BYR Achieve · 镜像论坛

症状是鼠标指针一直时候指针和漏斗的后台运行状态任务管理器有时会有两个IExplore.exe进程杀毒软件更新和扫描都很慢，用卡巴斯基扫c:\预计要用到明天才能扫完 [CODE] 2008-04-10,14:48:18 System Repair Engineer 2.5.16.900 Smallfrogs (http://www.KZTechs.com) Windows XP Home Edition Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能以下内容被选中：所有的启动项目（包括注册表、启动文件夹、服务等）浏览器加载项正在运行的进程（包括进程模块信息）文件关联 Winsock 提供者 Autorun.inf HOSTS 文件进程特权扫描启动项目注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher] <wsctf.exe><wsctf.exe> [N/A] <TOSCDSPD><C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe> [TOSHIBA] <MsnMsgr><"C:\Program Files\MSN Messenger\msnmsgr.exe" /background> [(Verified)Microsoft Corporation] [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] <load><> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <Tvs><C:\Program Files\Toshiba\Tvs\TvsTray.exe> [TOSHIBA Corporation] <TPSMain><TPSMain.exe> [TOSHIBA Corporation] <THotkey><C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe> [TOSHIBA] <SmoothView><C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe> [TOSHIBA Corporation] <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [(Verified)Microsoft Windows Publisher] <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [(Verified)Microsoft Windows Publisher] <PCSuiteTrayApplication><C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup> [Nokia] <PadTouch><C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe> [TOSHIBA] <NDSTray.exe><NDSTray.exe> [N/A] <MSPY2002><C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC> [(Verified)Microsoft Windows Publisher] <IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload> [(Verified)Microsoft Corporation] <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Windows Publisher] <IMEKRMIG6.1><C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE> [(Verified)Microsoft Windows Publisher] <IgfxTray><C:\WINDOWS\system32\igfxtray.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <HotKeysCmds><C:\WINDOWS\system32\hkcmd.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <dla><C:\WINDOWS\system32\dla\tfswctrl.exe> [Sonic Solutions] <DAEMON Tools-1033><"D:\deamon\daemon.exe" -lang 1033> [N/A] <ButsMgr><C:\Program Files\Toshiba\Toshiba Applet\ButsMgr.exe> [TOSHIBA] <BigDogPath><C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera> [N/A] <AGRSMMSG><AGRSMMSG.exe> [Agere Systems] <AVP><"D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"> [(Verified)Kaspersky Lab] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <shell><EXPLORER.EXE> [] <Userinit><userinit.exe,EXPLORER.EXE> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] <AppInit_DLLs><> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] <WinlogonNotify: klogon><C:\WINDOWS\system32\klogon.dll> [(Verified)Kaspersky Lab] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] <N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install> [Microsoft Corporation] ================================== 启动文件夹 [Adobe Reader Speed Launch] <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Reader Speed Launch.lnk --> D:\ADOBER~1.0\Reader\READER~1.EXE [Adobe Systems Incorporated]><N> [RAMASST] <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\RAMASST.lnk --> C:\WINDOWS\system32\RAMASST.exe [Matsushita Electric Industrial Co., Ltd.]><N> [服务管理器] <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\服务管理器.lnk --> C:\PROGRA~1\MI6841~1\80\Tools\Binn\sqlmangr.exe [Microsoft Corporation]><N> [腾讯QQ] <C:\Documents and Settings\guoxiaowen\「开始」菜单\程序\启动\腾讯QQ.lnk --> C:\PROGRA~1\Tencent\QQ\QQ.exe [TENCENT]><N> ================================== 服务 [Application Management / AppMgmt][Stopped/Manual Start] <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A> [Kaspersky Anti-Virus 7.0 / AVP][Running/Auto Start] <"D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -r><Kaspersky Lab> [ConfigFree Service / CFSvcs][Running/Auto Start] <C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe><TOSHIBA CORPORATION> [DVD-RAM_Service / DVD-RAM_Service][Running/Auto Start] <C:\WINDOWS\system32\DVDRAMSV.exe><Matsushita Electric Industrial Co., Ltd.