微信遮罩提示浏览器打开

html-css036

微信遮罩提示浏览器打开,第1张

css部分:

.btonshare{ width:80%height:50pxfloat:leftbackground:#16bb5cmargin:0 10%margin-top:15pxtext-align:centercolor:#fffline-height:50pxborder-radius:10px}

#cover{display:noneposition:absoluteleft:0top:0z-index:18888background-color:#000000opacity:0.7}

#guide{display:noneposition:absoluteright:18pxtop:5pxz-index:19999}

#guide img{width:260pxheight:180px}

html部分:

<div class="btonshare" onClick="_system._guide(true)">分享</div>

<div id="cover"></div>

<div id="guide"><img src="img/shareto.png"></div>(弹出层上的操作位置指向图片)

js部分:

<script>

var _system={

$:function(id){return document.getElementById(id)},

_client:function(){

return {w:document.documentElement.scrollWidth,h:document.documentElement.scrollHeight,bw:document.documentElement.clientWidth,bh:document.documentElement.clientHeight}

},

_scroll:function(){

return {x:document.documentElement.scrollLeft?document.documentElement.scrollLeft:document.body.scrollLeft,y:document.documentElement.scrollTop?document.documentElement.scrollTop:document.body.scrollTop}

},

_cover:function(show){

if(show){

this.$("cover").style.display="block"

this.$("cover").style.width=(this._client().bw>this._client().w?this._client().bw:this._client().w)+"px"

this.$("cover").style.height=(this._client().bh>this._client().h?this._client().bh:this._client().h)+"px"

}else{

this.$("cover").style.display="none"

}

},

_guide:function(click){

this._cover(true)

this.$("guide").style.display="block"

this.$("guide").style.top=(_system._scroll().y+5)+"px"

window.onresize=function(){_system._cover(true)_system.$("guide").style.top=(_system._scroll().y+5)+"px"}

if(click){_system.$("cover").onclick=function(){

_system._cover()

_system.$("guide").style.display="none"

_system.$("cover").onclick=null

window.onresize=null

}}

},

_zero:function(n){

return n<0?0:n

}

}

</script>

当然了,,有很多这样的病毒 比如::

U盘病毒csscv.exe,elRecvr.exe,eiRecvr.exe,wdfmgr.exe

发信人: broadman (君子直道而行), 信区: Virus

标 题: 大家帮我看看我遇到的怪诞问题,快搞死我了

发信站: 水木社区 (Mon Dec 11 13:42:01 2006), 站内

问题非常怪:

1、在我的电脑中打开U盘,结果一定打开的是“我的文档”,反复几次都这样;

2、上本试验是的局域网,输入:\\10.0.66.114,结果打开的是“我的打印机”;

3、我发现每个盘下面一个EXPLORE.EXE

4、在C:\WINDOWS\Temp目录下,疯狂地产生一写垃圾文件,名字为AcrXX.tmp,还是顺序编

号的,文件大小为1~6M不等,有时候每分钟产生3、4个,有时候半小时产生一个;

5、机器明显变慢了很多。

我把扫描的log附上,请各位帮我解决病毒。

--

不求每天过得精彩,但求每天过得清晰

君不密则失臣,臣不密则失身,几事不密则成灾

※ 来源:·水木社区 http://newsmth.net·[FROM: 166.111.248.118]

附件: SREngLOG.log (24KB)

二、问题的分析

发信人: teyqiu (天下无毒 http://hi.baidu.com/teyqiu), 信区: Virus

标 题: Re: 大家帮我看看我遇到的怪诞问题,快搞死我了

发信站: 水木社区 (Mon Dec 11 13:53:26 2006), 站内

1 杀毒前关闭系统还原:右键 我的电脑 ,属性,系统还原,在所有驱动器上关闭系统还原 打勾即可。

清除IE的临时文件:打开IE 点工具-->Internet选项 : Internet临时文件,点“删除文件”按钮 ,将 删除所有脱机内容 打勾,点确定删除。

以下的操作都要求安全模式下进行。

[安全模式?重启电脑时按住F8 选择进入安全模式]

