1：键盘锁死，但是小键盘能够使用，大键盘打开大写（caps Lock）后也能输入大写字母。
2：几乎所有的程序运行都会出现“****遇到问题需要关闭”的windows提示窗口，然后就中止程序运行。有的程序在运行前出现，有的程序在运行结束时出现。
3：删除文件等windows操作也不能运行，提示“explorer.exe遇到问题需要关闭”

用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
最后次使用就杀了些恶评插件

下载瑞星听诊器

下载地址：http://download.rising.com.cn/for_down/RsDetect.exe

运行扫描后会生成一个“瑞星听诊信息.htm”的文件，提交上来！
以便进一步帮你分析下情况！

第一批
未知家族病毒分析
扫描结果:
无可疑文件


系统活动进程
C:\PROGRAM FILES\GEMPLUS\GEMSAFE LIBRARIES\BIN\RRMSVR.EXE
C:\WINDOWS\SYSTEM32\SYNTPFCS.DLL
C:\WINDOWS\SYSTEM32\UNISPIM.IME

C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
C:\WINDOWS\SYSTEM32\BTHCRP.DLL
C:\WINDOWS\SYSTEM32\WIDCOMMSDK.DLL
C:\WINDOWS\SYSTEM32\WBTAPI.DLL
C:\WINDOWS\SYSTEM32\CNAB4LMK.DLL
C:\WINDOWS\SYSTEM32\CNAB4SMK.DLL
C:\WINDOWS\SYSTEM32\CNAB4PTU.DLL
C:\WINDOWS\SYSTEM32\UNISPIM.IME
C:\WINDOWS\SYSTEM32\EBPMON2.DLL
C:\WINDOWS\SYSTEM32\ZLHP1018.DLL
C:\WINDOWS\SYSTEM32\ZLM.DLL
C:\WINDOWS\SYSTEM32\MDIMON.DLL
C:\WINDOWS\SYSTEM32\XRXW1LMK.DLL
C:\WINDOWS\SYSTEM32\SPOOL\PRTPROCS\W32X86\IMFPRINT.DLL
C:\WINDOWS\SYSTEM32\IMF32.DLL
C:\WINDOWS\SYSTEM32\ZTAG32.DLL
C:\WINDOWS\SYSTEM32\ZSPOOL.DLL
C:\WINDOWS\SYSTEM32\SPOOL\PRTPROCS\W32X86\MDIPPR.DLL
C:\WINDOWS\SYSTEM32\CNAB4EMU.DLL

C:\WINDOWS\SYSTEM32\SCARDSVR.EXE
C:\PROGRAM FILES\RISING\RAV\RAVSTUB.EXE
C:\PROGRAM FILES\RISING\RAV\RSCOMMX.DLL
C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL

C:\PROGRAM FILES\GEMPLUS\GEMSAFE LIBRARIES\BIN\REGTOOL.EXE
C:\PROGRAM FILES\GEMPLUS\GEMSAFE LIBRARIES\BIN\GWSCM.DLL
C:\WINDOWS\SYSTEM32\MSVCR71.DLL
C:\PROGRAM FILES\GEMPLUS\GEMSAFE LIBRARIES\BIN\GEMPPM.DLL
C:\WINDOWS\SYSTEM32\MFC71.DLL
C:\WINDOWS\SYSTEM32\MSVCP71.DLL
C:\PROGRAM FILES\GEMPLUS\COMMON\RESOURCES\LOCHUB.DLL
C:\WINDOWS\SYSTEM32\SYNTPFCS.DLL
C:\WINDOWS\SYSTEM32\UNISPIM.IME
C:\PROGRAM FILES\GEMPLUS\GEMSAFE LIBRARIES\BIN\GHIDWSC.DLL
C:\PROGRAM FILES\GEMPLUS\GEMSAFE LIBRARIES\BIN\RRM.DLL

C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACPRFMGRSVC.EXE
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACLOCSETTINGS.DLL
C:\WINDOWS\SYSTEM32\MSVCP71.DLL
C:\WINDOWS\SYSTEM32\MSVCR71.DLL
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACPRFMGR.DLL
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACCRYPTHLPR.DLL
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACHELPER.DLL
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACON.DLL
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACLOCMIGRATOR.DLL
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\THINQCON.DLL

C:\WINDOWS\SYSTEM32\CTFMON.EXE
C:\WINDOWS\SYSTEM32\SYNTPFCS.DLL
C:\WINDOWS\SYSTEM32\UNISPIM.IME

C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRAM FILES\THUNDER NETWORK\WEBTHUNDER\WEBTHUNDER.EXE
C:\PROGRAM FILES\THUNDER NETWORK\WEBTHUNDER\MSVCR71.DLL
C:\WINDOWS\SYSTEM32\SYNTPFCS.DLL
C:\WINDOWS\SYSTEM32\UNISPIM.IME
C:\PROGRAM FILES\THUNDER NETWORK\WEBTHUNDER\TASKMANAGER.DLL
C:\PROGRAM FILES\THUNDER NETWORK\WEBTHUNDER\DOWNLOAD_INTERFACE.DLL
C:\PROGRAM FILES\THUNDER NETWORK\WEBTHUNDER\STLPORT_VC646.DLL
C:\PROGRAM FILES\THUNDER NETWORK\WEBTHUNDER\ASYN_DNS.DLL
C:\PROGRAM FILES\THUNDER NETWORK\WEBTHUNDER\STREAMMEDIALIB.DLL
C:\PROGRAM FILES\THUNDER NETWORK\WEBTHUNDER\AL.DLL
C:\PROGRAM FILES\THUNDER NETWORK\WEBTHUNDER\XLDC.DLL
C:\PROGRAM FILES\THUNDER NETWORK\WEBTHUNDER\BD.DLL
C:\PROGRAM FILES\THUNDER NETWORK\WEBTHUNDER\REGISTERDLL.DLL
C:\PROGRAM FILES\THUNDER NETWORK\WEBTHUNDER\CACHESERVER.DLL
C:\PROGRAM FILES\THUNDER NETWORK\WEBTHUNDER\XLSAFE\SAFEINFO.DLL
C:\PROGRAM FILES\THUNDER NETWORK\WEBTHUNDER\XLSAFE\RMFSCAN.DLL
C:\PROGRAM FILES\THUNDER NETWORK\WEBTHUNDER\XLNET.DLL
C:\PROGRAM FILES\THUNDER NETWORK\WEBTHUNDER\DOWNANDPLAY\WEBDOWNANDPLAY.DLL
C:\PROGRAM FILES\THUNDER NETWORK\WEBTHUNDER\XLSTATISTIC\XLSTATISTICADDIN.DLL