> [Human Interface Device Access / HidServ][Stopped/Disabled] <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A> [MSSQLSERVER / MSSQLSERVER][Running/Auto Start] <d:\SQLSER~1\MSSQL\binn\sqlservr.exe><Microsoft Corporation> [MSSQLServerADHelper / MSSQLServerADHelper][Stopped/Manual Start] <C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe><Microsoft Corporation> [ServiceLayer / ServiceLayer][Running/Manual Start] <"C:\Program Files\PC Connectivity Solution\ServiceLayer.exe"><Nokia.> [SQLSERVERAGENT / SQLSERVERAGENT][Stopped/Manual Start] <d:\SQLSER~1\MSSQL\binn\sqlagent.exe><Microsoft Corporation> [TOSHIBA Application Service / TAPPSRV][Running/Auto Start] <"C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe"><TOSHIBA Corp.> ================================== 驱动程序 [TOSHIBA V92 Software Modem / AgereSoftModem][Running/Manual Start] <system32\DRIVERS\AGRSM.sys><Agere Systems> [Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start] <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.> [d347bus / d347bus][Running/Boot Start] <\SystemRoot\system32\DRIVERS\d347bus.sys><> [d347prt / d347prt][Running/Boot Start] <\SystemRoot\System32\Drivers\d347prt.sys><> [drvmcdb / drvmcdb][Running/Boot Start] <\SystemRoot\system32\drivers\drvmcdb.sys><Sonic Solutions> [drvnddm / drvnddm][Running/Auto Start] <system32\drivers\drvnddm.sys><Sonic Solutions> [EMSCR / EMSCR][Running/Manual Start] <system32\DRIVERS\EMS7SK.sys><ENE Technology Inc.> [ESDCR / ESDCR][Running/Manual Start] <system32\DRIVERS\ESD7SK.sys><ENE Technology Inc.> [ialm / ialm][Running/Manual Start] <system32\DRIVERS\ialmnt5.sys><Intel Corporation> [kl1 / kl1][Running/Boot Start] <\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab> [klif / klif][Running/System Start] <\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab> [Kaspersky Anti-Virus NDIS Filter / klim5][Running/Manual Start] <system32\DRIVERS\klim5.sys><Kaspersky Lab> [meiudf / meiudf][Running/System Start] <System32\Drivers\meiudf.sys><Matsushita Electric Industrial Co.,Ltd.> [TOSHIBA Network Device Usermode I/O Protocol / Netdevio][Running/Auto Start] <system32\DRIVERS\netdevio.sys><TOSHIBA Corporation.> [Nokia USB Phone Parent / nmwcd][Stopped/Manual Start] <system32\drivers\nmwcd.sys><Nokia> [Nokia USB Generic / nmwcdc][Stopped/Manual Start] <system32\drivers\nmwcdc.sys><Nokia> [Nokia USB Modem / nmwcdcm][Stopped/Manual Start] <system32\drivers\nmwcdcm.sys><Nokia> [npkcrypt / npkcrypt][Running/Auto Start] <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.> [npkycryp / npkycryp][Stopped/Manual Start] <\??\C:\Program Files\Tencent\QQ\npkycryp.sys><N/A> [Direct Parallel Link Driver / Ptilink][Running/Manual Start] <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.> [PxHelp20 / PxHelp20][Running/Boot Start] <\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions> [Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver / RTL8023xp][Running/Manual Start] <system32\DRIVERS\Rtlnicxp.sys><Realtek Semiconductor Corporation> [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start] <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation> [Secdrv / Secdrv][Stopped/Manual Start] <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.> [CP2101 USB Composite Device driver (WDM) / slabbus][Stopped/Manual Start] <system32\DRIVERS\slabbus.sys><MCCI> [CP2101 USB to UART Bridge Controller Drivers / slabser][Stopped/Manual Start] <system32\DRIVERS\slabser.sys><MCCI> [sscdbhk5 / sscdbhk5][Running/System Start] <system32\drivers\sscdbhk5.sys><Sonic Solutions> [ssrtln / ssrtln][Running/System Start] <system32\drivers\ssrtln.sys><Sonic Solutions> [SYMIDSCO / SYMIDSCO][Stopped/Manual Start] <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\IDS-DI~1\20040813.178\symidsco.sys><N/A> [Synaptics TouchPad Driver / SynTP][Running/Manual Start] <system32\DRIVERS\SynTP.sys><Synaptics, Inc.