2006-12-12,18:41:29

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 1 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    <MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background>  [(Verified)Microsoft Corporation]
    <ibmmessages><C:\Program Files\IBM\Messages By IBM\ibmmessages.exe>  [IBM]
    <swg><C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe>  [(Verified)Google Inc.]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <S3TRAY2><S3Tray2.exe>  [(Verified)S3 Graphics, Inc.]
    <SynTPLpr><C:\Program Files\Synaptics\SynTP\SynTPLpr.exe>  [(Verified)Synaptics, Inc.]
    <SynTPEnh><C:\Program Files\Synaptics\SynTP\SynTPEnh.exe>  [(Verified)Synaptics, Inc.]
    <ATIModeChange><Ati2mdxx.exe>  [(Verified)ATI Technologies, Inc.]
    <BluetoothAuthenticationAgent><rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent>  [(Verified)Microsoft Corporation]
    <TPHOTKEY><C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe>  [N/A]
    <BMMGAG><RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor>  [IBM Corp.]
    <BMMLREF><C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE>  [N/A]
    <TPKMAPMN><C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe>  [N/A]
    <EZEJMNAP><C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe>  [IBM Corp.]
    <AGRSMMSG><AGRSMMSG.exe>  [(Verified)Agere Systems]
    <ATIPTA><C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe>  [ATI Technologies, Inc.]
    <tgcmd><"C:\Program Files\Support.com\bin\tgcmd.exe" /server>  [SupportSoft, Inc.]
    <StorageGuard><"c:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r>  [VERITAS Software, Inc.]
    <dla><C:\WINDOWS\system32\dla\tfswctrl.exe>  [VERITAS Software, Inc.]
    <ibmmessages><C:\Program Files\IBM\Messages By IBM\ibmmessages.exe>  [IBM]
    <IMEKRMIG6.1><C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE>  [(Verified)Microsoft Corporation]
    <MSPY2002><C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC>  [(Verified)N/A]
    <ccApp><"C:\Program Files\Common Files\Symantec Shared\ccApp.exe">  [(Verified)Symantec Corporation]
    <NAV CfgWiz><C:\Program Files\Common Files\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT">  [(Verified)Symantec Corporation]
    <Symantec NetDriver Monitor><C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer>  [(Verified)Symantec Corporation]
    <DAEMON Tools-1033><"C:\Program Files\D-Tools\daemon.exe"  -lang 1033>  [DAEMON'S HOME]
    <SSC_UserPrompt><C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe>  [(Verified)Symantec Corporation]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <Application Layer Gateway Service><C:\WINDOWS\System32\algs.exe>  [N/A]
    <Services><C:\WINDOWS\System32\mdeyrkuf.exe>  [N/A]
    <Windows Explorer><C:\WINDOWS\System32\explorer.exe>  [N/A]
    <msvcc25><svcchost.exe>  [N/A]
    <CE2EBE0B><C:\WINDOWS\System32\dior4f45558871.exe>  [N/A]
    <StormCodec_Helper><"C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
    <msvcc25><svcchost.exe>  [N/A]
    <CE2EBE0B><C:\WINDOWS\System32\dior4f45558871.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [N/A]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}><C:\WINDOWS\System32\iifffda.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cbaxv]
    <WinlogonNotify: cbaxv><C:\WINDOWS\System32\cbaxv.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\iifffda]
    <WinlogonNotify: iifffda><iifffda.dll>  [N/A]

==================================
启动文件夹
[Adobe Reader Speed Launch]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Reader Speed Launch.lnk --> C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [Adobe Systems Incorporated]><N>
[Microsoft Office]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Microsoft Office.lnk --> C:\PROGRA~1\MICROS~2\Office10\OSA.EXE [Microsoft Corporation]><N>
[WinZip Quick Pick]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\WinZip Quick Pick.lnk --> C:\PROGRA~1\WinZip\WZQKPICK.EXE [WinZip Computing LP]><N>

==================================
服务
[Print Spooler Service / anral6yzlei]
  <C:\WINDOWS\System32\dior4f45558871.exe /service><N/A>
[Ati HotKey Poller / Ati HotKey Poller]
  <C:\WINDOWS\System32\Ati2evxx.exe><N/A>
[Symantec Event Manager / ccEvtMgr]
  <"C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"><Symantec Corporation>
[Symantec Password Validation / ccPwdSvc]
  <"C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe"><Symantec Corporation>
[Symantec Settings Manager / ccSetMgr]
  <"C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"><Symantec Corporation>
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[IBM PM Service / IBMPMSVC]
  <C:\WINDOWS\System32\ibmpmsvc.exe><N/A>
[Norton AntiVirus Auto Protect Service / navapsvc]
  <"C:\Program Files\Norton AntiVirus\navapsvc.exe"><Symantec Corporation>
[QCONSVC / QCONSVC]
  <System32\QCONSVC.EXE><N/A>
[RegSrvc / RegSrvc]
  <C:\WINDOWS\System32\RegSrvc.exe><Intel Corporation>
[RpcService / RpcService]
  <C:\WINDOWS\SYSTEM32\EXPLORE.EXE><Microsoft Corporation>
[Spectrum24 Event Monitor / S24EventMonitor]
  <C:\WINDOWS\System32\S24EvMon.exe><Intel Corporation>
[SAVScan / SAVScan]
  <C:\Program Files\Norton AntiVirus\SAVScan.exe><Symantec Corporation>
[ScriptBlocking Service / SBService]
  <C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe><Symantec Corporation>
[Windows NT Session Manager / SMSS]
  <"C:\WINDOWS\system\smss.exe"><N/A>
[Symantec Network Drivers Service / SNDSrvc]
  <C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe><Symantec Corporation>
[SymWMI Service / SymWSC]
  <C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe><Symantec Corporation>
[Windows Terminal Services / Windows Terminal Services]
  <"C:\WINDOWS\system32\vcmon.exe"><N/A>

