病毒名字:Backdoor.gpigeon.umx

路径:IEXPLORE.EXE>>C:\Program Files\Internet Explorer\IEXPLORE.EXE
来源:本机

请版主看看问题在哪?谢谢你

HijackThis_815汉化版扫描日志 V1.99.1
保存于      18:06:35, 日期 2005-12-29
操作系统：  Windows 2000 SP4 (WinNT 5.00.2195)
浏览器：    Internet Explorer v5.00 SP4 (5.00.2920.0000)

当前运行的进程：         
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
c:\program files\rising\rfw\rfwsrv.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\rising\Rav\CCenter.exe
C:\Program Files\rising\Rav\Ravmond.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
d:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
C:\WINNT\System32\nvsvc32.exe
C:\PROGRA~1\EFFICI~1\ENTERN~2\app\pppoeservice.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\rising\Rav\RavStub.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
c:\program files\rising\rfw\RfwMain.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\program files\GoldenSoft\Recovery Genius 21st\WinNT\HDDGMon.exe
C:\WINNT\system32\rundll32.exe
C:\PROGRA~1\3721\ASSISTSE.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\rising\Rav\RavTask.exe
C:\WINNT\system32\internat.exe
C:\WINNT\System32\pizzabx.exe
C:\Program Files\rising\Rav\Ravmon.exe
C:\Program Files\hexin\sslproxy\SSLCnt.exe
C:\WINNT\system32\wuauclt.exe
C:\Program Files\HijackThis1991汉化版\HijackThis1991zww.exe

R3 - URLSearchHook: assist - {1B0E7716-898E-48cc-9690-4E338E8DE1D3} - C:\PROGRA~1\3721\assist\assist.dll
R3 - URLSearchHook: BDSrchHook Class - {2C5AA40E-8814-4EB6-876E-7EFB8B3F9662} - C:\WINNT\DOWNLO~1\BDSrHook.dll
R3 - URLSearchHook: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\PROGRA~1\3721\assist\asbar.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FLASHGET\jccatch.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: AssistII - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\PROGRA~1\3721\assist\asbar.dll
O3 - IE工具栏增项: @msdxmLC.dll,-1@2052,电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - IE工具栏增项: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll
O3 - IE工具栏增项: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\PROGRA~1\3721\assist\asbar.dll
O3 - IE工具栏增项: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - 启动项HKLM\\Run: [Synchronization Manager] mobsync.exe /logon
O4 - 启动项HKLM\\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - 启动项HKLM\\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - 启动项HKLM\\Run: [nwiz] nwiz.exe /install
O4 - 启动项HKLM\\Run: [HDDGMon] C:\program files\GoldenSoft\Recovery Genius 21st\WinNT\HDDGMon.exe
O4 - 启动项HKLM\\Run: [helper.dll] C:\WINNT\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32
O4 - 启动项HKLM\\Run: [assistse] "C:\PROGRA~1\3721\ASSISTSE.EXE"
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - 启动项HKLM\\Run: [rfw] C:\program files\rising\rfw\Rfw.exe
O4 - 启动项HKLM\\Run: [NeroCheck] C:\WINNT\system32\\NeroCheck.exe
O4 - 启动项HKLM\\Run: [RfwMain] "C:\Program Files\rising\Rfw\rfwmain.exe" -Startup
O4 - 启动项HKLM\\Run: [CnsMin] Rundll32.exe C:\WINNT\downlo~1\CnsMin.dll,Rundll32
O4 - 启动项HKLM\\Run: [RavTask] "C:\Program Files\rising\Rav\RavTask.exe" -system
O4 - HKCU\..\Run: [Internat.exe] internat.exe
O4 - Global Startup: 核新SSL通讯安全代理.lnk = C:\Program Files\hexin\sslproxy\SSLCnt.exe
O8 - IE右键菜单中的新增项目: 使用FlashExplorer播放 - C:\Program Files\FlashExplorer\IELink.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - C:\Program Files\FlashGet\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - C:\Program Files\FlashGet\jc_all.htm
O9 - 浏览器额外的按钮: 中文 - {0D5C2EA0-EDCD-11D3-86A5-0088CC224026} - C:\PROGRA~1\TRANST~1\APPLIC~1\TransIE.dll
O9 - 浏览器额外的“工具”菜单项: 中文 - {0D5C2EA0-EDCD-11D3-86A5-0088CC224026} - C:\PROGRA~1\TRANST~1\APPLIC~1\TransIE.dll
O9 - 浏览器额外的按钮: (no name) - {676AB8E0-F5A6-11D3-86A5-0088CC224026} - C:\PROGRA~1\TRANST~1\APPLIC~1\TransIE.dll
O9 - 浏览器额外的“工具”菜单项: 译星帮助 - {676AB8E0-F5A6-11D3-86A5-0088CC224026} - C:\PROGRA~1\TRANST~1\APPLIC~1\TransIE.dll
O9 - 浏览器额外的按钮: 词霸 - {9A687CA6-D585-4947-9ED9-BE96071F5CD9} - C:\PROGRA~1\Kingsoft\POWERW~1\XDictExB.dll
O9 - 浏览器额外的按钮: 英文 - {C2EDD5E0-EB64-11D3-B4D2-0088CC231035} - C:\PROGRA~1\TRANST~1\APPLIC~1\TransIE.dll
O9 - 浏览器额外的“工具”菜单项: 英文 - {C2EDD5E0-EB64-11D3-B4D2-0088CC231035} - C:\PROGRA~1\TRANST~1\APPLIC~1\TransIE.dll
O9 - 浏览器额外的按钮: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - 浏览器额外的“工具”菜单项: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - 浏览器额外的按钮: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - 浏览器额外的“工具”菜单项: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O11 - Options group: [!CNS]  上网助手-地址栏搜索
O14 - IERESET.INF: SEARCH_PAGE_URL=
O14 - IERESET.INF: START_PAGE_URL=
O16 - DPF: Yahoo! Chat 1.3 - http://jcs.chat.dcn.yahoo.com/c174/chat.cab
O16 - DPF: {448A5F6B-8C03-4B54-A338-F00237C508AD} (WEBChatRoomOCX Control) - http://www.51uc.com/cab/WEBChatRoom_1_39.cab
O16 - DPF: {98A62E3F-A8C5-4EF0-8A00-C70CF9D18A89} (LoaderCore Class) - http://tb.sogou.com/DLLoader.cab
O16 - DPF: {C37FBD87-3AA7-4640-9A8D-19AFC10B15B2} (Netease Chat Control) - http://room.chat.163.com/xchat/chat.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{60200CDA-92AF-40A2-8D38-B173EBFDFDE9}: NameServer = 202.100.4.15,61.134.1.4
O18 - 列举现有的协议: dic - {C21F5C32-F57A-4A0D-8E0A-B672691C52D0} - C:\PROGRA~1\Kingsoft\POWERW~1\XDictExB.dll
O23 - NT 服务: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - NT 服务: MATLAB Server (matlabserver) - Unknown owner - d:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
O23 - NT 服务: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
O23 - NT 服务: PPPoE Service (PPPoEService) - Unknown owner - C:\PROGRA~1\EFFICI~1\ENTERN~2\app\pppoeservice.exe
O23 - NT 服务: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - c:\program files\rising\rfw\rfwsrv.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\rising\Rav\Ravmond.exe
O23 - NT 服务: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

