前些日子中病毒，EXE文件全部无法打开，瑞星监控自动关闭。
经过升级杀毒软件，并用EWIDOSCN，木马克星，RogueCleaner，清除SPYWARE。并修改注册表RUN项目等紧急修理，可以凑合使用，但是开机速度极慢，在出现欢迎界面选择用户后，登陆时大约需要10分钟才能正常工作。而且弹出一些某程序无法内存读取或不可用的对话框。这种情况只出现在具有管理员权限的帐户，guest用户不受影响，用guest用户登陆则能很快登陆。
但是一旦在安全模式下，用管理员登陆，删除原来的guest用户，新增加一个guest用户，在用这个guest用户登陆就会出现和同样的问题。
而且登陆时长时间只有桌面，无图标，这时运行任务管理器，只有11、12个进程，都是系统进程，内存消耗只有七八十M，CPU消耗为0，比安全模式时还要少。
请问有何办法可以解决？

HijackThis_zww汉化版扫描日志 V1.99.1
保存于      13:58:47, 日期 2006-12-21
操作系统：  Windows XP SP2 (WinNT 5.01.2600)
浏览器：    Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程：         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\lenovo\GUA\GUA.exe
C:\Program Files\lenovo\IGRS\Ext\IgrsMonitor.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\RpcS.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SVCHOST.EXE
C:\Program Files\lenovo\IGRS\Ext\IgrsSignal.exe
C:\Program Files\lenovo\IGRS\Ext\IgrsNotify.exe
C:\Program Files\lenovo\IGRS EasyShare\IgrsPortal.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HijackThis1991zww.exe

R3 - 默认的URLSearchHook丢失。用HijackThis修复
F2 - REG:system.ini: Shell=Explorer.exe 1
F3 - REG:win.ini: load=C:\WINDOWS\system\tpkIM32.exe
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: IEMonitor Class - {08A312BB-5409-49FC-9347-54BB7D069AC6} - C:\WINDOWS\system32\deskipn.dll (file missing)
O2 - BHO: Info cache - {385AB8C6-FB22-4D17-8834-064E2BA0A6F0} - C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll
O2 - BHO: SafeMe Internet Explorer Helper - {3AE06CEE-58A6-4F5F-AF89-6C5350842F16} - C:\WINDOWS\system32\SafeHelper12.dll
O2 - BHO: MallObj Class - {3B30B48F-617D-4F73-A20F-D3D54357F103} - C:\WINDOWS\system32\mallgoo2.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O3 - IE工具栏增项: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\kakatool.dll (file missing)
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [IgrsSignal] "C:\Program Files\lenovo\IGRS\Ext\IgrsSignal.exe"
O4 - 启动项HKLM\\Run: [IgrsNotify] "C:\Program Files\lenovo\IGRS\Ext\IgrsNotify.exe"
O4 - 启动项HKLM\\Run: [IgrsPortal] "C:\Program Files\lenovo\IGRS EasyShare\IgrsPortal.exe"
O4 - 启动项HKLM\\Run: [Torjan Program] C:\WINDOWS\SVCHOST.EXE
O4 - 启动项HKLM\\Run: [lenovo WMC UI] "C:\Program Files\lenovo\IGRS EasyShare\WirelessConfig.exe"
O4 - 启动项HKLM\\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - 启动项HKLM\\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - C:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - 浏览器额外的按钮: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - 浏览器额外的“工具”菜单项: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com
O16 - DPF: {05C1004E-2596-48E5-8E26-39362985EEB9} (MMCPlayer Class) - http://p3p.sogou.com/MMCShell.cab
O20 - Winlogon Notify: igrswn - C:\Program Files\lenovo\IGRS\Ext\igrswn.dll
O23 - NT 服务: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - NT 服务: General Updater/AutoUpdater Service (GUA) - lenovo - C:\Program Files\lenovo\GUA\GUA.exe
O23 - NT 服务: IGRS - Lenovo Group Limited - C:\Program Files\lenovo\IGRS\IGRS.exe
O23 - NT 服务: IGRSFILE - Lenovo Group Limited - C:\Program Files\lenovo\IGRS Profiles\File Profile\IgrsFile.exe
O23 - NT 服务: IgrsFileShare - 联想集团有限公司 - C:\Program Files\lenovo\IGRS EasyShare\FileShare.exe
O23 - NT 服务: IgrsMonitor - Lenovo Group Limited - C:\Program Files\lenovo\IGRS\Ext\IgrsMonitor.exe
O23 - NT 服务: MicroGrid DirectRouter (MicroGrid.DirectRouter) - Lenovo Group Limited - C:\Program Files\lenovo\IGRS\Ext\router.exe
O23 - NT 服务: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising - (no file)
O23 - NT 服务: Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe
O23 - NT 服务: SmartLinkService (SLService) -  - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - NT 服务: Windows NT Service32 - Unknown owner - C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\NTService32.dll",Start (file missing)
O23 - NT 服务: WMCSVC - Lenovo Group Limited - C:\Program Files\lenovo\IGRS\Ext\wmcsvc.exe