==================================
驱动程序
[abp480n5 / abp480n5]
  <\SystemRoot\System32\DRIVERS\ABP480N5.SYS><Microsoft Corporation>
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[adpu160m / adpu160m]
  <\SystemRoot\System32\DRIVERS\adpu160m.sys><Microsoft Corporation>
[aeaudio / aeaudio]
  <system32\drivers\aeaudio.sys><Andrea Electronics Corporation>
[Agere Systems Soft Modem / AgereSoftModem]
  <System32\DRIVERS\AGRSM.sys><Agere Systems>
[Aha154x / Aha154x]
  <\SystemRoot\System32\DRIVERS\aha154x.sys><Microsoft Corporation>
[aic78u2 / aic78u2]
  <\SystemRoot\System32\DRIVERS\aic78u2.sys><Microsoft Corporation>
[aic78xx / aic78xx]
  <\SystemRoot\System32\DRIVERS\aic78xx.sys><Microsoft Corporation>
[AliIde / AliIde]
  <\SystemRoot\System32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMD AGP Bus Filter Driver / amdagp]
  <\SystemRoot\System32\DRIVERS\amdagp.sys><Advanced Micro Devices, Inc.>
[asc / asc]
  <\SystemRoot\System32\DRIVERS\asc.sys><Advanced System Products, Inc.>
[asc3350p / asc3350p]
  <\SystemRoot\System32\DRIVERS\asc3350p.sys><Microsoft Corporation>
[asc3550 / asc3550]
  <\SystemRoot\System32\DRIVERS\asc3550.sys><Advanced System Products, Inc.>
[ati2mtag / ati2mtag]
  <System32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[cd20xrnt / cd20xrnt]
  <\SystemRoot\System32\DRIVERS\cd20xrnt.sys><Microsoft Corporation>
[CmdIde / CmdIde]
  <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[d347bus / d347bus]
  <\SystemRoot\System32\DRIVERS\d347bus.sys><>
[d347prt / d347prt]
  <\SystemRoot\System32\Drivers\d347prt.sys><>
[dac2w2k / dac2w2k]
  <\SystemRoot\System32\DRIVERS\dac2w2k.sys><Mylex Corporation>
[dpti2o / dpti2o]
  <\SystemRoot\System32\DRIVERS\dpti2o.sys><Microsoft Corporation>
[drvmcdb / drvmcdb]
  <\SystemRoot\system32\drivers\drvmcdb.sys><VERITAS Software, Inc.>
[drvnddm / drvnddm]
  <system32\drivers\drvnddm.sys><VERITAS Software, Inc.>
[Intel(R) PRO Adapter Driver / E100B]
  <System32\DRIVERS\e100b325.sys><Intel Corporation>
[IBMPMDRV / IBMPMDRV]
  <System32\DRIVERS\ibmpmdrv.sys><N/A>
[IBMTPCHK / IBMTPCHK]
  <System32\drivers\IBMBLDID.SYS><N/A>
[ini910u / ini910u]
  <\SystemRoot\System32\DRIVERS\ini910u.sys><Microsoft Corporation>
[Lucent Technologies Soft Modem / LucentSoftModem]
  <System32\DRIVERS\LTSM.sys><Lucent Technologies>
[mraid35x / mraid35x]
  <\SystemRoot\System32\DRIVERS\mraid35x.sys><American Megatrends Inc.>
[NAVENG / NAVENG]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20061206.016\NAVENG.Sys><Symantec Corporation>
[NAVEX15 / NAVEX15]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20061206.016\NavEx15.Sys><Symantec Corporation>
[NSC Infrared Device Driver / NSCIRDA]
  <System32\DRIVERS\nscirda.sys><National Semiconductor Corporation>
[PMEM / PMEM]
  <\??\C:\WINDOWS\system32\drivers\PMEMNT.SYS><Microsoft Corporation>
[Direct Parallel Link Driver / Ptilink]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20]
  <\SystemRoot\System32\DRIVERS\PxHelp20.sys><VERITAS Software, Inc.>
[ql1080 / ql1080]
  <\SystemRoot\System32\DRIVERS\ql1080.sys><QLogic Corporation>
[Ql10wnt / Ql10wnt]
  <\SystemRoot\System32\DRIVERS\ql10wnt.sys><Microsoft Corporation>
[ql12160 / ql12160]
  <\SystemRoot\System32\DRIVERS\ql12160.sys><QLogic Corporation>
[ql1280 / ql1280]
  <\SystemRoot\System32\DRIVERS\ql1280.sys><QLogic Corporation>
[WLAN Transport / s24trans]
  <System32\DRIVERS\s24trans.sys><Intel Corporation>
[S3SSavage / S3SSavage]
  <System32\DRIVERS\s3ssavm.sys><S3 Graphics, Inc.>
[SAVRT / SAVRT]
  <\??\C:\Program Files\Norton AntiVirus\SAVRT.SYS><Symantec Corporation>
[SAVRTPEL / SAVRTPEL]
  <\??\C:\Program Files\Norton AntiVirus\SAVRTPEL.SYS><Symantec Corporation>
[Secdrv / Secdrv]
  <System32\DRIVERS\secdrv.sys><N/A>
[SIS AGP Bus Filter / sisagp]
  <\SystemRoot\System32\DRIVERS\sisagp.sys><Silicon Integrated Systems Corporation>
[Smapint / Smapint]
  <System32\drivers\Smapint.sys><Microsoft Corporation>
[smwdm / smwdm]
  <system32\drivers\smwdm.sys><Analog Devices, Inc.>
[Sparrow / Sparrow]
  <\SystemRoot\System32\DRIVERS\sparrow.sys><Adaptec, Inc.>
[sscdbhk5 / sscdbhk5]
  <system32\drivers\sscdbhk5.sys><VERITAS Software, Inc.>
[ssrtln / ssrtln]
  <system32\drivers\ssrtln.sys><VERITAS Software, Inc.>
[symc810 / symc810]
  <\SystemRoot\System32\DRIVERS\symc810.sys><Symbios Logic Inc.>
[symc8xx / symc8xx]
  <\SystemRoot\System32\DRIVERS\symc8xx.sys><LSI Logic>
[SymEvent / SymEvent]
  <\??\C:\Program Files\Symantec\SYMEVENT.SYS><Symantec Corporation>
[SYMREDRV / SYMREDRV]
  <\SystemRoot\System32\Drivers\SYMREDRV.SYS><Symantec Corporation>
[SYMTDI / SYMTDI]
  <\SystemRoot\System32\Drivers\SYMTDI.SYS><Symantec Corporation>
[sym_hi / sym_hi]
  <\SystemRoot\System32\DRIVERS\sym_hi.sys><LSI Logic>
[sym_u3 / sym_u3]
  <\SystemRoot\System32\DRIVERS\sym_u3.sys><LSI Logic>
[Synaptics TouchPad Driver / SynTP]
  <System32\DRIVERS\SynTP.sys><Synaptics, Inc.>
[TDSMAPI / TDSMAPI]
  <System32\drivers\TDSMAPI.SYS><N/A>
[tfsnboio / tfsnboio]
  <system32\dla\tfsnboio.sys><VERITAS Software, Inc.>
[tfsncofs / tfsncofs]
  <system32\dla\tfsncofs.sys><VERITAS Software, Inc.>
[tfsndrct / tfsndrct]
  <system32\dla\tfsndrct.sys><VERITAS Software, Inc.>
[tfsndres / tfsndres]
  <system32\dla\tfsndres.sys><VERITAS Software, Inc.>
[tfsnifs / tfsnifs]
  <system32\dla\tfsnifs.sys><VERITAS Software, Inc.>
[tfsnopio / tfsnopio]
  <system32\dla\tfsnopio.sys><VERITAS Software, Inc.>
[tfsnpool / tfsnpool]
  <system32\dla\tfsnpool.sys><VERITAS Software, Inc.>
[tfsnudf / tfsnudf]
  <system32\dla\tfsnudf.sys><VERITAS Software, Inc.>
[tfsnudfa / tfsnudfa]
  <system32\dla\tfsnudfa.sys><VERITAS Software, Inc.>
[TosIde / TosIde]
  <\SystemRoot\System32\DRIVERS\toside.sys><Microsoft Corporation>
[TPHKDRV / TPHKDRV]
  <C:\WINDOWS\SYSTEM32\DRIVERS\TPHKDRV.SYS><IBM Corporation>
[TPPWR / TPPWR]
  <System32\drivers\Tppwr.sys><IBM Corp.>
[TSMAPIP / TSMAPIP]
  <System32\drivers\TSMAPIP.SYS><N/A>
[IBM PS/2 TrackPoint Filter Driver / TwoTrack]
  <System32\DRIVERS\TwoTrack.sys><IBM Corporation>
[ultra / ultra]
  <\SystemRoot\System32\DRIVERS\ultra.sys><Promise Technology, Inc.>