斑竹,按你的方法不行,清空IE缓存不行

斑竹,HijackThis和SREng在安装时,冲突吗?能不能同时使用??

那我试试,谢谢你

06.6 过期,到时候对机子有影响吗

斑竹,我把SRENG扫描发上来,请你看看:2005-12-30,10:17:35

System Repair Engineer 2.0.12.350 (2.0 RC 1)
    Windows 2000 Professional Service Pack 4 - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  <Internat.exe><internat.exe>
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <load><>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <Synchronization Manager><mobsync.exe /logon>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <Smapp><C:\Program Files\Analog Devices\SoundMAX\SMTray.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <NvCplDaemon><RUNDLL32.EXE NvQTwk,NvCplDaemon initialize>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <nwiz><nwiz.exe /install>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <HDDGMon><C:\program files\GoldenSoft\Recovery Genius 21st\WinNT\HDDGMon.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <helper.dll><C:\WINNT\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <assistse><"C:\PROGRA~1\3721\ASSISTSE.EXE">
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <rfw><C:\program files\rising\rfw\Rfw.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <NeroCheck><C:\WINNT\system32\\NeroCheck.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <RfwMain><"C:\Program Files\rising\Rfw\rfwmain.exe" -Startup>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <CnsMin><Rundll32.exe C:\WINNT\downlo~1\CnsMin.dll,Rundll32>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <RavTask><"C:\Program Files\rising\Rav\RavTask.exe" -system>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <shell><Explorer.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <Userinit><C:\WINNT\system32\Userinit.exe,>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <AppInit_DLLs><>

==================================
启动文件夹
[核新SSL通讯安全代理]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\核新SSL通讯安全代理.lnk><N>

