用“恶意软件清理助手”在安全模式下可以删除，重启后又有了
HiJackThis的扫描结果如下， 能否帮忙下？

Logfile of HijackThis v1.99.1
Scan saved at 02:43:49, on 2006-10-22
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Common Files\Virtual Token\vtserver.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Aventail\Connect\as32svc.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Drivers\trcboot.exe
C:\Program Files\IBM\Personal Communications\PCS_AGNT.EXE
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
C:\Program Files\C4ebreg\c4ebreg.exe
c:\sdwork\issimsvc.exe
C:\notes\ntmulti.exe
C:\PROGRA~1\AT&TNE~1\NetCfgSv.EXE
C:\WINDOWS\system32\nutsrv4.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe
C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe
C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
C:\WINDOWS\system32\vmnat.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\WINDOWS\system32\Drivers\ldlcserv.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcMurocHlpr.exe
C:\Program Files\IBM\Personal Communications\tpam.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\TpShocks.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
C:\Program Files\C4ebreg\isamtray.exe
C:\Program Files\Zone Labs\Integrity Client\iclient.exe
C:\IBMTOOLS\UTILS\ibmprc.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe
C:\Program Files\MSNShell\BIN\MSNShell.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
D:\downloads\HijackThis.exe

R3 - Default URLSearchHook is missing
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Tpam.exe] "C:\Program Files\IBM\Personal Communications\tpam.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [BMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor
O4 - HKLM\..\Run: [BMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE
O4 - HKLM\..\Run: [BMMMONWND] rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll,BMMAutonomicMonitor
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [ControlCenter] "C:\Program Files\IBM fingerprint software\ctlcntr.exe" /startup
O4 - HKLM\..\Run: [ISSI EZUpdate Service] "c:\sdwork\issimsvc.exe"
O4 - HKLM\..\Run: [C4EBReg] "C:\Program Files\C4ebreg\c4ebreg.exe" /q
O4 - HKLM\..\Run: [ISAMTray] "C:\Program Files\C4ebreg\isamtray.exe"
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\Integrity Client\iclient.exe"
O4 - HKLM\..\Run: [stgclean] c:\sdwork\w32main2.exe /cleanup
O4 - HKLM\..\Run: [IBMPRC] C:\IBMTOOLS\UTILS\ibmprc.exe
O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [Babylon Client] ; D:\Tools\Babylon\Babylon.exe -AutoStart
O4 - HKLM\..\Run: [iTunesHelper] ; "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NuTCSetupEnviron] ; D:\Tools\Rational\Rational Test\nutcroot\bin\ncoeenv.exe
O4 - HKLM\..\Run: [SoDA Startup] ; D:\Tools\Rational\SoDAWord\Wizards\SodaStartup.exe StartUp
O4 - HKLM\..\Run: [SunJavaUpdateSched] ; C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NetSP - restore settings on power failure] "C:\Program Files\AT&T Network Client\NetSP.exe" -show
O4 - HKCU\..\Run: [TPKMAPMN] C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSNShell] C:\Program Files\MSNShell\BIN\MSNShell.exe autorun
O4 - HKCU\..\Run: [IBM RecordNow!] ;

O4 - Startup: IBM NotesBuddy for Notes.lnk = C:\Program Files\IBM\NotesBuddy\NotesBuddy.exe
O8 - Extra context menu item: Add to QQ Customized Emoticons - D:\programs\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: Add to QQ Customized Panel - D:\programs\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send Picture with QQ MMS - D:\programs\Tencent\QQ\SendMMS.htm
O8 - Extra context menu item: Set As Messenger Live Display Picture - C:\Program Files\MSNShell\BIN\SetMSNDP.htm
O8 - Extra context menu item: 使用网际快车下载 - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\programs\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\programs\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\programs\Tencent\QQ\SendMMS.htm
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\programs\Tencent\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\programs\Tencent\QQ\QQ.EXE
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\programs\Tencent\QQ\QQIEHelper.dll
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\programs\Tencent\QQ\QQIEHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files\aventail\connect\asdns.dll
O14 - IERESET.INF: START_PAGE_URL=http://w3.ibm.com
O16 - DPF: {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} (Edit Class) - https://www.sz1.cmbchina.com/download/CMBEdit.cab
O16 - DPF: {9519B2A2-6592-4E41-8290-D0298459270C} (LNWebAssist Class) - http://w3.ibm.com/bluepages/scripts/lnwebassist.cab
O16 - DPF: {A4B28810-11A2-4956-82D1-B2DCBA4B2AFD} (gpwsx.plugin) - http://w3.ibm.com/tools/print/plugin/gpwsx.cab
O16 - DPF: {F2EB8999-766E-4BF6-AAAD-188D398C0D0B} (PBActiveX40 Control) - http://szdl.cmbchina.com/download/PB/pb50.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = cn.ibm.com
O17 - HKLM\Software\..\Telephony: DomainName = cn.ibm.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{F1A39B78-9521-4453-89C6-B55C55116097}: Domain = cn.ibm.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{F54F2978-43D3-4F5E-92B8-66312596F625}: NameServer = 210.51.176.71 210.53.31.2
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = cn.ibm.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = cn.ibm.com,hk.ibm.com,tw.ibm.com,au.ibm.com,us.ibm.com,ibm.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = cn.ibm.com,hk.ibm.com,tw.ibm.com,au.ibm.com,us.ibm.com,ibm.com
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live Mail desktop\mailcomm.dll
O20 - Winlogon Notify: DIFx - C:\WINDOWS\system32\p66slgj716o.dll
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AppnNode - IBM Corporation - C:\WINDOWS\system32\Drivers\appnnode.exe
O23 - Service: Aventail Connect (As32Svc) - Aventail Corporation - C:\Program Files\Aventail\Connect\as32svc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: IBM Rapid Restore Ultra Service - Unknown owner - C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IBM Standard Asset Manager Service (ISAMSvc) - IBM Global Services - C:\Program Files\C4ebreg\c4ebreg.exe
O23 - Service: ISSI EZUpdate (ISSIMon) - IBM Global Services - c:\sdwork\issimsvc.exe
O23 - Service: IBM Enterprise Extender (ldlcserv) - IBM Corporation - C:\WINDOWS\system32\Drivers\ldlcserv.exe
O23 - Service: Rational ClearQuest Mail Service (MailService) - Unknown owner - D:\Tools\Rational\ClearQuest\mailservice.exe
O23 - Service: Multi-user Cleanup Service - IBM Corp - C:\notes\ntmulti.exe
O23 - Service: MySQL - Unknown owner - D:\Tools\MySQL\bin\mysqld-nt".exe (file missing)
O23 - Service: Network Configuration Service (NetCfgSvr) - AT&T - C:\PROGRA~1\AT&TNE~1\NetCfgSv.EXE
O23 - Service: NuTCRACKERService - DataFocus, Inc. - C:\WINDOWS\system32\nutsrv4.exe
O23 - Service: ProxyServer Service (ProxyServerService) - Rational Software - D:\Tools\Rational\Rational Test\rtpxsr.exe
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)
O23 - Service: Rational Test Agent Service (RationalTestAgentService) - Rational Software - D:\Tools\Rational\Rational Test\rtpsvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Apache Tomcat (Tomcat5) - Unknown owner - D:\Tools\Tomcat 5.5\bin\tomcat5.exe" //RS//Tomcat5 (file missing)
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
O23 - Service: IBM Trace Facility (TrcBoot) - IBM Corporation - C:\WINDOWS\system32\Drivers\trcboot.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Protector Suite Virtual Token (vtserver) - UPEK Inc. - C:\Program Files\Common Files\Virtual Token\vtserver.exe
O23 - Service: WebSphere Embedded Messaging Publish And SubscribeWAS_IBM_99HKP50_server1 (WebSphereEmbeddedMessagingPublishAndSubscribeWAS_IBM_99HKP50_server1) - Unknown owner - D:/Tools/IBM/WebSphere MQ/WEMPS/bin/bipservice.exe (file missing)