> [tfsnboio / tfsnboio][Running/Auto Start] <system32\dla\tfsnboio.sys><Sonic Solutions> [tfsncofs / tfsncofs][Running/Auto Start] <system32\dla\tfsncofs.sys><Sonic Solutions> [tfsndrct / tfsndrct][Running/Auto Start] <system32\dla\tfsndrct.sys><Sonic Solutions> [tfsndres / tfsndres][Running/Auto Start] <system32\dla\tfsndres.sys><Sonic Solutions> [tfsnifs / tfsnifs][Running/Auto Start] <system32\dla\tfsnifs.sys><Sonic Solutions> [tfsnopio / tfsnopio][Running/Auto Start] <system32\dla\tfsnopio.sys><Sonic Solutions> [tfsnpool / tfsnpool][Running/Auto Start] <system32\dla\tfsnpool.sys><Sonic Solutions> [tfsnudf / tfsnudf][Running/Auto Start] <system32\dla\tfsnudf.sys><Sonic Solutions> [tfsnudfa / tfsnudfa][Running/Auto Start] <system32\dla\tfsnudfa.sys><Sonic Solutions> [Toshiba Mobile PC Service / TVALD][Running/Manual Start] <system32\DRIVERS\NBSMI.sys><Toshiba Corporation> [Toshiba Virtual Sound with SRS technologies / Tvs][Running/Manual Start] <system32\DRIVERS\Tvs.sys><TOSHIBA Corporation> [用于 Windows XP 的英特尔(R) PRO/无线 2200BG 网络连接驱动程序 / w29n51][Running/Manual Start] <system32\DRIVERS\w29n51.sys><Intel? Corporation> [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start] <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation> [VIMICRO USB PC Camera / ZSMC301b][Stopped/Manual Start] <System32\Drivers\usbVM31b.sys><VM> [FWACCESS / FWACCESS][Running/Manual Start] <\??\C:\WINDOWS\system32\FWSVR.bin><N/A> ================================== 浏览器加载项 [WebThunder Browser Helper] {00000AAA-A363-466E-BEF5-9BB68697AA7F} <D:\web迅雷\WebThunderBHO_Now.dll, Thunder Networking Technologies,LTD> [AcroIEHlprObj Class] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <D:\Adobe Reader 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated> [DriveLetterAccess] {5CA3D70E-1895-11CF-8E15-001234567890} <C:\WINDOWS\system32\dla\tfswshx.dll, Sonic Solutions> [Windows Live Sign-in Helper] {9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation> [Java Plug-in 1.5.0] {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll, Sun Microsystems, Inc.> [Web 反病毒统计] {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll, Kaspersky Lab> [信息检索(&R)] {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation> [启动WEB迅雷] {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} <http://my.xunlei.com, N/A> [Messenger] {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation> [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx, Adobe Systems, Inc.> [WebThunder Browser Helper] {00000AAA-A363-466E-BEF5-9BB68697AA7F} <D:\web迅雷\WebThunderBHO_Now.dll, Thunder Networking Technologies,LTD> [WebThunder Class] {03507A1A-E0C5-4404-AA26-205385C0892D} <, N/A> [AcroIEHlprObj Class] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <D:\Adobe Reader 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated> [Windows Media Player] {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation> [WebThunder DapPlayer] {2EEDA47E-8D5C-4d7e-B4B6-E16E19218555} <D:\web迅雷\DownAndPlay\DapPlayer3.0.41.65.705.dll, ShenZhen Thunder Networking Technologies Ltd.> [Microsoft Office Control] {4453D895-F2A1-4A38-A285-1EF9BD3F6D5D} <C:\PROGRA~1\MICROS~2\OFFICE11\AUTHZAX.DLL, Microsoft Corporation> [DriveLetterAccess] {5CA3D70E-1895-11CF-8E15-001234567890} <C:\WINDOWS\system32\dla\tfswshx.dll, Sonic Solutions> [XMP Class] {6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, > [XDRM] {693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, > [Windows Media Player] {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation> [Microsoft Web 浏览器] {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation> [Windows Live Sign-in Helper] {9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation> [RMGetLicense Class] {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation> [SearchAssistantOC] {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A> [RDS.DataSpace] {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\system\msadc\msadco.dll, Microsoft Corporation> [AUDIO__MP3 Moniker Class] {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation> [VIDEO__X_MS_WMV Moniker Class] {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation> [RealPlayer G2 Control] {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.> [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx, Adobe Systems, Inc.> [Thunder DapCtrl] {EF1EA76E-5428-4e40-85A1-D4DD2893183A} <D:\web迅雷\DownAndPlay\DapCtrl1.3.17.20.705.dll, ShenZhen Thunder Networking Technologies Ltd.