我的小伞变成黄色了．现在己被禁用了．怎么也开不起来．怎么办？ bbs.ikaka.com

xin01 - 2007-5-24 14:03:00

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<High Definition Audio Property Page Shortcut><CHDAudPropShortcut.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<SmartAudio><C:\Program Files\CONEXANT\SmartAudio\SmartAudio.exe -c> [Conexant]
<igfxtray><C:\WINDOWS\system32\igfxtray.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<igfxhkcmd><C:\WINDOWS\system32\hkcmd.exe> [(Verified)Microsoft Windows Publisher]
<igfxpers><C:\WINDOWS\system32\igfxpers.exe> [(Verified)Microsoft Windows Publisher]
<HP Software Update><C:\Program Files\HP\HP Software Update\HPWuSchd2.exe> [Hewlett-Packard Co.]
<FixCamera><C:\WINDOWS\FixCamera.exe> []
<tsnpstd3><C:\WINDOWS\tsnpstd3.exe> []
<snpstd3><C:\WINDOWS\vsnpstd3.exe> []
<RavTask><"E:\Program Files\Rising\Rav\RavTask.exe" -system> [Beijing Rising Technology Co., Ltd.]
<WebThunder><"C:\Program Files\Thunder Network\WebThunder\WebThunder.exe"> [(Verified)ShenZhen Thunder Networking Technologies Ltd.]
<runeip><C:\Program Files\Rising\AntiSpyware\runiep.exe> [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
<KKDelay><C:\Program Files\Rising\AntiSpyware\RunOnce.exe> [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll> [Beijing Rising Technology Co., Ltd.]
<?{4BAB150F-DD97-476D-9C1E-41B6CDC0CA7A}><> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
<WinlogonNotify: igfxcui><igfxdev.dll> [(Verified)Microsoft Windows Hardware Compatibility Publisher]

==================================
启动文件夹
[HP Digital Imaging Monitor]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\HP Digital Imaging Monitor.lnk --> C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [Hewlett-Packard Co.]><N>
[HP Image Zone 快速启动 ]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\HP Image Zone 快速启动 .lnk --> C:\PROGRA~1\HP\DIGITA~1\bin\hpqthb08.exe [Hewlett-Packard Co.]><N>
[QQ游戏启动加速程序]
<C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\QQ游戏启动加速程序.lnk --> C:\PROGRA~1\TENCENT\QQGAME\Accel.exe [深圳市腾讯计算机系统有限公司]><N>
[腾讯QQ]
<C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\腾讯QQ.lnk --> E:\新建文~2\QQ.exe [TENCENT]><N>

==================================
服务
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
<C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[Human Interface Device Access / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Pml Driver HPZ12 / Pml Driver HPZ12][Running/Auto Start]
<C:\WINDOWS\system32\HPZipm12.exe><HP>
[Rising Proxy Service / RfwProxySrv][Stopped/Manual Start]
<e:\瑞星杀毒\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
<e:\瑞星杀毒\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
<"E:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
<"E:\PROGRAM FILES\RISING\RAV\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>