运行Hijackthis，把下面的选中打上钩，修复
O20 - Winlogon Notify: DIFx - C:\WINDOWS\system32\p66slgj716o.dll
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = cn.ibm.com
O17 - HKLM\Software\..\Telephony: DomainName = cn.ibm.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{F1A39B78-9521-4453-89C6-B55C55116097}: Domain = cn.ibm.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = cn.ibm.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = cn.ibm.com,hk.ibm.com,tw.ibm.com,au.ibm.com,us.ibm.com,ibm.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = cn.ibm.com,hk.ibm.com,tw.ibm.com,au.ibm.com,us.ibm.com,ibm.com

请下载SREng2（最新版） ，使用“智能扫描”，按下“扫描”按钮进行扫描，
扫描完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告
日志文件内容复制-粘贴上来,,日志一次粘不完，分次粘完，请不要修改。

下载地址
http://free5.ys168.com/?ufwihgu168
http://www.kztechs.com/sreng/sreng2.zip

多谢楼上回复
扫描记过如下：
2006-10-22,10:52:07

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
    All Boot Items (Including Registry, Startup Folders, Services and so on)
    Browser Add-ons
    Runing Processes (Including process model information)
    File Associations
    Winsock Provider
    Autorun.Inf
    HOSTS File


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    <NetSP - restore settings on power failure><"C:\Program Files\AT&T Network Client\NetSP.exe" -show>  [AT&T]
    <TPKMAPMN><C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe>  [N/A]
    <MsnMsgr><"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background>  [(Verified)Microsoft Corporation]
    <MSNShell><C:\Program Files\MSNShell\BIN\MSNShell.exe autorun>  [N/A]
    <IBM RecordNow!><; >  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <Tpam.exe><"C:\Program Files\IBM\Personal Communications\tpam.exe">  [N/A]
    <ccApp><"C:\Program Files\Common Files\Symantec Shared\ccApp.exe">  [(Verified)Symantec Corporation]
    <vptray><C:\PROGRA~1\SYMANT~1\VPTray.exe>  [(Verified)Symantec Corporation]
    <TPHOTKEY><C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe>  [N/A]
    <BMMGAG><RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor>  [IBM Corp.]
    <BMMLREF><C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE>  [N/A]
    <BMMMONWND><rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll,BMMAutonomicMonitor>  [N/A]
    <SynTPLpr><C:\Program Files\Synaptics\SynTP\SynTPLpr.exe>  [(Verified)Synaptics, Inc.]
    <SynTPEnh><C:\Program Files\Synaptics\SynTP\SynTPEnh.exe>  [(Verified)Synaptics, Inc.]
    <TP4EX><tp4ex.exe>  [IBM Corporation]
    <TPKMAPHELPER><C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper>  [IBM Corp.]
    <TpShocks><TpShocks.exe>  [IBM Corp.]
    <ControlCenter><"C:\Program Files\IBM fingerprint software\ctlcntr.exe" /startup>  [UPEK Inc.]
    <ISSI EZUpdate Service><"c:\sdwork\issimsvc.exe">  [IBM Global Services]
    <C4EBReg><"C:\Program Files\C4ebreg\c4ebreg.exe" /q>  [IBM Global Services]
    <ISAMTray><"C:\Program Files\C4ebreg\isamtray.exe">  [IBM Global Services]
    <Zone Labs Client><"C:\Program Files\Zone Labs\Integrity Client\iclient.exe">  [(Verified)Check Point Inc.]
    <stgclean><c:\sdwork\w32main2.exe /cleanup>  [IBM Global Services]
    <IBMPRC><C:\IBMTOOLS\UTILS\ibmprc.exe>  [IBM Corp.]
    <ACTray><C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe>  [Lenovo]
    <ACWLIcon><C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe>  [Lenovo]
    <Babylon Client><; D:\Tools\Babylon\Babylon.exe -AutoStart>  [(Verified)Babylon Ltd.]
    <iTunesHelper><; "C:\Program Files\iTunes\iTunesHelper.exe">  [(Verified)Apple Computer, Inc.]
    <NuTCSetupEnviron><; D:\Tools\Rational\Rational Test\nutcroot\bin\ncoeenv.exe>  [N/A]
    <SoDA Startup><; D:\Tools\Rational\SoDAWord\Wizards\SodaStartup.exe StartUp>  [N/A]
    <SunJavaUpdateSched><; C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe>  [Sun Microsystems, Inc.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ShellScrap]
    <WinlogonNotify: ShellScrap><C:\WINDOWS\system32\lv0209doe.dll>  [N/A]

==================================
Startup Folders
[IBM NotesBuddy for Notes]
  <C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\IBM NotesBuddy for Notes.lnk --> C:\PROGRA~1\IBM\NOTESB~1\NOTESB~1.EXE [International Business Machines Corp.]><N>

