我的笔记本中了WINDOWS下的PE病毒病毒名称 Trojan.DL.Delf.eoa ,用瑞星只能检查说重启删除,可是重启了还有.病毒文件在:C:\Documents and Settings\All Users\Application Data\Microsoft\UserData目录里.在目录下删除不了.
请知道的教下我.谢谢!
2006-12-17,23:34:07

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Home Edition Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <igfxtray><C:\WINDOWS\system32\igfxtray.exe>  [(Verified)Intel Corporation]
    <igfxhkcmd><C:\WINDOWS\system32\hkcmd.exe>  [(Verified)Intel Corporation]
    <igfxpers><C:\WINDOWS\system32\igfxpers.exe>  [(Verified)Intel Corporation]
    <High Definition Audio Property Page Shortcut><CHDAudPropShortcut.exe>  [(Verified)Windows (R) Server 2003 DDK provider]
    <DetectorApp><C:\Program Files\Sonic\DigitalMedia Plus v7\MyDVD Plus\DetectorApp.exe>  [N/A]
    <SynTPEnh><C:\Program Files\Synaptics\SynTP\SynTPEnh.exe>  [(Verified)Synaptics, Inc.]
    <hpWirelessAssistant><C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe>  [Hewlett-Packard Development Company, L.P.]
    <HP Software Update><C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe>  [Hewlett-Packard Co.]
    <eabconfg.cpl><C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start>  [Hewlett-Packard ]
    <Cpqset><C:\Program Files\HPQ\Default Settings\cpqset.exe>  [N/A]
    <SunJavaUpdateSched><C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe>  [Sun Microsystems, Inc.]
    <IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [(Verified)Microsoft Corporation]
    <miniqqlive><"C:\Documents and Settings\wang\桌面\MiniQQLive.exe">  [N/A]
    <fenglei><F:\flmpc\fengleiLive.exe>  [风雷影音工作室]
    <YLive.exe><C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe>  [N/A]
    <yassistse><"C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe">  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <RavStub><"f:\Rising\Rav\ravstub.exe" /RUNONCE>  [Beijing Rising Technology Co., Ltd.]
    <YahooC:\PROGRA~1\Yahoo!\Assistant\yClickOn.dll533937><regsvr32 /s C:\PROGRA~1\Yahoo!\Assistant\yClickOn.dll>  [(Verified)YAHOO Corporation Limited]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><EXPLORER.EXE>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
    <{4BAB150F-DD97-476D-9C1E-41B6CDC0CA7A}><C:\PROGRA~1\Yahoo!\ASSIST~1\yclickon.dll>  [(Verified)YAHOO Corporation Limited]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    <WinlogonNotify: igfxcui><igfxdev.dll>  [(Verified)Intel Corporation]

==================================
启动文件夹
[QQ游戏启动加速程序]
  <C:\Documents and Settings\wang\「开始」菜单\程序\启动\QQ游戏启动加速程序.lnk --> F:\工具\QQ\QQGame\Accel.exe [深圳市腾讯计算机系统有限公司]><N>

==================================
服务
[Application Management / AppMgmt]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
[ASP.NET State Service / aspnet_state]
  <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[HP WMI Interface / hpqwmi]
  <C:\Program Files\HPQ\Shared\hpqwmi.exe><Hewlett-Packard Development Company, L.P.>
[hpqwmiex / hpqwmiex]
  <C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe><Hewlett-Packard Development Company, L.P.>
[LightScribeService Direct Disc Labeling Service / LightScribeService]
  <"C:\Program Files\Common Files\LightScribe\LSSrvc.exe"><Hewlett-Packard Company>
[Rising Process Communication Center / RsCCenter]
  <"f:\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"f:\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[USBDeviceService / USBDeviceService]
  <C:\Program Files\Sonic\DigitalMedia Plus v7\MyDVD Plus\USBDeviceService.exe><>