C:\WINDOWS\SYSTEM32\SMSS.EXE
C:\PROGRAM FILES\THINKPAD\BLUETOOTH SOFTWARE\BIN\BTWDINS.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACNOTIFY.DLL
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACSVCSTUB.DLL
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACLOCSETTINGS.DLL
C:\WINDOWS\SYSTEM32\MSVCP71.DLL
C:\WINDOWS\SYSTEM32\MSVCR71.DLL
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACHELPER.DLL
C:\WINDOWS\SYSTEM32\ATI2EVXX.DLL
C:\WINDOWS\SYSTEM32\PSQLPWD.DLL
C:\PROGRAM FILES\THINKVANTAGE FINGERPRINT SOFTWARE\INFRA.DLL
C:\PROGRAM FILES\THINKVANTAGE FINGERPRINT SOFTWARE\HOMEFUS2.DLL
C:\WINDOWS\SYSTEM32\BIOLOGON.DLL
C:\PROGRAM FILES\THINKVANTAGE FINGERPRINT SOFTWARE\HOMEPASS.DLL
C:\PROGRAM FILES\THINKVANTAGE FINGERPRINT SOFTWARE\BIO.DLL
C:\PROGRAM FILES\THINKVANTAGE FINGERPRINT SOFTWARE\REMOTE.DLL
C:\PROGRAM FILES\THINKVANTAGE FINGERPRINT SOFTWARE\PS2CSS.DLL
C:\WINDOWS\SYSTEM32\TPHKLOCK.DLL
C:\WINDOWS\SYSTEM32\UNISPIM.IME
C:\WINDOWS\SYSTEM32\MSACM32.DRV

C:\WINDOWS\SYSTEM32\SERVICES.EXE
C:\WINDOWS\SYSTEM32\LSASS.EXE
C:\WINDOWS\SYSTEM32\PSQLPWD.DLL
C:\PROGRAM FILES\THINKVANTAGE FINGERPRINT SOFTWARE\INFRA.DLL
C:\WINDOWS\SYSTEM32\MSVCR71.DLL
C:\PROGRAM FILES\THINKVANTAGE FINGERPRINT SOFTWARE\HOMEFUS2.DLL

C:\PROGRAM FILES\NGSRV\NGSLOTD.EXE
C:\PROGRAM FILES\NGSRV\SLOTMON\HIDMON_GD.DLL
C:\PROGRAM FILES\NGSRV\SLOTMON\SCARDMON.DLL

C:\WINDOWS\SYSTEM32\WUAUCLT.EXE
C:\WINDOWS\SYSTEM32\WUPS2.DLL

C:\WINDOWS\SYSTEM32\IBMPMSVC.EXE
C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
C:\WINDOWS\SYSTEM32\ATI2EDXX.DLL

C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\WUPS2.DLL

C:\PROGRAM FILES\INTEL\WIRELESS\BIN\REGSRVC.EXE
C:\PROGRAM FILES\INTEL\WIRELESS\BIN\EVTENG.EXE
C:\PROGRAM FILES\INTEL\WIRELESS\BIN\PSREGAPI.DLL
C:\PROGRAM FILES\INTEL\WIRELESS\BIN\TRACEAPI.DLL

C:\PROGRAM FILES\INTEL\WIRELESS\BIN\S24EVMON.EXE
C:\PROGRAM FILES\INTEL\WIRELESS\BIN\TRACEAPI.DLL
C:\PROGRAM FILES\INTEL\WIRELESS\BIN\PSREGAPI.DLL
C:\PROGRAM FILES\INTEL\WIRELESS\BIN\LIBEAY32.DLL
C:\PROGRAM FILES\INTEL\WIRELESS\BIN\INTSTNGS.DLL
C:\PROGRAM FILES\INTEL\WIRELESS\BIN\IWMSPROV.DLL

C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACSVC.EXE
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACLOCSETTINGS.DLL
C:\WINDOWS\SYSTEM32\MSVCP71.DLL
C:\WINDOWS\SYSTEM32\MSVCR71.DLL
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACPRFMGR.DLL
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACCRYPTHLPR.DLL
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACHELPER.DLL
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACON.DLL
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACSVCHLPR.DLL
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACADAPTERSINFO.DLL
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ANCA.DLL
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ANC.DLL
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACSVCSTUB.DLL
C:\WINDOWS\SYSTEM32\UNISPIM.IME
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACGOLAN.DLL
C:\PROGRAM FILES\INTEL\WIRELESS\BIN\PFMGRAPI.DLL
C:\PROGRAM FILES\INTEL\WIRELESS\BIN\TRACEAPI.DLL
C:\PROGRAM FILES\INTEL\WIRELESS\BIN\PSREGAPI.DLL
C:\PROGRAM FILES\INTEL\WIRELESS\BIN\DBENGINE.DLL
C:\PROGRAM FILES\INTEL\WIRELESS\BIN\LIBEAY32.DLL
C:\PROGRAM FILES\INTEL\WIRELESS\BIN\INTSTNGS.DLL
C:\PROGRAM FILES\INTEL\WIRELESS\BIN\MUROCAPI.DLL
C:\PROGRAM FILES\INTEL\WIRELESS\BIN\S24MUDLL.DLL