xin01 - 2007-5-24 14:03:00

驱动程序
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
<system32\drivers\ac97intc.sys><Intel Corporation>
[AMD K8 Processor Driver / AmdK8][Stopped/Manual Start]
<System32\DRIVERS\amdk8.sys><Advanced Micro Devices>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
<System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[Broadcom 440x 10/100 Integrated Controller XP Driver / bcm4sbxp][Running/Manual Start]
<system32\DRIVERS\bcm4sbxp.sys><Broadcom Corporation>
[ExpScaner / ExpScaner][Running/Auto Start]
<\??\E:\PROGRAM FILES\RISING\RAV\ExpScan.sys><>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
<system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[Microsoft UAA Function Driver for High Definition Audio Service / HdAudAddService][Running/Manual Start]
<system32\drivers\CHDAud.sys><Conexant Systems Inc.>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
<system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[HookCont / HookCont][Running/Auto Start]
<\??\E:\PROGRAM FILES\RISING\RAV\HOOKCONT.sys><Rising>
[HookSys / HookSys][Running/Auto Start]
<\??\E:\PROGRAM FILES\RISING\RAV\HookSys.sys><Rising>
[HookUrl / HookUrl][Running/Auto Start]
<\??\E:\瑞星杀毒\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[IEEE-1284.4 Driver HPZid412 / HPZid412][Running/Manual Start]
<system32\DRIVERS\HPZid412.sys><HP>
[Print Class Driver for IEEE-1284.4 HPZipr12 / HPZipr12][Running/Manual Start]
<system32\DRIVERS\HPZipr12.sys><HP>
[USB to IEEE-1284.4 Translation Driver HPZius12 / HPZius12][Running/Manual Start]
<system32\DRIVERS\HPZius12.sys><HP>
[HSFHWAZL / HSFHWAZL][Running/Manual Start]
<system32\DRIVERS\HSFHWAZL.sys><Conexant Systems, Inc.>
[HSF_DPV / HSF_DPV][Running/Manual Start]
<system32\DRIVERS\HSF_DPV.sys><Conexant Systems, Inc.>
[ialm / ialm][Running/Manual Start]
<system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[mdmxsdk / mdmxsdk][Running/Auto Start]
<system32\DRIVERS\mdmxsdk.sys><Conexant>
[MEMSCAN / MEMSCAN][Running/Auto Start]
<\??\E:\PROGRAM FILES\RISING\RAV\MEMSCAN.sys><瑞星软件有限公司>
[mProcRs / mProcRs][Running/Auto Start]
<\??\e:\瑞星杀毒\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[npkcrypt / npkcrypt][Running/Auto Start]
<\??\E:\新建文件夹 (2)\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv / nv][Stopped/Manual Start]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
<\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
<\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising>
[RsFwDrv / RsFwDrv][Running/Auto Start]
<\??\E:\瑞星杀毒\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
<\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
<\??\E:\PROGRAM FILES\RISING\RAV\RSPPSYS.sys><Rising>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><N/A>
[USB PC Camera (SNPSTD3) / SNPSTD3][Running/Manual Start]
<system32\DRIVERS\snpstd3.sys><Sonix Co. Ltd.>
[tifm21 / tifm21][Running/Manual Start]
<system32\drivers\tifm21.sys><Texas Instruments>
[winachsf / winachsf][Running/Manual Start]
<system32\DRIVERS\HSF_CNXT.sys><Conexant Systems, Inc.>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
<system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[hookreg / hookreg][Stopped/Manual Start]
<\??\E:\PROGRAM FILES\RISING\RAV\hookreg.sys><>