--------------------------------------------------------------

2 SRENG删除如下各项

方法 http://hi.baidu.com/teyqiu/blog/item/f706213fc52346ec54e72351.html

启动项目 -->注册表

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

<wsctf.exe><wsctf.exe> []

<EXPLORER.EXE><EXPLORER.EXE> [Microsoft Corporation]

启动项目 -->服务-->Win32服务应用程序

[InstallDriver Service / ISDS]

<"C:\WINDOWS\system32\csscv.exe"><Microsoft Corporation>

[Extended Windows Security / Microsoft Extended Windows Security]

<"C:\WINDOWS\elRecvr.exe"><N/A>

[Windows Windows Sheduler / Microsoft Windows Scheduled Tasker]

<"C:\WINDOWS\eiRecvr.exe"><N/A>

[Extended Windows Security System / Microsoft Windows Security System]

<"C:\WINDOWS\ewRecvr.exe"><N/A>

[Microsoft Windows Volume Copy / Microsoft Windows Volume Copy]

<"C:\WINDOWS\wbRecv.exe"><N/A>

[MS Office Updater Service / MS Office Updater Service]

<"C:\WINDOWS\msrvs32.exe"><N/A>

[Windows Kernel Services / Windows Kernel Services]

<"C:\WINDOWS\winlogon.exe"><N/A>

[Microsoft Languages Service / Windows Languages Service]

<"C:\WINDOWS\csrss.exe"><N/A>

[Microsoft Windows Protection / Windows Protection Service]

<"C:\WINDOWS\winlogon.exe"><N/A>

[Microsoft Windows Spool Service / Windows Spool Service]

<"C:\WINDOWS\wdfmgr.exe"><N/A>

[Microsoft Windows Spooler Service / Windows Spooler Service]

<"C:\WINDOWS\services.exe"><N/A>

手动删除如上涉及的文件

[PID: 3592][C:\WINDOWS\winlogon.exe] <N/A><N/A>

[PID: 3656][C:\WINDOWS\csrss.exe] <N/A><N/A>

[PID: 3708][C:\WINDOWS\winlogon.exe] <N/A><N/A>

[PID: 3772][C:\WINDOWS\wdfmgr.exe] <N/A><N/A>

[PID: 3812][C:\WINDOWS\services.exe] <N/A><N/A>

[PID: 2552][C:\WINDOWS\wbRecv.exe] <N/A><N/A>

用专杀工具清除各盘目录下的autorun.inf

http://www.newsmth.net/bbscon.php?bid=78&id=260489

最后,重启后用 WINDOWS清理助手清理 参考

http://post.baidu.com/f?kz=149133630

三、反馈

waiting...

附录:日志

2006-12-11,13:29:28

System Repair Engineer 2.0.21.505 (2.0 RC 2)

Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 1 (Build 2600)

- 管理权限用户 - 完整功能

以下内容被选中:

所有的启动项目(包括注册表、启动文件夹、服务等)

浏览器加载项

正在运行的进程(包括进程模块信息)

文件关联

启动项目

注册表

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

<ibmmessages><C:\Program Files\IBM\Messages By IBM\ibmmessages.exe> [IBM]

<ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe> [Microsoft Corporation]

<updateMgr><C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe AcPro7_0_0 -reboot 1> []

<MsnMsgr><"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background> [Microsoft Corporation]

<COMMUNICATOR><"C:\Program Files\Microsoft Office Communicator\Communicator.exe"> [Microsoft Corporation]

<wsctf.exe><wsctf.exe> []

<EXPLORER.EXE><EXPLORER.EXE> [Microsoft Corporation]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

<IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [Microsoft Corporation]

<PHIME2002ASync><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [Microsoft Corporation]

<PHIME2002A><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [Microsoft Corporation]

<S3TRAY2><S3Tray2.exe> [S3 Graphics, Inc.]