==================================
驱动程序
[AliIde / AliIde]
  <\SystemRoot\system32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[Rising TDI Base Driver / BaseTDI]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[WIDCOMM USB Bluetooth Driver / BTWUSB]
  <System32\Drivers\btwusb.sys><Broadcom Corporation.>
[d347bus / d347bus]
  <\SystemRoot\system32\DRIVERS\d347bus.sys><>
[d347prt / d347prt]
  <\SystemRoot\System32\Drivers\d347prt.sys><>
[Intel(R) PRO Network Connection Driver / E100B]
  <system32\DRIVERS\e100b325.sys><Intel Corporation>
[eabfiltr / eabfiltr]
  <\??\C:\WINDOWS\system32\drivers\EABFiltr.sys><Hewlett-Packard Development Company, L.P.>
[eabusb / eabusb]
  <\??\C:\WINDOWS\system32\drivers\eabusb.sys><Hewlett-Packard Development Company, L.P.>
[EagleNT / EagleNT]
  <\??\C:\WINDOWS\system32\drivers\EagleNT.sys><N/A>
[ExpScaner / ExpScaner]
  <\??\f:\Rising\Rav\ExpScan.sys><>
[Microsoft UAA Function Driver for High Definition Audio Service / HdAudAddService]
  <system32\drivers\CHDAud.sys><Conexant Systems Inc.>
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[HookCont / HookCont]
  <\??\f:\Rising\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg]
  <\??\f:\Rising\Rav\HookReg.sys><>
[HookSys / HookSys]
  <\??\f:\Rising\Rav\HookSys.sys><Rising>
[HSFHWAZL / HSFHWAZL]
  <system32\DRIVERS\HSFHWAZL.sys><Conexant Systems, Inc.>
[HSF_DPV / HSF_DPV]
  <system32\DRIVERS\HSF_DPV.sys><Conexant Systems, Inc.>
[ialm / ialm]
  <system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[Intel AHCI Controller / iaStor]
  <\SystemRoot\System32\DRIVERS\iaStor.sys><Intel Corporation>
[mdmxsdk / mdmxsdk]
  <system32\DRIVERS\mdmxsdk.sys><Conexant>
[MEMSCAN / MEMSCAN]
  <\??\f:\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[HP Webcam 1000 / Mvc25U870_VID_1262&PID_25FD]
  <System32\Drivers\Mvc25U870.sys><Micro Vision Co.,Ltd>
[npkcrypt / npkcrypt]
  <\??\F:\工具\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20]
  <\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[rimmptsk / rimmptsk]
  <system32\DRIVERS\rimmptsk.sys><REDC>
[rimsptsk / rimsptsk]
  <system32\DRIVERS\rimsptsk.sys><REDC>
[Ricoh xD-Picture Card Driver / rismxdp]
  <system32\DRIVERS\rixdptsk.sys><REDC>
[RsNTGDI / RsNTGDI]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS]
  <\??\f:\Rising\Rav\RSPPSYS.sys><Rising>
[Secdrv / Secdrv]
  <system32\DRIVERS\secdrv.sys><N/A>
[SKNFW / SKNFW]
  <\??\C:\WINDOWS\system32\Drivers\SKNFW.sys><N/A>
[SMC IrCC Miniport Device Driver / SMCIRDA]
  <system32\DRIVERS\smcirda.sys><SMC>
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1]
  <system32\DRIVERS\SONYPVU1.SYS><Sony Corporation>
[Synaptics TouchPad Driver / SynTP]
  <system32\DRIVERS\SynTP.sys><Synaptics, Inc.>
[TCP/IP Protocol Driver / Tcpip]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[ViaIde / ViaIde]
  <\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>
[Intel(R) PRO/Wireless 3945ABG Adapter Driver / w39n51]
  <system32\DRIVERS\w39n51.sys><Intel? Corporation>
[winachsf / winachsf]
  <system32\DRIVERS\HSF_CNXT.sys><Conexant Systems, Inc.>
[World Standard Teletext Codec / WSTCODEC]
  <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>

==================================
浏览器加载项
N/A

==================================
正在运行的进程
N/A

==================================
文件关联
N/A

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
N/A

==================================

我无邪：
非常感谢您留心我这份系统诊断报告，小菜鸟十万火急等待您的帮助！
该诊断报告由360安全卫士提供 http://www.360safe.com
诊断时间: 2006-12-18  11:11:20
诊断平台: Microsoft Windows XP  Service Pack 2
IE版本: Internet Explorer V6.0.2900.2180 Build:62900.2180
计算机物理内存:501MB - 当前可用内存:229MB