==================================
Services
[Ac Profile Manager Service / AcPrfMgrSvc]
  <C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe><N/A>
[Access Connections Main Service / AcSvc]
  <C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe><Lenovo>
[Adobe LM Service / Adobe LM Service]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[Aventail Connect / As32Svc]
  <C:\Program Files\Aventail\Connect\as32svc.exe><Aventail Corporation>
[Ati HotKey Poller / Ati HotKey Poller]
  <C:\WINDOWS\system32\Ati2evxx.exe><N/A>
[Symantec Event Manager / ccEvtMgr]
  <"C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"><Symantec Corporation>
[Symantec Password Validation / ccPwdSvc]
  <"C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe"><Symantec Corporation>
[Symantec Settings Manager / ccSetMgr]
  <"C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"><Symantec Corporation>
[Symantec AntiVirus Definition Watcher / DefWatch]
  <"C:\Program Files\Symantec AntiVirus\DefWatch.exe"><Symantec Corporation>
[EvtEng / EvtEng]
  <C:\Program Files\Intel\Wireless\Bin\EvtEng.exe><Intel Corporation>
[Human Interface Device Access / HidServ]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[IBM Rapid Restore Ultra Service / IBM Rapid Restore Ultra Service]
  <"C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe"><>
[IBM PM Service / IBMPMSVC]
  <C:\WINDOWS\system32\ibmpmsvc.exe><N/A>
[iPod Service / iPod Service]
  <"C:\Program Files\iPod\bin\iPodService.exe"><Apple Computer, Inc.>
[IBM Standard Asset Manager Service / ISAMSvc]
  <C:\Program Files\C4ebreg\c4ebreg.exe><IBM Global Services>
[ISSI EZUpdate / ISSIMon]
  <c:\sdwork\issimsvc.exe><IBM Global Services>
[IBM Enterprise Extender / ldlcserv]
  <C:\WINDOWS\system32\Drivers\ldlcserv.exe><IBM Corporation>
[Rational ClearQuest Mail Service / MailService]
  <D:\Tools\Rational\ClearQuest\mailservice.exe><N/A>
[Multi-user Cleanup Service / Multi-user Cleanup Service]
  <C:\notes\ntmulti.exe><IBM Corp>
[My Help / MyHelp]
  <C:\Program Files\IBM\My Help\plugins\com.ibm.myhelp.installer\service\MyHelpService.exe><N/A>
[MySQL / MySQL]
  <"D:\Tools\MySQL\bin\mysqld-nt" --defaults-file="D:\Tools\MySQL\my.ini" MySQL><N/A>
[Network Configuration Service / NetCfgSvr]
  <C:\PROGRA~1\AT&TNE~1\NetCfgSv.EXE><AT&T>
[NuTCRACKERService / NuTCRACKERService]
  <C:\WINDOWS\system32\nutsrv4.exe><DataFocus, Inc.>
[ProxyServer Service / ProxyServerService]
  <"D:\Tools\Rational\Rational Test\rtpxsr.exe"><Rational Software>
[IBM PSA Access Driver Control / PsaSrv]
  <C:\WINDOWS\system32\PsaSrv.exe><N/A>
[Rational Test Agent Service / RationalTestAgentService]
  <"D:\Tools\Rational\Rational Test\rtpsvc.exe"><Rational Software>
[RegSrvc / RegSrvc]
  <C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe><Intel Corporation>
[SavRoam / SavRoam]
  <"C:\Program Files\Symantec AntiVirus\SavRoam.exe"><symantec>
[Symantec Network Drivers Service / SNDSrvc]
  <"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"><Symantec Corporation>
[Symantec AntiVirus / Symantec AntiVirus]
  <"C:\Program Files\Symantec AntiVirus\Rtvscan.exe"><Symantec Corporation>
[Apache Tomcat / Tomcat5]
  <"D:\Tools\Tomcat 5.5\bin\tomcat5.exe" //RS//Tomcat5><Apache Software Foundation>
[IBM KCU Service / TpKmpSVC]
  <C:\WINDOWS\system32\TpKmpSVC.exe><N/A>
[IBM Trace Facility / TrcBoot]
  <C:\WINDOWS\system32\Drivers\trcboot.exe><IBM Corporation>
[VMware Authorization Service / VMAuthdService]
  <C:\Program Files\VMware\VMware Workstation\vmware-authd.exe><VMware, Inc.>
[VMware DHCP Service / VMnetDHCP]
  <C:\WINDOWS\system32\vmnetdhcp.exe><VMware, Inc.>
[VMware Virtual Mount Manager Extended / vmount2]
  <"C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe"><VMware, Inc.>
[VMware NAT Service / VMware NAT Service]
  <C:\WINDOWS\system32\vmnat.exe><VMware, Inc.>
[TrueVector Internet Monitor / vsmon]
  <C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service><Check Point Inc.>
[Protector Suite Virtual Token / vtserver]
  <"C:\Program Files\Common Files\Virtual Token\vtserver.exe"><UPEK Inc.>
[WebSphere Embedded Messaging Publish And SubscribeWAS_IBM_99HKP50_server1 / WebSphereEmbeddedMessagingPublishAndSubscribeWAS_IBM_99HKP50_server1]
  <D:/Tools/IBM/WebSphere MQ/WEMPS/bin/bipservice.exe><N/A>

==================================
Drivers
[abp480n5 / abp480n5]
  <\SystemRoot\system32\DRIVERS\ABP480N5.SYS><Microsoft Corporation>
[AGN VPN Client Miniport Interface / ABVPN2K]
  <system32\DRIVERS\abvpn2k.sys><AT&T>
[adpu160m / adpu160m]
  <\SystemRoot\system32\DRIVERS\adpu160m.sys><Microsoft Corporation>
[aeaudio / aeaudio]
  <system32\drivers\aeaudio.sys><Andrea Electronics Corporation>
[AEGIS Protocol (IEEE 802.1x) v3.2.0.3 / AegisP]
  <system32\DRIVERS\AegisP.sys><Meetinghouse Data Communications>
[afpa / afpa]
  <\??\C:\WINDOWS\system32\drivers\afpa.sys><IBM Corporation>
[AT&T Wi-Fi Support Driver / agnwifi]
  <system32\DRIVERS\agnwifi.sys><AT&T>
[Aha154x / Aha154x]
  <\SystemRoot\system32\DRIVERS\aha154x.sys><Microsoft Corporation>
[aic78u2 / aic78u2]
  <\SystemRoot\system32\DRIVERS\aic78u2.sys><Microsoft Corporation>
[aic78xx / aic78xx]
  <\SystemRoot\system32\DRIVERS\aic78xx.sys><Microsoft Corporation>
[AliIde / AliIde]
  <\SystemRoot\system32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMD AGP Bus Filter Driver / amdagp]
  <\SystemRoot\system32\DRIVERS\amdagp.sys><Advanced Micro Devices, Inc.>
[ANC / ANC]
  <System32\drivers\ANC.SYS><IBM Corp.>
[ANCSQ / ANCSQ]
  <\SystemRoot\System32\drivers\ANCSQ.sys><IBM Corp.>
[Anydlc / Anydlc]
  <\SystemRoot\System32\drivers\anydlc.sys><IBM Corporation>
[Appn / Appn]
  <\SystemRoot\System32\drivers\appn.sys><IBM Corporation>
[AppnApi / AppnApi]
  <\SystemRoot\System32\drivers\appnapi.sys><IBM Corporation>
[AppnBase / AppnBase]
  <\SystemRoot\System32\drivers\AppnBase.sys><IBM Corporation>
[asc / asc]
  <\SystemRoot\system32\DRIVERS\asc.sys><Advanced System Products, Inc.>
[asc3350p / asc3350p]
  <\SystemRoot\system32\DRIVERS\asc3350p.sys><Microsoft Corporation>