2006-12-21,13:59:40

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows XP Home Edition Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
  所有的启动项目（包括注册表、启动文件夹、服务等）
  浏览器加载项
  正在运行的进程（包括进程模块信息）
  文件关联
  Winsock 提供者
  Autorun.inf
  HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <load><C:\WINDOWS\system\tpkIM32.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
  <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
  <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
  <IgrsSignal><"C:\Program Files\lenovo\IGRS\Ext\IgrsSignal.exe">  [Lenovo Group Limited]
  <IgrsNotify><"C:\Program Files\lenovo\IGRS\Ext\IgrsNotify.exe">  [Lenovo Group Limited]
  <IgrsPortal><"C:\Program Files\lenovo\IGRS EasyShare\IgrsPortal.exe">  [Lenovo Group Limited]
  <Torjan Program><C:\WINDOWS\SVCHOST.EXE>  [gowje]
  <lenovo WMC UI><"C:\Program Files\lenovo\IGRS EasyShare\WirelessConfig.exe">  [Lenovo Group Limited]
  <!ewido><"C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized>  [Anti-Malware Development a.s.]
  <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)NVIDIA Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <shell><Explorer.exe 1>  [N/A]
  <Userinit><userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
  <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
  <{57B86673-276A-48B2-BAE7-C6DBB3020EB8}><C:\Program Files\ewido anti-spyware 4.0\shellexecutehook.dll>  [Anti-Malware Development a.s.]
  <{1A404685-7563-4d02-B0F6-58B308A406A9}><c:\program files\internet explorer\uslzrowf.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igrswn]
  <WinlogonNotify: igrswn><C:\Program Files\lenovo\IGRS\Ext\igrswn.dll>  [Lenovo Group Limited]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  <lcbwvq><; >  [N/A]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
  <Load><; >  [N/A]