100 - 未知 - Process: RavMonD.exe [RavMond] - f:\Rising\Rav\Ravmond.exe
100 - 未知 - Process: RavStub.exe [Rising RavStub] - f:\Rising\Rav\RavStub.exe /RAVMOND
100 - 未知 - Process: USBDeviceService.exe [USBDeviceService Module] - C:\Program Files\Sonic\DigitalMedia Plus v7\MyDVD Plus\USBDeviceService.exe
100 - 未知 - Process: hpqwmiex.exe [hpqwmiex Module] - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
100 - 未知 - Process: DetectorApp.exe [DetectorApp Module] - C:\Program Files\Sonic\DigitalMedia Plus v7\MyDVD Plus\DetectorApp.exe
100 - 未知 - Process: HP Wireless Assistant.exe [hp Wireless Assistant Module] - C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
100 - 未知 - Process: fengleiLive.exe [风雷影音媒体中心] - F:\flmpc\fengleiLive.exe
100 - 未知 - Process: HpqToaster.exe [HpqToaster Module] - C:\PROGRA~1\HPQ\SHARED\HPQTOA~1.EXE -Embedding
R1 - 未知 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar=http://www.google.com/ie
R1 - 未知 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title=Mictosoft Internet Explorer
O2 - 未知 - BHO: (Thunder Browser Helper) - [XunLeiBHO] - {761497BA-D6F0-462C-B6EB-D4DAF1D92D43} - F:\工具\迅雷\ComDlls\XunLeiBHO_006.dll
O2 - 未知 - BHO: (SSVHelper Class) - [无效的CLSID:{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
O4 - 未知 - HKLM\..\Run: [DetectorApp] [DetectorApp Module] C:\Program Files\Sonic\DigitalMedia Plus v7\MyDVD Plus\DetectorApp.exe
O4 - 未知 - HKLM\..\Run: [hpWirelessAssistant] [hp Wireless Assistant Module] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - 未知 - HKLM\..\Run: [fenglei] [风雷影音媒体中心] F:\flmpc\fengleiLive.exe
O9 - 未知 - Extra button: Sun Java 控制台(HKLM) - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - 未知 - Extra button: 启动迅雷5(HKLM) - F:\工具\迅雷\Thunder.exe
O9 - 未知 - Extra button: 浩方对战平台(HKLM) - F:\游戏\浩方\浩方对战平台\GameClient.exe
O9 - 未知 - Extra button: 信息检索(HKLM) - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - 未知 - Extra button: 腾讯QQ(HKLM) - F:\工具\QQ\QQ.EXE
O9 - 未知 - Extra button: QQ炫彩工具条设置(HKLM) - f:\QQ\QQIEHelper.dll
O11 - 未知 - Options Group: Java (Sun)
O16 - 未知 - DPF: {05C1004E-2596-48E5-8E26-39362985EEB9} (MMCPlayer) - http://p3p.sogou.com/MMCShell.cab
O16 - 未知 - DPF: {5EC7C511-CD0F-42E6-830C-1BD9882F3458} (PowerPlayer Control) - http://download.ppstream.com/bin/powerplayer.cab
O16 - 未知 - DPF: {A3CD7F74-93C9-4BC4-B892-CCDF1514F714} (Submit) - https://pbank.95559.com.cn/personbank/ocx/safe.cab
O16 - 未知 - DPF: {BF8C499A-AC6E-4F58-82EA-9E5FCC41C34B} (PicUploadCtrl) - http://tb.sogou.com/PicUpload.cab?pp
O16 - 未知 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Plug-in) - http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
O16 - 未知 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.5.0_06) - http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
O18 - 未知 - Protocol: KuGoo3 - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - F:\工具\KuGoo3\InExtend\KuGoo3DownXControl.ocx
O23 - 未知 - Service: hpqwmi [HP WMI Interface] - C:\Program Files\HPQ\Shared\hpqwmi.exe - (not running)
O23 - 未知 - Service: hpqwmiex [hpqwmiex] - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe - (running)
O23 - 未知 - Service: RsCCenter [Rising Process Communication Center] - "f:\Rising\Rav\CCenter.exe" - (running)
O23 - 未知 - Service: RsRavMon [RsRavMon Service] - "f:\Rising\Rav\Ravmond.exe" - (running)
O23 - 未知 - Service: USBDeviceService [USBDeviceService] - C:\Program Files\Sonic\DigitalMedia Plus v7\MyDVD Plus\USBDeviceService.exe - (running)