==================================
浏览器加载项
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Flashget Catch Url Class]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <C:\PROGRA~1\FlashGet\jccatch.dll, www.flashget.com>
[IEHandle Class]
  {31EBA2E2-58B2-4980-9C41-F12F5F1422C5} <C:\WINDOWS\System32\TPHANDLE.dll, 江苏科建教育软件有限责任公司>
[DriveLetterAccess]
  {5CA3D70E-1895-11CF-8E15-001234567890} <C:\WINDOWS\system32\dla\tfswshx.dll, VERITAS Software, Inc.>
[]
  {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} <C:\WINDOWS\System32\iifffda.dll, N/A>
[]
  {7EFFE45E-2346-4DC8-9128-BD1781EF1669} <C:\WINDOWS\System32\cbaxv.dll, N/A>
[Google Toolbar Helper]
  {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[CNavExtBho Class]
  {BDF3E430-B101-42AD-A544-FADC6B084872} <C:\Program Files\Norton AntiVirus\NavShExt.dll, Symantec Corporation>
[gFlash Class]
  {F156768E-81EF-470C-9057-481BA8380DBA} <C:\Program Files\FlashGet\getflash.dll, >
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[快车]
  {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <C:\PROGRA~1\FlashGet\flashget.exe, FlashGet.com>
[电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[Norton AntiVirus]
  {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} <C:\Program Files\Norton AntiVirus\NavShExt.dll, Symantec Corporation>
[快车(FlashGet)]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\Program Files\FlashGet\fgiebar.dll, Amaze Soft>
[&Google]
  {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[AutoLive]
  {7CA83CF1-3AEA-42D0-A4E3-1594FC6E48B2} <C:\Program Files\3721\Autolive.dll, >
[&使用快车(FlashGet)下载]
  <C:\PROGRA~1\FlashGet\jc_link.htm, N/A>
[&使用快车(FlashGet)下载全部链接]
  <C:\PROGRA~1\FlashGet\jc_all.htm, N/A>
[导出到 Microsoft Excel(&x)]
  <res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000, N/A>