==================================
服务
[Logical Disk Manager Administrative Service / dmadmin]
  <C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[MATLAB Server / matlabserver]
  <d:\MATLAB6p5\webserver\bin\win32\matlabserver.exe><N/A>
[NVIDIA Driver Helper Service / NVSvc]
  <C:\WINNT\System32\nvsvc32.exe><NVIDIA Corporation>
[PPPoE Service / PPPoEService]
  <C:\PROGRA~1\EFFICI~1\ENTERN~2\app\pppoeservice.exe><N/A>
[Rising Personal Firewall Service / RfwService]
  <c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
  <"C:\Program Files\rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"C:\Program Files\rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[SoundMAX Agent Service / SoundMAX Agent Service (default)]
  <C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe><Analog Devices, Inc.>

接上页==================================
浏览器加载项
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft>
[AcroIEToolbarHelper Class]
  {AE7CD045-E861-484f-8273-0445EE161910} <C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll, N/A>
[上网助手]
  {BB936323-19FA-4521-BA29-ECA6A121BC78} <C:\PROGRA~1\3721\assist\asbar.dll, 3721>
[]
  {0D5C2EA0-EDCD-11D3-86A5-0088CC224026} <C:\PROGRA~1\TRANST~1\APPLIC~1\TransIE.dll, N/A>
[]
  {676AB8E0-F5A6-11D3-86A5-0088CC224026} <C:\PROGRA~1\TRANST~1\APPLIC~1\TransIE.dll, N/A>
[金山词霸]
  {9A687CA6-D585-4947-9ED9-BE96071F5CD9} <C:\PROGRA~1\Kingsoft\POWERW~1\XDictExB.dll, 金山软件股份有限公司>
[]
  {C2EDD5E0-EB64-11D3-B4D2-0088CC231035} <C:\PROGRA~1\TRANST~1\APPLIC~1\TransIE.dll, N/A>
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[FlashGet]
  {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\flashget.exe, Amaze Soft>
[@msdxmLC.dll,-1@2052,电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINNT\system32\msdxm.ocx, Microsoft Corporation>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[上网助手]
  {BB936323-19FA-4521-BA29-ECA6A121BC78} <C:\PROGRA~1\3721\assist\asbar.dll, 3721>
[Adobe PDF]
  {47833539-D0C5-4125-9FA8-0819E2EAAC93} <C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll, N/A>
[Shockwave ActiveX Control]
  {166B1BCA-3F9C-11CF-8075-444553540000} <C:\WINNT\system32\macromed\Shockwave 10\Download.dll, Macromedia, Inc.>
[WEBChatRoomOCX Control]
  {448A5F6B-8C03-4B54-A338-F00237C508AD} <C:\PROGRA~1\Sina\UCWEBC~1\UCWEBC~1.OCX, 北京新浪信息技术有限公司>
[LoaderCore Class]
  {98A62E3F-A8C5-4EF0-8A00-C70CF9D18A89} <C:\WINNT\Downloaded Program Files\DLLoader.dll, sohu.com>
[Netease Chat Control]
  {C37FBD87-3AA7-4640-9A8D-19AFC10B15B2} <C:\WINNT\DOWNLO~1\chat.ocx, Netease>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINNT\system32\Macromed\Flash\Flash8.ocx, Macromedia, Inc.>
[使用FlashExplorer播放]
  <C:\Program Files\FlashExplorer\IELink.htm, N/A>
[使用网际快车下载]
  <C:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <C:\Program Files\FlashGet\jc_all.htm, N/A>