=======================================

100 - 安全 - Process: smss.exe [进程为会话管理子系统用以初始化系统变量，ms-dos驱动名称类似lpt1以及com，调用win32壳子系统和运行在windows登陆过程。] - C:\WINDOWS\System32\smss.exe
100 - 安全 - Process: csrss.exe [客户端服务子系统，用以控制windows图形相关子系统。] - C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=base
100 - 安全 - Process: winlogon.exe [windows nt用户登陆程序。] - C:\WINDOWS\system32\winlogon.exe
100 - 安全 - Process: services.exe [用于管理windows服务系统进程。] - C:\WINDOWS\system32\services.exe
100 - 安全 - Process: lsass.exe [本地安全权限服务控制windows安全机制。] - C:\WINDOWS\system32\lsass.exe
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost -k DcomLaunch
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost -k rpcss
100 - 安全 - Process: CCenter.exe [瑞星杀毒软件控制台相关程序。] - f:\Rising\Rav\CCenter.exe
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\System32\svchost.exe -k netsvcs
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k NetworkService
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k LocalService
100 - 安全 - Process: explorer.exe [windows program manager或者windows explorer用于控制windows图形shell，包括开始菜单、任务栏，桌面和文件管理。] - C:\WINDOWS\Explorer.EXE
100 - 安全 - Process: spoolsv.exe [windows打印任务控制程序，用以打印机就绪。] - C:\WINDOWS\system32\spoolsv.exe
100 - 安全 - Process: LSSrvc.exe [一款名为LightScribe(光雕技术)的刻录机，可以在光盘上光雕个性化图案。] - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k imgsvc
100 - 安全 - Process: alg.exe [这是一个应用层网关服务用于网络共享。] - C:\WINDOWS\System32\alg.exe
100 - 安全 - Process: hkcmd.exe [intel显卡驱动相关软件。] - C:\WINDOWS\system32\hkcmd.exe
100 - 安全 - Process: igfxpers.exe [intel公共用户界面模块。] - C:\WINDOWS\system32\igfxpers.exe
100 - 安全 - Process: SynTPEnh.exe [美国新思公司出版的触摸板驱动程序的一部分。] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
100 - 安全 - Process: wmiprvse.exe [wmi 提供程序 (wmi provider) 在 wmi 和操作系统、应用程序以及其他系统的组件之间充当中介.此进程为合法的系统进程。] - C:\WINDOWS\system32\wbem\wmiprvse.exe
100 - 安全 - Process: eabservr.exe [康柏公司出品的笔记本电脑相关程序。] - C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
100 - 安全 - Process: jusched.exe [用于检测sun的站点是否有更新的java版本的提醒软件。] - C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
100 - 安全 - Process: ctfmon.exe [office xp输入法图标。] - C:\WINDOWS\system32\ctfmon.exe
100 - 安全 - Process: IEXPLORE.EXE [microsoft internet explorer浏览器用于浏览网页。] - C:\Program Files\Internet Explorer\iexplore.exe
100 - 安全 - Process: wuauclt.exe [windows操作系统后台程序，用于系统升级。] - C:\WINDOWS\system32\wuauclt.exe
100 - 安全 - Process: 360Safe.exe [360安全卫士] - G:\备份\工具备份\杀病毒\360safe\360Safe.exe
R1 - 安全 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINDOWS\system32\blank.htm
R1 - 安全 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINDOWS\system32\blank.htm
R1 - 安全 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default)=http://www.google.com/search?q=%s
O2 - 安全 - BHO: (Google Toolbar Helper) - [Google搜索工具条。] - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
