINDOWS\system32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL]  [IBM Corp., 1, 0, 0, 0]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.13 08Nov04]
    [C:\PROGRA~1\ThinkPad\UTILIT~1\US\PWRMGRRT.DLL]  [N/A, N/A]
    [C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRIF.DLL]  [N/A, N/A]
    [C:\WINDOWS\system32\Sensor.dll]  [IBM Corporation, 1.30.1.0]
    [C:\WINDOWS\system32\OEMDSPIF.DLL]  [ATI Technologies, Inc., 6.14.0012]
[PID: 3976][C:\Program Files\DAEMON Tools\daemon.exe]  [DT Soft Ltd., 4.03.0.0]
    [C:\Program Files\DAEMON Tools\daemon.dll]  [DT Soft Ltd., 4.03.0.0]
    [C:\Program Files\DAEMON Tools\PFCTOC.DLL]  [Padus(R), Inc., 1, 0, 0, 12]
    [C:\Program Files\DAEMON Tools\Plugins\Images\bw5mount.dll]  [N/A, 1.0.6.0]
    [C:\Program Files\DAEMON Tools\Plugins\Images\ccdmount.dll]  [GENERIC, 1.10.0.0]
    [C:\Program Files\DAEMON Tools\Plugins\Images\mdsmount.dll]  [GENERIC, 1.12.0.0]
    [C:\Program Files\DAEMON Tools\Plugins\Images\nrgmount.dll]  [GENERIC, 1.11.0.0]
    [C:\Program Files\DAEMON Tools\Plugins\Images\pdimount.dll]  [GENERIC, 1.01.0.0]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.13 08Nov04]
[PID: 2172][C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe]  [Adobe Systems Inc., 6.0.1.2004121400]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.13 08Nov04]
[PID: 3928][C:\Program Files\Common Files\Symantec Shared\ccApp.exe]  [Symantec Corporation, 104.0.8.3]
    [C:\Program Files\Common Files\Symantec Shared\ccL40.dll]  [Symantec Corporation, 104.0.8.3]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.13 08Nov04]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 104.0.8.3]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL]  [Symantec Corporation, 104.0.8.3]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL]  [Symantec Corporation, 104.0.8.3]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\rcEmlPxy.dll]  [Symantec Corporation, 104.0.8.3]
    [C:\Program Files\Common Files\Symantec Shared\ccSet.dll]  [Symantec Corporation, 104.0.8.3]
    [C:\WINDOWS\system32\SYMREDIR.DLL]  [Symantec Corporation, 6.0.2.211]
    [C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll]  [Symantec Corporation, 104.0.8.3]
    [C:\Program Files\Common Files\Symantec Shared\ccProSub.dll]  [Symantec Corporation, 104.0.8.3]
    [C:\Program Files\Symantec AntiVirus\SavEmail.dll]  [Symantec Corporation, 10.1.4.4000]
[PID: 2340][C:\PROGRA~1\SYMANT~1\VPTray.exe]  [Symantec Corporation, 10.1.4.4000]
    [C:\Program Files\Common Files\Symantec Shared\ccL40.dll]  [Symantec Corporation, 104.0.8.3]
    [C:\Program Files\Symantec AntiVirus\SAVRT32.DLL]  [Symantec Corporation, 9.7.1.4]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.13 08Nov04]
    [C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll]  [Symantec Corporation, 104.0.8.3]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 104.0.8.3]
    [C:\Program Files\Common Files\Symantec Shared\ccProSub.dll]  [Symantec Corporation, 104.0.8.3]
    [C:\Program Files\Common Files\Symantec Shared\ccAlert.dll]  [Symantec Corporation, 104.0.8.3]
    [C:\Program Files\Symantec AntiVirus\Cliproxy.dll]  [Symantec Corporation, 10.1.4.4000]
    [C:\Program Files\Symantec AntiVirus\NAVNTUTL.DLL]  [Symantec Corporation, 10.1.4.4000]
    [C:\Program Files\Common Files\Symantec Shared\ccSet.dll]  [Symantec Corporation, 104.0.8.3]
    [c:\program files\common files\symantec shared\ssc\ScsComms.dll]  [Symantec Corporation, 10.1.4.4000]
    [C:\WINDOWS\system32\nts.dll]  [LANDesk Software Ltd., 6.12.0.142 E]
    [C:\WINDOWS\system32\cba.dll]  [LANDesk Software Ltd., 6.12.0.142 E]
    [C:\WINDOWS\system32\MsgSys.dll]  [LANDesk Software Ltd., 6.12.0.142 E]
    [C:\WINDOWS\system32\PDS.DLL]  [LANDesk Software Ltd., 6.12.0.142 E]
[PID: 712][C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe]  [Yahoo! China, 3, 1, 9, 1025]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll]  [Yahoo! China, 3, 1, 9, 1025]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 5, 1023]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.13 08Nov04]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\YAlive.dll]  [yahoo! china, 3, 6, 0, 1112]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll]  [Yahoo! China, 3, 0, 2, 1011]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\ynotifier.dll]  [yahoo! china, 3, 0, 2, 1002]
[PID: 2408][C:\Program Files\Messenger\msmsgs.exe]  [Microsoft Corporation, 4.7.3001]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.13 08Nov04]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll]  [Yahoo! China, 3, 1, 9, 1025]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 5, 1023]
[PID: 2416][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.13 08Nov04]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 5, 1023]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll]  [Yahoo! China, 3, 1, 9, 1025]
[PID: 1140][C:\WINDOWS\system32\taskmgr.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 5, 1023]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll]  [Yahoo! China, 3, 1, 9, 1025]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.13 08Nov04]
    [C:\Documents and Settings\zzm\Application Data\Microsoft\Word\STARTUP\EN9CWYW.WordXP.wll]  [Thomson ResearchSoft, 9.0.0 (Bld 1425)]
[PID: 3888][C:\Documents and Settings\zzm\Desktop\TUNet_Version_2_03_00.exe]  [, 2.03.00]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 5, 1023]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll]  [Yahoo! China, 3, 1, 9, 1025]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.13 08Nov04]
[PID: 3764][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3452][C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE]  [Microsoft Corporation, 11.0.5604]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 5, 1023]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll]  [Yahoo! China, 3, 1, 9, 1025]