接==================================
正在运行的进程
[PID: 164][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.00.2195.6601>
[PID: 192][\??\C:\WINNT\system32\csrss.exe]  <Microsoft Corporation><5.00.2195.6601>
[PID: 188][\??\C:\WINNT\system32\winlogon.exe]  <Microsoft Corporation><5.00.2195.6970>
    [C:\WINNT\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
[PID: 240][C:\WINNT\system32\services.exe]  <Microsoft Corporation><5.00.2195.6700>
    [C:\WINNT\system32\dmserver.dll]  <VERITAS Software Corp.><2195.6605.297.3>
[PID: 252][C:\WINNT\system32\lsass.exe]  <Microsoft Corporation><5.00.2195.6902>
[PID: 420][c:\program files\rising\rfw\rfwsrv.exe]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 25>
    [c:\program files\rising\rfw\RfwRule.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 10>
    [c:\program files\rising\rfw\rfwlog.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 6>
    [c:\program files\rising\rfw\Rfwdrv.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 19>
    [c:\program files\rising\rfw\MonDrv.dll]  <rs><1, 0, 0, 4>
    [c:\program files\rising\rfw\ProcLib.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 9>
[PID: 432][C:\WINNT\system32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 468][C:\Program Files\rising\Rav\CCenter.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
[PID: 508][C:\Program Files\rising\Rav\Ravmond.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 1, 6>
    [C:\Program Files\rising\Rav\BWList.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 16>
    [C:\Program Files\rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [C:\Program Files\rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [C:\Program Files\rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
    [C:\Program Files\rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\Program Files\rising\Rav\RsLog.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 18>
    [C:\Program Files\rising\Rav\HOOKSYS.dll]  <Rising><18, 1, 0, 9>
    [C:\Program Files\rising\Rav\Scanner.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 28>
    [C:\Program Files\rising\Rav\libload.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [C:\Program Files\rising\Rav\VirusLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [C:\Program Files\rising\Rav\regmon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
    [C:\Program Files\rising\Rav\HookWeb.dll]  <rising><18, 0, 0, 1>
    [C:\Program Files\rising\Rav\MemMon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 8>
    [C:\Program Files\rising\Rav\expscan.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\Program Files\rising\Rav\mPorts.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 3>
    [C:\Program Files\rising\Rav\MailMon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\Program Files\rising\Rav\SpamEng.dll]  <N/A><18, 0, 0, 4>
    [C:\Program Files\rising\Rav\engine.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 23>
    [C:\Program Files\rising\Rav\PostTrt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\Program Files\rising\Rav\UnExe.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
    [C:\Program Files\rising\Rav\ScanExec.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
    [C:\Program Files\rising\Rav\ScanEx.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\Program Files\rising\Rav\NvFile.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
    [C:\Program Files\rising\Rav\ScanMac.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