xin01 - 2007-5-24 14:15:00

[PID: 1488][E:\新建文件夹 (2)\QQ.exe] [TENCENT, 0, 0, 0, 0]
[E:\新建文件夹 (2)\QQBaseClassInDll.dll] [, 1, 0, 0, 1]
[E:\新建文件夹 (2)\QQHelperDll.dll] [, 1, 0, 0, 1]
[E:\新建文件夹 (2)\BasicCtrlDll.dll] [Tencent, 7, 0, 101, 80]
[E:\新建文件夹 (2)\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
[C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
[E:\新建文件夹 (2)\RICHED32.DLL] [Microsoft Corporation, 5.00.2134.1]
[E:\新建文件夹 (2)\RICHED20.dll] [Microsoft Corporation, 5.31.23.1218]
[E:\新建文件夹 (2)\QQAPI.dll] [, 1, 0, 0, 1]
[E:\新建文件夹 (2)\TIMProxy.dll] [tencent, 0, 3, 2, 4]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[E:\新建文件夹 (2)\LoginCtrl.dll] [N/A, ]
[E:\新建文件夹 (2)\npkcntc.dll] [INCA Internet Co., Ltd., 2006, 6, 27, 1]
[E:\新建文件夹 (2)\npkpdb.dll] [INCA Internet Co., Ltd., 2003, 10, 1, 1]
[E:\新建文件夹 (2)\LoginCtrlRes.dll] [, 1, 0, 0, 1]
[E:\新建文件夹 (2)\QQRes.dll] [tencent, 1, 0, 0, 1]
[E:\新建文件夹 (2)\QQMainFrame.dll] [N/A, ]
[E:\新建文件夹 (2)\CQQApplication.dll] [N/A, ]
[E:\新建文件夹 (2)\NewSkin.dll] [, 1, 0, 0, 1]
[E:\新建文件夹 (2)\HostingMgr.dll] [, 1, 0, 0, 1]
[E:\新建文件夹 (2)\CameraDll.dll] [, 1, 0, 0, 1]
[E:\新建文件夹 (2)\MailSummary.dll] [, 1, 0, 0, 1]
[E:\新建文件夹 (2)\QQKnowledgeSearch.dll] [, 1, 0, 0, 1]
[E:\新建文件夹 (2)\QQAllInOne.dll] [N/A, ]
[E:\新建文件夹 (2)\GroupLive.dll] [N/A, ]
[E:\新建文件夹 (2)\SCCore.dll] [TENCENT, 2, 0, 0, 1]
[E:\新建文件夹 (2)\gdiplus.dll] [Microsoft Corporation, 5.1.3102.2180 (xpsp_sp2_rtm.040803-2158)]
[E:\新建文件夹 (2)\QQSpace.dll] [, 1, 0, 0, 1]
[E:\新建文件夹 (2)\vbscript.dll] [Microsoft Corporation, 5.6.0.7426]
[C:\WINDOWS\system32\msdmo.dll] [, ]
[E:\新建文件夹 (2)\QQGroupMng.dll] [, 1, 0, 0, 1]
[E:\新建文件夹 (2)\FlashAvatarDll.dll] [, 1, 4, 0, 1]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[E:\新建文件夹 (2)\QQAvatar.dll] [N/A, ]
[E:\新建文件夹 (2)\QRingMng.dll] [N/A, ]
[E:\新建文件夹 (2)\UserDefinedHead.dll] [, 1, 0, 0, 1]
[E:\新建文件夹 (2)\QQPlugin.dll] [N/A, ]
[E:\新建文件夹 (2)\QQConfigPlugin.dll] [, 1, 0, 0, 1]
[E:\新建文件夹 (2)\LongConnection.dll] [tencent, 5, 0, 200, 160]
[E:\新建文件夹 (2)\PhoneAPI.dll] [, 1, 0, 0, 1]
[E:\新建文件夹 (2)\DialerAllinOne.dll] [tencent, 1, 4, 0, 0]
[E:\新建文件夹 (2)\QQPet.dll] [, 1, 0, 0, 1]
[E:\新建文件夹 (2)\BQQApplication.dll] [N/A, ]
[E:\新建文件夹 (2)\PersonalDesktop.dll] [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
[E:\新建文件夹 (2)\CommercesMng.dll] [, 1, 0, 0, 1]
[E:\新建文件夹 (2)\QQAddr.dll] [深圳市腾讯计算机系统有限公司, 5, 0, 101, 280]
[E:\新建文件夹 (2)\QQSysMsgMng.dll] [N/A, ]
[E:\新建文件夹 (2)\QQSceneMng.dll] [N/A, ]
[E:\新建文件夹 (2)\QQPhoneHelper.dll] [腾讯科技（深圳）有限公司, 2, 1, 9, 92]
[E:\新建文件夹 (2)\QQFileTransfer.dll] [Tencent, 0, 3, 3, 5]
[E:\新建文件夹 (2)\QQCustomFace.dll] [N/A, ]
[E:\新建文件夹 (2)\ImageOle.dll] [TODO: <Company name>, 1.0.0.1]
[E:\新建文件夹 (2)\GroupConnection.dll] [Tencent, 0, 3, 3, 5]
[E:\新建文件夹 (2)\videodevice.dll] [Tencent, 1, 6, 0, 1]
[E:\新建文件夹 (2)\inplus.dll] [Tencent, 1, 6, 0, 0]
[C:\WINDOWS\system32\l3codeca.acm] [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]