O3 - 安全 - Toolbar: (&Google) - [Google IE 客户端工具栏。] - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - 安全 - HKLM\..\Run: [IMJPMIG8.1] [微软Microsoft输入法编辑器程序。] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 安全 - HKLM\..\Run: [PHIME2002ASync] [输入法软件相关程序。] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 安全 - HKLM\..\Run: [PHIME2002A] [输入法软件相关程序。] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 安全 - HKLM\..\Run: [igfxtray] [是Intel显卡配置和诊断程序，会同Intel 810芯片组的集成显卡安装。] C:\WINDOWS\system32\igfxtray.exe
O4 - 安全 - HKLM\..\Run: [igfxhkcmd] [intel热键命令模块相关程序。] C:\WINDOWS\system32\hkcmd.exe
O4 - 安全 - HKLM\..\Run: [igfxpers] [inter集成显卡相关文件。] C:\WINDOWS\system32\igfxpers.exe
O4 - 安全 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] [一款音效控制相关程序。] CHDAudPropShortcut.exe
O4 - 安全 - HKLM\..\Run: [SynTPEnh] [新思手写板，多用于各种笔记本触摸板驱动程序设置] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - 安全 - HKLM\..\Run: [HP Software Update] [惠普软件升级程序。] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - 安全 - HKLM\..\Run: [eabconfg.cpl] [康柏笔记本电脑控制面板快捷驱动程序。] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - 安全 - HKLM\..\Run: [Cpqset] [康柏compaq相关软件。] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - 安全 - HKLM\..\Run: [SunJavaUpdateSched] [java升级相关软件。] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - 安全 - HKLM\..\Run: [IMSCMig] [微软拼音输入法安装工具。  ] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - 安全 - HKLM\..\Run: [miniqqlive] [QQLive视频播放软件相关程序。] "C:\Documents and Settings\wang\桌面\MiniQQLive.exe"
O4 - 安全 - HKLM\..\RunOnce: [RavStub] [是瑞星杀毒软件相关程序。] "f:\Rising\Rav\ravstub.exe" /RUNONCE
O4 - 安全 - HKCU\..\Run: [ctfmon.exe] [office xp输入法图标。] C:\WINDOWS\system32\ctfmon.exe
O4 - 安全 - Startup folder: [QQ游戏启动加速程序.lnk] [qq游戏启动加速相关程序。] C:\Documents and Settings\wang\「开始」菜单\程序\启动\QQ游戏启动加速程序.lnk
O8 - 安全 - Extra context menu item: &使用迅雷下载 - F:\工具\迅雷\Program\geturl.htm
O8 - 安全 - Extra context menu item: &使用迅雷下载全部链接 - F:\工具\迅雷\Program\getallurl.htm
O8 - 安全 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - 安全 - Extra button: Windows Messenger(HKLM) - C:\Program Files\Messenger\msmsgs.exe
O16 - 安全 - DPF: {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} (招商银行个人版) - https://www.sz1.cmbchina.com/download/CMBEdit.cab
O16 - 安全 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in) - http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
O16 - 安全 - DPF: {EF6205C1-3F17-4829-BCB5-1336ED89E356} (江民在线查毒) - http://online.jiangmin.com/KvDown.cab
O18 - 安全 - Protocol: OFFICE 相关 - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O18 - 安全 - Protocol: OFFICE 相关 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
O23 - 安全 - Service: LightScribeService [一个来自dvd刻录机\\\"光雕\\\"软件的相关程序,通过用户许可协议安装。] - "C:\Program Files\Common Files\LightScribe\LSSrvc.exe" - (running)

