Trojan.Agent.cac bbs.ikaka.com

Odinary - 2006-7-17 9:33:00

2006-07-17,09:16:45

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 1 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe> [Microsoft Corporation]
<BitComet><"D:\新建文件夹\BitComet\BitComet.exe"> [www.BitComet.com]
<MSMSGS><"C:\Program Files\Messenger\MSMSGS.EXE" /background> [Microsoft Corporation]
<MessengerPlus3><"F:\msn\messenger\MsgPlus.exe" /WinStart> [Patchou]
<Skype><"C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized> []
<msnmsgr><"C:\Program Files\MSN Messenger\msnmsgr.exe" /background> [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [Microsoft Corporation]
<MSPY2002><C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC> []
<PHIME2002ASync><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [Microsoft Corporation]
<PHIME2002A><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [Microsoft Corporation]
<PRONoMgr.exe><C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe> [Intel(R) Corporation]
<ATIPTA><C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe> [ATI Technologies, Inc.]
<BigDogPath><C:\WINDOWS\VM_STI.EXE Win2 USB PC Camera> []
<BIE><RUNDLL32.exe C:\WINDOWS\DOWNLO~1\BDSrHook.dll,Rundll32> []
<popo2004><E:\pao\start.exe> []
<MINI_BFYY><D:\Program Files\Ringz Studio\Storm Downloader\StormDownloader.exe> [深圳市三代科技开发有限公司]
<StormCodec_Helper><"d:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti> []
<DAEMON Tools-1033><"F:\d\daemon.exe" -lang 1033> [DAEMON'S HOME]
<MessengerPlus3><"F:\msn\messenger\MsgPlus.exe"> [Patchou]
<TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.]
<迅雷4><E:\Program Files\Sandai Technologies Inc\Thunder\MediaIssue\TDUpdate.exe> []
<EPSON ME 1><C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3W1.EXE /P10 "EPSON ME 1" /O6 "USB002" /M "ME 1"> [SEIKO EPSON CORPORATION]
<vptray><C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe> []
<SoundMan><SOUNDMAN.EXE> [Realtek Semiconductor Corp.]
<RealTray><C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER> []
<NeroFilterCheck><C:\WINDOWS\system32\NeroCheck.exe> [Ahead Software Gmbh]
<ThunderMini><C:\Program Files\Thunder Network\ThunderMini\ThunderMiniShell.exe> []
<stup.exe><C:\PROGRA~1\TENCENT\Adplus\stup.exe> [Tencent]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{BC207F7D-3E63-4ACA-99B5-FB5F8428200C}><C:\WINDOWS\DOWNLO~1\BDSrHook.dll> []
<{F765C6E1-0D66-4247-9F6D-6E674DE7A549}><C:\WINDOWS\System32\Nhqm.dll> []
<{2E0CE26D-FF19-4C49-82F6-75F40956CF29}><C:\WINDOWS\System32\Hrokh.dll> []
<{400ACBEB-2752-4682-A048-750F0B47DD66}><C:\WINDOWS\System32\Qjoa.dll> []
<{CCDF3044-50B6-4FFB-AF7A-6FB06D386777}><C:\WINDOWS\System32\Hrnps.dll> []
<{9C5E545A-371F-42DB-972F-A1AE2D49561E}><C:\WINDOWS\System32\Fcjpab.dll> []
<{2FEE45CB-B0C0-424C-AEDA-7E905B8FC4D9}><C:\WINDOWS\System32\Zdsd.dll> []
<{462848FA-E201-4D1E-AEC6-414293805F49}><C:\WINDOWS\System32\Cfgktz.dll> []
<{39C92D38-5BE5-451F-ABDA-B9817DA4FC86}><C:\WINDOWS\System32\Hfthjg.dll> []
<{667A891C-5C41-4AFC-B941-A4C4CE63564A}><C:\WINDOWS\System32\Zjhs.dll> []
<{BAD69EC6-2248-42A4-98DC-2B1BFD5DCDCE}><C:\WINDOWS\System32\Acjl.dll> []
<{4D6376E3-004A-4F51-AD9F-378F7FE69F76}><C:\WINDOWS\System32\Nekkfi.dll> []
<{CD4DD638-0D8C-4B6B-AB3C-02E995AFD3A5}><C:\WINDOWS\System32\Ckfj.dll> []
<{13D2BF2A-4DDE-48DA-89DE-4C77FAB814A3}><C:\WINDOWS\System32\Biby.dll> []
<{F844FCA3-0B76-4DAE-993C-7132212A8329}><C:\WINDOWS\System32\Vottt.dll> []
<{34C8CD49-2B93-4900-991F-F1A355258AF0}><C:\WINDOWS\System32\Idqhue.dll> []
<{4DB6A1C3-F773-49E0-B1D8-F3818FF85BAF}><C:\WINDOWS\System32\Txrb.dll> []
<{32F7D54E-AB09-4D0D-BF23-2E6C2302283B}><C:\WINDOWS\System32\Zemj.dll> []
<{35F810D9-A9ED-48ED-AB1E-DB273A4BED0B}><C:\WINDOWS\System32\Iddwxi.dll> []
<{C92298BB-082F-415C-BD0A-2D2B4666A80B}><C:\WINDOWS\System32\Ngjrip.dll> []
<{ABB367AC-9AD8-4CB3-9488-447203AF7E6F}><C:\WINDOWS\System32\Ipxyve.dll> []
<{B601DF73-90B1-4146-90DA-8449C46368DC}><C:\WINDOWS\System32\Cvmygo.dll> []
<{F2AD14D6-71D3-45F0-862A-F71C3C864B8B}><C:\WINDOWS\System32\Ajdnby.dll> []
<{F27C8883-6CB2-466F-AF26-D48AEE1DBDB8}><C:\WINDOWS\System32\Xuqw.dll> []
<{3F14219F-5BF4-42E2-9476-C2D4D068CA3F}><C:\WINDOWS\System32\Dkqpom.dll> []
<{CC54520B-985B-4BDB-840B-93F8CD7B9D49}><C:\WINDOWS\System32\Xyxv.dll> []
<{5A00A36B-1108-4838-A4DA-3B00AA713A82}><C:\WINDOWS\System32\Plhi.dll> []
<{C497FC97-B7EA-4292-B100-A3B9EC41361E}><C:\WINDOWS\System32\Mjdc.dll> []
<{1A792ACF-C865-4ED0-8CBA-9DEF725E34F0}><C:\WINDOWS\System32\Ywdmd.dll> []
<{4DDAD6C0-21D1-450C-9041-D6FAA1E75E14}><C:\WINDOWS\System32\Inqqh.dll> []
<{9DCB3CF3-6374-46D1-9B13-9F3C83F67FB3}><C:\WINDOWS\System32\Qyqvlh.dll> []
<{9B31BAFB-3FF0-490B-8DEA-36F2EDBB5B68}><C:\WINDOWS\System32\Mtgd.dll> []
<{24FA371C-DF21-44D1-B02F-079E0EF1F8D3}><C:\WINDOWS\System32\Tyky.dll> []
<{0CCA28AC-3307-413B-AB97-745F800FB78F}><C:\WINDOWS\System32\Zmpsui.dll> []
<{08880D23-6FEF-418E-98CE-B9DF0BD2F0BA}><C:\WINDOWS\System32\Avazre.dll> []
<{A16BE341-4988-4E04-8678-72A4CB4EAABB}><C:\WINDOWS\System32\Utnvq.dll> []
<{C970C022-6C9F-4BB3-AC7B-C55F268F0E7F}><C:\WINDOWS\System32\Jzpme.dll> []
<{B86E8C1C-70B1-4A17-B593-6702155D07FC}><C:\WINDOWS\System32\Syap.dll> []
<{691C9250-5AF1-4DCD-96F9-CB781FDD961B}><C:\WINDOWS\System32\Bfymj.dll> []
<{6D124DC5-05CC-473F-9DE7-EA8DCA820D36}><C:\WINDOWS\System32\Joae.dll> []
<{FA2B7A94-4852-42B8-8EF1-02012ABD0FE8}><C:\WINDOWS\System32\Oascux.dll> []
<{48E2D96A-336A-40CC-8BD0-EEEAD5811367}><C:\WINDOWS\System32\Mikhfq.dll> []
<{966E39B7-4CA1-4ADB-9C7A-10F2680F0FAA}><C:\WINDOWS\System32\Cbvw.dll> []
<{EFC874A7-4160-4F79-9D26-39092AF904C7}><C:\WINDOWS\System32\Rnzyo.dll> []
<{30AB1CD3-D3EB-457B-A2E8-D1D7235488FF}><C:\WINDOWS\System32\Pvwyh.dll> []
<{8BB322F2-19FF-4487-9326-90707D7E5D76}><C:\WINDOWS\System32\Mjcgzn.dll> []
<{C08B57BC-5555-49FB-A936-9526EFE53F75}><C:\WINDOWS\System32\Qbtlqz.dll> []
<{5BEC0952-F84D-41A9-83D3-E169A2968A99}><C:\WINDOWS\System32\Gtbk.dll> []
<{63AB0BA6-C6A8-4902-B401-F34B4506713C}><C:\WINDOWS\System32\Bysz.dll> []
<{12C8ED4A-3633-4A07-AD2C-F57543C5A2A8}><C:\WINDOWS\System32\Tmksu.dll> []
<{A9CD0DD7-9990-4EEC-8A29-B607D99F2294}><C:\WINDOWS\System32\Effgez.dll> []
<{3411C7EC-FF6E-4FDC-BD8B-4F81B865BDC8}><C:\WINDOWS\System32\Bkpy.dll> []
<{574A8282-D728-4C1A-9A20-F0EB55AA2522}><C:\WINDOWS\System32\Fdokkk.dll> []
<{07E9738D-153D-43C8-BC4D-E8A1F26D513D}><C:\WINDOWS\System32\Pwwi.dll> []
<{1BFA083B-45C7-4393-AE14-6A3F20282890}><C:\WINDOWS\System32\Reji.dll> []
<{85B1CA25-2550-4854-87D4-57AC4190EFDE}><C:\WINDOWS\System32\Oepnlb.dll> []
<{C93DDD79-4186-4DA6-AB0B-28CA20FEDDE5}><C:\WINDOWS\System32\Rakc.dll> []
<{EE49D69A-EE78-4539-B2EF-77ED6CE8E7A2}><C:\WINDOWS\System32\Xxiejd.dll> []
<{A9AEB049-2CAD-4D11-A1CE-D2115BEDE0E9}><C:\WINDOWS\System32\Onqu.dll> []
<{FD91465B-0426-438E-9579-727586E5775F}><C:\WINDOWS\System32\Tcyub.dll> []
<{51E415B3-AC85-45C7-84D4-9B298A6DDD48}><C:\WINDOWS\System32\Ymnc.dll> []
<{75B1CC5E-D531-4149-9977-C72253D4D845}><C:\WINDOWS\System32\Jltq.dll> []
<{1A4323E3-F92A-4382-BE1A-9ECE12FEBB25}><C:\WINDOWS\System32\Dxeirk.dll> []
<{E05530DF-582C-4DD7-ABE9-B420FA0D798A}><C:\WINDOWS\System32\Woufd.dll> []
<{77445AF3-0FF4-4F96-92A7-BFA7C8D6C312}><C:\WINDOWS\System32\Cgai.dll> []
<{07814022-CF9B-4F39-889C-5D7E677B7F54}><C:\WINDOWS\System32\Lzhky.dll> []
<{F382D56A-C0B7-4CDC-8E96-F498732A2CE7}><C:\WINDOWS\System32\Dppbg.dll> []
<{6ED88564-08CE-44FA-B625-BEBF77CE7905}><C:\WINDOWS\System32\Fqlpa.dll> []
<{FF808CDC-81AF-4E9E-B376-C52F46C165AC}><C:\WINDOWS\System32\Ianjo.dll> []
<{C823E38E-B42C-4219-BDB9-36255B2A4B35}><C:\WINDOWS\System32\Tgwolu.dll> []