> [XPPlayer Class] {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\pplayer.dll_1_work, Thunder> [使用WEB迅雷下载] <D:\web迅雷\GetUrl.htm, N/A> [使用WEB迅雷下载全部链接] <D:\web迅雷\GetAllUrl.htm, N/A> [导出到 Microsoft Office Excel(&X)] <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A> [添加到QQ表情] <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A> ================================== 正在运行的进程 [PID: 1064 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1132 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1156 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125] [C:\WINDOWS\system32\klogon.dll] [Kaspersky Lab, 7.0.0.125] [C:\WINDOWS\system32\UNISPIM5.IME] [北京紫光华宇软件股份有限公司, 5.0.0.5076] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [PID: 1200 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll] [Kaspersky Lab, 7.0.0.125] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125] [PID: 1392 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1492 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll] [Kaspersky Lab, 7.0.0.125] [PID: 1536 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125] [C:\WINDOWS\system32\wups2.dll] [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)] [PID: 1600 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125] [PID: 1824 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125] [PID: 1024 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll] [Kaspersky Lab, 7.0.0.125] [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.2175.0] [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.2175.0] [PID: 300 / SYSTEM][C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe] [TOSHIBA CORPORATION, 5, 0, 0, 41] [C:\Program Files\TOSHIBA\ConfigFree\NDSAPI.dll] [TOSHIBA CORPORATION, 5, 0, 0, 41] [C:\Program Files\TOSHIBA\ConfigFree\IpAdrSet.dll] [TOSHIBA CORPORATION, 5, 0, 0, 6] [PID: 336 / SYSTEM][C:\WINDOWS\system32\DVDRAMSV.exe] [Matsushita Electric Industrial Co., Ltd., 2, 0, 7, 0] [PID: 424 / SYSTEM][C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE] [Microsoft Corporation, 7.00.9466] [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\2052\mdmui.dll] [Microsoft Corporation, 7.00.9466] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125] [C:\Program Files\Common Files\Microsoft Shared\VS7Debug\msdbg2.dll] [Microsoft Corporation, 8.0.50727.42 (RTM.050727-4200)] [PID: 580 / SYSTEM][d:\SQLSER~1\MSSQL\binn\sqlservr.exe] [Microsoft Corporation, 2000.080.0194.00] [d:\SQLSER~1\MSSQL\binn\OPENDS60.DLL] [Microsoft Corporation, 2000.080.0194.00] [d:\SQLSER~1\MSSQL\binn\UMS.DLL] [Microsoft Corporation, 2000.080.0194.00] [d:\SQLSER~1\MSSQL\binn\SQLSORT.DLL] [Microsoft Corporation, 2000.080.0194.00] [d:\SQLSER~1\MSSQL\binn\Resources\2052\sqlevn70.RLL] [Microsoft Corporation, 2000.080.0194.00] [d:\SQLSER~1\MSSQL\binn\SSNETLIB.dll] [Microsoft Corporation, 2000.080.0194.00] [d:\SQLSER~1\MSSQL\binn\SSNMPN70.dll] [Microsoft Corporation, 2000.080.0194.00] [d:\SQLSER~1\MSSQL\binn\SSmsLPCn.dll] [Microsoft Corporation, 2000.080.0194.00] [PID: 1404 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1612 / SYSTEM][C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe] [TOSHIBA Corp., 1, 0, 1, 2H] [PID: 1656 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: DNSRV(bld4act)] [PID: 1060 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 732 / guoxiaowen][C:\WINDOWS\System32\WScript.exe] [Microsoft Corporation, 5.6.0.8820] [C:\WINDOWS\system32\UNISPIM5.IME] [北京紫光华宇软件股份有限公司, 5.0.0.5076] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\scrchpg.dll] [Kaspersky Lab, 7.0.0.125] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\klscav.dll] [Kaspersky Lab, 7.0.0.125] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\prremote.dll] [Kaspersky Lab, 7.0.0.125] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\prloader.dll] [Kaspersky Lab, 7.0.0.125] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\prkernel.ppl] [Kaspersky Lab, 7.0.0.125] [d:\program files\kaspersky lab\kaspersky anti-virus 7.0\params.ppl] [Kaspersky Lab, 7.0.0.125] [d:\program files\kaspersky lab\kaspersky anti-virus 7.0\pxstub.ppl] [Kaspersky Lab, 7.0.0.125] [d:\program files\kaspersky lab\kaspersky anti-virus 7.0\tempfile.ppl] [Kaspersky Lab, 7.0.0.125] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.13.0.1 02Feb05] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll] [Kaspersky Lab, 7.0.0.125] [PID: 2044 / guoxiaowen][C:\Program