    [C:\Program Files\rising\Rav\ScanSct.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [C:\Program Files\rising\Rav\Unpacker.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
    [C:\Program Files\rising\Rav\ExtFile.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 15>
    [C:\Program Files\rising\Rav\ExtOLE.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[PID: 568][C:\WINNT\system32\spoolsv.exe]  <Microsoft Corporation><5.00.2195.7059>
    [C:\WINNT\system32\AdobePDF.dll]  <Adobe Systems Incorporated.><6.0.000>
    [C:\Program Files\Adobe\Acrobat 6.0\Distillr\adistres.dll]  <Adobe Systems Incorporated.><6.0.0.2003040700>
    [C:\WINNT\system32\HPDCMON.DLL]  <Hewlett-Packard><04.20.00>
[PID: 600][C:\WINNT\System32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 624][d:\MATLAB6p5\webserver\bin\win32\matlabserver.exe]  <N/A><N/A>
    [d:\matlab6p5\bin\win32\libeng.dll]  <The MathWorks Inc.><6.5.0.180913a>
    [d:\matlab6p5\bin\win32\libut.dll]  <The MathWorks Inc.><6.5.0.180913a>
    [d:\matlab6p5\bin\win32\libmx.dll]  <The MathWorks Inc.><6.5.0.180913a>
    [d:\matlab6p5\bin\win32\mwoles05.dll]  <N/A><N/A>
    [d:\matlab6p5\bin\win32\libmex.dll]  <The MathWorks Inc.><6.5.0.180913a>
    [d:\matlab6p5\bin\win32\libmwservices.dll]  <The MathWorks Inc.><6.5.0.180913a>
    [d:\matlab6p5\bin\win32\mpath.dll]  <The MathWorks Inc.><6.5.0.180913a>
    [d:\matlab6p5\bin\win32\m_interpreter.dll]  <The MathWorks Inc.><6.5.0.181260>
    [d:\matlab6p5\bin\win32\libmat.dll]  <The MathWorks Inc.><6.5.0.180913a>
    [d:\matlab6p5\bin\win32\mlib.dll]  <N/A><N/A>
    [d:\matlab6p5\bin\win32\m_pcodeio.dll]  <The MathWorks Inc.><6.5.0.180913a>
    [d:\matlab6p5\bin\win32\m_ir.dll]  <The MathWorks Inc.><6.5.0.180913a>
    [d:\matlab6p5\bin\win32\m_parser.dll]  <The MathWorks Inc.><6.5.0.180913a>
    [d:\matlab6p5\bin\win32\m_pcodegen.dll]  <The MathWorks Inc.><6.5.0.180913a>
    [d:\matlab6p5\bin\win32\m_dispatcher.dll]  <The MathWorks Inc.><6.5.0.180913a>
    [d:\matlab6p5\bin\win32\hg.dll]  <The MathWorks Inc.><6.5.0.180913a>
    [d:\matlab6p5\bin\win32\numerics.dll]  <The MathWorks Inc.><6.5.0.181030a>
    [d:\matlab6p5\bin\win32\libmwlapack.dll]  <N/A><N/A>
    [d:\matlab6p5\bin\win32\libmwfftw.dll]  <N/A><N/A>
    [d:\matlab6p5\bin\win32\libmwumfpack.dll]  <N/A><N/A>
    [d:\matlab6p5\bin\win32\udd.dll]  <The MathWorks Inc.><6.5.0.180913a>
    [d:\matlab6p5\bin\win32\uiw.dll]  <The MathWorks Inc.><6.5.0.180913a>
[PID: 624][d:\matlab6p5\bin\win32\matlab.exe]  <The MathWorks Inc.><6.0.0.180601>
    [d:\matlab6p5\bin\win32\dastudio.dll]  <N/A><N/A>
    [d:\matlab6p5\bin\win32\glee.dll]  <N/A><N/A>
    [d:\matlab6p5\bin\win32\jmi.dll]  <The MathWorks Inc.><6.5.0.181035>
    [d:\matlab6p5\bin\win32\simulink.dll]  <The MathWorks Inc.><5.0.0.181371>
    [d:\matlab6p5\bin\win32\libmwbuiltins.dll]  <The MathWorks Inc.><6.5.0.180913a>
    [d:\matlab6p5\bin\win32\cg_ir.dll]  <The MathWorks Inc.><1.0.0.0>
    [d:\matlab6p5\bin\win32\libfixedpoint.dll]  <N/A><N/A>
    [d:\matlab6p5\bin\win32\hardcopy.dll]  <The MathWorks Inc.><6.5.0.180913a>
    [d:\matlab6p5\bin\win32\gui.dll]  <The MathWorks Inc.><6.5.0.180913a>
    [d:\matlab6p5\bin\win32\sl_solver.dll]  <N/A><N/A>
    [d:\matlab6p5\bin\win32\udd_mi.dll]  <The MathWorks Inc.><6.5.0.180913a>
    [d:\matlab6p5\bin\win32\comcli.dll]  <N/A><N/A>
    [d:\matlab6p5\bin\win32\mclcom.dll]  <N/A><N/A>
    [d:\matlab6p5\bin\win32\atlas_P4.dll]  <N/A><N/A>
    [d:\matlab6p5\bin\win32\lapack.dll]  <N/A><N/A>
    [d:\matlab6p5\bin\win32\DFORRT.dll]  <Digital Equipment Corporation><6.0 - 575>