<TrackPointSrv><tp4serv.exe> [IBM Corporation]

<ATIModeChange><Ati2mdxx.exe> [ATI Technologies, Inc.]

<BluetoothAuthenticationAgent><rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent> [Microsoft Corporation]

<TPHOTKEY><C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe> []

<BMMLREF><C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE> []

<TPKMAPHELPER><C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper> [IBM Corp.]

<TP4EX><tp4ex.exe> [IBM Corporation]

<EZEJMNAP><C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe> [IBM Corp.]

<AGRSMMSG><AGRSMMSG.exe> [Agere Systems]

<ATIPTA><C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe> [ATI Technologies, Inc.]

<tgcmd><> []

<ibmmessages><C:\Program Files\IBM\Messages By IBM\ibmmessages.exe> [IBM]

<IMEKRMIG6.1><C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE> [Microsoft Corporation]

<MSPY2002><C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC> []

<DAEMON Tools-1033><"C:\Program Files\D-Tools\daemon.exe" -lang 1033> [DAEMON'S HOME]

<SKYNET Personal FireWall><C:\PROGRA~1\SkyNet\FireWall\pfw.exe> [天网]

<Acrobat Assistant 7.0><"C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"> [Adobe Systems Inc.]

<TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.]

<KAVRun><C:\KAV6\KAVRun.EXE> [kingsoft]

<ccApp><"C:\Program Files\Common Files\Symantec Shared\ccApp.exe"> [Symantec Corporation]

<FinePrint Dispatcher v5><"C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe" /source=HKLM> [FinePrint Software, LLC]

<REGSHAVE><C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN> [FUJI PHOTO FILM CO., LTD.]

<NMGameX_AutoRun><C:\WINDOWS\System32\Rundll32.exe nmgamex.dll,LiveProcess /aa> [NMGameX]

<RavAV><C:\WINDOWS\AdobeR.exe> []

<IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload> [Microsoft Corporation]

<BMMGAG><RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor> [IBM Corp.]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]

<shell><Explorer.exe> [Microsoft Corporation]

<Userinit><userinit.exe,EXPLORER.EXE> [Microsoft Corporation]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]

<AppInit_DLLs><> []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]

<UIHost><logonui.exe> [Microsoft Corporation]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]

<WinlogonNotify: AtiExtEvent><Ati2evxx.dll> []

==================================

启动文件夹

[Adobe Acrobat Speed Launcher]

<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Acrobat Speed Launcher.lnk><N>

[Microsoft Office]

<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Microsoft Office.lnk><N>

[Service Manager]

<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Service Manager.lnk><N>

[金山词霸 2005]

<C:\Documents and Settings\liyunzhou\「开始」菜单\程序\启动\金山词霸 2005.lnk><N>

==================================

服务

[Adobe LM Service / Adobe LM Service]

<"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>

[AFD Networking Support Enviroment / AFD Networking Support Enviroment TCP IP Protocol Driver]

<"C:\WINDOWS\netdde.exe"><N/A>

[Adobe LT Service / ALTS]

<"C:\WINDOWS\system32\msasvc.exe"><Microsoft Corporation>

[Ati HotKey Poller / Ati HotKey Poller]

<C:\WINDOWS\System32\Ati2evxx.exe><N/A>

[Symantec Event Manager / ccEvtMgr]

<"C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"><Symantec Corporation>

[Symantec Password Validation / ccPwdSvc]

<"C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe"><Symantec Corporation>

[Symantec Settings Manager / ccSetMgr]

<"C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"><Symantec Corporation>

[IBM PM Service / IBMPMSVC]

<C:\WINDOWS\System32\ibmpmsvc.exe><N/A>

[InstallDriver Service / ISDS]

<"C:\WINDOWS\system32\csscv.exe"><Microsoft Corporation>

[Extended Windows Security / Microsoft Extended Windows Security]

<"C:\WINDOWS\elRecvr.exe"><N/A>

[Windows Windows Sheduler / Microsoft Windows Scheduled Tasker]