[asc3550 / asc3550]
  <\SystemRoot\system32\DRIVERS\asc3550.sys><Advanced System Products, Inc.>
[Ascrypto / Ascrypto]
  <\??\C:\Program Files\Aventail\Connect\ascrypto.sys><Aventail Corporation>
[Askernel / Askernel]
  <\??\C:\Program Files\Aventail\Connect\asntkrnl.sys><Aventail Corporation>
[Astdi / Astdi]
  <\??\C:\Program Files\Aventail\Connect\asnttdi.sys><Aventail Corporation>
[ati2mtag / ati2mtag]
  <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[AtmelTpm / AtmelTpm]
  <system32\DRIVERS\AtmelTpm.sys><Atmel, Inc.>
[AGN Virtual Network Adapter / avpnnic]
  <system32\DRIVERS\avpnnic.sys><AT&T>
[cd20xrnt / cd20xrnt]
  <\SystemRoot\system32\DRIVERS\cd20xrnt.sys><Microsoft Corporation>
[CmdIde / CmdIde]
  <\SystemRoot\system32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[d347bus / d347bus]
  <\SystemRoot\system32\DRIVERS\d347bus.sys><>
[d347prt / d347prt]
  <\SystemRoot\System32\Drivers\d347prt.sys><>
[dac2w2k / dac2w2k]
  <\SystemRoot\system32\DRIVERS\dac2w2k.sys><Mylex Corporation>
[Panasonic GP-KR661US / DCamUSBPanas]
  <system32\DRIVERS\pcam.sys><Divio Inc.>
[dpti2o / dpti2o]
  <\SystemRoot\system32\DRIVERS\dpti2o.sys><Microsoft Corporation>
[Intel(R) PRO/1000 Adapter Driver / E1000]
  <system32\DRIVERS\e1000325.sys><Intel Corporation>
[Intel(R) PRO Adapter Driver / E100B]
  <system32\DRIVERS\e100b325.sys><Intel Corporation>
[Eacfilt Miniport / Eacfilt]
  <system32\DRIVERS\eacfilt.sys><Nortel Networks>
[IBM Access Support / EGATHDRV]
  <\??\C:\WINDOWS\SYSTEM32\EGATHDRV.SYS><IBM Corporation>
[GEARAspiWDM / GEARAspiWDM]
  <System32\Drivers\GEARAspiWDM.sys><GEAR Software Inc.>
[gwiopm / gwiopm]
  <\??\C:\Program Files\wst\gwiopm.sys><N/A>
[VMware hcmon / hcmon]
  <\??\C:\WINDOWS\system32\Drivers\hcmon.sys><VMware, Inc.>
[HSFHWICH / HSFHWICH]
  <system32\DRIVERS\HSFHWICH.sys><Conexant Systems, Inc.>
[HSF_DP / HSF_DP]
  <system32\DRIVERS\HSF_DP.sys><Conexant Systems, Inc.>
[ibmfilter / ibmfilter]
  <\??\C:\WINDOWS\system32\drivers\ibmfilter.sys><IBM>
[IBMPMDRV / IBMPMDRV]
  <system32\DRIVERS\ibmpmdrv.sys><IBM Corp.>
[IBMTPCHK / IBMTPCHK]
  <\??\C:\WINDOWS\system32\Drivers\IBMBLDID.sys><N/A>
[IBM Personal Communications LLC2 Driver / IBM_LLC2]
  <system32\DRIVERS\llc2.sys><IBM Corporation>
[ini910u / ini910u]
  <\SystemRoot\system32\DRIVERS\ini910u.sys><Microsoft Corporation>
[Nortel Extranet Access Protocol / IPSECEXT]
  <system32\DRIVERS\ipsecw2k.sys><Nortel Networks NA, Inc.>
[Nortel IPSECSHM Adapter / IPSECSHM]
  <system32\DRIVERS\ipsecw2k.sys><Nortel Networks NA, Inc.>
[KLOGNT / KLOGNT]
  <\SystemRoot\System32\drivers\klognt.sys><IBM Corporation>
[mdmxsdk / mdmxsdk]
  <system32\DRIVERS\mdmxsdk.sys><Conexant>
[mraid35x / mraid35x]
  <\SystemRoot\system32\DRIVERS\mraid35x.sys><American Megatrends Inc.>
[NAVENG / NAVENG]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20061019.066\naveng.sys><Symantec Corporation>
[NAVEX15 / NAVEX15]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20061019.066\navex15.sys><Symantec Corporation>
[npkcrypt / npkcrypt]
  <\??\D:\programs\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[NSC Infrared Device Driver / NSCIRDA]
  <system32\DRIVERS\nscirda.sys><National Semiconductor Corporation>
[NsTrcNT / NsTrcNT]
  <\SystemRoot\System32\drivers\nstrcnt.sys><IBM Corporation>
[PDLC Adapter -- COM / pdlnacom]
  <\SystemRoot\System32\drivers\pdlnacom.sys><IBM Corporation>
[PDLC Adapter Factory / pdlnafac]
  <\SystemRoot\System32\drivers\pdlnafac.sys><IBM Corporation>
[Twinax Adapter Common / pdlnatcm]
  <\SystemRoot\System32\drivers\pdlnatcm.sys><IBM Corporation>
[Twinax Adapter / pdlnatdl]
  <\SystemRoot\System32\drivers\pdlnatdl.sys><IBM Corporation>
[PDLC CxM Classes / pdlncbas]
  <\SystemRoot\System32\drivers\pdlncbas.sys><IBM Corporation>
[PDLC Connection Manager / pdlncfwk]
  <\SystemRoot\System32\drivers\pdlncfwk.sys><IBM Corporation>
[Twinax CUT Adapter / pdlnctdl]
  <\SystemRoot\System32\drivers\pdlnctdl.sys><IBM Corporation>
[PDLC DLC Classes / pdlndint]
  <\SystemRoot\System32\drivers\pdlndint.sys><IBM Corporation>
[IBM Enterprise Extender (HPR/IP) / pdlndldl]
  <\SystemRoot\System32\drivers\pdlndldl.sys><IBM Corporation>
[PDLC LAPB / pdlndlpb]
  <\SystemRoot\System32\drivers\pdlndlpb.sys><IBM Corporation>
[PDLC OEM Interface / pdlndoem]
  <\SystemRoot\System32\drivers\pdlndoem.sys><IBM Corporation>
[PDLC QLLC / pdlndqll]
  <\SystemRoot\System32\drivers\pdlndqll.sys><IBM Corporation>
[PDLC SDLC / pdlndsdl]
  <\SystemRoot\System32\drivers\pdlndsdl.sys><IBM Corporation>
[Twinax DLC / pdlndtdl]