Odinary - 2006-7-17 9:34:00

==================================
启动文件夹
[Microsoft Office]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Microsoft Office.lnk><N>

==================================
服务
[Ati HotKey Poller / Ati HotKey Poller]
<C:\WINDOWS\System32\Ati2evxx.exe><N/A>
[ATI Smart / ATI Smart]
<C:\WINDOWS\system32\ati2sgag.exe><>
[Intel NCS NetService / NetSvc]
<C:\Program Files\Intel\NCS\Sync\NetSvc.exe><Intel(R) Corporation>

==================================
浏览器加载项
[ThunderIEHelper Class]
{0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\System32\xunleibho_v5.dll, >
[Yahoo! Companion BHO]
{02478D38-C3F9-4efb-9B51-7695ECA05670} <C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll, N/A>
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx, >
[]
{07814022-CF9B-4F39-889C-5D7E677B7F54} <C:\WINDOWS\System32\Lzhky.dll, N/A>
[]
{07E9738D-153D-43C8-BC4D-E8A1F26D513D} <C:\WINDOWS\System32\Pwwi.dll, N/A>
[]
{08880D23-6FEF-418E-98CE-B9DF0BD2F0BA} <C:\WINDOWS\System32\Avazre.dll, N/A>
[Tencent Browser Helper]
{0C7C23EF-A848-485B-873C-0ED954731014} <C:\Program Files\TENCENT\Adplus\SSAddr.dll, Tencent>
[]
{0CCA28AC-3307-413B-AB97-745F800FB78F} <C:\WINDOWS\System32\Zmpsui.dll, N/A>
[]
{12C8ED4A-3633-4A07-AD2C-F57543C5A2A8} <C:\WINDOWS\System32\Tmksu.dll, N/A>
[]
{13D2BF2A-4DDE-48DA-89DE-4C77FAB814A3} <C:\WINDOWS\System32\Biby.dll, N/A>
[]
{1A4323E3-F92A-4382-BE1A-9ECE12FEBB25} <C:\WINDOWS\System32\Dxeirk.dll, N/A>
[]
{1A792ACF-C865-4ED0-8CBA-9DEF725E34F0} <C:\WINDOWS\System32\Ywdmd.dll, N/A>
[]
{1BFA083B-45C7-4393-AE14-6A3F20282890} <C:\WINDOWS\System32\Reji.dll, N/A>
[]
{24FA371C-DF21-44D1-B02F-079E0EF1F8D3} <C:\WINDOWS\System32\Tyky.dll, N/A>
[]
{2E0CE26D-FF19-4C49-82F6-75F40956CF29} <C:\WINDOWS\System32\Hrokh.dll, N/A>
[]
{2FEE45CB-B0C0-424C-AEDA-7E905B8FC4D9} <C:\WINDOWS\System32\Zdsd.dll, N/A>
[]
{30AB1CD3-D3EB-457B-A2E8-D1D7235488FF} <C:\WINDOWS\System32\Pvwyh.dll, N/A>
[]
{32F7D54E-AB09-4D0D-BF23-2E6C2302283B} <C:\WINDOWS\System32\Zemj.dll, N/A>
[]
{3411C7EC-FF6E-4FDC-BD8B-4F81B865BDC8} <C:\WINDOWS\System32\Bkpy.dll, N/A>
[]
{34C8CD49-2B93-4900-991F-F1A355258AF0} <C:\WINDOWS\System32\Idqhue.dll, N/A>
[]
{35F810D9-A9ED-48ED-AB1E-DB273A4BED0B} <C:\WINDOWS\System32\Iddwxi.dll, N/A>
[]
{39C92D38-5BE5-451F-ABDA-B9817DA4FC86} <C:\WINDOWS\System32\Hfthjg.dll, N/A>
[]
{3F14219F-5BF4-42E2-9476-C2D4D068CA3F} <C:\WINDOWS\System32\Dkqpom.dll, N/A>
[]
{400ACBEB-2752-4682-A048-750F0B47DD66} <C:\WINDOWS\System32\Qjoa.dll, N/A>
[]
{462848FA-E201-4D1E-AEC6-414293805F49} <C:\WINDOWS\System32\Cfgktz.dll, N/A>
[]
{48E2D96A-336A-40CC-8BD0-EEEAD5811367} <C:\WINDOWS\System32\Mikhfq.dll, N/A>
[]
{4D6376E3-004A-4F51-AD9F-378F7FE69F76} <C:\WINDOWS\System32\Nekkfi.dll, N/A>
[]
{4DB6A1C3-F773-49E0-B1D8-F3818FF85BAF} <C:\WINDOWS\System32\Txrb.dll, N/A>
[]
{4DDAD6C0-21D1-450C-9041-D6FAA1E75E14} <C:\WINDOWS\System32\Inqqh.dll, N/A>
[]
{51E415B3-AC85-45C7-84D4-9B298A6DDD48} <C:\WINDOWS\System32\Ymnc.dll, N/A>
[QQBrowserHelperObject Class]
{54EBD53A-9BC1-480B-966A-843A333CA162} <E:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[]
{574A8282-D728-4C1A-9A20-F0EB55AA2522} <C:\WINDOWS\System32\Fdokkk.dll, N/A>
[]
{5A00A36B-1108-4838-A4DA-3B00AA713A82} <C:\WINDOWS\System32\Plhi.dll, N/A>
[]
{5BEC0952-F84D-41A9-83D3-E169A2968A99} <C:\WINDOWS\System32\Gtbk.dll, N/A>
[]
{63AB0BA6-C6A8-4902-B401-F34B4506713C} <C:\WINDOWS\System32\Bysz.dll, N/A>
[]
{667A891C-5C41-4AFC-B941-A4C4CE63564A} <C:\WINDOWS\System32\Zjhs.dll, N/A>
[]
{669751ED-D558-49AE-B01A-3B374CC7910E} <C:\WINDOWS\System32\ssup.dll, TENCENT>
[]
{691C9250-5AF1-4DCD-96F9-CB781FDD961B} <C:\WINDOWS\System32\Bfymj.dll, N/A>
[]
{6D124DC5-05CC-473F-9DE7-EA8DCA820D36} <C:\WINDOWS\System32\Joae.dll, N/A>
[]
{6ED88564-08CE-44FA-B625-BEBF77CE7905} <C:\WINDOWS\System32\Fqlpa.dll, N/A>
[]
{75B1CC5E-D531-4149-9977-C72253D4D845} <C:\WINDOWS\System32\Jltq.dll, N/A>
[]
{77445AF3-0FF4-4F96-92A7-BFA7C8D6C312} <C:\WINDOWS\System32\Cgai.dll, N/A>
[BandIE Class]
{77FEF28E-EB96-44FF-B511-3185DEA48697} <C:\PROGRA~1\baidu\bar\baidubar.dll, Baidu.com, Inc.>
[]
{85B1CA25-2550-4854-87D4-57AC4190EFDE} <C:\WINDOWS\System32\Oepnlb.dll, N/A>
[]
{8BB322F2-19FF-4487-9326-90707D7E5D76} <C:\WINDOWS\System32\Mjcgzn.dll, N/A>
[ThunderMini Browser Helper]
{8E6C1C49-F9CE-4311-9FB4-D70E8B0AEAEB} <C:\Program Files\Thunder Network\ThunderMini\ComDlls\XunLeiMiniBHO_002.dll, Thunder Networking Technologies,LTD>
[]
{966E39B7-4CA1-4ADB-9C7A-10F2680F0FAA} <C:\WINDOWS\System32\Cbvw.dll, N/A>
[]
{9B31BAFB-3FF0-490B-8DEA-36F2EDBB5B68} <C:\WINDOWS\System32\Mtgd.dll, N/A>
[]
{9C5E545A-371F-42DB-972F-A1AE2D49561E} <C:\WINDOWS\System32\Fcjpab.dll, N/A>
[]
{9DCB3CF3-6374-46D1-9B13-9F3C83F67FB3} <C:\WINDOWS\System32\Qyqvlh.dll, N/A>
[]
{A16BE341-4988-4E04-8678-72A4CB4EAABB} <C:\WINDOWS\System32\Utnvq.dll, N/A>
[IeCatch2 Class]
{A5366673-E8CA-11D3-9CD9-0090271D075B} <C:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft>
[]
{A9930D97-9CF0-42A0-A10D-4F28836579D5} <D:\新建文件夹\KUGOO\KuGoo2\KuGoo3DownXControl.ocx, N/A>
[]
{A9AEB049-2CAD-4D11-A1CE-D2115BEDE0E9} <C:\WINDOWS\System32\Onqu.dll, N/A>
[]
{A9CD0DD7-9990-4EEC-8A29-B607D99F2294} <C:\WINDOWS\System32\Effgez.dll, N/A>
[]
{ABB367AC-9AD8-4CB3-9488-447203AF7E6F} <C:\WINDOWS\System32\Ipxyve.dll, N/A>
[]
{B601DF73-90B1-4146-90DA-8449C46368DC} <C:\WINDOWS\System32\Cvmygo.dll, N/A>
[]
{B86E8C1C-70B1-4A17-B593-6702155D07FC} <C:\WINDOWS\System32\Syap.dll, N/A>
[]
{BAD69EC6-2248-42A4-98DC-2B1BFD5DCDCE} <C:\WINDOWS\System32\Acjl.dll, N/A>
[BDSrchHook Class]
{BC207F7D-3E63-4ACA-99B5-FB5F8428200C} <C:\WINDOWS\DOWNLO~1\BDSrHook.dll, >
[MSN 搜索工具栏 Helper]

