[CODE] 2009-06-02,09:29:15 System Repair Engineer 2.7.1.1261 Smallfrogs (http://www.KZTechs.com) Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能 以下内容被选中: 所有的启动项目(包括注册表、启动文件夹、服务等) 浏览器加载项 正在运行的进程(包括进程模块信息) 文件关联 Winsock 提供者 Autorun.inf HOSTS 文件 进程特权扫描 计划任务 API HOOK 隐藏进程 启动项目 注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] [] <"C:\Program Files\Common Files\Symantec Shared\ccApp.exe"> [(Verified)Symantec Corporation] [(Verified)Symantec Corporation] <360Safetray> [(Verified)Qizhi Software (beijing) Co. Ltd] [(Verified)Microsoft Windows Hardware Compatibility Publisher] <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd] [EyeFoo Software] <"C:\Program Files\UNION Technology\GMCC\UTAgent.exe"> [广州江南科友科技股份有限公司] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [(Verified)Microsoft Windows Component Publisher] [(Verified)Microsoft Windows Publisher] [UPEK Inc.] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] <%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher] <%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher] <%SystemRoot%\system32\webcheck.dll> [(Verified)Microsoft Windows Publisher] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ACNotify] [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] [(Verified)Microsoft Windows Hardware Compatibility Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon] [(Verified)Symantec Corporation] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\OdysseyClient] [Juniper Networks, Inc.] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus] [UPEK Inc.] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tpfnf2] [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tphotkey] [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher] <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] [Microsoft Corporation] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] <%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] <浏览器自定义组件> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] <%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] <%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] <"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] <%SystemRoot%\system32\ie4uinit.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] [Microsoft Corporation] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <; C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe> [Lenovo ] <; C:\Program Files\ThinkVantage\AMSG\Amsg.exe> [LENOVO] <; "C:\Program Files\Intel\AMT\atchk.exe"> [(Verified)Intel Corporation] <; "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"> [] <; rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog> [] <; C:\WINDOWS\System32\DLA\DLACTRLW.EXE> [Sonic Solutions] <; C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe> [Lenovo Group Limited] <; C:\WINDOWS\system32\hkcmd.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <; C:\WINDOWS\system32\igfxtray.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <; C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE> [(Verified)Microsoft Windows Publisher] <; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Windows Publisher] <; C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload> [(Verified)Microsoft Corporation] <; C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup> [InstallShield Software Corporation] <; "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start> [InstallShield Software Corporation] <; C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe> [Lenovo Group Limited] <; C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC> [(Verified)Microsoft Windows Publisher] <; RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <; RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <; nwiz.exe /installquiet /keeploaded /nodetect> [N/A] <; C:\Program Files\UNION Technology\GMCC\UTAgent.exe Update AutoRunDelay:> [File is missing] <; C:\WINDOWS\system32\igfxpers.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [(Verified)Microsoft Windows Publisher] <; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [(Verified)Microsoft Windows Publisher] <; C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray> [Analog Devices, Inc.] <; C:\Program Files\Analog Devices\Core\smax4pnp.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <; C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe> [Sun Microsystems, Inc.] <; C:\Program Files\Synaptics\SynTP\SynTPEnh.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <; C:\Program Files\Synaptics\SynTP\SynTPLpr.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <; tp4ex.exe> [Lenovo Group Limited] <; C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe /r> [(Verified)Lenovo (Japan) Ltd.] <; C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper> [Lenovo] <; TpShocks.exe> [Lenovo, Ltd. and IBM Corporation.] <; tp4serv.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <; C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe> [Lenovo Group Limited] ================================== 启动文件夹 N/A ================================== 服务 [Ac Profile Manager Service / AcPrfMgrSvc][Running/Auto Start] [Access Connections Main Service / AcSvc][Running/Auto Start] [Alertere / Alertere][Stopped/Auto Start] [Array Utility Service 8,2,2,8 / Array_Utility_Service8.2.2.8][Running/Auto Start] [IBM Mobility Client DHCP Control / artdhcp][Stopped/Auto Start] <(File is missing)> [Mobility Client / ArtourService][Stopped/Manual Start] [IBM Mobility Client Start Utility / artstartsvc][Running/Auto Start] [Intel(R) Active Management Technology System Status Service / atchksrv][Running/Auto Start] [Ati HotKey Poller / Ati HotKey Poller][Stopped/Auto Start] [Symantec Event Manager / ccEvtMgr][Running/Auto Start] <"C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"> [Contrl Center of Storm Media / ccosm][Running/Auto Start] <北京暴风网际科技有限公司> [Symantec Password Validation / ccPwdSvc][Stopped/Manual Start] <"C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe"> [Symantec Settings Manager / ccSetMgr][Running/Auto Start] <"C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"> [Symantec AntiVirus Definition Watcher / DefWatch][Running/Auto Start] <"C:\Program Files\Symantec AntiVirus\DefWatch.exe"> [Juniper TNC Endpoint Assessment / EacService][Stopped/Manual Start] [Intel(R) PROSet/Wireless Event Log / EvtEng][Running/Auto Start] [Human Interface Device Access / HidServ][Stopped/Disabled] %SystemRoot%\System32\hidserv.dll> [ThinkPad PM Service / IBMPMSVC][Running/Auto Start] [InstallDriver Table Manager / IDriverT][Stopped/Manual Start] <"C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe"> [Juniper Unified Network Service / JuniperAccessService][Running/Auto Start] [Intel(R) Active Management Technology Local Management Service / LMS][Running/Auto Start] [Multi-user Cleanup Service / Multi-user Cleanup Service][Running/Auto Start] <"C:\Program Files\lotus\notes\ntmulti.exe"> [NVIDIA Display Driver Service / NVSvc][Running/Auto Start] [Juniper OAC Service / odClientService][Running/Auto Start] <"C:\Program Files\Juniper Networks\Odyssey Access Client\odClientService.exe"> [OracleMTSRecoveryService / OracleMTSRecoveryService][Running/Auto Start] [OracleOraHome92ClientCache / OracleOraHome92ClientCache][Stopped/Manual Start] [Pml Driver HPZ12 / Pml Driver HPZ12][Stopped/Manual Start] [Fantasia Sango 3 CH (Pro_CD) Drivers Auto Removal (pr2ahvub) / pr2ahvub][Stopped/Auto Start] [IBM PSA Access Driver Control / PsaSrv][Stopped/Manual Start] [Intel(R) PROSet/Wireless Registry Service / RegSrvc][Running/Auto Start] [Intel(R) PROSet/Wireless Service / S24EventMonitor][Running/Auto Start] [SavRoam / SavRoam][Running/Auto Start] <"C:\Program Files\Symantec AntiVirus\SavRoam.exe"> [ServiceLayer / ServiceLayer][Stopped/Manual Start] <"C:\Program Files\PC Connectivity Solution\ServiceLayer.exe"> [Symantec Network Drivers Service / SNDSrvc][Stopped/Manual Start] <"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"> [Symantec SPBBCSvc / SPBBCSvc][Stopped/Manual Start] <"C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe"> [System Update / SUService][Running/Auto Start] <> [Symantec AntiVirus / Symantec AntiVirus][Running/Auto Start] <"C:\Program Files\Symantec AntiVirus\Rtvscan.exe"> [ThinkPad HDD APS Logging Service / TPHDEXLGSVC][Running/Auto Start] <(File is missing)> [IBM KCU Service / TpKmpSVC][Running/Auto Start] [TVT Scheduler / TVT Scheduler][Running/Auto Start] <"C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe"> [Intel(R) Active Management Technology User Notification Service / UNS][Running/Auto Start] [Windows Driver Foundation / WudgSvc][Stopped/Auto Start] <(File is missing)> ================================== 驱动程序 [360AntiArp / 360AntiArp][Running/System Start] <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心> [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start] [ADI UAA Function Driver for High Definition Audio Service / ADIHdAudAddService][Running/Manual Start] [AE Audio Service / AEAudio][Running/Manual Start] [AEGIS Protocol (IEEE 802.1x) v3.5.3.0 / AegisP][Running/Auto Start] [AliIde / AliIde][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\aliide.sys> [AMD AGP Bus Filter Driver / amdagp][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\amdagp.sys> [ANC / ANC][Running/System Start] [IBM Mobility Interface for Windows / artour][Stopped/Manual Start] [asc / asc][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\asc.sys> [asc3550 / asc3550][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\asc3550.sys> [ati2mtag / ati2mtag][Stopped/Manual Start] [atmeltpm / atmeltpm][Running/Manual Start] [蓝牙音频设备 / btaudio][Running/Manual Start] [蓝牙虚拟通信驱动程序 / BTDriver][Running/Manual Start] [蓝牙总线枚举器 / BTKRNL][Running/Manual Start] [蓝牙局域网接入服务器 / BTWDNDIS][Stopped/Manual Start] [WIDCOMM USB Bluetooth Driver / BTWUSB][Stopped/Manual Start] [CmdIde / CmdIde][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\cmdide.sys> [dac2w2k / dac2w2k][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\dac2w2k.sys> [DLABOIOM / DLABOIOM][Running/Auto Start] [DLACDBHM / DLACDBHM][Running/System Start] [DLADResN / DLADResN][Running/Auto Start] [DLAIFS_M / DLAIFS_M][Running/Auto Start] [DLAOPIOM / DLAOPIOM][Running/Auto Start] [DLAPoolM / DLAPoolM][Running/Auto Start] [DLARTL_N / DLARTL_N][Running/System Start] [DLAUDFAM / DLAUDFAM][Running/Auto Start] [DLAUDF_M / DLAUDF_M][Running/Auto Start] [DRVMCDB / DRVMCDB][Running/Boot Start] <\SystemRoot\System32\Drivers\DRVMCDB.SYS> [DRVNDDM / DRVNDDM][Running/Auto Start] [Intel(R) PRO/1000 Adapter Driver / E1000][Stopped/Manual Start] [Intel(R) PRO Adapter Driver / E100B][Stopped/Manual Start] [Intel(R) PRO/1000 PCI Express Network Connection Driver / e1express][Running/Manual Start] [Symantec Eraser Control driver / eeCtrl][Running/System Start] <\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys> [IBM eGatherer / EGATHDRV][Running/Auto Start] <\??\C:\WINDOWS\SYSTEM32\EGATHDRV.SYS> [FTCkillfile / FTCkillfile][Stopped/Manual Start] <风云谷科技> [FTCProtect / FTCProtect][Stopped/Manual Start] <风云谷科技> [Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start] [hduv / hduv][Stopped/Manual Start] <\??\C:\WINDOWS\system32\drivers\hduv.sys> [HSFHWAZL / HSFHWAZL][Running/Manual Start] [HSF_DPV / HSF_DPV][Running/Manual Start] [HSXHWAZL / HSXHWAZL][Stopped/Manual Start] [ialm / ialm][Stopped/Manual Start] [Intel AHCI Controller / iaStor][Running/Boot Start] <\SystemRoot\System32\Drivers\iaStor.sys> [IBMPMDRV / IBMPMDRV][Running/Manual Start] [IBMTPCHK / IBMTPCHK][Running/System Start] <\??\C:\WINDOWS\system32\Drivers\IBMBLDID.sys> [Juniper Network Agent Miniport / jnprna][Running/Manual Start] [mdmxsdk / mdmxsdk][Running/Auto Start] [mraid35x / mraid35x][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\mraid35x.sys> [NAVENG / NAVENG][Stopped/Manual Start] <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090601.003\naveng.sys> [NAVEX15 / NAVEX15][Stopped/Manual Start] <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090601.003\navex15.sys> [用于 Windows XP 32 Bit 版的英特尔(R) PRO/无线 3945ABG 适配器驱动程序 / NETw3x32][Stopped/Manual Start] [Intel(R) Wireless WiFi Link 适配器驱动程序(适用于 Windows XP 32 位) / NETw4x32][Running/Manual Start] [Nokia USB Phone Parent / nmwcd][Stopped/Manual Start] [Nokia USB Generic / nmwcdc][Stopped/Manual Start] [NSC Infrared Device Driver / NSCIRDA][Stopped/Manual Start] [nv / nv][Running/Manual Start] [odFips / odFips][Running/Boot Start] <\SystemRoot\system32\drivers\odFips.sys> [DDK PACKET Protocol / Packet][Running/Manual Start] <360安全中心> [PCCS Mode Change Filter Driver / pccsmcfd][Stopped/Manual Start] [Fantasia Sango 3 CH (Pro_CD) Environment Driver (pe3ahvub) / pe3ahvub][Running/Boot Start] <\SystemRoot\system32\drivers\pe3ahvub.sys> [Fantasia Sango 3 CH (Pro_CD) File System Driver (pf2ahvub) / pf2ahvub][Running/Boot Start] <\SystemRoot\system32\drivers\pf2ahvub.sys> [pmem / pmem][Running/Auto Start] <\??\C:\WINDOWS\System32\drivers\pmemnt.sys> [Fantasia Sango 3 CH (Pro_CD) Synchronization Driver (ps6ahvub) / ps6ahvub][Running/Boot Start] <\SystemRoot\system32\drivers\ps6ahvub.sys> [IBM PSA Access Driver / psadd][Stopped/Manual Start] <\??\C:\WINDOWS\system32\Drivers\psadd.sys> [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [PxHelp20 / PxHelp20][Running/Boot Start] <\SystemRoot\System32\Drivers\PxHelp20.sys> [ql1080 / ql1080][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\ql1080.sys> [ql12160 / ql12160][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\ql12160.sys> [ql1280 / ql1280][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\ql1280.sys> [WLAN Transport / s24trans][Running/Auto Start] [SafeBoxKrnl / SafeBoxKrnl][Running/System Start] <\??\C:\WINDOWS\system32\drivers\SafeBoxKrnl.sys><360安全中心> [SAVRT / SAVRT][Running/System Start] <\??\C:\Program Files\Symantec AntiVirus\savrt.sys> [SAVRTPEL / SAVRTPEL][Running/System Start] <\??