  <\SystemRoot\System32\drivers\pdlndtdl.sys><IBM Corporation>
[PDLC Environment / pdlnebas]
  <\SystemRoot\System32\drivers\pdlnebas.sys><IBM Corporation>
[PDLC Configuration / pdlnecfg]
  <\SystemRoot\System32\drivers\pdlnecfg.sys><IBM Corporation>
[PDLC Mapper / pdlnemap]
  <\SystemRoot\System32\drivers\pdlnemap.sys><IBM Corporation>
[PDLC Message Driver / pdlnemsg]
  <\SystemRoot\System32\drivers\pdlnemsg.sys><IBM Corporation>
[PDLC Buffer Manager / pdlnepkt]
  <\SystemRoot\System32\drivers\pdlnepkt.sys><IBM Corporation>
[PDLC Hayes At signalling / pdlnshay]
  <\SystemRoot\System32\drivers\pdlnshay.sys><IBM Corporation>
[PDLC SDLC Leased / pdlnslea]
  <\SystemRoot\System32\drivers\pdlnslea.sys><IBM Corporation>
[PDLC V25bis signalling / pdlnsv25]
  <\SystemRoot\System32\drivers\pdlnsv25.sys><IBM Corporation>
[PDLC X.25 / pdlnsx25]
  <\SystemRoot\System32\drivers\pdlnsx25.sys><IBM Corporation>
[Padus ASPI Shell / pfc]
  <system32\drivers\pfc.sys><Padus, Inc.>
[IBM PSA Access Driver / psadd]
  <\??\C:\WINDOWS\system32\Drivers\psadd.sys><IBM Corporation>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20]
  <\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[ql1080 / ql1080]
  <\SystemRoot\system32\DRIVERS\ql1080.sys><QLogic Corporation>
[Ql10wnt / Ql10wnt]
  <\SystemRoot\system32\DRIVERS\ql10wnt.sys><Microsoft Corporation>
[ql12160 / ql12160]
  <\SystemRoot\system32\DRIVERS\ql12160.sys><QLogic Corporation>
[ql1280 / ql1280]
  <\SystemRoot\system32\DRIVERS\ql1280.sys><QLogic Corporation>
[WLAN Transport / s24trans]
  <system32\DRIVERS\s24trans.sys><Intel Corporation>
[S3Inc / S3Inc]
  <system32\DRIVERS\s3mt3d.sys><S3 Incorporated>
[SAVRT / SAVRT]
  <\??\C:\Program Files\Symantec AntiVirus\savrt.sys><Symantec Corporation>
[SAVRTPEL / SAVRTPEL]
  <\??\C:\Program Files\Symantec AntiVirus\Savrtpel.sys><Symantec Corporation>
[Secdrv / Secdrv]
  <system32\DRIVERS\secdrv.sys><N/A>
[ShockMgr / ShockMgr]
  <C:\WINDOWS\SYSTEM32\DRIVERS\ShockMgr.SYS><IBM Corporation>
[Shockprf / Shockprf]
  <C:\WINDOWS\SYSTEM32\DRIVERS\Shockprf.SYS><IBM Corporation>
[SIS AGP Bus Filter / sisagp]
  <\SystemRoot\system32\DRIVERS\sisagp.sys><Silicon Integrated Systems Corporation>
[Smapint / Smapint]
  <System32\drivers\Smapint.sys><Microsoft Corporation>
[smwdm / smwdm]
  <system32\drivers\smwdm.sys><Analog Devices, Inc.>
[Sparrow / Sparrow]
  <\SystemRoot\system32\DRIVERS\sparrow.sys><Adaptec, Inc.>
[symc810 / symc810]
  <\SystemRoot\system32\DRIVERS\symc810.sys><Symbios Logic Inc.>
[symc8xx / symc8xx]
  <\SystemRoot\system32\DRIVERS\symc8xx.sys><LSI Logic>
[SymEvent / SymEvent]
  <\??\C:\Program Files\Symantec\SYMEVENT.SYS><Symantec Corporation>
[SYMREDRV / SYMREDRV]
  <\SystemRoot\System32\Drivers\SYMREDRV.SYS><Symantec Corporation>
[SYMTDI / SYMTDI]
  <\SystemRoot\System32\Drivers\SYMTDI.SYS><Symantec Corporation>
[sym_hi / sym_hi]
  <\SystemRoot\system32\DRIVERS\sym_hi.sys><LSI Logic>
[sym_u3 / sym_u3]
  <\SystemRoot\system32\DRIVERS\sym_u3.sys><LSI Logic>
[Synaptics TouchPad Driver / SynTP]
  <system32\DRIVERS\SynTP.sys><Synaptics, Inc.>
[TC USB Kernel Driver / TcUsb]
  <System32\Drivers\tcusb.sys><UPEK Inc.>
[TDSMAPI / TDSMAPI]
  <System32\drivers\TDSMAPI.SYS><N/A>
[TosIde / TosIde]
  <\SystemRoot\system32\DRIVERS\toside.sys><Microsoft Corporation>
[TPHKDRV / TPHKDRV]
  <C:\WINDOWS\SYSTEM32\DRIVERS\TPHKDRV.SYS><IBM Corporation>
[TPPWR / TPPWR]
  <System32\drivers\Tppwr.sys><IBM Corp.>
[TSMAPIP / TSMAPIP]
  <System32\drivers\TSMAPIP.SYS><N/A>
[ultra / ultra]
  <\SystemRoot\system32\DRIVERS\ultra.sys><Promise Technology, Inc.>
[ViaIde / ViaIde]
  <\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>
[VMware Virtual Ethernet Adapter Driver / VMnetAdapter]
  <system32\DRIVERS\vmnetadapter.sys><VMware, Inc.>
[VMware Bridge Protocol / VMnetBridge]
  <system32\DRIVERS\vmnetbridge.sys><VMware, Inc.>
[VMware Network Application Interface / VMnetuserif]
  <\??\C:\WINDOWS\system32\drivers\vmnetuserif.sys><VMware, Inc.>
[VMware VMparport / VMparport]
  <\??\C:\WINDOWS\system32\Drivers\VMparport.sys><VMware, Inc.>
[VMware vmx86 / vmx86]
  <\??\C:\WINDOWS\system32\Drivers\vmx86.sys><VMware, Inc.>
[vsdatant / vsdatant]
  <System32\vsdatant.sys><Check Point Inc.>
[Vstor2 Virtual Storage Driver / vstor2]
  <\??\C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys><VMware, Inc.>
[Intel(R) PRO/Wireless 2200 Adapter Driver for Windows XP / w22n51]
  <system32\DRIVERS\w22n51.sys><N/A>
[Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP / w29n51]
  <system32\DRIVERS\w29n51.sys><Intel? Corporation>