[C:\WINDOWS\system32\msadp32.acm] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[E:\新建文件夹 (2)\QQMagicFace.dll] [, 1, 0, 0, 1]
[PID: 1848][E:\新建文件夹 (2)\TIMPlatform.exe] [tencent, 0, 3, 1, 8]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[E:\新建文件夹 (2)\TIMProxy.dll] [tencent, 0, 3, 2, 4]
[PID: 1380][C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe] [Hewlett-Packard Co., 053.000.013.000]
[C:\WINDOWS\system32\mscoree.dll] [Microsoft Corporation, 1.1.4322.573]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll] [Microsoft Corporation, 1.1.4322.573]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll] [Microsoft Corporation, 1.1.4322.573]
[c:\windows\microsoft.net\framework\v1.1.4322\mscorlib.dll] [Microsoft Corporation, 1.1.4322.573]
[c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_960b30d4\mscorlib.dll] [N/A, ]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll] [Microsoft Corporation, 1.1.4322.573]
[c:\windows\assembly\gac\hpqiface\4.0.0.0__a53cf5803f4c3827\hpqiface.dll] [Hewlett-Packard Co., 053.000.013.000]
[c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll] [Microsoft Corporation, 1.1.4322.573]
[c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_e8e1f911\system.windows.forms.dll] [N/A, ]
[c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll] [Microsoft Corporation, 1.1.4322.573]
[c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_c162a552\system.drawing.dll] [N/A, ]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSCORJIT.DLL] [Microsoft Corporation, 1.1.4322.573]
[c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll] [Microsoft Corporation, 1.1.4322.573]
[c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_10c5557f\system.dll] [N/A, ]
[c:\windows\assembly\gac\hpqcc2\3.0.0.0__a53cf5803f4c3827\hpqcc2.dll] [Hewlett-Packard Co., 053.000.013.000]
[c:\windows\assembly\gac\hpqutils\4.0.0.0__a53cf5803f4c3827\hpqutils.dll] [Hewlett-Packard Co., 053.000.013.000]
[c:\windows\assembly\gac\hpqfmrsc\4.0.0.0__a53cf5803f4c3827\hpqfmrsc.dll] [Hewlett-Packard Co., 053.000.013.000]
[c:\windows\assembly\gac\hpqtray\4.0.0.0__a53cf5803f4c3827\hpqtray.dll] [Hewlett-Packard Co., 053.000.013.000]
[c:\windows\assembly\gac\hpqovskn\3.0.0.0__a53cf5803f4c3827\hpqovskn.dll] [Hewlett-Packard Co., 053.000.013.000]
[c:\windows\assembly\gac\hpqimvlt\3.0.0.0__a53cf5803f4c3827\hpqimvlt.dll] [Hewlett-Packard Co., 053.000.013.000]
[c:\windows\assembly\gac\hpqimgrc\4.0.0.0__a53cf5803f4c3827\hpqimgrc.dll] [Hewlett-Packard Co., 053.000.013.000]
[c:\program files\hp\digital imaging\bin\zh-chs\hpqimzone.resources.dll] [ , 50.0.120.0]
[C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
[c:\windows\assembly\gac\hpqntrop\4.0.0.0__a53cf5803f4c3827\hpqntrop.dll] [Hewlett-Packard Co., 053.000.013.000]
[c:\windows\assembly\gac\interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\interop.hpqcxm08.dll] [Hewlett-Packard Co.,