\C:\Program Files\Symantec AntiVirus\Savrtpel.sys> [Secdrv / Secdrv][Stopped/Manual Start] [SIS AGP Bus Filter / sisagp][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\sisagp.sys> [sklb / sklb][Stopped/Manual Start] <\??\C:\WINDOWS\system32\drivers\sklb.sys> [Smapint / Smapint][Running/System Start] [SMI helper driver / smihlp][Running/Auto Start] <\??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys> [Sparrow / Sparrow][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\sparrow.sys> [SPBBCDrv / SPBBCDrv][Stopped/Manual Start] <\??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys> [sptd / sptd][Running/Boot Start] <\SystemRoot\System32\Drivers\sptd.sys> [sp_vpn / sp_vpn][Running/System Start] [symc810 / symc810][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\symc810.sys> [symc8xx / symc8xx][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\symc8xx.sys> [SymEvent / SymEvent][Running/Manual Start] <\??\C:\Program Files\Symantec\SYMEVENT.SYS> [SYMREDRV / SYMREDRV][Running/Manual Start] <\SystemRoot\System32\Drivers\SYMREDRV.SYS> [SYMTDI / SYMTDI][Running/System Start] <\SystemRoot\System32\Drivers\SYMTDI.SYS> [sym_hi / sym_hi][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\sym_hi.sys> [sym_u3 / sym_u3][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\sym_u3.sys> [Synaptics TouchPad Driver / SynTP][Running/Manual Start] [TCP/IP Protocol Driver / Tcpip][Running/System Start] [TC USB Kernel Driver / TcUsb][Running/Manual Start] [TDSMAPI / TDSMAPI][Running/System Start] [PS/2 TrackPoint Driver / Tp4Track][Stopped/Manual Start] [TPPWRIF / TPPWRIF][Running/System Start] [TSMAPIP / TSMAPIP][Running/System Start] [TVT Packet Filter Service / TVTPktFilter][Stopped/Manual Start] [IBM PS/2 TrackPoint Filter Driver / TwoTrack][Stopped/Manual Start] [Conexant Setup API / UIUSys][Stopped/Manual Start] [ultra / ultra][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\ultra.sys> [upperdev / upperdev][Stopped/Manual Start] [Mobility Client Virtual Miniport / wcndis][Stopped/Manual Start] [winachsf / winachsf][Running/Manual Start] [yfounrxm / yfounrxm][Stopped/Auto Start] <\??\C:\WINDOWS\system32\drivers\bplfgh.sys> ================================== 浏览器加载项 [SafeMon Class] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [Java Plug-in 1.6.0_07] {08B0E5C0-4FCB-11CF-AAA5-00401C608501} [NetAnts] {57E91B47-F40A-11D1-B792-444553540000} [信息检索(&R)] {92780B25-18CC-41C8-B9BE-3C9C571A8263} [@btrez.dll,-4015] {CCA281CA-C863-46ef-9331-5C8D4460577F} <, > [快车] {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} [System Update] {DA320635-F48C-4613-8325-D75A933C549E} [Messenger] {FB5F1910-F110-11d2-BB9E-00C04F795683} [MWOffice Object] {1CEF4BC4-BC39-46E2-8D84-AC7FC5AFC636} [iNotes Class] {1E2941E3-8E63-11D4-9D5A-00902742D6E0} [iNotes6 Class] {3BFFE033-BF43-11D5-A271-00A024A51325} [EditCtrl Class] {488A4255-3236-44B3-8F27-FA1AECAA8844} [Java Plug-in 1.6.0_07] {8AD9C840-044E-11D1-B3E9-00805F499D93} [Domino Web Access 8 Control] {983A9C21-8207-4B58-BBB8-0EBC3D7C5505} [uploadfile Control] {9FCB99E8-D266-4BA5-B531-618690717F68} [Crystal ActiveX Report Viewer Control 10.0] {A1B8A30B-8AAA-4A3E-8869-1DA509E8A011} [ArrVPNAX Control] {B6648EB8-2460-484F-9255-9654454C4C70} [Java Plug-in 1.5.0_06] {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} [Java Plug-in 1.5.0_10] {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} [Java Plug-in 1.6.0_05] {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} [Java Plug-in 1.6.0_07] {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [Java Plug-in 1.6.0_07] {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [JuniperSetupSP1 Control] {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} [] {0045D4BC-5189-4B67-969C-83BB1906C421} <, > [] {01443AEC-0FD1-40FD-9C87-E93D1494C233} <, > [] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <, > [Web Browser Applet Control] {08B0E5C0-4FCB-11CF-AAA5-00401C608501} [] {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <, > [GerneralPeerID Class] {0A47E819-F82E-4D5D-B806-6A9EA94D68CD} [CEnroll Class] {127698E4-E730-4E5C-A2B1-21490A70C8A1} [MWOffice Object] {1CEF4BC4-BC39-46E2-8D84-AC7FC5AFC636} [iTrusPTA Class] {1E0DFFCF-27FF-4574-849B-55007349FEDA} [iNotes Class] {1E2941E3-8E63-11D4-9D5A-00902742D6E0} [] {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} <, > [Windows Media Player] {22D6F312-B0F6-11D0-94AB-0080C74C7E95} [HTML Document] {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, (Signed) N/A> [DHTML Edit Control Safe for Scripting for IE5] {2D360201-FFF5-11D1-8D03-00A0C959BC0A} [] {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <, > [RealPlayer RAM Download Handler] {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} [IETag Factory] {38481807-CA0E-42D2-BF39-B33AF135CC4D} [iNotes6 Class] {3BFFE033-BF43-11D5-A271-00A024A51325} [DEInsertTableParam Class] {47B0DFC7-B7A3-11D1-ADC5-006008A5848C} [XML Document] {48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A> [Thunder Agent Class] {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} [EditCtrl Class] {488A4255-3236-44B3-8F27-FA1AECAA8844} [HHCtrl Object] {52A2AAAE-085D-4187-97EA-8C30DB990436} [Shell Name Space] {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A> [] {57E91B47-F40A-11D1-B792-444553540000} <, > [DriveLetterAccess] {5CA3D70E-1895-11CF-8E15-001234567890} [] {5EE6BFED-B016-4FE4-9781-789522416391} <, > [Crystal ActiveX Report Viewer Web Report Source 10.0] {6045C5E3-3653-4262-9E3E-0DA3A22A2C1D} [XMP Class] {6483F145-A768-4C41-AACC-52D4D7845851} [XDRM] {693571CB-54A3-4E90-9D52-EEAE1334E2D3} [Windows Media Player] {6BF52A52-394A-11D3-B153-00C04F79FAA6} [Active Desktop Mover] {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, (Signed) N/A> [] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <, > [MediaComm Class] {7670648D-461B-42AF-BDFE-46D26AF5EFF2} [Crystal ActiveX Report Viewer Export Control 10.0] {7D136085-0A9A-42E8-BE96-428C8D73DCE7} [360SafeLive] {87515F61-A66C-4319-A0E0-D416CB8059E3} [Microsoft Web 浏览器] {8856F961-340A-11D0-A96B-00C04FD705A2} [] {889D2FEB-5411-4565-8998-1DD2C5261283} <, > [Java Plug-in 1.6.0_07] {8AD9C840-044E-11D1-B3E9-00805F499D93} [] {92780B25-18CC-41C8-B9BE-3C9C571A8263} <, > [Domino Web Access 8 Control] {983A9C21-8207-4B58-BBB8-0EBC3D7C5505} [] {9A687CA6-D585-4947-9ED9-BE96071F5CD9} <, > [uploadfile Control] {9FCB99E8-D266-4BA5-B531-618690717F68} [Crystal ActiveX Report Viewer Control 10.0] {A1B8A30B-8AAA-4A3E-8869-1DA509E8A011} [RMGetLicense Class] {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} [] {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <, > [Microsoft Scriptlet Component] {AE24FDAE-03C6-11D1-8B76-0080C744F389} [SearchAssistantOC] {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A> [ArrVPNAX Control] {B6648EB8-2460-484F-9255-9654454C4C70} [SafeMon Class] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [RDS.DataSpace] {BD96C556-65A3-11D0-983A-00C04FC29E36} [Crystal