==================================
正在运行的进程
[PID: 836][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 900][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 924][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\System32\cbaxv.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\iifffda.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\ljjhefd.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\gebxuuv.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\wvutrqq.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\efcdccy.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\ljjgggh.dll]  [N/A, N/A]
[PID: 968][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 980][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 1164][C:\WINDOWS\System32\ibmpmsvc.exe]  [N/A, N/A]
[PID: 1224][C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe]  [N/A, N/A]
    [C:\Program Files\ThinkPad\Utilities\TpKmapHk.dll]  [N/A, N/A]
[PID: 1232][C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe]  [N/A, N/A]
    [C:\Program Files\ThinkPad\Utilities\TpKmapHk.dll]  [N/A, N/A]
[PID: 1260][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1408][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1476][C:\WINDOWS\System32\S24EvMon.exe]  [Intel Corporation , 3.1.8.0]
[PID: 1712][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1892][C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe]  [Symantec Corporation, 2.1.10.2]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 2.1.10.2]
[PID: 308][C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe]  [Symantec Corporation, 2.1.10.2]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 2.1.10.2]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETEVT.DLL]  [Symantec Corporation, 2.1.10.2]
    [C:\PROGRA~1\NORTON~1\NAVEVENT.DLL]  [Symantec Corporation, 10.00.13]
[PID: 404][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\System32\cbaxv.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\iifffda.dll]  [N/A, N/A]
    [C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll]  [IBM Corp., 1, 0, 0, 0]
    [C:\WINDOWS\System32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3 29Jan03]
    [C:\Program Files\Support.com\bin\sdcidle.dll]  [SupportSoft, 1, 0, 0, 4]
    [C:\PROGRA~1\FlashGet\fgmgr.dll]  [www.flashget.com, 1, 8, 0, 1001]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\PROGRA~1\FlashGet\jccatch.dll]  [www.flashget.com, 1, 8, 0, 1001]
    [C:\WINDOWS\system32\dla\tfswshx.dll]  [VERITAS Software, Inc., 3.50.21a]
    [C:\WINDOWS\System32\tfswapi.dll]  [VERITAS Software, Inc., 3.50.21a]
    [C:\WINDOWS\system32\dla\tfswcres.dll]  [VERITAS Software, Inc., 3.50.21a]
    [C:\Program Files\Norton AntiVirus\NavShExt.dll]  [Symantec Corporation, 10.00.13]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [C:\WINDOWS\System32\msdmo.dll]  [N/A, N/A]
    [C:\Program Files\Common Files\Symantec Shared\Script Blocking\scrauth.dll]  [Symantec Corporation, 1, 1, 1, 131]
    [C:\Program Files\Common Files\Symantec Shared\Script Blocking\ScrBlock.dll]  [Symantec Corporation, 1, 1, 1, 131]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [C:\PROGRA~1\WINZIP\WZSHLSTB.DLL]  [WinZip Computing LP, 4.1 (32-bit)]
    [C:\PROGRA~1\3721\ske\contmenu.dll]  [N/A, N/A]
[PID: 820][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[PID: 1456][C:\Program Files\Synaptics\SynTP\SynTPLpr.exe]  [Synaptics, Inc., 7.2.3 29Jan03]
    [C:\WINDOWS\System32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3 29Jan03]
[PID: 1544][C:\Program Files\Synaptics\SynTP\SynTPEnh.exe]  [Synaptics, Inc., 7.2.3 29Jan03]
    [C:\WINDOWS\System32\SynTPAPI.dll]  [Synaptics, Inc., 7.2.3 29Jan03]
    [C:\WINDOWS\System32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3 29Jan03]
    [C:\PROGRA~1\FlashGet\fgmgr.dll]  [www.flashget.com, 1, 8, 0, 1001]
[PID: 1652][C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe]  [N/A, N/A]
    [C:\WINDOWS\System32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3 29Jan03]
    [C:\WINDOWS\System32\iifffda.dll]  [N/A, N/A]
    [C:\Program Files\ThinkPad\PkgMgr\HOTKEY_2\tphk_2k.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\Oemdspif.dll]  [ATI Technologies, Inc., 4.12.0007]
    [C:\Program Files\Common Files\Symantec Shared\Script Blocking\scrauth.dll]  [Symantec Corporation, 1, 1, 1, 131]
    [C:\Program Files\Common Files\Symantec Shared\Script Blocking\ScrBlock.dll]  [Symantec Corporation, 1, 1, 1, 131]
[PID: 1660][C:\WINDOWS\System32\RunDll32.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll]  [IBM Corp., 1, 0, 0, 0]
    [C:\PROGRA~1\ThinkPad\UTILIT~1\tppwrw32.dll]  [IBM Corp., 1, 0, 0, 0]
    [C:\WINDOWS\System32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3 29Jan03]
[PID: 1200][C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe]  [N/A, N/A]
    [C:\Program Files\ThinkPad\Utilities\TpKmapHk.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3 29Jan03]
[PID: 1788][C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe]  [IBM Corp., 1, 0, 0, 0]
    [C:\WINDOWS\System32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3 29Jan03]
[PID: 1804][C:\WINDOWS\AGRSMMSG.exe]  [Agere Systems, 2.1.20 2.1.20 10/18/2002 10:07:17]
    [C:\WINDOWS\System32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3 29Jan03]
[PID: 1808][C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe]  [N/A, N/A]
    [C:\WINDOWS\System32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3 29Jan03]
[PID: 1824][C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe]  [IBM Corporation, 1.06]
    [C:\WINDOWS\System32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3 29Jan03]
[PID: 1864][C:\Program Files\Support.com\bin\tgcmd.exe]  [SupportSoft, Inc., 5,8,136,0]
    [C:\Program Files\Support.com\bin\2052\tglocale.dll]  [N/A, N/A]
    [C:\Program Files\Support.com\bin\sdcmon.dll]  [SupportSoft, Inc., 5,8,136,0]
    [C:\WINDOWS\System32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3 29Jan03]
    [C:\Program Files\Support.com\bin\sdcidle.dll]  [SupportSoft, 1, 0, 0, 4]
[PID: 1960][C:\Program Files\IBM\Messages By IBM\ibmmessages.exe]  [IBM, 1.058]
    [C:\WINDOWS\System32\AIBMRUNL.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3 29Jan03]
[PID: 2036][C:\Program Files\Common Files\Symantec Shared\ccApp.exe]  [Symantec Corporation, 2.1.10.2]
    [C:\WINDOWS\System32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3 29Jan03]
    [C:\Program Files\Symantec\LiveUpdate\ProductRegCom.DLL]  [Symantec Corporation, 1.90.14.0]
    [C:\Program Files\Symantec\LiveUpdate\LuComServerPS.DLL]  [Symantec Corporation, 1.90.14.0]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 2.1.10.2]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL]  [Symantec Corporation, 2.1.10.2]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL]  [Symantec Corporation, 2.1.10.2]
    [C:\WINDOWS\System32\SYMREDIR.dll]  [Symantec Corporation, 5.5.1.6]
    [C:\PROGRA~1\NORTON~1\CCIMSCAN.DLL]  [Symantec Corporation, 10.0.2.610]
    [C:\PROGRA~1\NORTON~1\DEFALERT.DLL]  [Symantec Corporation, 10.00.13]
    [C:\PROGRA~1\NORTON~1\NAVAPW32.DLL]  [Symantec Corporation, 10.00.13]
    [C:\PROGRA~1\NORTON~1\apwutil.dll]  [Symantec Corporation, 10.00.13]
    [C:\PROGRA~1\NORTON~1\SAVRT32.DLL]  [Symantec Corporation,     ]
    [C:\Program Files\Norton AntiVirus\NAVOPTRF.DLL]  [Symantec Corporation, 10.00.2]