xin01 - 2007-5-24 14:15:00

53.0.13.000]
[C:\Program Files\HP\Digital Imaging\bin\hpqcxm08.dll] [Hewlett-Packard Co., 53.0.13.000]
[c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll] [Microsoft Corporation, 1.1.4322.573]
[c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_e8e119ee\system.xml.dll] [N/A, ]
[c:\windows\assembly\gac\lead\13.0.0.113__9cf889f53ea9b907\lead.dll] [LEAD Technologies, Inc., 13.0.0.113]
[c:\windows\assembly\gac\lead.wrapper\13.0.0.113__9cf889f53ea9b907\lead.wrapper.dll] [LEAD Technologies, Inc., 13.0.0.113]
[C:\Program Files\HP\Digital Imaging\bin\ltkrn13n.dll] [LEAD Technologies, Inc., 13.0.0.098]
[c:\windows\assembly\gac\hpqtray.resources\4.0.0.0_zh-chs_a53cf5803f4c3827\hpqtray.resources.dll] [ , 50.0.120.0]
[c:\windows\assembly\gac\hpqfmrsc.resources\4.0.0.0_zh-chs_a53cf5803f4c3827\hpqfmrsc.resources.dll] [ , 50.0.120.0]
[c:\windows\assembly\gac\lead.windows.forms\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.dll] [LEAD Technologies, Inc., 13.0.0.113]
[c:\windows\assembly\gac\lead.drawing\13.0.0.113__9cf889f53ea9b907\lead.drawing.dll] [LEAD Technologies, Inc., 13.0.0.113]
[c:\windows\assembly\gac\interop.hpqimgr\3.0.0.0__a53cf5803f4c3827\interop.hpqimgr.dll] [Hewlett-Packard Co., 53.0.13.000]
[C:\Program Files\HP\Digital Imaging\Bin\hpqimgr.dll] [Hewlett-Packard Co., 53.0.13.000]
[C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\ATL71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\HP\Digital Imaging\Bin\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MFC71CHS.DLL] [Microsoft Corporation, 7.10.3077.0]
[c:\windows\assembly\gac\hpqasset\4.0.0.0__a53cf5803f4c3827\hpqasset.dll] [Hewlett-Packard Co., 053.000.013.000]
[c:\program files\hp\digital imaging\bin\hpqmirsc.dll] [Hewlett-Packard Co., 053.000.013.000]
[c:\program files\hp\digital imaging\bin\zh-chs\hpqmirsc.resources.dll] [ , 50.0.120.0]
[c:\windows\assembly\gac\hpqedit\3.0.0.0__a53cf5803f4c3827\hpqedit.dll] [Hewlett-Packard Co., 053.000.013.000]
[c:\windows\assembly\gac\hpqvideo\3.0.0.0__a53cf5803f4c3827\hpqvideo.dll] [Hewlett-Packard Co., 053.000.013.000]
[c:\windows\assembly\gac\lead.windows.forms.drawingcontainer\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.drawingcontainer.dll] [LEAD Technologies, Inc., 13.0.0.113]
[c:\windows\assembly\gac\hpqmdmr\4.0.0.0__a53cf5803f4c3827\hpqmdmr.dll] [Hewlett-Packard Co., 053.000.013.000]
[c:\windows\assembly\gac\lead.drawing.imaging.imageprocessing\13.0.0.113__9cf889f53ea9b907\lead.drawing.imaging.imageprocessing.dll] [LEAD Technologies, Inc., 13.0.0.113]
[c:\windows\assembly\gac\hpqimlib\3.0.0.0__a53cf5803f4c3827\hpqimlib.dll] [Hewlett-Packard Co., 053.000.013.000]
[c:\windows\assembly\gac\hpqedit.resources\3.0.0.0_zh-chs_a53cf5803f4c3827\hpqedit.resources.dll] [ , 50.0.131.0]
[c:\windows\assembly\gac\hpqglutl\4.0.0.0__a53cf5803f4c3827\hpqglutl.dll] [Hewlett-Packard Co., 053.000.013.000]
[c:\windows\assembly\gac\hpqcc2.resources\3.0.0.0_zh-chs_a53cf5803f4c3827\hpqcc2.resources.dll] [ , 50.0.120.0]
[c:\program files\hp\digital imaging\bin\zh-chs\hpqvideo.resources.dll] [ , 50.0.127.0]
[c:\windows\assembly\gac\interop.hpqvideo\3.0.0.0__a53cf5803f4c3827\interop.hpqvideo.dll] [Hewlett-Packard Co., 53.0.13.000]
[C:\Program Files\HP\Digital Imaging\bin\hpqvdcom.dll] [Hewlett-Packard Co., 53.0.13.000]
[c:\windows\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll] [Microsoft Corporation, 1.1.4322.573]
[c:\windows\assembly\gac\hpqprrsc\4.0.0.0__a53cf5803f4c3827\hpqprrsc.dll] [Hewlett-Packard Co., 053.000.013.000]
[c:\windows\assembly\gac\hpqprrsc.resources\4.0.0.0_zh-chs_a53cf5803f4c3827\hpqprrsc.resources.dll] [ , 53.0.6.0]
[c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_zh-chs_b77a5c561934e089\mscorlib.resources.dll] [Microsoft Corporation, 1.1.4322.573]
[c:\windows\assembly\gac\interop.hprblog\3.0.0.0__a53cf5803f4c3827\interop.hprblog.dll] [ , 3.0.0.0]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[c:\windows\assembly\gac\hpqcprsc\3.0.0.0__a53cf5803f4c3827\hpqcprsc.dll] [Hewlett-Packard Co., 053.000.013.000]
[c:\windows\assembly\gac\hpqcprsc.resources\3.0.0.0_zh-chs_a53cf5803f4c3827\hpqcprsc.resources.dll] [Hewlett-Packard Co., 50.0.145.0]
[c:\windows\assembly\gac\hpqisrtb\4.0.0.0__a53cf5803f4c3827\hpqisrtb.dll] [Hewlett-Packard Co., 053.000.013.000]
[c:\windows\assembly\gac\hpqisrtb.resources\4.0.0.0_zh-chs_a53cf5803f4c3827\hpqisrtb.resources.dll] [Hewlett-Packard Co., 53.0.13.0]
[c:\windows\assembly\gac\hpqbakup\3.0.0.0__a53cf5803f4c3827\hpqbakup.dll] [Hewlett-Packard Co., 053.000.013.000]