Report Prompt Info Control] {C91F6075-C59C-4F8F-B339-0045A156ECC0} [] {CCA281CA-C863-46EF-9331-5C8D4460577F} <, > [AUDIO__MP3 Moniker Class] {CD3AFA76-B84F-48F0-9393-7EDC34128127} [AUDIO__X_MS_WMA Moniker Class] {CD3AFA84-B84F-48F0-9393-7EDC34128127} [VIDEO__X_MS_ASF Moniker Class] {CD3AFA8F-B84F-48F0-9393-7EDC34128127} [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [] {D6E814A0-E0C5-11D4-8D29-0050BA6940E3} <, > [] {DA320635-F48C-4613-8325-D75A933C549E} <, > [PlayerCtrl Class] {E05BC2A3-9A46-4A32-80C9-023A473F5B23} [JuniperSetupSP1 Control] {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} [Thunder DapPlayer] {EEDD6FF9-13DE-496B-9A1C-D78B3215E266} [] {F040E541-A427-4CF7-85D8-75E3E0F476C5} <, > [] {F156768E-81EF-470C-9057-481BA8380DBA} <, > [] {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <, > [FGAutoLive] {F90D830D-C175-4bbe-82C7-FF94669A4C42} [] {FB5DA724-162B-11D3-8B9B-AA70B4B0B524} <, > [FG2CatchUrl] {FB5DA724-162B-11D3-8B9B-AA70B4B0B525} [] {FB5F1910-F110-11D2-BB9E-00C04F795683} <, > [&使用快车(FlashGet)下载] [&使用快车(FlashGet)下载全部链接] [使用迅雷下载] [使用迅雷下载全部链接] [发送到 Bluetooth 设备(&B)...] [在Foxmail中添加该RSS频道/频道组] [导出到 Microsoft Office Excel(&X)] [添加到QQ表情] ================================== 正在运行的进程 [PID: 404][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1416][\??\C:\WINDOWS\system32\csrss.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 484][\??\C:\WINDOWS\system32\winlogon.exe] [(Verified) Microsoft Corporation, 5.1.2600.2645 (xpsp.050331-1524)] [C:\WINDOWS\system32\vrlogon.dll] [UPEK Inc., 5.5.0.2918] [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll] [Microsoft Corporation, 5.1.3102.5581 (xpsp_sp3_qfe.080415-1416)] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll] [Lenovo , 4.42] [C:\Program Files\ThinkPad\ConnectUtilities\AcSvcStub.dll] [Lenovo , 4.42] [C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll] [Lenovo , 4.42] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll] [Lenovo , 4.42] [C:\WINDOWS\system32\Ati2evxx.dll] [ATI Technologies Inc., 6.14.10.4142] [C:\WINDOWS\system32\odyEvent.dll] [Juniper Networks, Inc., 3.113.49383.0] [C:\WINDOWS\system32\psqlpwd.dll] [UPEK Inc., 5.5.0.2918] [C:\Program Files\ThinkVantage Fingerprint Software\infra.dll] [UPEK Inc., 5.5.0.2918] [C:\Program Files\ThinkVantage Fingerprint Software\homefus2.dll] [UPEK Inc., 5.5.0.2918] [C:\WINDOWS\system32\biologon.dll] [Microsoft Corporation, 6.00.2497.0000 built by: main(SReasor)] [C:\Program Files\ThinkVantage Fingerprint Software\homepass.dll] [UPEK Inc., 5.5.0.2918] [C:\Program Files\ThinkVantage Fingerprint Software\bio.dll] [UPEK Inc., 5.5.0.2918] [C:\Program Files\ThinkVantage Fingerprint Software\remote.dll] [UPEK Inc., 5.5.0.2918] [C:\WINDOWS\system32\tphklock.dll] [N/A, ] [C:\WINDOWS\system32\NavLogon.dll] [Symantec Corporation, 10.0.1.1000] [C:\WINDOWS\system32\igfxdev.dll] [Intel Corporation, 6.14.10.4825] [C:\WINDOWS\system32\notifyf2.dll] [N/A, ] [PID: 1336][C:\WINDOWS\system32\services.exe] [(Verified) Microsoft Corporation, 5.1.2600.3520 (xpsp_sp2_qfe.090206-1239)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1396][C:\WINDOWS\system32\lsass.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\psqlpwd.dll] [UPEK Inc., 5.5.0.2918] [C:\Program Files\ThinkVantage Fingerprint Software\infra.dll] [UPEK Inc., 5.5.0.2918] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\ThinkVantage Fingerprint Software\homefus2.dll] [UPEK Inc., 5.5.0.2918] [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll] [Microsoft Corporation, 5.1.3102.5581 (xpsp_sp3_qfe.080415-1416)] [C:\Program Files\ThinkPad\ConnectUtilities\ACGina.dll] [Lenovo , 4.42] [C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll] [Lenovo , 4.42] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\ThinkPad\ConnectUtilities\AcSvcStub.dll] [Lenovo , 4.42] [C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll] [Lenovo , 4.42] [C:\Program Files\ThinkPad\ConnectUtilities\ACON.dll] [Lenovo , 4.42] [C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgr.dll] [Lenovo , 4.42] [C:\Program Files\ThinkPad\ConnectUtilities\AcCryptHlpr.dll] [Lenovo , 4.42] [C:\Program Files\ThinkPad\ConnectUtilities\ACTurinSupport.dll] [Lenovo , 4.42] [C:\Program Files\ThinkPad\ConnectUtilities\AcSmBiosHelper.dll] [Lenovo, 4.42] [C:\Program Files\ThinkPad\ConnectUtilities\AcAdaptersInfo.dll] [Lenovo , 4.42] [PID: 984][C:\WINDOWS\system32\ibmpmsvc.exe] [Lenovo, 1.43] [PID: 1204][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1784][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Array Networks\Array Redirector\8,2,2,8\arr_spi.dll] [Array Networks, Inc., 8,2,2,8] [PID: 264][C:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [D:\oracle\ora92\bin\oci.dll] [Oracle Corporation, 9.2.0.1.0] [C:\Program Files\Array Networks\Array Redirector\8,2,2,8\arr_spi.dll] [Array Networks, Inc., 8,2,2,8] [PID: 772][C:\Program Files\Intel\Wireless\Bin\EvtEng.exe] [Intel Corporation, 10.5.0.20 ] [C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll] [Intel Corporation, 10.5.0.2 ] [C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 10.5.0.2] [C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 10.5.0.5 ] [C:\Program Files\Intel\Wireless\Bin\DbEngine.dll] [Intel Corporation, 10.5.0.2 ] [C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll] [The OpenSSL Project, http://www.openssl.org/, 0.9.8] [C:\Program Files\Intel\Wireless\Bin\IntStngs.dll] [, 10.5.0.2 ] [C:\Program Files\Intel\Wireless\Bin\MurocApi.dll] [Intel Corporation, 10.5.0.7] [C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll] [Intel Corporation, 10.5.0.1 ] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 528][C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe] [Intel Corporation , 10.5.0.34 ] [C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 10.5.0.2] [C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 10.5.0.5 ] [C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll] [The OpenSSL Project, http://www.openssl.org/, 0.9.8] [C:\Program Files\Intel\Wireless\Bin\IntStngs.dll] [, 10.5.0.2 ] [C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL] [N/A, ] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 924][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1220][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1324][C:\Program Files\Juniper Networks\Odyssey Access Client\odClientService.exe] [Juniper Networks, Inc., 3.113.49383.0] [C:\Program Files\Common Files\Juniper Networks\JUNS\dsLogService.dll] [Juniper Networks, 1, 0, 0, 49322] [C:\Program Files\Common Files\Juniper Networks\JUNS\DBGHELP.