==================================
启动文件夹
N/A

==================================
服务
[Application Management / AppMgmt]
<C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
[ewido anti-spyware 4.0 guard / ewido anti-spyware 4.0 guard]
<C:\Program Files\ewido anti-spyware 4.0\guard.exe><Anti-Malware Development a.s.>
[General Updater/AutoUpdater Service / GUA]
<"C:\Program Files\lenovo\GUA\GUA.exe"><lenovo>
[Human Interface Device Access / HidServ]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[IGRS / IGRS]
<C:\Program Files\lenovo\IGRS\IGRS.exe><Lenovo Group Limited>
[IGRSFILE / IGRSFILE]
<C:\Program Files\lenovo\IGRS Profiles\File Profile\IgrsFile.exe><Lenovo Group Limited>
[IgrsFileShare / IgrsFileShare]
<"C:\Program Files\lenovo\IGRS EasyShare\FileShare.exe"><联想集团有限公司>
[IgrsMonitor / IgrsMonitor]
<"C:\Program Files\lenovo\IGRS\Ext\IgrsMonitor.exe"><Lenovo Group Limited>
[Spectrum24 Events Monitor / IPRIP]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\acss.dll><N/A>
[MicroGrid DirectRouter / MicroGrid.DirectRouter]
<C:\Program Files\lenovo\IGRS\Ext\router.exe><Lenovo Group Limited>
[WindowsNt Workstation / NTWorkStan]
<C:\WINDOWS\System32\svchost.exe -k NTWorkStan-->c:\windows\system32\ntworkstan.dll><Microsoft Corporation>
[NVIDIA Driver Helper Service / NVSvc]
<C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Remote Procedure Call System(RPCS) / RpcS]
<C:\WINDOWS\system32\RpcS.exe><Microsoft Corporation>
[Rising Process Communication Center / RsCCenter]
<><N/A>
[Rising RealTime Monitor / RsRavMon]
<"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[SmartLinkService / SLService]
<slserv.exe><>
[Windows NT Service32 / Windows NT Service32]
<"C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\NTService32.dll",Start><Microsoft Corporation>
[WinServer / WinServer]
<><N/A>
[WMCSVC / WMCSVC]
<C:\Program Files\lenovo\IGRS\Ext\wmcsvc.exe><Lenovo Group Limited>
[WindowsNt Network Engine / wnttech]
<C:\WINDOWS\System32\svchost.exe -k wnttech-->c:\windows\system32\wnttech.dll><Microsoft Corporation>