[C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll]  [Symantec Corporation, 2.1.10.2]
    [C:\Program Files\Norton AntiVirus\apwcmdnt.dll]  [Symantec Corporation, 10.00.13]
    [C:\Program Files\Common Files\Symantec Shared\ccProSub.dll]  [Symantec Corporation, 2.1.10.2]
    [C:\Program Files\Norton AntiVirus\NavEmail.dll]  [Symantec Corporation, 10.0.2.610]
    [C:\Program Files\Support.com\bin\sdcidle.dll]  [SupportSoft, 1, 0, 0, 4]
    [C:\PROGRA~1\NORTON~1\NAVOpts.dll]  [Symantec Corporation, 10.00.13]
    [C:\PROGRA~1\NORTON~1\N32Exclu.dll]  [Symantec Corporation, 10.00.13]
    [C:\PROGRA~1\NORTON~1\S32NAVO.DLL]  [Symantec Corporation, 5.3.0.182]
    [C:\Program Files\Norton AntiVirus\NAVError.dll]  [Symantec Corporation, 10.00.13]
    [C:\Program Files\Norton AntiVirus\NAVAPSCR.dll]  [Symantec Corporation, 10.00.13]
    [C:\PROGRA~1\FlashGet\fgmgr.dll]  [www.flashget.com, 1, 8, 0, 1001]
    [C:\Program Files\Common Files\Symantec Shared\LiveReg\iraLSCl2.dll]  [Symantec Corporation, 2.4.0.2044]
    [C:\Program Files\Common Files\Symantec Shared\LiveReg\IraVcLc3.dll]  [Symantec Corporation, 2.4.0.2044]
[PID: 288][C:\Program Files\D-Tools\daemon.exe]  [DAEMON'S HOME, 3.47.0.0]
    [C:\WINDOWS\daemon.dll]  [N/A, 3.47.0.0]
    [C:\Program Files\D-Tools\PFCTOC.DLL]  [Padus(R), Inc., 1, 0, 0, 12]
    [C:\Program Files\D-Tools\Plugins\Images\bw5mount.dll]  [N/A, 1.0.2.0]
    [C:\Program Files\D-Tools\Plugins\Images\ccdmount.dll]  [GENERIC, 1.02.0.0]
    [C:\Program Files\D-Tools\Plugins\Images\mdsmount.dll]  [GENERIC, 1.01.0.0]
    [C:\Program Files\D-Tools\Plugins\Images\nrgmount.dll]  [GENERIC, 1.02.0.0]
    [C:\Program Files\D-Tools\Plugins\Images\pdimount.dll]  [GENERIC, 1.01.0.0]
    [C:\WINDOWS\System32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3 29Jan03]
[PID: 1044][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.0.3208]
    [C:\WINDOWS\System32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3 29Jan03]
[PID: 440][C:\WINDOWS\System32\algs.exe]  [N/A, N/A]
[PID: 484][C:\WINDOWS\System32\mdeyrkuf.exe]  [N/A, N/A]
[PID: 668][C:\WINDOWS\System32\explorer.exe]  [N/A, N/A]
    [C:\PROGRA~1\FlashGet\fgmgr.dll]  [www.flashget.com, 1, 8, 0, 1001]
    [C:\WINDOWS\System32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3 29Jan03]
    [C:\WINDOWS\System32\iifffda.dll]  [N/A, N/A]
    [C:\Program Files\Support.com\bin\sdcidle.dll]  [SupportSoft, 1, 0, 0, 4]
    [C:\Program Files\Common Files\Symantec Shared\Script Blocking\scrauth.dll]  [Symantec Corporation, 1, 1, 1, 131]
    [C:\Program Files\Common Files\Symantec Shared\Script Blocking\ScrBlock.dll]  [Symantec Corporation, 1, 1, 1, 131]
[PID: 1380][C:\WINDOWS\System32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
    [C:\WINDOWS\System32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3 29Jan03]
[PID: 1564][C:\Program Files\Messenger\msmsgs.exe]  [Microsoft Corporation, 4.7.0041]
    [C:\WINDOWS\System32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3 29Jan03]
    [C:\WINDOWS\System32\msdmo.dll]  [N/A, N/A]
    [C:\PROGRA~1\FlashGet\fgmgr.dll]  [www.flashget.com, 1, 8, 0, 1001]
[PID: 1948][C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe]  [Google Inc., 1, 2, 908, 5008]
    [C:\WINDOWS\System32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3 29Jan03]
    [C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\res_zh-CN.dll]  [Google Inc., 1, 2, 908, 5008]
    [C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\swg.dll]  [Google Inc., 1, 2, 908, 5008]
[PID: 228][C:\Program Files\WinZip\WZQKPICK.EXE]  [WinZip Computing LP, 1.0 (32-bit)]
    [C:\WINDOWS\System32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3 29Jan03]
[PID: 2236][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2312][C:\WINDOWS\System32\Ati2evxx.exe]  [N/A, N/A]
[PID: 2344][C:\Program Files\Norton AntiVirus\navapsvc.exe]  [Symantec Corporation, 10.00.2]
   