[C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.13 08Nov04]
    [C:\Program Files\Adobe\Acrobat 7.0\PDFMaker\Office\PDFMOfficeAddin.dll]  [Adobe Systems Incorporated, 7, 0, 0, 0]
    [C:\Program Files\Microsoft Office\OFFICE11\STARTUP\MathPage.wll]  [N/A, N/A]
    [C:\Documents and Settings\zzm\Application Data\Microsoft\Word\STARTUP\EN9CWYW.WordXP.wll]  [Thomson ResearchSoft, 9.0.0 (Bld 1425)]
    [C:\Program Files\Adobe\Acrobat 7.0\Distillr\adist32.dll]  [Adobe Systems Incorporated., 7.0.0.0]
    [C:\WINDOWS\system32\SOGOUPY.IME]  [Sohu.com Inc., 1, 0, 2, 2]
[PID: 348][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 5, 1023]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll]  [Yahoo! China, 3, 1, 9, 1025]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.13 08Nov04]
[PID: 2360][C:\WINDOWS\Explorer.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 5, 1023]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll]  [Yahoo! China, 3, 1, 9, 1025]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.13 08Nov04]
    [C:\Documents and Settings\zzm\Application Data\Microsoft\Word\STARTUP\EN9CWYW.WordXP.wll]  [Thomson ResearchSoft, 9.0.0 (Bld 1425)]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [c:\program files\intel\wireless\bin\rypvfdck.dll]  [, 1, 0, 0, 11]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\YAlive.dll]  [yahoo! china, 3, 6, 0, 1112]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll]  [Yahoo! China, 3, 0, 2, 1011]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasnoad.dll]  [yahoo! china, 3, 0, 3, 1005]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yzsNetProto.dll]  [Yahoo! China, 3, 0, 2, 1003]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\WINDOWS\system32\SOGOUPY.IME]  [Sohu.com Inc., 1, 0, 2, 2]
    [C:\Program Files\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll]  [Adobe Systems Inc., 7.0.0.2004121400\0]
    [C:\Program Files\Adobe\Acrobat 7.0\Distillr\ADIST32.dll]  [Adobe Systems Incorporated., 7.0.0.0]
    [C:\PROGRA~1\yahoo!\assistant\Shell\yAssecblk.dll]  [Yahoo! China, 3, 1, 6, 1022]
    [c:\progra~1\yahoo!\assist~1\assist\yadfil~1.dll]  [Yahoo! China, 3, 0, 2, 1003]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yrepair.dll]  [Yahoo! China, 3, 0, 9, 1012]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasfsks.dll]  [Yahoo! China, 2, 1, 3, 89]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yoptimum.dll]  [Yahoo! China, 3, 0, 2, 1006]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yxpstyle.dll]  [Yahoo! China, 3, 0, 1, 1001]
    [C:\PROGRA~1\Yahoo!\Assistant\yClickOn.dll]  [YAHOO Corporation Limited, 3, 0, 3, 1004]
    [C:\Program Files\木马分析专家\hyMenu.dll]  [水晶情缘工作室, 2005.00]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll]  [Symantec Corporation, 10.1.4.4000]
    [C:\PROGRA~1\Yahoo!\Assistant\Assist\yasbar.dll]  [yahoo! china, 3, 3, 2, 1093]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\ysearch.dll]  [Yahoo! China, 3, 1, 6, 1016]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yphtb.dll]  [Yahoo! China, 3, 0, 6, 1008]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yaswiper.dll]  [Yahoo! China, 3, 0, 5, 1005]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasiesec.dll]  [Yahoo! China, 3, 0, 5, 1005]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\YSETTI~1.DLL]  [yahoo! china, 3, 1, 1, 1022]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ymailp.dll]  [Yahoo! China, 3, 0, 4, 1010]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ymyweb.dll]  [Yahoo! China, 3, 0, 2, 1004]
    [C:\WINDOWS\System32\DLA\DLASHX_W.DLL]  [Sonic Solutions, 5.20.09a]
    [C:\WINDOWS\system32\DLAAPI_W.DLL]  [Sonic Solutions, 5.20.09a]
    [C:\WINDOWS\System32\DLA\DLACResW.dll]  [Sonic Solutions, 5.20.09a]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\YDRAGS~1.DLL]  [yahoo! china, 3, 0, 3, 1003]
    [C:\WINDOWS\system32\SCIntruder32.dll]  [N/A, N/A]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yassist.dll]  [Yahoo! China, 3, 1, 4, 1019]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ywiper.dll]  [Yahoo! China, 3, 0, 2, 1002]
    [C:\Program Files\IDM Computer Solutions\UltraEdit-32\ue32ctmn.dll]  [, 1, 0, 0, 1]
[PID: 5584][C:\WINDOWS\system32\wuauclt.exe]  [Microsoft Corporation, 5.8.0.2469 built by: lab01_n(wmbla)]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 5, 1023]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll]  [Yahoo! China, 3, 1, 9, 1025]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.13 08Nov04]
[PID: 5908][E:\Program Files\Rainlendar\Rainlendar\Rainlendar-0.22\Rainlendar.exe]  [Rainy, 0, 22, 0, 0]
    [E:\Program Files\Rainlendar\Rainlendar\Rainlendar-0.22\Rainlendar.dll]  [N/A, N/A]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 5, 1023]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll]  [Yahoo! China, 3, 1, 9, 1025]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.13 08Nov04]
    [E:\Program Files\Rainlendar\Rainlendar\Rainlendar-0.22\Plugins\iCalPlugin.dll]  [N/A, N/A]
    [E:\Program Files\Rainlendar\Rainlendar\Rainlendar-0.22\Plugins\IniFormatPlugin.dll]  [N/A, N/A]
    [E:\Program Files\Rainlendar\Rainlendar\Rainlendar-0.22\Plugins\OutlookPlugin.dll]  [N/A, N/A]
    [E:\Program Files\Rainlendar\Rainlendar\Rainlendar-0.22\Plugins\ServerPlugin.dll]  [N/A, N/A]
    [C:\Documents and Settings\zzm\Application Data\Microsoft\Word\STARTUP\EN9CWYW.WordXP.wll]  [Thomson ResearchSoft, 9.0.0 (Bld 1425)]
[PID: 4252][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 5, 1023]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\yscrblock.dll]  [Yahoo! China, 3, 0, 2, 1003]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll]  [Yahoo! China, 3, 1, 9, 1025]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.13 08Nov04]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\YAlive.dll]  [yahoo! china, 3, 6, 0, 1112]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yalliveex.dll]  [Yahoo! China, 3, 0, 2, 1011]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yphtb.dll]  [Yahoo! China, 3, 0, 6, 1008]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yangling.dll]  [yahoo! china, 3, 0, 5, 1007]
    [C:\WINDOWS\System32\DLA\DLASHX_W.DLL]  [Sonic Solutions, 5.20.09a]
    [C:\WINDOWS\system32\DLAAPI_W.DLL]  [Sonic Solutions, 5.20.09a]
    [C:\WINDOWS\System32\DLA\DLACResW.dll]  [Sonic Solutions, 5.20.09a]
    [C:\Documents and Settings\zzm\Application Data\Microsoft\Word\STARTUP\EN9CWYW.WordXP.wll]  [Thomson ResearchSoft, 9.0.0 (Bld 1425)]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\YDRAGS~1.DLL]  [yahoo! china, 3, 0, 3, 1003]