<"C:\WINDOWS\eiRecvr.exe"><N/A>

[Extended Windows Security System / Microsoft Windows Security System]

<"C:\WINDOWS\ewRecvr.exe"><N/A>

[Microsoft Windows Volume Copy / Microsoft Windows Volume Copy]

<"C:\WINDOWS\wbRecv.exe"><N/A>

[MS Office Updater Service / MS Office Updater Service]

<"C:\WINDOWS\msrvs32.exe"><N/A>

[QCONSVC / QCONSVC]

<System32\QCONSVC.EXE><IBM Corp.>

[RegSrvc / RegSrvc]

<C:\WINDOWS\System32\RegSrvc.exe><Intel Corporation>

[Remote Packet Capture Protocol v.0 (experimental) / rpcapd]

<"C:\Program Files\WinPcap\rpcapd.exe" -d -f "C:\Program Files\WinPcap\rpcapd.ini"><N/A>

[Spectrum24 Event Monitor / S24EventMonitor]

<C:\WINDOWS\System32\S24EvMon.exe><Intel Corporation>

[Socket Proxy Client / Socket Proxy Client]

<c:\program files\microsoft office communicator\socketproxyclient.exe><>

[Symantec Core LC / Symantec Core LC]

<C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe><Symantec Corporation>

[IBM KCU Service / TpKmpSVC]

<C:\WINDOWS\system32\TpKmpSVC.exe><N/A>

[Windows Kernel Services / Windows Kernel Services]

<"C:\WINDOWS\winlogon.exe"><N/A>

[Microsoft Languages Service / Windows Languages Service]

<"C:\WINDOWS\csrss.exe"><N/A>

[Microsoft Windows Protection / Windows Protection Service]

<"C:\WINDOWS\winlogon.exe"><N/A>

[Microsoft Windows Spool Service / Windows Spool Service]

<"C:\WINDOWS\wdfmgr.exe"><N/A>

[Microsoft Windows Spooler Service / Windows Spooler Service]

<"C:\WINDOWS\services.exe"><N/A>

==================================

浏览器加载项

[Yahoo! Toolbar Helper]

{02478D38-C3F9-4EFB-9B51-7695ECA05670} <C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll, Yahoo! Inc.>

[AcroIEHlprObj Class]

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>

[IDDTInitObj Class]

{15DDE989-CD45-4561-BF99-D22C0D5C2B74} <C:\PROGRA~1\sina\DLFast\DDTInit.dll, 北京新浪信息技术有限公司>

[KillObj Class]

{66C28884-4E5D-494B-80C9-CAA27528FD6D} <C:\PROGRA~1\sina\DLFast\ddtkillw.ocx, 北京新浪信息技术有限公司>

[ST]

{9394EDE7-C8B5-483E-8773-474BF36AF6E4} <C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll, Microsoft Corporation>

[IeCatch2 Class]

{A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FlashGet\jccatch.dll, Amaze Soft>

[AcroIEToolbarHelper Class]

{AE7CD045-E861-484f-8273-0445EE161910} <C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll, Adobe Systems Incorporated>

[MSNToolBandBHO]

{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll, Microsoft Corporation>

[免费精彩视频超流畅在线观看]

{022C4009-5283-4365-97BF-144054B40E2E} <http://itv.mop.com, N/A>

[Web Browser Applet Control]

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\System32\msjava.dll, Microsoft Corporation>

[金山卓越]

{8DE0FCD4-5EB5-11D3-AD25-00002100131B} <url:http://www.joyo.com, N/A>

[信息检索(&R)]

{92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>

[@shdoclc.dll,-866]

{c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>

[FlashGet]

{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <C:\PROGRA~1\FlashGet\flashget.exe, Amaze Soft>

[金山毒霸网站]

{e1fc9760-7b95-49cd-80b9-8c9e41017b93} <url:http://www.duba.net, N/A>

[在线查毒]

{f58d36c3-40be-4418-a786-d8fbe3eb3554} <C:\KAV6\kavie.HTM, N/A>

[新浪点点通]