G:\RSDETECT.EXE
C:\WINDOWS\SYSTEM32\SYNTPFCS.DLL
C:\WINDOWS\SYSTEM32\UNISPIM.IME

C:\PROGRAM FILES\THINKPAD\BLUETOOTH SOFTWARE\BTTRAY.EXE
C:\WINDOWS\SYSTEM32\WBTAPI.DLL
C:\WINDOWS\SYSTEM32\BTOSIF.DLL
C:\WINDOWS\SYSTEM32\BTWHIDCS.DLL
C:\PROGRAM FILES\THINKPAD\BLUETOOTH SOFTWARE\BTBALLOON.DLL
C:\WINDOWS\SYSTEM32\BTREZ.DLL
C:\WINDOWS\SYSTEM32\CSH.DLL
C:\WINDOWS\SYSTEM32\SYNTPFCS.DLL
C:\PROGRAM FILES\THINKPAD\BLUETOOTH SOFTWARE\BTKEYIND.DLL
C:\WINDOWS\SYSTEM32\UNISPIM.IME

C:\WINDOWS\SYSTEM32\ALG.EXE
C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
C:\WINDOWS\SYSTEM32\UNISPIM.IME
C:\WINDOWS\SYSTEM32\ATI2EDXX.DLL

C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM32\UNISPIM.IME
C:\WINDOWS\SYSTEM32\RAVEXT.DLL
C:\PROGRAM FILES\WINRAR\RAREXT.DLL
C:\PROGRA~1\THINKPAD\UTILIT~1\PWRMGRTR.DLL
C:\PROGRA~1\THINKPAD\UTILIT~1\SC\PWRMGRRT.DLL
C:\PROGRA~1\THINKPAD\UTILIT~1\PWRMGRIF.DLL
C:\WINDOWS\SYSTEM32\SYNTPFCS.DLL
C:\WINDOWS\SYSTEM32\MSACM32.DRV
C:\PROGRAM FILES\THUNDER NETWORK\WEBTHUNDER\WEBTHUNDERBHO_NOW.DLL
C:\PROGRAM FILES\360SAFE\SAFEMON\SAFEMON.DLL
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE11\MSOHEV.DLL
C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL

C:\WINDOWS\SYSTEM32\WBEM\WMIPRVSE.EXE
C:\PROGRAM FILES\RISING\RFW\RFWMAIN.EXE
C:\PROGRAM FILES\RISING\RFW\RSGUILIB.DLL
C:\PROGRAM FILES\RISING\RFW\RSCOMMON.DLL
C:\PROGRAM FILES\RISING\RFW\RFWCTRL.DLL
C:\PROGRAM FILES\RISING\RFW\RSXML.DLL
C:\PROGRAM FILES\RISING\RFW\PNGDLL.DLL

C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACTRAY.EXE
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACLOCSETTINGS.DLL
C:\WINDOWS\SYSTEM32\MSVCP71.DLL
C:\WINDOWS\SYSTEM32\MSVCR71.DLL
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACGUIHLPR.DLL
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACSVCSTUB.DLL
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACHELPER.DLL
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACPRFMGR.DLL
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACCRYPTHLPR.DLL
C:\WINDOWS\SYSTEM32\MFC71U.DLL
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\RES\SC\GUIHLPRRES.DLL
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\RES\SC\TRAYRES.DLL

C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACWLICON.EXE
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACLOCSETTINGS.DLL
C:\WINDOWS\SYSTEM32\MSVCP71.DLL
C:\WINDOWS\SYSTEM32\MSVCR71.DLL
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACGUIHLPR.DLL
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACSVCSTUB.DLL
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACHELPER.DLL
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACPRFMGR.DLL
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACCRYPTHLPR.DLL
C:\WINDOWS\SYSTEM32\MFC71U.DLL
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\RES\SC\GUIHLPRRES.DLL
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\RES\SC\ICONRES.DLL

C:\PROGRA~1\THINKPAD\UTILIT~1\EZEJMNAP.EXE
C:\PROGRA~1\THINKPAD\UTILIT~1\SC\EZMAPRES.DLL
C:\WINDOWS\SYSTEM32\UNISPIM.IME

C:\PROGRA~1\LENOVO\PKGMGR\HOTKEY\TPHKMGR.EXE
C:\WINDOWS\SYSTEM32\MSACM32.DRV
C:\WINDOWS\SYSTEM32\OEMDSPIF.DLL
C:\PROGRA~1\LENOVO\PKGMGR\HOTKEY\TPFNF7.DLL

C:\PROGRAM FILES\LENOVO\PKGMGR\HOTKEY\TPONSCR.EXE
C:\WINDOWS\SYSTEM32\UNISPIM.IME

C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
C:\PROGRA~1\THINKPAD\UTILIT~1\PWRMGRTR.DLL
C:\PROGRA~1\THINKPAD\UTILIT~1\SC\PWRMGRRT.DLL
C:\PROGRA~1\THINKPAD\UTILIT~1\PWRMGRIF.DLL
C:\WINDOWS\SYSTEM32\OEMDSPIF.DLL
C:\WINDOWS\SYSTEM32\UNISPIM.IME

C:\PROGRAM FILES\LENOVO\PKGMGR\HOTKEY_1\TPSCREX.EXE
C:\WINDOWS\SYSTEM32\UNISPIM.IME

C:\PROGRAM FILES\THINKVANTAGE\AMSG\AMSG.EXE
C:\PROGRAM FILES\THINKVANTAGE\AMSG\AHLPRUNL.DLL
C:\WINDOWS\SYSTEM32\UNISPIM.IME
C:\PROGRA~1\THINKV~1\AMSG\ACPPOLLINGENGINE.DLL
C:\WINDOWS\SYSTEM32\SYNTPFCS.DLL

C:\PROGRAM FILES\ANALOG DEVICES\CORE\SMAX4PNP.EXE
C:\PROGRAM FILES\ANALOG DEVICES\CORE\SMWDMIF.DLL
C:\WINDOWS\SYSTEM32\UNISPIM.IME
C:\WINDOWS\SYSTEM32\MSACM32.DRV

C:\PROGRA~1\THINKV~1\PRDCTR\LPMGR.EXE
C:\PROGRA~1\THINKV~1\PRDCTR\SC\LPRESMGR.DLL
C:\WINDOWS\SYSTEM32\UNISPIM.IME
C:\WINDOWS\SYSTEM32\MSVCR71.DLL
C:\WINDOWS\SYSTEM32\MFC71U.DLL
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\RES\SC\TRAYRES.DLL