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Juniper Networks\Odyssey Access Client\odService.dll] [Juniper Networks, Inc., 3.113.49383.0] [C:\Program Files\Common Files\Funk Software\dcfLibrary.DLL] [Juniper Networks, Inc., 3.111.49383.0] [C:\Program Files\Juniper Networks\Odyssey Access Client\odSuppExt.dll] [Juniper Networks, Inc., 3.113.49383.0] [C:\Program Files\Common Files\Funk Software\dcfDOM.dll] [Juniper Networks, Inc., 3.111.49383.0] [C:\Program Files\Common Files\Funk Software\odCert_M.dll] [Juniper Networks, Inc., 3.113.49383.0] [C:\Program Files\Juniper Networks\Odyssey Access Client\odServiceDialogs.dll] [Juniper Networks, Inc., 3.113.49383.0] [C:\Program Files\Juniper Networks\Odyssey Access Client\OdServiceResource0009.dll] [Juniper Networks, Inc., 3.113.49383.0] [C:\Program Files\Common Files\Funk Software\odLib_OSSL.dll] [Juniper Networks, Inc., 3.113.49383.0] [C:\Program Files\Juniper Networks\Odyssey Access Client\odjpaservice.dll] [Juniper Networks, 2, 0, 0, 49383] [C:\Program Files\Juniper Networks\Odyssey Access Client\epdiag.dll] [Juniper Networks, 2, 0, 0, 49383] [C:\Program Files\Juniper Networks\Odyssey Access Client\dsNetworkMonitor.dll] [Juniper Networks, 2, 0, 0, 49383] [C:\Program Files\Common Files\Juniper Networks\JNPRNA\jnprnaapi.dll] [Juniper Networks, Inc., 5.0.0.2988] [PID: 1844][C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe] [Symantec Corporation, 103.5.4.3] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Common Files\Symantec Shared\ccL35.dll] [Symantec Corporation, 103.5.4.3] [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 103.5.4.3] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll] [Symantec Corporation, 103.5.4.3] [PID: 1932][C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe] [Symantec Corporation, 103.5.4.3] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Common Files\Symantec Shared\ccL35.dll] [Symantec Corporation, 103.5.4.3] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 103.5.4.3] [C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\BB.DLL] [Symantec Corporation, 1,5,1,3] [C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\SPBBCEVT.DLL] [Symantec Corporation, 1,5,1,3] [C:\Program Files\Common Files\Symantec Shared\ccSet.dll] [Symantec Corporation, 103.5.4.3] [C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETEVT.DLL] [Symantec Corporation, 103.5.4.3] [PID: 608][C:\WINDOWS\system32\spoolsv.exe] [(Verified) Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\bthcrp.dll] [Broadcom Corporation., 5.1.0.3100] [C:\WINDOWS\system32\WidcommSdk.dll] [Broadcom Corporation., 5.1.0.3100] [C:\WINDOWS\system32\wbtapi.dll] [Broadcom Corporation., 5.1.0.3100] [C:\WINDOWS\system32\hptcpmon.dll] [Hewlett Packard, 2.43.01.003] [C:\WINDOWS\system32\HPZJSN01.dll] [Hewlett Packard Company, 1, 0, 0, 3] [C:\WINDOWS\system32\hpzjfw01.dll] [Hewlett-Packard, 4.02.009.0] [C:\WINDOWS\system32\hptcpmib.dll] [Hewlett Packard, 2.41.01.021] [C:\WINDOWS\system32\hpzlnt06.dll] [HP, 2,133,0,0] [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.1897.0] [C:\Program Files\Array Networks\Array Redirector\8,2,2,8\arr_spi.dll] [Array Networks, Inc., 8,2,2,8] [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\HPZPP2MQ.DLL] [Hewlett-Packard Corporation, 60.034.153.31] [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.1897.0] [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\vprproc.dll] [Windows (R) 2000 DDK provider, 5.1.2600.2180 built by: WinDDK] [PID: 668][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 640][C:\Program Files\Array Networks\Common\8,2,2,8\arr_isrv.exe] [Array Networks, Inc., 8,2,2,8] [PID: 1768][C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe] [Lenovo , 4.42] [C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll] [Lenovo , 4.42] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgr.dll] [Lenovo , 4.42] [C:\Program Files\ThinkPad\ConnectUtilities\AcCryptHlpr.dll] [Lenovo , 4.42] [C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll] [Lenovo , 4.42] [C:\Program Files\ThinkPad\ConnectUtilities\ACON.dll] [Lenovo , 4.42] [C:\Program Files\ThinkPad\ConnectUtilities\ACTurinSupport.dll] [Lenovo , 4.42] [C:\Program Files\ThinkPad\ConnectUtilities\AcSmBiosHelper.dll] [Lenovo, 4.42] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\ThinkPad\ConnectUtilities\AcAdaptersInfo.dll] [Lenovo , 4.42] [C:\Program Files\ThinkPad\ConnectUtilities\AcLocMigrator.dll] [Lenovo , 4.42] [C:\Program Files\ThinkPad\ConnectUtilities\ThinQCon.dll] [Lenovo , 4.42] [PID: 1180][C:\Program Files\IBM\Mobility Client\artstartsvc.exe] [N/A, ] [C:\WINDOWS\system32\artutils.dll] [N/A, ] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [PID: 1300][C:\Program Files\Intel\AMT\atchksrv.exe] [Intel Corporation, 2, 0, 0, 5] [PID: 1376][C:\Program Files\StormII\stormliv.exe] [北京暴风网际科技有限公司, 3, 8, 3, 15] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Array Networks\Array Redirector\8,2,2,8\arr_spi.dll] [Array Networks, Inc., 8,2,2,8] [PID: 1160][C:\Program Files\Symantec AntiVirus\DefWatch.exe] [Symantec Corporation, 10.0.1.1000] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1544][C:\Program Files\Common Files\Juniper Networks\JUNS\dsAccessService.exe] [Juniper Networks, 1, 0, 0, 49322] [C:\Program Files\Common Files\Juniper Networks\JUNS\dsLogService.dll] [Juniper Networks, 1, 0, 0, 49322] [C:\Program Files\Common Files\Juniper Networks\JUNS\DBGHELP.DLL] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [c:\program files\common files\juniper networks\juns\dsinstallerservice.dll] [Juniper Networks, 1, 0, 0, 49322] [PID: 656][C:\Program Files\Intel\AMT\LMS.exe] [Intel Corporation, 2.5.10.1083] [PID: 1948][C:\Program Files\lotus\notes\ntmulti.exe] [IBM Corp, 6.5.50.5334] [PID: 1700][C:\WINDOWS\system32\nvsvc32.exe] [NVIDIA Corporation, 6.14.11.0133] [C:\WINDOWS\system32\nvapi.dll] [NVIDIA Corporation, 6.14.11.0133] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 952][D:\oracle\ora92\bin\omtsreco.exe] [Oracle Corporation, 9.2.0.1.0] [D:\oracle\ora92\bin\OCI.dll] [Oracle Corporation, 9.2.0.1.0] [D:\oracle\ora92\bin\OraClient9.Dll] [Oracle Corporation, 9.2.0.1.0 Production ] [D:\oracle\ora92\bin\oracore9.dll] [Oracle Corporation, 9.2.0.1.0 Production] [D:\oracle\ora92\bin\oranls9.dll] [Oracle Corporation, 9.2.0.1.0 Production] [D:\oracle\ora92\bin\oraunls9.dll] [Oracle Corporation, 9.2.0.1.0 Production] [D:\oracle\ora92\bin\oravsn9.dll] [Oracle Corporation, 9.2.0.1.0 Production ] [D:\oracle\ora92\bin\oracommon9.dll] [Oracle Corporation, 9.2.0.1.0 Production ] [D:\oracle\ora92\bin\orageneric9.dll] [Oracle Corporation, 9.2.0.1.0 Production ] [D:\oracle\ora92\bin\oraxml9.dll] [Oracle Corporation, ] [D:\oracle\ora92\bin\oraxsd9.dll] [Oracle Corporation, ] [D:\oracle\ora92\bin\orannzsbb9.dll] [Oracle Corporation, 9.2.0.1.0 Production] [D:\oracle\ora92\bin\oran9.dll] [Oracle Corporation, 9.2.0.1.0 Production] [D:\oracle\ora92\bin\oranl9.dll] [Oracle Corporation, 9.2.0.1.0 Production] [D:\oracle\ora92\bin\oranldap9.dll] [Oracle Corporation, 9.2.0.1.0 Production] [D:\oracle\ora92\bin\oraldapclnt9.dll] [Oracle Corporation, 9.2.0.1.0 Production] [D:\oracle\ora92\bin\orancrypt9.dll] [Oracle Corporation, 9.2.0.1.0 