[C:\Program Files\Norton AntiVirus\SAVRT32.DLL]  [Symantec Corporation,     ]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 2.1.10.2]
[PID: 3460][C:\WINDOWS\System32\QCONSVC.EXE]  [N/A, N/A]
[PID: 428][C:\WINDOWS\System32\RegSrvc.exe]  [Intel Corporation, 4, 0, 0, 1]
[PID: 1768][C:\WINDOWS\system\smss.exe]  [N/A, N/A]
[PID: 1248][C:\WINDOWS\system32\vcmon.exe]  [N/A, N/A]
[PID: 1640][C:\Program Files\Norton AntiVirus\SAVScan.exe]  [Symantec Corporation,     ]
    [C:\Program Files\Norton AntiVirus\SAVRT32.DLL]  [Symantec Corporation,     ]
    [C:\Program Files\Common Files\Symantec Shared\ccScan.dll]  [Symantec Corporation, 2.1.10.2]
    [C:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL]  [Symantec Corporation, 51.2.0.12]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20061206.016\ecmsvr32.dll]  [Symantec Corporation, 61.3.0.18]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20061206.016\NAVEX32a.DLL]  [Symantec Corporation, 20061.3.0.12]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20061206.016\NAVENG32.DLL]  [Symantec Corporation, 20061.3.0.12]
    [C:\Program Files\Norton AntiVirus\NAVAP32.DLL]  [Symantec Corporation,     ]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\DECSDK.DLL]  [Symantec Corporation, 3.02.14.08]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2.dll]  [Symantec Corporation, 3.02.14.08]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ID.dll]  [Symantec Corporation, 3.02.14.08]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Zip.dll]  [Symantec Corporation, 3.02.14.08]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2SS.dll]  [Symantec Corporation, 3.02.14.08]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2GZIP.dll]  [Symantec Corporation, 3.02.14.08]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2CAB.dll]  [Symantec Corporation, 3.02.14.08]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LHA.dll]  [Symantec Corporation, 3.02.14.08]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RAR.dll]  [Symantec Corporation, 3.02.14.08]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ARJ.dll]  [Symantec Corporation, 3.02.14.08]