Odinary - 2006-7-17 9:35:00

{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\zh-cn\msntb.dll, Microsoft Corporation>
[]
{C08B57BC-5555-49FB-A936-9526EFE53F75} <C:\WINDOWS\System32\Qbtlqz.dll, N/A>
[]
{C497FC97-B7EA-4292-B100-A3B9EC41361E} <C:\WINDOWS\System32\Mjdc.dll, N/A>
[]
{C823E38E-B42C-4219-BDB9-36255B2A4B35} <C:\WINDOWS\System32\Tgwolu.dll, N/A>
[]
{C92298BB-082F-415C-BD0A-2D2B4666A80B} <C:\WINDOWS\System32\Ngjrip.dll, N/A>
[]
{C93DDD79-4186-4DA6-AB0B-28CA20FEDDE5} <C:\WINDOWS\System32\Rakc.dll, N/A>
[]
{C970C022-6C9F-4BB3-AC7B-C55F268F0E7F} <C:\WINDOWS\System32\Jzpme.dll, N/A>
[]
{CC54520B-985B-4BDB-840B-93F8CD7B9D49} <C:\WINDOWS\System32\Xyxv.dll, N/A>
[]
{CCDF3044-50B6-4FFB-AF7A-6FB06D386777} <C:\WINDOWS\System32\Hrnps.dll, N/A>
[]
{CD4DD638-0D8C-4B6B-AB3C-02E995AFD3A5} <C:\WINDOWS\System32\Ckfj.dll, N/A>
[]
{E05530DF-582C-4DD7-ABE9-B420FA0D798A} <C:\WINDOWS\System32\Woufd.dll, N/A>
[EpsonToolBandKicker Class]
{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} <F:\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll, SEIKO EPSON CORPORATION>
[]
{EE49D69A-EE78-4539-B2EF-77ED6CE8E7A2} <C:\WINDOWS\System32\Xxiejd.dll, N/A>
[]
{EFC874A7-4160-4F79-9D26-39092AF904C7} <C:\WINDOWS\System32\Rnzyo.dll, N/A>
[]
{F27C8883-6CB2-466F-AF26-D48AEE1DBDB8} <C:\WINDOWS\System32\Xuqw.dll, N/A>
[]
{F2AD14D6-71D3-45F0-862A-F71C3C864B8B} <C:\WINDOWS\System32\Ajdnby.dll, N/A>
[]
{F382D56A-C0B7-4CDC-8E96-F498732A2CE7} <C:\WINDOWS\System32\Dppbg.dll, N/A>
[]
{F765C6E1-0D66-4247-9F6D-6E674DE7A549} <C:\WINDOWS\System32\Nhqm.dll, N/A>
[搜搜工具条]
{F776AD93-F51B-412E-82B2-A8B389546C61} <C:\Program Files\TENCENT\Sosobar\sosobar.dll, TENCENT>
[]
{F844FCA3-0B76-4DAE-993C-7132212A8329} <C:\WINDOWS\System32\Vottt.dll, N/A>
[]
{FA2B7A94-4852-42B8-8EF1-02012ABD0FE8} <C:\WINDOWS\System32\Oascux.dll, N/A>
[]
{FD91465B-0426-438E-9579-727586E5775F} <C:\WINDOWS\System32\Tcyub.dll, N/A>
[]
{FF808CDC-81AF-4E9E-B376-C52F46C165AC} <C:\WINDOWS\System32\Ianjo.dll, N/A>
[解霸]
{367E0A21-8601-4986-9C9A-153BF5ACA118} <C:\HEROSOFT\Hero3000\MPLAYER.EXE, N/A>
[BDSrchHook Class]
{BC207F7D-3E63-4ACA-99B5-FB5F8428200C} <C:\WINDOWS\DOWNLO~1\BDSrHook.dll, >
[@shdoclc.dll,-866]
{c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <E:\Program Files\Tencent\QQ\QQ.EXE, TENCENT>
[FlashGet]
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\flashget.exe, Amaze Soft>
[易趣购物]
{DE60714F-AC19-427e-861A-FD60ABDF119A} <http://click2.ad4all.net/url2/urlmanage/url.asp?id=1, N/A>
[QQIEFloatBarCfgCmd Class]
{DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <E:\Program Files\Tencent\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\MSMSGS.EXE, Microsoft Corporation>
[电台(&R)]
{8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[FlashGet Bar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} <C:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[Yahoo! Companion]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} <C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll, N/A>
[百度超级搜霸]
{B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\PROGRA~1\baidu\bar\baidubar.dll, Baidu.com, Inc.>
[EPSON Web-To-Page]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} <F:\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll, SEIKO EPSON CORPORATION>
[MSN 搜索工具栏]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\zh-cn\msntb.dll, Microsoft Corporation>
[搜搜工具条]
{11FD2946-180B-4545-981C-07C2FBB27F9D} <C:\Program Files\TENCENT\Sosobar\sosobar.dll, TENCENT>
[MSN Photo Upload Tool]
{4F1E5B1A-2A80-42CA-8532-2D05CB959537} <C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll, Microsoft? Corporation>
[BDSrchHook Class]
{BC207F7D-3E63-4ACA-99B5-FB5F8428200C} <C:\WINDOWS\DOWNLO~1\BDSrHook.dll, >
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[Rising Web Scan Object]
{E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <C:\WINDOWS\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[&使用暴风下载器下载]
<D:\Program Files\Ringz Studio\Storm Downloader\geturl.htm, N/A>
[&使用迷你迅雷下载]
<C:\Program Files\Thunder Network\ThunderMini\Program\GetUrl.htm, N/A>
[MSN 搜索(&M)]
<res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\zh-cn\msntb.dll/search.htm, N/A>
[上传到QQ网络硬盘]
<E:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[使用KuGoo3下载(&K)]
<D:\新建文~1\KUGOO\KUGOO2\KuGoo3DownX.htm, N/A>
[在新的前台选项卡中打开]
<res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\zh-cn\msntabres.dll/230?529d58444dde4be988d52576ff6d560, N/A>
[在新的后台选项卡中打开]
<res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\zh-cn\msntabres.dll/229?529d58444dde4be988d52576ff6d560, N/A>
[添加到QQ自定义面板]
<E:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
<E:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
<E:\Program Files\Tencent\QQ\SendMMS.htm, N/A>