接

[PID: 676][C:\WINNT\System32\nvsvc32.exe]  <NVIDIA Corporation><6.13.10.2832>
[PID: 696][C:\PROGRA~1\EFFICI~1\ENTERN~2\app\pppoeservice.exe]  <N/A><N/A>
[PID: 724][d:\matlab6p5\bin\win32\matlab.exe]  <The MathWorks Inc.><6.0.0.180601>
    [d:\matlab6p5\bin\win32\mwoles05.dll]  <N/A><N/A>
    [d:\matlab6p5\bin\win32\libut.dll]  <The MathWorks Inc.><6.5.0.180913a>
    [d:\matlab6p5\bin\win32\libmx.dll]  <The MathWorks Inc.><6.5.0.180913a>
    [d:\matlab6p5\bin\win32\libmex.dll]  <The MathWorks Inc.><6.5.0.180913a>
    [d:\matlab6p5\bin\win32\libmwservices.dll]  <The MathWorks Inc.><6.5.0.180913a>
    [d:\matlab6p5\bin\win32\mpath.dll]  <The MathWorks Inc.><6.5.0.180913a>
    [d:\matlab6p5\bin\win32\m_interpreter.dll]  <The MathWorks Inc.><6.5.0.181260>
    [d:\matlab6p5\bin\win32\libmat.dll]  <The MathWorks Inc.><6.5.0.180913a>
    [d:\matlab6p5\bin\win32\mlib.dll]  <N/A><N/A>
    [d:\matlab6p5\bin\win32\m_pcodeio.dll]  <The MathWorks Inc.><6.5.0.180913a>
    [d:\matlab6p5\bin\win32\m_ir.dll]  <The MathWorks Inc.><6.5.0.180913a>
    [d:\matlab6p5\bin\win32\m_parser.dll]  <The MathWorks Inc.><6.5.0.180913a>
    [d:\matlab6p5\bin\win32\m_pcodegen.dll]  <The MathWorks Inc.><6.5.0.180913a>
    [d:\matlab6p5\bin\win32\m_dispatcher.dll]  <The MathWorks Inc.><6.5.0.180913a>
    [d:\matlab6p5\bin\win32\hg.dll]  <The MathWorks Inc.><6.5.0.180913a>
    [d:\matlab6p5\bin\win32\numerics.dll]  <The MathWorks Inc.><6.5.0.181030a>
    [d:\matlab6p5\bin\win32\libmwlapack.dll]  <N/A><N/A>
    [d:\matlab6p5\bin\win32\libmwfftw.dll]  <N/A><N/A>
    [d:\matlab6p5\bin\win32\libmwumfpack.dll]  <N/A><N/A>
    [d:\matlab6p5\bin\win32\udd.dll]  <The MathWorks Inc.><6.5.0.180913a>
    [d:\matlab6p5\bin\win32\uiw.dll]  <The MathWorks Inc.><6.5.0.180913a>
    [d:\matlab6p5\bin\win32\gui.dll]  <The MathWorks Inc.><6.5.0.180913a>
    [d:\matlab6p5\bin\win32\simulink.dll]  <The MathWorks Inc.><5.0.0.181371>
    [d:\matlab6p5\bin\win32\libmwbuiltins.dll]  <The MathWorks Inc.><6.5.0.180913a>
    [d:\matlab6p5\bin\win32\cg_ir.dll]  <The MathWorks Inc.><1.0.0.0>
    [d:\matlab6p5\bin\win32\libfixedpoint.dll]  <N/A><N/A>
    [d:\matlab6p5\bin\win32\glee.dll]  <N/A><N/A>
    [d:\matlab6p5\bin\win32\jmi.dll]  <The MathWorks Inc.><6.5.0.181035>
    [d:\matlab6p5\bin\win32\dastudio.dll]  <N/A><N/A>
    [d:\matlab6p5\bin\win32\hardcopy.dll]  <The MathWorks Inc.><6.5.0.180913a>
    [d:\matlab6p5\bin\win32\sl_solver.dll]  <N/A><N/A>
    [d:\matlab6p5\bin\win32\mclcom.dll]  <N/A><N/A>
    [d:\matlab6p5\bin\win32\udd_mi.dll]  <The MathWorks Inc.><6.5.0.180913a>
    [d:\matlab6p5\bin\win32\comcli.dll]  <N/A><N/A>
    [d:\matlab6p5\bin\win32\atlas_P4.dll]  <N/A><N/A>
    [d:\matlab6p5\bin\win32\lapack.dll]  <N/A><N/A>
    [d:\matlab6p5\bin\win32\DFORRT.dll]  <Digital Equipment Corporation><6.0 - 575>
    [d:\matlab6p5\sys\java\jre\win32\jre\bin\hotspot\jvm.dll]  <N/A><N/A>
    [C:\WINNT\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
    [d:\matlab6p5\sys\java\jre\win32\jre\bin\hpi.dll]  <N/A><N/A>
    [d:\matlab6p5\sys\java\jre\win32\jre\bin\verify.dll]  <N/A><N/A>
    [d:\matlab6p5\sys\java\jre\win32\jre\bin\java.dll]  <N/A><N/A>
    [d:\matlab6p5\sys\java\jre\win32\jre\bin\zip.dll]  <N/A><N/A>
    [D:\MATLAB6p5\sys\java\jre\win32\jre\bin\awt.dll]  <N/A><N/A>
    [D:\MATLAB6p5\sys\java\jre\win32\jre\bin\fontmanager.dll]  <N/A><N/A>
    [C:\WINNT\system32\nvoglnt.dll]  <NVIDIA Corporation><6.13.10.2832>
    [D:\MATLAB6p5\bin\win32\nativejava.dll]  <N/A><N/A>
    [d:\matlab6p5\bin\win32\glren.dll]  <The MathWorks Inc.><6.0.0.180913a>
[PID: 752][C:\WINNT\system32\MSTask.exe]  <Microsoft Corporation><4.71.2195.6920>
[PID: 816][C:\Program Files\rising\Rav\RavStub.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 12>
    [C:\Program Files\rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [C:\Program Files\rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
[PID: 936][C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe]  <Analog Devices, Inc.><3, 2, 6, 0>
[PID: 956][C:\WINNT\System32\WBEM\WinMgmt.exe]  <Microsoft Corporation><1.50.1085.0100>
[PID: 968][C:\WINNT\system32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 1288][C:\WINNT\Explorer.EXE]  <Microsoft Corporation><5.00.3700.6690>
    [C:\WINNT\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 0, 0, 5>