[C:\WINDOWS\system32\SCIntruder32.dll]  [N/A, N/A]
    [C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll]  [Adobe Systems Incorporated, 7.0.0.0]
    [C:\WINDOWS\system32\flash9.dll]  [Adobe System Incorporated, 1, 0, 0, 1]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yassist.dll]  [Yahoo! China, 3, 1, 4, 1019]
    [C:\WINDOWS\system32\SOGOUPY.IME]  [Sohu.com Inc., 1, 0, 2, 2]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
[PID: 3384][C:\WINDOWS\system32\cmd.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 6112][C:\Documents and Settings\zzm\Desktop\sreng2\SREng.EXE]  [Smallfrogs Studio, 2.3.13.690]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Yhelper.dll]  [Yahoo! China, 3, 0, 5, 1023]
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ykern.dll]  [Yahoo! China, 3, 1, 9, 1025]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.13 08Nov04]
    [C:\Documents and Settings\zzm\Application Data\Microsoft\Word\STARTUP\EN9CWYW.WordXP.wll]  [Thomson ResearchSoft, 9.0.0 (Bld 1425)]
    [C:\Documents and Settings\zzm\Desktop\sreng2\Plugins\SRECXTMG.SRE]  [Smallfrogs Studio, 1, 5, 0, 55]