Production] [D:\oracle\ora92\bin\ORATRACE9.dll] [N/A, ] [D:\oracle\ora92\bin\oranro9.dll] [Oracle Corporation, 9.2.0.1.0 Production] [D:\oracle\ora92\bin\oranhost9.dll] [Oracle Corporation, 9.2.0.1.0 Production] [D:\oracle\ora92\bin\oranoname9.dll] [Oracle Corporation, 9.2.0.1.0 Production] [D:\oracle\ora92\bin\orancds9.dll] [Oracle Corporation, 9.2.0.1.0 Production] [D:\oracle\ora92\bin\orantns9.dll] [Oracle Corporation, 9.2.0.1.0 Production] [D:\oracle\ora92\bin\oranms.dll] [Oracle Corporation, 9.2.0.0.0] [D:\oracle\ora92\bin\oranmsp.dll] [Oracle Corporation, 9.2.0.0.0] [D:\oracle\ora92\bin\orapls9.dll] [Oracle Corporation, 9.2.0.1.0 Production ] [D:\oracle\ora92\bin\oraslax9.dll] [Oracle Corporation, 9.2.0.1.0 Production] [D:\oracle\ora92\bin\orasnls9.dll] [Oracle Corporation, 9.2.0.1.0 Production] [D:\oracle\ora92\bin\orawtc9.dll] [Oracle Corporation, 9.2.0.1.0 Production ] [D:\oracle\ora92\bin\orasql9.dll] [Oracle Corporation, 9.2.0.1.0 Production] [D:\oracle\ora92\bin\omtsrecomsgZHS.dll] [Oracle Corporation, 9.0.0.0.0] [D:\oracle\ora92\bin\omtsrecomsgus.dll] [Oracle Corporation, 9.2.0.0.1] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1836][C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe] [Intel Corporation, 10.5.0.4 ] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 724][C:\Program Files\Symantec AntiVirus\SavRoam.exe] [symantec, 10.0.1.1000] [C:\Program Files\Common Files\Symantec Shared\SSC\Transman.dll] [Symantec Corporation, 10.0.1.1000] [C:\WINDOWS\system32\CBA.DLL] [LANDesk Software Ltd., 6.12.0.137 E] [C:\WINDOWS\system32\MsgSys.dll] [LANDesk Software Ltd., 6.12.0.137 E] [C:\WINDOWS\system32\NTS.dll] [LANDesk Software Ltd., 6.12.0.137 E] [C:\WINDOWS\system32\PDS.DLL] [LANDesk Software Ltd., 6.12.0.137 E] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [c:\program files\common files\symantec shared\ssc\ScsComms.dll] [Symantec Corporation, 10.0.1.1000] [C:\Program Files\Array Networks\Array Redirector\8,2,2,8\arr_spi.dll] [Array Networks, Inc., 8,2,2,8] [PID: 1880][c:\program files\lenovo\system update\suservice.exe] [ , 0.0.0.0] [C:\WINDOWS\system32\mscoree.dll] [Microsoft Corporation, 2.0.50727.832 (QFE.050727-8300)] [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll] [Microsoft Corporation, 1.1.4322.2407] [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll] [Microsoft Corporation, 1.1.4322.2032] [c:\windows\microsoft.net\framework\v1.1.4322\mscorlib.dll] [Microsoft Corporation, 1.1.4322.2407] [c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_16e695aa\mscorlib.dll] [N/A, ] [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll] [Microsoft Corporation, 1.1.4322.2407] [c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_zh-chs_b77a5c561934e089\mscorlib.resources.dll] [Microsoft Corporation, 1.1.4322.573] [c:\windows\assembly\gac\system.serviceprocess\1.0.5000.0__b03f5f7f11d50a3a\system.serviceprocess.dll] [Microsoft Corporation, 1.1.4322.2032] [c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll] [Microsoft Corporation, 1.1.4322.2407] [c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_9fa91f3c\system.dll] [N/A, ] [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSCORJIT.DLL] [Microsoft Corporation, 1.1.4322.2407] [c:\program files\lenovo\system update\tvsuservicecommon.dll] [ , 0.0.0.0] [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\diasymreader.dll] [Microsoft Corporation, 7.10.3052.4] [c:\windows\assembly\gac\system.serviceprocess.resources\1.0.5000.0_zh-chs_b03f5f7f11d50a3a\system.serviceprocess.resources.dll] [Microsoft Corporation, 1.1.4322.573] [PID: 2960][C:\Program Files\Symantec AntiVirus\Rtvscan.exe] [Symantec Corporation, 10.0.1.1000] [C:\WINDOWS\system32\CBA.DLL] [LANDesk Software Ltd., 6.12.0.137 E] [C:\WINDOWS\system32\MsgSys.dll] [LANDesk Software Ltd., 6.12.0.137 E] [C:\WINDOWS\system32\NTS.dll] [LANDesk Software Ltd., 6.12.0.137 E] [C:\WINDOWS\system32\PDS.DLL] [LANDesk Software Ltd., 6.12.0.137 E] [C:\Program Files\Symantec AntiVirus\NAVLU.dll] [Symantec Corporation, 10.0.1.1000] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\MFC71CHS.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Symantec AntiVirus\NAVNTUTL.DLL] [Symantec Corporation, 10.0.1.1000] [c:\program files\common files\symantec shared\ssc\ScsComms.dll] [Symantec Corporation, 10.0.1.1000] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Array Networks\Array Redirector\8,2,2,8\arr_spi.dll] [Array Networks, Inc., 8,2,2,8] [C:\Program Files\Symantec AntiVirus\I2ldvp3.dll] [Symantec Corporation, 10.0.1.1000] [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 103.5.4.3] [C:\Program Files\Common Files\Symantec Shared\ccL35.dll] [Symantec Corporation, 103.5.4.3] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Common Files\Symantec Shared\ccDec.dll] [Symantec Corporation, 103.5.4.3] [C:\Program Files\Common Files\Symantec Shared\Decomposers\decsdk.dll] [Symantec Corporation, 3.02.12.35] [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2.dll] [Symantec Corporation, 3.02.12.35] [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ID.dll] [Symantec Corporation, 3.02.12.35] [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Zip.dll] [Symantec Corporation, 3.02.12.35] [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2SS.dll] [Symantec Corporation, 3.02.12.35] [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2GZIP.dll] [Symantec Corporation, 3.02.12.35] [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2CAB.dll] [Symantec Corporation, 3.02.12.35] [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LHA.dll] [Symantec Corporation, 3.02.12.35] [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ARJ.dll] [Symantec Corporation, 3.02.12.35] [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TNEF.dll] [Symantec Corporation, 3.02.12.35] [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LZ.dll] [Symantec Corporation, 3.02.12.35] [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2AMG.dll] [Symantec Corporation, 3.02.12.35] [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RAR.dll] [Symantec Corporation, 3.02.12.35] [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TAR.dll] [Symantec Corporation, 3.02.12.35] [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RTF.dll] [Symantec Corporation, 3.02.12.35] [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Text.dll] [Symantec Corporation, 3.02.12.35] [C:\Program Files\Common Files\Symantec Shared\ccScan.dll] [Symantec Corporation, 103.5.4.3] [C:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL] [Symantec Corporation, 1.4.0.11] [C:\Program Files\Symantec AntiVirus\DefUtDCD.dll] [Symantec Corporation, 3.1.13a.0] [C:\Program Files\Symantec AntiVirus\SAVRT32.DLL] [Symantec Corporation, 9.5.0.44] [C:\Program Files\Symantec AntiVirus\IMail.dll] [Symantec Corporation, 10.0.1.1000] [C:\Program Files\Symantec AntiVirus\NotesExt.dll] [Symantec Corporation, 10.0.1.1000] [C:\Program Files\Symantec AntiVirus\vpmsece3.dll] [Symantec