[c:\windows\assembly\gac\hpqbakup.resources\3.0.0.0_zh-chs_a53cf5803f4c3827\hpqbakup.resources.dll] [ , 50.0.154.0]
[c:\windows\assembly\gac\hpqthumb\3.0.0.0__a53cf5803f4c3827\hpqthumb.dll] [Hewlett-Packard Co., 053.000.013.000]
[PID: 2172][C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe] [Hewlett-Packard Co., 53.0.13.000]
[C:\Program Files\HP\Digital Imaging\bin\hpqmfc09.dll] [Hewlett-Packard Co., 53.0.13.000]
[C:\Program Files\HP\Digital Imaging\bin\hpqtap08.dll] [Hewlett-Packard Co., 53.0.13.000]
[C:\Program Files\HP\Digital Imaging\bin\hpqcxm08.dll] [Hewlett-Packard Co., 53.0.13.000]
[C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
[C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.rsc] [Hewlett-Packard Co., 53.0.13.000]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\Program Files\HP\Digital Imaging\bin\hpqsti08.dll] [Hewlett-Packard Co., 53.0.13.000]
[C:\Program Files\HP\Digital Imaging\bin\hpqcob08.dll] [Hewlett-Packard Co., 53.0.13.000]
[C:\Program Files\HP\Digital Imaging\bin\hpqstp08.dll] [Hewlett-Packard Co., 53.0.13.000]
[C:\Program Files\HP\Digital Imaging\bin\hpodio08.dll] [Hewlett-Packard Co., 53.0.13.000]
[C:\Program Files\HP\Digital Imaging\bin\hpocxi08.dll] [Hewlett-Packard Co., 53.0.13.000]
[C:\WINDOWS\system32\hpzipr12.dll] [HP, 9, 0, 0, 0]
[C:\WINDOWS\system32\hpzidr12.dll] [HP, 9, 0, 0, 0]
[C:\Program Files\HP\Digital Imaging\bin\hpqsem08.rsc] [Hewlett-Packard Co., 53.0.13.000]
[PID: 3576][C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe] [Hewlett-Packard Co., 53.0.13.000]
[C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprbutil.dll] [Hewlett-Packard Co., 53.0.13.000]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 3452][C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE] [Microsoft Corporation, 11.0.8134]
[C:\Program Files\Common Files\Microsoft Shared\office11\mso.dll] [Microsoft Corporation, 11.0.8132]
[C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
[C:\Program Files\Common Files\Microsoft Shared\office11\riched20.dll] [Microsoft Corporation, 5.50.99.2010]
[E:\Program Files\Rising\Rav\RsPlugIn.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 14]
[C:\PROGRA~1\MICROS~2\OFFICE11\ADDINS\SYMINPUT.DLL] [Microsoft Corporation, 1.02]
[C:\WINDOWS\system32\MSVBVM60.DLL] [Microsoft Corporation, 6.00.9690]
[C:\Program Files\Microsoft Office\OFFICE11\msostyle.dll] [Microsoft Corporation, 11.0.5510]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\UNIDRVUI.DLL] [Microsoft Corporation, 5.2.3790.120 (srv03_qfe.031205-1652)]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\UNIDRV.DLL] [Microsoft Corporation, 5.2.3790.184 (srv03_qfe.040410-1236)]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\hpz3r3xu.dll] [Hewlett Packard Corporation, 60.051.644.00]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPFIE3xu.dll] [Hewlett-Packard Company, A.05.00.008]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\hpzst3xu.dll] [Hewlett-Packard Corporation, 60.051.644.00]
[C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\INTLNAME.DLL] [Microsoft Corporation, 11.0.6467]
[C:\Program Files\Common Files\Microsoft Shared\Smart Tag\CHDATEST.DLL] [Microsoft Corporation, 2.00]
[C:\Program Files\Common Files\Microsoft Shared\PROOF\mslid.dll] [Microsoft Corporation, 1.0.2305]
[C:\Program Files\Common Files\Microsoft Shared\Smart Tag\Chinese Measurement Converter\CHMETCNV.DLL] [Microsoft Corp., 1.00]
[C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\FNAME.DLL] [Microsoft Corporation, 11.0.5510]
[C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\2052\stintl.dll] [Microsoft Corporation, 11.0.5510]
[PID: 3612][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
[C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_016.dll] [Thunder Networking Technologies,LTD, 6, 0, 0, 5]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
[E:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\system32\WINABCX.IME] [PKUETI, 5.22.216]
[C:\WINDOWS\system32\Macromed\Flash\Flash9a.ocx] [Adobe Systems, Inc., 9,0,0,296]
[C:\WINDOWS\system32\Audiodev.dll] [Microsoft Corporation, 5.2.3802.3802 built by: dnsrv(bld4act)]
[C:\Program Files\WinRAR\rarext.dll] [N/A, ]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
[E:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[PID: 552][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.922\SREng.EXE] [Smallfrogs Studio, 2.4.12.806]
[C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]