接

[C:\WINNT\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 1, 2>
    [C:\WINNT\system32\RavExt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 13>
    [C:\PROGRA~1\FLASHGET\fgiebar.dll]  <Amaze Soft><1, 2, 0, 0>
    [C:\PROGRA~1\3721\assist\asbar.dll]  <3721><1, 0, 1, 1001>
    [C:\PROGRA~1\3721\assist\ieaui.dll]  <yahoo!china><1, 0, 1, 1006>
    [C:\PROGRA~1\3721\assist\tbwrap.dll]  <3721><1, 0, 0, 2>
    [C:\PROGRA~1\3721\assist\asnoad.dll]  <><1, 0, 0, 9>
    [C:\PROGRA~1\3721\assist\aswiper.dll]  <3721><1, 0, 1, 1001>
    [C:\PROGRA~1\3721\assist\asiesec.dll]  <yahoo><1, 0, 0, 9>
    [C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll]  <Adobe Systems Incorporated><6.0.0.2003040700>
    [C:\PROGRA~1\FLASHGET\jccatch.dll]  <Amaze Soft><1, 1, 4, 0>
    [d:\WinZip\WZSHLSTB.DLL]  <WinZip Computing, Inc.><3.0 (32-bit)>
    [C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL]  <N/A><N/A>
    [D:\WinRAR\rarext.dll]  <N/A><N/A>
    [C:\Program Files\Adobe\Acrobat 6.0\Acrobat Elements\ContextMenu.dll]  <Adobe Systems Inc.><1.0.0.2003040700>
[PID: 396][c:\program files\rising\rfw\RfwMain.exe]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 40>
    [c:\program files\rising\rfw\RsGuiLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 23>
    [C:\WINNT\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
    [c:\program files\rising\rfw\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [c:\program files\rising\rfw\PngDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\WINNT\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 1, 2>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 0, 0, 5>
[PID: 1264][C:\Program Files\Analog Devices\SoundMAX\SMTray.exe]  <Analog Devices, Inc.><3, 2, 12, 0>
    [C:\WINNT\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
    [C:\WINNT\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 1, 2>
[PID: 1040][C:\program files\GoldenSoft\Recovery Genius 21st\WinNT\HDDGMon.exe]  <><5, 0, 0, 350>
    [C:\program files\GoldenSoft\Recovery Genius 21st\WinNT\SimCom.dll]  <N/A><N/A>
    [C:\program files\GoldenSoft\Recovery Genius 21st\WinNT\HMRes.dll]  <><5, 0, 0, 350>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 0, 0, 5>
    [C:\WINNT\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 1, 2>
[PID: 1428][C:\WINNT\system32\rundll32.exe]  <Microsoft Corporation><5.00.2134.1>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 0, 0, 5>
    [C:\PROGRA~1\3721\autolive.dll]  <><1, 0, 2, 9>
    [C:\WINNT\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 1, 2>
[PID: 1436][C:\PROGRA~1\3721\ASSISTSE.EXE]  <yahoo><1, 0, 1, 1001>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 0, 0, 5>
    [C:\PROGRA~1\3721\shell\Assecblk.dll]  <3721><1, 0, 0, 7>
    [C:\PROGRA~1\3721\shell\MenuInfo.dll]  <yahoo><1, 0, 0, 2>
    [C:\PROGRA~1\3721\shell\IEAngel.dll]  <yahoo><1, 0, 0, 3>
    [C:\PROGRA~1\3721\shell\AsMenu.dll]  <3721><1, 0, 1, 1001>
    [C:\PROGRA~1\3721\assist\assist.dll]  <><2, 0, 3, 2>
    [C:\WINNT\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 1, 2>
    [C:\PROGRA~1\3721\assist\repair.dll]  <北京三七二一科技有限公司><1, 0, 4, 1001>
    [C:\PROGRA~1\3721\assist\asfsks.dll]  <3721.com><2, 1, 1, 87>
    [c:\progra~1\3721\assist\adfilter.dll]  < ><1, 0, 1, 6>
    [C:\PROGRA~1\3721\assist\assecblk.dll]  <3721><1, 0, 0, 7>
    [C:\PROGRA~1\3721\assist\optimum.dll]  <N/A><N/A>
    [C:\PROGRA~1\3721\assist\assistex.dll]  <3721><1, 0, 1, 1001>
[PID: 1444][C:\WINNT\system32\wuauclt.exe]  <Microsoft Corporation><5.4.3630.2554 built by: lab04_n>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 0, 0, 5>
    [C:\WINNT\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 1, 2>
[PID: 1464][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  <RealNetworks, Inc.><0.1.0.3208>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 0, 0, 5>
    [C:\WINNT\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 1, 2>
[PID: 1504][C:\WINNT\system32\Rundll32.exe]  <Microsoft Corporation><5.00.2134.1>
    [C:\WINNT\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 1, 2>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 0, 0, 5>
[PID: 1488][C:\WINNT\System32\pizzabx.exe]  <Goldensoft Technology Co.,Ltd.><2.55>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 0, 0, 5>