Odinary - 2006-7-17 9:35:00

==================================
正在运行的进程
[PID: 608][\SystemRoot\System32\smss.exe] <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 680][\??\C:\WINDOWS\system32\csrss.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 704][\??\C:\WINDOWS\system32\winlogon.exe] <Microsoft Corporation><5.1.2600.1557 (xpsp2_gdr.040517-1325)>
[PID: 748][C:\WINDOWS\system32\services.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 760][C:\WINDOWS\system32\lsass.exe] <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 912][C:\WINDOWS\System32\Ati2evxx.exe] <N/A><N/A>
[PID: 940][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 1032][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 1228][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 1288][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 1444][C:\WINDOWS\system32\spoolsv.exe] <Microsoft Corporation><5.1.2600.1699 (xpsp2.050610-1533)>
[C:\WINDOWS\system32\CNMLM3C.DLL] <CANON INC.><1.50.2.6>
[C:\WINDOWS\system32\EBPMON24.DLL] <SEIKO EPSON CORPORATION><5, 4, 0, 0>
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\CNMPD3C.DLL] <CANON INC.><1.50.2.6>
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\vprproc.dll] <Windows (R) 2000 DDK provider><5.00.2195.1620>
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_DU18TE.DLL] <SEIKO EPSON Corporation><0. 3. 0, 135>
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_DMAI16.DLL] <SEIKO EPSON Corporation><0. 3. 3. 18>
[PID: 136][C:\WINDOWS\System32\alg.exe] <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 492][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 540][C:\WINDOWS\System32\wdfmgr.exe] <Microsoft Corporation><5.2.3790.1230 built by: dnsrv(bld4act)>
[PID: 1832][C:\WINDOWS\Explorer.EXE] <Microsoft Corporation><6.00.2800.1106 (xpsp1.020828-1920)>
[C:\WINDOWS\DOWNLO~1\BDSrHook.dll] <><2, 0, 1, 2>
[C:\WINDOWS\downlo~1\Nohxhy.dll] <Tencent><4, 1, 7, 72>
[F:\msn\messenger\MsgPlusLoader.dll] <Patchou><3, 63, 4, 0>
[C:\WINDOWS\downlo~1\Lksdxs.dll] <Tencent><4, 1, 7, 72>
[C:\WINDOWS\System32\Lzhky.dll] <N/A><N/A>
[C:\WINDOWS\System32\Pwwi.dll] <N/A><N/A>
[C:\WINDOWS\System32\Avazre.dll] <N/A><N/A>
[C:\WINDOWS\System32\Zmpsui.dll] <N/A><N/A>
[C:\WINDOWS\System32\Tmksu.dll] <N/A><N/A>
[C:\WINDOWS\System32\Dxeirk.dll] <N/A><N/A>
[C:\WINDOWS\System32\Ywdmd.dll] <N/A><N/A>
[C:\WINDOWS\System32\Reji.dll] <N/A><N/A>
[C:\WINDOWS\System32\Tyky.dll] <N/A><N/A>
[C:\WINDOWS\System32\Pvwyh.dll] <N/A><N/A>
[C:\WINDOWS\System32\Zemj.dll] <N/A><N/A>
[C:\WINDOWS\System32\Bkpy.dll] <N/A><N/A>
[C:\WINDOWS\System32\Idqhue.dll] <N/A><N/A>
[C:\WINDOWS\System32\Iddwxi.dll] <N/A><N/A>
[C:\WINDOWS\System32\Dkqpom.dll] <N/A><N/A>
[C:\WINDOWS\System32\Mikhfq.dll] <N/A><N/A>
[C:\WINDOWS\System32\Txrb.dll] <N/A><N/A>
[C:\WINDOWS\System32\Inqqh.dll] <N/A><N/A>
[C:\WINDOWS\System32\Ymnc.dll] <N/A><N/A>
[C:\WINDOWS\System32\Fdokkk.dll] <N/A><N/A>
[C:\WINDOWS\System32\Plhi.dll] <N/A><N/A>
[C:\WINDOWS\System32\Gtbk.dll] <N/A><N/A>
[C:\WINDOWS\System32\Bysz.dll] <N/A><N/A>
[C:\WINDOWS\System32\Bfymj.dll] <N/A><N/A>
[C:\WINDOWS\System32\Joae.dll] <N/A><N/A>
[C:\WINDOWS\System32\Fqlpa.dll] <N/A><N/A>
[C:\WINDOWS\System32\Jltq.dll] <N/A><N/A>
[C:\WINDOWS\System32\Cgai.dll] <N/A><N/A>
[C:\PROGRA~1\baidu\bar\baidubar.dll] <Baidu.com, Inc.><2, 0, 2, 97>
[C:\WINDOWS\System32\Oepnlb.dll] <N/A><N/A>
[C:\WINDOWS\System32\Mjcgzn.dll] <N/A><N/A>
[C:\Program Files\Thunder Network\ThunderMini\ComDlls\XunLeiMiniBHO_002.dll] <Thunder Networking Technologies,LTD><2, 0, 0, 2>
[C:\WINDOWS\System32\Cbvw.dll] <N/A><N/A>
[C:\WINDOWS\System32\Mtgd.dll] <N/A><N/A>
[C:\WINDOWS\System32\Qyqvlh.dll] <N/A><N/A>
[C:\WINDOWS\System32\Utnvq.dll] <N/A><N/A>
[C:\PROGRA~1\FLASHGET\jccatch.dll] <Amaze Soft><1, 1, 4, 0>
[C:\WINDOWS\System32\Onqu.dll] <N/A><N/A>
[C:\WINDOWS\System32\Effgez.dll] <N/A><N/A>
[C:\WINDOWS\System32\Ipxyve.dll] <N/A><N/A>
[C:\WINDOWS\System32\Cvmygo.dll] <N/A><N/A>
[C:\WINDOWS\System32\Syap.dll] <N/A><N/A>
[C:\WINDOWS\System32\Qbtlqz.dll] <N/A><N/A>
[C:\WINDOWS\System32\Mjdc.dll] <N/A><N/A>
[C:\WINDOWS\System32\Tgwolu.dll] <N/A><N/A>
[C:\WINDOWS\System32\Ngjrip.dll] <N/A><N/A>
[C:\WINDOWS\System32\Rakc.dll] <N/A><N/A>
[C:\WINDOWS\System32\Jzpme.dll] <N/A><N/A>
[C:\WINDOWS\System32\Xyxv.dll] <N/A><N/A>
[C:\WINDOWS\System32\Woufd.dll] <N/A><N/A>
[C:\WINDOWS\System32\Xxiejd.dll] <N/A><N/A>
[C:\WINDOWS\System32\Rnzyo.dll] <N/A><N/A>
[C:\WINDOWS\System32\Xuqw.dll] <N/A><N/A>
[C:\WINDOWS\System32\Ajdnby.dll] <N/A><N/A>
[C:\WINDOWS\System32\Dppbg.dll] <N/A><N/A>
[C:\WINDOWS\System32\Vottt.dll] <N/A><N/A>
[C:\WINDOWS\System32\Oascux.dll] <N/A><N/A>
[C:\WINDOWS\System32\Tcyub.dll] <N/A><N/A>
[C:\WINDOWS\System32\Ianjo.dll] <N/A><N/A>

mopery - 2006-7-17 9:35:00

http://forum.ikaka.com/topic.asp?board=28&artid=8105899
下载HijackThis...把日志帖上来..

SRE 可能无法快截处理咯要删的项非常多.

Odinary - 2006-7-17 9:35:00

[C:\WINDOWS\System32\xunleibho_v5.dll] <><4, 3, 3, 30>
[C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx] <><1, 0, 0, 1>
[C:\WINDOWS\System32\ssup.dll] <TENCENT><4, 1, 5, 51>
[D:\新建文件夹\KUGOO\KuGoo2\KuGoo3DownXControl.ocx] <N/A><N/A>
[F:\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll] <SEIKO EPSON CORPORATION><1, 0, 0, 0>
[PID: 1944][C:\WINDOWS\System32\Rundll32.exe] <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[C:\WINDOWS\DOWNLO~1\BDSrHook.dll] <><2, 0, 1, 2>
[F:\msn\messenger\MsgPlusLoader.dll] <Patchou><3, 63, 4, 0>
[C:\WINDOWS\downlo~1\Nohxhy.dll] <Tencent><4, 1, 7, 72>
[PID: 684][C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe] <Intel(R) Corporation><6.2.35.0>
[C:\Program Files\Intel\NCS\PROSet\CHSPGUIR.dll] <Intel(R) Corporation><6.2.35.0>
[C:\WINDOWS\downlo~1\Nohxhy.dll] <Tencent><4, 1, 7, 72>
[C:\Program Files\Intel\NCS\PROSet\8023\PNC802_3.dll] <Intel(R) Corporation><6.2.35.0>
[C:\Program Files\Intel\NCS\PROSet\8023\CHSPCMRs.dll] <Intel(R) Corporation><6.2.35.0>
[C:\WINDOWS\DOWNLO~1\BDSrHook.dll] <><2, 0, 1, 2>
[PID: 1000][C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe] <ATI Technologies, Inc.><6.14.10.5120>
[C:\WINDOWS\downlo~1\Nohxhy.dll] <Tencent><4, 1, 7, 72>
[C:\Program Files\ATI Technologies\ATI Control Panel\atipdsxx.dll] <ATI Technologies, Inc.><6.14.10.5120>
[C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATRPUIXX.CHS] <ATI Technologies, Inc.><6.14.10.5120>
[C:\Program Files\ATI Technologies\ATI Control Panel\atipdxxx.dll] <ATI Technologies, Inc.><6.14.10.5120>
[C:\WINDOWS\DOWNLO~1\BDSrHook.dll] <><2, 0, 1, 2>
[PID: 1052][C:\WINDOWS\VM_STI.EXE] <BIGDOG><4, 2, 610, 4>
[C:\WINDOWS\downlo~1\Nohxhy.dll] <Tencent><4, 1, 7, 72>
[C:\WINDOWS\System32\msdmo.dll] <N/A><N/A>
[C:\WINDOWS\System32\VM31bPrp.Ax] <VM><4.2.711.31>
[C:\WINDOWS\DOWNLO~1\BDSrHook.dll] <><2, 0, 1, 2>
[PID: 1104][D:\Program Files\Ringz Studio\Storm Downloader\StormDownloader.exe] <深圳市三代科技开发有限公司><1, 1, 0, 4>
[D:\Program Files\Ringz Studio\Storm Downloader\boost_thread-vc6-mt-1_31.dll] <N/A><N/A>
[F:\msn\messenger\MsgPlusLoader.dll] <Patchou><3, 63, 4, 0>
[C:\WINDOWS\downlo~1\Nohxhy.dll] <Tencent><4, 1, 7, 72>
[C:\WINDOWS\DOWNLO~1\BDSrHook.dll] <><2, 0, 1, 2>
[PID: 1072][F:\d\daemon.exe] <DAEMON'S HOME><3.47.0.0>
[C:\WINDOWS\daemon.dll] <N/A><3.47.0.0>
[F:\d\PFCTOC.DLL] <Padus(R), Inc.><1, 0, 0, 12>
[F:\d\Plugins\Images\ccdmount.dll] <GENERIC><1.02.0.0>
[F:\d\Plugins\Images\mdsmount.dll] <GENERIC><1.01.0.0>
[F:\d\Plugins\Images\pdimount.dll] <GENERIC><1.01.0.0>
[F:\d\Plugins\Images\nrgmount.dll] <GENERIC><1.02.0.0>
[F:\d\Plugins\Images\bw5mount.dll] <N/A><1.0.2.0>
[F:\msn\messenger\MsgPlusLoader.dll] <Patchou><3, 63, 4, 0>
[C:\WINDOWS\downlo~1\Nohxhy.dll] <Tencent><4, 1, 7, 72>
[C:\WINDOWS\DOWNLO~1\BDSrHook.dll] <><2, 0, 1, 2>
[PID: 360][F:\msn\messenger\MsgPlus.exe] <Patchou><3, 63, 0, 148>
[F:\msn\messenger\MsgPlusLoader.dll] <Patchou><3, 63, 4, 0>
[C:\WINDOWS\downlo~1\Nohxhy.dll] <Tencent><4, 1, 7, 72>
[C:\WINDOWS\DOWNLO~1\BDSrHook.dll] <><2, 0, 1, 2>
[PID: 1184][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] <RealNetworks, Inc.><0.1.0.3292>
[C:\WINDOWS\downlo~1\Nohxhy.dll] <Tencent><4, 1, 7, 72>
[C:\WINDOWS\DOWNLO~1\BDSrHook.dll] <><2, 0, 1, 2>
[PID: 1200][C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3W1.EXE] <SEIKO EPSON CORPORATION><3.00>
[F:\msn\messenger\MsgPlusLoader.dll] <Patchou><3, 63, 4, 0>
[C:\WINDOWS\downlo~1\Nohxhy.dll] <Tencent><4, 1, 7, 72>
[C:\WINDOWS\DOWNLO~1\BDSrHook.dll] <><2, 0, 1, 2>
[PID: 1240][C:\WINDOWS\SOUNDMAN.EXE] <Realtek Semiconductor Corp.><5.1.0.27>
[C:\WINDOWS\downlo~1\Nohxhy.dll] <Tencent><4, 1, 7, 72>
[C:\WINDOWS\DOWNLO~1\BDSrHook.dll] <><2, 0, 1, 2>
[PID: 1524][C:\WINDOWS\System32\ctfmon.exe] <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[C:\WINDOWS\downlo~1\Nohxhy.dll] <Tencent><4, 1, 7, 72>
[C:\WINDOWS\DOWNLO~1\BDSrHook.dll] <><2, 0, 1, 2>
[PID: 1552][C:\Program Files\Messenger\MSMSGS.EXE] <Microsoft Corporation><4.7.2010>
[F:\msn\messenger\MsgPlusLoader.dll] <Patchou><3, 63, 4, 0>
[C:\WINDOWS\downlo~1\Nohxhy.dll] <Tencent><4, 1, 7, 72>
[C:\WINDOWS\DOWNLO~1\BDSrHook.dll] <><2, 0, 1, 2>
[PID: 1556][C:\Program Files\Thunder Network\ThunderMini\program\ThunderMini.exe] <Thunder Networking Technologies,LTD><2, 0, 1, 30>
[F:\msn\messenger\MsgPlusLoader.dll] <Patchou><3, 63, 4, 0>
[C:\WINDOWS\downlo~1\Nohxhy.dll] <Tencent><4, 1, 7, 72>
[C:\Program Files\Thunder Network\ThunderMini\program\download_interface.dll] <N/A><N/A>
[C:\Program Files\Thunder Network\ThunderMini\program\UpdateDownload.dll] <Thunder Networking Technologies,LTD><1, 0, 1, 6>
[C:\Program Files\Thunder Network\ThunderMini\Components\InMedia\iEmbedShell.dll] <　><1, 0, 0, 6>
[C:\Program Files\Thunder Network\ThunderMini\Components\InMedia\iEmbed.dll] <　><2, 1, 0, 30>
[C:\WINDOWS\DOWNLO~1\BDSrHook.dll] <><2, 0, 1, 2>
[PID: 1956][C:\Program Files\MSN Messenger\msnmsgr.exe] <Microsoft Corporation><7.5.0322>
[F:\msn\messenger\MsgPlusLoader.dll] <Patchou><3, 63, 4, 0>
[C:\WINDOWS\downlo~1\Nohxhy.dll] <Tencent><4, 1, 7, 72>
[F:\msn\messenger\MsgPlusH.dll] <Patchou><3, 63, 0, 148>
[F:\msn\messenger\Detoured.dll] <N/A><N/A>
[F:\msn\messenger\Resources\MsgPlusRes.dll] <Patchou><3, 63, 4, 0>
[C:\WINDOWS\DOWNLO~1\BDSrHook.dll] <><2, 0, 1, 2>
[C:\WINDOWS\System32\msdmo.dll] <N/A><N/A>
[F:\msn\messenger\RichEdHook.dll] <N/A><N/A>
[PID: 1088][E:\Program Files\Tencent\TT\TTraveler.exe] <腾讯公司><3.0.0.250>
[F:\msn\messenger\MsgPlusLoader.dll] <Patchou><3, 63, 4, 0>
[C:\WINDOWS\downlo~1\Nohxhy.dll] <Tencent><4, 1, 7, 72>
[F:\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll] <SEIKO EPSON CORPORATION><1, 0, 0, 0>
[C:\Program Files\TENCENT\Sosobar\sosobar.dll] <TENCENT><1, 1, 2, 32>
[E:\Program Files\Tencent\TT\Plugins\QQFloatBar\QQFloatBar4TT2.dll] <腾讯公司><1, 1, 0, 5>
[E:\Program Files\Tencent\TT\Plugins\TWeather\TWeather.dll] <><1, 0, 0, 3>
[C:\WINDOWS\DOWNLO~1\BDSrHook.dll] <><2, 0, 1, 2>