xin01 - 2007-5-24 14:16:00

文件关联
.TXT Error. [C:\WINDOWS\notepad.exe %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM Error. [hh.exe %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI Error. [notepad.exe %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1 localhost

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================

[/CODE]

xin01 - 2007-5-24 14:17:00

怎么没人说话啊/ /？？？还有试这个隐藏的是什么东西啊。。。在那里找啊。。

日不懂啊 - 2007-5-24 15:20:00

<igfxtray><C:\WINDOWS\system32\igfxtray.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<igfxhkcmd><C:\WINDOWS\system32\hkcmd.exe> [(Verified)Microsoft Windows Publisher]
<igfxpers><C:\WINDOWS\system32\igfxpers.exe> [(Verified)Microsoft Windows Publisher]
<HP Software Update><C:\Program Files\HP\HP Software Update\HPWuSchd2.exe> [Hewlett-Packard Co.]
<FixCamera><C:\WINDOWS\FixCamera.exe> []
<tsnpstd3><C:\WINDOWS\tsnpstd3.exe> []
<snpstd3><C:\WINDOWS\vsnpstd3.exe> []
用冰刃删了，先把进程创建关了，再删，后面的进程看不懂gac那里面是什么东西？
请高手帮忙吧

日不懂啊 - 2007-5-24 15:21:00

多弄了个，这个是对的
<HP Software Update><C:\Program Files\HP\HP Software Update\HPWuSchd2.exe> [Hewlett-Packard Co.]

小小无敌 - 2007-5-24 15:44:00

全部启用监控,才会变绿,有一项没设成监控,就是黄的,全关了监控,就是红的

小小无敌 - 2007-5-24 15:44:00

把注册表监控启用,然后重启机子,OK

日不懂啊 - 2007-5-24 16:11:00

楼上的，他的机器是中的招了的
不是想开就能开的了的

姑苏残月 - 2007-5-24 16:27:00

删除启动项：
<tsnpstd3><C:\WINDOWS\tsnpstd3.exe> []
<snpstd3><C:\WINDOWS\vsnpstd3.exe> []

11楼的兄弟,貌似你多挑了几个,建议别删,不然会出问题啊

火影忍者 - 2007-5-24 16:36:00

引用:

【日不懂啊的贴子】<igfxtray><C:\WINDOWS\system32\igfxtray.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<igfxhkcmd><C:\WINDOWS\system32\hkcmd.exe> [(Verified)Microsoft Windows Publisher]
<igfxpers><C:\WINDOWS\system32\igfxpers.exe> [(Verified)Microsoft Windows Publisher]
<HP Software Update><C:\Program Files\HP\HP Software Update\HPWuSchd2.exe> [Hewlett-Packard Co.]
<FixCamera><C:\WINDOWS\FixCamera.exe> []
<tsnpstd3><C:\WINDOWS\tsnpstd3.exe> []
<snpstd3><C:\WINDOWS\vsnpstd3.exe> []
用冰刃删了，先把进程创建关了，再删，后面的进程看不懂gac那里面是什么东西？
请高手帮忙吧

………………

没一个确认是病毒的...