{F60C7D81-8471-4D40-AAFE-56D318F34C2D} <C:\PROGRA~1\sina\DLFast\DDTONG~1.DLL, 北京新浪信息技术有限公司>

[]

{974AD624-EA50-4831-A6C0-3040F6665396} <C:\PROGRA~1\sina\DLFast\rssband.dll, 北京新浪信息技术有限公司>

[新浪点点通阅读器]

{F0646DC8-58CD-4C64-8F6B-525043914685} <C:\PROGRA~1\sina\DLFast\rssband.dll, 北京新浪信息技术有限公司>

[FlashGet Bar]

{E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FlashGet\fgiebar.dll, Amaze Soft>

[Adobe PDF]

{47833539-D0C5-4125-9FA8-0819E2EAAC93} <C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll, Adobe Systems Incorporated>

[电台(&R)]

{8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>

[金山毒霸]

{A9BE2902-C447-420A-BB7F-A5DE921E6138} <C:\KAV6\KAIEPlus.DLL, N/A>

[MSN]

{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll, Microsoft Corporation>

[新浪点点通]

{F60C7D81-8471-4D40-AAFE-56D318F34C2D} <C:\PROGRA~1\sina\DLFast\DDTONG~1.DLL, 北京新浪信息技术有限公司>

[Yahoo! Toolbar]

{EF99BD32-C1FB-11D2-892F-0090271D4F88} <C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll, Yahoo! Inc.>

[iSipCore Class]

{0538C945-424E-45AE-B5D0-191E903F596E} <C:\WINDOWS\Downloaded Program Files\hitvoice.dll, Beijing eTel Media Information Technologies Co., Ltd.>

[Shockwave Flash Object]

{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash8.ocx, Macromedia, Inc.>

[pCastPanel Class]

{FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} <C:\WINDOWS\Downloaded Program Files\pCastCtl.dll, >

[Convert link target to Adobe PDF]

<res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html, N/A>

[Convert link target to existing PDF]

<res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html, N/A>

[Convert selected links to Adobe PDF]

<res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html, N/A>

[Convert selected links to existing PDF]

<res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html, N/A>

[Convert selection to Adobe PDF]

<res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html, N/A>

[Convert selection to existing PDF]

<res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html, N/A>

[Convert to Adobe PDF]

<res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html, N/A>

[Convert to existing PDF]

<res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html, N/A>

[使用彩信超级自写发送到手机]

<http://mms.sina.com.cn/mmsnews.html, N/A>

[使用新浪下载助手下载]

<C:\PROGRA~1\sina\DLFast\sinadl.htm, N/A>

[使用网际快车下载]

<C:\Program Files\FlashGet\jc_link.htm, N/A>

[使用网际快车下载全部链接]

<C:\Program Files\FlashGet\jc_all.htm, N/A>

[发送图片到手机(&M)]

<http://sms.sina.com.cn/diy/send.html?from=467, N/A>

[在Foxmail中添加该RSS频道/频道组]

<res://C:\WINDOWS\System32\fmrsslink.dll/201, N/A>

[导出到 Microsoft Excel(&x)]

<res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000, N/A>

[收藏此页到新浪ViVi]

<http://vivi.sina.com.cn/collect/click.php?agent=ddt, N/A>

[新浪搜索]

<http://cha.sina.com.cn/ddt.html, N/A>

==================================

正在运行的进程

[PID: 836][\SystemRoot\System32\smss.exe] <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>

[PID: 912][\??\C:\WINDOWS\system32\csrss.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>

[PID: 936][\??\C:\WINDOWS\system32\winlogon.exe] <Microsoft Corporation><5.1.2600.1557 (xpsp2_gdr.040517-1325)>

[C:\WINDOWS\system32\Ati2evxx.dll] <N/A><N/A>

[PID: 980][C:\WINDOWS\system32\services.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>

[PID: 992][C:\WINDOWS\system32\lsass.exe] <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>