[PID: 1536][C:\Program Files\rising\Rav\RavTask.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 22>
    [C:\Program Files\rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\Program Files\rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [C:\Program Files\rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
    [C:\Program Files\rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [C:\WINNT\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 1, 2>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 0, 0, 5>
[PID: 1544][C:\WINNT\system32\internat.exe]  <Microsoft Corporation><5.00.2920.0000>
    [C:\WINNT\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 1, 2>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 0, 0, 5>
[PID: 1556][C:\Program Files\rising\Rav\Ravmon.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 99>
    [C:\Program Files\rising\Rav\RsGuiLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 22>
    [C:\Program Files\rising\Rav\BWList.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 16>
    [C:\Program Files\rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [C:\Program Files\rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
    [C:\Program Files\rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\Program Files\rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [C:\Program Files\rising\Rav\PngDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\WINNT\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 1, 2>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 0, 0, 5>
[PID: 1584][C:\Program Files\hexin\sslproxy\SSLCnt.exe]  <杭州核新软件技术有限公司><1.103.2003.0624>
    [C:\Program Files\hexin\sslproxy\crypteng.dll]  <杭州核新软件技术有限公司><1.44.2003.0426>
    [C:\Program Files\hexin\sslproxy\sslproxy.dll]  <杭州核新软件技术有限公司><1.52.2002.326>
    [C:\Program Files\hexin\sslproxy\CAsAPI.dll]  <杭州核新软件技术有限公司><1.49.2002.422>
    [C:\Program Files\hexin\sslproxy\Scard.dll]  <杭州核新软件技术有限公司><1.02.2001.0529>
    [C:\WINNT\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 1, 2>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 0, 0, 5>
    [C:\Program Files\hexin\sslproxy\CAs\Sheca.dll]  <杭州核新软件技术有限公司><1.07.2001.0706>
    [C:\Program Files\hexin\sslproxy\CAs\RH.dll]  <杭州核新软件技术有限公司><1.07.2001.1207>
    [C:\Program Files\hexin\sslproxy\MapProxy.dll]  <核新软件技术有限公司><1.00.2003.0613>
[PID: 772][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  <Microsoft Corporation><5.00.2920.0000>
    [C:\WINNT\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 1, 2>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 0, 0, 5>
    [C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll]  <N/A><N/A>
    [C:\PROGRA~1\3721\assist\asbar.dll]  <3721><1, 0, 1, 1001>
    [C:\PROGRA~1\3721\assist\ieaui.dll]  <yahoo!china><1, 0, 1, 1006>
    [C:\PROGRA~1\3721\assist\tbwrap.dll]  <3721><1, 0, 0, 2>
    [C:\PROGRA~1\3721\assist\asnoad.dll]  <><1, 0, 0, 9>
    [C:\WINNT\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
    [C:\PROGRA~1\3721\assist\aswiper.dll]  <3721><1, 0, 1, 1001>
    [C:\PROGRA~1\3721\assist\asiesec.dll]  <yahoo><1, 0, 0, 9>
    [C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll]  <Adobe Systems Incorporated><6.0.0.2003040700>
    [C:\PROGRA~1\FLASHGET\jccatch.dll]  <Amaze Soft><1, 1, 4, 0>
    [C:\Program Files\rising\Rav\RavScrCh.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
    [C:\WINNT\system32\Macromed\Flash\Flash8.ocx]  <Macromedia, Inc.><8,0,22,0>
    [c:\progra~1\3721\assist\adfilter.dll]  < ><1, 0, 1, 6>
    [C:\PROGRA~1\3721\assist\repair.dll]  <北京三七二一科技有限公司><1, 0, 4, 1001>
    [C:\PROGRA~1\3721\assist\asfsks.dll]  <3721.com><2, 1, 1, 87>
    [C:\PROGRA~1\3721\assist\optimum.dll]  <N/A><N/A>
    [C:\PROGRA~1\3721\assist\XPStyle.dll]  <N/A><N/A>
    [C:\PROGRA~1\3721\assist\assecblk.dll]  <3721><1, 0, 0, 7>
    [C:\WINNT\system32\UNISPIM.IME]  <北京清华紫光软件股份有限公司><3.0.0.3045>
    [C:\WINNT\system32\upengine.dll]  <北京清华紫光软件股份有限公司><3.0.0.3045>
[PID: 1736][G:\杀毒\扫描程序\sreng2\SREng.exe]  <Smallfrogs Studio><2.0.12.350>
    [C:\WINNT\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 1, 2>
    [C:\PROGRA~1\3721\helper.dll]  <><1, 0, 0, 5>