==================================
Browser Add-ons
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <D:\programs\Tencent\QQ\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <D:\programs\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FlashGet\fgiebar.dll, Amaze Soft>
[Edit Class]
  {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINDOWS\system32\CMBEdit.dll, >
[Java Plug-in 1.5.0_04]
  {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll, Sun Microsystems, Inc.>
[LNWebAssist Class]
  {9519B2A2-6592-4E41-8290-D0298459270C} <C:\WINDOWS\DOWNLO~1\LNWEBA~1.DLL, IBM Corporation>
[gpwsx.plugin]
  {A4B28810-11A2-4956-82D1-B2DCBA4B2AFD} <C:\WINDOWS\Downloaded Program Files\gpwsx.ocx, IBM>
[Java Plug-in 1.5.0_04]
  {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll, Sun Microsystems, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[PBActiveX40 Control]
  {F2EB8999-766E-4BF6-AAAD-188D398C0D0B} <C:\WINDOWS\system32\CmbPb40.ocx, China Merchants Bank>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Microsoft ProgressBar Control, version 5.0 (SP2)]
  {0713E8D2-850A-101B-AFC0-4210102A8DA7} <C:\WINDOWS\system32\COMCTL32.OCX, Microsoft Corporation>
[Web Browser Applet Control]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\system32\msjava.dll, Microsoft Corporation>
[Edit Class]
  {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINDOWS\system32\CMBEdit.dll, >
[IeCatch5 Class]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <C:\PROGRA~1\FlashGet\jccatch.dll, FlashGet>
[]
  {53707962-6F74-2D53-2644-206D7942484F} <C:\Program Files\Spybot - Search & Destroy\SDHelper.dll, Safer Networking Limited>
[QQBrowserHelperObject Class]
  {54EBD53A-9BC1-480B-966A-843A333CA162} <D:\programs\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Active Desktop Mover]
  {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[Microsoft Web Browser]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Java Plug-in 1.5.0_04]
  {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll, Sun Microsystems, Inc.>
[Windows Live Sign-in Helper]
  {9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[LNWebAssist Class]
  {9519B2A2-6592-4E41-8290-D0298459270C} <C:\WINDOWS\DOWNLO~1\LNWEBA~1.DLL, IBM Corporation>
[gpwsx.plugin]
  {A4B28810-11A2-4956-82D1-B2DCBA4B2AFD} <C:\WINDOWS\Downloaded Program Files\gpwsx.ocx, IBM>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[MainBHO Class]
  {DE63E1D9-B5DB-4E7E-8902-5F4F3E3EC532} <C:\WINDOWS\system32\shdoclc2.dll, N/A>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FlashGet\fgiebar.dll, Amaze Soft>
[PBActiveX40 Control]
  {F2EB8999-766E-4BF6-AAAD-188D398C0D0B} <C:\WINDOWS\system32\CmbPb40.ocx, China Merchants Bank>
[Add to QQ Customized Emoticons]
  <D:\programs\Tencent\QQ\AddEmotion.htm, N/A>
[Add to QQ Customized Panel]
  <D:\programs\Tencent\QQ\AddPanel.htm, N/A>
[E&xport to Microsoft Excel]
  <res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000, N/A>
[Send Picture with QQ MMS]
  <D:\programs\Tencent\QQ\SendMMS.htm, N/A>
[Set As Messenger Live Display Picture]
  <C:\Program Files\MSNShell\BIN\SetMSNDP.htm, N/A>
[使用网际快车下载]
  <C:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <C:\Program Files\FlashGet\jc_all.htm, N/A>
[添加到QQ自定义面板]
  <D:\programs\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <D:\programs\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <D:\programs\Tencent\QQ\SendMMS.htm, N/A>