C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
C:\WINDOWS\SYSTEM32\UNISPIM.IME

C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPLPR.EXE
C:\WINDOWS\SYSTEM32\SYNTPFCS.DLL
C:\WINDOWS\SYSTEM32\UNISPIM.IME

C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPENH.EXE
C:\WINDOWS\SYSTEM32\UNISPIM.IME
C:\WINDOWS\SYSTEM32\SYNCOM.DLL
C:\WINDOWS\SYSTEM32\SYNTPAPI.DLL
C:\WINDOWS\SYSTEM32\RAVEXT.DLL
C:\WINDOWS\SYSTEM32\SYNTPFCS.DLL

C:\WINDOWS\SYSTEM32\WBEM\WMIPRVSE.EXE
C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
C:\PROGRA~1\STORMII\STORMSET.DLL
C:\WINDOWS\SYSTEM32\UNISPIM.IME

C:\PROGRAM FILES\HEWLETT-PACKARD\ORDERREMINDER\ORDERREMINDER.EXE
C:\WINDOWS\SYSTEM32\CNAB4RPK.EXE
C:\PROGRAM FILES\NGSRV\EP2K_CERTD.EXE
C:\WINDOWS\SYSTEM32\EP2PK11.DLL
C:\WINDOWS\SYSTEM32\SYNTPFCS.DLL
C:\WINDOWS\SYSTEM32\UNISPIM.IME


普通自启动项
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
IMJPMIG8.1 = "C:\WINDOWS\IME\IMJP8_1\IMJPMIG.EXE" /SPOIL /REMADVDEF /MIGRATION32
PHIME2002ASync = C:\WINDOWS\SYSTEM32\IME\TINTLGNT\TINTSETP.EXE /SYNC
PHIME2002A = C:\WINDOWS\SYSTEM32\IME\TINTLGNT\TINTSETP.EXE /IMENAME
TrackPointSrv = TP4SERV.EXE
ACTray = C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACTRAY.EXE
ACWLIcon = C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACWLICON.EXE
EZEJMNAP = C:\PROGRA~1\THINKPAD\UTILIT~1\EZEJMNAP.EXE
TPHOTKEY = C:\PROGRA~1\LENOVO\PKGMGR\HOTKEY\TPHKMGR.EXE
igfxtray = C:\WINDOWS\SYSTEM32\IGFXTRAY.EXE
igfxhkcmd = C:\WINDOWS\SYSTEM32\HKCMD.EXE
igfxpers = C:\WINDOWS\SYSTEM32\IGFXPERS.EXE
PWRMGRTR = RUNDLL32 C:\PROGRA~1\THINKPAD\UTILIT~1\PWRMGRTR.DLL,PWRMGRBKGNDMONITOR
BLOG = RUNDLL32 C:\PROGRA~1\THINKPAD\UTILIT~1\BATLOGEX.DLL,STARTBATTLOG
AMSG = C:\PROGRAM FILES\THINKVANTAGE\AMSG\AMSG.EXE
SoundMAXPnP = C:\PROGRAM FILES\ANALOG DEVICES\CORE\SMAX4PNP.EXE
LPManager = C:\PROGRA~1\THINKV~1\PRDCTR\LPMGR.EXE
BluetoothAuthenticationAgent = RUNDLL32.EXE BTHPROPS.CPL,,BLUETOOTHAUTHENTICATIONAGENT
SynTPLpr = C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPLPR.EXE
SynTPEnh = C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPENH.EXE
PSQLLauncher = "C:\PROGRAM FILES\THINKVANTAGE FINGERPRINT SOFTWARE\LAUNCHER.EXE" /STARTUP
Storm2Set = C:\WINDOWS\SYSTEM32\RUNDLL32.EXE "C:\PROGRA~1\STORMII\STORMSET.DLL",CHECKENV
IMSCMig = C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /PRELOAD
RavTask = "C:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE" -SYSTEM
RfwMain = "C:\PROGRAM FILES\RISING\RFW\RFWMAIN.EXE" -STARTUP
OrderReminder = C:\PROGRAM FILES\HEWLETT-PACKARD\ORDERREMINDER\ORDERREMINDER.EXE
ep2k_certd = C:\PROGRAM FILES\NGSRV\EP2K_CERTD.EXE -R
gemstrmw = C:\WINDOWS\SYSTEM32\GEMSTRMW.EXE /R
MenuOrder = C:\PROGRAM FILES\ICBCCO~1\ICBC\GEMPLUS(CORP)\MENUORDER\MENUORDER.EXE
Gemplus Reader Resource Manager = C:\PROGRAM FILES\GEMPLUS\GEMSAFE LIBRARIES\BIN\RRMSVR.EXE
RegTool = C:\PROGRAM FILES\GEMPLUS\GEMSAFE LIBRARIES\BIN\REGTOOL.EXE
WebThunder = C:\PROGRAM FILES\THUNDER NETWORK\WEBTHUNDER\WEBTHUNDER.EXE

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
ctfmon.exe = C:\WINDOWS\SYSTEM32\CTFMON.EXE


系统文件关联
.exe ==> exefile = "%1" %*
.com ==> comfile = "%1" %*
.cmd ==> cmdfile = "%1" %*
.bat ==> batfile = "%1" %*
.txt ==> txtfile = C:\WINDOWS\SYSTEM32\DLLCACHE\soundman.EXE %1
.scr ==> scrfile = "%1" /S
.reg ==> regfile = regedit.exe "%1"
.doc ==> Word.Document.8 = "C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /n /dde