Odinary - 2006-7-17 9:36:00

[E:\Program Files\Tencent\TT\PersonalDesktop.dll] <深圳市腾讯计算机系统公司QQ工作小组><1, 0, 0, 4>
[C:\WINDOWS\Downloaded Program Files\OL2005.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
[C:\Program Files\Rising\RavWeb\libload.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
[C:\Program Files\Rising\RavWeb\VirusLib.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
[C:\Program Files\Rising\RavWeb\RSAPPMGR.DLL] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
[C:\Program Files\Rising\RavWeb\CfgDll.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
[C:\Program Files\Rising\RavWeb\Scanner.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 30>
[C:\Program Files\Rising\RavWeb\BWList.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
[C:\Program Files\Rising\RavWeb\MVEngine.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 8>
[C:\Program Files\Rising\RavWeb\Engine.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 30>
[C:\Program Files\Rising\RavWeb\ScanExec.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
[C:\Program Files\Rising\RavWeb\Unpacker.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
[C:\Program Files\Rising\RavWeb\UnExe.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
[C:\Program Files\Rising\RavWeb\ScanEx.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
[C:\Program Files\Rising\RavWeb\PostTrt.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 9>
[C:\Program Files\Rising\RavWeb\NvFile.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
[C:\Program Files\Rising\RavWeb\ScanMac.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 8>
[C:\Program Files\Rising\RavWeb\ScanSct.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 17>
[C:\Program Files\Rising\RavWeb\ExtMail.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 13>
[C:\Program Files\Rising\RavWeb\ExtOLE.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
[C:\Program Files\Rising\RavWeb\ExtFile.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
[C:\Program Files\Rising\RavWeb\RsStore.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[C:\Program Files\Rising\RavWeb\ScanNet.dll] <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[C:\WINDOWS\System32\Macromed\Flash\Flash8b.ocx] <Macromedia, Inc.><8,0,24,0>
[C:\WINDOWS\System32\Macromed\Common\SwSupport.dll] <Macromedia, Inc.><10.0.1r4>
[PID: 1152][F:\1123\SREng2\SREng.exe] <Smallfrogs Studio><2.0.21.505>
[F:\msn\messenger\MsgPlusLoader.dll] <Patchou><3, 63, 4, 0>
[C:\WINDOWS\downlo~1\Nohxhy.dll] <Tencent><4, 1, 7, 72>
[C:\WINDOWS\DOWNLO~1\BDSrHook.dll] <><2, 0, 1, 2>

==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================

Odinary - 2006-7-23 23:41:00

Logfile of HijackThis v1.99.1
Scan saved at 23:29:35, on 2006-7-23
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\Rundll32.exe
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\VM_STI.EXE
D:\Program Files\Ringz Studio\Storm Downloader\StormDownloader.exe
F:\d\daemon.exe
F:\msn\messenger\MsgPlus.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
E:\Program Files\Tencent\TT\TTraveler.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3W1.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Thunder Network\ThunderMini\program\ThunderMini.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\DOCUME~1\BLUEWA~1\LOCALS~1\Temp\Rar$EX02.714\HijackThis.exe