Corporation, 10.0.1.1000] [C:\Program Files\Symantec AntiVirus\SymProtectStorage.dll] [Symantec Corporation, 10.0.1.1000] [C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCEvt.dll] [Symantec Corporation, 1,5,1,3] [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090601.003\ccEraser.dll] [Symantec Corporation, 109.1.0.61] [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090601.003\ecmsvr32.dll] [Symantec Corporation, 81.3.0.13] [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090601.003\NAVEX32a.DLL] [Symantec Corporation, 20081.3.1.11] [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090601.003\NAVENG32.DLL] [Symantec Corporation, 20081.3.1.11] [C:\Program Files\Symantec AntiVirus\NAVAP32.DLL] [Symantec Corporation, 9.5.0.44] [C:\Program Files\Common Files\Symantec Shared\SSC\scandlgs.dll] [Symantec Corporation, 10.0.1.1000] [C:\Program Files\Symantec AntiVirus\Cliscan.dll] [Symantec Corporation, 10.0.1.1000] [PID: 3048][C:\WINDOWS\System32\TPHDEXLG.EXE] [Lenovo., 1.40] [PID: 3072][C:\WINDOWS\system32\TpKmpSVC.exe] [N/A, ] [PID: 3212][C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe] [Lenovo Group Limited, 3,10,8,0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MFC71CHS.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 3332][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)] [PID: 3436][C:\Program Files\Intel\AMT\UNS.exe] [Intel Corporation, 2.5.7.1083] [C:\Program Files\Array Networks\Array Redirector\8,2,2,8\arr_spi.dll] [Array Networks, Inc., 8,2,2,8] [PID: 3540][C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe] [Lenovo , 4.42] [C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll] [Lenovo , 4.42] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgr.dll] [Lenovo , 4.42] [C:\Program Files\ThinkPad\ConnectUtilities\AcCryptHlpr.dll] [Lenovo , 4.42] [C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll] [Lenovo , 4.42] [C:\Program Files\ThinkPad\ConnectUtilities\ACON.dll] [Lenovo , 4.42] [C:\Program Files\ThinkPad\ConnectUtilities\ACTurinSupport.dll] [Lenovo , 4.42] [C:\Program Files\ThinkPad\ConnectUtilities\AcSmBiosHelper.dll] [Lenovo, 4.42] [C:\Program Files\ThinkPad\ConnectUtilities\AcSvcHlpr.dll] [Lenovo , 4.42] [C:\Program Files\ThinkPad\ConnectUtilities\AcAdaptersInfo.dll] [Lenovo , 4.42] [C:\Program Files\ThinkPad\ConnectUtilities\ANCA.dll] [IBM Corp., 8.3] [C:\Program Files\ThinkPad\ConnectUtilities\ANC.dll] [IBM Corp., 8.3] [C:\Program Files\ThinkPad\ConnectUtilities\AcSvcStub.dll] [Lenovo , 4.42] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\ThinkPad\ConnectUtilities\ACGolan.DLL] [Lenovo , 4.42] [C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll] [Intel Corporation, 10.5.0.2 ] [C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 10.5.0.2] [C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 10.5.0.5 ] [C:\Program Files\Intel\Wireless\Bin\DbEngine.dll] [Intel Corporation, 10.5.0.2 ] [C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll] [The OpenSSL Project, http://www.openssl.org/, 0.9.8] [C:\Program Files\Intel\Wireless\Bin\IntStngs.dll] [, 10.5.0.2 ] [C:\Program Files\Intel\Wireless\Bin\MurocAPI.dll] [Intel Corporation, 10.5.0.7] [C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll] [Intel Corporation, 10.5.0.1 ] [PID: 2208][C:\WINDOWS\System32\alg.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 3600][C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe] [Lenovo , 4.42] [C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll] [Lenovo , 4.42] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgr.dll] [Lenovo , 4.42] [C:\Program Files\ThinkPad\ConnectUtilities\AcCryptHlpr.dll] [Lenovo , 4.42] [C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll] [Lenovo , 4.42] [C:\Program Files\ThinkPad\ConnectUtilities\AcSvcStub.dll] [Lenovo , 4.42] [C:\Program Files\ThinkPad\ConnectUtilities\ACGUIHlpr.dll] [Lenovo , 4.42] [C:\WINDOWS\system32\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\ThinkPad\ConnectUtilities\AcAdaptersInfo.dll] [Lenovo , 4.42] [C:\Program Files\ThinkPad\ConnectUtilities\ACON.dll] [Lenovo , 4.42] [C:\Program Files\ThinkPad\ConnectUtilities\ACTurinSupport.dll] [Lenovo , 4.42] [C:\Program Files\ThinkPad\ConnectUtilities\AcSmBiosHelper.dll] [Lenovo, 4.42] [C:\WINDOWS\system32\MFC71CHS.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\ThinkPad\ConnectUtilities\Res\SC\GUIHlprRes.dll] [Lenovo , 4.42] [C:\Program Files\ThinkPad\ConnectUtilities\Res\SC\SvcHlprRes.dll] [Lenovo , 4.42] [PID: 2260][C:\WINDOWS\Explorer.EXE] [(Verified) Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [D:\杀毒\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1010] [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 9.0.0.2008061100] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762] [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS] [Adobe Systems, Inc., 9.0.0.0] [C:\WINDOWS\system32\dfshim.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\WINDOWS\system32\mscoree.dll] [Microsoft Corporation, 2.0.50727.832 (QFE.050727-8300)] [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Shfusion.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Fusion.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\culture.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\zh-CHS\ShFusRes.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\Program Files\WinRAR\rarext.dll] [N/A, ] [C:\Program Files\Unlocker\UnlockerCOM.dll] [N/A, ] [C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll] [Symantec Corporation, 10.0.1.1000] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [d:\ftc2009\FTCCommenu.dll] [Fygsoft and Microsoft, 3.0.0.71] [C:\Program Files\Common Files\Symantec Shared\SSC\scandlgs.dll] [Symantec Corporation, 10.0.1.1000] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MFC71CHS.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Symantec AntiVirus\Cliproxy.dll] [Symantec Corporation, 10.0.1.1000] [C:\Program Files\Symantec AntiVirus\NAVNTUTL.DLL] [Symantec Corporation, 10.0.1.1000] [PID: 1616][C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe] [N/A, ] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1504][C:\Program Files\Common Files\Symantec Shared\ccApp.exe] [Symantec Corporation, 103.5.4.3] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Common Files\Symantec Shared\ccL35.dll] [Symantec Corporation, 103.5.4.3] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 103.5.4.3] [C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL] [Symantec Corporation, 103.5.4.3] [C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL] [Symantec Corporation, 103.5.4.3] [C:\WINDOWS\system32\SYMREDIR.DLL] [Symantec Corporation, 5.5.2.1] [C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll] [Symantec Corporation, 103.5.4.3] [C:\Program Files\Common Files\Symantec Shared\ccProSub.dll] [Symantec Corporation, 103.5.4.3] [C:\Program Files\Symantec AntiVirus\SavEmail.dll] [Symantec