==================================
驱动程序
[Service for WDM 3D Audio Driver / ALCXSENS]
<system32\drivers\ALCXSENS.SYS><Sensaura Ltd>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM]
<system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[Alps Pointing-device Filter Driver / ApfiltrService]
<system32\DRIVERS\Apfiltr.sys><Alps Electric Co., Ltd.>
[Rising TDI Base Driver / BaseTDI]
<System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[ccidiidc / ccidiidc]
<C:\WINDOWS\SYSTEM32\DRIVERS\ccidiidc.SYS><中国互联网络信息中心(CNNIC)>
[cdrbsvsd / cdrbsvsd]
<C:\WINDOWS\SYSTEM32\DRIVERS\cdrbsvsd.SYS><B.H.A Corporation>
[daeddihg / daeddihg]
<C:\WINDOWS\SYSTEM32\DRIVERS\daeddihg.SYS><中国互联网络信息中心(CNNIC)>
[dbfhfjgi / dbfhfjgi]
<C:\WINDOWS\SYSTEM32\DRIVERS\dbfhfjgi.SYS><中国互联网络信息中心(CNNIC)>
[dgfajjah / dgfajjah]
<C:\WINDOWS\SYSTEM32\DRIVERS\dgfajjah.SYS><中国互联网络信息中心(CNNIC)>
[Dritek HotKey Keyboard Filter Driver / DKbFltr]
<System32\Drivers\DKbFltr.sys><Dritek System Inc.>
[ecciggaj / ecciggaj]
<C:\WINDOWS\SYSTEM32\DRIVERS\ecciggaj.SYS><中国互联网络信息中心(CNNIC)>
[ewido anti-spyware 4.0 driver / ewido anti-spyware 4.0 driver]
<\??\C:\Program Files\ewido anti-spyware 4.0\guard.sys><N/A>
[ExpScaner / ExpScaner]
<\??\C:\Program Files\Rising\Rav\ExpScan.sys><>
[fcefbhaj / fcefbhaj]
<C:\WINDOWS\SYSTEM32\DRIVERS\fcefbhaj.SYS><中国互联网络信息中心(CNNIC)>
[fhiigjje / fhiigjje]
<C:\WINDOWS\SYSTEM32\DRIVERS\fhiigjje.SYS><中国互联网络信息中心(CNNIC)>
[fiddebai / fiddebai]
<C:\WINDOWS\SYSTEM32\DRIVERS\fiddebai.SYS><中国互联网络信息中心(CNNIC)>
[HookCont / HookCont]
<\??\C:\Program Files\Rising\Rav\HOOKCONT.sys><Rising tech Co. ltd>
[hookreg / hookreg]
<\??\C:\Program Files\Rising\Rav\HookReg.sys><>
[HookSys / HookSys]
<\??\C:\Program Files\Rising\Rav\HookSys.sys><Rising>
[iehajadj / iehajadj]
<C:\WINDOWS\SYSTEM32\DRIVERS\iehajadj.SYS><中国互联网络信息中心(CNNIC)>
[MEMSCAN / MEMSCAN]
<\??\C:\Program Files\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[Mtlmnt5 / Mtlmnt5]
<system32\DRIVERS\Mtlmnt5.sys><>
[Mtlstrm / Mtlstrm]
<system32\DRIVERS\Mtlstrm.sys><>
[npkcrypt / npkcrypt]
<\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><N/A>
[NtMtlFax / NtMtlFax]
<system32\DRIVERS\NtMtlFax.sys><>
[nv / nv]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20]
<\SystemRoot\system32\DRIVERS\PxHelp20.sys><Sonic Solutions>
[RecAgent / RecAgent]
<\??\C:\WINDOWS\system32\DRIVERS\RecAgent.sys><Smart Link>
[ROCKEYNT / ROCKEYNT]
<\??\C:\WINDOWS\system32\drivers\Rockeynt.sys><FeiTian Tech Co.,Ltd>
[rockusb / rockusb]
<system32\DRIVERS\rockusb.sys><FeiTian New Tech Inc>
[RsAntiSpyware / RsAntiSpyware]
<\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising>
[RSPPSYS / RSPPSYS]