R3 - URLSearchHook: BDSrchHook Class - {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - C:\WINDOWS\DOWNLO~1\BDSrHook.dll
R3 - URLSearchHook: Tencent SearchHook - {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} - C:\Program Files\TENCENT\Adplus\SSAddr.dll
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\System32\xunleibho_v5.dll
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {07814022-CF9B-4F39-889C-5D7E677B7F54} - C:\WINDOWS\System32\Lzhky.dll
O2 - BHO: (no name) - {07E9738D-153D-43C8-BC4D-E8A1F26D513D} - C:\WINDOWS\System32\Pwwi.dll
O2 - BHO: (no name) - {08880D23-6FEF-418E-98CE-B9DF0BD2F0BA} - C:\WINDOWS\System32\Avazre.dll (file missing)
O2 - BHO: 搜搜地址栏搜索 - {0C7C23EF-A848-485B-873C-0ED954731014} - C:\Program Files\TENCENT\Adplus\SSAddr.dll
O2 - BHO: (no name) - {0CCA28AC-3307-413B-AB97-745F800FB78F} - C:\WINDOWS\System32\Zmpsui.dll (file missing)
O2 - BHO: (no name) - {12C8ED4A-3633-4A07-AD2C-F57543C5A2A8} - C:\WINDOWS\System32\Tmksu.dll
O2 - BHO: (no name) - {13D2BF2A-4DDE-48DA-89DE-4C77FAB814A3} - C:\WINDOWS\System32\Biby.dll (file missing)
O2 - BHO: (no name) - {1A4323E3-F92A-4382-BE1A-9ECE12FEBB25} - C:\WINDOWS\System32\Dxeirk.dll
O2 - BHO: (no name) - {1A792ACF-C865-4ED0-8CBA-9DEF725E34F0} - C:\WINDOWS\System32\Ywdmd.dll (file missing)
O2 - BHO: (no name) - {1BFA083B-45C7-4393-AE14-6A3F20282890} - C:\WINDOWS\System32\Reji.dll
O2 - BHO: (no name) - {24FA371C-DF21-44D1-B02F-079E0EF1F8D3} - C:\WINDOWS\System32\Tyky.dll (file missing)
O2 - BHO: (no name) - {2E0CE26D-FF19-4C49-82F6-75F40956CF29} - C:\WINDOWS\System32\Hrokh.dll (file missing)
O2 - BHO: (no name) - {2FEE45CB-B0C0-424C-AEDA-7E905B8FC4D9} - C:\WINDOWS\System32\Zdsd.dll (file missing)
O2 - BHO: (no name) - {30AB1CD3-D3EB-457B-A2E8-D1D7235488FF} - C:\WINDOWS\System32\Pvwyh.dll (file missing)
O2 - BHO: (no name) - {32F7D54E-AB09-4D0D-BF23-2E6C2302283B} - C:\WINDOWS\System32\Zemj.dll (file missing)
O2 - BHO: (no name) - {3411C7EC-FF6E-4FDC-BD8B-4F81B865BDC8} - C:\WINDOWS\System32\Bkpy.dll
O2 - BHO: (no name) - {34C8CD49-2B93-4900-991F-F1A355258AF0} - C:\WINDOWS\System32\Idqhue.dll
O2 - BHO: (no name) - {35F810D9-A9ED-48ED-AB1E-DB273A4BED0B} - C:\WINDOWS\System32\Iddwxi.dll (file missing)
O2 - BHO: (no name) - {39C92D38-5BE5-451F-ABDA-B9817DA4FC86} - C:\WINDOWS\System32\Hfthjg.dll (file missing)
O2 - BHO: (no name) - {3F14219F-5BF4-42E2-9476-C2D4D068CA3F} - C:\WINDOWS\System32\Dkqpom.dll (file missing)
O2 - BHO: (no name) - {400ACBEB-2752-4682-A048-750F0B47DD66} - C:\WINDOWS\System32\Qjoa.dll (file missing)
O2 - BHO: (no name) - {462848FA-E201-4D1E-AEC6-414293805F49} - C:\WINDOWS\System32\Cfgktz.dll (file missing)
O2 - BHO: (no name) - {48E2D96A-336A-40CC-8BD0-EEEAD5811367} - C:\WINDOWS\System32\Mikhfq.dll (file missing)
O2 - BHO: (no name) - {4D6376E3-004A-4F51-AD9F-378F7FE69F76} - C:\WINDOWS\System32\Nekkfi.dll (file missing)
O2 - BHO: (no name) - {4DB6A1C3-F773-49E0-B1D8-F3818FF85BAF} - C:\WINDOWS\System32\Txrb.dll
O2 - BHO: (no name) - {4DDAD6C0-21D1-450C-9041-D6FAA1E75E14} - C:\WINDOWS\System32\Inqqh.dll (file missing)
O2 - BHO: (no name) - {51E415B3-AC85-45C7-84D4-9B298A6DDD48} - C:\WINDOWS\System32\Ymnc.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - E:\Program Files\Tencent\QQ\QQIEHelper.dll
O2 - BHO: (no name) - {574A8282-D728-4C1A-9A20-F0EB55AA2522} - C:\WINDOWS\System32\Fdokkk.dll
O2 - BHO: (no name) - {5A00A36B-1108-4838-A4DA-3B00AA713A82} - C:\WINDOWS\System32\Plhi.dll (file missing)
O2 - BHO: (no name) - {5BEC0952-F84D-41A9-83D3-E169A2968A99} - C:\WINDOWS\System32\Gtbk.dll (file missing)
O2 - BHO: (no name) - {63AB0BA6-C6A8-4902-B401-F34B4506713C} - C:\WINDOWS\System32\Bysz.dll
O2 - BHO: (no name) - {667A891C-5C41-4AFC-B941-A4C4CE63564A} - C:\WINDOWS\System32\Zjhs.dll (file missing)
O2 - BHO: (no name) - {669751ED-D558-49AE-B01A-3B374CC7910E} - C:\WINDOWS\System32\ssup.dll
O2 - BHO: (no name) - {691C9250-5AF1-4DCD-96F9-CB781FDD961B} - C:\WINDOWS\System32\Bfymj.dll (file missing)
O2 - BHO: (no name) - {6D124DC5-05CC-473F-9DE7-EA8DCA820D36} - C:\WINDOWS\System32\Joae.dll (file missing)
O2 - BHO: (no name) - {6ED88564-08CE-44FA-B625-BEBF77CE7905} - C:\WINDOWS\System32\Fqlpa.dll
O2 - BHO: (no name) - {75B1CC5E-D531-4149-9977-C72253D4D845} - C:\WINDOWS\System32\Jltq.dll
O2 - BHO: (no name) - {77445AF3-0FF4-4F96-92A7-BFA7C8D6C312} - C:\WINDOWS\System32\Cgai.dll
O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\PROGRA~1\baidu\bar\baidubar.dll
O2 - BHO: (no name) - {85B1CA25-2550-4854-87D4-57AC4190EFDE} - C:\WINDOWS\System32\Oepnlb.dll
O2 - BHO: (no name) - {8BB322F2-19FF-4487-9326-90707D7E5D76} - C:\WINDOWS\System32\Mjcgzn.dll (file missing)
O2 - BHO: ThunderMiniBHO - {8E6C1C49-F9CE-4311-9FB4-D70E8B0AEAEB} - C:\Program Files\Thunder Network\ThunderMini\ComDlls\XunLeiMiniBHO_002.dll
O2 - BHO: (no name) - {966E39B7-4CA1-4ADB-9C7A-10F2680F0FAA} - C:\WINDOWS\System32\Cbvw.dll (file missing)
O2 - BHO: (no name) - {9B31BAFB-3FF0-490B-8DEA-36F2EDBB5B68} - C:\WINDOWS\System32\Mtgd.dll (file missing)
O2 - BHO: (no name) - {9C5E545A-371F-42DB-972F-A1AE2D49561E} - C:\WINDOWS\System32\Fcjpab.dll (file missing)
O2 - BHO: (no name) - {9DCB3CF3-6374-46D1-9B13-9F3C83F67FB3} - C:\WINDOWS\System32\Qyqvlh.dll (file missing)
O2 - BHO: (no name) - {A16BE341-4988-4E04-8678-72A4CB4EAABB} - C:\WINDOWS\System32\Utnvq.dll (file missing)
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FLASHGET\jccatch.dll
O2 - BHO: (no name) - {A9930D97-9CF0-42A0-A10D-4F28836579D5} - D:\新建文件夹\KUGOO\KuGoo2\KuGoo3DownXControl.ocx
O2 - BHO: (no name) - {A9AEB049-2CAD-4D11-A1CE-D2115BEDE0E9} - C:\WINDOWS\System32\Onqu.dll
O2 - BHO: (no name) - {A9CD0DD7-9990-4EEC-8A29-B607D99F2294} - C:\WINDOWS\System32\Effgez.dll
O2 - BHO: (no name) - {ABB367AC-9AD8-4CB3-9488-447203AF7E6F} - C:\WINDOWS\System32\Ipxyve.dll (file missing)
O2 - BHO: (no name) - {B601DF73-90B1-4146-90DA-8449C46368DC} - C:\WINDOWS\System32\Cvmygo.dll (file missing)
O2 - BHO: (no name) - {B86E8C1C-70B1-4A17-B593-6702155D07FC} - C:\WINDOWS\System32\Syap.dll (file missing)
O2 - BHO: (no name) - {BAD69EC6-2248-42A4-98DC-2B1BFD5DCDCE} - C:\WINDOWS\System32\Acjl.dll (file missing)
O2 - BHO: BDSrchHook Class - {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - C:\WINDOWS\DOWNLO~1\BDSrHook.dll
O2 - BHO: MSN 搜索工具栏 Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\zh-cn\msntb.dll
O2 - BHO: (no name) - {C08B57BC-5555-49FB-A936-9526EFE53F75} - C:\WINDOWS\System32\Qbtlqz.dll (file missing)
O2 - BHO: (no name) - {C497FC97-B7EA-4292-B100-A3B9EC41361E} - C:\WINDOWS\System32\Mjdc.dll (file missing)
O2 - BHO: (no name) - {C823E38E-B42C-4219-BDB9-36255B2A4B35} - C:\WINDOWS\System32\Tgwolu.dll
O2 - BHO: (no name) - {C92298BB-082F-415C-BD0A-2D2B4666A80B} - C:\WINDOWS\System32\Ngjrip.dll (file missing)
O2 - BHO: (no name) - {C93DDD79-4186-4DA6-AB0B-28CA20FEDDE5} - C:\WINDOWS\System32\Rakc.dll
O2 - BHO: (no name) - {C970C022-6C9F-4BB3-AC7B-C55F268F0E7F} - C:\WINDOWS\System32\Jzpme.dll (file missing)
O2 - BHO: (no name) - {CC54520B-985B-4BDB-840B-93F8CD7B9D49} - C:\WINDOWS\System32\Xyxv.dll (file missing)
O2 - BHO: (no name) - {CCDF3044-50B6-4FFB-AF7A-6FB06D386777} - C:\WINDOWS\System32\Hrnps.dll (file missing)
O2 - BHO: (no name) - {CD4DD638-0D8C-4B6B-AB3C-02E995AFD3A5} - C:\WINDOWS\System32\Ckfj.dll (file missing)
O2 - BHO: (no name) - {E05530DF-582C-4DD7-ABE9-B420FA0D798A} - C:\WINDOWS\System32\Woufd.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - F:\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: (no name) - {EE49D69A-EE78-4539-B2EF-77ED6CE8E7A2} - C:\WINDOWS\System32\Xxiejd.dll
O2 - BHO: (no name) - {EFC874A7-4160-4F79-9D26-39092AF904C7} - C:\WINDOWS\System32\Rnzyo.dll (file missing)
O2 - BHO: (no name) - {F27C8883-6CB2-466F-AF26-D48AEE1DBDB8} - C:\WINDOWS\System32\Xuqw.dll (file missing)
O2 - BHO: (no name) - {F2AD14D6-71D3-45F0-862A-F71C3C864B8B} - C:\WINDOWS\System32\Ajdnby.dll (file missing)
O2 - BHO: (no name) - {F382D56A-C0B7-4CDC-8E96-F498732A2CE7} - C:\WINDOWS\System32\Dppbg.dll
O2 - BHO: (no name) - {F765C6E1-0D66-4247-9F6D-6E674DE7A549} - C:\WINDOWS\System32\Nhqm.dll (file missing)
O2 - BHO: 搜搜工具条 - {F776AD93-F51B-412E-82B2-A8B389546C61} - C:\Program Files\TENCENT\Sosobar\sosobar1.dll