Files\Toshiba\Tvs\TvsTray.exe] [TOSHIBA Corporation, 1, 0, 0, 2] [C:\WINDOWS\system32\TvsCtrl.dll] [TOSHIBA Corporation, 1, 0, 0, 3] [C:\Program Files\Toshiba\Tvs\TvsRes.dll] [TOSHIBA Corporation, 1, 0, 0, 5] [C:\WINDOWS\system32\UNISPIM5.IME] [北京紫光华宇软件股份有限公司, 5.0.0.5076] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125] [PID: 1264 / guoxiaowen][C:\WINDOWS\system32\TPSMain.exe] [TOSHIBA Corporation, 1, 0, 14, 1] [C:\WINDOWS\system32\TPSMainCtl.dll] [TOSHIBA Corporation, 1, 0, 4, 0] [C:\WINDOWS\system32\CpuPerf.dll] [TOSHIBA Corporation, 1, 0, 1, 0] [C:\WINDOWS\system32\TPSTrace.DLL] [TOSHIBA Corporation, 1, 0, 3, 0] [C:\WINDOWS\system32\TPwrReg.dll] [TOSHIBA Corporation, 1, 0, 4, 0] [C:\WINDOWS\system32\TPeculiarity.dll] [TOSHIBA Corporation, 1, 0, 2, 5] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.13.0.1 02Feb05] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125] [PID: 844 / guoxiaowen][C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe] [TOSHIBA, 1.01.0006] [C:\WINDOWS\system32\MSVBVM60.DLL] [Microsoft Corporation, 6.00.9690] [C:\WINDOWS\system32\UNISPIM5.IME] [北京紫光华宇软件股份有限公司, 5.0.0.5076] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125] [C:\WINDOWS\system32\TCMSVR.dll] [TOSHIBA Corp., 1, 0, 0, 13M] [C:\WINDOWS\system32\FWSVR.dll] [TOSHIBA Corp., 1, 0, 0, 0M] [PID: 972 / guoxiaowen][C:\Program Files\Synaptics\SynTP\SynTPLpr.exe] [Synaptics, Inc., 7.13.0.1 02Feb05] [C:\WINDOWS\system32\SynCOM.dll] [Synaptics, Inc., 7.13.0.1 02Feb05] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.13.0.1 02Feb05] [C:\WINDOWS\system32\UNISPIM5.IME] [北京紫光华宇软件股份有限公司, 5.0.0.5076] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125] [PID: 880 / guoxiaowen][C:\Program Files\Synaptics\SynTP\SynTPEnh.exe] [Synaptics, Inc., 7.13.0.1 02Feb05] [C:\WINDOWS\system32\UNISPIM5.IME] [北京紫光华宇软件股份有限公司, 5.0.0.5076] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125] [C:\WINDOWS\system32\SynCOM.dll] [Synaptics, Inc., 7.13.0.1 02Feb05] [C:\WINDOWS\system32\SynTPAPI.dll] [Synaptics, Inc., 7.13.0.1 02Feb05] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.13.0.1 02Feb05] [PID: 1044 / guoxiaowen][C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe] [TOSHIBA Corporation, 2, 0, 0, 18] [PID: 1676 / guoxiaowen][C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe] [Nokia, 6, 83, 75, 3] [C:\Program Files\Nokia\Nokia PC Suite 6\PCSCM.dll] [Nokia, 6, 83, 92, 11] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Nokia\Nokia PC Suite 6\PCSSupportSetup.DLL] [Nokia, 6, 83, 20, 3] [C:\Program Files\PC Connectivity Solution\ConnAPI.DLL] [Nokia., 6, 83, 80, 4] [C:\WINDOWS\system32\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MFC71CHS.DLL] [Microsoft Corporation, 7.10.3077.0] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125] [C:\Program Files\PC Connectivity Solution\ConfServer.dll] [Nokia, 6, 83, 34, 2] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.13.0.1 02Feb05] [C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL] [Microsoft Corporation, 11.0.5510] [C:\Program Files\Nokia\Nokia PC Suite 6\Lang\LaunchApplication_chi-sc.NLR] [Nokia, 6, 83, 77, 2] [C:\WINDOWS\system32\UNISPIM5.IME] [北京紫光华宇软件股份有限公司, 5.0.0.5076] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll] [Kaspersky Lab, 7.0.0.125] [PID: 1412 / guoxiaowen][C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe] [TOSHIBA, 1, 2, 7, 0] [C:\Program Files\TOSHIBA\Touch and Launch\PadHook.dll] [ , 1, 2, 2, 0] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.13.0.1 02Feb05] [C:\WINDOWS\system32\UNISPIM5.IME] [北京紫光华宇软件股份有限公司, 5.0.0.5076] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125] [C:\WINDOWS\system32\SynCOM.dll] [Synaptics, Inc., 7.13.0.1 02Feb05] [C:\WINDOWS\system32\Audiodev.dll] [Microsoft Corporation, 5.2.3790.3646 built by: DNSRV(bld4act)] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\scrchpg.dll] [Kaspersky Lab, 7.0.0.125] [PID: 1752 / guoxiaowen][C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe] [TOSHIBA CORPORATION, 5, 0, 0, 83] [C:\Program Files\TOSHIBA\ConfigFree\CFUPNP.dll] [TOSHIBA CORPORATION, 1, 0, 0, 5] [C:\Program Files\TOSHIBA\ConfigFree\CFP2API.dll] [TOSHIBA CORPORATION, 5, 0, 0, 1] [C:\Program Files\TOSHIBA\ConfigFree\OpenProp.dll] [TOSHIBA