==================================
Running Processes
[PID: 1368][C:\WINDOWS\system32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\curtmgr.dll]  [N/A, N/A]
    [C:\Program Files\Aventail\Connect\asdns.dll]  [Aventail Corporation, 5.30.172]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.12 16Jun04]
    [C:\Program Files\MSNShell\BIN\ShellDll.dll]  [N/A, N/A]
[PID: 364][C:\Program Files\IBM\Personal Communications\PCS_AGNT.EXE]  [IBM Corporation, 5070.10.4118.928]
    [C:\Program Files\IBM\Personal Communications\DEFSECUR.DLL]  [IBM Corporation, 5070.10.4118.928]
    [C:\Program Files\IBM\Personal Communications\ATMGRTOK.DLL]  [IBM Corporation, 5070.10.4118.928]
    [C:\Program Files\IBM\Personal Communications\MILLUTIL.DLL]  [IBM Corporation, 5070.10.4118.928]
    [C:\Program Files\IBM\Personal Communications\PCSWLIB.dll]  [IBM Corporation, 5070.10.4118.928]
    [C:\Program Files\IBM\Personal Communications\PCSPREF.dll]  [IBM Corporation, 5070.10.4118.928]
    [C:\Program Files\IBM\Personal Communications\PCSCLIB.dll]  [IBM Corporation, 5070.10.4118.928]
    [C:\Program Files\IBM\Personal Communications\PCSMSG.dll]  [IBM Corporation, 5070.10.4118.928]
    [C:\Program Files\IBM\Personal Communications\PCSW32X.dll]  [IBM Corporation, 5070.10.4118.928]
    [C:\Program Files\IBM\Personal Communications\PCSWLIBI.dll]  [IBM Corporation, 5070.10.4118.928]
    [C:\Program Files\IBM\Personal Communications\NODEINIT.DLL]  [IBM Corporation, 5070.10.4118.928]
    [C:\Program Files\IBM\Trace Facility\NSTRC.dll]  [IBM Corporation, 5070.10.4118.928]
    [C:\Program Files\IBM\Personal Communications\SPELLING.DLL]  [IBM Corporation, 5070.10.4118.928]
    [C:\Program Files\IBM\Trace Facility\FMT_UTIL.dll]  [IBM Corporation, 5070.10.4118.928]
    [C:\Program Files\IBM\Personal Communications\PCSCAPI.dll]  [IBM Corporation, 5070.10.4118.928]
    [C:\Program Files\IBM\Personal Communications\OOCSVCS2.dll]  [N/A, N/A]
    [C:\Program Files\IBM\Personal Communications\MESSAGE.DLL]  [IBM Corporation, 5070.10.4118.928]
    [C:\Program Files\IBM\Personal Communications\MSGIO.dll]  [IBM Corporation, 5070.10.4118.928]
    [C:\Program Files\IBM\Personal Communications\PCSRTMSN.DLL]  [IBM Corporation, 5070.10.4118.928]
    [C:\Program Files\IBM\Personal Communications\PCSTQ.dll]  [IBM Corporation, 5070.10.4118.928]
    [C:\Program Files\IBM\Personal Communications\PCSZLIB.dll]  [IBM Corporation, 5070.10.4118.928]
[PID: 1720][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\curtmgr.dll]  [N/A, N/A]
    [C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll]  [IBM Corp., 1, 0, 0, 0]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.12 16Jun04]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll]  [Symantec Corporation, 9.0.3.1000]
    [D:\Tools\EditPlus\eppshell.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\contmenu.dll]  [N/A, N/A]
    [D:\Tools\Rational\ClearCase\bin\ccshelxb.dll]  [N/A, N/A]
    [D:\Tools\Rational\ClearCase\bin\libatriaview.dll]  [IBM Corporation, 6.0.0.389]
    [D:\Tools\Rational\ClearCase\bin\LIBRPCSVC.dll]  [N/A, N/A]
    [D:\Tools\Rational\ClearCase\bin\LIBATRIANT.dll]  [N/A, N/A]
    [D:\Tools\Rational\ClearCase\bin\LIBATRIAADM.dll]  [IBM Corporation, 6.0.0.389]
    [D:\Tools\Rational\ClearCase\bin\libatriavob.dll]  [IBM Corporation, 6.0.0.389]
    [D:\Tools\Rational\ClearCase\bin\libatriaccfs.dll]  [IBM Corporation, 6.0.0.389]
    [D:\Tools\Rational\ClearCase\bin\libatriaxdr.dll]  [IBM Corporation, 6.0.0.389]
    [D:\Tools\Rational\ClearCase\bin\libatriacredmap.dll]  [IBM Corporation, 6.0.0.389]
    [D:\Tools\Rational\ClearCase\bin\LIBATRIATBS.dll]  [IBM Corporation, 6.0.0.389]
    [D:\Tools\Rational\ClearCase\bin\libatriamvfs.dll]  [IBM Corporation, 6.0.0.389]
    [D:\Tools\Rational\ClearCase\bin\libatriaks.dll]  [IBM Corporation, 6.0.0.389]
    [D:\Tools\Rational\ClearCase\bin\LIBEZRPC.dll]  [N/A, N/A]
    [D:\Tools\Rational\ClearCase\bin\LIBATRIADBRPC.dll]  [IBM Corporation, 6.0.0.389]
    [D:\Tools\Rational\ClearCase\bin\libatriacm.dll]  [IBM Corporation, 6.0.0.389]
    [C:\Program Files\MSNShell\BIN\ShellDll.dll]  [N/A, N/A]
[PID: 2016][C:\WINDOWS\system32\nutsrv4.exe]  [DataFocus, Inc., 4.50.0000]
    [C:\WINDOWS\system32\nutmsg4.dll]  [DataFocus, Inc., 4.50.0000]
[PID: 2356][C:\Program Files\IBM\Personal Communications\tpam.exe]  [N/A, N/A]
[PID: 2392][C:\Program Files\Common Files\Symantec Shared\ccApp.exe]  [Symantec Corporation, 2.2.2.008]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 2.2.2.008]
    [C:\Program Files\Symantec\LiveUpdate\ProductRegCom.DLL]  [Symantec Corporation, 2.0.39.0]
    [C:\Program Files\Symantec\LiveUpdate\LuComServerPS.DLL]  [Symantec Corporation, 2.0.39.0]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL]  [Symantec Corporation, 2.2.2.008]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.12 16Jun04]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL]  [Symantec Corporation, 2.2.2.008]
    [C:\WINDOWS\system32\SYMREDIR.dll]  [Symantec Corporation, 5.3.6.13]
    [C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll]  [Symantec Corporation, 2.2.2.008]
    [C:\Program Files\Symantec AntiVirus\SavEmail.dll]  [Symantec Corporation, 9.0.3.1000]
    [C:\Program Files\Aventail\Connect\asdns.dll]  [Aventail Corporation, 5.30.172]
    [C:\Program Files\Common Files\Symantec Shared\ccProSub.dll]  [Symantec Corporation, 2.2.2.008]
[PID: 2480][C:\PROGRA~1\SYMANT~1\VPTray.exe]  [Symantec Corporation, 9.0.3.1000]
    [C:\Program Files\Symantec AntiVirus\SAVRT32.DLL]  [Symantec Corporation, 9.3.0.28]
    [C:\Program Files\Symantec AntiVirus\Cliscan.dll]  [Symantec Corporation, 9.0.3.1000]
    [C:\PROGRA~1\SYMANT~1\NAVNTUTL.DLL]  [Symantec Corporation, 9.0.3.1000]
    [C:\Program Files\Symantec AntiVirus\Cliproxy.dll]  [Symantec Corporation, 9.0.3.1000]
    [C:\Program Files\MSNShell\BIN\ShellDll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.12 16Jun04]