另外的
其它启动项
WIN.INI

无信息

SYSTEM.INI

SHELL = Explorer.exe

Winlogon 启动项
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify

ACNotify = ACNOTIFY.DLL
AtiExtEvent = ATI2EVXX.DLL
crypt32chain = CRYPT32.DLL
cryptnet = CRYPTNET.DLL
cscdll = CSCDLL.DLL
igfxcui = IGFXDEV.DLL
psfus = PSQLPWD.DLL
ScCertProp = WLNOTIFY.DLL
Schedule = WLNOTIFY.DLL
sclgntfy = SCLGNTFY.DLL
SensLogn = WLNOTIFY.DLL
termsrv = WLNOTIFY.DLL
tpfnf2 = NOTIFYF2.DLL
tphotkey = TPHKLOCK.DLL
wlballoon = WLNOTIFY.DLL

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

Userinit = C:\WINDOWS\SYSTEM32\USERINIT.EXE,
shell = EXPLORER.EXE

IE - BHO
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

{00000AAA-A363-466E-BEF5-9BB68697AA7F} = C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll
{900BE8EE-4BE2-4080-957D-8CEC92181B57} = C:\WINDOWS\Downloaded Program Files\domhelper.dll
{B69F34DD-F0F9-42DC-9EDD-957187DA688D} = C:\Program Files\360safe\safemon\safemon.dll

Winsock SPI
MSAFD Irda [IrDA] = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD Tcpip [TCP/IP] = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD Tcpip [UDP/IP] = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD Tcpip [RAW/IP] = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
RSVP UDP Service Provider = C:\WINDOWS\SYSTEM32\RSVPSP.DLL
RSVP TCP Service Provider = C:\WINDOWS\SYSTEM32\RSVPSP.DLL
MSAFD RfComm [Bluetooth] = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{6F0287EF-E592-46EA-A68E-8C71FD2BC9CB}] SEQPACKET 6 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{6F0287EF-E592-46EA-A68E-8C71FD2BC9CB}] DATAGRAM 6 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{8A023AB9-D8B6-401E-9928-2E3DFF439A7F}] SEQPACKET 5 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{8A023AB9-D8B6-401E-9928-2E3DFF439A7F}] DATAGRAM 5 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{3B553B70-455A-4B6D-AE20-E5FA272494D5}] SEQPACKET 4 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{3B553B70-455A-4B6D-AE20-E5FA272494D5}] DATAGRAM 4 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{DFB891C3-DC54-4DB6-8E46-E16DDDADB18F}] SEQPACKET 3 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{DFB891C3-DC54-4DB6-8E46-E16DDDADB18F}] DATAGRAM 3 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{017E25FE-EF6D-452D-8CA1-09FF438D5FD1}] SEQPACKET 0 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{017E25FE-EF6D-452D-8CA1-09FF438D5FD1}] DATAGRAM 0 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{2802B201-AF77-4985-8D4B-34F6D345DCD2}] SEQPACKET 1 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{2802B201-AF77-4985-8D4B-34F6D345DCD2}] DATAGRAM 1 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{FB90DDC6-9305-49B1-AD79-FDB3843A9941}] SEQPACKET 2 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{FB90DDC6-9305-49B1-AD79-FDB3843A9941}] DATAGRAM 2 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{F2741F96-1858-4EF1-BF2D-5AECD2079DC9}] SEQPACKET 7 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{F2741F96-1858-4EF1-BF2D-5AECD2079DC9}] DATAGRAM 7 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{30B2A89C-EC8A-436E-8273-F75ACEB431B1}] SEQPACKET 8 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{30B2A89C-EC8A-436E-8273-F75ACEB431B1}] DATAGRAM 8 = C:\WINDOWS\SYSTEM32\MSWSOCK.DLL

系统服务项
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services

AcPrfMgrSvc = C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACPRFMGRSVC.EXE
AcSvc = C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACSVC.EXE
Alerter = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE
ALG = C:\WINDOWS\SYSTEM32\ALG.EXE
AppMgmt = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
Ati HotKey Poller = C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
AudioSrv = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
BITS = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
Browser = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
BthServ = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K BTHSVCS
btwdins = C:\PROGRAM FILES\THINKPAD\BLUETOOTH SOFTWARE\BIN\BTWDINS.EXE
CiSvc = C:\WINDOWS\SYSTEM32\CISVC.EXE
ClipSrv = C:\WINDOWS\SYSTEM32\CLIPSRV.EXE
COMSysApp = C:\WINDOWS\SYSTEM32\DLLHOST.EXE /PROCESSID:{02D4B3F1-FD88-11D1-960D-00805FC79235}
CryptSvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
DcomLaunch = C:\WINDOWS\SYSTEM32\SVCHOST -K DCOMLAUNCH
Dhcp = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
dmadmin = C:\WINDOWS\SYSTEM32\DMADMIN.EXE /COM
dmserver = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
Dnscache = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETWORKSERVICE
ERSvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
Eventlog = C:\WINDOWS\SYSTEM32\SERVICES.EXE
EventSystem = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
EvtEng = C:\PROGRAM FILES\INTEL\WIRELESS\BIN\EVTENG.EXE
FastUserSwitchingCompatibility = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
helpsvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
HidServ = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
HTTPFilter = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K HTTPFILTER
IBMPMSVC = C:\WINDOWS\SYSTEM32\IBMPMSVC.EXE
IDriverT = "C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\DRIVER\1050\INTEL 32\IDRIVERT.EXE"
ImapiService = C:\WINDOWS\SYSTEM32\IMAPI.EXE
Irmon = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
lanmanserver = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
lanmanworkstation = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
LmHosts = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE
Messenger = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
mnmsrvc = C:\WINDOWS\SYSTEM32\MNMSRVC.EXE
MSDTC = C:\WINDOWS\SYSTEM32\MSDTC.EXE
MSIServer = C:\WINDOWS\SYSTEM32\MSIEXEC.EXE /V
NetDDE = C:\WINDOWS\SYSTEM32\NETDDE.EXE
NetDDEdsdm = C:\WINDOWS\SYSTEM32\NETDDE.EXE
Netlogon = C:\WINDOWS\SYSTEM32\LSASS.EXE
Netman = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
ngSlotD = C:\PROGRAM FILES\NGSRV\NGSLOTD.EXE
Nla = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
NtLmSsp = C:\WINDOWS\SYSTEM32\LSASS.EXE
NtmsSvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
ose = "C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\SOURCE ENGINE\OSE.EXE"
PlugPlay = C:\WINDOWS\SYSTEM32\SERVICES.EXE
PolicyAgent = C:\WINDOWS\SYSTEM32\LSASS.EXE
ProtectedStorage = C:\WINDOWS\SYSTEM32\LSASS.EXE
RasAuto = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
RasMan = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
RDSessMgr = C:\WINDOWS\SYSTEM32\SESSMGR.EXE
RegSrvc = C:\PROGRAM FILES\INTEL\WIRELESS\BIN\REGSRVC.EXE
RemoteAccess = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
RemoteRegistry = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE
RfwProxySrv = C:\PROGRAM FILES\RISING\RFW\RFWPROXY.EXE
RfwService = C:\PROGRAM FILES\RISING\RFW\RFWSRV.EXE
RpcLocator = C:\WINDOWS\SYSTEM32\LOCATOR.EXE
RpcSs = C:\WINDOWS\SYSTEM32\SVCHOST -K RPCSS
RsCCenter = "C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE"
RsRavMon = "C:\PROGRAM FILES\RISING\RAV\RAVMOND.EXE"
RSVP = C:\WINDOWS\SYSTEM32\RSVP.EXE
S24EventMonitor = C:\PROGRAM FILES\INTEL\WIRELESS\BIN\S24EVMON.EXE
SamSs = C:\WINDOWS\SYSTEM32\LSASS.EXE
SCardSvr = C:\WINDOWS\SYSTEM32\SCARDSVR.EXE
Schedule = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
seclogon = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
SENS = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
SharedAccess = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
ShellHWDetection = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
Spooler = C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
srservice = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
SSDPSRV = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE
stisvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K IMGSVC
SwPrv = C:\WINDOWS\SYSTEM32\DLLHOST.EXE /PROCESSID:{DE144376-B94C-4E8D-BC08-C514F837A0BD}
SysmonLog = C:\WINDOWS\SYSTEM32\SMLOGSVC.EXE
TapiSrv = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
TermService = C:\WINDOWS\SYSTEM32\SVCHOST -K DCOMLAUNCH
Themes = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
TlntSvr = C:\WINDOWS\SYSTEM32\TLNTSVR.EXE
TrkWks = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
upnphost = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE
UPS = C:\WINDOWS\SYSTEM32\UPS.EXE
VSS = C:\WINDOWS\SYSTEM32\VSSVC.EXE
W32Time = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
WebClient = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE
winmgmt = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
WmdmPmSN = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
Wmi = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
WmiApSrv = C:\WINDOWS\SYSTEM32\WBEM\WMIAPSRV.EXE
wscsvc = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
wuauserv = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
WZCSVC = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS
xmlprov = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS

文件驱动
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services

FltMgr = C:\WINDOWS\SYSTEM32\DRIVERS\FLTMGR.SYS
MRxDAV = C:\WINDOWS\SYSTEM32\DRIVERS\MRXDAV.SYS
MRxSmb = C:\WINDOWS\SYSTEM32\DRIVERS\MRXSMB.SYS
NetBIOS = C:\WINDOWS\SYSTEM32\DRIVERS\NETBIOS.SYS
Rdbss = C:\WINDOWS\SYSTEM32\DRIVERS\RDBSS.SYS
sr = C:\WINDOWS\SYSTEM32\DRIVERS\SR.SYS
Srv = C:\WINDOWS\SYSTEM32\DRIVERS\SRV.SYS

系统驱动项
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services

ACPI = C:\WINDOWS\SYSTEM32\DRIVERS\ACPI.SYS
ACPIEC = C:\WINDOWS\SYSTEM32\DRIVERS\ACPIEC.SYS
ADIHdAudAddService = C:\WINDOWS\SYSTEM32\DRIVERS\ADIHDAUD.SYS
AEAudioService = C:\WINDOWS\SYSTEM32\DRIVERS\AEAUDIO.SYS
aec = C:\WINDOWS\SYSTEM32\DRIVERS\AEC.SYS
AegisP = C:\WINDOWS\SYSTEM32\DRIVERS\AEGISP.SYS
AFD = C:\WINDOWS\SYSTEM32\DRIVERS\AFD.SYS
ANC = C:\WINDOWS\SYSTEM32\DRIVERS\ANC.SYS
Arp1394 = C:\WINDOWS\SYSTEM32\DRIVERS\ARP1394.SYS
AsyncMac = C:\WINDOWS\SYSTEM32\DRIVERS\ASYNCMAC.SYS
atapi = C:\WINDOWS\SYSTEM32\DRIVERS\ATAPI.SYS
ati2mtag = C:\WINDOWS\SYSTEM32\DRIVERS\ATI2MTAG.SYS
Atmarpc = C:\WINDOWS\SYSTEM32\DRIVERS\ATMARPC.SYS
atmeltpm = C:\WINDOWS\SYSTEM32\DRIVERS\ATMELTPM.SYS
audstub = C:\WINDOWS\SYSTEM32\DRIVERS\AUDSTUB.SYS
BaseTDI = C:\WINDOWS\SYSTEM32\DRIVERS\BASETDI.SYS
BthEnum = C:\WINDOWS\SYSTEM32\DRIVERS\BTHENUM.SYS
BthPan = C:\WINDOWS\SYSTEM32\DRIVERS\BTHPAN.SYS
BTHPORT = C:\WINDOWS\SYSTEM32\DRIVERS\BTHPORT.SYS
BTHUSB = C:\WINDOWS\SYSTEM32\DRIVERS\BTHUSB.SYS
BTKRNL = C:\WINDOWS\SYSTEM32\DRIVERS\BTKRNL.SYS
BTWUSB = C:\WINDOWS\SYSTEM32\DRIVERS\BTWUSB.SYS
Cdrom = C:\WINDOWS\SYSTEM32\DRIVERS\CDROM.SYS
CmBatt = C:\WINDOWS\SYSTEM32\DRIVERS\CMBATT.SYS
Compbatt = C:\WINDOWS\SYSTEM32\DRIVERS\COMPBATT.SYS
Disk = C:\WINDOWS\SYSTEM32\DRIVERS\DISK.SYS
dmboot = C:\WINDOWS\SYSTEM32\DRIVERS\DMBOOT.SYS
dmio = C:\WINDOWS\SYSTEM32\DRIVERS\DMIO.SYS
dmload = C:\WINDOWS\SYSTEM32\DRIVERS\DMLOAD.SYS
DMusic = C:\WINDOWS\SYSTEM32\DRIVERS\DMUSIC.SYS
drmkaud = C:\WINDOWS\SYSTEM32\DRIVERS\DRMKAUD.SYS
e1express = C:\WINDOWS\SYSTEM32\DRIVERS\E1E5132.SYS
ExpScaner = C:\PROGRAM FILES\RISING\RAV\EXPSCAN.SYS
FsVga = C:\WINDOWS\SYSTEM32\DRIVERS\FSVGA.SYS
ft2kEnum = C:\WINDOWS\SYSTEM32\DRIVERS\IC2KENUM.SYS
Ftdisk = C:\WINDOWS\SYSTEM32\DRIVERS\FTDISK.SYS
GDBaseSmc = C:\WINDOWS\SYSTEM32\DRIVERS\CHIP_SMC.SYS
GD_USB = C:\WINDOWS\SYSTEM32\DRIVERS\CHIP_USB.SYS
GKeyUSB = C:\WINDOWS\SYSTEM32\DRIVERS\GKEYUSB.SYS
Gpc = C:\WINDOWS\SYSTEM32\DRIVERS\MSGPC.SYS
HDAudBus = C:\WINDOWS\SYSTEM32\DRIVERS\HDAUDBUS.SYS
HidUsb = C:\WINDOWS\SYSTEM32\DRIVERS\HIDUSB.SYS
