开机的时候每次都自动弹出来，卡巴斯基报毒sys.exe和syste.exe，sys.exe在进程里删不了，自己手动删除，下次还有，郁闷。
2006-11-15,12:39:57

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
    <run><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [Microsoft Corporation]
    <SoundMan><SOUNDMAN.EXE>  [Realtek Semiconductor Corp.]
    <RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <kis><"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe">  [Kaspersky Lab]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [Microsoft Corporation]

==================================
启动文件夹
[服务器管理]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\服务器管理.lnk><N>
[Adobe Gamma Loader]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Gamma Loader.lnk><N>

==================================
服务
[卡巴斯基互联网安全套装 6.0 / AVP]
  <"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r><Kaspersky Lab>
[COM+ System User / COMSysUser]
  <><N/A>
[MRTServ / MRTServ]
  <><N/A>
[ninetowns_iCSP_sm / ninetowns_iCSP_sm]
  <c:\program files\ninetowns corp\icsp_sm\icsp.remoteservice.exe><九城口岸软件科技有限公司>
[Rising Proxy  Service / RfwProxySrv]
  <c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
  <c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Remote Packet Capture Protocol v.0 (experimental) / rpcapd]
  <"C:\Program Files\WinPcap\rpcapd.exe" -d -f "C:\Program Files\WinPcap\rpcapd.ini"><N/A>

==================================
浏览器加载项
[Web反病毒保护]
  {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll, Kaspersky Lab>
[雅虎WIDGET]
  {6354ABE6-05F1-49ed-B850-E423120EC338} <http://cn.widget.yahoo.com/index.htm?source=Cns, N/A>
[情景聊天]
  {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg, N/A>
[ToolBar888]
  {C004DEC2-2623-438e-9CA2-C9043AB28508} <C:\Program Files\Common Files\{34CCBE23-0B75-2052-1212-050220040056}\MyToolBar.dll, N/A>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[byna &BHO]
  {00000011-04FA-11D1-B7DA-00A0C9010000} <F:\MOVIE\BiGet\bigetband.dll, N/A>
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v8.dll, >
[DwHlper Class]
  {00C56AB9-175C-4D7D-AA94-0352B8A9FD16} <d:\Program Files\LONGMAN6250 PCSYNC\DwMGrLM6250.dll, N/A>
[MeadCo ScriptX]
  {1663ED61-23EB-11D2-B92F-008048FDD814} <C:\WINDOWS\system32\MCScripX.dll, Mead & Co Limited>
[UserCpuCard Control]
  {16F2448E-8C16-11D1-9A11-0080C8E1561F} <C:\WINDOWS\system32\USERCP~1.OCX, EPort>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[&Google]
  {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar1.dll, N/A>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Abobe Flash Play9]
  {BD328E49-38AB-42CB-8EEA-73AA4CD2A6FD} <C:\Program Files\Abobe Flash Play9\0602323.dll, N/A>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[ToolBar888]
  {C004DEC2-2623-438E-9CA2-C9043AB28508} <C:\Program Files\Common Files\{34CCBE23-0B75-2052-1212-050220040056}\MyToolBar.dll, N/A>
[CIEHelper Object]
  {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} <C:\WINDOWS\system32\ms.dll, N/A>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[LiteHtmlInstall Class]
  {F6119B33-74FB-42C8-862E-FA3A5AAB9F5A} <F:\MOVIE\BiGet\webinstall.dll, Shenzhen Byna Networking Technology Co.,Ltd.>
[Byna 搜索(&B)]
  <res://F:\MOVIE\BiGet\bigetcatch.dll/bigetsearch.html, N/A>
[使用BiGet下载]
  <res://F:\MOVIE\BiGet\bigetcatch.dll/bigethttp.html, N/A>