=======================================

O40 - Explorer.EXE - Beijing Rising Technology Co., Ltd. - f:\Rising\Rav\RSCOMMON.DLL - Rising Common Function Dynamic Link Library - 58432e6c58f1b4c339adc1a79bf864b6
O40 - Explorer.EXE - Beijing Rising Technology Co., Ltd. - C:\WINDOWS\system32\RavExt.dll - Rising Shell Ext Module - fd0d1389219b779135ff6bc2086bac49
O40 - Explorer.EXE - Hewlett-Packard  - C:\Program Files\HPQ\Quick Launch Buttons\CPQINFO.DLL - Quick Launch Buttons - c9f53508462a124d91e6e54fa850ae8d

=======================================

O41 - BaseTDI - basetdi - C:\WINDOWS\system32\drivers\basetdi.sys - (running) - basetdi - Beijing Rising Technology Co., Ltd. - 6e311de78c8fa4e03856897b836bc3c4
O41 - BTWUSB - Driver for Bluetooth USB Devices - C:\WINDOWS\system32\drivers\btwusb.sys - (not running) - Driver for Bluetooth USB Devices - Broadcom Corporation. - e76dc88f00d50f46072feb2371769978
O41 - d347bus - PnP BIOS Extension - C:\WINDOWS\system32\drivers\d347bus.sys - (running) - PnP BIOS Extension -  - 5776322f93cdb91086111f5ffbfda2a0
O41 - d347prt - SCSI miniport - C:\WINDOWS\system32\drivers\d347prt.sys - (running) - SCSI miniport -  - b49f79ace459763f4e0380071be9cb45
O41 - EagleNT - EagleNT - C:\WINDOWS\system32\drivers\EagleNT.sys - (not running) -  -  -
O41 - ExpScaner - ExpScan.sys - f:\Rising\Rav\ExpScan.sys - (running) - ExpScan.sys -  - 5a690926c7181d5c0b2721016442c9c3
O41 - gmmywyiq - gmmywyiq - C:\WINDOWS\system32\drivers\gmmywyiq.sys - (running) -  - YAHOO Corporation - 4f9ed37f9e758e6c72afd39a12c63afa
O41 - HookCont - HookCont - f:\Rising\Rav\HookCont.sys - (running) - HookCont - Rising - 4447c53ba80df5d4a9b72e54a0ba71d8
O41 - HookReg - HookReg - f:\Rising\Rav\HOOKREG.sys - (running) -  -  - 997c395147f8e5b3f714bdd112fe8945
O41 - HookSys - Hooksys - f:\Rising\Rav\HookSys.sys - (running) - Hooksys - Rising - 265b67f85db6226f2439e13e7c1fa8bf
O41 - MEMSCAN - MemScan Driver - f:\Rising\Rav\MemScan.sys - (running) - MemScan Driver - 瑞星软件有限公司 - 9811b256023dd985cbc5bad790e5bb84
O41 - npkcrypt - nProtect KeyCrypt Driver - F:\工具\QQ\npkcrypt.sys - (running) - nProtect KeyCrypt Driver - INCA Internet Co., Ltd. - 8bcb281a2540e7aff0cd00f9878fe21f
O41 - PxHelp20 - Px Engine Device Driver for Windows 2000/XP - C:\WINDOWS\system32\drivers\pxhelp20.sys - (running) - Px Engine Device Driver for Windows 2000/XP - Sonic Solutions - 86724469cd077901706854974cd13c3e
O41 - RsNTGDI - RsNTGDI - C:\WINDOWS\system32\drivers\RsNTGdi.sys - (running) - RsNTGDI - Beijing Rising Technology Co., Ltd. - 17214e7b192cb93ff014fca1484b97ad
O41 - RSPPSYS - RSPPSYS - f:\Rising\Rav\rsppsys.sys - (running) - RSPPSYS - Rising - 4197f8bb3251c22f806c1d7d8d6ca2e1
O41 - SKNFW - SKNFW - C:\WINDOWS\system32\Drivers\SKNFW.sys - (running) -  -  -
O41 - SkyProcs - SkyProcs - F:\SKYNET\FIREWALL\SkyProcs.sys - (not running) -  -  -
O41 - ZSMC303 - Video streaming and Capture Device Driver - C:\WINDOWS\system32\drivers\usbVM303.sys - (not running) - Video streaming and Capture Device Driver - Vimicro Corporation - 07f90a3574769a28ad3f45ccc61394ec

=======================================
360Safe.exe=2.2.0.1002
AntiAdwa.dll=2.2.0.1000
AntiEng.dll=2.2.0.1000
AntiActi.dll=2.0.0.3000
CleanHis.dll=2.0.0.1001
safelive.exe=1.0.0.2007
live.dll=1.0.0.1011

=======================================
操作历史报告：

----------插件卸载操作历史----------

2006-12-18 11:07
插件管理 - 雅虎助手&上网助手 -

=======================================

360安全卫士，彻底查杀各种流氓软件,全面保护系统安全,并赠送正版卡巴斯基V6.0
最新免费下载：http://www.360safe.com

另外，那个文件在原来的地方不见了，用瑞星也找不到它了。不知道是不是删除了啊？？？我用了恶意软件清理助手和Windows清理助手。怎么知道它还在不在电脑里啊？还需要我提供什么啊？？？