==================================
File Associations
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1 LOCALHOST

==================================
API HOOK
N/A

==================================


[/CODE]

【回复“满天飞雪”的帖子】
WHY?我是在网上搜了一下，借用yahoo地工具清理IE用的。

另外，我们的出口防火墙检测到我的机器有port scanning 和 addreee sweeping 攻击。截获得包中，端口和地址都是随机的。还有的源端口和目的端口全是0. 那位大牛帮帮忙，十分感谢！

你不知道yahoo的工具是流氓软件吗，自己在后台偷偷运行后门程序，下木马什么的。我已经实验过了，系统里什么都运行，安装过联众之后捆绑了YAHOO和Z娱乐，结果CPU占用在40%左右，后来我就把这俩东西给彻底清理了，不运行软件CPU占用在1%左右。

另外为杀毒，也曾经发现有一下病毒：
Backdoor.Ranky
Risk Level 1: Very Low

Discovered: August 26, 2003
Updated: February 10, 2006 02:48:53 PM ZW3
Also Known As: TrojanProxy.Win32.Ranck [Kaspersky], Proxy-FBSR [McAfee], BKDR_RANKK.A [Trend]
Type: Trojan Horse
Infection Length: Varies.
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP

Backdoor.Ranky is a Trojan horse that opens a back door on the compromised computer and allows a remote attacker to perform unauthorized actions.

Note: Virus definitions dated prior to November 1, 2003 may detect this Trojan as Backdoor.Ranck.



ProtectionVirus Definitions (LiveUpdate™ Weekly) August 27, 2003
Virus Definitions (Intelligent Updater) August 27, 2003
Threat AssessmentWildWild Level: Low
Number of Infections: 0 - 49
Number of Sites: 0 - 2
Geographical Distribution: Low
Threat Containment: Easy
Removal: Easy
DamageDamage Level: Low
Payload: Opens a back door.
DistributionDistribution Level: Low
Ports: Random TCP port.

Writeup By: Scott Gettis

Adware.Borlan


Updated: July 13, 2006 02:37:17 PM PDT
Type: Adware
Risk Impact: Medium
File Names: stdup.dll
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows Server 2003, Windows XP

BehaviorAdware.Borlan acts as an Internet Explorer browser helper object which displays Chinese based advertisements while users browse the Internet.
SymptomsOne or more files detected as Adware.Borlan
TransmissionThis risk must be manually installed.
ProtectionVirus Definitions (LiveUpdate™ Weekly) November 23, 2005
Virus Definitions (Intelligent Updater) November 22, 2005

更正下，是系统里什么都不运行。我已经把联众也当流氓软件来看了。

W32.Pinfi
Risk Level 1: Very Low

Discovered: October 11, 2001
Updated: February 1, 2005 08:33:37 AM PST
Also Known As: Win32.Parite.a [KAV], W32/Pate.a [McAfee], Win32.Pinfi.A [CA], PE_PARITE.A [Trend], W32/Parite-A [Sophos], Win32/Parite.A [RAV]
Type: Virus
Infection Length: ~177,917 bytes
Systems Affected: Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, Windows Me

W32.Pinfi is a memory-resident polymorphic virus that will infect the .EXE and .SCR files. This virus can also spread via mapped drives and network shares.

ProtectionVirus Definitions (LiveUpdate™ Weekly) October 17, 2001
Virus Definitions (Intelligent Updater) October 12, 2001
Threat AssessmentWildWild Level: Low
Number of Infections: More than 1000
Number of Sites: More than 10
Geographical Distribution: High
Threat Containment: Moderate
Removal: Moderate
DamageDamage Level: Low
DistributionDistribution Level: Medium
Shared Drives: Copies across mapped drives and network shares.

Writeup By: Douglas Knowles