==================================
正在运行的进程
[PID: 464][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 536][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 568][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 612][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 624][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 768][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 836][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 904][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll]  <Kaspersky Lab><6.0.0.299>
    [C:\olite\bin\oci.dll]  <Oracle Corporation><8.0.5.0.1>
    [C:\olite\bin\ORA805.dll]  <Oracle Corporation><8.0.5.0.0>
    [C:\olite\bin\CORE40.dll]  <Oracle Corporation><4.0.5.0.0>
    [C:\olite\bin\NLSRTL33.dll]  <Oracle Corporation><3.3.2.0.0>
    [C:\olite\bin\NL80.dll]  <Oracle Corporation><8.0.4.0.0 Production>
    [C:\olite\bin\OTRACE80.dll]  <Oracle Corporation><8.0.4.0.0>
    [C:\olite\bin\NS80.dll]  <Oracle Corporation><8.0.4.0.2 Production>
    [C:\olite\bin\nasns80.dll]  <Oracle Corporation><8.0.4.0.0 Production>
    [C:\olite\bin\nz80.dll]  <Oracle Corporation><8.0.4.0.0 Production>
    [C:\olite\bin\NNFG80.dll]  <Oracle Corporation><8.0.4.0.1 Production>
    [C:\olite\bin\NNCI80.dll]  <Oracle Corporation><8.0.4.0.0 Production>
    [C:\olite\bin\NNG80.dll]  <Oracle Corporation><8.0.4.0.2 Production>
    [C:\olite\bin\NMP80.dll]  <Oracle Corporation><8.0.4.0.0 Production>
    [C:\olite\bin\NPL80.dll]  <Oracle Corporation><8.0.4.0.0 Production>
    [C:\olite\bin\NR80.dll]  <Oracle Corporation><8.0.4.0.0 Production>
    [C:\olite\bin\NT80.dll]  <Oracle Corporation><8.0.4.0.1 Production>
    [C:\olite\bin\NCR80.dll]  <Oracle Corporation><8.0.4.0.0 Production>
    [C:\olite\bin\NMS80.dll]  <Oracle Corporation><8.0.4.0.0 Production>
    [C:\olite\bin\NNFD80.dll]  <Oracle Corporation><8.0.4.0.0 Production>
    [C:\olite\bin\NNFN80.dll]  <Oracle Corporation><8.0.4.0.0 Production>
    [C:\olite\bin\NI80.dll]  <Oracle Corporation><8.0.4.0.0 Production>
    [C:\olite\bin\PLS805.dll]  <Oracle Corporation><8.0.5.0.0>
    [C:\olite\bin\NDWSI80.DLL]  <N/A><N/A>
    [C:\olite\bin\SQLLib80.dll]  <Oracle Corporation><8.0.5.0.0>
    [C:\olite\bin\xa80.dll]  <Oracle Corporation><8.0.5.0.0>
[PID: 988][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1116][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1168][c:\program files\rising\rfw\rfwsrv.exe]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 30>
    [c:\program files\rising\rfw\RfwRule.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 12>
    [c:\program files\rising\rfw\rfwlog.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 6>
    [c:\program files\rising\rfw\Rfwdrv.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 20>
    [c:\program files\rising\rfw\MonDrv.dll]  <rs><1, 0, 0, 4>
    [c:\program files\rising\rfw\ProcLib.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 9>
[PID: 1388][C:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
    [C:\WINDOWS\system32\hpzll3xu.dll]  <Hewlett-Packard Company><60.051.641.00>
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp3xu.dll]  <Hewlett-Packard Corporation><60.051.641.00>
[PID: 1484][C:\WINDOWS\Explorer.EXE]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\zxjrjn89.dll]  <N/A><N/A>
    [C:\Program Files\WinRAR\rarext.dll]  <N/A><N/A>
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\shellex.dll]  <Kaspersky Lab><6.0.0.299>
[PID: 1632][C:\WINDOWS\SOUNDMAN.EXE]  <Realtek Semiconductor Corp.><5.1.0.34>
[PID: 1656][C:\WINDOWS\system32\ctfmon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1668][C:\Program Files\Ninetowns Corp\iCSP_SM\iProcessAgent.exe]  < ><1.0.2246.29914>
    [c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_a434c54b\mscorlib.dll]  <N/A><N/A>
    [c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_5b47296f\system.windows.forms.dll]  <N/A><N/A>
    [c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_0e7e01ed\system.dll]  <N/A><N/A>
    [c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_84c8a948\system.drawing.dll]  <N/A><N/A>
[PID: 164][c:\program files\ninetowns corp\icsp_sm\icsp.remoteservice.exe]  <九城口岸软件科技有限公司><1.0.3725.476>
    [c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_a434c54b\mscorlib.dll]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\userservice.mod]  <N/A><N/A>
    [c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_0e7e01ed\system.dll]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\icsp.enterprisemanagement.dll]  < ><1.0.2253.17110>
    [c:\program files\ninetowns corp\icsp_sm\messagemonitor.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\icsp.resumablefiletransfer.dll]  < ><1.0.2253.17121>
    [c:\program files\ninetowns corp\icsp_sm\transfertaskmonitoritemsegment.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\servicebuyermanager.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\iservicebuyermanagement.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\organizationdistributorservicebuyer.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\bizrelationappl.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\buyerinfo.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\icsp.serviceupdate.dll]  < ><1.0.2265.27562>
    [c:\program files\ninetowns corp\icsp_sm\smversionsynchronizer.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\icsp.log.dll]  <Neoworks Limited><1.2.0.30714>
    [c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_8620a1e2\system.xml.dll]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\icsp.commonutil.dll]  < ><1.0.3725.476>
    [c:\program files\ninetowns corp\icsp_sm\stringutil.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\icsp.sessionmanagement.dll]  < ><1.0.2253.17106>
    [c:\program files\ninetowns corp\icsp_sm\serversessionmanager.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\iserversessionmanagement.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\session.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\smserviceinstaller.mod]  <N/A><N/A>