新手Q紫枫 - 2007-5-24 16:41:00

帮我看看我的机器系统文件有没有问题吧· 谢谢了·
Logfile of HijackThis v1.99.1
Scan saved at 16:04:41, on 2007-5-24
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\kav2005\KWatch.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\kav2005\KAVStart.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CONEXANT\SmartAudio\SmartAudio.exe
C:\PROGRA~1\QBU\QkOnBtn.EXE
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
E:\讯雷\Program\Thunder5.exe
C:\kav2005\KMailMon.EXE
C:\Program Files\Lenovo\IGRS EasyShare\IgrsPortal.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Lenovo\EnergyCut\utilty.exe
C:\Program Files\Lenovo\EnergyCut\EnergyCut.exe
C:\Program Files\lenovo\GUA\GUA.exe
C:\Program Files\Lenovo\IGRS EasyShare\IncTray.exe
C:\Program Files\Lenovo\IGRS\IGRS.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\System32\IgrsSvcs.exe
C:\kav2005\KPfwSvc.EXE
C:\WINDOWS\system32\NetDogSrv.exe
C:\WINDOWS\system32\igfxext.exe
C:\kav2005\KPFW32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\lenovo\IGRS Profiles\File Profile\IgrsFile.exe
C:\Program Files\Lenovo\IGRS EasyShare\FileShare.exe
D:\XTYQDAZ6\新宇06清单安装版.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Tencent\QQ\QQ.exe
C:\Program Files\Tencent\QQ\TIMPlatform.exe
C:\Program Files\Internet Explorer\iexplore.exe
E:\新建文件夹 (2)\HijackThis.exe

O2 - BHO: ThunderBHO - {01443AEB-0FD1-40FD-9C87-E93D1494C233} - E:\讯雷\ComDlls\XunLeiBHO_007.dll
O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll (file missing)
O2 - BHO: ThunderBHO - {06849E9E-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: KAVAntiFishing - {55302805-482E-470E-8A57-6795A1487F90} - C:\kav2005\KAVAFish.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: 闪联任意通 - {0C9B3AB9-DEDF-11D8-A2D4-0050FC464B19} - C:\Program Files\Lenovo\IGRS EasyShare\IgrsAnywhere.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: 雅虎助手 - {406F94F0-504F-4A40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll (file missing)
O4 - HKLM\..\Run: [KavStart] "C:\kav2005\KAVStart.exe" -startup
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QkOnBtn] C:\PROGRA~1\QBU\QkOnBtn.EXE
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
O4 - HKLM\..\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IgrsPortal] "C:\Program Files\Lenovo\IGRS EasyShare\IgrsPortal.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [EnergyUtility] C:\Program Files\Lenovo\EnergyCut\utilty.exe
O4 - HKLM\..\Run: [EnergyCut] C:\Program Files\Lenovo\EnergyCut\EnergyCut.exe
O4 - HKLM\..\Run: [AnyComm_IncTray] "C:\Program Files\Lenovo\IGRS EasyShare\IncTray.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [KavPFW] "C:\kav2005\KPFW32.EXE"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &使用迅雷下载 - E:\讯雷\Program\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - E:\讯雷\Program\getallurl.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm
O8 - Extra context menu item: 金山毒霸反钓鱼... - C:\kav2005\KAF\ShowSet.htm
O9 - Extra button: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - E:\讯雷\Thunder.exe
O9 - Extra 'Tools' menuitem: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - E:\讯雷\Thunder.exe
O9 - Extra button: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra button: 网盟影视中心 - {DD1A363E-7803-4d06-923D-367BEE305F94} - http://vod.ytwm.com (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O23 - Service: General Updater/AutoUpdater Service (GUA) - lenovo - C:\Program Files\lenovo\GUA\GUA.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IGRS - 联想集团有限公司 - C:\Program Files\Lenovo\IGRS\IGRS.exe
O23 - Service: IGRSFILE - Lenovo Group Limited - C:\Program Files\lenovo\IGRS Profiles\File Profile\IgrsFile.exe
O23 - Service: IgrsFileShare - 联想集团有限公司 - C:\Program Files\Lenovo\IGRS EasyShare\FileShare.exe
O23 - Service: Kingsoft Personal Firewall Service (KPfwSvc) - Kingsoft Corporation - C:\kav2005\KPfwSvc.EXE
O23 - Service: Kingsoft Antivirus KWatch Service (KWatchSvc) - Kingsoft Corporation - C:\kav2005\KWatch.EXE
O23 - Service: NetDogService - SafeNet China - C:\WINDOWS\system32\NetDogSrv.exe

瑞星卡卡安全论坛