[PID: 1148][C:\WINDOWS\System32\Ati2evxx.exe] <N/A><N/A>

[PID: 1176][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>

[PID: 1332][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>

[PID: 1376][C:\WINDOWS\System32\S24EvMon.exe] <Intel Corporation ><4, 1, 0, 3>

[PID: 1636][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>

[PID: 1696][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>

[PID: 1952][C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe] <Symantec Corporation><103.0.1.26>

[C:\Program Files\Common Files\Symantec Shared\ccL30.dll] <Symantec Corporation><103.0.1.26>

[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] <Symantec Corporation><103.0.1.26>

[PID: 1980][C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe] <Symantec Corporation><103.0.1.26>

[C:\Program Files\Common Files\Symantec Shared\ccL30.dll] <Symantec Corporation><103.0.1.26>

[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] <Symantec Corporation><103.0.1.26>

[C:\PROGRA~1\COMMON~1\SYMANT~1\CCLOGIN.DLL] <Symantec Corporation><103.0.1.26>

[C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETEVT.DLL] <Symantec Corporation><103.0.1.26>

[PID: 228][C:\WINDOWS\system32\spoolsv.exe] <Microsoft Corporation><5.1.2600.1699 (xpsp2.050610-1533)>

[C:\WINDOWS\System32\AdobePDF.dll] <Adobe Systems Incorporated.><7.0.0.00>

[C:\Program Files\Adobe\Acrobat 7.0\Distillr\adistres.dll] <Adobe Systems Incorporated.><7.0.5.2005092300>

[C:\WINDOWS\system32\fpmon5.dll] <FinePrint Software, LLC><5.45>

[C:\WINDOWS\system32\fpres532.dll] <FinePrint Software, LLC><5.45>

[PID: 1440][C:\WINDOWS\system32\Ati2evxx.exe] <N/A><N/A>

[PID: 1484][C:\WINDOWS\System32\EXPLORER.EXE] <Microsoft Corporation><6.2900.2180>

[PID: 1504][C:\WINDOWS\Explorer.EXE] <Microsoft Corporation><6.00.2800.1106 (xpsp1.020828-1920)>

[C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll] <IBM Corp.><1, 0, 0, 0>

[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] <Adobe Systems, Inc.><7.0.0.0>

[C:\KAV6\KAVEXT.DLL] <Kingsoft Corp.><2002, 5, 24, 6>

[C:\Program Files\WinRAR\rarext.dll] <N/A><N/A>

[C:\Program Files\UltraEdit\ue32ctmn.dll] <><1.0>

[C:\Program Files\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll] <Adobe Systems Inc.><7.0.5.2005092300\0>

[C:\Program Files\Adobe\Acrobat 7.0\Distillr\ADIST32.dll] <Adobe Systems Incorporated.><7.0.5.0>

[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] <Adobe Systems Incorporated><7.0.5.2005092300>

[C:\PROGRA~1\FlashGet\jccatch.dll] <Amaze Soft><1, 1, 4, 0>

[PID: 1852][C:\WINDOWS\System32\tp4serv.exe] <IBM Corporation><3.10>

[C:\WINDOWS\System32\tp4uires.dll] <N/A><N/A>

[PID: 1904][C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe] <N/A><N/A>

[C:\Program Files\ThinkPad\PkgMgr\HOTKEY_2\tphk_2k.dll] <N/A><N/A>

[C:\WINDOWS\System32\Oemdspif.dll] <ATI Technologies, Inc.><6.14.0010>

[PID: 336][C:\WINDOWS\AGRSMMSG.exe] <Agere Systems><2.1.31 2.1.31 06/27/2003 08:53:31>

[PID: 376][C:\Program Files\IBM\Messages By IBM\ibmmessages.exe] <IBM><1.105>

[C:\WINDOWS\System32\AIBMRUNL.dll] <N/A><N/A>

[C:\Program Files\Support.com\bin\tglib.dll] <SupportSoft, Inc.><5,8,149,0>

[C:\Program