[PID: 3124][C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe]  [N/A, N/A]
    [C:\Program Files\ThinkPad\PkgMgr\HOTKEY_2\tphk_2k.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\Oemdspif.dll]  [ATI Technologies, Inc., 6.14.0010]
    [C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\tpfnf7.dll]  [N/A, N/A]
[PID: 3132][C:\WINDOWS\system32\RunDll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll]  [IBM Corp., 1, 0, 0, 0]
    [C:\PROGRA~1\ThinkPad\UTILIT~1\tppwrw32.dll]  [IBM Corp., 1, 0, 0, 0]
    [C:\WINDOWS\system32\sensor.dll]  [IBM Corporation, 1.30.1.0]
[PID: 3148][C:\WINDOWS\system32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll]  [N/A, N/A]
    [C:\PROGRA~1\ThinkPad\UTILIT~1\tppwrw32.dll]  [IBM Corp., 1, 0, 0, 0]
    [C:\WINDOWS\system32\sensor.dll]  [IBM Corporation, 1.30.1.0]
[PID: 3340][C:\Program Files\Synaptics\SynTP\SynTPLpr.exe]  [Synaptics, Inc., 7.5.17.12 16Jun04]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.12 16Jun04]
[PID: 2736][C:\Program Files\Synaptics\SynTP\SynTPEnh.exe]  [Synaptics, Inc., 7.5.17.12 16Jun04]
    [C:\WINDOWS\system32\SynCOM.dll]  [Synaptics, Inc., 7.5.17.12 16Jun04]
    [C:\WINDOWS\system32\SynTPAPI.dll]  [Synaptics, Inc., 7.5.17.12 16Jun04]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.12 16Jun04]
[PID: 3996][C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe]  [N/A, N/A]
[PID: 1632][C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe]  [IBM Corporation, 1.06]
[PID: 2208][C:\WINDOWS\system32\TpShocks.exe]  [IBM Corp., 1, 0, 0, 1]
    [C:\WINDOWS\system32\Sensor.dll]  [IBM Corporation, 1.30.1.0]
[PID: 3704][C:\Program Files\C4ebreg\isamtray.exe]  [IBM Global Services, 6.12]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.12 16Jun04]
[PID: 2872][C:\IBMTOOLS\UTILS\ibmprc.exe]  [IBM Corp., 1, 0, 0, 3]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.12 16Jun04]
[PID: 2904][C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe]  [Lenovo, 4, 11, 0, 0]
    [C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll]  [N/A, N/A]
    [C:\Program Files\ThinkPad\ConnectUtilities\ACGUIHlpr.dll]  [Lenovo, 4, 11, 0, 0]
    [C:\Program Files\ThinkPad\ConnectUtilities\AcSvcStub.dll]  [N/A, N/A]
    [C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll]  [N/A, N/A]
    [C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgr.dll]  [N/A, N/A]
    [C:\Program Files\ThinkPad\ConnectUtilities\AcCryptHlpr.dll]  [N/A, N/A]
    [C:\Program Files\ThinkPad\ConnectUtilities\Res\SC\GUIHlprRes.dll]  [Lenovo, 4, 0, 0, 0]
    [C:\Program Files\ThinkPad\ConnectUtilities\Res\SC\TrayRes.dll]  [Lenovo, 4, 0, 0, 0]
    [C:\Program Files\MSNShell\BIN\ShellDll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.12 16Jun04]
[PID: 2912][C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe]  [Lenovo, 4, 11, 0, 0]
    [C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll]  [N/A, N/A]
    [C:\Program Files\ThinkPad\ConnectUtilities\ACGUIHlpr.dll]  [Lenovo, 4, 11, 0, 0]
    [C:\Program Files\ThinkPad\ConnectUtilities\AcSvcStub.dll]  [N/A, N/A]
    [C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll]  [N/A, N/A]
    [C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgr.dll]  [N/A, N/A]
    [C:\Program Files\ThinkPad\ConnectUtilities\AcCryptHlpr.dll]  [N/A, N/A]
    [C:\Program Files\ThinkPad\ConnectUtilities\Res\SC\GUIHlprRes.dll]  [Lenovo, 4, 0, 0, 0]
    [C:\Program Files\ThinkPad\ConnectUtilities\Res\SC\IconRes.dll]  [Lenovo, 4, 0, 0, 0]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.12 16Jun04]
[PID: 3028][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.12 16Jun04]
[PID: 3268][C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe]  [N/A, N/A]
    [C:\Program Files\ThinkPad\Utilities\TpKmapHk.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.12 16Jun04]
[PID: 3612][C:\Program Files\MSN Messenger\MsnMsgr.Exe]  [Microsoft Corporation, 8.1.0068.00_ClientV8.1]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.12 16Jun04]
    [C:\Program Files\MSNShell\BIN\ShellDll02.dll]  [MSNShell Team, 4.2.28.17]
    [C:\Program Files\MSNShell\BIN\Skin\SkinPlusPlusDLL.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\devenum.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\quartz.dll]  [N/A, N/A]
    [C:\Program Files\Aventail\Connect\asdns.dll]  [Aventail Corporation, 5.30.172]
    [C:\Program Files\MSNShell\BIN\ShellDll.dll]  [N/A, N/A]
[PID: 4012][C:\Program Files\MSNShell\BIN\MSNShell.exe]  [N/A, N/A]
    [C:\Program Files\MSNShell\BIN\ShellDll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.12 16Jun04]
[PID: 1548][C:\Program Files\ThinkPad\ConnectUtilities\AcMurocHlpr.exe]  [N/A, N/A]
    [C:\Program Files\ThinkPad\ConnectUtilities\ACON.dll]  [N/A, N/A]
    [C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll]  [N/A, N/A]
    [C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgr.dll]  [N/A, N/A]
    [C:\Program Files\ThinkPad\ConnectUtilities\AcCryptHlpr.dll]  [N/A, N/A]
    [C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll]  [N/A, N/A]
    [C:\Program Files\ThinkPad\ConnectUtilities\ACTurinSupport.dll]  [N/A, N/A]
    [C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll]  [Intel Corporation, 9, 0, 4, 0]
    [C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL]  [Intel Corporation, 9, 0, 4, 0]
    [C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll]  [Intel Corporation, 9, 0, 4, 0]
    [C:\Program Files\MSNShell\BIN\ShellDll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.12 16Jun04]
    [C:\Program Files\Intel\Wireless\Bin\C8021CHS.dll]  [Intel Corporation, 9, 0, 4, 0]
    [C:\Program Files\Intel\Wireless\Bin\MurocAPI.dll]  [Intel Corporation, 9, 0, 4, 0]
    [C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll]  [Intel Corporation, 9, 0, 4, 0]
    [C:\Program Files\Intel\Wireless\Bin\C1XStngs.dll]  [Intel Corporation, 9, 0, 4, 0]
    [C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll]  [N/A, N/A]
    [C:\Program Files\Intel\Wireless\Bin\LSAWRAPI.dll]  [Intel Corporation, 9, 0, 4, 0]
[PID: 2024][C:\Program Files\Mozilla Firefox\firefox.exe]  [Mozilla Corporation, 1.8.0.7: 2006090918]
    [C:\Program Files\Mozilla Firefox\js3250.dll]  [Netscape Communications Corporation, 4.0]
    [C:\Program Files\Mozilla Firefox\nspr4.dll]  [Netscape Communications Corporation, 4.6.1]
    [C:\Program Files\Mozilla Firefox\xpcom_core.dll]  [Mozilla Foundation, 1.8.0.7: 2006090918]
    [C:\Program Files\Mozilla Firefox\plc4.dll]  [Netscape Communications Corporation, 4.6.1]
    [C:\Program Files\Mozilla Firefox\plds4.dll]  [Netscape Communications Corporation, 4.6.1]
    [C:\Program Files\Mozilla Firefox\smime3.dll]  [Netscape Communications Corporation, 3.10.2]
    [C:\Program Files\Mozilla Firefox\nss3.dll]  [Netscape Communications Corporation, 3.10.2]
    [C:\Program Files\Mozilla Firefox\softokn3.dll]  [Netscape Communications Corporation, 3.10.2]
    [C:\Program Files\Mozilla Firefox\ssl3.dll]  [Netscape Communications Corporation, 3.10.2]
    [C:\Program Files\Mozilla Firefox\xpcom_compat.dll]  [Mozilla Foundation, 1.8.0.7: 2006090918]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.12 16Jun04]
    [C:\Program Files\Mozilla Firefox\components\jar50.dll]  [Mozilla Foundation, 1.8.0.7: 2006090918]
    [C:\PROGRA~1\MOZILL~1\nssckbi.dll]  [Netscape Communications Corporation, 1.53]
    [C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\vyekxfxl.default\extensions\{31513E58-F253-47ad-86DB-D5F21E905429}\components\mintray-9178506d-2005072516-trunk.dll]  [http://minimizetotray.mozdev.org/, 0.0.1.2005072516+]
    [C:\Program Files\Mozilla Firefox\xpcom.dll]  [Mozilla Foundation, 1.8.0.7: 2006090918]
    [C:\Program Files\Aventail\Connect\asdns.dll]  [Aventail Corporation, 5.30.172]
    [C:\Program Files\MSNShell\BIN\ShellDll.dll]  [N/A, N/A]
    [C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll]  [N/A, N/A]
[PID: 308][D:\Tools\UltraEdit\uedit32.exe]  [IDM Computer Solutions, Inc., 12.00+3]
    [D:\Tools\UltraEdit\tidylib.dll]  [N/A, N/A]
    [D:\Tools\UltraEdit\SftpDLL.dll]  [WeOnlyDo! COM, 3, 0, 3, 32]
    [D:\Tools\UltraEdit\ueres.dll]  [IDM Computer Solutions, Inc., 12.00+3]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.12 16Jun04]
    [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\IIAAD1DA.DLL]  [Lexmark International, Inc., 8.0]
    [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\IIAAD1DL.DLL]  [Lexmark International, Inc., 8.0]
    [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\IIAAD1DF.DLL]  [Lexmark International, Inc., 8.0]
    [C:\Program Files\MSNShell\BIN\ShellDll.dll]  [N/A, N/A]
[PID: 1216][D:\downloads\roguecleaner_PConline\RogueCleaner.exe]  [Tommsoft.com, 2.2.0.1]
    [C:\Program Files\MSNShell\BIN\ShellDll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.12 16Jun04]
    [C:\Program Files\Aventail\Connect\asdns.dll]  [Aventail Corporation, 5.30.172]
[PID: 3420][D:\Tools\EditPlus\editplus.exe]  [ES-Computing, 2, 1, 2, 76]
    [C:\Program Files\MSNShell\BIN\ShellDll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.12 16Jun04]
[PID: 1060][D:\downloads\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [C:\Program Files\MSNShell\BIN\ShellDll.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.12 16Jun04]
    [C:\Program Files\Aventail\Connect\asdns.dll]  [Aventail Corporation, 5.30.172]

==================================
File Associations
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  Error. [piffile]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [UltraEdit.ini]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  Error. [UltraEdit.js]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
N/A

==================================
HOSTS File
N/A

==================================

运行SREng2,使用“启动项目”－－注册表－－选中以下的项删除
C:\WINDOWS\system32\lv0209doe.dll

删除
C:\WINDOWS\system32\lv0209doe.dll
C:\WINDOWS\system32\curtmgr.dll

运行SREng2,使用：系统修复－－文件关联－－全选－－修复

这个注册项好像无法干净删除， 每次删除之后都会自动生成一个新的类似的，同时还有system32下的同名dll

怎么每个人中的AspwsWin情况都不太一样啊.我的注册表项目中没有查到类似你的这种值