HookCont = C:\PROGRAM FILES\RISING\RAV\HOOKCONT.SYS
HookReg = C:\PROGRAM FILES\RISING\RAV\HOOKREG.SYS
HookSys = C:\PROGRAM FILES\RISING\RAV\HOOKSYS.SYS
HookUrl = C:\PROGRAM FILES\RISING\RFW\HOOKURL.SYS
HSF_DPV = C:\WINDOWS\SYSTEM32\DRIVERS\HSX_DPV.SYS
HSXHWAZL = C:\WINDOWS\SYSTEM32\DRIVERS\HSXHWAZL.SYS
HTTP = C:\WINDOWS\SYSTEM32\DRIVERS\HTTP.SYS
i8042prt = C:\WINDOWS\SYSTEM32\DRIVERS\I8042PRT.SYS
ialm = C:\WINDOWS\SYSTEM32\DRIVERS\IALMNT5.SYS
iastor = C:\WINDOWS\SYSTEM32\DRIVERS\IASTOR.SYS
IBMPMDRV = C:\WINDOWS\SYSTEM32\DRIVERS\IBMPMDRV.SYS
IBMTPCHK = C:\WINDOWS\SYSTEM32\DRIVERS\IBMBLDID.SYS
Imapi = C:\WINDOWS\SYSTEM32\DRIVERS\IMAPI.SYS
intelppm = C:\WINDOWS\SYSTEM32\DRIVERS\INTELPPM.SYS
Ip6Fw = C:\WINDOWS\SYSTEM32\DRIVERS\IP6FW.SYS
IpFilterDriver = C:\WINDOWS\SYSTEM32\DRIVERS\IPFLTDRV.SYS
IpInIp = C:\WINDOWS\SYSTEM32\DRIVERS\IPINIP.SYS
IpNat = C:\WINDOWS\SYSTEM32\DRIVERS\IPNAT.SYS
IPSec = C:\WINDOWS\SYSTEM32\DRIVERS\IPSEC.SYS
irda = C:\WINDOWS\SYSTEM32\DRIVERS\IRDA.SYS
IRENUM = C:\WINDOWS\SYSTEM32\DRIVERS\IRENUM.SYS
isapnp = C:\WINDOWS\SYSTEM32\DRIVERS\ISAPNP.SYS
Kbdclass = C:\WINDOWS\SYSTEM32\DRIVERS\KBDCLASS.SYS
kbdhid = C:\WINDOWS\SYSTEM32\DRIVERS\KBDHID.SYS
kmixer = C:\WINDOWS\SYSTEM32\DRIVERS\KMIXER.SYS
mdmxsdk = C:\WINDOWS\SYSTEM32\DRIVERS\MDMXSDK.SYS
MEMSCAN = C:\PROGRAM FILES\RISING\RAV\MEMSCAN.SYS
Mouclass = C:\WINDOWS\SYSTEM32\DRIVERS\MOUCLASS.SYS
mouhid = C:\WINDOWS\SYSTEM32\DRIVERS\MOUHID.SYS
mProcRs = C:\PROGRAM FILES\RISING\RFW\MPROCRS.SYS
MSKSSRV = C:\WINDOWS\SYSTEM32\DRIVERS\MSKSSRV.SYS
MSPCLOCK = C:\WINDOWS\SYSTEM32\DRIVERS\MSPCLOCK.SYS
MSPQM = C:\WINDOWS\SYSTEM32\DRIVERS\MSPQM.SYS
mssmbios = C:\WINDOWS\SYSTEM32\DRIVERS\MSSMBIOS.SYS
NdisTapi = C:\WINDOWS\SYSTEM32\DRIVERS\NDISTAPI.SYS
Ndisuio = C:\WINDOWS\SYSTEM32\DRIVERS\NDISUIO.SYS
NdisWan = C:\WINDOWS\SYSTEM32\DRIVERS\NDISWAN.SYS
NetBT = C:\WINDOWS\SYSTEM32\DRIVERS\NETBT.SYS
NIC1394 = C:\WINDOWS\SYSTEM32\DRIVERS\NIC1394.SYS
npkcrypt = D:\QQ2007\NPKCRYPT.SYS
NSCIRDA = C:\WINDOWS\SYSTEM32\DRIVERS\NSCIRDA.SYS
NwlnkFlt = C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKFLT.SYS
NwlnkFwd = C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKFWD.SYS
ohci1394 = C:\WINDOWS\SYSTEM32\DRIVERS\OHCI1394.SYS
Parport = C:\WINDOWS\SYSTEM32\DRIVERS\PARPORT.SYS
PCI = C:\WINDOWS\SYSTEM32\DRIVERS\PCI.SYS
PCIIde = C:\WINDOWS\SYSTEM32\DRIVERS\PCIIDE.SYS
Pcmcia = C:\WINDOWS\SYSTEM32\DRIVERS\PCMCIA.SYS
PptpMiniport = C:\WINDOWS\SYSTEM32\DRIVERS\RASPPTP.SYS
PSched = C:\WINDOWS\SYSTEM32\DRIVERS\PSCHED.SYS