CORPORATION, 5, 0, 0, 1] [C:\Program Files\TOSHIBA\ConfigFree\IpAdrSet.dll] [TOSHIBA CORPORATION, 5, 0, 0, 6] [C:\Program Files\TOSHIBA\ConfigFree\NDSAPI.dll] [TOSHIBA CORPORATION, 5, 0, 0, 41] [C:\Program Files\TOSHIBA\ConfigFree\NDSParts.dll] [TOSHIBA CORPORATION, 5, 0, 0, 44] [C:\Program Files\TOSHIBA\ConfigFree\NDSNLS.dll] [TOSHIBA CORPORATION, 4, 0, 2, 1006] [C:\Program Files\TOSHIBA\ConfigFree\QCDPJ.dll] [Toshiba, 5, 0, 0, 13] [C:\Program Files\TOSHIBA\ConfigFree\VENAPI.dll] [TOSHIBA, 5, 0, 0, 3] [C:\WINDOWS\system32\UNISPIM5.IME] [北京紫光华宇软件股份有限公司, 5.0.0.5076] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125] [PID: 2164 / guoxiaowen][C:\WINDOWS\system32\igfxtray.exe] [Intel Corporation, 3.0.0.3929] [C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation, 3.0.0.3929] [C:\WINDOWS\system32\igfxdev.dll] [Intel Corporation, 3.0.0.3929] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125] [C:\WINDOWS\system32\UNISPIM5.IME] [北京紫光华宇软件股份有限公司, 5.0.0.5076] [C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.3929] [C:\WINDOWS\system32\igfxres.dll] [Intel Corporation, 3.0.0.3929] [C:\WINDOWS\system32\igfxress.dll] [Intel Corporation, 3.0.0.3929] [PID: 2172 / guoxiaowen][C:\WINDOWS\system32\hkcmd.exe] [Intel Corporation, 3.0.0.3929] [C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation, 3.0.0.3929] [C:\WINDOWS\system32\igfxdev.dll] [Intel Corporation, 3.0.0.3929] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.13.0.1 02Feb05] [C:\WINDOWS\system32\UNISPIM5.IME] [北京紫光华宇软件股份有限公司, 5.0.0.5076] [C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.3929] [C:\WINDOWS\system32\igfxhk.dll] [Intel Corporation, 3.0.0.3929] [C:\WINDOWS\system32\igfxres.dll] [Intel Corporation, 3.0.0.3929] [PID: 2180 / guoxiaowen][C:\WINDOWS\system32\dla\tfswctrl.exe] [Sonic Solutions, 1.04.08a] [C:\WINDOWS\system32\tfswapi.dll] [Sonic Solutions, 1.04.08a] [C:\WINDOWS\system32\dla\tfswcres.dll] [Sonic Solutions, 1.04.08a] [C:\WINDOWS\system32\UNISPIM5.IME] [北京紫光华宇软件股份有限公司, 5.0.0.5076] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.13.0.1 02Feb05] [PID: 2200 / guoxiaowen][C:\Program Files\Toshiba\Toshiba Applet\ButsMgr.exe] [TOSHIBA, 1.00.0004] [C:\WINDOWS\system32\MSVBVM60.DLL] [Microsoft Corporation, 6.00.9690] [C:\WINDOWS\system32\UNISPIM5.IME] [北京紫光华宇软件股份有限公司, 5.0.0.5076] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125] [C:\WINDOWS\system32\TCMSVR.dll] [TOSHIBA Corp., 1, 0, 0, 13M] [PID: 2212 / guoxiaowen][C:\WINDOWS\VM_STI.EXE] [Vimicro, 4, 2, 1225, 6] [C:\WINDOWS\system32\msdmo.dll] [, ] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.13.0.1 02Feb05] [PID: 2224 / guoxiaowen][C:\WINDOWS\AGRSMMSG.exe] [Agere Systems, 2.1.49 2.1.49 12/20/2004 15:10:02] [C:\WINDOWS\system32\UNISPIM5.IME] [北京紫光华宇软件股份有限公司, 5.0.0.5076] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125] [PID: 2248 / guoxiaowen][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\UNISPIM5.IME] [北京紫光华宇软件股份有限公司, 5.0.0.5076] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125] [PID: 2304 / guoxiaowen][C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe] [TOSHIBA, 1, 0, 6, 0] [C:\WINDOWS\system32\UNISPIM5.IME] [北京紫光华宇软件股份有限公司, 5.0.0.5076] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125] [PID: 2312 / guoxiaowen][C:\Program Files\MSN Messenger\msnmsgr.exe] [Microsoft Corporation, 8.1.0178.00] [C:\Program Files\MSN Messenger\MSNCore.dll] [Microsoft Corporation, 8.1.0178.00] [C:\Program Files\MSN Messenger\msidcrl40.dll] [Microsoft Corporation, 4.100.313.1] [C:\Program Files\MSN Messenger\ContactsUX.dll] [Microsoft Corporation, 8.1.0178.00] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.13.0.1 02Feb05] [C:\Program Files\MSN Messenger\msgslang.8.1.0178.00.dll] [Microsoft Corporation, 8.1.0178.00] [C:\Program Files\MSN Messenger\msgsres.dll] [Microsoft Corporation, 8.1.0178.00] [C:\WINDOWS\system32\UNISPIM5.IME] [北京紫光华宇软件股份有限公司, 5.0.0.5076] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125] [C:\Program Files\MSN Messenger\MSGSWCAM.dll] [Microsoft Corporation, 8.1.0178.00] [C:\WINDOWS\system32\sirenacm.dll] [Microsoft Corp., 8.1.0178.00] [C:\WINDOWS\system32\msdmo.dll] [, ] [PID: 2320 / SYSTEM][C:\Program Files\PC Connectivity