[C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TNEF.dll]  [Symantec Corporation, 3.02.14.08]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LZ.dll]  [Symantec Corporation, 3.02.14.08]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2AMG.dll]  [Symantec Corporation, 3.02.14.08]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TAR.dll]  [Symantec Corporation, 3.02.14.08]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RTF.dll]  [Symantec Corporation, 3.02.14.08]
    [C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Text.dll]  [Symantec Corporation, 3.02.14.08]
[PID: 5724][C:\WINDOWS\system32\cmd.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\System32\iifffda.dll]  [N/A, N/A]
    [C:\Program Files\Common Files\Symantec Shared\Script Blocking\scrauth.dll]  [Symantec Corporation, 1, 1, 1, 131]
    [C:\Program Files\Common Files\Symantec Shared\Script Blocking\ScrBlock.dll]  [Symantec Corporation, 1, 1, 1, 131]
[PID: 8088][C:\PROGRA~1\FlashGet\flashget.exe]  [FlashGet.com, 1, 8, 0, 1001]
    [C:\PROGRA~1\FlashGet\FGBTCORE.dll]  [N/A, 1, 0, 0, 23]
    [C:\PROGRA~1\FlashGet\fgmgr.dll]  [www.flashget.com, 1, 8, 0, 1001]
    [C:\WINDOWS\System32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3 29Jan03]
    [C:\Program Files\Support.com\bin\sdcidle.dll]  [SupportSoft, 1, 0, 0, 4]
    [C:\WINDOWS\System32\iifffda.dll]  [N/A, N/A]
    [C:\Program Files\Common Files\Symantec Shared\Script Blocking\scrauth.dll]  [Symantec Corporation, 1, 1, 1, 131]
    [C:\Program Files\Common Files\Symantec Shared\Script Blocking\ScrBlock.dll]  [Symantec Corporation, 1, 1, 1, 131]
[PID: 560][C:\Program Files\Microsoft Office\Office10\WINWORD.EXE]  [Microsoft Corporation, 10.0.4219]
    [C:\PROGRA~1\FlashGet\fgmgr.dll]  [www.flashget.com, 1, 8, 0, 1001]
    [C:\WINDOWS\System32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3 29Jan03]
    [C:\PROGRA~1\NORTON~1\OfficeAV.dll]  [Symantec Corporation, 10.0.2.610]
    [C:\WINDOWS\System32\PUTIWBX.IME]  [中华佛典宝库, 6.0.2005.02]
    [C:\Program Files\Support.com\bin\sdcidle.dll]  [SupportSoft, 1, 0, 0, 4]
[PID: 14196][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\PROGRA~1\FlashGet\fgmgr.dll]  [www.flashget.com, 1, 8, 0, 1001]
    [C:\WINDOWS\System32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3 29Jan03]
    [c:\program files\google\googletoolbar2.dll]  [Google Inc., 4, 0, 1020, 3054]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\PROGRA~1\FlashGet\jccatch.dll]  [www.flashget.com, 1, 8, 0, 1001]
    [C:\WINDOWS\System32\TPHANDLE.dll]  [江苏科建教育软件有限责任公司, 5, 0, 10, 10]
    [C:\WINDOWS\system32\dla\tfswshx.dll]  [VERITAS Software, Inc., 3.50.21a]
    [C:\WINDOWS\System32\tfswapi.dll]  [VERITAS Software, Inc., 3.50.21a]
    [C:\WINDOWS\system32\dla\tfswcres.dll]  [VERITAS Software, Inc., 3.50.21a]
    [C:\WINDOWS\System32\iifffda.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\cbaxv.dll]  [N/A, N/A]
    [C:\Program Files\Norton AntiVirus\NavShExt.dll]  [Symantec Corporation, 10.00.13]
    [C:\Program Files\FlashGet\getflash.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Support.com\bin\sdcidle.dll]  [SupportSoft, 1, 0, 0, 4]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [C:\Program Files\Common Files\Symantec Shared\Script Blocking\scrauth.dll]  [Symantec Corporation, 1, 1, 1, 131]
    [C:\Program Files\Common Files\Symantec Shared\Script Blocking\ScrBlock.dll]  [Symantec Corporation, 1, 1, 1, 131]
    [C:\WINDOWS\System32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [C:\WINDOWS\System32\PUTIWBX.IME]  [中华佛典宝库, 6.0.2005.02]
[PID: 3620][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
    [C:\Program Files\Norton AntiVirus\NavShExt.dll]  [Symantec Corporation, 10.00.13]
    [c:\program files\google\googletoolbar2.dll]  [Google Inc., 4, 0, 1020, 3054]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\PROGRA~1\FlashGet\jccatch.dll]  [www.flashget.com, 1, 8, 0, 1001]
    [C:\WINDOWS\System32\TPHANDLE.dll]  [江苏科建教育软件有限责任公司, 5, 0, 10, 10]
    [C:\WINDOWS\system32\dla\tfswshx.dll]  [VERITAS Software, Inc., 3.50.21a]
    [C:\WINDOWS\System32\tfswapi.dll]  [VERITAS Software, Inc., 3.50.21a]
    [C:\WINDOWS\system32\dla\tfswcres.dll]  [VERITAS Software, Inc., 3.50.21a]
    [C:\WINDOWS\System32\iifffda.dll]  [N/A, N/A]
    [C:\WINDOWS\System32\cbaxv.dll]  [N/A, N/A]
    [C:\Program Files\FlashGet\getflash.dll]  [, 1, 0, 0, 1]
[PID: 11088][C:\PROGRA~1\WINZIP\winzip32.exe]  [WinZip Computing LP, 21.0 (32-bit)]
    [C:\PROGRA~1\WINZIP\wzeay32.dll]  [WinZip Computing LP, 0.9.7g (32-bit)]
    [C:\PROGRA~1\FlashGet\fgmgr.dll]  [www.flashget.com, 1, 8, 0, 1001]
    [C:\WINDOWS\System32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3 29Jan03]
    [C:\PROGRA~1\WINZIP\WZCKTREE.DLL]  [WinZip Computing LP, 1.1 (32-bit)]
    [C:\PROGRA~1\WINZIP\WZVINFO.DLL]  [WinZip Computing LP, 1.1 (32-bit)]
    [C:\PROGRA~1\WINZIP\WZCAB3.DLL]  [WinZip Computing LP, 3.1 (32-bit)]
    [C:\PROGRA~1\WINZIP\wz32.dll]  [WinZip Computing LP, 21.0 (32-bit)]
    [C:\PROGRA~1\WINZIP\WZIMGS.BIN]  [N/A, N/A]
    [C:\Program Files\Support.com\bin\sdcidle.dll]  [SupportSoft, 1, 0, 0, 4]
    [C:\WINDOWS\System32\iifffda.dll]  [N/A, N/A]
[PID: 13324][C:\Documents and Settings\li_ping\Local Settings\Temp\wz8020\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [C:\PROGRA~1\FlashGet\fgmgr.dll]  [www.flashget.com, 1, 8, 0, 1001]
    [C:\WINDOWS\System32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3 29Jan03]
    [C:\Program Files\Support.com\bin\sdcidle.dll]  [SupportSoft, 1, 0, 0, 4]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================