Corporation, 10.0.1.1000] [C:\Program Files\Array Networks\Array Redirector\8,2,2,8\arr_spi.dll] [Array Networks, Inc., 8,2,2,8] [PID: 2520][C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe] [N/A, ] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 2628][C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe] [Lenovo Group Limited, 1.17] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 2056][C:\PROGRA~1\SYMANT~1\VPTray.exe] [Symantec Corporation, 10.0.1.1000] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Symantec AntiVirus\SAVRT32.DLL] [Symantec Corporation, 9.5.0.44] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Symantec AntiVirus\Cliproxy.dll] [Symantec Corporation, 10.0.1.1000] [C:\PROGRA~1\SYMANT~1\NAVNTUTL.DLL] [Symantec Corporation, 10.0.1.1000] [c:\program files\common files\symantec shared\ssc\ScsComms.dll] [Symantec Corporation, 10.0.1.1000] [C:\WINDOWS\system32\nts.dll] [LANDesk Software Ltd., 6.12.0.137 E] [C:\WINDOWS\system32\cba.dll] [LANDesk Software Ltd., 6.12.0.137 E] [C:\WINDOWS\system32\MsgSys.dll] [LANDesk Software Ltd., 6.12.0.137 E] [C:\WINDOWS\system32\PDS.DLL] [LANDesk Software Ltd., 6.12.0.137 E] [PID: 3492][E:\EyeFoo\EyeFoo.exe] [EyeFoo Software, 2, 2, 317, 22] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [D:\杀毒\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1010] [E:\EyeFoo\efLock.dll] [N/A, ] [C:\WINDOWS\system32\msdmo.dll] [, ] [C:\WINDOWS\system32\BoBoMediaFilter.ax] [, 1, 1, 104, 2] [PID: 1868][C:\WINDOWS\system32\ctfmon.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 2100][C:\Program Files\360\360se\360SE.exe] [360安全中心, 2, 0, 0, 6] [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll] [Microsoft Corporation, 5.1.3102.5581 (xpsp_sp3_qfe.080415-1416)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [D:\杀毒\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1010] [C:\PROGRA~1\360\360se\360\360core\360core.dll] [, 1, 0, 0, 5] [C:\PROGRA~1\360\360se\360\searchcore\searchcore.dll] [, 1, 0, 1, 1] [D:\杀毒\360safe\safemon\urlproc.dll] [360.CN, 1, 0, 0, 1006] [C:\Program Files\Array Networks\Array Redirector\8,2,2,8\arr_spi.dll] [Array Networks, Inc., 8,2,2,8] [C:\WINDOWS\DOWNLO~1\JUNIPE~1.OCX] [Juniper Networks, 1, 0, 0, 12] [D:\杀毒\360safe\live.dll] [360.cn, 1, 0, 2, 1005] [C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx] [Adobe Systems, Inc., 10,0,22,87] [C:\WINDOWS\system32\UNISPIM5.IME] [北京紫光华宇软件股份有限公司, 5.0.0.5091] [PID: 3804][C:\Program Files\360\360se\360SE.exe] [360安全中心, 2, 0, 0, 6] [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll] [Microsoft Corporation, 5.1.3102.5581 (xpsp_sp3_qfe.080415-1416)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [D:\杀毒\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1010] [C:\PROGRA~1\360\360se\360\360core\360core.dll] [, 1, 0, 0, 5] [C:\PROGRA~1\360\360se\360\searchcore\searchcore.dll] [, 1, 0, 1, 1] [D:\杀毒\360safe\safemon\urlproc.dll] [360.CN, 1, 0, 0, 1006] [C:\Program Files\Array Networks\Array Redirector\8,2,2,8\arr_spi.dll] [Array Networks, Inc., 8,2,2,8] [C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx] [Adobe Systems, Inc., 10,0,22,87] [C:\WINDOWS\system32\UNISPIM5.IME] [北京紫光华宇软件股份有限公司, 5.0.0.5091] [PID: 3156][C:\Program Files\360\360se\360SE.exe] [360安全中心, 2, 0, 0, 6] [C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll] [Microsoft Corporation, 5.1.3102.5581 (xpsp_sp3_qfe.080415-1416)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [D:\杀毒\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1010] [C:\PROGRA~1\360\360se\360\360core\360core.dll] [, 1, 0, 0, 5] [C:\PROGRA~1\360\360se\360\searchcore\searchcore.dll] [, 1, 0, 1, 1] [D:\杀毒\360safe\safemon\urlproc.dll] [360.CN, 1, 0, 0, 1006] [C:\Program Files\Array Networks\Array Redirector\8,2,2,8\arr_spi.dll] [Array Networks, Inc., 8,2,2,8] [C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx] [Adobe Systems, Inc., 10,0,22,87] [PID: 2764][C:\Downloads\sreng2\SREngLdr.EXE] [Smallfrogs Studio, 2.7.1.1261] [PID: 3448][C:\Downloads\sreng2\SRE18ad3dcc.EXE] [Smallfrogs Studio, 2.7.1.1261] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [D:\杀毒\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1010] [C:\Downloads\sreng2\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15] [C:\Program Files\Array Networks\Array Redirector\8,2,2,8\arr_spi.dll] [Array Networks, Inc., 8,2,2,8] ================================== 文件关联 .TXT Error. [C:\WINDOWS\notepad.exe %1] .EXE OK. ["%1" %*] .COM OK. ["%1" %*] .PIF OK. ["%1" %*] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %*] .SCR OK. ["%1" /S] .CHM Error. ["hh.exe" %1] .HLP OK. [%SystemRoot%\system32\winhlp32.exe %1] .INI Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock 提供者 N/A ================================== Autorun.inf N/A ================================== HOSTS 文件 127.0.0.1 localhost 127.0.0.1 c0mo.com 127.0.0.1 gxgxy.net 127.0.0.1 pvs360.com 127.0.0.1 sl8cjs.cn 127.0.0.1 my.531jx.cn 127.0.0.1 nx.51ylb.cn 127.0.0.1 llboss.com 127.0.0.1 windowsupdeta.cn 127.0.0.1 up.22x44.com 127.0.0.1 d2.llsging.com 127.0.0.1 down.malasc.cn 127.0.0.1 wg.47255.com 127.0.0.1 www.tomwg.com 127.0.0.1 tp.shpzhan.cn 127.0.0.1 www.22aaa.com 127.0.0.1 ilove.com 127.0.0.1 xxx.mmma.biz 127.0.0.1 171817.171817.com 127.0.0.1 www.868wg.com 127.0.0.1 yu.8s7.net 127.0.0.1 1.jopmmqq.com 127.0.0.1 cao.kv8.info 127.0.0.1 xtx.kv8.info 127.0.0.1 new.749571.com 127.0.0.1 xxx.vh7.biz 127.0.0.1 1.jopenkk.com 127.0.0.1 d.93se.com 127.0.0.1 3.joppnqq.com 127.0.0.1 xxx.j41m.com 127.0.0.1 xxx.m111.biz 127.0.0.1 down.18dd.net 127.0.0.1 www.333292.com 127.0.0.1 1.jopenqc.com 127.0.0.1 qqq.hao1658.com 127.0.0.1 qqq.dzydhx.com 127.0.0.1 www.cike007.cn 127.0.0.1 www.exiao01.com 127.0.0.1 2.joppnqq.com 127.0.0.1 1.jopanqc.com 127.0.0.1 1.joppnqq.com 127.0.0.1 www.exiao01.com 127.0.0.1 xx.exiao01.com ================================== 进程特权扫描 特殊特权被允许: SeLoadDriverPrivilege [PID = 528, C:\PROGRAM FILES\INTEL\WIRELESS\BIN\S24EVMON.EXE] 特殊特权被允许: SeLoadDriverPrivilege [PID = 3212, C:\PROGRAM FILES\COMMON FILES\LENOVO\SCHEDULER\TVTSCHED.EXE] 特殊特权被允许: SeLoadDriverPrivilege [PID = 3540, C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACSVC.EXE] 特殊特权被允许: SeLoadDriverPrivilege [PID = 3600, C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\SVCGUIHLPR.EXE] 特殊特权被允许: SeLoadDriverPrivilege [PID = 1616, C:\PROGRA~1\LENOVO\PKGMGR\HOTKEY\TPHKMGR.EXE] 特殊特权被允许: SeLoadDriverPrivilege [PID = 2520, C:\PROGRAM FILES\LENOVO\PKGMGR\HOTKEY\TPONSCR.EXE] 特殊特权被允许: SeLoadDriverPrivilege [PID = 2628, C:\PROGRAM FILES\LENOVO\PKGMGR\HOTKEY_1\TPSCREX.EXE] 特殊特权被允许: SeLoadDriverPrivilege [PID = 3492, E:\EYEFOO\EYEFOO.EXE] 特殊特权被允许: SeLoadDriverPrivilege [PID = 2764, C:\DOWNLOADS\SRENG2\SRENGLDR.EXE] ================================== 计划任务 [已禁用] PMTask.job C:\PROGRA~1\ThinkPad\UTILIT~1\PWMIDTSK.EXE ================================== API HOOK N/A ================================== 隐藏进程 N/A ================================== [/CODE]