Solution\ServiceLayer.exe] [Nokia., 6, 83, 78, 3] [C:\Program Files\PC Connectivity Solution\NclTools.dll] [Nokia, 6, 83, 31, 2] [C:\WINDOWS\system32\UNISPIM5.IME] [北京紫光华宇软件股份有限公司, 5.0.0.5076] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125] [C:\Program Files\PC Connectivity Solution\Transports\NCLIrDAMM.dll] [Nokia Corp., 6, 83, 32, 1] [C:\Program Files\PC Connectivity Solution\Transports\NCLRSMM.dll] [Nokia Corp., 6, 83, 40, 1] [C:\Program Files\PC Connectivity Solution\Transports\NCLUSBMM.dll] [Nokia., 6, 83, 54, 2] [C:\Program Files\PC Connectivity Solution\Transports\NclMSBTMM.dll] [Nokia Corp., 6, 83, 54, 1] [PID: 2352 / guoxiaowen][C:\WINDOWS\system32\RAMASST.exe] [Matsushita Electric Industrial Co., Ltd., 1, 0, 9, 0] [C:\WINDOWS\system32\UNISPIM5.IME] [北京紫光华宇软件股份有限公司, 5.0.0.5076] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125] [PID: 2400 / guoxiaowen][C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe] [Microsoft Corporation, 2000.080.0194.00] [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\W95SCM.dll] [Microsoft Corporation, 2000.080.0194.00] [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\SQLSVC.dll] [Microsoft Corporation, 2000.080.0194.00] [C:\WINDOWS\system32\odbcbcp.dll] [Microsoft Corporation, 2000.085.1117.00 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\SQLRESLD.dll] [Microsoft Corporation, 2000.080.0194.00] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125] [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\Resources\2052\SQLSVC.RLL] [Microsoft Corporation, 2000.080.0194.00] [C:\Program Files\Microsoft SQL Server\80\Tools\Binn\Resources\2052\sqlmangr.RLL] [Microsoft Corporation, 2000.080.0194.00] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.13.0.1 02Feb05] [C:\WINDOWS\system32\UNISPIM5.IME] [北京紫光华宇软件股份有限公司, 5.0.0.5076] [PID: 2616 / guoxiaowen][C:\WINDOWS\system32\TPSBattM.exe] [TOSHIBA Corporation, 1, 0, 2, 0] [C:\WINDOWS\system32\TPwrCfg.DLL] [TOSHIBA Corporation, 1, 0, 8, 1] [C:\WINDOWS\system32\TPwrReg.dll] [TOSHIBA Corporation, 1, 0, 4, 0] [C:\WINDOWS\system32\TPSTrace.DLL] [TOSHIBA Corporation, 1, 0, 3, 0] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.13.0.1 02Feb05] [C:\WINDOWS\system32\UNISPIM5.IME] [北京紫光华宇软件股份有限公司, 5.0.0.5076] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125] [PID: 2636 / NETWORK SERVICE][C:\WINDOWS\system32\wbem\wmiprvse.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 3832 / guoxiaowen][C:\WINDOWS\system32\conime.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.13.0.1 02Feb05] [C:\WINDOWS\system32\UNISPIM5.IME] [北京紫光华宇软件股份有限公司, 5.0.0.5076] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125] [PID: 3756 / guoxiaowen][C:\WINDOWS\system32\wuauclt.exe] [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.13.0.1 02Feb05] [C:\WINDOWS\system32\wups2.dll] [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)] [C:\WINDOWS\system32\UNISPIM5.IME] [北京紫光华宇软件股份有限公司, 5.0.0.5076] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125] [PID: 4028 / guoxiaowen][C:\WINDOWS\explorer.exe] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.13.0.1 02Feb05] [C:\WINDOWS\system32\UNISPIM5.IME] [北京紫光华宇软件股份有限公司, 5.0.0.5076] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\scrchpg.dll] [Kaspersky Lab, 7.0.0.125] [D:\web迅雷\WebThunderBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 62] [D:\Adobe Reader 7.0\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 7.0.0.2004121400] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\dla\tfswshx.dll] [Sonic Solutions, 1.04.08a] [C:\WINDOWS\system32\tfswapi.dll] [Sonic Solutions, 1.04.08a] [C:\WINDOWS\system32\dla\tfswcres.dll] [Sonic Solutions, 1.04.08a] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [D:\Adobe Reader 7.0\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 7.0.0.0] [C:\WINDOWS\system32\TPwrCfg.DLL] [TOSHIBA Corporation, 1, 0, 8, 1] [C:\WINDOWS\system32\TPwrReg.dll] [TOSHIBA Corporation, 1, 0, 4, 0] [C:\WINDOWS\system32\TPSTrace.DLL] [TOSHIBA Corporation, 1, 0, 3, 0] [C:\Program Files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll] [Nokia, 6, 83, 74, 9] [C:\Program Files\Nokia\Nokia PC Suite 6\PCSCM.dll] [Nokia, 6, 83, 92, 11] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_chi-sc.nlr] [Nokia, 6, 83, 47, 1] [C:\Program Files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr] [Nokia, 6, 83, 15, 1] [C:\WINDOWS\system32\ffdshow.ax] [, 1, 0, 0, 1] [D:\暴风影音\Storm Codec\Codecs\VSFilter.dll] [Gabest, 1, 0, 0, 9] [D:\暴风影音\Storm Codec\Codecs\TTL2Dec.dll] [N/A, ] [C:\WINDOWS\system32\msdmo.dll] [, ] [D:\暴风影音\Storm Codec\Codecs\OGGSplt.ax] [Gabest, 1, 0, 0, 0] [C:\WINDOWS\system32\mpg2splt.ax] [, ] [D:\暴风影音\Storm Codec\Codecs\Vid1Dec.dll] [N/A, ] [C:\Program Files\InterVideo\Common\Bin\IVIVIDEO.ax] [ InterVideo Inc., 5.0.11.475] [C:\WINDOWS\system32\igfxpph.dll] [Intel Corporation, 3.0.0.3929] [C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation, 3.0.0.3929] [C:\WINDOWS\system32\igfxres.dll] [Intel Corporation, 3.0.0.3929] [C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.3929] [C:\WINDOWS\system32\igfxdev.dll] [Intel Corporation, 3.0.0.3929] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\ShellEx.dll] [Kaspersky Lab, 7.0.0.125] [C:\Program Files\WinRAR\rarext.dll] [N/A, ] [PID: 2576 / guoxiaowen][D:\Sreng2\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900] [C:\WINDOWS\system32\SynTPFcs.dll] [Synaptics, Inc., 7.13.0.1 02Feb05] [C:\WINDOWS\system32\UNISPIM5.IME] [北京紫光华宇软件股份有限公司, 5.0.0.5076] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll] [Kaspersky Lab, 7.0.0.125] [D:\Sreng2\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15] [D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll] [Kaspersky Lab, 7.0.0.125] ================================== 文件关联 .TXT Error. [C:\WINDOWS\notepad.exe %1] .EXE OK. ["%1" %*] .COM OK. ["%1" %*] .PIF OK. ["%1" %*] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %*] .SCR OK. ["%1" /S] .CHM Error. ["hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] .INI Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock 提供者 N/A ================================== Autorun.inf N/A ================================== HOSTS 文件 127.0.0.1 localhost ================================== 进程特权扫描特殊特权被允许： SeLoadDriverPrivilege [PID = 2044, C:\PROGRAM FILES\TOSHIBA\TVS\TVSTRAY.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 1264, C:\WINDOWS\SYSTEM32\TPSMAIN.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 844, C:\PROGRAM FILES\TOSHIBA\TOSHIBA APPLET\THOTKEY.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 1044, C:\PROGRAM FILES\TOSHIBA\TOSHIBA ZOOMING UTILITY\SMOOTHVIEW.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 1676, C:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 6\LAUNCHAPPLICATION.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 1412, C:\PROGRAM FILES\TOSHIBA\TOUCH AND LAUNCH\PADEXE.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 1752, C:\PROGRAM FILES\TOSHIBA\CONFIGFREE\NDSTRAY.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2180, C:\WINDOWS\SYSTEM32\DLA\TFSWCTRL.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2200, C:\PROGRAM FILES\TOSHIBA\TOSHIBA APPLET\BUTSMGR.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2224, C:\WINDOWS\AGRSMMSG.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2304, C:\PROGRAM FILES\TOSHIBA\TOSCDSPD\TOSCDSPD.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2320, C:\PROGRAM FILES\PC CONNECTIVITY SOLUTION\SERVICELAYER.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2352, C:\WINDOWS\SYSTEM32\RAMASST.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2400, C:\PROGRAM FILES\MICROSOFT SQL SERVER\80\TOOLS\BINN\SQLMANGR.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2616, C:\WINDOWS\SYSTEM32\TPSBATTM.EXE] ================================== API HOOK RVA 错误： LoadLibraryA (危险等级: 高, 被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys) RVA 错误： LoadLibraryExA (危险等级: 高, 被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys) RVA 错误： LoadLibraryExW (危险等级: 高, 被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys) RVA 错误： LoadLibraryW (危险等级: 高, 被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys) RVA 错误： GetProcAddress (危险等级: 高, 被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys) ================================== 隐藏进程 [1420] C:\WINDOWS\system32\EXPLORER.EXE ================================== [/CODE][upload=1][/upload]

同学的机器好像中了病毒，用Sreng说无法修复