有个进程vcmon.exe,搜了一下是病毒,但结束不了.
总弹出一个病毒警告窗口,说该文件被删除,或是被隔离,但以后还会弹出.比如,downloader,troian.dorpper,trojan.vundo等病毒.下了查杀downloader病毒的软件,依然出现.也下查杀木马的软件,照样不行.
请大侠帮忙.

谢谢楼上的大侠.只是偶是菜鸟,不会弄,问以下两个问题:
1,SR运行不了,这是缩写吗?
2,安全模式下如何显示隐藏的文件夹?

谢谢!谢谢!

谢谢各位高手了,现汇报一下操作情况:

注册表项:
没有<Services><C:\WINDOWS\System32\mdeyrkuf.exe> [N/A]
是:
<services><c:\WINDOWS\System32\cdqz.exe

以下3项总删不掉,删了一会就出来:
<{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}><C:\WINDOWS\System32\iifffda.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cbaxv]
<WinlogonNotify: cbaxv><C:\WINDOWS\System32\cbaxv.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\iifffda]
<WinlogonNotify: iifffda><iifffda.dll> [N/A]
<CE2EBE0B><C:\WINDOWS\System32\dior4f45558871.exe> [N/A]


浏览器加载项:
没有{7EFFE45E-2346-4DC8-9128-BD1781EF1669} <C:\WINDOWS\System32\cbaxv.dll, N/A>
是
{ABD526A6-68FB-473D-9DB7-4A7765CAB1AA} <C:\WINDOWS\System32\cbaxv.dll, N/A>

安全模式下
[C:\WINDOWS\System32\cbaxv.dll] [N/A, N/A]
[C:\WINDOWS\system32\iifffda.dll] [N/A, N/A]
删不掉,显示正在被另一人或程序使用.

机器明显变好了,进程降了几个,现在52个,vcmon.exe没有了,CPU使用率降下来了.

进程能否再降的少一些,安全模式下进程只有10几个时,速度好快呀.

多谢指点,还请继续指点.谢谢!

正常模式下启动,关闭屏幕最下方栏目显示的应用程序(不晓得是不是这样就关闭了所有的应用程序,呵呵),打开SR,进行自动修复.

安全模式下,运行explorer.exe,删除了System32下的:mdeyrkuf.exe,dior4f45558871.exe.
cbaxv.dll,iifffda.dll]仍然删不掉,显示正在被另一人或程序使用.
大概是我不知道如何在安全模式下关闭应用程序.
请继续指教!谢谢!

另:机器几天前开始总跳出"脱机工作"窗口,窗口内的内容是"目前没有可用的internet连接.要查看已保存在您计算机上的internet内容,请单击"脱机工作".单击"重试",再连接一次."
是病毒影响吗?以前从未出现过.

又一问题:
浏览器加载项
您写的删除项是{7EFFE45E-2346-4DC8-9128-BD1781EF1669} <C:\WINDOWS\System32\cbaxv.dll, N/A>
昨天SR显示的是:
{ABD526A6-68FB-473D-9DB7-4A7765CAB1AA} <C:\WINDOWS\System32\cbaxv.dll, N/A>
今天发现{}内的项目又变了,该项是否可以删除?
谢谢!