Ptilink = C:\WINDOWS\SYSTEM32\DRIVERS\PTILINK.SYS
RasAcd = C:\WINDOWS\SYSTEM32\DRIVERS\RASACD.SYS
Rasirda = C:\WINDOWS\SYSTEM32\DRIVERS\RASIRDA.SYS
Rasl2tp = C:\WINDOWS\SYSTEM32\DRIVERS\RASL2TP.SYS
RasPppoe = C:\WINDOWS\SYSTEM32\DRIVERS\RASPPPOE.SYS
Raspti = C:\WINDOWS\SYSTEM32\DRIVERS\RASPTI.SYS
RDPCDD = C:\WINDOWS\SYSTEM32\DRIVERS\RDPCDD.SYS
rdpdr = C:\WINDOWS\SYSTEM32\DRIVERS\RDPDR.SYS
Reader_Device = C:\WINDOWS\SYSTEM32\DRIVERS\USBIC2K.SYS
redbook = C:\WINDOWS\SYSTEM32\DRIVERS\REDBOOK.SYS
RFCOMM = C:\WINDOWS\SYSTEM32\DRIVERS\RFCOMM.SYS
RGGA = C:\WINDOWS\SYSTEM32\DRIVERS\RGGA.SYS
RsFwDrv = C:\PROGRAM FILES\RISING\RFW\RSFWDRV.SYS
RsNTGDI = C:\WINDOWS\SYSTEM32\DRIVERS\RSNTGDI.SYS
RSPPSYS = C:\PROGRAM FILES\RISING\RAV\RSPPSYS.SYS
s24trans = C:\WINDOWS\SYSTEM32\DRIVERS\S24TRANS.SYS
sdbus = C:\WINDOWS\SYSTEM32\DRIVERS\SDBUS.SYS
Secdrv = C:\WINDOWS\SYSTEM32\DRIVERS\SECDRV.SYS
Smapint = C:\WINDOWS\SYSTEM32\DRIVERS\SMAPINT.SYS
smihlp = C:\PROGRAM FILES\THINKVANTAGE FINGERPRINT SOFTWARE\SMIHLP.SYS
splitter = C:\WINDOWS\SYSTEM32\DRIVERS\SPLITTER.SYS
swenum = C:\WINDOWS\SYSTEM32\DRIVERS\SWENUM.SYS
swmidi = C:\WINDOWS\SYSTEM32\DRIVERS\SWMIDI.SYS
SynTP = C:\WINDOWS\SYSTEM32\DRIVERS\SYNTP.SYS
sysaudio = C:\WINDOWS\SYSTEM32\DRIVERS\SYSAUDIO.SYS
SZD13 = C:\WINDOWS\SYSTEM32\DRIVERS\SZD13.SYS
SZD13USBDKey = C:\WINDOWS\SYSTEM32\DRIVERS\DKSZD.SYS
Tcpip = C:\WINDOWS\SYSTEM32\DRIVERS\TCPIP.SYS
TcUsb = C:\WINDOWS\SYSTEM32\DRIVERS\TCUSB.SYS
TDSMAPI = C:\WINDOWS\SYSTEM32\DRIVERS\TDSMAPI.SYS
TermDD = C:\WINDOWS\SYSTEM32\DRIVERS\TERMDD.SYS
Tp4Track = C:\WINDOWS\SYSTEM32\DRIVERS\TP4TRACK.SYS
TPPWRIF = C:\WINDOWS\SYSTEM32\DRIVERS\TPPWRIF.SYS
TSMAPIP = C:\WINDOWS\SYSTEM32\DRIVERS\TSMAPIP.SYS
TwoTrack = C:\WINDOWS\SYSTEM32\DRIVERS\TWOTRACK.SYS
Update = C:\WINDOWS\SYSTEM32\DRIVERS\UPDATE.SYS
usbccgp = C:\WINDOWS\SYSTEM32\DRIVERS\USBCCGP.SYS
usbehci = C:\WINDOWS\SYSTEM32\DRIVERS\USBEHCI.SYS
usbhub = C:\WINDOWS\SYSTEM32\DRIVERS\USBHUB.SYS
usbprint = C:\WINDOWS\SYSTEM32\DRIVERS\USBPRINT.SYS
usbscan = C:\WINDOWS\SYSTEM32\DRIVERS\USBSCAN.SYS
usbstor = C:\WINDOWS\SYSTEM32\DRIVERS\USBSTOR.SYS
usbuhci = C:\WINDOWS\SYSTEM32\DRIVERS\USBUHCI.SYS
VgaSave = C:\WINDOWS\SYSTEM32\DRIVERS\VGA.SYS
w39n51 = C:\WINDOWS\SYSTEM32\DRIVERS\W39N51.SYS
Wanarp = C:\WINDOWS\SYSTEM32\DRIVERS\WANARP.SYS
wdmaud = C:\WINDOWS\SYSTEM32\DRIVERS\WDMAUD.SYS
winachsf = C:\WINDOWS\SYSTEM32\DRIVERS\HSX_CNXT.SYS

没人哩了么?

楼主把那个文件用附件的方式发送吧  这样看着好晕哦

我是菜鸟.不会.....不好意思

键盘是不是坏啦？？没听说过这种病毒，是不是键盘浸水了。。。

不可能,键盘某些功能键还可以使用.是忽然变成这样子的

在网页右下角有发帖和回复的按钮  你点回复就能在新窗口上传附件了