<\??\C:\Program Files\Rising\Rav\RSPPSYS.sys><Rising>
[Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver / RTL8023]
<system32\DRIVERS\Rtlnic51.sys><Realtek Semiconductor Corporation>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139]
<system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv]
<system32\DRIVERS\secdrv.sys><N/A>
[SENSE3 / SENSE3]
<system32\drivers\sense3.sys><Beijing Senselock>
[SmartLink AMR_PCI Driver / Slntamr]
<system32\DRIVERS\slntamr.sys><>
[SlNtHal / SlNtHal]
<system32\DRIVERS\Slnthal.sys><>
[SlWdmSup / SlWdmSup]
<system32\DRIVERS\SlWdmSup.sys><Vireo Software>
[SMC IrCC Miniport Device Driver / SMCIRDA]
<system32\DRIVERS\smcirda.sys><SMC>
[Sony Digital Imaging Video2 / sonypvs1]
<system32\DRIVERS\sonypvs1.sys><N/A>

浏览器加载项
[IEMonitor Class]
{08A312BB-5409-49FC-9347-54BB7D069AC6} <C:\WINDOWS\system32\deskipn.dll, N/A>
[Info cache]
{385AB8C6-FB22-4D17-8834-064E2BA0A6F0} <C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll, 新萌科技(上海)有限公司>
[SafeMe Internet Explorer Helper]
{3AE06CEE-58A6-4F5F-AF89-6C5350842F16} <C:\WINDOWS\system32\SafeHelper12.dll, LINKMEDIA Tech>
[MallObj Class]
{3B30B48F-617D-4F73-A20F-D3D54357F103} <C:\WINDOWS\system32\mallgoo2.dll, 上海奥德易海科技>
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[QQIEFloatBarCfgCmd Class]
{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, N/A>
[MMCPlayer Class]
{05C1004E-2596-48E5-8E26-39362985EEB9} <C:\WINDOWS\Downloaded Program Files\MMCShell.dll, Sohu.com Inc.>
[Java Plug-in 1.4.0]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\j2re1.4.0\bin\npjpi140.dll, JavaSoft / Sun Microsystems, Inc.>
[Java Plug-in 1.4.0]
{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA} <C:\Program Files\Java\j2re1.4.0\bin\npjpi140.dll, JavaSoft / Sun Microsystems, Inc.>
[IEMonitor Class]
{08A312BB-5409-49FC-9347-54BB7D069AC6} <C:\WINDOWS\system32\deskipn.dll, N/A>
[Info cache]
{385AB8C6-FB22-4D17-8834-064E2BA0A6F0} <C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll, 新萌科技(上海)有限公司>
[SafeMe Internet Explorer Helper]
{3AE06CEE-58A6-4F5F-AF89-6C5350842F16} <C:\WINDOWS\system32\SafeHelper12.dll, LINKMEDIA Tech>
[MallObj Class]
{3B30B48F-617D-4F73-A20F-D3D54357F103} <C:\WINDOWS\system32\mallgoo2.dll, 上海奥德易海科技>
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[refer_obj Class]
{D4500D36-B642-4161-AFFC-5F924A2DD14D} <, N/A>
[卡卡上网安全助手]
{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, N/A>
[上传到QQ网络硬盘]
<C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[添加到QQ自定义面板]
<C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
<C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
<C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>