[c:\program files\ninetowns corp\icsp_sm\icsp.priceandordermanagement.dll]  < ><0.0.0.0>
    [c:\program files\ninetowns corp\icsp_sm\ordermsglistener.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\transfermanager.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\itransfer.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\pmservicemanager.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\iservermanagement.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\servicemodule.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\serviceresumeappl.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\serviceprivilege.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\serviceadapter.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\icsp.ormapping.dll]  < ><1.0.3725.476>
    [c:\program files\ninetowns corp\icsp_sm\serviceinstance.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\smupdatemanager.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\ismserviceupdate.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\updateinfo.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\unprocessedtaskinfo.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\stubmanager.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\messagequeimpl.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\transfermanagerimpl.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\transfertask.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\icsp.commonfunction.dll]  < ><1.0.3725.476>
    [c:\program files\ninetowns corp\icsp_sm\generator.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\localloader.mod]  <N/A><N/A>
[PID: 164][c:\documents and settings\localservice\local settings\application data\assembly\dl2\lv3nm01y.gt5\y5l6jz4e.3d5\e29d3e4e\00d58b20_58d1c601\es3000ent.framework.mp1.exe]  < ><1.0.0.1>
    [c:\documents and settings\localservice\local settings\application data\assembly\dl2\lv3nm01y.gt5\y5l6jz4e.3d5\653a1fb7\00d58b20_58d1c601\es3000ent.framework.interfacempi.dll]  < ><1.0.0.0>
    [c:\documents and settings\localservice\local settings\application data\assembly\dl2\lv3nm01y.gt5\y5l6jz4e.3d5\e869ad57\00d58b20_58d1c601\es3000ent.commoncomponents.ormapping.dll]  < ><1.0.0.0>
    [c:\program files\ninetowns corp\icsp_sm\log4net.dll]  <Neoworks Limited><1.2.0.30714>
    [c:\program files\ninetowns corp\icsp_sm\dbinfo.mod]  <N/A><N/A>
    [c:\documents and settings\localservice\local settings\application data\assembly\dl2\lv3nm01y.gt5\y5l6jz4e.3d5\4296eae7\00d58b20_58d1c601\es3000ent.businessrule.dll]  < ><1.0.2392.23953>
    [c:\program files\ninetowns corp\icsp_sm\irdexclient.dll]  <Ninetowns Inc.><3.1.2252.26297>
    [c:\program files\ninetowns corp\icsp_sm\interop.jro.dll]  < ><2.6.0.0>
    [c:\program files\ninetowns corp\icsp_sm\sax.dll]  < ><0.9.7.1>
    [c:\program files\ninetowns corp\icsp_sm\aelfred.dll]  < ><1.0.1721.27620>
    [c:\program files\ninetowns corp\icsp_sm\icsp.b2bmessagemanagement.dll]  < ><1.0.2253.17112>
    [c:\program files\ninetowns corp\icsp_sm\localxmppmessagemanager.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\icsp.apiinvoker.dll]  < ><1.0.3725.476>
    [c:\program files\ninetowns corp\icsp_sm\remoteprotocol.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\remoteaccessmanager.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\iremoteaccess.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\icsp.security.dll]  < ><1.0.2253.17101>
    [c:\program files\ninetowns corp\icsp_sm\rc4.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\remoteaccessors.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\messagewrapper.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\receiverecord.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\hdinfo.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\scsi.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\ide.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\atapidevice.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\systeminfo.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\icspproxy.mod]  <N/A><N/A>
    [c:\program files\ninetowns corp\icsp_sm\icsp.permissionmanagement.dll]  < ><1.0.2253.17117>
    [c:\program files\ninetowns corp\icsp_sm\smpermissionmanager.mod]  <N/A><N/A>

[PID: 1912][C:\WINDOWS\system32\conime.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 2172][C:\WINDOWS\system32\wbem\wmiapsrv.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 2532][C:\WINDOWS\system32\wbem\wmiprvse.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 392][C:\Program Files\Internet Explorer\iexplore.exe]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\PROGRA~1\Google\GOOGLE~1\GOOGLE~2.DLL]  <N/A><N/A>
    [C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopAPI2.dll]  <N/A><N/A>
    [C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopResources_zh_cn.dll]  <N/A><N/A>
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll]  <Kaspersky Lab><6.0.0.299>
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scr_ch_pg.dll]  <Kaspersky Lab><1.0.6.299>
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\klscav.dll]  <Kaspersky Lab><6.0.0.299>
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\pr_remote.dll]  <Kaspersky Lab><6.0.0.299>
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\prloader.dll]  <Kaspersky Lab><6.0.0.299>
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\prkernel.ppl]  <Kaspersky Lab><6.0.0.299>
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\params.ppl]  <Kaspersky Lab><6.0.0.299>
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\pxstub.ppl]  <Kaspersky Lab><6.0.0.299>
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\tempfile.ppl]  <Kaspersky Lab><6.0.0.299>
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\nfio.ppl]  <Kaspersky Lab><6.0.0.299>
    [c:\program files\kaspersky lab\kaspersky internet security 6.0\fsdrvplgn.ppl]  <Kaspersky Lab><6.0.0.299>
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  <Adobe Systems, Inc.><9,0,16,0>
[PID: 3588][G:\反病毒工具\系统修复\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll]  <Kaspersky Lab><6.0.0.299>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================

从那里加载进去的

大家快来帮忙呀。

沉了

沉的太快了

有谁知道，解决办法告诉我

快来人亚。终于到100了