Odinary - 2006-7-23 23:41:00

-7132212A8329} - C:\WINDOWS\System32\Vottt.dll
O2 - BHO: (no name) - {FA2B7A94-4852-42B8-8EF1-02012ABD0FE8} - C:\WINDOWS\System32\Oascux.dll (file missing)
O2 - BHO: (no name) - {FD91465B-0426-438E-9579-727586E5775F} - C:\WINDOWS\System32\Tcyub.dll
O2 - BHO: (no name) - {FF808CDC-81AF-4E9E-B376-C52F46C165AC} - C:\WINDOWS\System32\Ianjo.dll
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll (file missing)
O3 - Toolbar: 百度超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\PROGRA~1\baidu\bar\baidubar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - F:\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: MSN 搜索工具栏 - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\zh-cn\msntb.dll
O3 - Toolbar: 搜搜工具条 - {11FD2946-180B-4545-981C-07C2FBB27F9D} - C:\Program Files\TENCENT\Sosobar\sosobar1.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Win2 USB PC Camera
O4 - HKLM\..\Run: [BIE] RUNDLL32.exe C:\WINDOWS\DOWNLO~1\BDSrHook.dll,Rundll32
O4 - HKLM\..\Run: [popo2004] E:\pao\start.exe
O4 - HKLM\..\Run: [MINI_BFYY] D:\Program Files\Ringz Studio\Storm Downloader\StormDownloader.exe
O4 - HKLM\..\Run: [StormCodec_Helper] "d:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - HKLM\..\Run: [DAEMON Tools-1033] "F:\d\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [MessengerPlus3] "F:\msn\messenger\MsgPlus.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [迅雷4] E:\Program Files\Sandai Technologies Inc\Thunder\MediaIssue\TDUpdate.exe
O4 - HKLM\..\Run: [EPSON ME 1] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3W1.EXE /P10 "EPSON ME 1" /O6 "USB002" /M "ME 1"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ThunderMini] C:\Program Files\Thunder Network\ThunderMini\ThunderMiniShell.exe
O4 - HKLM\..\Run: [stup.exe] C:\PROGRA~1\TENCENT\Adplus\stup.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [BitComet] "D:\新建文件夹\BitComet\BitComet.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [MessengerPlus3] "F:\msn\messenger\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &使用暴风下载器下载 - D:\Program Files\Ringz Studio\Storm Downloader\geturl.htm
O8 - Extra context menu item: &使用迷你迅雷下载 - C:\Program Files\Thunder Network\ThunderMini\Program\GetUrl.htm
O8 - Extra context menu item: MSN 搜索(&M) - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\zh-cn\msntb.dll/search.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - E:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 使用KuGoo3下载(&K) - D:\新建文~1\KUGOO\KUGOO2\KuGoo3DownX.htm
O8 - Extra context menu item: 在新的前台选项卡中打开 - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\zh-cn\msntabres.dll/230?529d58444dde4be988d52576ff6d560
O8 - Extra context menu item: 在新的后台选项卡中打开 - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\zh-cn\msntabres.dll/229?529d58444dde4be988d52576ff6d560
O8 - Extra context menu item: 添加到QQ自定义面板 - E:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - E:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - E:\Program Files\Tencent\QQ\SendMMS.htm
O9 - Extra button: 解霸 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - C:\HEROSOFT\Hero3000\MPLAYER.EXE
O9 - Extra 'Tools' menuitem: 超级解霸 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - C:\HEROSOFT\Hero3000\MPLAYER.EXE
O9 - Extra button: 百度搜索伴侣 - {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - C:\WINDOWS\DOWNLO~1\BDSrHook.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra button: 易趣购物 - {DE60714F-AC19-427e-861A-FD60ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing)
O9 - Extra 'Tools' menuitem: 易趣购物 - {DE60714F-AC19-427e-861A-FD60ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing)
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - E:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - E:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O11 - Options group: [!IESearch] !IESearch
O11 - Options group: [TBH] 搜搜地址栏搜索
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by104fd.bay104.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} (BDSrchHook Class) - http://bar.baidu.com/update/IESearch.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://www.mydrivers.com/swflash.cab
O16 - DPF: {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (Rising Web Scan Object) - http://download.rising.com.cn/register/pcver/autoupgradepad/pcver2006new/OL2006.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{74820813-E1F4-4F14-8056-E9AFD1D9C2DF}: NameServer = 202.101.98.55,202.101.98.54
O17 - HKLM\System\CCS\Services\Tcpip\..\{8BD3C040-BF7D-4C2E-95D5-B1A41CA40833}: NameServer = 202.101.98.55,202.101.98.54
O18 - Protocol: mp3 - {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - C:\WINDOWS\DOWNLO~1\BDSrHook.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe

Odinary - 2006-7-23 23:42:00

O2 - BHO: (no name) - {F844FCA3-0B76-4DAE-993C-7132212A8329} - C:\WINDOWS\System32\Vottt.dll
O2 - BHO: (no name) - {FA2B7A94-4852-42B8-8EF1-02012ABD0FE8} - C:\WINDOWS\System32\Oascux.dll (file missing)
O2 - BHO: (no name) - {FD91465B-0426-438E-9579-727586E5775F} - C:\WINDOWS\System32\Tcyub.dll
O2 - BHO: (no name) - {FF808CDC-81AF-4E9E-B376-C52F46C165AC} - C:\WINDOWS\System32\Ianjo.dll
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll (file missing)
O3 - Toolbar: 百度超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\PROGRA~1\baidu\bar\baidubar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - F:\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: MSN 搜索工具栏 - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\zh-cn\msntb.dll
O3 - Toolbar: 搜搜工具条 - {11FD2946-180B-4545-981C-07C2FBB27F9D} - C:\Program Files\TENCENT\Sosobar\sosobar1.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Win2 USB PC Camera
O4 - HKLM\..\Run: [BIE] RUNDLL32.exe C:\WINDOWS\DOWNLO~1\BDSrHook.dll,Rundll32
O4 - HKLM\..\Run: [popo2004] E:\pao\start.exe
O4 - HKLM\..\Run: [MINI_BFYY] D:\Program Files\Ringz Studio\Storm Downloader\StormDownloader.exe
O4 - HKLM\..\Run: [StormCodec_Helper] "d:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - HKLM\..\Run: [DAEMON Tools-1033] "F:\d\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [MessengerPlus3] "F:\msn\messenger\MsgPlus.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [迅雷4] E:\Program Files\Sandai Technologies Inc\Thunder\MediaIssue\TDUpdate.exe
O4 - HKLM\..\Run: [EPSON ME 1] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3W1.EXE /P10 "EPSON ME 1" /O6 "USB002" /M "ME 1"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ThunderMini] C:\Program Files\Thunder Network\ThunderMini\ThunderMiniShell.exe
O4 - HKLM\..\Run: [stup.exe] C:\PROGRA~1\TENCENT\Adplus\stup.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [BitComet] "D:\新建文件夹\BitComet\BitComet.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [MessengerPlus3] "F:\msn\messenger\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &使用暴风下载器下载 - D:\Program Files\Ringz Studio\Storm Downloader\geturl.htm
O8 - Extra context menu item: &使用迷你迅雷下载 - C:\Program Files\Thunder Network\ThunderMini\Program\GetUrl.htm
O8 - Extra context menu item: MSN 搜索(&M) - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\zh-cn\msntb.dll/search.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - E:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 使用KuGoo3下载(&K) - D:\新建文~1\KUGOO\KUGOO2\KuGoo3DownX.htm
O8 - Extra context menu item: 在新的前台选项卡中打开 - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\zh-cn\msntabres.dll/230?529d58444dde4be988d52576ff6d560
O8 - Extra context menu item: 在新的后台选项卡中打开 - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\zh-cn\msntabres.dll/229?529d58444dde4be988d52576ff6d560
O8 - Extra context menu item: 添加到QQ自定义面板 - E:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - E:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - E:\Program Files\Tencent\QQ\SendMMS.htm
O9 - Extra button: 解霸 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - C:\HEROSOFT\Hero3000\MPLAYER.EXE
O9 - Extra 'Tools' menuitem: 超级解霸 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - C:\HEROSOFT\Hero3000\MPLAYER.EXE
O9 - Extra button: 百度搜索伴侣 - {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - C:\WINDOWS\DOWNLO~1\BDSrHook.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra button: 易趣购物 - {DE60714F-AC19-427e-861A-FD60ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing)
O9 - Extra 'Tools' menuitem: 易趣购物 - {DE60714F-AC19-427e-861A-FD60ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing)
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - E:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - E:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O11 - Options group: [!IESearch] !IESearch
O11 - Options group: [TBH] 搜搜地址栏搜索
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by104fd.bay104.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} (BDSrchHook Class) - http://bar.baidu.com/update/IESearch.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://www.mydrivers.com/swflash.cab
O16 - DPF: {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (Rising Web Scan Object) - http://download.rising.com.cn/register/pcver/autoupgradepad/pcver2006new/OL2006.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{74820813-E1F4-4F14-8056-E9AFD1D9C2DF}: NameServer = 202.101.98.55,202.101.98.54
O17 - HKLM\System\CCS\Services\Tcpip\..\{8BD3C040-BF7D-4C2E-95D5-B1A41CA40833}: NameServer = 202.101.98.55,202.101.98.54
O18 - Protocol: mp3 - {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - C:\WINDOWS\DOWNLO~1\BDSrHook.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe

我无邪 - 2006-7-24 0:00:00

关闭所有浏览窗口以及一些不必要的程序
运行Hijackthis，扫描结束后在下列选项前打上勾，然后选"修复""
O2 - BHO: (no name) - {07814022-CF9B-4F39-889C-5D7E677B7F54} - C:\WINDOWS\System32\Lzhky.dll
O2 - BHO: (no name) - {07E9738D-153D-43C8-BC4D-E8A1F26D513D} - C:\WINDOWS\System32\Pwwi.dll
O2 - BHO: (no name) - {08880D23-6FEF-418E-98CE-B9DF0BD2F0BA} - C:\WINDOWS\System32\Avazre.dll (file missing)
O2 - BHO: 搜搜地址栏搜索 - {0C7C23EF-A848-485B-873C-0ED954731014} - C:\Program Files\TENCENT\Adplus\SSAddr.dll
O2 - BHO: (no name) - {0CCA28AC-3307-413B-AB97-745F800FB78F} - C:\WINDOWS\System32\Zmpsui.dll (file missing)
O2 - BHO: (no name) - {12C8ED4A-3633-4A07-AD2C-F57543C5A2A8} - C:\WINDOWS\System32\Tmksu.dll
O2 - BHO: (no name) - {13D2BF2A-4DDE-48DA-89DE-4C77FAB814A3} - C:\WINDOWS\System32\Biby.dll (file missing)
O2 - BHO: (no name) - {1A4323E3-F92A-4382-BE1A-9ECE12FEBB25} - C:\WINDOWS\System32\Dxeirk.dll
O2 - BHO: (no name) - {1A792ACF-C865-4ED0-8CBA-9DEF725E34F0} - C:\WINDOWS\System32\Ywdmd.dll (file missing)
O2 - BHO: (no name) - {1BFA083B-45C7-4393-AE14-6A3F20282890} - C:\WINDOWS\System32\Reji.dll
O2 - BHO: (no name) - {24FA371C-DF21-44D1-B02F-079E0EF1F8D3} - C:\WINDOWS\System32\Tyky.dll (file missing)
O2 - BHO: (no name) - {2E0CE26D-FF19-4C49-82F6-75F40956CF29} - C:\WINDOWS\System32\Hrokh.dll (file missing)
O2 - BHO: (no name) - {2FEE45CB-B0C0-424C-AEDA-7E905B8FC4D9} - C:\WINDOWS\System32\Zdsd.dll (file missing)
O2 - BHO: (no name) - {30AB1CD3-D3EB-457B-A2E8-D1D7235488FF} - C:\WINDOWS\System32\Pvwyh.dll (file missing)
O2 - BHO: (no name) - {32F7D54E-AB09-4D0D-BF23-2E6C2302283B} - C:\WINDOWS\System32\Zemj.dll (file missing)
O2 - BHO: (no name) - {3411C7EC-FF6E-4FDC-BD8B-4F81B865BDC8} - C:\WINDOWS\System32\Bkpy.dll
O2 - BHO: (no name) - {34C8CD49-2B93-4900-991F-F1A355258AF0} - C:\WINDOWS\System32\Idqhue.dll
O2 - BHO: (no name) - {35F810D9-A9ED-48ED-AB1E-DB273A4BED0B} - C:\WINDOWS\System32\Iddwxi.dll (file missing)
O2 - BHO: (no name) - {39C92D38-5BE5-451F-ABDA-B9817DA4FC86} - C:\WINDOWS\System32\Hfthjg.dll (file missing)
O2 - BHO: (no name) - {3F14219F-5BF4-42E2-9476-C2D4D068CA3F} - C:\WINDOWS\System32\Dkqpom.dll (file missing)
O2 - BHO: (no name) - {400ACBEB-2752-4682-A048-750F0B47DD66} - C:\WINDOWS\System32\Qjoa.dll (file missing)
O2 - BHO: (no name) - {462848FA-E201-4D1E-AEC6-414293805F49} - C:\WINDOWS\System32\Cfgktz.dll (file missing)
O2 - BHO: (no name) - {48E2D96A-336A-40CC-8BD0-EEEAD5811367} - C:\WINDOWS\System32\Mikhfq.dll (file missing)
O2 - BHO: (no name) - {4D6376E3-004A-4F51-AD9F-378F7FE69F76} - C:\WINDOWS\System32\Nekkfi.dll (file missing)
O2 - BHO: (no name) - {4DB6A1C3-F773-49E0-B1D8-F3818FF85BAF} - C:\WINDOWS\System32\Txrb.dll
O2 - BHO: (no name) - {4DDAD6C0-21D1-450C-9041-D6FAA1E75E14} - C:\WINDOWS\System32\Inqqh.dll (file missing)
O2 - BHO: (no name) - {51E415B3-AC85-45C7-84D4-9B298A6DDD48} - C:\WINDOWS\System32\Ymnc.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - E:\Program Files\Tencent\QQ\QQIEHelper.dll
O2 - BHO: (no name) - {574A8282-D728-4C1A-9A20-F0EB55AA2522} - C:\WINDOWS\System32\Fdokkk.dll
O2 - BHO: (no name) - {5A00A36B-1108-4838-A4DA-3B00AA713A82} - C:\WINDOWS\System32\Plhi.dll (file missing)
O2 - BHO: (no name) - {5BEC0952-F84D-41A9-83D3-E169A2968A99} - C:\WINDOWS\System32\Gtbk.dll (file missing)
O2 - BHO: (no name) - {63AB0BA6-C6A8-4902-B401-F34B4506713C} - C:\WINDOWS\System32\Bysz.dll
O2 - BHO: (no name) - {667A891C-5C41-4AFC-B941-A4C4CE63564A} - C:\WINDOWS\System32\Zjhs.dll (file missing)
O2 - BHO: (no name) - {669751ED-D558-49AE-B01A-3B374CC7910E} - C:\WINDOWS\System32\ssup.dll
O2 - BHO: (no name) - {691C9250-5AF1-4DCD-96F9-CB781FDD961B} - C:\WINDOWS\System32\Bfymj.dll (file missing)
O2 - BHO: (no name) - {6D124DC5-05CC-473F-9DE7-EA8DCA820D36} - C:\WINDOWS\System32\Joae.dll (file missing)
O2 - BHO: (no name) - {6ED88564-08CE-44FA-B625-BEBF77CE7905} - C:\WINDOWS\System32\Fqlpa.dll
O2 - BHO: (no name) - {75B1CC5E-D531-4149-9977-C72253D4D845} - C:\WINDOWS\System32\Jltq.dll
O2 - BHO: (no name) - {77445AF3-0FF4-4F96-92A7-BFA7C8D6C312} - C:\WINDOWS\System32\Cgai.dll
O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\PROGRA~1\baidu\bar\baidubar.dll
O2 - BHO: (no name) - {85B1CA25-2550-4854-87D4-57AC4190EFDE} - C:\WINDOWS\System32\Oepnlb.dll
O2 - BHO: (no name) - {8BB322F2-19FF-4487-9326-90707D7E5D76} - C:\WINDOWS\System32\Mjcgzn.dll (file missing
O2 - BHO: (no name) - {966E39B7-4CA1-4ADB-9C7A-10F2680F0FAA} - C:\WINDOWS\System32\Cbvw.dll (file missing)
O2 - BHO: (no name) - {9B31BAFB-3FF0-490B-8DEA-36F2EDBB5B68} - C:\WINDOWS\System32\Mtgd.dll (file missing)
O2 - BHO: (no name) - {9C5E545A-371F-42DB-972F-A1AE2D49561E} - C:\WINDOWS\System32\Fcjpab.dll (file missing)
O2 - BHO: (no name) - {9DCB3CF3-6374-46D1-9B13-9F3C83F67FB3} - C:\WINDOWS\System32\Qyqvlh.dll (file missing)
O2 - BHO: (no name) - {A16BE341-4988-4E04-8678-72A4CB4EAABB} - C:\WINDOWS\System32\Utnvq.dll (file missing)
O2 - BHO: (no name) - {A9AEB049-2CAD-4D11-A1CE-D2115BEDE0E9} - C:\WINDOWS\System32\Onqu.dll
O2 - BHO: (no name) - {A9CD0DD7-9990-4EEC-8A29-B607D99F2294} - C:\WINDOWS\System32\Effgez.dll
O2 - BHO: (no name) - {ABB367AC-9AD8-4CB3-9488-447203AF7E6F} - C:\WINDOWS\System32\Ipxyve.dll (file missing)
O2 - BHO: (no name) - {B601DF73-90B1-4146-90DA-8449C46368DC} - C:\WINDOWS\System32\Cvmygo.dll (file missing)
O2 - BHO: (no name) - {B86E8C1C-70B1-4A17-B593-6702155D07FC} - C:\WINDOWS\System32\Syap.dll (file missing)
O2 - BHO: (no name) - {BAD69EC6-2248-42A4-98DC-2B1BFD5DCDCE} - C:\WINDOWS\System32\Acjl.dll (file missing)
O2 - BHO: (no name) - {C08B57BC-5555-49FB-A936-9526EFE53F75} - C:\WINDOWS\System32\Qbtlqz.dll (file missing)
O2 - BHO: (no name) - {C497FC97-B7EA-4292-B100-A3B9EC41361E} - C:\WINDOWS\System32\Mjdc.dll (file missing)
O2 - BHO: (no name) - {C823E38E-B42C-4219-BDB9-36255B2A4B35} - C:\WINDOWS\System32\Tgwolu.dll
O2 - BHO: (no name) - {C92298BB-082F-415C-BD0A-2D2B4666A80B} - C:\WINDOWS\System32\Ngjrip.dll (file missing)
O2 - BHO: (no name) - {C93DDD79-4186-4DA6-AB0B-28CA20FEDDE5} - C:\WINDOWS\System32\Rakc.dll
O2 - BHO: (no name) - {C970C022-6C9F-4BB3-AC7B-C55F268F0E7F} - C:\WINDOWS\System32\Jzpme.dll (file missing)
O2 - BHO: (no name) - {CC54520B-985B-4BDB-840B-93F8CD7B9D49} - C:\WINDOWS\System32\Xyxv.dll (file missing)
O2 - BHO: (no name) - {CCDF3044-50B6-4FFB-AF7A-6FB06D386777} - C:\WINDOWS\System32\Hrnps.dll (file missing)
O2 - BHO: (no name) - {CD4DD638-0D8C-4B6B-AB3C-02E995AFD3A5} - C:\WINDOWS\System32\Ckfj.dll (file missing)
O2 - BHO: (no name) - {E05530DF-582C-4DD7-ABE9-B420FA0D798A} - C:\WINDOWS\System32\Woufd.dll
O2 - BHO: (no name) - {EE49D69A-EE78-4539-B2EF-77ED6CE8E7A2} - C:\WINDOWS\System32\Xxiejd.dll
O2 - BHO: (no name) - {EFC874A7-4160-4F79-9D26-39092AF904C7} - C:\WINDOWS\System32\Rnzyo.dll (file missing)
O2 - BHO: (no name) - {F27C8883-6CB2-466F-AF26-D48AEE1DBDB8} - C:\WINDOWS\System32\Xuqw.dll (file missing)
O2 - BHO: (no name) - {F2AD14D6-71D3-45F0-862A-F71C3C864B8B} - C:\WINDOWS\System32\Ajdnby.dll (file missing)
O2 - BHO: (no name) - {F382D56A-C0B7-4CDC-8E96-F498732A2CE7} - C:\WINDOWS\System32\Dppbg.dll
O2 - BHO: (no name) - {F765C6E1-0D66-4247-9F6D-6E674DE7A549} - C:\WINDOWS\System32\Nhqm.dll (file missing)
O2 - BHO: 搜搜工具条 - {F776AD93-F51B-412E-82B2-A8B389546C61} - C:\Program Files\TENCENT\Sosobar\sosobar1.dl
O2 - BHO: (no name) - {FA2B7A94-4852-42B8-8EF1-02012ABD0FE8} - C:\WINDOWS\System32\Oascux.dll (file missing)
O2 - BHO: (no name) - {FD91465B-0426-438E-9579-727586E5775F} - C:\WINDOWS\System32\Tcyub.dll
O2 - BHO: (no name) - {FF808CDC-81AF-4E9E-B376-C52F46C165AC} - C:\WINDOWS\System32\Ianjo.dll
重启后，再扫份日志粘上来。

瑞星卡卡安全论坛