==================================
正在运行的进程
[PID: 444][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 524][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 576][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  [c:\program files\internet explorer\uslzrowf.dll]  [, 1, 0, 0, 11]
[PID: 628][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 640][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 792][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 844][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 872][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 932][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1028][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1424][C:\WINDOWS\Explorer.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
  [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 21]
  [C:\Program Files\ewido anti-spyware 4.0\shellexecutehook.dll]  [Anti-Malware Development a.s., 4, 0, 0, 172]
  [c:\program files\internet explorer\uslzrowf.dll]  [, 1, 0, 0, 11]
  [c:\windows\system32\advwhes.dll]  [N/A, N/A]
  [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
  [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
  [C:\Program Files\ewido anti-spyware 4.0\context.dll]  [Anti-Malware Development a.s., 4, 0, 0, 172]
[PID: 1500][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  [C:\WINDOWS\system32\LD1MON.DLL]  [Minolta Co., Ltd., 1.06]
  [C:\WINDOWS\system32\LDA3M9LM.dll]  [N/A, N/A]
  [C:\WINDOWS\system32\Lda3m2lm.dll]  [N/A, N/A]
  [C:\WINDOWS\system32\ssgb2mon.dll]  [Samsung Electronics., 1, 0, 0, 0]
[PID: 1684][C:\Program Files\lenovo\GUA\GUA.exe]  [lenovo, 1.0.0.19]
[PID: 1760][C:\Program Files\lenovo\IGRS\Ext\IgrsMonitor.exe]  [Lenovo Group Limited, 1, 0, 1, 13]
  [C:\WINDOWS\system32\IgrsApi.dll]  [Lenovo Group Limited, 1.0.0.174]
  [C:\WINDOWS\system32\WMCAPI.dll]  [Lenovo Group Limited, 2, 0, 2, 19]
  [C:\WINDOWS\system32\wmcdrv.dll]  [Lenovo Group Limited, 3, 1, 0, 10]
  [C:\WINDOWS\system32\wmcinst.dll]  [Lenovo Group Limited, 2, 0, 1, 3]
  [C:\Program Files\lenovo\IGRS\Ext\IgrsMonitorPS.dll]  [N/A, N/A]
[PID: 1436][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1856][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.10.4489]
[PID: 1888][C:\WINDOWS\system32\RpcS.exe]  [Microsoft Corporation, 5.2.3790.1830]
[PID: 1928][C:\WINDOWS\system32\slserv.exe]  [ , 2.80.00(24Apr2000)]
[PID: 1932][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
  [C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll]  [新萌科技(上海)有限公司, 2, 0, 8, 0]
  [C:\WINDOWS\system32\SafeHelper12.dll]  [LINKMEDIA Tech, 2, 0, 0, 3]
  [C:\WINDOWS\system32\mallgoo2.dll]  [上海奥德易海科技, 1, 0, 2, 0]
  [C:\Program Files\Tencent\QQ\QQIEHelper.dll]  [深圳市腾讯计算机系统有限公司, 1, 1, 0, 5]
  [C:\WINDOWS\system32\RpcS.dll]  [N/A, N/A]
[PID: 1144][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1324][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2028][C:\WINDOWS\SVCHOST.EXE]  [gowje, 0.00.0191]
[PID: 948][C:\Program Files\lenovo\IGRS\Ext\IgrsSignal.exe]  [Lenovo Group Limited, 1, 0, 0, 4]
  [C:\WINDOWS\system32\WMCAPI.dll]  [Lenovo Group Limited, 2, 0, 2, 19]
  [C:\WINDOWS\system32\wmcdrv.dll]  [Lenovo Group Limited, 3, 1, 0, 10]
  [C:\WINDOWS\system32\wmcinst.dll]  [Lenovo Group Limited, 2, 0, 1, 3]
  [C:\WINDOWS\system32\igrsrt.dll]  [Lenovo Group Limited, 1, 0, 0, 13]
  [C:\Program Files\lenovo\IGRS\Ext\IgrsNotifyPS.dll]  [N/A, N/A]
  [C:\Program Files\lenovo\IGRS\Ext\IgrsMonitorPS.dll]  [N/A, N/A]
[PID: 1012][C:\Program Files\lenovo\IGRS\Ext\IgrsNotify.exe]  [Lenovo Group Limited, 1, 0, 0, 8]
  [C:\Program Files\lenovo\IGRS\Ext\NotifyUI.dll]  [Lenovo Group Limited, 1, 0, 0, 7]
  [C:\Program Files\lenovo\IGRS\Ext\IgrsNotifyPS.dll]  [N/A, N/A]
[PID: 1240][C:\Program Files\lenovo\IGRS EasyShare\IgrsPortal.exe]  [Lenovo Group Limited, 1, 0, 3, 32]
  [C:\Program Files\lenovo\IGRS EasyShare\IgrsTray.dll]  [Lenovo Group Limited, 1, 0, 1, 19]
  [C:\WINDOWS\system32\igrsrt.dll]  [Lenovo Group Limited, 1, 0, 0, 13]
  [C:\Program Files\lenovo\IGRS EasyShare\IgrsIM.dll]  [Lenovo Group Limited, 1, 0, 0, 71]
  [C:\WINDOWS\system32\IgrsApi.dll]  [Lenovo Group Limited, 1.0.0.174]
  [C:\Program Files\lenovo\IGRS\Ext\IgrsNotifyPS.dll]  [N/A, N/A]
  [C:\Program Files\lenovo\IGRS\Ext\IgrsMonitorPS.dll]  [N/A, N/A]
[PID: 2148][C:\Program Files\ewido anti-spyware 4.0\ewido.exe]  [Anti-Malware Development a.s., 4, 0, 0, 172]
  [C:\Program Files\ewido anti-spyware 4.0\engine.dll]  [Anti-Malware Development a.s., 4, 0, 0, 172]
[PID: 2176][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2692][C:\Documents and Settings\mx\桌面\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  Error. [winfiles]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
[D:\]
[autorun]
OPEN=D:\pagefile.pif

==================================
HOSTS 文件
N/A

谁来帮我一下啊，很急啊，先谢谢了啊！

请问我该怎么修复文件关联啊？

谁能告诉我具体该怎么做啊,我水平很有限啊!！

请问楼上大哥，我要解决问题是不是要把下面的三个链接里的步骤都操作一遍一个一个清理啊！？
C:\WINDOWS\winlogon.exe是恶意变态木马
具体操作参考
http://forum.ikaka.com/topic.asp?board=28&artid=7495863

C:\WINDOWS\SMSS.EXE是恶意变态木马
具体操作参考
http://forum.ikaka.com/topic.asp?board=28&artid=8046765

C:\WINDOWS\lsass.exe是恶意变态木马
具体操作参考
http://forum.ikaka.com/topic.asp?board=28&artid=7828861